eval()inside the worker. The worker has no direct access to the DOM. The ability to draw to the canvas is explicitly allowed via a single
CPU and memory can be consumed easily enough but in a separate thread. A browser should be able to protect you from such excesses in much the same way as it does with a tab with a broken page.
The ideal behaviour would be universal support for
For this particular example, things would be a lot smoother if
Uint8ClampedArray. Currently Chrome, supports transferrable objects and FireFox does
Uint8ClampedArray.That means no browser is ideal, but I expect all browsers will be headed in this direction quite quickly. They make good sense.
Sending a frame-buffer is by no means the most efficient method of doing things, Constructing a small but versitile API wouldn't be too hard, Providing a protocol to send drawing instructions directly to WebGL, would gain a lot of performance for little overhead.
Using this approach, the site can specifically allow what the user content can do. For example, a simple framebuffer approach would allow users to design custom animated avatars, user code would not be able to access any form of input and, most importantly, not be allowed to play any music.