Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(126)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/cache_storage/README.md

Issue 2901083002: [CacheStorage] Pad and bin opaque resource sizes. (Closed)
Patch Set: Patch Set 8 changes. Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | content/browser/cache_storage/cache_storage.h » ('j') | content/browser/cache_storage/cache_storage.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/cache_storage/README.md
diff --git a/content/browser/cache_storage/README.md b/content/browser/cache_storage/README.md
index 7b3758dab2193227091b2605166083839794ac19..4a06b27224795c7fe163fdae51d259b90fb38e6b 100644
--- a/content/browser/cache_storage/README.md
+++ b/content/browser/cache_storage/README.md
@@ -1,5 +1,5 @@
# Architecture (as of July 29th 2016)
-This document descibes the browser-process implementation of the [Cache
+This document describes the browser-process implementation of the [Cache
Storage specification](
https://slightlyoff.github.io/ServiceWorker/spec/service_worker/index.html).
@@ -152,3 +152,25 @@ operation. The idiom for this in CacheStorage/ is to wrap the operation's
callback with a function that will run the callback as well as advance the
scheduler. So long as the operation runs its wrapped callback the scheduler
will advance.
+
+## Opaque Resource Size Obfuscation
+Applications can cache cross-origin resources as per
+[Cross-Origin Resources and CORS](https://www.w3.org/TR/service-workers-1/#cross-origin-resources).
+Opaque responses may only be cached, and in order to prevent "leaking" the size
jkarlin 2017/07/31 14:03:24 what do you mean "may only be cached". What is it
cmumford 2017/08/10 16:37:10 haha - yeah, good point.
+of opaque responses their sizes are obfuscated. Random padding is added to the
+actual size making it difficult for an attacker to ascertain the actual resource
+size.
jkarlin 2017/07/31 14:03:24 actual resource size via quota apis.
cmumford 2017/08/10 16:37:10 Done.
+
+When Chromium starts, a new random padding key is generated and used
+for all new caches created. This key is used by each cache to calculate padding
+for opaque resources. This key is also persisted to the cache index.
jkarlin 2017/07/31 14:03:24 How about replacing the last line with: Each cach
cmumford 2017/08/10 16:37:10 Done.
+
+Each cache maintains the total padding for all opaque resources within the
+cache. This padding is added to the actual resource size when reporting sizes
+to the quota manager.
+
+The algorithm version is also written to each cache. This allows for the
jkarlin 2017/07/31 14:03:24 s/algorithm/padding algorithm/
cmumford 2017/08/10 16:37:10 Done.
+algorithm to be changed at a future date. CacheStorage will use the persisted
+key and padding from the cache's index unless the algorithm has been changed,
+one of values is missing, or deemed to be incorrect. In this situation the cache
+is enumerated and the padding recalculated during open.
« no previous file with comments | « no previous file | content/browser/cache_storage/cache_storage.h » ('j') | content/browser/cache_storage/cache_storage.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698