https://html.spec.whatwg.org/multipage/canvas.html#the-image-argument-is-not-origin-clean

The spec currently uses the origin of the image resource to determine if the resource taints the canvas or not.

It kinda hand-waves that the image has an origin, which isn't accurate enough, especially considering redirects and service workers.

This should be replaced by flags on images & videos to indicate they hold opaque content, which is judged by the current resource using CORS-cross-origin responses (the naming of this is misleading, but we can rename that some other time).

This means that <img crossorigin> resources can be drawn to the canvas without tainting despite being from another origin. This appears to be how browsers behave anyway.

I'm going to spec this flag for media elements as I need it for something else.