data URL IPC size limit

[Min Qin]

Hi, 

  While debugging crbug/925096, i found that data URL is lost when passed from the render process to browser process. Just curious if anyone knows what is the size limit for passing a data URI using IPCs? 

Thanks

[Mike Frysinger]

i would echo SO/MDN:

  https://stackoverflow.com/questions/12637395

basically, users should not assume any limit in the data-uri is going to work, and def a 10MB data-uri is going to fail *somewhere*.  in my experience, Chrome chokes at the ~2MB limit.

that said, there's no reason to even both supporting this.  stuffing that much data into the DOM is a terrible idea, and you can do the same thing efficiently with JavaScript & Blobs & URL.createObjectURL.  Chrome def handles 100MB+ with those APIs efficiently.

-mike

--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/CAF%2Bypm1x0hPW-QxoPcfewdcBbYikxA_8o56XWfTt_EE7CRh%3DmA%40mail.gmail.com.

[Min Qin]

never mind, i found the answer: https://cs.chromium.org/chromium/src/url/url_constants.cc?type=cs&g=0&l=32

[PhistucK]

Though createObjectURL shares the same security origin of the page and can cause security issues with specially crafted content, while data URLs do not share anything.

☆PhistucK

To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/CAAbOSckjWF-UpeJUDyQs8GCy9aHA0zpeOxn%3DuexAg0N3Y17XUg%40mail.gmail.com.

[Daniel Cheng]

It's always been confusing that:

- GURL treats large data: URLs as valid

- but they can't be sent over IPC

Chrome security had a discussion if there was any value to keeping the 2MB limit. The conclusion was that despite the inefficiencies of large data URLs, it would be better to have no limit (in most places). The limit was originally introduced to prevent pages from OOMing the browser process [1], but we could still keep that by enforcing a max URL size for navigations.

Another alternative is to ensure that data: URLs are only handled inside the same process and don't need to be sent across IPC, but I'm not sure how feasible implementing that would be: CCing kinuko@ who had previously mentioned this.

Note: previously, I also explored making data: URLs larger than 2 MB canonicalize as invalid URLs. This broke a lot of random things [2], so unfortunately, this is not a direction we can pursue.

Daniel

[1] https://bugs.chromium.org/p/chromium/issues/detail?id=33952

[2] https://bugs.chromium.org/p/chromium/issues/detail?id=571784#c39

To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/CABc02_JSmqqdBt_pOnZXtA4ko6OLTRSwFHVA9n1P8kq8kQndYg%40mail.gmail.com.

[bruce...@chromium.org]

If we allow longer than 2 MB data URLs then we should budget some time for making sure we avoid or minimize copying. crbug.com/523372 was a tricky performance regression caused by frame names getting way too big

To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev+unsubscribe@chromium.org.

To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/CAAbOSckjWF-UpeJUDyQs8GCy9aHA0zpeOxn%3DuexAg0N3Y17XUg%40mail.gmail.com.