[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Wed, Jul 29, 2009 at 5:30 AM, Peter Kastingpkast...@chromium.org wrote: On Tue, Jul 28, 2009 at 9:23 PM, Mike Beltzner beltz...@mozilla.com wrote: All we're doing at this point is preventing malicious applications from eating up disk, really. Yep, I agree (although that may no longer be true in a few years as web apps grow in power and complexity). In the world of normal applications, you basically give them arbitrary permission to use your disk, but the good ones write some requirements ahead of time like requires 200 MB free hard drive space and warn you at install if you're below that. Can we make the UI more like that, where you make a single trust decision up front? Yes an app can lie, but normally-installed apps can lie too. Can we provide enough ranking and feedback somewhere to make this decision easier on users? For example, 57% of users chose to install foo.com, and gave it an average rating of 2.3 stars. Oooh, web of trust. There are some flaws. :) I do think the right answer here is to only get the user involved when the case seems pathological. Most uses of localStorage will be for better than cookies, I suspect. One case I'm trying to prevent is getting separate requests, at different times, from the same app. You get some up-front query about desktop shortcuts, and then a query five minutes later about using your camera, and then a year later about going over 5 MB of storage, and so on. Sucky. Really all I care about is an up-front let this do whatever the heck it wants versus no thanks. That seems overly simplistic to me - for example, just because I sometimes want to let a chat app have access to my camera, doesn't mean I want it always to have access. Given the number of users I've seen fix this problem with duct tape, I think I can conclude that users would use controls if they had controls they understood and trusted. PK --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Wed, Jul 29, 2009 at 5:51 AM, Jeremy Orlowjor...@google.com wrote: On Tue, Jul 28, 2009 at 9:30 PM, Peter Kasting pkast...@chromium.org wrote: On Tue, Jul 28, 2009 at 9:23 PM, Mike Beltzner beltz...@mozilla.com wrote: All we're doing at this point is preventing malicious applications from eating up disk, really. Yep, I agree (although that may no longer be true in a few years as web apps grow in power and complexity). In the world of normal applications, you basically give them arbitrary permission to use your disk, but the good ones write some requirements ahead of time like requires 200 MB free hard drive space and warn you at install if you're below that. Can we make the UI more like that, where you make a single trust decision up front? Yes an app can lie, but normally-installed apps can lie too. Can we provide enough ranking and feedback somewhere to make this decision easier on users? For example, 57% of users chose to install foo.com, and gave it an average rating of 2.3 stars. Oooh, web of trust. There are some flaws. :) I do think the right answer here is to only get the user involved when the case seems pathological. Most uses of localStorage will be for better than cookies, I suspect. One case I'm trying to prevent is getting separate requests, at different times, from the same app. You get some up-front query about desktop shortcuts, and then a query five minutes later about using your camera, and then a year later about going over 5 MB of storage, and so on. Sucky. Really all I care about is an up-front let this do whatever the heck it wants versus no thanks. Another thing to consider is that, if our limits are per-origin (what most implementations use IIRC), a malicious attacker could easily use lots of host names (i.e. host1.bad-site.com through host1000.bad-site.com) to still fill things up. I'm starting to wonder if some sort of web of trust or black list type solution is the only way to avoid users getting DOSed. There was a nice paper at SOUPS about doing this for firewall rules: http://cups.cs.cmu.edu/soups/2009/proceedings/a5-goecks.pdf Slides: http://cups.cs.cmu.edu/soups/2009/slides/a5-goecks-post.ppt J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Design Doc: out of process (v8) proxy resolving
Here is a design document for http://crbug.com/11746 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac Feedback welcome. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: How to attach to Renderer Process in XCode
It creates a new process because you're navigating to a new domain. cnn.com and the New Tab Page are in different domains, and thus use different render processes. Annoying to debug, yes, but there you go. You'll just need to have a couple terminal gdb windows open at a time to bounce between processes. I asked about this before and there doesn't seem to be much motivation to special case this logic to re-use the process. On the surface, certainly creating a new process is heavy-weight and appears like it should be avoided at all costs, but on today's hardware/OS's, it's barely noticed in the real world application of web surfing. If someone can provide hard numbers about what it does to page load times, we might look into it, but it's pretty low on the priority list right now, especially without any data. On Tue, Jul 28, 2009 at 10:41 PM, n179911n179...@gmail.com wrote: On Sun, Jul 26, 2009 at 3:52 PM, Jeremy Moskovichjer...@chromium.org wrote: Command line gdb is one way to go... I always use the XCode IDE gdb integration, as documented on the wiki. While trying to attach to the Chrome process directly from the IDE can get funky, the method documented on the wiki always works for me. XCode attaches itself to a running renderer which is paused [by calling pause() ] so you need to click continue in the IDE to get it to keep running and render a webpage. It's possible that the broken pipe you're seeing is the result of killing the renderer from the debugger. Thank you for the help. I did what you suggest. And I attached gdb to 2516 via command line. Chromium does start and I see the 'New tab page'. Like this: $ ~/chromium/src/xcodebuild/Debug/Chromium.app/Contents/MacOS/Chromium --renderer-stp-dialog [2516:2055:3122095122007:WARNING:/Users/n179911/chromium/src/chrome/renderer/renderer_main.cc(65)] Renderer (2516) paused waiting for debugger to attach @ pid Then I go to the URL text box of chromium and type in 'http://www.cnn.com' But what I get is I see this but with a new pid (2220). [2516:2055:3122095122007:WARNING:/Users/n179911/chromium/src/chrome/renderer/renderer_main.cc(65)] Renderer (2220) paused waiting for debugger to attach @ pid But question is why chromium starts a new Renderer process when I just trying to load my first URL (http://www.cnn.com). Why it does not re-used 2516 before? Thanks in advance. Best regards, Jeremy On Sun, Jul 26, 2009 at 9:23 PM, n179911 n179...@gmail.com wrote: On Thu, Jul 16, 2009 at 12:46 AM, Jeremy Moskovichjer...@chromium.org wrote: You can find instructions here: http://dev.chromium.org/developers/debugging-on-os-x Ultimately, we should really combine all the platform debugging articles into one page :| Best regards, Jeremy Thanks. I tried it. I saw this in the shell: [460:2055:4872081828141:WARNING:/Users/n179911/chromium/src/chrome/renderer/renderer_main.cc(65)] Renderer (460) paused waiting for debugger to attach @ pid And then I got XCode and Attached to '460'. But i see this in my shell, and chromium never get launched. [460:11783:4914670085769:ERROR:/Users/n179911/chromium/src/ipc/ipc_channel_posix.cc(649)] pipe error on 3: Broken pipe Thank you for any help. On Thu, Jul 16, 2009 at 9:29 AM, hap497 hap...@gmail.com wrote: Hi, chromium.org has this http://dev.chromium.org/developers/how-tos/debugging for debugging renderer process on Windows. My question is how can I do the same in XCode on MacOS X? I go to Run-Attach To Process, all the menu item entries are disabled. Thank you for any tip. -- Mike Pinkerton Mac Weenie pinker...@google.com --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
Don't we farm out a separate process for favicon decoding? And for theme image decoding as well? On Wed, Jul 29, 2009 at 11:44 AM, Jeremy Orlowjor...@chromium.org wrote: Are there other things currently done in the browser process that'd be nice to do in a sandboxed utility process like this? Is there any work that the browser farms out to renderer processes that might be cleaner to do in a utility process? If so, I'd propose making the design for this new process a bit more general purpose. Honestly, I don't think there's much to do. And I think it'd be OK to say that all work done by this process would need to be stateless (so we can kill it and spin it back up at will). I'm not necessarily saying you need to do the work to make it general purpose now, but I definitely think it should be kept in mind while working on this. That way we don't need to worry about finding ourselves designed into a corner (and needing to create another another helper process). J On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote: Here is a design document for http://crbug.com/11746 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac Feedback welcome. -- Mike Pinkerton Mac Weenie pinker...@google.com --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
On Wed, Jul 29, 2009 at 11:52 AM, Mike Pinkerton pinker...@chromium.orgwrote: Don't we farm out a separate process for favicon decoding? And for theme image decoding as well? There are two things done by the utility process. Unpacking of themes (not just images but the unzipping of the packages, parsing of the JSON, and unpacking the images) and unpacking of web resources. That's WebResourceService, which seems right now to be used for the external tips list. Favicons do not appear to be handled by the utility process. Avi --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
