the canvas has been tainted by cross-origin data at imgonload

This error message means that you are trying to use an image from a different domain than the one hosting your web page, and this violates the same-origin policy. As a security measure, web browsers prevent scripts from accessing data across different domains, unless the domains have explicitly allowed such access through CORS (Cross-Origin Resource Sharing) headers.

To fix this issue, you need to make sure that the image you want to use is either hosted on the same domain as your web page, or that the domain hosting the image has set the appropriate CORS headers to allow cross-origin requests.

Alternatively, you can use a proxy server to fetch the image from the other domain and serve it from your own domain, thus avoiding the cross-origin restriction.