From edc4b0b9bb87aeae2e923a5a0d93e12ee171906d Mon Sep 17 00:00:00 2001
From: Christophe Simonis <chs@odoo.com>
Date: Mon, 20 Oct 2014 20:14:36 +0200
Subject: [PATCH] [FIX] {web,point_of_sale}: allow cross-origin access to
 company logo

---
 addons/point_of_sale/static/src/js/models.js |    5 +++--
 addons/web/controllers/main.py               |    2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/addons/point_of_sale/static/src/js/models.js b/addons/point_of_sale/static/src/js/models.js
index 66b9d67..17eb0f6 100644
--- a/addons/point_of_sale/static/src/js/models.js
+++ b/addons/point_of_sale/static/src/js/models.js
@@ -276,18 +276,19 @@ function openerp_pos_models(instance, module){ //module is instance.point_of_sal
                             c.height = height
                         var ctx = c.getContext('2d');
                             ctx.drawImage(self.company_logo,0,0, width, height);
-                        
+
                         self.company_logo_base64 = c.toDataURL();
                         logo_loaded.resolve();
                     };
                     self.company_logo.onerror = function(){
                         logo_loaded.reject();
                     };
+                    self.company_logo.crossOrigin = "anonymous";
                     self.company_logo.src = '/web/binary/company_logo'+'?_'+Math.random();
 
                     return logo_loaded;
                 });
-        
+
             return loaded;
         },
 
diff --git a/addons/web/controllers/main.py b/addons/web/controllers/main.py
index b59e01b..295783d 100644
--- a/addons/web/controllers/main.py
+++ b/addons/web/controllers/main.py
@@ -1471,7 +1471,7 @@ class Binary(http.Controller):
         '/web/binary/company_logo',
         '/logo',
         '/logo.png',
-    ], type='http', auth="none")
+    ], type='http', auth="none", cors="*")
     def company_logo(self, dbname=None, **kw):
         # TODO add etag, refactor to use /image code for etag
         uid = None
-- 
1.7.10.4