As an aside, favicons are handled in the renderer, sandboxed. The renderer decodes them and reencodes them as PNG to ensure that they're safe before handing them off to the browser process. Trace the ViewMsg_DownloadFavIcon, ViewHostMsg_UpdateFavIconURL, and ViewHostMsg_DidDownloadFavIcon messages for more detail. Avi On Wed, Jul 29, 2009 at 12:00 PM, Avi Drissman a...@chromium.org wrote: On Wed, Jul 29, 2009 at 11:52 AM, Mike Pinkerton pinker...@chromium.orgwrote: Don't we farm out a separate process for favicon decoding? And for theme image decoding as well? There are two things done by the utility process. Unpacking of themes (not just images but the unzipping of the packages, parsing of the JSON, and unpacking the images) and unpacking of web resources. That's WebResourceService, which seems right now to be used for the external tips list. Favicons do not appear to be handled by the utility process. Avi --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote: On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote: That seems overly simplistic to me - for example, just because I sometimes want to let a chat app have access to my camera, doesn't mean I want it always to have access. Given the number of users I've seen fix this problem with duct tape, I think I can conclude that users would use controls if they had controls they understood and trusted. I don't agree. I believe granularity is not only useless but harmful for the majority of users. See user studies of desktop app install flows or options dialogs that universally conclude that giving people more choices helps a small number of people and loses a large number. This is the philosophy we designed Chrome around, so we're strong backers of it. I agree on principle. I can imagine a couple ways the web app might state the capabilities it needs up front. The problem is that, with newer versions of the application, the needs might change. But how do we keep them from changing so often that the user just gets used to clicking 'yes' every time? I can't think of any good solution for this. Anyway, I think we've gotten a bit abstract here. It's good to talk about this in general, but in the mean time I'm not sure what to do for LocalStorage. Is the fixed quota per origin a good way to start? If so, is the plan to leave it that way until someone tries to tackle this stuff in a more unified way? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
I wonder if we could use something like the plug-in sandbox for the main browser process in the intermediate term. That way the browser could still have HWNDs and the like. Adam On Wed, Jul 29, 2009 at 9:44 AM, Linus Upsonli...@google.com wrote: I realize this is not a small request, but it would be better if we could move to a model where the browser was sandboxed and talked to a much simpler process to carry out trusted operations on its behalf. Linus On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote: Here is a design document for http://crbug.com/11746 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac Feedback welcome. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: [linux, maybe mac] gcc -fvisibility=hidden
On Tue, Jul 28, 2009 at 11:18 PM, Brian Rynerbry...@google.com wrote: The -fvisibility=hidden flag is maybe supposed to do this (see discussion on http://gcc.gnu.org/wiki/Visibility ), but I tried building both with and without it and found that: - in debug builds, objdump -T shows all of our symbols, regardless of the flags I pass to gcc or strip Can you paste a snippet of the objdump -T output you see for a debug binary? I'd also be interested in the answer to Mark's question -- is the binary being linked with -E? As I said before, I don't really know what I'm doing -- I wrote my mail to mostly summarize the result of tried building it both with and without this flag and saw no difference. There is no -E. Maybe I don't understand what objdump -CT is telling me... aha! It turns out that the vast majority of the symbols I mentioned are C++ templates. % objdump -CT out/Debug/chrome | wc -l 43740 % objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l 2591 Here are a few examples of the output pre-filtering: 083fa306 w DF .text 0011 Base std::reverse_iteratorstd::_List_iteratorstd::pairRenderWidgetHost*, BackingStore* ::base() const 090104dc w DF .text 0022 Basevoid std::swapWebCore::CSSFontFace*(WebCore::CSSFontFace*, WebCore::CSSFontFace*) 0 Of the remaining symbols after that egrep -v, it's mostly stuff I'd expect, though I still see v8 templates marked weak: 091b7d12 w DF .text 0013 Basev8::Localv8::Integer::Local() DF *UND* Basegtk_tree_model_get_value 0884d056 w DF .text 001a Base v8::Localv8::String::Localv8::String(v8::String*) DF *UND* Basegtk_grab_add DF *UND* Basegtk_hbutton_box_new DF *UND* NSS_3.4 SSL_GetChannelInfo DF *UND* GLIBC_2.4 __stack_chk_fail 086a6698 gDF .text 010a Baseuprv_ebcdicFromAscii_3_8 0866af2e gDF .text 00d1 Baseuprv_fmin_3_8 DF *UND* Basegtk_widget_get_visual 091ab20c gDF .text 005d Base v8::ObjectTemplate::InternalFieldCount() 0885e164 w DF .text 0013 Base v8::Persistentv8::String::Persistent() DF *UND* Base gtk_file_chooser_set_preview_widget_active DF *UND* Basegdk_display_get_pointer 0880e3a2 gDF .text 02f4 Baseucol_tok_getNextArgument_3_8 086e6d5c gDF .text 01a1 Baseupname_swap_3_8 Flags we use follow: # Enable -Werror by default, but put it in a variable so it can # be disabled in ~/.gyp/include.gypi on the valgrind builders. 'variables': { 'werror%': '-Werror', }, 'cflags': [ '(werror)', # See note above about the werror variable. '-pthread', '-fno-exceptions', '-Wall', ], 'cflags_cc': [ '-fno-threadsafe-statics', ], 'ldflags': [ '-pthread', ], --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] FYI: a new problem with the latest patch for 2008 SP1 (from today/yesterday)
if you get the latest patch of VS2008SP1 (released yesterday) you will not be able to compile chrome you will get errors relating to '_Swap_adl' i googled it a bit, and till MS fixes it i simply modified 2 files in the inc dir tuple xutility and changed '_Swap_adl' to 'swap' - note the lowercase also due to permissions you might not be able to modify the file, so i did this in an elevated cmd prompt ok, now you know, here is where i got most of the info from http://social.msdn.microsoft.com/Forums/en-US/vcgeneral/thread/4bc93a16-4ad5-496c-954c-45efbe4b180b --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. Linus On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote: I would say that if all the browsers are doing 5MB fixed quota for local storage, it is a good way to start. Sadly, I think we need to start thinking about this now for databases though (certainly I don't want to hit yes 4,000 times as my gmail syncs up to 20GB) 2009/7/29 Jeremy Orlow jor...@google.com On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote: On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote: That seems overly simplistic to me - for example, just because I sometimes want to let a chat app have access to my camera, doesn't mean I want it always to have access. Given the number of users I've seen fix this problem with duct tape, I think I can conclude that users would use controls if they had controls they understood and trusted. I don't agree. I believe granularity is not only useless but harmful for the majority of users. See user studies of desktop app install flows or options dialogs that universally conclude that giving people more choices helps a small number of people and loses a large number. This is the philosophy we designed Chrome around, so we're strong backers of it. I agree on principle. I can imagine a couple ways the web app might state the capabilities it needs up front. The problem is that, with newer versions of the application, the needs might change. But how do we keep them from changing so often that the user just gets used to clicking 'yes' every time? I can't think of any good solution for this. Anyway, I think we've gotten a bit abstract here. It's good to talk about this in general, but in the mean time I'm not sure what to do for LocalStorage. Is the fixed quota per origin a good way to start? If so, is the plan to leave it that way until someone tries to tackle this stuff in a more unified way? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
I've been starting to lean in this direction as well. The problem is that extensions are currently not cross-platform and would require separate implementations for each platform. And in many cases the extension delivery mechanism is under the control of an arbitrary third party (i.e. Google, Mozilla, Apple, etc) who has control over which extensions can be hosted, which is not particularly open-web-by. It might be a reasonable starting point, though, with the goal being to sort through the security and installation issues and eventually come up with a cross-platform API in a future HTML version. -atw On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. Linus On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote: I would say that if all the browsers are doing 5MB fixed quota for local storage, it is a good way to start. Sadly, I think we need to start thinking about this now for databases though (certainly I don't want to hit yes 4,000 times as my gmail syncs up to 20GB) 2009/7/29 Jeremy Orlow jor...@google.com On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote: On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote: That seems overly simplistic to me - for example, just because I sometimes want to let a chat app have access to my camera, doesn't mean I want it always to have access. Given the number of users I've seen fix this problem with duct tape, I think I can conclude that users would use controls if they had controls they understood and trusted. I don't agree. I believe granularity is not only useless but harmful for the majority of users. See user studies of desktop app install flows or options dialogs that universally conclude that giving people more choices helps a small number of people and loses a large number. This is the philosophy we designed Chrome around, so we're strong backers of it. I agree on principle. I can imagine a couple ways the web app might state the capabilities it needs up front. The problem is that, with newer versions of the application, the needs might change. But how do we keep them from changing so often that the user just gets used to clicking 'yes' every time? I can't think of any good solution for this. Anyway, I think we've gotten a bit abstract here. It's good to talk about this in general, but in the mean time I'm not sure what to do for LocalStorage. Is the fixed quota per origin a good way to start? If so, is the plan to leave it that way until someone tries to tackle this stuff in a more unified way? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
