[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Public WebGL] Proposed change to WebGL spec section 4.2 (Security Origin Restrictions)




----- Original Message -----

> Does CORS like stuff apply to images so a server can declare
> images from it are usable by any domain?

CORS does/can, though I don't know if any browser interprets it correctly that way.  I have no idea what we do in Firefox; we have a generic same-origin checking path for two resources, so it's possible that it might "just work".

I'd really like to get finer-grained same origin control in canvas, but I don't think doing it in webgl/webgl spec is the right place to do it.  You can make the same argument for canvas 2d (e.g. clearing the canvas should result in it being origin clean again, but it doesn't).  So while I'm in favor of the functionality, I don't think we should look at doing anything webgl-specific to get it for now.

    - Vlad
-----------------------------------------------------------
You are currently subscribed to public_webgl@khronos.org.
To unsubscribe, send an email to majordomo@khronos.org with
the following command in the body of your email: