发布通过AJAX画布斑点：$​​ P $ pvent /删除本地缓存 [英] Posting a canvas blob via AJAX: prevent/delete local cache

问题描述

我使用的是这样的方法上传一张画布图像到我的服务器通过AJAX：

I'm uploading a canvas image to my server by AJAX using a method like this:

myCanvas.toBlob( function( blob ) {
    var fdata = new FormData( );
    fdata.append( 'myFile', blob );
    $.ajax( {
        url: 'http://myScript.foo',
        type: 'POST',
        data: fdata,
        processData: false,
        contentType: false
    } );
}, 'image/jpeg', 0.9 );

（与感谢<一href="http://stackoverflow.com/a/8244082/1180785">http://stackoverflow.com/a/8244082/1180785)

不过，据Mozilla，

But according to Mozilla,

toBlob [...]返回的Blob 对象重新presenting包含在画布上的图像;这个文件可以在用户端的自由裁量权被缓存在磁盘上或存储在内存中

toBlob […] Returns a Blob object representing the image contained in the canvas; this file may be cached on the disk or stored in memory at the discretion of the user agent

（ https://developer.mozilla.org/en-US /文档/网页/ API / HTMLCanvasElement ）

这是我的程序，图像不会保留相当重要的（而不是作为一个限制，但作为一个隐私问题）。所以，我需要知道，如果有一个保证，这可能缓存的副本将被删除，而当。也有不少世界反删除程序的潜在风险发现它，所以我想知道我是否能够覆盖数据或以其他方式强制安全删除。

It's quite important for my program that the image is not kept (not as a restriction, but as a privacy concern). So I need to know if there is a guarantee that this possible cached copy will be deleted, and when. There's also a potential risk of undelete programs finding it, so I'd like to know if I can overwrite the data or force a secure deletion in some other way.

如果有可能实现，而不用担心一个本地缓存副本同样的结果，那会更好。加密也是一种选择，如果可能的话。

If it's possible to achieve the same result without risking a locally-cached copy, it would be even better. Encryption is also an option if that's possible.

我只在乎现代浏览器，支持 getUserMedia 明确，所以没有IE浏览器（我有一个Flash后备旧版浏览器，从内存中处理一切）。

I only care about modern browsers, supporting getUserMedia specifically, so no IE (I have a Flash fallback for older browsers which processes everything in memory).

推荐答案

如果隐私和安全是非常重要的，你应该考虑产生数据的uri 从画布的，而不是一个的Blob 对象。

If privacy and security is important you should consider generate a data-uri from the canvas instead of a Blob object.

由于斑点可能会或可能不会被保存（缓存）临时文件在磁盘上会受到安全的情况下（即撤消删除的你提到）。当然，内存的文件/字符串将可用于存储扫描但这是尽可能接近你会得到安全，从画布获取图像时转移。

As the blob may or may not be stored (cached) temporary on disk the file will be subject to security situations (ie. undelete as you mention). A memory file/string will of course be available for a memory scan but this is as close as you'll get to "secure" when getting an image from canvas for transfer.

A 数据的uri 是一般的 ^* 在内存中产生的唯一的，并且包含通常一个base64连接codeD映像（如果你的形象是严重大仍然有它被分页到磁盘的风险）。

A data-uri is usually^* generated in memory only and contains typically a base64 encoded image (if your image is severely large there is still the risk of it being paged to disk).

^*） 实现相关的，如它更可能是移动浏览器将使用临时到文件是否存在稀缺的内存资源可用 - 然而，这种可能的行为是未记录

^*) implementation dependent, e.g. it's more likely that mobile browsers will use a temp-to-file if there is scarce with memory resources available - however, this possible behavior is not documented.

要获得数据的uri 使用来代替：

canvas.toDataURL();

您可以选择指定的图像类型（默认为PNG）：

You can optionally specify an image type (default is PNG):

canvas.toDataURL('image/jpeg'); //optional second parameter is quality [0.0, 1.0]

另一个选择是直接从帆布和存储提取的像素中（键入）阵列。这些数据可以被转移原样或发送数据之前可以使用一个COM pression库COM preSS到例如拉链。

Another option is to extract the pixels directly from canvas and store in a (typed) array. The data can then be transferred as-is or one can use a compression library to compress to for example zip before sending the data.

然而，该方法是最有效的。

However, this approach is the least efficient.

这篇关于发布通过AJAX画布斑点：$​​ P $ pvent /删除本地缓存的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！