User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 Build Identifier: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 This is the smallest test case I've been able to create to show the problem: An audio tag with base64-encoded string as source. Attach MozAudioAvailable listener and try to read the samples from the frameBuffer. You get a Security error" code: "1000, even with security.fileuri.strict_origin_policy set to false. I understand that, if I can access a canvas imagedata from a base64-encoded image source without tainting problems, I should be able to do the same with an audio stream. Reproducible: Always Steps to Reproduce: 1. Open the provided webpage with Firefox 4 Actual Results: Check the error console, the script can't access the frameBuffer (Security error" code: "1000) Expected Results: FrameBuffer sample values should be shown on screen.
Mozilla/5.0 (X11; Linux x86_64; rv:7.0a1) Gecko/20110613 Firefox/7.0a1 Confirmed on latest nightly.
> if I can access a canvas imagedata from a base64-encoded image source without > tainting problems Note that canvas explicitly violates same-origin checks there; see the data: check in nsLayoutUtils::SurfaceFromElement
Created attachment 593745 [details] Testcase I ran into the same problem when working on B2G Gaia. Looks like it the problem has been reported, attach my testcase here.
Is this legal or not? I don't see why this should be an error.