magic length that hide url and made the bug is 2097129 .. that's crazy it's working too with opera browser !! about fix that resize length field of url bar

Are you able to crash Chrome or make it otherwise misbehave (beyond failing to paint text in the Location Box when that text is >2mb in length?

Observing the URL string within Chrome's memory isn't a surprise; Chrome has to keep it somewhere, and it's not unexpected that you would observe it in memory.

As to why the URL renders blank, it's probably due to limits in the size of URLs that we're willing to transmit via IPC:

https://cs.chromium.org/chromium/src/url/ipc/url_param_traits.cc?sq=package:chromium&dr=CSs&l=45

  if (!iter->ReadString(&s) || s.length() > url::kMaxURLChars) {
    *p = GURL();

const size_t kMaxURLChars = 2 * 1024 * 1024;

i will write exploit to prof it 

Anther buggy if u edit code like that
<a id="exploit" href="data:image/jpeg;base64,';for($i = 0;$i<= 2097129 ;$i++){echo 'A';} echo'Write any thing here">Exploit Me HeapSpray !</a> Will stop chrome from working when u try to browse any simple url like google.com will not showup just keep loading

We appreciate the report, but I am closing this bug because there isn't any evidence of a vulnerability. It can be re-opened if you can show evidence of memory corruption, such as a crash stack that looks potentially exploitable.

Regarding comment 5, we don't consider denial of service attacks to be security problems, as described in the FAQ. https://www.chromium.org/Home/chromium-security/security-faq#TOC-Are-denial-of-service-issues-considered-security-bugs-

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot