Bug 67940 - Add a depth limit for iframes
Summary: Add a depth limit for iframes
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Frames (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P4 Minor
Assignee: Tim Nguyen (:ntim)
URL:
Keywords: InRadar
: 248832 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-09-12 09:59 PDT by Dave Bowker
Modified: 2022-12-08 01:28 PST (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dave Bowker 2011-09-12 09:59:34 PDT
Interesting experiment, I iframed the url of the page that I was on, thereby it containing the iframe and loading the page which contained the ifram and loaded the page which contained the iframe...

This didn't seem to max out at any point. Tried this on Firefox 6 and it seemed to have a depth limit of 9 before it no longer created iframes withi itself.
Comment 1 Alexey Proskuryakov 2011-09-12 12:10:54 PDT
I'm not sure what the requested action on this bug is. Would you like to suggest for WebKit to add iframe nesting depth limit?
Comment 2 Dave Bowker 2011-09-12 15:30:41 PDT
(In reply to comment #1)
> I'm not sure what the requested action on this bug is. Would you like to suggest for WebKit to add iframe nesting depth limit?

Depth limit would help, right?
Comment 3 Alexey Proskuryakov 2011-09-12 15:39:59 PDT
Are you aware of any Web sites that work incorrectly due to us not having a depth limit?
Comment 4 Dave Bowker 2011-09-12 16:39:45 PDT
(In reply to comment #3)
> Are you aware of any Web sites that work incorrectly due to us not having a depth limit?

Not that I know of, but if this 'bug' were more widely known could you envision someone exploiting it?
Comment 5 Alexey Proskuryakov 2011-09-12 17:33:52 PDT
It would save some back and forth if you were more specific about the problem.

The word "exploit" is usually associated with security exploits - are you saying that there is one? If so, please mark the bug as security sensitive, and explain why.

Otherwise, what is the problem with displaying nested iframes?
Comment 6 Dave Bowker 2011-09-13 03:03:29 PDT
(In reply to comment #5)
> It would save some back and forth if you were more specific about the problem.
> 
> The word "exploit" is usually associated with security exploits - are you saying that there is one? If so, please mark the bug as security sensitive, and explain why.
> 
> Otherwise, what is the problem with displaying nested iframes?

There is no problem displaying with displaying nested iframes, but why would you need an 'unlimited' amount of them? If I were trying to create a security/performance issue i could open hundreds of nested iframes displaying the parent page with the contained iframe inside, which I did.

CPU spiked (Quad core 3.2ghz) to between 80-90%, RAM usage started climbing from 3gb to 6gb in the space of 5 minutes...

I can script something that would kill a browser in javascript fine, but to do this just by using HTML and creating an infinite loop of iframes seems too easy, and easily preventable by just having a nesting depth.
Comment 7 Alexey Proskuryakov 2011-09-13 09:01:38 PDT
Thanks, just trying to make sure that I didn't miss something important.
Comment 8 Dave Bowker 2011-09-13 09:25:56 PDT
(In reply to comment #7)
> Thanks, just trying to make sure that I didn't miss something important.

No problem. :)
Comment 9 Tim Nguyen (:ntim) 2022-12-06 21:48:06 PST
rdar://101560112
Comment 10 Tim Nguyen (:ntim) 2022-12-06 21:48:18 PST
*** Bug 248832 has been marked as a duplicate of this bug. ***
Comment 11 Tim Nguyen (:ntim) 2022-12-07 10:06:31 PST
Pull request: https://github.com/WebKit/WebKit/pull/7219
Comment 12 EWS 2022-12-08 01:28:16 PST
Committed 257550@main (65071a674a05): <https://commits.webkit.org/257550@main>

Reviewed commits have been landed. Closing PR #7219 and removing active labels.