Issue metadata
Sign in to add a comment
|
URL.revokeObjectURL revokes blob too early while executed in Chrome extensions
Reported by
kevinshi...@gmail.com,
Apr 2 2018
|
|||||||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/65.0.3325.181 Chrome/65.0.3325.181 Safari/537.36 Steps to reproduce the problem: 1. Unpack and install the 'sample-crx-...', open the sample extension's options page. 2. Set revoking delay in the input (in milliseconds, and 0 means no delay). With a delay, the revoking statement will be executed by 'setTimeout'; else it will be executed immediately. 3. When delay is set to non-0, the download operation work well; while set to 0 (no-delay), the page just responds with 'ERR_INVALID_RESPONSE' (in chrome://net-internals shows 'net_error = -320'). What is the expected behavior? According to https://developer.mozilla.org/en-US/docs/Web/API/File/Using_files_from_web_applications#Using_object_URLs, programmers can export JS string to local files by: 1. Use 'URL.createObjectURL()' to create an object-URL (internally a blob token); 2. Assign the URL to an anchor element (visible or not); 3. Set the anchor element's "download" attribute, so clicking the anchor will download the link; 4. Programmatically invoke 'anchor.click()'; 5. Browser starts to download the file; 6. Use 'URL.revokeObjectURL()' to tell browser to revoke the object-URL, so that GC would be performed at an appropriate moment. What went wrong? In the chrome extension, - if 'URL.revokeObjectURL()' is called immediately after 'anchor.click()', the error occurs; file is failed to download; - only by setting a delay with 'setTimeout()', the downloading works as expected. To be exact, the unexpected behavior only appears in Chrome extension; a normal local html page just acts well. Real online pages are not tested. Did this work before? Yes Not sure if worked in 64 or 63; worked about one month ago, on the latest version at that time. Does this work in other browsers? Yes Chrome version: 65.0.3325.181 Channel: stable OS Version: Ubuntu 16.04.4 LTS (Xenial) Flash Version: Shockwave Flash 29.0 r0 Also reproduced in Chrome 65 on Windows 10 Pro x64. NOTABLY: resembles #595305 (https://bugs.chromium.org/p/chromium/issues/detail?id=595305) (March 2016), but (probably) only appears in Chrome extensions.
,
Apr 2 2018
,
Apr 2 2018
,
Apr 3 2018
Able to reproduce the issue on Windows 10, mac 10.13.3 and Ubuntu 14.04 using chrome reported version #65.0.3325.181 and latest canary #67.0.3386.0. Bisect Information: ===================== Good build: 65.0.3309.0 Bad Build : 65.0.3310.0 Change Log URL: https://chromium.googlesource.com/chromium/src/+log/cbce1149c9ae08297b816effbf456c02f97df8db..f2d2fe87028de36a489f7db3f5fb28da2e9d9b2b From the above change log suspecting below change Change-Id: I508d7abe1cba9b75d65132b0688984cdebfc6fd4 Reviewed-on: https://chromium-review.googlesource.com/758236 jochen@ - Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner. Note: Adding stable blocker for M-65 as it seems to be a recent regression. Please feel free to remove the same if not appropriate. Thanks...!!
,
Apr 3 2018
This almost certainly is a duplicate of 807639, except that https://chromiumdash.appspot.com/commit/7b43f737ce7b421ca8717f604db045e7fbb4e7b3 was supposed to work around the breakage jochen's change caused, and that CL shipped in 65.0.3325.53, while apparently here it is still reproducable in later M65 versions... I'm working on some CLs that should fix all these revoke+resolution ordering issues once and for all, but that's probably not going to ship till M68 (or maybe M67, but likely won't make it for that branch).
,
Apr 3 2018
,
Apr 3 2018
Hmm, so my previous work-around "fixed" the issues caused by IPC ordering (and the fact that pre-jochen's CL both download and blob URL IPCs arrived on the IO thread and thus were properly ordered, while after his CL download IPCs arrive on the UI thread instead). But I failed to address the other half of the problem: pre-jochen's CL, RenderFrameMessageFilter::DownloadUrl immediately resolved the blob URL as soon as it got the IPC, but the navigation code doesn't do anything like that until much later, once it actually starts the download. So I'm guessing somehow extensions do more async work in between getting the navigation IPC and actually doing the fetch, and that is somehow causing this to still fail for extensions. Now as I said I am working on rewriting a bunch of this stuff (and resolve blob URLs in blink before any IPCs are send), to make sure we'll never run into any of these race conditions again. But not sure when I'll be able to get that all landed, as there are still some missing pieces (in particular currently it depends on the network service being enabled, although it should be possible to make it work even without that).
,
Apr 3 2018
Sorry about the mess. I'm working on a cl to route blob urls back through the old codepath
,
Apr 3 2018
,
Apr 4 2018
We're not planning any more M65 releases. Pls target fix for M66.
,
Apr 4 2018
,
Apr 7 2018
This is even a problem without calling URL.revokeObjectURL().
For example, see the attached repro extension.
If you try to click the "Download File" anchor that appears (using the Blob object URL), it does not work. This used to work.
const req = new XMLHttpRequest();
req.open('GET', 'https://i.imgur.com/aI5UoGb.png', true);
req.responseType = 'arraybuffer';
req.onload = function (evt) {
if (!req.response) {
console.log('error');
return;
}
console.log('success');
const blob = new Blob([req.response], null);
const a = window.document.createElement('a');
a.href = window.URL.createObjectURL(blob);
a.download = 'google_logo.png';
a.innerText = 'Download File';
window.document.body.appendChild(a);
};
req.send(null);
,
Apr 9 2018
Reminder: Please note that M66 Stable is only 7 days away. This bug has been marked as ReleaseBlock Stable for M66. So please take a look and appropriately address this bug.
,
Apr 10 2018
that should be fixed in 66
,
Apr 10 2018
[Auto-generated comment by a script] We noticed that this issue is targeted for M-66; it appears the fix may have landed after branch point, meaning a merge might be required. Please confirm if a merge is required here - if so add Merge-Request-66 label, otherwise remove Merge-TBD label. Thanks.
,
Apr 10 2018
,
Jun 15 2018
,
Jun 15 2018
,
Jul 3
Able to reproduce the issue on Mac 10.13.3 using chrome build without fix. Verified the fix on Mac 10.13.3, Win-10 and Ubuntu 17.10 using Chrome stable version #67.0.3396.99 as per the comment #0. Attaching screen cast for reference. Observed that the download operation worked well while set to 0 (no-delay). Hence, the fix is working as expected. Adding the verified labels. Thanks...!! |
||||||||||||||||||||||||||||
►
Sign in to add a comment |
||||||||||||||||||||||||||||
Comment 1 by kevinshi...@gmail.com
, Apr 2 2018