chromium/src/third_party/blink/web_tests/http/tests/security/canvas-remote-read-redirect-to-remote-image.html - manifest_repos/chromium_src - Git at Google

 <html>
 <head>
 <script>
 if (window.testRunner)
     testRunner.dumpAsText();

 function log(msg)
 {
     document.getElementById('console').appendChild(document.createTextNode(msg + "\n"));
 }

 function draw()
 {
     var canvas = document.getElementById("canvas");
     var ctx = canvas.getContext("2d");
     ctx.drawImage(document.getElementById("img"), 0, 0);

     try {
         var data = ctx.getImageData(20, 20, 290, 75);
         log("FAIL: getImageData succeeded. Canvas not tainted.");
     } catch (e) {
         log("PASS: getImageData failed. Canvas tainted.");
     }
 }
 </script>
 </head>
 <body>
 <p>This tests that drawing an image that redirects to a remote image to a canvas taints the canvas</p>
 <pre id="console"></pre>
 <canvas id="canvas" width="330" height="115"></canvas>
 <img id="img" onload="draw()" src="resources/redir.php?url=http://localhost:8000/security/resources/abe.png">
 </body>
 </html>
	<html>
	<head>
	<script>
	if (window.testRunner)
	testRunner.dumpAsText();

	function log(msg)
	{
	document.getElementById('console').appendChild(document.createTextNode(msg + "\n"));
	}

	function draw()
	{
	var canvas = document.getElementById("canvas");
	var ctx = canvas.getContext("2d");
	ctx.drawImage(document.getElementById("img"), 0, 0);

	try {
	var data = ctx.getImageData(20, 20, 290, 75);
	log("FAIL: getImageData succeeded. Canvas not tainted.");
	} catch (e) {
	log("PASS: getImageData failed. Canvas tainted.");
	}
	}
	</script>
	</head>
	<body>
	<p>This tests that drawing an image that redirects to a remote image to a canvas taints the canvas</p>
	<pre id="console"></pre>
	<canvas id="canvas" width="330" height="115"></canvas>
	<img id="img" onload="draw()" src="resources/redir.php?url=http://localhost:8000/security/resources/abe.png">
	</body>
	</html>