Auto merge of #16699 - jdm:make-cross-origin-image-tests-fail, r=ajeffrey,jgraham

Make cross-origin canvas drawing tests use a same-origin redirect.

These tests either pass or maintain existing known failures in Firefox and Chrome, and expose the problem in our current implementation that #15887 is addressing.

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/16699)
<!-- Reviewable:end -->

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.drawImage.canvas</title>
+<title>Canvas test: security.drawImage.canvas.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.drawImage.canvas</h1>
+<h1>security.drawImage.canvas.cross</h1>
 <p class="desc">drawImage of unclean canvas makes the canvas origin-unclean</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.canvas.redirect.html

@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.drawImage.canvas.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.drawImage.canvas.redirect</h1>
+<p class="desc">drawImage of unclean canvas makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("drawImage of unclean canvas makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
+ctx.drawImage(canvas2, 0, 0);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.drawImage.image</title>
+<title>Canvas test: security.drawImage.image.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.drawImage.image</h1>
+<h1>security.drawImage.image.cross</h1>
 <p class="desc">drawImage of different-origin image makes the canvas origin-unclean</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.drawImage.image.redirect.html

@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.drawImage.image.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.drawImage.image.redirect</h1>
+<p class="desc">drawImage of different-origin image makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("drawImage of different-origin image makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.canvas.fillStyle</title>
+<title>Canvas test: security.pattern.canvas.fillStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.pattern.canvas.fillStyle</h1>
+<h1>security.pattern.canvas.fillStyle.cross</h1>
 <p class="desc">Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.fillStyle.redirect.html

@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.canvas.fillStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.canvas.fillStyle.redirect</h1>
+<p class="desc">Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting fillStyle to a pattern of an unclean canvas makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
+var p = ctx.createPattern(canvas2, 'repeat');
+ctx.fillStyle = p;
+ctx.fillStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.canvas.strokeStyle</title>
+<title>Canvas test: security.pattern.canvas.strokeStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.pattern.canvas.strokeStyle</h1>
+<h1>security.pattern.canvas.strokeStyle.cross</h1>
 <p class="desc">Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.strokeStyle.redirect.html

@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.canvas.strokeStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.canvas.strokeStyle.redirect</h1>
+<p class="desc">Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting strokeStyle to a pattern of an unclean canvas makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0);
+var p = ctx.createPattern(canvas2, 'repeat');
+ctx.strokeStyle = p;
+ctx.strokeStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.canvas.timing</title>
+<title>Canvas test: security.pattern.canvas.timing.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.pattern.canvas.timing</h1>
+<h1>security.pattern.canvas.timing.cross</h1>
 <p class="desc">Pattern safety depends on whether the source was origin-clean, not on whether it still is clean</p>
 
 <p class="notes">Disagrees with spec on "is" vs "was"

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.canvas.timing.redirect.html

@@ -0,0 +1,41 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.canvas.timing.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.canvas.timing.redirect</h1>
+<p class="desc">Pattern safety depends on whether the source was origin-clean, not on whether it still is clean</p>
+
+<p class="notes">Disagrees with spec on "is" vs "was"
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Pattern safety depends on whether the source was origin-clean, not on whether it still is clean");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+ctx2.fillStyle = '#0f0';
+ctx2.fillRect(0, 0, 100, 50);
+var p = ctx.createPattern(canvas2, 'repeat');
+ctx2.drawImage(document.getElementById('yellow.png'), 0, 0); // make canvas2 origin-unclean
+ctx.fillStyle = p;
+ctx.fillRect(0, 0, 100, 50);
+canvas.toDataURL();
+ctx.getImageData(0, 0, 1, 1);
+_assert(true, "true"); // okay if there was no exception
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.create.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.create</title>
+<title>Canvas test: security.pattern.create.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.pattern.create</h1>
+<h1>security.pattern.create.cross</h1>
 <p class="desc">Creating an unclean pattern does not make the canvas origin-unclean</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.create.redirect.html

