RESOLVED FIXED 38750
[Chromium] Add quota parameter to WebViewClient::createSessionStorageNamespace() 
https://bugs.webkit.org/show_bug.cgi?id=38750
Summary [Chromium] Add quota parameter to WebViewClient::createSessionStorageNamespace()
Hans Wennborg
Reported 2010-05-07 08:09:47 PDT
[Chromium] StorageNamespaceProxy should pass quota argument for SessionStorage
Attachments
Patch (6.51 KB, patch)
2010-05-07 08:12 PDT, Hans Wennborg 		no flags
DetailsFormatted DiffDiff
Patch (6.86 KB, patch)
2010-05-10 02:34 PDT, Hans Wennborg 		no flags
DetailsFormatted DiffDiff
Patch (6.92 KB, patch)
2010-05-10 02:45 PDT, Hans Wennborg 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Hans Wennborg
Comment 1 2010-05-07 08:12:41 PDT
Created attachment 55377 [details] Patch
Eric Seidel (no email)
Comment 2 2010-05-07 21:50:04 PDT
Comment on attachment 55377 [details] Patch Never in this bug or ChangeLog is there any explanation of "why".
Jeremy Orlow
Comment 3 2010-05-10 01:31:33 PDT
Comment on attachment 55377 [details] Patch Didn't you mean to commit-queue+ this? > diff --git a/WebKit/chromium/ChangeLog b/WebKit/chromium/ChangeLog > index 039cd6c8cf40225242ab5e344228330c25ff298a..f524215c85002614593e2d1f2bc09fa3bef93f91 100644 > --- a/WebKit/chromium/ChangeLog > +++ b/WebKit/chromium/ChangeLog > @@ -1,3 +1,16 @@ > +2010-05-07 Hans Wennborg <hans@chromium.org> > + > + Reviewed by NOBODY (OOPS!). > + > + [Chromium] StorageNamespaceProxy should pass quota argument for SessionStorage > + https://bugs.webkit.org/show_bug.cgi?id=38750 Please explain why you're doing this and maybe a high level of what you're doing. > + > + * public/WebStorageNamespace.h: > + * public/WebViewClient.h: > + (WebKit::WebViewClient::createSessionStorageNamespace): > + * src/StorageNamespaceProxy.cpp: > + (WebCore::StorageNamespace::sessionStorageNamespace): > + > 2010-05-06 Pavel Feldman <pfeldman@chromium.org> > > Reviewed by Timothy Hatcher. > diff --git a/WebKit/chromium/public/WebStorageNamespace.h b/WebKit/chromium/public/WebStorageNamespace.h > index 4b648d43a63622dd5b149af588715879ee1f403a..df9feaaeee11a6e89391d7287de5214ae49aef8e 100644 > --- a/WebKit/chromium/public/WebStorageNamespace.h > +++ b/WebKit/chromium/public/WebStorageNamespace.h > @@ -49,11 +49,22 @@ public: > // object when you're finished. > WEBKIT_API static WebStorageNamespace* createLocalStorageNamespace(const WebString& backingDirectoryPath, unsigned quota); > WEBKIT_API static WebStorageNamespace* createSessionStorageNamespace(unsigned quota); > + > + // FIXME(hans) Remove this when Chromium is rolled and all callers pass // FIXME:Remove this .... > + // the quota argument. Don't line wrap. > WEBKIT_API static WebStorageNamespace* createSessionStorageNamespace() > { > return createSessionStorageNamespace(noQuota); > } > > + // The quota for each storage area. Suggested by the spec. > + static const unsigned m_localStorageQuota = 5 * 1024 * 1024; > + > + // Since SessionStorage memory is allocated in the browser process, we place a > + // per-origin quota on it. Like LocalStorage there are known attacks against > + // this, so it's more of a sanity check than a real security measure. > + static const unsigned m_sessionStorageQuota = 5 * 1024 * 1024; > + > static const unsigned noQuota = UINT_MAX; > > virtual ~WebStorageNamespace() { } > diff --git a/WebKit/chromium/public/WebViewClient.h b/WebKit/chromium/public/WebViewClient.h > index 98e048593658f8bb97d8ed48a604f6cf3ad98679..749f559061430c67608f307aa0ade250c6ace6d1 100644 > --- a/WebKit/chromium/public/WebViewClient.h > +++ b/WebKit/chromium/public/WebViewClient.h > @@ -81,6 +81,10 @@ public: > virtual WebWidget* createPopupMenu(const WebPopupMenuInfo&) { return 0; } > > // Create a session storage namespace object associated with this WebView. > + > + // FIXME(hans) This is needed while subclasses implement the method without ditto > + // the quota parameter but callers inside WebKit pass a quota argument. ditto
Hans Wennborg
Comment 4 2010-05-10 02:34:23 PDT
Created attachment 55531 [details] Patch
Jeremy Orlow
Comment 5 2010-05-10 02:39:44 PDT
Comment on attachment 55531 [details] Patch > diff --git a/WebKit/chromium/ChangeLog b/WebKit/chromium/ChangeLog > index 8a25606961ee8b3995a77c5a97e7bedcb9135890..5d13f4d8b182fd1ae743f5c3c0548e1414c47a4a 100644 > --- a/WebKit/chromium/ChangeLog > +++ b/WebKit/chromium/ChangeLog > @@ -1,3 +1,21 @@ > +2010-05-10 Hans Wennborg <hans@chromium.org> > + > + Reviewed by NOBODY (OOPS!). > + > + [Chromium] Add quota parameter to WebViewClient::createSessionStorageNamespace() > + > + Put a per-origin quota on session storage since it is using memory in > + the browser process, and should not be allowed to grow arbitrarily > + large. See also r58828. Links to trac.webkit.org are probably better than just saying rXXXXX. > + https://bugs.webkit.org/show_bug.cgi?id=38750 This goes directly below the subject line...then a blank newline...then the full description. Same goes for the other change log. Otherwise, looks good. Please fix and re-upload with commit queue bit since you can't commit yet.
Hans Wennborg
Comment 6 2010-05-10 02:45:49 PDT
Created attachment 55532 [details] Patch
WebKit Commit Bot
Comment 7 2010-05-10 07:27:36 PDT
Comment on attachment 55532 [details] Patch Clearing flags on attachment: 55532 Committed r59077: <http://trac.webkit.org/changeset/59077>
WebKit Commit Bot
Comment 8 2010-05-10 07:27:43 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.