Summary of problems and solutions encountered when Canvas images cross domains-H5 Tutorial-php.cn

Home

Web Front-end

H5 Tutorial

Summary of problems and solutions encountered when Canvas images cross domains

不言

Sep 17, 2018 pm 04:04 PM

canvashtml5

The content of this article is a summary of the problems and solutions encountered in cross-domain Canvas images. It has certain reference value. Friends in need can refer to it. I hope it will be helpful to you.

Although you can use Canvas without CORS Use pictures in canvas, but this will pollute the canvas. Once the canvas is contaminated, you cannot read its data. For example, you can no longer use canvas's toBlob(), toDataURL() or getImageData() methods, calling them will throw a security error. This mechanism can avoid user privacy leakage caused by pulling remote website information without permission.

The image in the HTML specification has a crossorigin attribute. Combined with the appropriate CORS response header, you can use the image of the cross-domain Summary of problems and solutions encountered when Canvas images cross domains element in the canvas.

##anonymousN/ASame as aboveSupport rendering, supportuse-credentialsN/ASame as aboveSupports rendering, does not support

crossOrigin/CORS	Same domain	No CORS across domains	CORS across domains
default	Supported	Supported rendering, not supported `toDataURL`	Supported rendering, not Support`toDataURL`
			toDataURL
			toDataURL

Summary: Canvas can render cross-domain images normally, but when the cross-domain image does not set a cross-domain response header or does not set crossOrigin = 'anonymous', use canvas.toDataURl will throw the following error:

Chrome

crossOrigin is not set

Uncaught DOMException: Failed to execute 'toDataURL' on 'HTMLCanvasElement': Tainted canvases may not be exported.
at Image.img.onload...

Cross-domain

Access to Image at 'http://localhost:3001/canvas.jpg' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.

crossOrigin=use-credentials## is set #

Access to Image at 'http://localhost:3002/canvas.jpg' from origin 'http://localhost:3000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'http://localhost:3000' is therefore not allowed access.

Safari/Firefox

crossOrigin is not set

SecurityError: The operation is insecure.

Cross domain

[Error] Origin http://192.168.3.99:3000 is not allowed by Access-Control-Allow-Origin.
[Error] Failed to load resource: Origin http://192.168.3.99:3000 is not allowed by Access-Control-Allow-Origin. (canvas.jpg, line 0)
[Error] Cross-origin image load denied by Cross-Origin Resource Sharing policy.

corssOrigin=use is set -credentials

[Error] Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true.
[Error] Failed to load resource: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true. (canvas.jpg, line 0)
[Error] Cross-origin image load denied by Cross-Origin Resource Sharing policy.

Test example

1. Start the server

npm start：Start the server

npm run start:corsdisable：Start the cross-domain image server

npm run start:corsable：Start the cross-domain-CORS image server

2. Visit http://localhost:3000

1. There are compatibility issues with cossOrigin

For browsers that do not support cossOrigin (IE 10 and below are not supported, Android 4.3 and below are not supported) you can use XMLHttprequest and URL.createObjectURL() for compatibility, refer to the test Example Ajax solves the cross-domain problem of Canvas images.

2. Why not use images from the same domain?

Current front-end development generally places static resources on CDN, such as Alibaba Cloud or Tencent Cloud Services, and there will be a dedicated domain name to access these resources.

The above is the detailed content of Summary of problems and solutions encountered when Canvas images cross domains. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

H5: How It Enhances User Experience on the WebApr 19, 2025 am 12:08 AM

H5 improves web user experience with multimedia support, offline storage and performance optimization. 1) Multimedia support: H5 and elements simplify development and improve user experience. 2) Offline storage: WebStorage and IndexedDB allow offline use to improve the experience. 3) Performance optimization: WebWorkers and elements optimize performance to reduce bandwidth consumption.

Deconstructing H5 Code: Tags, Elements, and AttributesApr 18, 2025 am 12:06 AM

HTML5 code consists of tags, elements and attributes: 1. The tag defines the content type and is surrounded by angle brackets, such as. 2. Elements are composed of start tags, contents and end tags, such as contents. 3. Attributes define key-value pairs in the start tag, enhance functions, such as. These are the basic units for building web structure.

Understanding H5 Code: The Fundamentals of HTML5Apr 17, 2025 am 12:08 AM

HTML5 is a key technology for building modern web pages, providing many new elements and features. 1. HTML5 introduces semantic elements such as, , etc., which enhances web page structure and SEO. 2. Support multimedia elements and embed media without plug-ins. 3. Forms enhance new input types and verification properties, simplifying the verification process. 4. Offer offline and local storage functions to improve web page performance and user experience.

H5 Code: Best Practices for Web DevelopersApr 16, 2025 am 12:14 AM

Best practices for H5 code include: 1. Use correct DOCTYPE declarations and character encoding; 2. Use semantic tags; 3. Reduce HTTP requests; 4. Use asynchronous loading; 5. Optimize images. These practices can improve the efficiency, maintainability and user experience of web pages.

H5: The Evolution of Web Standards and TechnologiesApr 15, 2025 am 12:12 AM

Web standards and technologies have evolved from HTML4, CSS2 and simple JavaScript to date and have undergone significant developments. 1) HTML5 introduces APIs such as Canvas and WebStorage, which enhances the complexity and interactivity of web applications. 2) CSS3 adds animation and transition functions to make the page more effective. 3) JavaScript improves development efficiency and code readability through modern syntax of Node.js and ES6, such as arrow functions and classes. These changes have promoted the development of performance optimization and best practices of web applications.

Is H5 a Shorthand for HTML5? Exploring the DetailsApr 14, 2025 am 12:05 AM

H5 is not just the abbreviation of HTML5, it represents a wider modern web development technology ecosystem: 1. H5 includes HTML5, CSS3, JavaScript and related APIs and technologies; 2. It provides a richer, interactive and smooth user experience, and can run seamlessly on multiple devices; 3. Using the H5 technology stack, you can create responsive web pages and complex interactive functions.

H5 and HTML5: Commonly Used Terms in Web DevelopmentApr 13, 2025 am 12:01 AM

H5 and HTML5 refer to the same thing, namely HTML5. HTML5 is the fifth version of HTML, bringing new features such as semantic tags, multimedia support, canvas and graphics, offline storage and local storage, improving the expressiveness and interactivity of web pages.

What Does H5 Refer To? Exploring the ContextApr 12, 2025 am 12:03 AM

H5referstoHTML5,apivotaltechnologyinwebdevelopment.1)HTML5introducesnewelementsandAPIsforrich,dynamicwebapplications.2)Itsupportsmultimediawithoutplugins,enhancinguserexperienceacrossdevices.3)SemanticelementsimprovecontentstructureandSEO.4)H5'srespo

See all articles