date:20090729


On Tue, Jul 28, 2009 at 11:18 PM, Brian Rynerbry...@google.com wrote:
  The -fvisibility=hidden flag is maybe supposed to do this (see
  discussion on http://gcc.gnu.org/wiki/Visibility ), but I tried
  building both with and without it and found that:
   - in debug builds, objdump -T shows all of our symbols, regardless of
  the flags I pass to gcc or strip

 Can you paste a snippet of the objdump -T output you see for a debug binary?
  I'd also be interested in the answer to Mark's question -- is the binary
 being linked with -E?

As I said before, I don't really know what I'm doing -- I wrote my
mail to mostly summarize the result of tried building it both with
and without this flag and saw no difference.

There is no -E.   Maybe I don't understand what objdump -CT is telling
me... aha!

It turns out that the vast majority of the symbols I mentioned are C++
templates.
% objdump -CT out/Debug/chrome | wc -l
43740
% objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l
2591

Here are a few examples of the output pre-filtering:

083fa306  w   DF .text  0011  Base
std::reverse_iteratorstd::_List_iteratorstd::pairRenderWidgetHost*,
BackingStore*  ::base() const
090104dc  w   DF .text  0022  Basevoid
std::swapWebCore::CSSFontFace*(WebCore::CSSFontFace*,
WebCore::CSSFontFace*)
0

Of the remaining symbols after that egrep -v, it's mostly stuff I'd
expect, though I still see v8 templates marked weak:

091b7d12  w   DF .text  0013  Basev8::Localv8::Integer::Local()
  DF *UND*    Basegtk_tree_model_get_value
0884d056  w   DF .text  001a  Base
v8::Localv8::String::Localv8::String(v8::String*)
  DF *UND*    Basegtk_grab_add
  DF *UND*    Basegtk_hbutton_box_new
  DF *UND*    NSS_3.4 SSL_GetChannelInfo
  DF *UND*    GLIBC_2.4   __stack_chk_fail
086a6698 gDF .text  010a  Baseuprv_ebcdicFromAscii_3_8
0866af2e gDF .text  00d1  Baseuprv_fmin_3_8
  DF *UND*    Basegtk_widget_get_visual
091ab20c gDF .text  005d  Base
v8::ObjectTemplate::InternalFieldCount()
0885e164  w   DF .text  0013  Base
v8::Persistentv8::String::Persistent()
  DF *UND*    Base
gtk_file_chooser_set_preview_widget_active
  DF *UND*    Basegdk_display_get_pointer
0880e3a2 gDF .text  02f4  Baseucol_tok_getNextArgument_3_8
086e6d5c gDF .text  01a1  Baseupname_swap_3_8


Flags we use follow:

# Enable -Werror by default, but put it in a variable so it can
# be disabled in ~/.gyp/include.gypi on the valgrind builders.
'variables': {
  'werror%': '-Werror',
},
'cflags': [
   '(werror)',  # See note above about the werror variable.
   '-pthread',
   '-fno-exceptions',
   '-Wall',
],
'cflags_cc': [
  '-fno-threadsafe-statics',
],
'ldflags': [
  '-pthread',
],

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] FYI: a new problem with the latest patch for 2008 SP1 (from today/yesterday)

2009-07-29 Thread nakro


if you get the latest patch of VS2008SP1 (released yesterday)
you will not be able to compile chrome

you will get errors relating to '_Swap_adl'

i googled it a bit, and till MS fixes it i simply modified 2 files in
the inc dir
tuple
xutility

and changed '_Swap_adl' to 'swap' - note the lowercase

also due to permissions you might not be able to modify the file, so i
did this in an elevated cmd prompt

ok, now you know, here is where i got most of the info from
http://social.msdn.microsoft.com/Forums/en-US/vcgeneral/thread/4bc93a16-4ad5-496c-954c-45efbe4b180b


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

I'm coming to the opinion that we should leverage the install mechanism of
the extension system for apps that need special permissions, increased
quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
our extension world exceptionally lightweight. It only needs to make the
special capability available to the page.
As Maciej brought up on the whatwg list, the extension system gives us
multiple affirmative steps,
vetting, reputation and revocation. It also gives us a UI access point. All
of these are important for controlling apps that aren't safe and stateless.

Linus


On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote:

 I would say that if all the browsers are doing 5MB fixed quota for local
 storage, it is a good way to start. Sadly, I think we need to start thinking
 about this now for databases though (certainly I don't want to hit yes 4,000
 times as my gmail syncs up to 20GB)
 2009/7/29 Jeremy Orlow jor...@google.com

 On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote:

 On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote:

 That seems overly simplistic to me - for example, just because I
 sometimes want to let a chat app have access to my camera, doesn't
 mean I want it always to have access. Given the number of users I've
 seen fix this problem with duct tape, I think I can conclude that
 users would use controls if they had controls they understood and
 trusted.


 I don't agree.  I believe granularity is not only useless but harmful for
 the majority of users.  See user studies of desktop app install flows or
 options dialogs that universally conclude that giving people more choices
 helps a small number of people and loses a large number.  This is the
 philosophy we designed Chrome around, so we're strong backers of it.


 I agree on principle.  I can imagine a couple ways the web app might state
 the capabilities it needs up front.  The problem is that, with newer
 versions of the application, the needs might change.  But how do we keep
 them from changing so often that the user just gets used to clicking 'yes'
 every time?  I can't think of any good solution for this.

 Anyway, I think we've gotten a bit abstract here.  It's good to talk about
 this in general, but in the mean time I'm not sure what to do for
 LocalStorage.

 Is the fixed quota per origin a good way to start?  If so, is the plan to
 leave it that way until someone tries to tackle this stuff in a more unified
 way?

 J




 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Drew Wilson

I've been starting to lean in this direction as well. The problem is that
extensions are currently not cross-platform and would require separate
implementations for each platform. And in many cases the extension delivery
mechanism is under the control of an arbitrary third party (i.e. Google,
Mozilla, Apple, etc) who has control over which extensions can be hosted,
which is not particularly open-web-by.
It might be a reasonable starting point, though, with the goal being to sort
through the security and installation issues and eventually come up with a
cross-platform API in a future HTML version.

-atw

On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the install mechanism of
 the extension system for apps that need special permissions, increased
 quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
 our extension world exceptionally lightweight. It only needs to make the
 special capability available to the page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.

 Linus


 On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote:

 I would say that if all the browsers are doing 5MB fixed quota for local
 storage, it is a good way to start. Sadly, I think we need to start thinking
 about this now for databases though (certainly I don't want to hit yes 4,000
 times as my gmail syncs up to 20GB)
 2009/7/29 Jeremy Orlow jor...@google.com

 On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote:

 On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote:

 That seems overly simplistic to me - for example, just because I
 sometimes want to let a chat app have access to my camera, doesn't
 mean I want it always to have access. Given the number of users I've
 seen fix this problem with duct tape, I think I can conclude that
 users would use controls if they had controls they understood and
 trusted.


 I don't agree.  I believe granularity is not only useless but harmful
 for the majority of users.  See user studies of desktop app install flows 
 or
 options dialogs that universally conclude that giving people more choices
 helps a small number of people and loses a large number.  This is the
 philosophy we designed Chrome around, so we're strong backers of it.


