Bug 67940

Summary: Add a depth limit for iframes
Product: WebKit Reporter: Dave Bowker <davebowker85>
Component: FramesAssignee: Tim Nguyen (:ntim) <ntim>
Status: RESOLVED FIXED    
Severity: Minor CC: ap, ntim, webkit-bug-importer
Priority: P4 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   

Dave Bowker
Reported 2011-09-12 09:59:34 PDT
Interesting experiment, I iframed the url of the page that I was on, thereby it containing the iframe and loading the page which contained the ifram and loaded the page which contained the iframe... This didn't seem to max out at any point. Tried this on Firefox 6 and it seemed to have a depth limit of 9 before it no longer created iframes withi itself.
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2011-09-12 12:10:54 PDT
I'm not sure what the requested action on this bug is. Would you like to suggest for WebKit to add iframe nesting depth limit?
Dave Bowker
Comment 2 2011-09-12 15:30:41 PDT
(In reply to comment #1) > I'm not sure what the requested action on this bug is. Would you like to suggest for WebKit to add iframe nesting depth limit? Depth limit would help, right?
Alexey Proskuryakov
Comment 3 2011-09-12 15:39:59 PDT
Are you aware of any Web sites that work incorrectly due to us not having a depth limit?
Dave Bowker
Comment 4 2011-09-12 16:39:45 PDT
(In reply to comment #3) > Are you aware of any Web sites that work incorrectly due to us not having a depth limit? Not that I know of, but if this 'bug' were more widely known could you envision someone exploiting it?
Alexey Proskuryakov
Comment 5 2011-09-12 17:33:52 PDT
It would save some back and forth if you were more specific about the problem. The word "exploit" is usually associated with security exploits - are you saying that there is one? If so, please mark the bug as security sensitive, and explain why. Otherwise, what is the problem with displaying nested iframes?
Dave Bowker
Comment 6 2011-09-13 03:03:29 PDT
(In reply to comment #5) > It would save some back and forth if you were more specific about the problem. > > The word "exploit" is usually associated with security exploits - are you saying that there is one? If so, please mark the bug as security sensitive, and explain why. > > Otherwise, what is the problem with displaying nested iframes? There is no problem displaying with displaying nested iframes, but why would you need an 'unlimited' amount of them? If I were trying to create a security/performance issue i could open hundreds of nested iframes displaying the parent page with the contained iframe inside, which I did. CPU spiked (Quad core 3.2ghz) to between 80-90%, RAM usage started climbing from 3gb to 6gb in the space of 5 minutes... I can script something that would kill a browser in javascript fine, but to do this just by using HTML and creating an infinite loop of iframes seems too easy, and easily preventable by just having a nesting depth.
Alexey Proskuryakov
Comment 7 2011-09-13 09:01:38 PDT
Thanks, just trying to make sure that I didn't miss something important.
Dave Bowker
Comment 8 2011-09-13 09:25:56 PDT
(In reply to comment #7) > Thanks, just trying to make sure that I didn't miss something important. No problem. :)
Tim Nguyen (:ntim)
Comment 9 2022-12-06 21:48:06 PST
rdar://101560112
Tim Nguyen (:ntim)
Comment 10 2022-12-06 21:48:18 PST
*** Bug 248832 has been marked as a duplicate of this bug. ***
Tim Nguyen (:ntim)
Comment 11 2022-12-07 10:06:31 PST
Pull request: https://github.com/WebKit/WebKit/pull/7219
EWS
Comment 12 2022-12-08 01:28:16 PST
Committed 257550@main (65071a674a05): <https://commits.webkit.org/257550@main> Reviewed commits have been landed. Closing PR #7219 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.