sessionStorage is sometimes preserved across tabs when Developer Tools is used
Reported by
jb...@jboer.nl,
Dec 4 2016
|
||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.75 Safari/537.36 Steps to reproduce the problem: 1. Put "test.html" on a valid http origin. The file:// protocol does not trigger this bug. 2. Open the URL test.html in a new browser. (Example: http://test.chrome.com/test.html) You will see the message "test set to:" followed by a random number. 3. Copy the URL in the address bar. 4. Spam CTRL-T (open new tab), CTRL-V (paste URL in address bar), Enter (open URL) to create a lot of tabs with the same page. 5. Right-click the first tab and click "Close tabs to the right" 6. Open a new tab, press F12 to open the Developer Tools. Paste the URL in the address bar and press Enter. You should now see "test variable already exists! value = " followed by a random number that was set by one of the previously opened windows. What is the expected behavior? According to the spec window.sessionStorage is unique per tab/window. This does not always appear to be the case... What went wrong? Since I can only reproduce this issue on a valid origin and it only seems to occur when the Developer Toolbar is opened I'm assuming something is being reused which inadvertedly causes the sessionStorage to be reused as well. Did this work before? N/A Does this work in other browsers? N/A Chrome version: 55.0.2883.75 Channel: stable OS Version: 10.0 Flash Version: Shockwave Flash 23.0 r0 I was able to reproduce this with the simple testcase outlined above, but for clarity what I'm trying to do is use window.history.pushState to store an index to an array and window.sessionStorage to store the array itself. So what I'm encountering is that a fresh tab without a browser history does have an array in the sessionStorage.
,
Dec 5 2016
Initially that URL worked and I was not able to reproduce it in my main Chrome session. I originally reproduced the issue in a separate Chrome session with "--user-data-dir". When I tried to reproduce it in the separate session the URL suddenly gave me a "not found" error. Maybe I requested it too often?
,
Dec 5 2016
I guess it was a temporary URL. This is how I created it - Go to this URL - http://plnkr.co/edit/vJMM1Y?p=preview Click on the full screen button near the top right corner, copy the URL of the popup.
,
Dec 5 2016
,
Dec 5 2016
> According to the spec window.sessionStorage is unique per tab/window Not quite. If a window opens another window (popup or tab), they share the same session, and session is preserved across navigations. But I think that's irrelevant to the repro here; manually opening a new tab and pasting a URL should indeed be a new session, insofar as I understand things.
,
Dec 6 2016
I can't seem to repro - can you elaborat step 4? "4. Spam CTRL-T (open new tab), CTRL-V (paste URL in address bar), Enter (open URL) to create a lot of tabs with the same page." I'm spamming ctrl-t,ctrl-v,enter over and over, is that what you mean? I'm unable to repro so far. How consistent is this happening?
,
Dec 6 2016
I can report that this problem is not consistently reproducible. So far I haven't been able to reproduce it with the run.plnkr URL, but I have been able to reproduce it on my local Apache server. For the heck of it I put the file on my own external web server, and I can reproduce the issue there. Try this: http://www.jboer.nl/temp/test.html 1. I opened a new tab in my current Chrome session (the same one I'm using to post this response) and pasted the URL. "test set to:" as expected. 2. Then I pressed CTRL-T followed by CTRL-V followed by Enter and repeated that until I had "a bunch" (anywhere between 10-30 tabs) open. 3. Then I went back to the first tab and pressed "close all to the right". At this point only 1 tab was open with that URL set. 4. I immediately pressed CTRL-T followed by F12 to open a new tab and the Developer Tools window. I then used the mouse to click back in the address bar (focus goes to the Developer Tools console by default) and pressed CTRL-V followed by Enter. Result: "test variable already exists!" The number shown is NOT the same number as in the tab left open after step 3, so I'm guessing a session is being reused somewhere. Can you reproduce it with the above URL?
,
Dec 6 2016
Video evidence: http://recordit.co/NthEFGicOI
,
Dec 7 2016
yup, this happens readily with http://www.jboer.nl/temp/test.html i think if you alter the steps to close the devtools prior to navigating the newly created tab, the bug does not manifest
,
Dec 7 2016
,
Dec 8 2016
I have only managed to reproduce it with the DevTools window open. That's how I initially discovered the bug: during development sessionStorage variables would leak into my new session.
,
Dec 16 2016
test set to: 597 test set to: 432 test set to: 505 test variable already exists! value = 252 Looks like the page is being loaded multiple times, once invisibly to the user, and the second load picks up the artifacts of the first. In my poking at this, the existing value is never one that was actually seen before. You don't need the inspector for the bug to happen. Here's more reduced steps to repro. * start browser * paste "http://www.jboer.nl/temp/test.html" into addr bar but don't enter * activate any other window (or open devtools) * re-active the browser window * hit enter to navigate the the test.html page * test variable already exists! value = XXX I think DevTools might be an innocent bystander.
,
Dec 16 2016
Preload, perhaps?
,
Dec 17 2016
That's possible. When DevTools is open, we'll never swap in a prerender. But the prerender itself will still keep running and share the same sessionStorage namespace as the parent tab, which means you'll see the page loading twice. (Or, worse, in parallel.) This seems somewhat fundamentally unfixable without just removing prerender, which badly needs to happen and I believe is underway. When DevTools is closed, the bug is probably being masked because the prerenders just get swapped in. A net-internals log should confirm whether prerender is happening: https://dev.chromium.org/for-testers/providing-network-details
,
Dec 17 2016
The two renderings are being performed in different processes. #13 and #14 reinforce what i was thinking. I'll look at what prerendere_manager.cc is doing?
,
Dec 17 2016
yup, AutocompleteActionPredictor::CancelPrerender when you switch out of the tab or deactivate/reactivate the window.
,
Dec 17 2016
I think we 'wont fix' this and wait for prerender to go away.
,
Jan 27 2017
if anybody disagrees, please speak up and reopen the bug |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by phistuck@chromium.org
, Dec 5 2016Labels: Hotlist-Interop