 I agree on principle.  I can imagine a couple ways the web app might
 state the capabilities it needs up front.  The problem is that, with newer
 versions of the application, the needs might change.  But how do we keep
 them from changing so often that the user just gets used to clicking 'yes'
 every time?  I can't think of any good solution for this.

 Anyway, I think we've gotten a bit abstract here.  It's good to talk
 about this in general, but in the mean time I'm not sure what to do for
 LocalStorage.

 Is the fixed quota per origin a good way to start?  If so, is the plan to
 leave it that way until someone tries to tackle this stuff in a more unified
 way?

 J







 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

In the past, Hixie has been against the notion of installed applications.
Perhaps for web pages that is the proper approach, however I really like
(from a UI/usability/security) perspective the notion of installing
something as a mechanism for granting trust. We can argue about how good the
installation mechanism / process is, but I think it's the most
understandable thing we have, and certainly better than putting up a dialog
each time a site wants +5Mb. Likewise for things such as persistent workers
/ background pages that survive browser shutdown.
In other words, LGTM

2009/7/29 Linus Upson li...@google.com

 I'm coming to the opinion that we should leverage the install mechanism of
 the extension system for apps that need special permissions, increased
 quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
 our extension world exceptionally lightweight. It only needs to make the
 special capability available to the page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.

 Linus


 On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote:

 I would say that if all the browsers are doing 5MB fixed quota for local
 storage, it is a good way to start. Sadly, I think we need to start thinking
 about this now for databases though (certainly I don't want to hit yes 4,000
 times as my gmail syncs up to 20GB)
 2009/7/29 Jeremy Orlow jor...@google.com

 On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote:

 On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote:

 That seems overly simplistic to me - for example, just because I
 sometimes want to let a chat app have access to my camera, doesn't
 mean I want it always to have access. Given the number of users I've
 seen fix this problem with duct tape, I think I can conclude that
 users would use controls if they had controls they understood and
 trusted.


 I don't agree.  I believe granularity is not only useless but harmful
 for the majority of users.  See user studies of desktop app install flows 
 or
 options dialogs that universally conclude that giving people more choices
 helps a small number of people and loses a large number.  This is the
 philosophy we designed Chrome around, so we're strong backers of it.


 I agree on principle.  I can imagine a couple ways the web app might
 state the capabilities it needs up front.  The problem is that, with newer
 versions of the application, the needs might change.  But how do we keep
 them from changing so often that the user just gets used to clicking 'yes'
 every time?  I can't think of any good solution for this.

 Anyway, I think we've gotten a bit abstract here.  It's good to talk
 about this in general, but in the mean time I'm not sure what to do for
 LocalStorage.

 Is the fixed quota per origin a good way to start?  If so, is the plan to
 leave it that way until someone tries to tackle this stuff in a more unified
 way?

 J




 



--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Jeremy Orlow

On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the install mechanism of
 the extension system for apps that need special permissions, increased
 quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
 our extension world exceptionally lightweight. It only needs to make the
 special capability available to the page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.


I like this approach.

So the only loose end is this: what should we do (if anything) about
malicious apps using thousands of sub-domains (which are each their own
origin, and thus get their own 5mb) to fill up your machine.  As far as I
know, no other browser deals with this and it hasn't ever been a problem
(...yet), so I guess we can just ignore it for the time being?

J

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

Add them to the malware blacklist :)

2009/7/29 Jeremy Orlow jor...@chromium.org

 On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the install mechanism of
 the extension system for apps that need special permissions, increased
 quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
 our extension world exceptionally lightweight. It only needs to make the
 special capability available to the page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.


 I like this approach.

 So the only loose end is this: what should we do (if anything) about
 malicious apps using thousands of sub-domains (which are each their own
 origin, and thus get their own 5mb) to fill up your machine.  As far as I
 know, no other browser deals with this and it hasn't ever been a problem
 (...yet), so I guess we can just ignore it for the time being?

 J


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Mike Beltzner


On 29-Jul-09, at 2:31 PM, Ian Fette wrote:

 Add them to the malware blacklist :)

Yeah, I think this is right. Bad acting websites should be considered  
malware, and blocked for that reason.

Linus: I agree that we can (and probably should) work on the webapps  
list to build some good specifications about how offline applications  
communicate expectations about permission and space requirements. We  
should also, though, make sure that as useragents we provide some sort  
of UI for cataloguing what offline apps are installed, how much space  
they're taking, and provide mechanisms for removing them.

cheers,
mike

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
Chromium-dev group.
To post to this group, send email to chromium-dev@googlegroups.com
To unsubscribe from this group, send email to 
chromium-dev+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/chromium-dev?hl=en
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

Everything is a cache. We are free to toss out local storage, databases,
appcaches, cookies, etc. any time we want. I think the best way is to have a
good eviction algorithm for local storage.
What eviction algorithm are we using for the main browser cache? Perhaps
some version of that that accounts for recency, usage, size, etc.?

Linus


On Wed, Jul 29, 2009 at 11:31 AM, Ian Fette i...@chromium.org wrote:

 Add them to the malware blacklist :)

 2009/7/29 Jeremy Orlow jor...@chromium.org

 On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the
 install mechanism of the extension system for apps that need
 special permissions, increased quotas, expanded lifetimes, etc. The
 extension can be almost vacuous, and in our extension world exceptionally
 lightweight. It only needs to make the special capability available to the
 page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.


 I like this approach.

 So the only loose end is this: what should we do (if anything) about
 malicious apps using thousands of sub-domains (which are each their own
 origin, and thus get their own 5mb) to fill up your machine.  As far as I
 know, no other browser deals with this and it hasn't ever been a problem
 (...yet), so I guess we can just ignore it for the time being?

 J




--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Mike Beltzner


On 29-Jul-09, at 2:32 PM, Drew Wilson wrote:

 BTW, I can't find the HTML5 sql storage spec anymore - google is  
 totally failing me. Anyone have a link?

http://dev.w3.org/html5/webstorage/

cheers,
mike

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

It got ripped out because Mozilla has refused to implement. An old version
is available at http://www.w3.org/TR/webstorage/

2009/7/29 Drew Wilson atwil...@chromium.org

 I recall that the SQL Storage API allows developers to declare up front how
 much quota they want. Perhaps you should ask Hixie if we want to make this
 an option for local storage as well?
 BTW, I can't find the HTML5 sql storage spec anymore - google is totally
 failing me. Anyone have a link?

 -atw

 On Wed, Jul 29, 2009 at 11:29 AM, Jeremy Orlow jor...@chromium.orgwrote:

 On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the
 install mechanism of the extension system for apps that need
 special permissions, increased quotas, expanded lifetimes, etc. The
 extension can be almost vacuous, and in our extension world exceptionally
 lightweight. It only needs to make the special capability available to the
 page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.


 I like this approach.

 So the only loose end is this: what should we do (if anything) about
 malicious apps using thousands of sub-domains (which are each their own
 origin, and thus get their own 5mb) to fill up your machine.  As far as I
 know, no other browser deals with this and it hasn't ever been a problem
 (...yet), so I guess we can just ignore it for the time being?

