Bug 74957 - wouldTaintOrigin m_cleanURLs cache grows very large when data urls used
Summary: wouldTaintOrigin m_cleanURLs cache grows very large when data urls used
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Canvas (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Scott Graham
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-20 14:35 PST by Scott Graham
Modified: 2011-12-20 16:39 PST (History)
4 users (show)

See Also:

Attachments
Patch (1.43 KB, patch)
2011-12-20 14:37 PST, Scott Graham 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Scott Graham 2011-12-20 14:35:25 PST 
Downstream discussion here: http://code.google.com/p/chromium/issues/detail?id=107408

Maybe excluding data urls from m_cleanURLs is a reasonable workaround? I assume they can't cause cross-origin problems anyway.
Comment 1 Scott Graham 2011-12-20 14:37:51 PST 
Created attachment 120090 [details]
Patch
Comment 2 Kenneth Russell 2011-12-20 14:52:12 PST 
Comment on attachment 120090 [details]
Patch

This looks fine to me. I can't see any way this could introduce a security hole given that SecurityOrigin::taintsCanvas() already has an early-out for data: URLs. r=me
Comment 3 WebKit Review Bot 2011-12-20 16:39:43 PST 
Comment on attachment 120090 [details]
Patch

Clearing flags on attachment: 120090

Committed r103366: <http://trac.webkit.org/changeset/103366>
Comment 4 WebKit Review Bot 2011-12-20 16:39:47 PST 
All reviewed patches have been landed.  Closing bug.