Platform/GFX/2011-May-9: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 9: | Line 9: | ||
** Need to fix INVALID_FRAMEBUFFER_OPERATION error then run reftests. | ** Need to fix INVALID_FRAMEBUFFER_OPERATION error then run reftests. | ||
* WebGL cross-domain image theft vulnerability (bjacob, jrmuizel) | * WebGL cross-domain image theft vulnerability (bjacob, jrmuizel) | ||
** proof of concept: http://www.contextis.co.uk/resources/blog/webgl/ | ** proof of concept: http://www.contextis.co.uk/resources/blog/webgl/poc/index.html | ||
** Best option at the moment seems to be to forbid loading textures from cross-domain images without CORS approval. | ** Best option at the moment seems to be to forbid loading textures from cross-domain images without CORS approval. | ||
** Must block usage of a canvas 2D context as proxy to work around this security measure. | ** Must block usage of a canvas 2D context as proxy to work around this security measure. | ||
Revision as of 18:23, 9 May 2011
- Every Monday at 2:30 PM Pacific/5:30 PM Eastern/22:30 UTC/Tuesday at 11:30 AM NZDT
- +1 650 903 0800 x92 Conf# 8604
- +1 416 848 3114 x92 Conf# 8604
- +1 800 707 2533 (pin 369) Conf# 8604 (toll free, Skype)
Agenda:
- GL Layers on Fennec (bjacob, joe)
- Wiki page gives an idea of how much work there's left to do.
- Need to fix INVALID_FRAMEBUFFER_OPERATION error then run reftests.
- WebGL cross-domain image theft vulnerability (bjacob, jrmuizel)
- proof of concept: http://www.contextis.co.uk/resources/blog/webgl/poc/index.html
- Best option at the moment seems to be to forbid loading textures from cross-domain images without CORS approval.
- Must block usage of a canvas 2D context as proxy to work around this security measure.
- Other WebGL fixes (bjacob)
- About:memory support for WebGL
- Patch for Bas' bug report