 J

 



--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

that version no longer contains the sql database api :) you want
http://www.w3.org/TR/webstorage/

2009/7/29 Mike Beltzner beltz...@mozilla.com

 On 29-Jul-09, at 2:32 PM, Drew Wilson wrote:

  BTW, I can't find the HTML5 sql storage spec anymore - google is totally
 failing me. Anyone have a link?


 http://dev.w3.org/html5/webstorage/

 cheers,
 mike


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread David Levin

On Wed, Jul 29, 2009 at 11:28 AM, Drew Wilson atwil...@chromium.org wrote:

 I've been starting to lean in this direction as well. The problem is that
 extensions are currently not cross-platform and would require separate
 implementations for each platform. And in many cases the extension delivery
 mechanism is under the control of an arbitrary third party (i.e. Google,
 Mozilla, Apple, etc) who has control over which extensions can be hosted,
 which is not particularly open-web-by.


It seems that a good approach is to make as much of the api into html5 as
possible (like Shared Workers).  Then there could be a small bit that is
extension (platform) specific (making the Shared Worker a Persistent
Worker).  Then there is a small surface area which is not html 5.  This also
allows apps that to do a lot of things in a similar manner (even when they
don't get the extra permissions).

dave



 It might be a reasonable starting point, though, with the goal being to
 sort through the security and installation issues and eventually come up
 with a cross-platform API in a future HTML version.

 -atw


 On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the install mechanism of
 the extension system for apps that need special permissions, increased
 quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
 our extension world exceptionally lightweight. It only needs to make the
 special capability available to the page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.

 Linus


 On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote:

 I would say that if all the browsers are doing 5MB fixed quota for local
 storage, it is a good way to start. Sadly, I think we need to start thinking
 about this now for databases though (certainly I don't want to hit yes 4,000
 times as my gmail syncs up to 20GB)
 2009/7/29 Jeremy Orlow jor...@google.com

 On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote:

 On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote:

 That seems overly simplistic to me - for example, just because I
 sometimes want to let a chat app have access to my camera, doesn't
 mean I want it always to have access. Given the number of users I've
 seen fix this problem with duct tape, I think I can conclude that
 users would use controls if they had controls they understood and
 trusted.


 I don't agree.  I believe granularity is not only useless but harmful
 for the majority of users.  See user studies of desktop app install flows 
 or
 options dialogs that universally conclude that giving people more choices
 helps a small number of people and loses a large number.  This is the
 philosophy we designed Chrome around, so we're strong backers of it.


 I agree on principle.  I can imagine a couple ways the web app might
 state the capabilities it needs up front.  The problem is that, with newer
 versions of the application, the needs might change.  But how do we keep
 them from changing so often that the user just gets used to clicking 'yes'
 every time?  I can't think of any good solution for this.

 Anyway, I think we've gotten a bit abstract here.  It's good to talk
 about this in general, but in the mean time I'm not sure what to do for
 LocalStorage.

 Is the fixed quota per origin a good way to start?  If so, is the plan
 to leave it that way until someone tries to tackle this stuff in a more
 unified way?

 J










 


--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
Chromium-dev group.
To post to this group, send email to chromium-dev@googlegroups.com
To unsubscribe from this group, send email to 
chromium-dev+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/chromium-dev?hl=en
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

BTW, this probably came off wrong. Mozilla and others had concerns about the
SQL-database versions, which I believe largely circled around the fact that
it wasn't well specified, everyone was just using sqlite, and there weren't
really multiple independent implementations, and as a result it was removed
from the spec and put on hold until some of these issues could be resolved.
Sorry if my email came across as anti-mozilla -- not the intent.

2009/7/29 Ian Fette i...@chromium.org

 It got ripped out because Mozilla has refused to implement. An old version
 is available at http://www.w3.org/TR/webstorage/

 2009/7/29 Drew Wilson atwil...@chromium.org

 I recall that the SQL Storage API allows developers to declare up front how
 much quota they want. Perhaps you should ask Hixie if we want to make this
 an option for local storage as well?
 BTW, I can't find the HTML5 sql storage spec anymore - google is totally
 failing me. Anyone have a link?

 -atw

 On Wed, Jul 29, 2009 at 11:29 AM, Jeremy Orlow jor...@chromium.orgwrote:

 On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the
 install mechanism of the extension system for apps that need
 special permissions, increased quotas, expanded lifetimes, etc. The
 extension can be almost vacuous, and in our extension world exceptionally
 lightweight. It only needs to make the special capability available to the
 page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.


 I like this approach.

 So the only loose end is this: what should we do (if anything) about
 malicious apps using thousands of sub-domains (which are each their own
 origin, and thus get their own 5mb) to fill up your machine.  As far as I
 know, no other browser deals with this and it hasn't ever been a problem
 (...yet), so I guess we can just ignore it for the time being?

 J

 




--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Mike Beltzner

On 29-Jul-09, at 2:35 PM, Ian Fette wrote:

 It got ripped out because Mozilla has refused to implement. An old  
 version is available at http://www.w3.org/TR/webstorage/

Well, more because people felt like it was a contentious item that was  
bloating / delaying the completion of HTML5. The contention is  
(rightly, I think) about whether or not it makes sense to standardize  
on SQLite, which MSFT is unlikely to ever ship, and which exists in  
extremely different flavours and is itself a very different flavour  
from SQL which itself isn't standardized.

Grizzly details in this thread: 
http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0106.html

cheers,
mike

(thanks to Ian for clarifying, too!)
--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Drew Wilson

I recall that the SQL Storage API allows developers to declare up front how
much quota they want. Perhaps you should ask Hixie if we want to make this
an option for local storage as well?
BTW, I can't find the HTML5 sql storage spec anymore - google is totally
failing me. Anyone have a link?

-atw

On Wed, Jul 29, 2009 at 11:29 AM, Jeremy Orlow jor...@chromium.org wrote:

 On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote:

 I'm coming to the opinion that we should leverage the install mechanism of
 the extension system for apps that need special permissions, increased
 quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
 our extension world exceptionally lightweight. It only needs to make the
 special capability available to the page.
 As Maciej brought up on the whatwg list, the extension system gives us 
 multiple affirmative steps,
 vetting, reputation and revocation. It also gives us a UI access point. All
 of these are important for controlling apps that aren't safe and stateless.


 I like this approach.

 So the only loose end is this: what should we do (if anything) about
 malicious apps using thousands of sub-domains (which are each their own
 origin, and thus get their own 5mb) to fill up your machine.  As far as I
 know, no other browser deals with this and it hasn't ever been a problem
 (...yet), so I guess we can just ignore it for the time being?

 J

 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Aaron Boodman


On Wed, Jul 29, 2009 at 11:28 AM, Drew Wilsonatwil...@chromium.org wrote:
 I've been starting to lean in this direction as well. The problem is that
 extensions are currently not cross-platform and would require separate
 implementations for each platform.

Just to clarify, you really mean cross-browser, right? Chrome and
Firefox extensions are both cross-platform (in the OS sense).

 And in many cases the extension delivery
 mechanism is under the control of an arbitrary third party (i.e. Google,
 Mozilla, Apple, etc) who has control over which extensions can be hosted,
 which is not particularly open-web-by.

