<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - In WK1, deleting localstorage for a single origin can leak data"
href="https://bugs.webkit.org/show_bug.cgi?id=169632">169632</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>In WK1, deleting localstorage for a single origin can leak data
</td>
</tr>
<tr>
<th>Classification</th>
<td>Unclassified
</td>
</tr>
<tr>
<th>Product</th>
<td>WebKit
</td>
</tr>
<tr>
<th>Version</th>
<td>WebKit Local Build
</td>
</tr>
<tr>
<th>Hardware</th>
<td>All
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>Normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P2
</td>
</tr>
<tr>
<th>Component</th>
<td>WebKit API
</td>
</tr>
<tr>
<th>Assignee</th>
<td>webkit-unassigned@lists.webkit.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>ansh_shukla@apple.com
</td>
</tr></table>
<p>
<div>
<pre>This is an issue with the -[WebStorageManager deleteOrigin:] API. Calling this method tries to delete the localstorage database file on disk in StorageTracker::syncDeleteOrigin. However, we currently only delete the database file and none of its associated temporary SQLite files. One of the temporary files we fail to delete is the write-ahead log which contains local storage data that hasn’t been checkpointed. The net result is that if we wipe the local storage database and then recreate it, SQLite retains any “deleted” data that was kept around in the WAL.
By default the WAL only checkpoints (i.e. moves data into the database) every 1000 pages. This is a significant amount of data we could potentially leak.
We should fix this by also deleting the temporary files. We already have a method to do so in SQLiteFileSystem.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>