New issue
Advanced search Search tips

Issue 859010 link

Starred by 2 users

Issue metadata

Status: Fixed
Owner:
Closed: Jun 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 1
Type: Bug



Sign in to add a comment

Session Storage leaks urls from incognito to disk

Project Member Reported by dullweber@chromium.org, Jun 29 2018

Issue description

Chrome Version: 69.0.3472.3 (dev)
OS: Linux

What steps will reproduce the problem?
(1) Open incognito mode
(2) Visit https://html5demos.com/storage/

What is the expected result?
The visit to html5demos.com should not be persisted to disk when in incognito mode.

What happens instead?
A session storage related file contains the visited origin.

E.g. running "grep -rl '~/.config/google-chrome-unstable/Profile 6' -e 'html5demos'"
returns "Profile 6/Session Storage/000003.log"


 

Comment 1 by mek@chromium.org, Jun 29 2018

Cc: dmu...@chromium.org
Owner: mek@chromium.org
Status: Started (was: Untriaged)
Project Member

Comment 2 by bugdroid1@chromium.org, Jun 29 2018

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/10f9594a048d1a850203e8597b328c0fb3cb6cbb

commit 10f9594a048d1a850203e8597b328c0fb3cb6cbb
Author: Marijn Kruisselbrink <mek@chromium.org>
Date: Fri Jun 29 19:33:00 2018

Don't store session storage to disk in incognito mode.

SessionStorageContextMojo uses an in-memory database if base::nullopt is
passed as path for the DB, but DOMStorageContextWrapper never actually
passed nullopt, so we'd still always be writing session storage to disk.

Bug:  859010 
Change-Id: I3555cf3961adcfe6766fdb46d71699490e01c371
Reviewed-on: https://chromium-review.googlesource.com/1120440
Commit-Queue: Victor Costan <pwnall@chromium.org>
Reviewed-by: Victor Costan <pwnall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#571592}
[modify] https://crrev.com/10f9594a048d1a850203e8597b328c0fb3cb6cbb/content/browser/dom_storage/dom_storage_context_wrapper.cc

Comment 3 by mek@chromium.org, Jun 29 2018

Status: Fixed (was: Started)

Sign in to add a comment