In the past, Hixie has been against the notion of installed applications. Perhaps for web pages that is the proper approach, however I really like (from a UI/usability/security) perspective the notion of installing something as a mechanism for granting trust. We can argue about how good the installation mechanism / process is, but I think it's the most understandable thing we have, and certainly better than putting up a dialog each time a site wants +5Mb. Likewise for things such as persistent workers / background pages that survive browser shutdown. In other words, LGTM 2009/7/29 Linus Upson li...@google.com I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. Linus On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote: I would say that if all the browsers are doing 5MB fixed quota for local storage, it is a good way to start. Sadly, I think we need to start thinking about this now for databases though (certainly I don't want to hit yes 4,000 times as my gmail syncs up to 20GB) 2009/7/29 Jeremy Orlow jor...@google.com On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote: On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote: That seems overly simplistic to me - for example, just because I sometimes want to let a chat app have access to my camera, doesn't mean I want it always to have access. Given the number of users I've seen fix this problem with duct tape, I think I can conclude that users would use controls if they had controls they understood and trusted. I don't agree. I believe granularity is not only useless but harmful for the majority of users. See user studies of desktop app install flows or options dialogs that universally conclude that giving people more choices helps a small number of people and loses a large number. This is the philosophy we designed Chrome around, so we're strong backers of it. I agree on principle. I can imagine a couple ways the web app might state the capabilities it needs up front. The problem is that, with newer versions of the application, the needs might change. But how do we keep them from changing so often that the user just gets used to clicking 'yes' every time? I can't think of any good solution for this. Anyway, I think we've gotten a bit abstract here. It's good to talk about this in general, but in the mean time I'm not sure what to do for LocalStorage. Is the fixed quota per origin a good way to start? If so, is the plan to leave it that way until someone tries to tackle this stuff in a more unified way? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. I like this approach. So the only loose end is this: what should we do (if anything) about malicious apps using thousands of sub-domains (which are each their own origin, and thus get their own 5mb) to fill up your machine. As far as I know, no other browser deals with this and it hasn't ever been a problem (...yet), so I guess we can just ignore it for the time being? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
Add them to the malware blacklist :) 2009/7/29 Jeremy Orlow jor...@chromium.org On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. I like this approach. So the only loose end is this: what should we do (if anything) about malicious apps using thousands of sub-domains (which are each their own origin, and thus get their own 5mb) to fill up your machine. As far as I know, no other browser deals with this and it hasn't ever been a problem (...yet), so I guess we can just ignore it for the time being? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On 29-Jul-09, at 2:31 PM, Ian Fette wrote: Add them to the malware blacklist :) Yeah, I think this is right. Bad acting websites should be considered malware, and blocked for that reason. Linus: I agree that we can (and probably should) work on the webapps list to build some good specifications about how offline applications communicate expectations about permission and space requirements. We should also, though, make sure that as useragents we provide some sort of UI for cataloguing what offline apps are installed, how much space they're taking, and provide mechanisms for removing them. cheers, mike --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Chromium-dev group. To post to this group, send email to chromium-dev@googlegroups.com To unsubscribe from this group, send email to chromium-dev+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/chromium-dev?hl=en -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
Everything is a cache. We are free to toss out local storage, databases, appcaches, cookies, etc. any time we want. I think the best way is to have a good eviction algorithm for local storage. What eviction algorithm are we using for the main browser cache? Perhaps some version of that that accounts for recency, usage, size, etc.? Linus On Wed, Jul 29, 2009 at 11:31 AM, Ian Fette i...@chromium.org wrote: Add them to the malware blacklist :) 2009/7/29 Jeremy Orlow jor...@chromium.org On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. I like this approach. So the only loose end is this: what should we do (if anything) about malicious apps using thousands of sub-domains (which are each their own origin, and thus get their own 5mb) to fill up your machine. As far as I know, no other browser deals with this and it hasn't ever been a problem (...yet), so I guess we can just ignore it for the time being? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On 29-Jul-09, at 2:32 PM, Drew Wilson wrote: BTW, I can't find the HTML5 sql storage spec anymore - google is totally failing me. Anyone have a link? http://dev.w3.org/html5/webstorage/ cheers, mike --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
It got ripped out because Mozilla has refused to implement. An old version is available at http://www.w3.org/TR/webstorage/ 2009/7/29 Drew Wilson atwil...@chromium.org I recall that the SQL Storage API allows developers to declare up front how much quota they want. Perhaps you should ask Hixie if we want to make this an option for local storage as well? BTW, I can't find the HTML5 sql storage spec anymore - google is totally failing me. Anyone have a link? -atw On Wed, Jul 29, 2009 at 11:29 AM, Jeremy Orlow jor...@chromium.orgwrote: On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. I like this approach. So the only loose end is this: what should we do (if anything) about malicious apps using thousands of sub-domains (which are each their own origin, and thus get their own 5mb) to fill up your machine. As far as I know, no other browser deals with this and it hasn't ever been a problem (...yet), so I guess we can just ignore it for the time being? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
that version no longer contains the sql database api :) you want http://www.w3.org/TR/webstorage/ 2009/7/29 Mike Beltzner beltz...@mozilla.com On 29-Jul-09, at 2:32 PM, Drew Wilson wrote: BTW, I can't find the HTML5 sql storage spec anymore - google is totally failing me. Anyone have a link? http://dev.w3.org/html5/webstorage/ cheers, mike --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Wed, Jul 29, 2009 at 11:28 AM, Drew Wilson atwil...@chromium.org wrote: I've been starting to lean in this direction as well. The problem is that extensions are currently not cross-platform and would require separate implementations for each platform. And in many cases the extension delivery mechanism is under the control of an arbitrary third party (i.e. Google, Mozilla, Apple, etc) who has control over which extensions can be hosted, which is not particularly open-web-by. It seems that a good approach is to make as much of the api into html5 as possible (like Shared Workers). Then there could be a small bit that is extension (platform) specific (making the Shared Worker a Persistent Worker). Then there is a small surface area which is not html 5. This also allows apps that to do a lot of things in a similar manner (even when they don't get the extra permissions). dave It might be a reasonable starting point, though, with the goal being to sort through the security and installation issues and eventually come up with a cross-platform API in a future HTML version. -atw On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. Linus On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette i...@chromium.org wrote: I would say that if all the browsers are doing 5MB fixed quota for local storage, it is a good way to start. Sadly, I think we need to start thinking about this now for databases though (certainly I don't want to hit yes 4,000 times as my gmail syncs up to 20GB) 2009/7/29 Jeremy Orlow jor...@google.com On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting pkast...@chromium.orgwrote: On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie b...@google.com wrote: That seems overly simplistic to me - for example, just because I sometimes want to let a chat app have access to my camera, doesn't mean I want it always to have access. Given the number of users I've seen fix this problem with duct tape, I think I can conclude that users would use controls if they had controls they understood and trusted. I don't agree. I believe granularity is not only useless but harmful for the majority of users. See user studies of desktop app install flows or options dialogs that universally conclude that giving people more choices helps a small number of people and loses a large number. This is the philosophy we designed Chrome around, so we're strong backers of it. I agree on principle. I can imagine a couple ways the web app might state the capabilities it needs up front. The problem is that, with newer versions of the application, the needs might change. But how do we keep them from changing so often that the user just gets used to clicking 'yes' every time? I can't think of any good solution for this. Anyway, I think we've gotten a bit abstract here. It's good to talk about this in general, but in the mean time I'm not sure what to do for LocalStorage. Is the fixed quota per origin a good way to start? If so, is the plan to leave it that way until someone tries to tackle this stuff in a more unified way? J --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Chromium-dev group. To post to this group, send email to chromium-dev@googlegroups.com To unsubscribe from this group, send email to chromium-dev+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/chromium-dev?hl=en -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
BTW, this probably came off wrong. Mozilla and others had concerns about the SQL-database versions, which I believe largely circled around the fact that it wasn't well specified, everyone was just using sqlite, and there weren't really multiple independent implementations, and as a result it was removed from the spec and put on hold until some of these issues could be resolved. Sorry if my email came across as anti-mozilla -- not the intent. 2009/7/29 Ian Fette i...@chromium.org It got ripped out because Mozilla has refused to implement. An old version is available at http://www.w3.org/TR/webstorage/ 2009/7/29 Drew Wilson atwil...@chromium.org I recall that the SQL Storage API allows developers to declare up front how much quota they want. Perhaps you should ask Hixie if we want to make this an option for local storage as well? BTW, I can't find the HTML5 sql storage spec anymore - google is totally failing me. Anyone have a link? -atw On Wed, Jul 29, 2009 at 11:29 AM, Jeremy Orlow jor...@chromium.orgwrote: On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. I like this approach. So the only loose end is this: what should we do (if anything) about malicious apps using thousands of sub-domains (which are each their own origin, and thus get their own 5mb) to fill up your machine. As far as I know, no other browser deals with this and it hasn't ever been a problem (...yet), so I guess we can just ignore it for the time being? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On 29-Jul-09, at 2:35 PM, Ian Fette wrote: It got ripped out because Mozilla has refused to implement. An old version is available at http://www.w3.org/TR/webstorage/ Well, more because people felt like it was a contentious item that was bloating / delaying the completion of HTML5. The contention is (rightly, I think) about whether or not it makes sense to standardize on SQLite, which MSFT is unlikely to ever ship, and which exists in extremely different flavours and is itself a very different flavour from SQL which itself isn't standardized. Grizzly details in this thread: http://lists.w3.org/Archives/Public/public-webapps/2009AprJun/0106.html cheers, mike (thanks to Ian for clarifying, too!) --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
I recall that the SQL Storage API allows developers to declare up front how much quota they want. Perhaps you should ask Hixie if we want to make this an option for local storage as well? BTW, I can't find the HTML5 sql storage spec anymore - google is totally failing me. Anyone have a link? -atw On Wed, Jul 29, 2009 at 11:29 AM, Jeremy Orlow jor...@chromium.org wrote: On Wed, Jul 29, 2009 at 11:15 AM, Linus Upson li...@google.com wrote: I'm coming to the opinion that we should leverage the install mechanism of the extension system for apps that need special permissions, increased quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in our extension world exceptionally lightweight. It only needs to make the special capability available to the page. As Maciej brought up on the whatwg list, the extension system gives us multiple affirmative steps, vetting, reputation and revocation. It also gives us a UI access point. All of these are important for controlling apps that aren't safe and stateless. I like this approach. So the only loose end is this: what should we do (if anything) about malicious apps using thousands of sub-domains (which are each their own origin, and thus get their own 5mb) to fill up your machine. As far as I know, no other browser deals with this and it hasn't ever been a problem (...yet), so I guess we can just ignore it for the time being? J --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Wed, Jul 29, 2009 at 11:28 AM, Drew Wilsonatwil...@chromium.org wrote: I've been starting to lean in this direction as well. The problem is that extensions are currently not cross-platform and would require separate implementations for each platform. Just to clarify, you really mean cross-browser, right? Chrome and Firefox extensions are both cross-platform (in the OS sense). And in many cases the extension delivery mechanism is under the control of an arbitrary third party (i.e. Google, Mozilla, Apple, etc) who has control over which extensions can be hosted, which is not particularly open-web-by. That isn't true. In the case of both Chrome and Firefox, extensions can be installed from anywhere on the web, though it is true that there are additional UI roadblocks for the case of installing from an untrusted source. - a --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
I agree on the need for a better UI to manage cached resources and selectively clear parts of the cache. The current web model of per-origin grouping isn't very satisfying because some apps span multiple origins and some origins host multiple apps. Given the extensive discussions around this for the past few years I'm not optimistic a better answer is forthcoming. In the end, perhaps it doesn't matter. If the browser is smart about managing its caches, the right thing should just happen without the user doing anything special. If I use offline gmail a bunch, and have for a long time, the browser should never throw away its appcache, databases, cookies, files, etc. If I went to some random site once which availed itself of an appcache and database on my machine the browser should throw those away first if I suffer space pressure. Linus On Wed, Jul 29, 2009 at 11:34 AM, Mike Beltzner beltz...@mozilla.comwrote: On 29-Jul-09, at 2:31 PM, Ian Fette wrote: Add them to the malware blacklist :) Yeah, I think this is right. Bad acting websites should be considered malware, and blocked for that reason. Linus: I agree that we can (and probably should) work on the webapps list to build some good specifications about how offline applications communicate expectations about permission and space requirements. We should also, though, make sure that as useragents we provide some sort of UI for cataloguing what offline apps are installed, how much space they're taking, and provide mechanisms for removing them. cheers, mike --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
On Wed, Jul 29, 2009 at 9:44 AM, Linus Upson li...@google.com wrote: I realize this is not a small request, but it would be better if we could move to a model where the browser was sandboxed and talked to a much simpler process to carry out trusted operations on its behalf. While I like the general goal of what you're proposing, the downside of this approach is that if there's a crash, you lose the browser process. If we still wind up storing much of the state of the browser in this main process, then we lose a lot of state and potentially cause much of the browser to become unusable (I'm assuming that the whole browser wouldn't crash since the 'microkernel' would likely keep everything running). When one of these utility process crashes, we only lose that operation. Erik Linus On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote: Here is a design document for http://crbug.com/11746 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac Feedback welcome. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
Sorry. The point of my sandbox the browser suggestion wasn't to increase robustness in the case of failure. It was only to limit the damage an exploit might cause. The browser process is complicated enough that it is hard to secure. A small broker would be easier to understand and make resistant to attack. Linus On Wed, Jul 29, 2009 at 1:40 PM, Erik Kay erik...@chromium.org wrote: On Wed, Jul 29, 2009 at 9:44 AM, Linus Upson li...@google.com wrote: I realize this is not a small request, but it would be better if we could move to a model where the browser was sandboxed and talked to a much simpler process to carry out trusted operations on its behalf. While I like the general goal of what you're proposing, the downside of this approach is that if there's a crash, you lose the browser process. If we still wind up storing much of the state of the browser in this main process, then we lose a lot of state and potentially cause much of the browser to become unusable (I'm assuming that the whole browser wouldn't crash since the 'microkernel' would likely keep everything running). When one of these utility process crashes, we only lose that operation. Erik Linus On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote: Here is a design document for http://crbug.com/11746 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac Feedback welcome. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: [linux, maybe mac] gcc -fvisibility=hidden
