Option 1
Use an img.
var image = document.createElement( 'img' );
image.src = dataurl;
var texture = new THREE.Texture( image );
texture.needsUpdate = true;
See here.
Option 2
Where is the html server from? If it is a local htm file, then you could instead serve it from a web server on the local machine (e.g. IIS / apache).
Whether the server is local or remote, you can upload the image to your web server when they have selected it and use a URL to retrieve it from the web server. This will satisfy the cross-origin policies.
Option 3
- Convert the image into Base64 text
- Store it in an external Javascript file
- Link it to your project page
- Load it into your texture
See here (SO answer) and here (details off-site).
Option 4
Create a shortcut for the browser such as:
c:// ... /chrome.exe --allow-file-access-from-files
Option 5
Use the .crossOrigin = ''
property. It was not working, but I think it is now fixed. See here and here.