Canvas cache of clean URLs can grow without bounds.
authorakling@apple.com <akling@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 24 Apr 2014 03:43:47 +0000 (03:43 +0000)
committerakling@apple.com <akling@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 24 Apr 2014 03:43:47 +0000 (03:43 +0000)
<https://webkit.org/b/132091>
<rdar://problem/16695665>

Remove a silly "optimization" that kept a cache of clean URLs
that can be drawn into a canvas without tainting it, all to avoid
the "expensive" checks to determine whether it would taint.

Reviewed by Benjamin Poulain.

* html/canvas/CanvasRenderingContext.cpp:
(WebCore::CanvasRenderingContext::wouldTaintOrigin):
* html/canvas/CanvasRenderingContext.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@167741 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/html/canvas/CanvasRenderingContext.cpp
Source/WebCore/html/canvas/CanvasRenderingContext.h

index 26886a6..1f406e8 100644 (file)
@@ -1,3 +1,19 @@
+2014-04-23  Andreas Kling  <akling@apple.com>
+
+        Canvas cache of clean URLs can grow without bounds.
+        <https://webkit.org/b/132091>
+        <rdar://problem/16695665>
+
+        Remove a silly "optimization" that kept a cache of clean URLs
+        that can be drawn into a canvas without tainting it, all to avoid
+        the "expensive" checks to determine whether it would taint.
+
+        Reviewed by Benjamin Poulain.
+
+        * html/canvas/CanvasRenderingContext.cpp:
+        (WebCore::CanvasRenderingContext::wouldTaintOrigin):
+        * html/canvas/CanvasRenderingContext.h:
+
 2014-04-23  Benjamin Poulain  <bpoulain@apple.com>
 
         [iOS][WK2] Fix a few mistakes affecting the initial layout and the initial unobscured rect
index f6df8be..cfc17cd 100644 (file)
@@ -92,7 +92,7 @@ bool CanvasRenderingContext::wouldTaintOrigin(const HTMLVideoElement* video)
 
 bool CanvasRenderingContext::wouldTaintOrigin(const URL& url)
 {
-    if (!canvas()->originClean() || m_cleanURLs.contains(url.string()))
+    if (!canvas()->originClean())
         return false;
 
     if (canvas()->securityOrigin()->taintsCanvas(url))
@@ -101,7 +101,6 @@ bool CanvasRenderingContext::wouldTaintOrigin(const URL& url)
     if (url.protocolIsData())
         return false;
 
-    m_cleanURLs.add(url.string());
     return false;
 }
 
index c765011..b6233e0 100644 (file)
@@ -75,7 +75,6 @@ protected:
 
 private:
     HTMLCanvasElement* m_canvas;
-    HashSet<String> m_cleanURLs;
 };
 
 } // namespace WebCore