On Wed, Jul 29, 2009 at 10:46 AM, Evan Martine...@chromium.org wrote: On Tue, Jul 28, 2009 at 11:18 PM, Brian Rynerbry...@google.com wrote: The -fvisibility=hidden flag is maybe supposed to do this (see discussion on http://gcc.gnu.org/wiki/Visibility ), but I tried building both with and without it and found that: - in debug builds, objdump -T shows all of our symbols, regardless of the flags I pass to gcc or strip Can you paste a snippet of the objdump -T output you see for a debug binary? I'd also be interested in the answer to Mark's question -- is the binary being linked with -E? As I said before, I don't really know what I'm doing -- I wrote my mail to mostly summarize the result of tried building it both with and without this flag and saw no difference. There is no -E. Maybe I don't understand what objdump -CT is telling me... aha! It turns out that the vast majority of the symbols I mentioned are C++ templates. % objdump -CT out/Debug/chrome | wc -l 43740 % objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l 2591 Here are a few examples of the output pre-filtering: 083fa306 w DF .text 0011 Base std::reverse_iteratorstd::_List_iteratorstd::pairRenderWidgetHost*, BackingStore* ::base() const 090104dc w DF .text 0022 Base void std::swapWebCore::CSSFontFace*(WebCore::CSSFontFace*, WebCore::CSSFontFace*) 0 Of the remaining symbols after that egrep -v, it's mostly stuff I'd expect, though I still see v8 templates marked weak: 091b7d12 w DF .text 0013 Base v8::Localv8::Integer::Local() DF *UND* Base gtk_tree_model_get_value 0884d056 w DF .text 001a Base v8::Localv8::String::Localv8::String(v8::String*) DF *UND* Base gtk_grab_add DF *UND* Base gtk_hbutton_box_new DF *UND* NSS_3.4 SSL_GetChannelInfo DF *UND* GLIBC_2.4 __stack_chk_fail 086a6698 g DF .text 010a Base uprv_ebcdicFromAscii_3_8 0866af2e g DF .text 00d1 Base uprv_fmin_3_8 DF *UND* Base gtk_widget_get_visual 091ab20c g DF .text 005d Base v8::ObjectTemplate::InternalFieldCount() 0885e164 w DF .text 0013 Base v8::Persistentv8::String::Persistent() DF *UND* Base gtk_file_chooser_set_preview_widget_active DF *UND* Base gdk_display_get_pointer 0880e3a2 g DF .text 02f4 Base ucol_tok_getNextArgument_3_8 086e6d5c g DF .text 01a1 Base upname_swap_3_8 Flags we use follow: # Enable -Werror by default, but put it in a variable so it can # be disabled in ~/.gyp/include.gypi on the valgrind builders. 'variables': { 'werror%': '-Werror', }, 'cflags': [ '(werror)', # See note above about the werror variable. '-pthread', '-fno-exceptions', '-Wall', ], 'cflags_cc': [ '-fno-threadsafe-statics', ], 'ldflags': [ '-pthread', ], I have been going through the same pains with o3d, trying to get rid of all exports, see http://codereview.chromium.org/160317 though I haven't removed all of them. It turns out that both ICU (all your u.*3_8) and v8 (that we both use in o3d) force __attribute__((visibility(default))) on some API symbols (ie force export regardless of -fvisibility). You can get rid of most of the ICU ones if you compile with U_STATIC_IMPLEMENTATION but not U_COMBINED_IMPLEMENTATION, but there are still some left. For v8, all the public API is tagged with default visibility. For the STL template instantiations, I'm seeing those too, and I don't know how to get rid of them. Antoine --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: [linux, maybe mac] gcc -fvisibility=hidden
On Wed, Jul 29, 2009 at 2:16 PM, Antoine Labour pi...@google.com wrote: On Wed, Jul 29, 2009 at 10:46 AM, Evan Martine...@chromium.org wrote: On Tue, Jul 28, 2009 at 11:18 PM, Brian Rynerbry...@google.com wrote: The -fvisibility=hidden flag is maybe supposed to do this (see discussion on http://gcc.gnu.org/wiki/Visibility ), but I tried building both with and without it and found that: - in debug builds, objdump -T shows all of our symbols, regardless of the flags I pass to gcc or strip Can you paste a snippet of the objdump -T output you see for a debug binary? I'd also be interested in the answer to Mark's question -- is the binary being linked with -E? As I said before, I don't really know what I'm doing -- I wrote my mail to mostly summarize the result of tried building it both with and without this flag and saw no difference. There is no -E. Maybe I don't understand what objdump -CT is telling me... aha! It turns out that the vast majority of the symbols I mentioned are C++ templates. % objdump -CT out/Debug/chrome | wc -l 43740 % objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l 2591 Here are a few examples of the output pre-filtering: 083fa306 w DF .text 0011 Base std::reverse_iteratorstd::_List_iteratorstd::pairRenderWidgetHost*, BackingStore* ::base() const 090104dc w DF .text 0022 Basevoid std::swapWebCore::CSSFontFace*(WebCore::CSSFontFace*, WebCore::CSSFontFace*) 0 Of the remaining symbols after that egrep -v, it's mostly stuff I'd expect, though I still see v8 templates marked weak: 091b7d12 w DF .text 0013 Base v8::Localv8::Integer::Local() DF *UND* Basegtk_tree_model_get_value 0884d056 w DF .text 001a Base v8::Localv8::String::Localv8::String(v8::String*) DF *UND* Basegtk_grab_add DF *UND* Basegtk_hbutton_box_new DF *UND* NSS_3.4 SSL_GetChannelInfo DF *UND* GLIBC_2.4 __stack_chk_fail 086a6698 gDF .text 010a Baseuprv_ebcdicFromAscii_3_8 0866af2e gDF .text 00d1 Baseuprv_fmin_3_8 DF *UND* Basegtk_widget_get_visual 091ab20c gDF .text 005d Base v8::ObjectTemplate::InternalFieldCount() 0885e164 w DF .text 0013 Base v8::Persistentv8::String::Persistent() DF *UND* Base gtk_file_chooser_set_preview_widget_active DF *UND* Basegdk_display_get_pointer 0880e3a2 gDF .text 02f4 Base ucol_tok_getNextArgument_3_8 086e6d5c gDF .text 01a1 Baseupname_swap_3_8 Flags we use follow: # Enable -Werror by default, but put it in a variable so it can # be disabled in ~/.gyp/include.gypi on the valgrind builders. 'variables': { 'werror%': '-Werror', }, 'cflags': [ '(werror)', # See note above about the werror variable. '-pthread', '-fno-exceptions', '-Wall', ], 'cflags_cc': [ '-fno-threadsafe-statics', ], 'ldflags': [ '-pthread', ], I have been going through the same pains with o3d, trying to get rid of all exports, see http://codereview.chromium.org/160317 though I haven't removed all of them. It turns out that both ICU (all your u.*3_8) and v8 (that we both use in o3d) force __attribute__((visibility(default))) on some API symbols (ie force export regardless of -fvisibility). You can get rid of most of the ICU ones if you compile with U_STATIC_IMPLEMENTATION but not U_COMBINED_IMPLEMENTATION, but there are still some left. For v8, all the public API is tagged with default visibility. For the STL template instantiations, I'm seeing those too, and I don't know how to get rid of them. Antoine Maybe the V8 team would accept a patch to make that tagging conditional on a preprocessor define. -Darin --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
The plug-in sandbox is too weak to be robust, see the other thread about it. As long as it has access to HWNDs, it's very easy to break out of it. On Wed, Jul 29, 2009 at 10:43 AM, Adam Barth aba...@chromium.org wrote: I wonder if we could use something like the plug-in sandbox for the main browser process in the intermediate term. That way the browser could still have HWNDs and the like. Adam On Wed, Jul 29, 2009 at 9:44 AM, Linus Upsonli...@google.com wrote: I realize this is not a small request, but it would be better if we could move to a model where the browser was sandboxed and talked to a much simpler process to carry out trusted operations on its behalf. Linus On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote: Here is a design document for http://crbug.com/11746 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac Feedback welcome. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: [linux, maybe mac] gcc -fvisibility=hidden
On Wed, Jul 29, 2009 at 2:16 PM, Antoine Labourpi...@google.com wrote: On Wed, Jul 29, 2009 at 10:46 AM, Evan Martine...@chromium.org wrote: It turns out that the vast majority of the symbols I mentioned are C++ templates. % objdump -CT out/Debug/chrome | wc -l 43740 % objdump -CT out/Debug/chrome | egrep -v 'std|cxx' | wc -l 2591 For the STL template instantiations, I'm seeing those too, and I don't know how to get rid of them. From looking a bit, it seems like there are a lot of GCC bugs around the versions we're running in this area: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=32470 Someday I will build with a gcc under two years old. ;) --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Adding a Custom Scheme
