I have a page that uses a HTML Canvas and some JavaScript to extract colours from an image. I've ensured that the images are pulled from the server directly, rather than from a CDN.
I've also set the server headers to Access-Control-Allow-Origin:*. This was working until I enabled Google's PageSpeed service. Triggering the script (clicking on one of the icons) now produces the dreaded Unable to get image data from canvas because the canvas has been tainted by cross-origin data. error (it works fine when bypassing PageSpeed however).
I've disabled any image hosting in the pagespeed control panel, which initially seemed to work, however this morning I'm seeing the error again.
I've also ensured that the .js file that manipulates the canvas is excluded from PageSpeed optimizations. I know that I can simply disable pagespeed for that URL, but that seems rather heavy handed (especially so, given that there are pages below the base URL that need the optimizations, but there's no way that I can see to exclude one URL while including its subdirectories in pagespeed).
How can I find out exactly what's triggering the error? In other words, where does Chrome think cross-origin data is coming from?