#88 Think about reimplementation of `CanvasRenderingContext2D.isPointInStroke` and `CanvasRenderingContext2D.isPointInPath`
Opened 2 months ago by polcak. Modified 2 months ago


CanvasRenderingContext2D.isPointInStrokeandCanvasRenderingContext2D.isPointInPath` return either:

  • Always False
  • Randomly False or the correct answer

That means that repeated calls with the same parameters can return True. That means that the correct value can be quite precisely guessed by repeated calls. Additionally, the repeated calls reveal inconsistencies. The behaviour can possibly break innocent code that expect constant results.

An option to consider is to farble the results according to x and y coordinates, the current color (possibly farbled) and the session hash of the domain. That will make the calls pure functions as expected.

A possible downside is the risk of leaking the session hash as the attacker can control, x, y, and the color.


JShelter Version: 0.11.1

Login to comment on this ticket.