localStorage bug allows sites to fill up hard disk / crash Safari
| Originator: | feross | ||
| Number: | rdar://13311988 | Date Originated: | Feb 27, 2013 |
| Status: | Openn | Resolved: | |
| Product: | Safari | Product Version: | 6.0.2 (8536.26.17) |
| Classification: | Reproducible: | Always |
Summary: Using multiple subdomains with localStorage, ala 1.filldisk.com, 2.filldisk.com, 3.filldisk.com, and so on allows a single domain to use effectively unlimited space on the user's hard disk. Also, Safari seems to crash when the amount of data stored is equal to the amount of RAM the user has. Steps to Reproduce: 1. Visit http://filldisk.com 2. Safari crashes after amount stored into localStorage equals the amount of RAM the user has. 3. Or, even if Safari doesn't crash, it's still really bad that sites can fill up your hard disk. Expected Results: The spec (http://www.w3.org/TR/webstorage/) suggests this: "User agents should guard against sites storing data under the origins other affiliated sites, e.g. storing up to the limit in a1.example.com, a2.example.com, a3.example.com, etc, circumventing the main example.com storage limit. A mostly arbitrary limit of five megabytes per origin is recommended." Actual Results: A single domain is allowed to fill up the user's hard disk / crash Safari. Notes: Other browsers tested: Chrome 25: Fail Firefox 18: Pass IE 10: Fail
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
But please do not fix it the way that Firefox handles it. Their implementation makes LocalStorage essentially unusable for sites that use subdomains: wikipedia, github, wordpress, stackexchange, wikia, etc. See https://bugzilla.mozilla.org/show_bug.cgi?id=1064466.
Duped
rdar://13316033
This should be fixed immediately