That isn't true. In the case of both Chrome and Firefox, extensions
can be installed from anywhere on the web, though it is true that
there are additional UI roadblocks for the case of installing from an
untrusted source.

- a

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

I agree on the need for a better UI to manage cached resources and
selectively clear parts of the cache. The current web model of per-origin
grouping isn't very satisfying because some apps span multiple origins and
some origins host multiple apps. Given the extensive discussions around this
for the past few years I'm not optimistic a better answer is forthcoming.
In the end, perhaps it doesn't matter. If the browser is smart about
managing its caches, the right thing should just happen without the user
doing anything special. If I use offline gmail a bunch, and have for a long
time, the browser should never throw away its appcache, databases, cookies,
files, etc. If I went to some random site once which availed itself of an
appcache and database on my machine the browser should throw those away
first if I suffer space pressure.
Linus


On Wed, Jul 29, 2009 at 11:34 AM, Mike Beltzner beltz...@mozilla.comwrote:

 On 29-Jul-09, at 2:31 PM, Ian Fette wrote:

  Add them to the malware blacklist :)


 Yeah, I think this is right. Bad acting websites should be considered
 malware, and blocked for that reason.

 Linus: I agree that we can (and probably should) work on the webapps list
 to build some good specifications about how offline applications communicate
 expectations about permission and space requirements. We should also,
 though, make sure that as useragents we provide some sort of UI for
 cataloguing what offline apps are installed, how much space they're taking,
 and provide mechanisms for removing them.

 cheers,
 mike


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving

2009-07-29 Thread Erik Kay

On Wed, Jul 29, 2009 at 9:44 AM, Linus Upson li...@google.com wrote:

 I realize this is not a small request, but it would be better if we could
 move to a model where the browser was sandboxed and talked to a much simpler
 process to carry out trusted operations on its behalf.


While I like the general goal of what you're proposing, the downside of this
approach is that if there's a crash, you lose the browser process.  If we
still wind up storing much of the state of the browser in this main process,
then we lose a lot of state and potentially cause much of the browser to
become unusable (I'm assuming that the whole browser wouldn't crash since
the 'microkernel' would likely keep everything running).  When one of these
utility process crashes, we only lose that operation.

Erik



 Linus


 On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote:


 Here is a design document for http://crbug.com/11746


 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac

 Feedback welcome.




 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving

Sorry. The point of my sandbox the browser suggestion wasn't to increase
robustness in the case of failure. It was only to limit the damage an
exploit might cause. The browser process is complicated enough that it is
hard to secure. A small broker would be easier to understand and make
resistant to attack.
Linus

On Wed, Jul 29, 2009 at 1:40 PM, Erik Kay erik...@chromium.org wrote:

On Wed, Jul 29, 2009 at 9:44 AM, Linus Upson li...@google.com wrote:

I realize this is not a small request, but it would be better if we could
move to a model where the browser was sandboxed and talked to a much simpler
process to carry out trusted operations on its behalf.

While I like the general goal of what you're proposing, the downside of
this approach is that if there's a crash, you lose the browser process. If
we still wind up storing much of the state of the browser in this main
process, then we lose a lot of state and potentially cause much of the
browser to become unusable (I'm assuming that the whole browser wouldn't
crash since the 'microkernel' would likely keep everything running). When
one of these utility process crashes, we only lose that operation.

Erik

Linus

On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote:

Here is a design document for http://crbug.com/11746

http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac

Feedback welcome.

[chromium-dev] Re: [linux, maybe mac] gcc -fvisibility=hidden

2009-07-29 Thread Antoine Labour


On Wed, Jul 29, 2009 at 10:46 AM, Evan Martine...@chromium.org wrote:

 On Tue, Jul 28, 2009 at 11:18 PM, Brian Rynerbry...@google.com wrote:
  The -fvisibility=hidden flag is maybe supposed to do this (see
  discussion on http://gcc.gnu.org/wiki/Visibility ), but I tried
  building both with and without it and found that:
   - in debug builds, objdump -T shows all of our symbols, regardless of
  the flags I pass to gcc or strip

 Can you paste a snippet of the objdump -T output you see for a debug binary?
  I'd also be interested in the answer to Mark's question -- is the binary
 being linked with -E?

 As I said before, I don't really know what I'm doing -- I wrote my
 mail to mostly summarize the result of tried building it both with
 and without this flag and saw no difference.

 There is no -E.   Maybe I don't understand what objdump -CT is telling
 me... aha!

 It turns out that the vast majority of the symbols I mentioned are C++
 templates.
 % objdump -CT out/Debug/chrome | wc -l
 43740
 % objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l
 2591

 Here are a few examples of the output pre-filtering:

 083fa306  w   DF .text  0011  Base
 std::reverse_iteratorstd::_List_iteratorstd::pairRenderWidgetHost*,
 BackingStore*  ::base() const
 090104dc  w   DF .text  0022  Base        void
 std::swapWebCore::CSSFontFace*(WebCore::CSSFontFace*,
 WebCore::CSSFontFace*)
 0

 Of the remaining symbols after that egrep -v, it's mostly stuff I'd
 expect, though I still see v8 templates marked weak:

 091b7d12  w   DF .text  0013  Base        v8::Localv8::Integer::Local()
       DF *UND*    Base        gtk_tree_model_get_value
 0884d056  w   DF .text  001a  Base
 v8::Localv8::String::Localv8::String(v8::String*)
       DF *UND*    Base        gtk_grab_add
       DF *UND*    Base        gtk_hbutton_box_new
       DF *UND*    NSS_3.4     SSL_GetChannelInfo
       DF *UND*    GLIBC_2.4   __stack_chk_fail
 086a6698 g    DF .text  010a  Base        uprv_ebcdicFromAscii_3_8
 0866af2e g    DF .text  00d1  Base        uprv_fmin_3_8
       DF *UND*    Base        gtk_widget_get_visual
 091ab20c g    DF .text  005d  Base
 v8::ObjectTemplate::InternalFieldCount()
 0885e164  w   DF .text  0013  Base
 v8::Persistentv8::String::Persistent()
       DF *UND*    Base
 gtk_file_chooser_set_preview_widget_active
       DF *UND*    Base        gdk_display_get_pointer
 0880e3a2 g    DF .text  02f4  Base        ucol_tok_getNextArgument_3_8
 086e6d5c g    DF .text  01a1  Base        upname_swap_3_8


 Flags we use follow:

        # Enable -Werror by default, but put it in a variable so it can
        # be disabled in ~/.gyp/include.gypi on the valgrind builders.
        'variables': {
          'werror%': '-Werror',
        },
        'cflags': [
           '(werror)',  # See note above about the werror variable.
           '-pthread',
           '-fno-exceptions',
           '-Wall',
        ],
        'cflags_cc': [
          '-fno-threadsafe-statics',
        ],
        'ldflags': [
          '-pthread',
        ],

I have been going through the same pains with o3d, trying to get rid
of all exports, see http://codereview.chromium.org/160317 though I
haven't removed all of them.
It turns out that both ICU (all your u.*3_8) and v8 (that we both use
in o3d) force __attribute__((visibility(default))) on some API
symbols (ie force export regardless of -fvisibility). You can get rid
of most of the ICU ones if you compile with U_STATIC_IMPLEMENTATION
but not U_COMBINED_IMPLEMENTATION, but there are still some left. For
v8, all the public API is tagged with default visibility.
For the STL template instantiations, I'm seeing those too, and I don't
know how to get rid of them.

