Bug 74957

Summary: wouldTaintOrigin m_cleanURLs cache grows very large when data urls used
Product: WebKit Reporter: Scott Graham <scottmg>
Component: CanvasAssignee: Scott Graham <scottmg>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, kbr, mdelaney7, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Scott Graham 2011-12-20 14:35:25 PST 
Downstream discussion here: http://code.google.com/p/chromium/issues/detail?id=107408

Maybe excluding data urls from m_cleanURLs is a reasonable workaround? I assume they can't cause cross-origin problems anyway.
Comment 1 Scott Graham 2011-12-20 14:37:51 PST 
Created attachment 120090 [details]
Patch
Comment 2 Kenneth Russell 2011-12-20 14:52:12 PST 
Comment on attachment 120090 [details]
Patch

This looks fine to me. I can't see any way this could introduce a security hole given that SecurityOrigin::taintsCanvas() already has an early-out for data: URLs. r=me
Comment 3 WebKit Review Bot 2011-12-20 16:39:43 PST 
Comment on attachment 120090 [details]
Patch

Clearing flags on attachment: 120090

Committed r103366: <http://trac.webkit.org/changeset/103366>
Comment 4 WebKit Review Bot 2011-12-20 16:39:47 PST 
All reviewed patches have been landed.  Closing bug.