David Walsh Blog

Cross Domain Canvas Images

You can do some really awesome stuff with images when you push their data into canvas.  And of course, when you’re done playing around with the image, you can export the canvas data to an IMG element and data URI.  What we sometimes don’t remember, however, is that the cross-origin rules apply to those images, so if you try to convert an image from another host to canvas, you’ll get an error.  You can use this snippet from HTML5 Boilerplate within the image host domain’s .htaccess file to allow cross-origin data reading of images:

<IfModule mod_setenvif.c>
	<IfModule mod_headers.c>
		<FilesMatch "\.(cur|gif|ico|jpe?g|png|svgz?|webp)$">
			SetEnvIf Origin ":" IS_CORS
			Header set Access-Control-Allow-Origin "*" env=IS_CORS

Allowing for CORS within .htaccess then allows you to pull image data when the image is on another domain. This is especially useful on CDNs! .htaccess is a life-saver sometimes!