81
User agents must support PNG ("image/pngp1156
"). User agents may support other types. If the user agent does not support the requested type, it
must create the file using the PNG format.[PNG]p1162
User agents mustconvert the provided type to ASCII lowercasep63
before establishing if they support that type.
For image types that do not support an alpha channel, the serialised image must be the bitmap image composited onto a solid black background
using the source-over operator.
If the first argument inargumentsgives a type corresponding to one of the types given in the first column of the following table, and the user agent
supports that type, then the subsequent arguments, if any, must be treated as described in the second cell of that row.
Arguments for serialisation methods
Type
Other arguments
Reference
image/
jpegp1156
The second argument, if it is a number in the range 0.0 to 1.0 inclusive, must be treated as the desired quality level. If it is not a number or is outside
that range, the user agent must use its default value, as if the argument had been omitted.
[JPEG]p1161
For the purposes of these rules, an argument is considered to be a number if it is converted to an IDL double value by the rules for handling
arguments of typeanyin the Web IDL specification.[WEBIDL]p1164
Other arguments must be ignored and must not cause the user agent to throw an exception. A future version of this specification will probably
define other parameters to be passed to these methods to allow authors to more carefully control compression settings, image metadata, etc.
4.12.5.5 Security withcanvasp583
elements
This section is non-normative.
Information leakagecan occur if scripts from oneoriginp767
can access information (e.g. read pixels) from images from another origin (one that isn't
thesamep769
).
To mitigate this, bitmaps used withcanvasp583
elements andImageBitmapp880
objects are defined to have a flag indicating whether they are
origin-cleanp584
. All bitmaps start with theirorigin-cleanp584
set to true. The flag is set to false when cross-origin images or fonts are used.
ThetoDataURL()p586
,toBlob()p586
, andgetImageData()p631
methods check the flag and will throw a"SecurityError"
DOMException
rather than leak cross-origin data.
The value of theorigin-cleanp584
flag is propagated from a sourcecanvasp583
element's bitmap to a newImageBitmapp880
object by
createImageBitmap()p882
. Conversely, a destinationcanvasp583
element's bitmap will have itsorigin-cleanp584
flags set to false by
drawImagep621
if the source image is anImageBitmapp880
object whose bitmap has itsorigin-cleanp584
flag set to false.
The flag can be reset in certain situations; for example, when changing the value of thewidthp584
or theheightp584
content attribute of the
canvasp583
element to which aCanvasRenderingContext2Dp587
is bound, the bitmap is cleared and itsorigin-cleanp584
flag is reset.
When using anImageBitmapRenderingContextp642
, the value of theorigin-cleanp584
flag is propagated fromImageBitmapp880
objects when
they are transfered to thecanvasp583
viatransferFromImageBitmap()p644
.
4.13 Custom elements
This section is non-normative.
Custom elementsp651
provide a way for authors to build their own fully-featured DOM elements. Although authors could always use non-standard
elements in their documents, with application-specific behaviour added after the fact by scripting or similar, such elements have historically been
For example, the value "image/pngp1156
" would mean to generate a PNG image, the value "image/jpegp1156
" would mean to
generate a JPEG image, and the value "image/svg+xmlp1156
" would mean to generate an SVG image (which would require that the
user agent track how the bitmap was generated, an unlikely, though potentially awesome, feature).
Example
4.13.1 Introduction
645
