WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
34294
Initialize DOM Storage's quota's current length parameter when we clone it.
https://bugs.webkit.org/show_bug.cgi?id=34294
Summary
Initialize DOM Storage's quota's current length parameter when we clone it.
Jeremy Orlow
Reported
2010-01-28 17:17:59 PST
Initialize DOM Storage's quota's current length parameter when we clone it.
Attachments
Patch
(1014 bytes, patch)
2010-01-28 17:20 PST
,
Jeremy Orlow
abarth
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Jeremy Orlow
Comment 1
2010-01-28 17:20:11 PST
Created
attachment 47661
[details]
Patch
Adam Barth
Comment 2
2010-01-28 17:23:10 PST
Comment on
attachment 47661
[details]
Patch Ok.... I wish this had a test, but you said in IRC that you couldn't write one that actually worked.
Adam Barth
Comment 3
2010-01-28 17:25:40 PST
Jeremy said this might be a security issue. Marking security sensitive to be safe.
Jeremy Orlow
Comment 4
2010-01-28 17:40:37 PST
I've looked closer and now I'm pretty sure this is not a security issue. Background: LocalStorage has quotas and is shared by all tabs. SessionStorage does not have quotas and is a per-tab storage. When you create a new window, we clone the session storage. We store the amount of quota space currently used in m_currentLength and update it on any mutations. The current length is supposed to be copied when we clone the StorageMap but it was not. Cloning should only ever happen for SessionStorage which has no quota (because it never touches disk and there are much better ways to fill up your memory in the browser). In addition, it's a little far-fetched to think that a site could keep opening up more windows despite popup blockers, users noticing, etc. Thus I think this isn't actually a security issue. Sorry for jumping the gun!
Jeremy Orlow
Comment 5
2010-01-28 17:59:28 PST
Landed in 54035.
David Kilzer (:ddkilzer)
Comment 6
2010-02-01 11:35:33 PST
Removing the security bit per
Comment #4
.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug