Session Storage leaks urls from incognito to disk |
||
Issue descriptionChrome Version: 69.0.3472.3 (dev) OS: Linux What steps will reproduce the problem? (1) Open incognito mode (2) Visit https://html5demos.com/storage/ What is the expected result? The visit to html5demos.com should not be persisted to disk when in incognito mode. What happens instead? A session storage related file contains the visited origin. E.g. running "grep -rl '~/.config/google-chrome-unstable/Profile 6' -e 'html5demos'" returns "Profile 6/Session Storage/000003.log"
,
Jun 29 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/10f9594a048d1a850203e8597b328c0fb3cb6cbb commit 10f9594a048d1a850203e8597b328c0fb3cb6cbb Author: Marijn Kruisselbrink <mek@chromium.org> Date: Fri Jun 29 19:33:00 2018 Don't store session storage to disk in incognito mode. SessionStorageContextMojo uses an in-memory database if base::nullopt is passed as path for the DB, but DOMStorageContextWrapper never actually passed nullopt, so we'd still always be writing session storage to disk. Bug: 859010 Change-Id: I3555cf3961adcfe6766fdb46d71699490e01c371 Reviewed-on: https://chromium-review.googlesource.com/1120440 Commit-Queue: Victor Costan <pwnall@chromium.org> Reviewed-by: Victor Costan <pwnall@chromium.org> Cr-Commit-Position: refs/heads/master@{#571592} [modify] https://crrev.com/10f9594a048d1a850203e8597b328c0fb3cb6cbb/content/browser/dom_storage/dom_storage_context_wrapper.cc
,
Jun 29 2018
|
||
►
Sign in to add a comment |
||
Comment 1 by mek@chromium.org
, Jun 29 2018Owner: mek@chromium.org
Status: Started (was: Untriaged)