[webkit-dev] On adding 'console.memory' API (and about the whole 'console' object.)
Sam Weinig
sam.weinig at gmail.com
Wed Jun 2 11:52:12 PDT 2010
Now that I have had a little time to think about it, I think my biggest
concern with this type of API is the unintentional ability for an attacker
to gain information from the engine consuming specifics amount of memory.
Let's take the visited link history stealing attack as an example. Even
though you can no longer use getComputedStyle() directly to gain information
as to whether a link was visited or not, if the engine allocated subtly
different amounts of memory depending on whether the link was visited or
not, an attacker could detect this and gain that information.
Adam (and other web security people), am I being overly paranoid about this?
-Sam
On Fri, May 28, 2010 at 10:56 AM, Mikhail Naganov <mnaganov at chromium.org>wrote:
> Greetings, WebKit deveopers,
>
> As a response to requests from web apps developers, I was intended to
> add a simple API for accessing web app's memory consumption, see
> https://bugs.webkit.org/show_bug.cgi?id=39646
>
> The scenario of using this API is as follows:
> - a builbot runs web app's common usage scenarios tests;
> - inside tests, memory usage is recorded via the API proposed;
> - the results are sent to a server (using XHR or a CGI request);
> - server plots nice graphs of memory usage status, bound to the
> changes made to the web app;
> - thus, if someone does a change that blows up memory usage,
> developers will notice.
>
> As Sam points out, this change may be fine, but he suggests to make it
> accessible only when a browser runs in a special "developer" mode.
> This can also be applied to the whole 'console' object.
>
> Please, share your thoughts on this.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20100602/7ebdb5a3/attachment.html>
More information about the webkit-dev
mailing list