New issue
Advanced search Search tips

Issue 853243 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Jun 2018
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug

Blocking:
issue 709493



Sign in to add a comment

Page load capping should fuzz the capping threshold

Project Member Reported by ryansturm@chromium.org, Jun 15 2018

Issue description

Due to possible sniffing attacks from embedding third party origins, the capping threshold should be fuzzed on each page load.
 
Blocking: 709493
Project Member

Comment 2 by bugdroid1@chromium.org, Jun 15 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/72256f4d0cb5565cb8f5b1d65329c3b8a710b6a9

commit 72256f4d0cb5565cb8f5b1d65329c3b8a710b6a9
Author: Ryan Sturm <ryansturm@chromium.org>
Date: Fri Jun 15 23:30:10 2018

Adding fuzzing to the page load capping threshold

Privacy requested this on the design recently. The idea is that with a
large enough variance, a first party cannot embed a third party to
determine the exact number of bytes in a response.

Bug:  853243 
Change-Id: I9a7f851eabc6f99d8aae35dc6398a09263043d0c
Reviewed-on: https://chromium-review.googlesource.com/1102908
Reviewed-by: Tarun Bansal <tbansal@chromium.org>
Commit-Queue: Ryan Sturm <ryansturm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#567828}
[modify] https://crrev.com/72256f4d0cb5565cb8f5b1d65329c3b8a710b6a9/chrome/browser/data_use_measurement/page_load_capping/page_load_capping_browsertest.cc
[modify] https://crrev.com/72256f4d0cb5565cb8f5b1d65329c3b8a710b6a9/chrome/browser/page_load_metrics/observers/page_capping_page_load_metrics_observer.cc
[modify] https://crrev.com/72256f4d0cb5565cb8f5b1d65329c3b8a710b6a9/chrome/browser/page_load_metrics/observers/page_capping_page_load_metrics_observer.h
[modify] https://crrev.com/72256f4d0cb5565cb8f5b1d65329c3b8a710b6a9/chrome/browser/page_load_metrics/observers/page_capping_page_load_metrics_observer_unittest.cc

Status: Fixed (was: Started)

Sign in to add a comment