[Webkit-unassigned] [Bug 108545] Document is never released if an image's src attribute is changed to a url blocked by content-security-policy.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 1 10:22:27 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=108545
--- Comment #3 from Alexey Proskuryakov <ap at webkit.org> 2013-02-01 10:24:29 PST ---
(From update of attachment 185903)
View in context: https://bugs.webkit.org/attachment.cgi?id=185903&action=review
Great catch.
Another potential way to fix this bug would be do dispatch the error event immediately in this case, not through errorEventSender().dispatchEventSoon(). That would be observable through JavaScript, and I don't know which behavior is right. Can you find it out from the spec and from other browsers' behavior?
Note that we currently dispatch the event synchronously for an empty URL.
I do not fully understand why canceling the error event causes a world leak. Is there something else going wrong in lower level code?
> Source/WebCore/ChangeLog:12
> + No new tests, manually verified by using heap tool in OS X Safari.
It is difficult to test for abandoned memory, but can we test for the event being fired?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list