Bug 74957

Summary: wouldTaintOrigin m_cleanURLs cache grows very large when data urls used
Product: WebKit Reporter: Scott Graham <scottmg>
Component: CanvasAssignee: Scott Graham <scottmg>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, kbr, mdelaney7, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Scott Graham
Reported 2011-12-20 14:35:25 PST
Downstream discussion here: http://code.google.com/p/chromium/issues/detail?id=107408 Maybe excluding data urls from m_cleanURLs is a reasonable workaround? I assume they can't cause cross-origin problems anyway.
Attachments
Patch (1.43 KB, patch)
2011-12-20 14:37 PST, Scott Graham
no flags
Scott Graham
Comment 1 2011-12-20 14:37:51 PST
Kenneth Russell
Comment 2 2011-12-20 14:52:12 PST
Comment on attachment 120090 [details] Patch This looks fine to me. I can't see any way this could introduce a security hole given that SecurityOrigin::taintsCanvas() already has an early-out for data: URLs. r=me
WebKit Review Bot
Comment 3 2011-12-20 16:39:43 PST
Comment on attachment 120090 [details] Patch Clearing flags on attachment: 120090 Committed r103366: <http://trac.webkit.org/changeset/103366>
WebKit Review Bot
Comment 4 2011-12-20 16:39:47 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.