chromium/third_party/blink/web_tests/svg/as-image/svg-canvas-xhtml-tainted.html

<!DOCTYPE html>
<title>A link in a &lt;foreignObject> in an SVG image taints a canvas</title>
<script src="../../resources/testharness.js"></script>
<script src="../../resources/testharnessreport.js"></script>
<script>
  async_test(t => {
    let image = new Image();
    image.src = "resources/link-xhtml.svg";
    image.onload = t.step_func_done(() => {
      let ctx = document.createElement("canvas").getContext("2d");

      ctx.getImageData(0, 0, 1, 1);
      ctx.drawImage(image, 0, 0);

      assert_throws_dom("SecurityError", () => ctx.getImageData(0, 0, 1, 1));
    });
  });
</script>