You are pretty close. What you want to do is override URLRequestJob::IsRedirectResponse(), rather than trying to do the redirect in the factory. Something like this should work: class URLRequestCustomJob : public URLRequestJob { public: explicit URLRequestCustomJob(URLRequest* request) : URLRequestJob(request) {} // URLRequestJob methods: virtual void Start() { NotifyHeadersComplete(); } virtual bool IsRedirectResponse(GURL* location, int* http_status_code) { *http_status_code = 301; *location = GURL(http://i-redirected-you/cuz-im-the-awesome;); return true; } static URLRequestJob* Factory(URLRequest* request, const std::string scheme) { return new URLRequestCustomJob(request); } }; On Mon, Jul 27, 2009 at 5:44 PM, Kruncherleaha...@gmail.com wrote: Hi, I am trying to add a custom scheme to the Chromium browser. I am trying to write a scheme that will transparently redirect requests to another URL. For some reason, however, my custom scheme does not appear to get recognized. Could somebody tell me what I am doing wrong? For the time being I have added the following code to the chrome_exe_main.cc source. // // Added above the main Windows function. // #include net/url_request/url_request.h #include net/url_request/url_request_http_job.h static const char kCustomURLScheme[] = my-scheme; class URLRequestCustomJob : public URLRequestJob { public: static URLRequestJob* Factory(URLRequest* request, const std::string scheme) { DCHECK(scheme == my-scheme); // Redirect response to a local network resource. std::string requestPath = request-url().PathForRequest().replace (0, 10, http://192.168.1.4:8080;); // I tried using the following line, but it turns out that the Redirect function is protected. //request-Redirect(GURL(requestPath), request-status().status()); // So instead I am attempting to create a new request. request = new URLRequest(GURL(requestPath), request-delegate()); // Proceed with regular HTTP scheme factory. return URLRequestHttpJob::Factory(request, http); } }; // // Added above #if defined(GOOGLE_CHROME_BUILD) inside Windows main function. // // Register custom scheme: url_util::AddStandardScheme(kCustomURLScheme); URLRequest::RegisterProtocolFactory(kCustomURLScheme, URLRequestCustomJob::Factory); Many thanks, Lea Hayes --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Design Doc: out of process (v8) proxy resolving
On Wed, Jul 29, 2009 at 1:42 PM, Linus Upson li...@google.com wrote: Sorry. The point of my sandbox the browser suggestion wasn't to increase robustness in the case of failure. It was only to limit the damage an exploit might cause. The browser process is complicated enough that it is hard to secure. A small broker would be easier to understand and make resistant to attack. Right. Utility processes and a secure broker for a sandboxed browser solve different problems. My guess is that in an ideal world, we'd wind up with both, where places that had direct contact with untrusted data (like Eric's PAC proposal here) being put into isolated processes. Given that this was the thread you replied to, it seemed like you were suggesting that we'd be better off keeping this in process with a sandboxed browser (assuming we had time to do so, etc.). Erik Linus On Wed, Jul 29, 2009 at 1:40 PM, Erik Kay erik...@chromium.org wrote: On Wed, Jul 29, 2009 at 9:44 AM, Linus Upson li...@google.com wrote: I realize this is not a small request, but it would be better if we could move to a model where the browser was sandboxed and talked to a much simpler process to carry out trusted operations on its behalf. While I like the general goal of what you're proposing, the downside of this approach is that if there's a crash, you lose the browser process. If we still wind up storing much of the state of the browser in this main process, then we lose a lot of state and potentially cause much of the browser to become unusable (I'm assuming that the whole browser wouldn't crash since the 'microkernel' would likely keep everything running). When one of these utility process crashes, we only lose that operation. Erik Linus On Wed, Jul 29, 2009 at 3:29 AM, Eric Roman ero...@chromium.org wrote: Here is a design document for http://crbug.com/11746 http://sites.google.com/a/chromium.org/dev/developers/design-documents/out-of-process-v8-pac Feedback welcome. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Tue, Jul 28, 2009 at 8:40 PM, Jeremy Orlow jor...@chromium.org wrote: I'm starting to think ahead to how quotas will work with LocalStorage (and I assume database and maybe even AppCache). To begin with, I'll probably just set a fixed quota (5mb is pretty standard), but some apps will surely desire more space than that, so I think we'll need a more robust solution fairly quickly. (Maybe even before it comes out from behind the --enable-local-storage flag.) The question is how should we handle quotas from a UI perspective. One approach that seems obvious to a lot of people I've talked to is asking the user (maybe via an info bar?) whenever an origin hits its limit (before we decide whether to return a quota exceeded error or not). The problem is that WebKit (in the renderer) can't block on the UI thread (since it may be blocked on WebKit). Maybe it's safe to pump plugin related events while in the middle of a JavaScript context? If not, then I'm not sure if any just-in-time solution like this is going to be viable. It is possible to stop JS execution to wait on the browser process, just like what we do for alerts/showModalDialog. This involves running a nested message loop, which we try to avoid unless absolutely necessary because of reentrancy issues (but in this case, it's necessary so it's ok). We could implement heuristics that predict when LocalStorage is about to run out of space, but if we don't predict it in time, we will have to send a quota exceeded exception to the script. A lot of common use cases like you syncing gmail for the first time would make this difficult to do well, I think. Safari buries the setting in the preferences menu. That would be better than nothing, I suppose. Any other ideas? Jeremy --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Quota UI for LocalStorage (and others in the future)
On Wed, Jul 29, 2009 at 2:48 PM, John Abd-El-Malek j...@chromium.org wrote: On Tue, Jul 28, 2009 at 8:40 PM, Jeremy Orlow jor...@chromium.org wrote: I'm starting to think ahead to how quotas will work with LocalStorage (and I assume database and maybe even AppCache). To begin with, I'll probably just set a fixed quota (5mb is pretty standard), but some apps will surely desire more space than that, so I think we'll need a more robust solution fairly quickly. (Maybe even before it comes out from behind the --enable-local-storage flag.) The question is how should we handle quotas from a UI perspective. One approach that seems obvious to a lot of people I've talked to is asking the user (maybe via an info bar?) whenever an origin hits its limit (before we decide whether to return a quota exceeded error or not). The problem is that WebKit (in the renderer) can't block on the UI thread (since it may be blocked on WebKit). Maybe it's safe to pump plugin related events while in the middle of a JavaScript context? If not, then I'm not sure if any just-in-time solution like this is going to be viable. It is possible to stop JS execution to wait on the browser process, just like what we do for alerts/showModalDialog. This involves running a nested message loop, which we try to avoid unless absolutely necessary because of reentrancy issues (but in this case, it's necessary so it's ok). Ha. Way to bring the discussion full-circle. :-) Anyway, it sounds like we're never going to change the quota during JS execution so a nested message loop won't be necessary here. Thanks for the clarification though. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] --new-baseline producing baselines for wrong platform
Starting with a clean tree, then running ./webkit/tools/layout_tests/run_webkit_tests.sh --debug --new-baseline LayoutTests/plugins/mouse-events.html on Linux, it seems to overwrite the Mac/Win expectations. % git ls-files --modified webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt Why? This seems very wrong. PS: It prints the following while running: 090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux which is where I'd expect the output to go. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: --new-baseline producing baselines for wrong platform
This is a text only test (uses layoutTestController.dumpAsText()) so the Linux results should match windows exactly so we don't generate a Linux specific result. The test runner will fallback to the Windows result from Linux as well. You just need to verify that the results are correct on Windows and Mac (you can get these from the waterfall). On Wed, Jul 29, 2009 at 3:03 PM, Evan Martine...@chromium.org wrote: Starting with a clean tree, then running ./webkit/tools/layout_tests/run_webkit_tests.sh --debug --new-baseline LayoutTests/plugins/mouse-events.html on Linux, it seems to overwrite the Mac/Win expectations. % git ls-files --modified webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt Why? This seems very wrong. PS: It prints the following while running: 090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux which is where I'd expect the output to go. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: --new-baseline producing baselines for wrong platform
That sorta makes sense. But then why does it generate a mac baseline too? On Wed, Jul 29, 2009 at 3:18 PM, Tony Changt...@chromium.org wrote: This is a text only test (uses layoutTestController.dumpAsText()) so the Linux results should match windows exactly so we don't generate a Linux specific result. The test runner will fallback to the Windows result from Linux as well. You just need to verify that the results are correct on Windows and Mac (you can get these from the waterfall). On Wed, Jul 29, 2009 at 3:03 PM, Evan Martine...@chromium.org wrote: Starting with a clean tree, then running ./webkit/tools/layout_tests/run_webkit_tests.sh --debug --new-baseline LayoutTests/plugins/mouse-events.html on Linux, it seems to overwrite the Mac/Win expectations. % git ls-files --modified webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt Why? This seems very wrong. PS: It prints the following while running: 090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux which is where I'd expect the output to go. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Adding a Custom Scheme