Antoine

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: [linux, maybe mac] gcc -fvisibility=hidden

2009-07-29 Thread Darin Fisher

On Wed, Jul 29, 2009 at 2:16 PM, Antoine Labour pi...@google.com wrote:

 On Wed, Jul 29, 2009 at 10:46 AM, Evan Martine...@chromium.org wrote:
 
  On Tue, Jul 28, 2009 at 11:18 PM, Brian Rynerbry...@google.com wrote:
   The -fvisibility=hidden flag is maybe supposed to do this (see
   discussion on http://gcc.gnu.org/wiki/Visibility ), but I tried
   building both with and without it and found that:
- in debug builds, objdump -T shows all of our symbols, regardless
 of
   the flags I pass to gcc or strip
 
  Can you paste a snippet of the objdump -T output you see for a debug
 binary?
   I'd also be interested in the answer to Mark's question -- is the
 binary
  being linked with -E?
 
  As I said before, I don't really know what I'm doing -- I wrote my
  mail to mostly summarize the result of tried building it both with
  and without this flag and saw no difference.
 
  There is no -E.   Maybe I don't understand what objdump -CT is telling
  me... aha!
 
  It turns out that the vast majority of the symbols I mentioned are C++
  templates.
  % objdump -CT out/Debug/chrome | wc -l
  43740
  % objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l
  2591
 
  Here are a few examples of the output pre-filtering:
 
  083fa306  w   DF .text  0011  Base
  std::reverse_iteratorstd::_List_iteratorstd::pairRenderWidgetHost*,
  BackingStore*  ::base() const
  090104dc  w   DF .text  0022  Basevoid
  std::swapWebCore::CSSFontFace*(WebCore::CSSFontFace*,
  WebCore::CSSFontFace*)
  0
 
  Of the remaining symbols after that egrep -v, it's mostly stuff I'd
  expect, though I still see v8 templates marked weak:
 
  091b7d12  w   DF .text  0013  Base
  v8::Localv8::Integer::Local()
    DF *UND*    Basegtk_tree_model_get_value
  0884d056  w   DF .text  001a  Base
  v8::Localv8::String::Localv8::String(v8::String*)
    DF *UND*    Basegtk_grab_add
    DF *UND*    Basegtk_hbutton_box_new
    DF *UND*    NSS_3.4 SSL_GetChannelInfo
    DF *UND*    GLIBC_2.4   __stack_chk_fail
  086a6698 gDF .text  010a  Baseuprv_ebcdicFromAscii_3_8
  0866af2e gDF .text  00d1  Baseuprv_fmin_3_8
    DF *UND*    Basegtk_widget_get_visual
  091ab20c gDF .text  005d  Base
  v8::ObjectTemplate::InternalFieldCount()
  0885e164  w   DF .text  0013  Base
  v8::Persistentv8::String::Persistent()
    DF *UND*    Base
  gtk_file_chooser_set_preview_widget_active
    DF *UND*    Basegdk_display_get_pointer
  0880e3a2 gDF .text  02f4  Base
  ucol_tok_getNextArgument_3_8
  086e6d5c gDF .text  01a1  Baseupname_swap_3_8
 
 
  Flags we use follow:
 
 # Enable -Werror by default, but put it in a variable so it can
 # be disabled in ~/.gyp/include.gypi on the valgrind builders.
 'variables': {
   'werror%': '-Werror',
 },
 'cflags': [
'(werror)',  # See note above about the werror variable.
'-pthread',
'-fno-exceptions',
'-Wall',
 ],
 'cflags_cc': [
   '-fno-threadsafe-statics',
 ],
 'ldflags': [
   '-pthread',
 ],

 I have been going through the same pains with o3d, trying to get rid
 of all exports, see http://codereview.chromium.org/160317 though I
 haven't removed all of them.
 It turns out that both ICU (all your u.*3_8) and v8 (that we both use
 in o3d) force __attribute__((visibility(default))) on some API
 symbols (ie force export regardless of -fvisibility). You can get rid
 of most of the ICU ones if you compile with U_STATIC_IMPLEMENTATION
 but not U_COMBINED_IMPLEMENTATION, but there are still some left. For
 v8, all the public API is tagged with default visibility.
 For the STL template instantiations, I'm seeing those too, and I don't
 know how to get rid of them.

 Antoine



Maybe the V8 team would accept a patch to make that tagging conditional on a
preprocessor define.
-Darin

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving

2009-07-29 Thread John Abd-El-Malek

The plug-in sandbox is too weak to be robust, see the other thread about it.
 As long as it has access to HWNDs, it's very easy to break out of it.

On Wed, Jul 29, 2009 at 10:43 AM, Adam Barth aba...@chromium.org wrote:


 I wonder if we could use something like the plug-in sandbox for the
 main browser process in the intermediate term.  That way the browser
 could still have HWNDs and the like.

 Adam


 On Wed, Jul 29, 2009 at 9:44 AM, Linus Upsonli...@google.com wrote:
  I realize this is not a small request, but it would be better if we could
  move to a model where the browser was sandboxed and talked to a much
 simpler
  process to carry out trusted operations on its behalf.
  Linus
 
  On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote:
 
  Here is a design document for http://crbug.com/11746
 
 
 
 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac
 
  Feedback welcome.
 
 
 
 
  
 

 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: [linux, maybe mac] gcc -fvisibility=hidden


On Wed, Jul 29, 2009 at 2:16 PM, Antoine Labourpi...@google.com wrote:
 On Wed, Jul 29, 2009 at 10:46 AM, Evan Martine...@chromium.org wrote:
 It turns out that the vast majority of the symbols I mentioned are C++
 templates.
 % objdump -CT out/Debug/chrome | wc -l
 43740
 % objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l
 2591
 For the STL template instantiations, I'm seeing those too, and I don't
 know how to get rid of them.

From looking a bit, it seems like there are a lot of GCC bugs around
the versions we're running in this area:
  http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32470

Someday I will build with a gcc under two years old.  ;)

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Adding a Custom Scheme

2009-07-29 Thread Eric Roman


You are pretty close.

What you want to do is override URLRequestJob::IsRedirectResponse(),
rather than trying to do the redirect in the factory.

Something like this should work:


class URLRequestCustomJob : public URLRequestJob {
 public:
  explicit URLRequestCustomJob(URLRequest* request) : URLRequestJob(request) {}

  // URLRequestJob methods:
  virtual void Start() {
NotifyHeadersComplete();
  }

  virtual bool IsRedirectResponse(GURL* location, int* http_status_code) {
*http_status_code = 301;
*location = GURL(http://i-redirected-you/cuz-im-the-awesome;);
return true;
  }

  static URLRequestJob* Factory(URLRequest* request, const
std::string scheme) {
return new URLRequestCustomJob(request);
  }
};


On Mon, Jul 27, 2009 at 5:44 PM, Kruncherleaha...@gmail.com wrote:

 Hi,

 I am trying to add a custom scheme to the Chromium browser. I am
 trying to write a scheme that will transparently redirect requests to
 another URL.

