fix: add crossOrigin configuration to video examples to prevent WebGL SecurityError

[aomsir]

Background

When video assets are served from a different origin, the examples may load successfully and play audio, but the video image fails to render in WebGL. Browsers then raise a SecurityError similar to:

Failed to execute 'texImage2D' on 'WebGLRenderingContext':
The video element contains cross-origin data, and may not be loaded.

This occurs because WebGL cannot upload video frames as textures unless the video element is initialized with a crossOrigin attribute and the resource is CORS-enabled.

Purpose of This Change

Adding this.load.setCORS('anonymous') ensures that the video element is created with the correct cross-origin configuration. This prevents the WebGL SecurityError and allows video frames to render correctly when assets are hosted on different origins (local development, CDN setups, etc.).

Impact

• No breaking changes.
• No effect on same-origin setups.
• Improves reliability of all video examples in common developer environments.

If further changes or adjustments are preferred, I can update the PR accordingly.

---

Note

Adds this.load.setCORS('anonymous') to video example preloaders so cross-origin videos render correctly in WebGL.

• Video examples: Configure anonymous CORS for video assets
  • public/3.86/src/game objects/video/*:
    • Added this.load.setCORS('anonymous') in preload() across examples (change video source, get first video frame, loop video, multiple video instances, multiple videos, on complete event, play video, stream video from webcam, transparent video, video as shader texture, video controls, video set current time, video snapshot area, video snapshot, video to sprites, video transition).
  • public/3.55/src/game objects/video/play video.js:
    • Added this.load.setCORS('anonymous') before setting BaseURL.

^{Written by Cursor Bugbot for commit 9b6ead7. This will update automatically on new commits. Configure here.}

[VIUK-XV]

Thanks for the cleanup. One small question: should stream video from webcam.js be included in this change?

That example does not preload a video file; it uses navigator.mediaDevices.getUserMedia() and only preloads image assets from the CDN. Since setCORS('anonymous') applies to subsequent loader files, this change seems unrelated to the WebGL video texture issue described in the PR and may be better left out unless there is a specific image/CORS issue this also fixes.

[aomsir]

Thanks for the cleanup. One small question: should stream video from webcam.js be included in this change?

That example does not preload a video file; it uses navigator.mediaDevices.getUserMedia() and only preloads image assets from the CDN. Since setCORS('anonymous') applies to subsequent loader files, this change seems unrelated to the WebGL video texture issue described in the PR and may be better left out unless there is a specific image/CORS issue this also fixes.

Confirmed — this example uses getUserMedia() rather than preloading a video file, so the loader CORS setting is unrelated to the cross-origin video texture issue described in this PR.

Removed it in 9f616d2 to keep the scope focused on CDN-loaded video files.