The entry point would be to enter a URL that uses the custom scheme. i.e. you would need to type in my-scheme://some-url to reach the custom scheme handler. Not sure what you are trying to build. On Wed, Jul 29, 2009 at 3:39 PM, Kruncherleaha...@gmail.com wrote: Hi Eric, I have just tried the code that you have suggested, however, if I enter a URL in the Chromium location bar and hit enter, Chromium is still defaulting to a Google search. I have tried placing a breakpoint within the constructor and each of the virtual methods, and the factory method. When running in debug mode, none of these breakpoints are being hit. I tried adding a breakpoint directly after the factory is being registered, and the program is breaking at this point. Thanks for your help! On 29 July, 22:32, Eric Roman ero...@chromium.org wrote: You are pretty close. What you want to do is override URLRequestJob::IsRedirectResponse(), rather than trying to do the redirect in the factory. Something like this should work: class URLRequestCustomJob : public URLRequestJob { public: explicit URLRequestCustomJob(URLRequest* request) : URLRequestJob(request) {} // URLRequestJob methods: virtual void Start() { NotifyHeadersComplete(); } virtual bool IsRedirectResponse(GURL* location, int* http_status_code) { *http_status_code = 301; *location = GURL(http://i-redirected-you/cuz-im-the-awesome;); return true; } static URLRequestJob* Factory(URLRequest* request, const std::string scheme) { return new URLRequestCustomJob(request); } }; On Mon, Jul 27, 2009 at 5:44 PM, Kruncherleaha...@gmail.com wrote: Hi, I am trying to add a custom scheme to the Chromium browser. I am trying to write a scheme that will transparently redirect requests to another URL. For some reason, however, my custom scheme does not appear to get recognized. Could somebody tell me what I am doing wrong? For the time being I have added the following code to the chrome_exe_main.cc source. // // Added above the main Windows function. // #include net/url_request/url_request.h #include net/url_request/url_request_http_job.h static const char kCustomURLScheme[] = my-scheme; class URLRequestCustomJob : public URLRequestJob { public: static URLRequestJob* Factory(URLRequest* request, const std::string scheme) { DCHECK(scheme == my-scheme); // Redirect response to a local network resource. std::string requestPath = request-url().PathForRequest().replace (0, 10, http://192.168.1.4:8080;); // I tried using the following line, but it turns out that the Redirect function is protected. //request-Redirect(GURL(requestPath), request-status().status()); // So instead I am attempting to create a new request. request = new URLRequest(GURL(requestPath), request-delegate()); // Proceed with regular HTTP scheme factory. return URLRequestHttpJob::Factory(request, http); } }; // // Added above #if defined(GOOGLE_CHROME_BUILD) inside Windows main function. // // Register custom scheme: url_util::AddStandardScheme(kCustomURLScheme); URLRequest::RegisterProtocolFactory(kCustomURLScheme, URLRequestCustomJob::Factory); Many thanks, Lea Hayes --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: --new-baseline producing baselines for wrong platform
Because mac doesn't have a fallback path to the windows results. So we could have put the same result file in win/linux/mac directories, but we do a small optimization and don't write the linux results because it falls back to windows results. On Wed, Jul 29, 2009 at 3:52 PM, Evan Martine...@chromium.org wrote: That sorta makes sense. But then why does it generate a mac baseline too? On Wed, Jul 29, 2009 at 3:18 PM, Tony Changt...@chromium.org wrote: This is a text only test (uses layoutTestController.dumpAsText()) so the Linux results should match windows exactly so we don't generate a Linux specific result. The test runner will fallback to the Windows result from Linux as well. You just need to verify that the results are correct on Windows and Mac (you can get these from the waterfall). On Wed, Jul 29, 2009 at 3:03 PM, Evan Martine...@chromium.org wrote: Starting with a clean tree, then running ./webkit/tools/layout_tests/run_webkit_tests.sh --debug --new-baseline LayoutTests/plugins/mouse-events.html on Linux, it seems to overwrite the Mac/Win expectations. % git ls-files --modified webkit/data/layout_tests/platform/chromium-mac/LayoutTests/plugins/mouse-events-expected.txt webkit/data/layout_tests/platform/chromium-win/LayoutTests/plugins/mouse-events-expected.txt Why? This seems very wrong. PS: It prints the following while running: 090729 15:01:01 run_webkit_tests.py:1035 INFO Placing new baselines in /work/chrome/src/webkit/data/layout_tests/platform/chromium-linux which is where I'd expect the output to go. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Adding a Custom Scheme
Those are the kinds of URL's that I have been trying, but when I hit enter it reverts to: http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme://some-url It seems almost as though the scheme factory is not getting registered. I am working on a help viewer. When the viewer is opened a local web server is initialized on port 8080 (for the time being). I basically want to rewrite all URLs that begin with my-scheme:// with http:// 192.168.1.4:8080/ the local machines IP address and port. On 30 July, 00:10, Eric Roman ero...@chromium.org wrote: The entry point would be to enter a URL that uses the custom scheme. i.e. you would need to type in my-scheme://some-url to reach the custom scheme handler. Not sure what you are trying to build. On Wed, Jul 29, 2009 at 3:39 PM, Kruncherleaha...@gmail.com wrote: Hi Eric, I have just tried the code that you have suggested, however, if I enter a URL in the Chromium location bar and hit enter, Chromium is still defaulting to a Google search. I have tried placing a breakpoint within the constructor and each of the virtual methods, and the factory method. When running in debug mode, none of these breakpoints are being hit. I tried adding a breakpoint directly after the factory is being registered, and the program is breaking at this point. Thanks for your help! On 29 July, 22:32, Eric Roman ero...@chromium.org wrote: You are pretty close. What you want to do is override URLRequestJob::IsRedirectResponse(), rather than trying to do the redirect in the factory. Something like this should work: class URLRequestCustomJob : public URLRequestJob { public: explicit URLRequestCustomJob(URLRequest* request) : URLRequestJob(request) {} // URLRequestJob methods: virtual void Start() { NotifyHeadersComplete(); } virtual bool IsRedirectResponse(GURL* location, int* http_status_code) { *http_status_code = 301; *location = GURL(http://i-redirected-you/cuz-im-the-awesome;); return true; } static URLRequestJob* Factory(URLRequest* request, const std::string scheme) { return new URLRequestCustomJob(request); } }; On Mon, Jul 27, 2009 at 5:44 PM, Kruncherleaha...@gmail.com wrote: Hi, I am trying to add a custom scheme to the Chromium browser. I am trying to write a scheme that will transparently redirect requests to another URL. For some reason, however, my custom scheme does not appear to get recognized. Could somebody tell me what I am doing wrong? For the time being I have added the following code to the chrome_exe_main.cc source. // // Added above the main Windows function. // #include net/url_request/url_request.h #include net/url_request/url_request_http_job.h static const char kCustomURLScheme[] = my-scheme; class URLRequestCustomJob : public URLRequestJob { public: static URLRequestJob* Factory(URLRequest* request, const std::string scheme) { DCHECK(scheme == my-scheme); // Redirect response to a local network resource. std::string requestPath = request-url().PathForRequest().replace (0, 10, http://192.168.1.4:8080;); // I tried using the following line, but it turns out that the Redirect function is protected. //request-Redirect(GURL(requestPath), request-status().status()); // So instead I am attempting to create a new request. request = new URLRequest(GURL(requestPath), request-delegate()); // Proceed with regular HTTP scheme factory. return URLRequestHttpJob::Factory(request, http); } }; // // Added above #if defined(GOOGLE_CHROME_BUILD) inside Windows main function. // // Register custom scheme: url_util::AddStandardScheme(kCustomURLScheme); URLRequest::RegisterProtocolFactory(kCustomURLScheme, URLRequestCustomJob::Factory); Many thanks, Lea Hayes --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Adding a Custom Scheme
On Wed, Jul 29, 2009 at 4:23 PM, Kruncher leaha...@gmail.com wrote: Those are the kinds of URL's that I have been trying, but when I hit enter it reverts to: http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme://some-url Put my-scheme://some-url in the address bar and set a breakpoint in URLRequestJobManager::SupportsScheme(). Now type a letter at the end. You should hit your breakpoint. Check and see if |factories_| contains your scheme. If not, you need to make that happen. If it does, and this function therefore returns true, there's some problem at the time you actually open the URL. PK --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] GetCursorPos vs. GetMessagePos
The following is Windows specific, but it may very well apply to other operating systems. If you find yourself writing code that needs to know the position of the mouse cursor, and you don't have easy access to the last mouse move event, you may find it tempting to call GetCursorPoshttp://msdn.microsoft.com/en-us/library/ms648390(VS.85).aspx. Afterall, it returns the position of the mouse cursor. However, using this function can result in subtle (and annoying) bugs such as http://crbug.com/2993. It turns out that since GetCursorPos returns the mouse position right now, it can actually confuse code that is also receiving inputs from mouse events. The message queue may be behind in processing mouse input events, and so the time sequencing of mouse movement as observed by GetCursorPos may appear out of sync with the delivery of mouse button events. The solution: Instead of calling GetCursorPos you should either refactor your code to be able to access input from mouse events consistently, or if that is not feasible then call GetMessagePoshttp://msdn.microsoft.com/en-us/library/ms644938(VS.85).aspx instead of GetCursorPos. That method returns the mouse position that was last observed by the event loop. By by unwanted detached tabs, -Darin --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: GetCursorPos vs. GetMessagePos
