RESOLVED FIXED 212253
Web Inspector: Storage: don't request the list of IndexedDB database names multiple times for the same security origin 
https://bugs.webkit.org/show_bug.cgi?id=212253
Summary Web Inspector: Storage: don't request the list of IndexedDB database names mu...
Devin Rousso
Reported 2020-05-21 22:12:37 PDT
# STEPS TO REPRODUCE: 1. inspect <https://www.businessinsider.com> 2. reload the page a few times => multiple `ONE_SIGNAL_SDK_DB` IndexedDB databases are shown
Attachments
Patch (2.39 KB, patch)
2020-05-21 22:19 PDT, Devin Rousso 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Devin Rousso
Comment 1 2020-05-21 22:12:54 PDT
<rdar://problem/62945903>
Devin Rousso
Comment 2 2020-05-21 22:19:58 PDT
Created attachment 400026 [details] Patch
Joseph Pecoraro
Comment 3 2020-05-21 22:49:59 PDT
Comment on attachment 400026 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=400026&action=review r=me > Source/WebInspectorUI/ChangeLog:11 > + This can happen if additional frames are added that share the same security origin as the > + main frame. Simply maintain a `Set` of security origins that've already been requested for > + and ignore any repeat requests. In general Storage probably doesn't respect the double key'd nature of storages of (top frame, inner frame). But I think this is probably fine since the same origin within two subframes is probably the same.
Devin Rousso
Comment 4 2020-05-21 23:00:57 PDT
Comment on attachment 400026 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=400026&action=review >> Source/WebInspectorUI/ChangeLog:11 >> + and ignore any repeat requests. > > In general Storage probably doesn't respect the double key'd nature of storages of (top frame, inner frame). But I think this is probably fine since the same origin within two subframes is probably the same. We kinda do? 😅 The logic in `InspectorIndexedDBAgent::requestDatabaseNames` does use the `Document::securityOrigin` and Document::topOrigin` when getting the database names, so maybe we should also walk the `WI.Frame` ancestors and create a paired key for `_requestSecurityOrigins` instead. I was thinking that we didn't do this based on the fact that `IndexedDB.requestDatabaseNames` only took a single `securityOrigin`. Interesting that both security origins come from the same `Document` 🤔
Devin Rousso
Comment 5 2020-05-21 23:22:22 PDT
Comment on attachment 400026 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=400026&action=review >>> Source/WebInspectorUI/ChangeLog:11 >>> + and ignore any repeat requests. >> >> In general Storage probably doesn't respect the double key'd nature of storages of (top frame, inner frame). But I think this is probably fine since the same origin within two subframes is probably the same. > > We kinda do? 😅 The logic in `InspectorIndexedDBAgent::requestDatabaseNames` does use the `Document::securityOrigin` and Document::topOrigin` when getting the database names, so maybe we should also walk the `WI.Frame` ancestors and create a paired key for `_requestSecurityOrigins` instead. > > I was thinking that we didn't do this based on the fact that `IndexedDB.requestDatabaseNames` only took a single `securityOrigin`. Interesting that both security origins come from the same `Document` 🤔 Actually, i think what's here now is fine as the `Document::topOrigin` should always be the same for any given page so really the only thing that's changing is the `Document::securityOrigin`.
EWS
Comment 6 2020-05-22 14:54:38 PDT
Committed r262077: <https://trac.webkit.org/changeset/262077> All reviewed patches have been landed. Closing bug and clearing flags on attachment 400026 [details].
Note You need to log in before you can comment on or make changes to this bug.