Cross-domain textures

Loading of WebGL textures is subject to cross-domain access controls. In order for your content to load a texture from another domain, CORS approval needs to be be obtained. See HTTP access control for details on CORS.

See this hacks.mozilla.org article for an explanation of how to use CORS-approved images as WebGL textures, with a self-contained example.

Note: CORS support for WebGL textures and the crossOrigin attribute for image elements is implemented in Gecko 8.0.

Tainted (write-only) 2D canvases can't be used as WebGL textures. A 2D <canvas> becomes tainted, for example, when a cross-domain image is drawn on it.

Note: CORS support for Canvas 2D drawImage is implemented in Gecko 9.0. This means that using a cross-domain image with CORS approval does no longer taint the 2D canvas, so the 2D canvas remains usable as the source of a WebGL texture.

Note: CORS support for cross-domain videos and the crossorigin attribute for <video> elements is implemented in Gecko 12.0.

Document Tags and Contributors

Contributors to this page: Sheppy, jswisher, Jeremie, kscarfone, jbuck, yyss, bjacob
Last updated by: Jeremie,