 For some reason, however, my custom scheme does not appear to get
 recognized. Could somebody tell me what I am doing wrong?

 For the time being I have added the following code to the
 chrome_exe_main.cc source.

 //
 // Added above the main Windows function.
 //

 #include net/url_request/url_request.h
 #include net/url_request/url_request_http_job.h

 static const char kCustomURLScheme[] = my-scheme;


 class URLRequestCustomJob : public URLRequestJob {
  public:
  static URLRequestJob* Factory(URLRequest* request, const
 std::string scheme) {
          DCHECK(scheme == my-scheme);

          // Redirect response to a local network resource.
          std::string requestPath = request-url().PathForRequest().replace
 (0, 10, http://192.168.1.4:8080;);

          // I tried using the following line, but it turns out that the
 Redirect function is protected.
          //request-Redirect(GURL(requestPath), request-status().status());
          // So instead I am attempting to create a new request.
          request = new URLRequest(GURL(requestPath), request-delegate());

          // Proceed with regular HTTP scheme factory.
          return URLRequestHttpJob::Factory(request, http);
        }
 };


 //
 // Added above #if defined(GOOGLE_CHROME_BUILD) inside Windows main
 function.
 //

 // Register custom scheme:
 url_util::AddStandardScheme(kCustomURLScheme);
 URLRequest::RegisterProtocolFactory(kCustomURLScheme,
 URLRequestCustomJob::Factory);

 Many thanks,
 Lea Hayes
 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving

2009-07-29 Thread Erik Kay

On Wed, Jul 29, 2009 at 1:42 PM, Linus Upson li...@google.com wrote:

Right. Utility processes and a secure broker for a sandboxed browser solve
different problems. My guess is that in an ideal world, we'd wind up with
both, where places that had direct contact with untrusted data (like Eric's
PAC proposal here) being put into isolated processes. Given that this was
the thread you replied to, it seemed like you were suggesting that we'd be
better off keeping this in process with a sandboxed browser (assuming we had
time to do so, etc.).

Erik

Linus

On Wed, Jul 29, 2009 at 1:40 PM, Erik Kay erik...@chromium.org wrote:

On Wed, Jul 29, 2009 at 9:44 AM, Linus Upson li...@google.com wrote:

Erik

Linus

On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote:

Here is a design document for http://crbug.com/11746

http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac

Feedback welcome.

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread John Abd-El-Malek

On Tue, Jul 28, 2009 at 8:40 PM, Jeremy Orlow jor...@chromium.org wrote:

 I'm starting to think ahead to how quotas will work with LocalStorage (and
 I assume database and maybe even AppCache).  To begin with, I'll probably
 just set a fixed quota (5mb is pretty standard), but some apps will surely
 desire more space than that, so I think we'll need a more robust solution
 fairly quickly.  (Maybe even before it comes out from behind the
 --enable-local-storage flag.)
 The question is how should we handle quotas from a UI perspective.

 One approach that seems obvious to a lot of people I've talked to is asking
 the user (maybe via an info bar?) whenever an origin hits its limit (before
 we decide whether to return a quota exceeded error or not).  The problem is
 that WebKit (in the renderer) can't block on the UI thread (since it may be
 blocked on WebKit).  Maybe it's safe to pump plugin related events while in
 the middle of a JavaScript context?  If not, then I'm not sure if any
 just-in-time solution like this is going to be viable.


It is possible to stop JS execution to wait on the browser process, just
like what we do for alerts/showModalDialog.  This involves running a nested
message loop, which we try to avoid unless absolutely necessary because of
reentrancy issues (but in this case, it's necessary so it's ok).



 We could implement heuristics that predict when LocalStorage is about to
 run out of space, but if we don't predict it in time, we will have to send a
 quota exceeded exception to the script.  A lot of common use cases like you
 syncing gmail for the first time would make this difficult to do well, I
 think.

 Safari buries the setting in the preferences menu.  That would be better
 than nothing, I suppose.

 Any other ideas?

 Jeremy

 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)

2009-07-29 Thread Jeremy Orlow

On Wed, Jul 29, 2009 at 2:48 PM, John Abd-El-Malek j...@chromium.org wrote:



 On Tue, Jul 28, 2009 at 8:40 PM, Jeremy Orlow jor...@chromium.org wrote:

 I'm starting to think ahead to how quotas will work with LocalStorage (and
 I assume database and maybe even AppCache).  To begin with, I'll probably
 just set a fixed quota (5mb is pretty standard), but some apps will surely
 desire more space than that, so I think we'll need a more robust solution
 fairly quickly.  (Maybe even before it comes out from behind the
 --enable-local-storage flag.)
 The question is how should we handle quotas from a UI perspective.

 One approach that seems obvious to a lot of people I've talked to is
 asking the user (maybe via an info bar?) whenever an origin hits its limit
 (before we decide whether to return a quota exceeded error or not).  The
 problem is that WebKit (in the renderer) can't block on the UI thread (since
 it may be blocked on WebKit).  Maybe it's safe to pump plugin related events
 while in the middle of a JavaScript context?  If not, then I'm not sure if
 any just-in-time solution like this is going to be viable.


 It is possible to stop JS execution to wait on the browser process, just
 like what we do for alerts/showModalDialog.  This involves running a nested
 message loop, which we try to avoid unless absolutely necessary because of
 reentrancy issues (but in this case, it's necessary so it's ok).


Ha.  Way to bring the discussion full-circle.  :-)

Anyway, it sounds like we're never going to change the quota during JS
execution so a nested message loop won't be necessary here.  Thanks for the
clarification though.

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] --new-baseline producing baselines for wrong platform


Starting with a clean tree, then running
  ./webkit/tools/layout_tests/run_webkit_tests.sh --debug
--new-baseline LayoutTests/plugins/mouse-events.html
on Linux, it seems to overwrite the Mac/Win expectations.
  % git ls-files --modified
  
webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt
  
webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt

Why?  This seems very wrong.

PS: It prints the following while running:
  090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines
in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux
which is where I'd expect the output to go.

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: --new-baseline producing baselines for wrong platform

2009-07-29 Thread Tony Chang


This is a text only test (uses layoutTestController.dumpAsText()) so
the Linux results should match windows exactly so we don't generate a
Linux specific result.  The test runner will fallback to the Windows
result from Linux as well.  You just need to verify that the results
are correct on Windows and Mac (you can get these from the waterfall).

On Wed, Jul 29, 2009 at 3:03 PM, Evan Martine...@chromium.org wrote:

 Starting with a clean tree, then running
  ./webkit/tools/layout_tests/run_webkit_tests.sh --debug
 --new-baseline LayoutTests/plugins/mouse-events.html
 on Linux, it seems to overwrite the Mac/Win expectations.
  % git ls-files --modified
  webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt
  webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt

 Why?  This seems very wrong.

 PS: It prints the following while running:
  090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines
 in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux
 which is where I'd expect the output to go.

 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: --new-baseline producing baselines for wrong platform


That sorta makes sense.  But then why does it generate a mac baseline too?

