Requesting Textures with credentials fails

[ksons]

In Chrome, image requests are sent without credentials. This is because xml3d.js sets the crossOrigin to "anonymous" if the request is cross-origin or not.

A possible solution:

• Remove setting to "anonymous"
• Check if texture request is cross origing
• If yes, set the CORS attribute to the value defined by an entry in XML3D.options

As soon as a cross-side texture is used, the related canvas is set tainted and operations such as picking will stop working because the browser throws a security exception if pixels are read. Thus a warning should be written to console if someone tries using a cross-side texture. Also, one should check if the security exception is handled in the framework.