[Webkit-unassigned] [Bug 82823] [WebSocket]Browser should have platform-specific limitations regarding the frame size
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Mar 31 17:43:17 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=82823
--- Comment #4 from Li Yin <li.yin at intel.com> 2012-03-31 17:43:17 PST ---
(In reply to comment #3)
> > Source/WebCore/Modules/websockets/WebSocketChannel.cpp:87
> > +// FIXME: frameSizeLimitation should be platform-specific
> > +const size_t frameSizeLimitation = 500 * 1024 * 1024;
>
> This needs an explanation of how each platform would choose the limit. It's not even clear why a hardcoded limit is appropriate. How was this value chosen, for example?
There is not specific definition about the frameSizeLimitation value in the RFC6455.
In fact, there will not a very exact limitation value, it should be related with current free memory. But it will be difficult algorithm if we compute the current free memory.
In addition, taking the efficiency into consideration, the most and normal scenarios should not send the big frame, so setting the value just prevent the malicious attack.
So I suggest the smaller limitation value will be better. But I have no idea how to check that it is appropriate or not.
What is your opinion?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list