On Wed, Jul 29, 2009 at 3:18 PM, Tony Changt...@chromium.org wrote:

 This is a text only test (uses layoutTestController.dumpAsText()) so
 the Linux results should match windows exactly so we don't generate a
 Linux specific result.  The test runner will fallback to the Windows
 result from Linux as well.  You just need to verify that the results
 are correct on Windows and Mac (you can get these from the waterfall).

 On Wed, Jul 29, 2009 at 3:03 PM, Evan Martine...@chromium.org wrote:

 Starting with a clean tree, then running
  ./webkit/tools/layout_tests/run_webkit_tests.sh --debug
 --new-baseline LayoutTests/plugins/mouse-events.html
 on Linux, it seems to overwrite the Mac/Win expectations.
  % git ls-files --modified
  webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt
  webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt

 Why?  This seems very wrong.

 PS: It prints the following while running:
  090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines
 in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux
 which is where I'd expect the output to go.

 


 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Adding a Custom Scheme

2009-07-29 Thread Eric Roman


The entry point would be to enter a URL that uses the custom scheme.

i.e. you would need to type in my-scheme://some-url to reach the
custom scheme handler.

Not sure what you are trying to build.

On Wed, Jul 29, 2009 at 3:39 PM, Kruncherleaha...@gmail.com wrote:

 Hi Eric,

 I have just tried the code that you have suggested, however, if I
 enter a URL in the Chromium location bar and hit enter, Chromium is
 still defaulting to a Google search.

 I have tried placing a breakpoint within the constructor and each of
 the virtual methods, and the factory method. When running in debug
 mode, none of these breakpoints are being hit. I tried adding a
 breakpoint directly after the factory is being registered, and the
 program is breaking at this point.

 Thanks for your help!

 On 29 July, 22:32, Eric Roman ero...@chromium.org wrote:
 You are pretty close.

 What you want to do is override URLRequestJob::IsRedirectResponse(),
 rather than trying to do the redirect in the factory.

 Something like this should work:

 class URLRequestCustomJob : public URLRequestJob {
  public:
   explicit URLRequestCustomJob(URLRequest* request) : URLRequestJob(request) 
 {}

   // URLRequestJob methods:
   virtual void Start() {
     NotifyHeadersComplete();
   }

   virtual bool IsRedirectResponse(GURL* location, int* http_status_code) {
     *http_status_code = 301;
     *location = GURL(http://i-redirected-you/cuz-im-the-awesome;);
     return true;
   }

   static URLRequestJob* Factory(URLRequest* request, const
 std::string scheme) {
     return new URLRequestCustomJob(request);
   }



 };
 On Mon, Jul 27, 2009 at 5:44 PM, Kruncherleaha...@gmail.com wrote:

  Hi,

  I am trying to add a custom scheme to the Chromium browser. I am
  trying to write a scheme that will transparently redirect requests to
  another URL.

  For some reason, however, my custom scheme does not appear to get
  recognized. Could somebody tell me what I am doing wrong?

  For the time being I have added the following code to the
  chrome_exe_main.cc source.

  //
  // Added above the main Windows function.
  //

  #include net/url_request/url_request.h
  #include net/url_request/url_request_http_job.h

  static const char kCustomURLScheme[] = my-scheme;

  class URLRequestCustomJob : public URLRequestJob {
   public:
   static URLRequestJob* Factory(URLRequest* request, const
  std::string scheme) {
           DCHECK(scheme == my-scheme);

           // Redirect response to a local network resource.
           std::string requestPath = request-url().PathForRequest().replace
  (0, 10, http://192.168.1.4:8080;);

           // I tried using the following line, but it turns out that the
  Redirect function is protected.
           //request-Redirect(GURL(requestPath), 
  request-status().status());
           // So instead I am attempting to create a new request.
           request = new URLRequest(GURL(requestPath), request-delegate());

           // Proceed with regular HTTP scheme factory.
           return URLRequestHttpJob::Factory(request, http);
         }
  };

  //
  // Added above #if defined(GOOGLE_CHROME_BUILD) inside Windows main
  function.
  //

  // Register custom scheme:
  url_util::AddStandardScheme(kCustomURLScheme);
  URLRequest::RegisterProtocolFactory(kCustomURLScheme,
  URLRequestCustomJob::Factory);

  Many thanks,
  Lea Hayes
 


--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: --new-baseline producing baselines for wrong platform

2009-07-29 Thread Tony Chang

Because mac doesn't have a fallback path to the windows results. So
we could have put the same result file in win/linux/mac directories,
but we do a small optimization and don't write the linux results
because it falls back to windows results.

On Wed, Jul 29, 2009 at 3:52 PM, Evan Martine...@chromium.org wrote:
That sorta makes sense. But then why does it generate a mac baseline too?

On Wed, Jul 29, 2009 at 3:18 PM, Tony Changt...@chromium.org wrote:

This is a text only test (uses layoutTestController.dumpAsText()) so
the Linux results should match windows exactly so we don't generate a
Linux specific result. The test runner will fallback to the Windows
result from Linux as well. You just need to verify that the results
are correct on Windows and Mac (you can get these from the waterfall).

On Wed, Jul 29, 2009 at 3:03 PM, Evan Martine...@chromium.org wrote:

Starting with a clean tree, then running
./webkit/tools/layout_tests/run_webkit_tests.sh --debug
--new-baseline LayoutTests/plugins/mouse-events.html
on Linux, it seems to overwrite the Mac/Win expectations.
% git ls-files --modified
webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt
webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt

Why? This seems very wrong.

PS: It prints the following while running:
090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines
in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux
which is where I'd expect the output to go.

[chromium-dev] Re: Adding a Custom Scheme

2009-07-29 Thread Kruncher


Those are the kinds of URL's that I have been trying, but when I hit
enter it reverts to:

http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme://some-url

It seems almost as though the scheme factory is not getting
registered.

I am working on a help viewer. When the viewer is opened a local web
server is initialized on port 8080 (for the time being). I basically
want to rewrite all URLs that begin with my-scheme:// with http://
192.168.1.4:8080/ the local machines IP address and port.


On 30 July, 00:10, Eric Roman ero...@chromium.org wrote:
 The entry point would be to enter a URL that uses the custom scheme.

 i.e. you would need to type in my-scheme://some-url to reach the
 custom scheme handler.

 Not sure what you are trying to build.



 On Wed, Jul 29, 2009 at 3:39 PM, Kruncherleaha...@gmail.com wrote:

  Hi Eric,

  I have just tried the code that you have suggested, however, if I
  enter a URL in the Chromium location bar and hit enter, Chromium is
  still defaulting to a Google search.

  I have tried placing a breakpoint within the constructor and each of
  the virtual methods, and the factory method. When running in debug
  mode, none of these breakpoints are being hit. I tried adding a
  breakpoint directly after the factory is being registered, and the
  program is breaking at this point.

  Thanks for your help!

  On 29 July, 22:32, Eric Roman ero...@chromium.org wrote:
  You are pretty close.

  What you want to do is override URLRequestJob::IsRedirectResponse(),
  rather than trying to do the redirect in the factory.