@@ -0,0 +1,32 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.create.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.create.redirect</h1>
+<p class="desc">Creating an unclean pattern does not make the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Creating an unclean pattern does not make the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
+canvas.toDataURL();
+ctx.getImageData(0, 0, 1, 1);
+_assert(true, "true"); // okay if there was no exception
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.cross</title>
+<title>Canvas test: security.pattern.cross.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.pattern.cross</h1>
+<h1>security.pattern.cross.cross</h1>
 <p class="desc">Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.cross.redirect.html

@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.cross.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.cross.redirect</h1>
+<p class="desc">Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Using an unclean pattern makes the target canvas origin-unclean, not the pattern canvas");
+_addTest(function(canvas, ctx) {
+
+var canvas2 = document.createElement('canvas');
+canvas2.width = 100;
+canvas2.height = 50;
+var ctx2 = canvas2.getContext('2d');
+var p = ctx2.createPattern(document.getElementById('yellow.png'), 'repeat');
+ctx.fillStyle = p;
+ctx.fillRect(0, 0, 100, 50);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+canvas2.toDataURL();
+ctx2.getImageData(0, 0, 1, 1);
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.image.fillStyle</title>
+<title>Canvas test: security.pattern.image.fillStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.pattern.image.fillStyle</h1>
+<h1>security.pattern.image.fillStyle.cross</h1>
 <p class="desc">Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.fillStyle.redirect.html

@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.image.fillStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.image.fillStyle.redirect</h1>
+<p class="desc">Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting fillStyle to a pattern of a different-origin image makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
+ctx.fillStyle = p;
+ctx.fillStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.pattern.image.strokeStyle</title>
+<title>Canvas test: security.pattern.image.strokeStyle.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.pattern.image.strokeStyle</h1>
+<h1>security.pattern.image.strokeStyle.cross</h1>
 <p class="desc">Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.image.strokeStyle.redirect.html

@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.pattern.image.strokeStyle.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.pattern.image.strokeStyle.redirect</h1>
+<p class="desc">Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Setting strokeStyle to a pattern of a different-origin image makes the canvas origin-unclean");
+_addTest(function(canvas, ctx) {
+
+var p = ctx.createPattern(document.getElementById('yellow.png'), 'repeat');
+ctx.strokeStyle = p;
+ctx.strokeStyle = 'red';
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+assert_throws("SECURITY_ERR", function() { ctx.getImageData(0, 0, 1, 1); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.reset.cross.html

@@ -1,13 +1,13 @@
 <!DOCTYPE html>
 <!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
-<title>Canvas test: security.reset</title>
+<title>Canvas test: security.reset.cross</title>
 <script src="/resources/testharness.js"></script>
 <script src="/resources/testharnessreport.js"></script>
 <script src="/common/canvas-tests.js"></script>
 <link rel="stylesheet" href="/common/canvas-tests.css">
 <body class="show_output">
 
-<h1>security.reset</h1>
+<h1>security.reset.cross</h1>
 <p class="desc">Resetting the canvas state does not reset the origin-clean flag</p>
 
 

tests/wpt/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.reset.redirect.html

@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<!-- DO NOT EDIT! This test has been generated by tools/gentest.py. -->
+<title>Canvas test: security.reset.redirect</title>
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<script src="/common/canvas-tests.js"></script>
+<link rel="stylesheet" href="/common/canvas-tests.css">
+<body class="show_output">
+
+<h1>security.reset.redirect</h1>
+<p class="desc">Resetting the canvas state does not reset the origin-clean flag</p>
+
+
+<p class="output">Actual output:</p>
+<canvas id="c" class="output" width="100" height="50"><p class="fallback">FAIL (fallback content)</p></canvas>
+
+<ul id="d"></ul>
+<script>
+var t = async_test("Resetting the canvas state does not reset the origin-clean flag");
+_addTest(function(canvas, ctx) {
+
+canvas.width = 50;
+ctx.drawImage(document.getElementById('yellow.png'), 0, 0);
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+canvas.width = 100;
+assert_throws("SECURITY_ERR", function() { canvas.toDataURL(); });
+
+
+});
+</script>
+<script src="/common/get-host-info.sub.js"></script>
+<script src="data:text/javascript,addCrossOriginRedirectYellowImage()"></script>
+