Apologies if these mailing lists aren't relevant; wasn't sure where to send this question.
crbug.com/158957 (saving original PDFs to disk) recently became hot again. Our basic problem is that we would like to keep an original copy of the PDF for saving if requested, but this requires an unpredictable amount of memory.
Today, we rely on the cache to serve the same response on the "save to disk" action, but this falls down in cases where the cache cannot re-serve the response, and the server returns a different response the second time.
Ideally, we'd have something like virtual memory, but for renderer memory (which is not unlimited). This led me to looking at the Blob API, which roughly does what I wanted (stores large amounts of data, persists to disk when under memory pressure).
The flaw in this plan is the "no-store" case, as we shouldn't persist such data to disk. This rules out the Blob option, unless we can prevent persisting to disk, or somehow have a "no-store"-compliant version of persisting to disk. (Perhaps encrypting with an ephemeral key?)
Another idea might be to modify the guarantees from the cache specifically for the PDF viewer's use case: Since the cache may have to store a copy of the response anyway, it'd be better to let it handle it, and not store the same data twice. (This would be analogous to treating the resource as if it were a file, rather than something loaded from the network.) This seems hard to me, but maybe it's a better approach.
I don't anticipate we'll act on this bug soon, due to these design challenges, but wanted to collect any ideas from Blob storage and network caching experts.