当您在画布上把图像从其他域，在画布上有污点和喜欢getDataURL或getImageData一些功能禁用。

当您尝试使用这种功能的SECURITY_ERROR错误发生。

这是为什么保护到位？ 什么样的攻击中使用这种方法吗？

谢谢！

编辑：

我要问：如何可以从其他域过来的图像在攻击中使用？ 为什么beeing污染后使用帆布的浏览器限制我想不通。

That is a cross domain blockade, it is simmilar to fact that you cant access elements from an page inside of iframe and such...

EDIT:

From the w3 documentation:

Note that the URL given in the 'src' or 'data' attributes must be on the same domain as the web page and follows the same domain rule (i.e. same protocol, port, etc.); cross-domain object insertion is not supported for security reasons.

But I bumped into this, maybe you could work out something:
http://dev.w3.org/SVG/tools/svgweb/docs/UserManual.html#cross_domain


By the way cross domain in java script could work on newer browsers, but you need to own both domains, and configure the connection so that is considered trusted, see here:

http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/