I was working on a project today that involves using HTML5's "Canvas" feature, and ran into an error that I had never seen before.
The error thrown was:
SecurityError: DOM Exception 18: An attempt was made to break through the security policy of the user agent.
The error was being thrown at a point in the code where I call the toDataURL() method.
It took awhile, but I eventually discovered that the error was being thrown because there were images being drawn on the canvas which were not in the same domain as the file itself. In my case, I was working on a local HTML file.
The "fix" for this is to look at the sources of the images being added to the canvas. Make absolutely sure that they match the domain that the HTML file itself is on - even if you're working on a local file.