  Something like this should work:

  class URLRequestCustomJob : public URLRequestJob {
   public:
    explicit URLRequestCustomJob(URLRequest* request) : 
  URLRequestJob(request) {}

    // URLRequestJob methods:
    virtual void Start() {
      NotifyHeadersComplete();
    }

    virtual bool IsRedirectResponse(GURL* location, int* http_status_code) {
      *http_status_code = 301;
      *location = GURL(http://i-redirected-you/cuz-im-the-awesome;);
      return true;
    }

    static URLRequestJob* Factory(URLRequest* request, const
  std::string scheme) {
      return new URLRequestCustomJob(request);
    }

  };
  On Mon, Jul 27, 2009 at 5:44 PM, Kruncherleaha...@gmail.com wrote:

   Hi,

   I am trying to add a custom scheme to the Chromium browser. I am
   trying to write a scheme that will transparently redirect requests to
   another URL.

   For some reason, however, my custom scheme does not appear to get
   recognized. Could somebody tell me what I am doing wrong?

   For the time being I have added the following code to the
   chrome_exe_main.cc source.

   //
   // Added above the main Windows function.
   //

   #include net/url_request/url_request.h
   #include net/url_request/url_request_http_job.h

   static const char kCustomURLScheme[] = my-scheme;

   class URLRequestCustomJob : public URLRequestJob {
    public:
    static URLRequestJob* Factory(URLRequest* request, const
   std::string scheme) {
            DCHECK(scheme == my-scheme);

            // Redirect response to a local network resource.
            std::string requestPath = 
   request-url().PathForRequest().replace
   (0, 10, http://192.168.1.4:8080;);

            // I tried using the following line, but it turns out that the
   Redirect function is protected.
            //request-Redirect(GURL(requestPath), 
   request-status().status());
            // So instead I am attempting to create a new request.
            request = new URLRequest(GURL(requestPath), 
   request-delegate());

            // Proceed with regular HTTP scheme factory.
            return URLRequestHttpJob::Factory(request, http);
          }
   };

   //
   // Added above #if defined(GOOGLE_CHROME_BUILD) inside Windows main
   function.
   //

   // Register custom scheme:
   url_util::AddStandardScheme(kCustomURLScheme);
   URLRequest::RegisterProtocolFactory(kCustomURLScheme,
   URLRequestCustomJob::Factory);

   Many thanks,
   Lea Hayes
--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Adding a Custom Scheme

2009-07-29 Thread Peter Kasting

On Wed, Jul 29, 2009 at 4:23 PM, Kruncher leaha...@gmail.com wrote:

 Those are the kinds of URL's that I have been trying, but when I hit
 enter it reverts to:


 http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme://some-url


Put my-scheme://some-url in the address bar and set a breakpoint in
URLRequestJobManager::SupportsScheme().  Now type a letter at the end.  You
should hit your breakpoint.  Check and see if |factories_| contains your
scheme.  If not, you need to make that happen.  If it does, and this
function therefore returns true, there's some problem at the time you
actually open the URL.

PK

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] GetCursorPos vs. GetMessagePos

2009-07-29 Thread Darin Fisher

The following is Windows specific, but it may very well apply to other
operating systems.

If you find yourself writing code that needs to know the position of the
mouse cursor, and you don't have easy access to the last mouse move event,
you may find it tempting to call
GetCursorPoshttp://msdn.microsoft.com/en-us/library/ms648390(VS.85).aspx.
 Afterall, it returns the position of the mouse cursor.  However, using this
function can result in subtle (and annoying) bugs such as
http://crbug.com/2993.
It turns out that since GetCursorPos returns the mouse position right now,
it can actually confuse code that is also receiving inputs from mouse
events.  The message queue may be behind in processing mouse input events,
and so the time sequencing of mouse movement as observed by GetCursorPos may
appear out of sync with the delivery of mouse button events.

The solution:  Instead of calling GetCursorPos you should either refactor
your code to be able to access input from mouse events consistently, or if
that is not feasible then call
GetMessagePoshttp://msdn.microsoft.com/en-us/library/ms644938(VS.85).aspx
instead
of GetCursorPos.  That method returns the mouse position that was last
observed by the event loop.

By by unwanted detached tabs,
-Darin

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: GetCursorPos vs. GetMessagePos

2009-07-29 Thread Peter Kasting

On Wed, Jul 29, 2009 at 4:48 PM, Darin Fisher da...@chromium.org wrote:

 The solution:  Instead of calling GetCursorPos you should either refactor
 your code to be able to access input from mouse events consistently, or if
 that is not feasible then call 
 GetMessagePoshttp://msdn.microsoft.com/en-us/library/ms644938(VS.85).aspx 
 instead
 of GetCursorPos.  That method returns the mouse position that was last
 observed by the event loop.


Note: In occasional circumstances, GetCursorPos() is still correct.
 However, these are rare.  You'd use this if, for example, you want to stick
a fake mouse move event (that doesn't actually move the mouse) on the end of
the event queue.  Using GetCursorPos() ensures that your fake event won't
actually move the mouse.

If in doubt, you almost certainly want GetMessagePos().

By by unwanted detached tabs,


Darin needs a context-sensitive spellchecker :)

PK

--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
Chromium-dev group.
To post to this group, send email to chromium-dev@googlegroups.com
To unsubscribe from this group, send email to 
chromium-dev+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/chromium-dev?hl=en
-~--~~~~--~~--~--~---

[chromium-dev] Re: Adding a Custom Scheme

2009-07-29 Thread Kruncher


When the debugger breaks inside the SupportsScheme function, the
factories list does not include my-scheme.

Perhaps I am trying to register the scheme too early? Do I need to add
this directly below where the various chrome schemes are registered,
or is it possible to keep it in the domain of a custom application?

On 30 July, 00:40, Peter Kasting pkast...@google.com wrote:
 On Wed, Jul 29, 2009 at 4:23 PM, Kruncher leaha...@gmail.com wrote:
  Those are the kinds of URL's that I have been trying, but when I hit
  enter it reverts to:

 http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme:/...

 Put my-scheme://some-url in the address bar and set a breakpoint in
 URLRequestJobManager::SupportsScheme().  Now type a letter at the end.  You
 should hit your breakpoint.  Check and see if |factories_| contains your
 scheme.  If not, you need to make that happen.  If it does, and this
 function therefore returns true, there's some problem at the time you
 actually open the URL.

 PK
--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: GetCursorPos vs. GetMessagePos


On Wed, Jul 29, 2009 at 4:48 PM, Darin Fisherda...@chromium.org wrote:
 The following is Windows specific, but it may very well apply to other
 operating systems.

Yes, the GTK equivalent is gdk_display_get_pointer.  We have a few of
these that have snuck into our code over time that it would be nice to
eliminate.

It's even worse on X because the call underneath (XQueryPointer) does
a blocking round-trip to the X server.

http://www.google.com/codesearch/p?hl=ensa=Ncd=1ct=rc#_EBSL1YmJGU/gtk+-2.4.14/gdk/x11/gdkwindow-x11.cq=_gdk_windowing_window_get_pointerl=2918

--~--~-~--~~~---~--~~
Chromium Developers mailing list: chromium-dev@googlegroups.com 
View archives, change email options, or unsubscribe: 
http://groups.google.com/group/chromium-dev
-~--~~~~--~~--~--~---

[chromium-dev] Re: Adding a Custom Scheme