On Wed, Jul 29, 2009 at 4:48 PM, Darin Fisher da...@chromium.org wrote: The solution: Instead of calling GetCursorPos you should either refactor your code to be able to access input from mouse events consistently, or if that is not feasible then call GetMessagePoshttp://msdn.microsoft.com/en-us/library/ms644938(VS.85).aspx instead of GetCursorPos. That method returns the mouse position that was last observed by the event loop. Note: In occasional circumstances, GetCursorPos() is still correct. However, these are rare. You'd use this if, for example, you want to stick a fake mouse move event (that doesn't actually move the mouse) on the end of the event queue. Using GetCursorPos() ensures that your fake event won't actually move the mouse. If in doubt, you almost certainly want GetMessagePos(). By by unwanted detached tabs, Darin needs a context-sensitive spellchecker :) PK --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Chromium-dev group. To post to this group, send email to chromium-dev@googlegroups.com To unsubscribe from this group, send email to chromium-dev+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/chromium-dev?hl=en -~--~~~~--~~--~--~---
[chromium-dev] Re: Adding a Custom Scheme
When the debugger breaks inside the SupportsScheme function, the factories list does not include my-scheme. Perhaps I am trying to register the scheme too early? Do I need to add this directly below where the various chrome schemes are registered, or is it possible to keep it in the domain of a custom application? On 30 July, 00:40, Peter Kasting pkast...@google.com wrote: On Wed, Jul 29, 2009 at 4:23 PM, Kruncher leaha...@gmail.com wrote: Those are the kinds of URL's that I have been trying, but when I hit enter it reverts to: http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme:/... Put my-scheme://some-url in the address bar and set a breakpoint in URLRequestJobManager::SupportsScheme(). Now type a letter at the end. You should hit your breakpoint. Check and see if |factories_| contains your scheme. If not, you need to make that happen. If it does, and this function therefore returns true, there's some problem at the time you actually open the URL. PK --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: GetCursorPos vs. GetMessagePos
On Wed, Jul 29, 2009 at 4:48 PM, Darin Fisherda...@chromium.org wrote: The following is Windows specific, but it may very well apply to other operating systems. Yes, the GTK equivalent is gdk_display_get_pointer. We have a few of these that have snuck into our code over time that it would be nice to eliminate. It's even worse on X because the call underneath (XQueryPointer) does a blocking round-trip to the X server. http://www.google.com/codesearch/p?hl=ensa=Ncd=1ct=rc#_EBSL1YmJGU/gtk+-2.4.14/gdk/x11/gdkwindow-x11.cq=_gdk_windowing_window_get_pointerl=2918 --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Adding a Custom Scheme
At this point you know more about the problem than the majority of the Chrome team, so I suggest putting breakpoints in other code you're trying to emulate and figuring it out from there. :) On Wed, Jul 29, 2009 at 5:02 PM, Kruncherleaha...@gmail.com wrote: When the debugger breaks inside the SupportsScheme function, the factories list does not include my-scheme. Perhaps I am trying to register the scheme too early? Do I need to add this directly below where the various chrome schemes are registered, or is it possible to keep it in the domain of a custom application? On 30 July, 00:40, Peter Kasting pkast...@google.com wrote: On Wed, Jul 29, 2009 at 4:23 PM, Kruncher leaha...@gmail.com wrote: Those are the kinds of URL's that I have been trying, but when I hit enter it reverts to: http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme:/... Put my-scheme://some-url in the address bar and set a breakpoint in URLRequestJobManager::SupportsScheme(). Now type a letter at the end. You should hit your breakpoint. Check and see if |factories_| contains your scheme. If not, you need to make that happen. If it does, and this function therefore returns true, there's some problem at the time you actually open the URL. PK --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Running UI test in parallel (experimental)
Does each shard get its own profile? Or do they share? Does this mean that when you shard they're sharing the same browser process? Erik On Wed, Jul 29, 2009 at 3:28 PM, Huan Ren hu...@google.com wrote: I just checked in a change to run ui_tests in parallel based on sharding mechanism provided by GTest. Each ui_tests instance has its own user data dir, and the number of ui_tests instances is NUMBER_OF_PROCESSORS. I have updated src/chrome/tools/test/smoketests.py so you can run it through command line: python.exe smoketests.py --tests=ui [--verbose] Running ui_tests.exe directly is still the old behavior of sequentially running. On my 4 core machine, the running time has been reduced by half, from 832 secs to 443 secs. But I need to make sure all tests can run reliably in this parallel fashion. So if you try it out, I will be interested to know how fast the performance is improved and what additional tests are failing. Huan P.S. this change is for Windows platform as I think Linux/Mac is already using GTest sharding. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: FYI: a new problem with the latest patch for 2008 SP1 (from today/yesterday)
Hi where do you get the latest patch of VS2008SP1? Thanks On Jul 30, 2:15 am, nakro yoav.zilberb...@gmail.com wrote: if you get the latest patch of VS2008SP1 (released yesterday) you will not be able to compile chrome you will get errors relating to '_Swap_adl' i googled it a bit, and till MS fixes it i simply modified 2 files in the inc dir tuple xutility and changed '_Swap_adl' to 'swap' - note the lowercase also due to permissions you might not be able to modify the file, so i did this in an elevated cmd prompt ok, now you know, here is where i got most of the info fromhttp://social.msdn.microsoft.com/Forums/en-US/vcgeneral/thread/4bc93a... --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: FYI: a new problem with the latest patch for 2008 SP1 (from today/yesterday)
I registered my copy of VS2008, so the update came with windows update, i actually had no idea they did anythingtill my builds started to fail. http://support.microsoft.com/kb/971092/ there were actually 3 updates, but i guess they are ashamed or something, two of them link nowhere now :) and you'd prob better wait till they fix it --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: FYI: a new problem with the latest patch for 2008 SP1 (from today/yesterday)
I assume there's a similar patch for VS2005SP1. Does that have the same problem? On Wed, Jul 29, 2009 at 11:15 AM, nakroyoav.zilberb...@gmail.com wrote: if you get the latest patch of VS2008SP1 (released yesterday) you will not be able to compile chrome you will get errors relating to '_Swap_adl' i googled it a bit, and till MS fixes it i simply modified 2 files in the inc dir tuple xutility and changed '_Swap_adl' to 'swap' - note the lowercase also due to permissions you might not be able to modify the file, so i did this in an elevated cmd prompt ok, now you know, here is where i got most of the info from http://social.msdn.microsoft.com/Forums/en-US/vcgeneral/thread/4bc93a16-4ad5-496c-954c-45efbe4b180b --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Running UI test in parallel (experimental)
Each gets it own profile thus different browser process. Huan On Wed, Jul 29, 2009 at 6:01 PM, Erik Kayerik...@chromium.org wrote: Does each shard get its own profile? Or do they share? Does this mean that when you shard they're sharing the same browser process? Erik On Wed, Jul 29, 2009 at 3:28 PM, Huan Ren hu...@google.com wrote: I just checked in a change to run ui_tests in parallel based on sharding mechanism provided by GTest. Each ui_tests instance has its own user data dir, and the number of ui_tests instances is NUMBER_OF_PROCESSORS. I have updated src/chrome/tools/test/smoketests.py so you can run it through command line: python.exe smoketests.py --tests=ui [--verbose] Running ui_tests.exe directly is still the old behavior of sequentially running. On my 4 core machine, the running time has been reduced by half, from 832 secs to 443 secs. But I need to make sure all tests can run reliably in this parallel fashion. So if you try it out, I will be interested to know how fast the performance is improved and what additional tests are failing. Huan P.S. this change is for Windows platform as I think Linux/Mac is already using GTest sharding. --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---
[chromium-dev] Re: Adding a Custom Scheme
What happens if you type the URL in, but instead of hitting enter, press the down arrow (to select a different autocomplete suggestion)? I've done something like this in the past, and it used to be that if I selected the second suggestion (which was *not* a Search Google for: ... type suggestion, it would actually go to my registered URL and from that point on this became the default whenever I typed a URL with my scheme. I'm trying to remember which piece of code I traced this to.. I'll take a look and reply if I can find it. On Wed, Jul 29, 2009 at 5:02 PM, Kruncher leaha...@gmail.com wrote: When the debugger breaks inside the SupportsScheme function, the factories list does not include my-scheme. Perhaps I am trying to register the scheme too early? Do I need to add this directly below where the various chrome schemes are registered, or is it possible to keep it in the domain of a custom application? On 30 July, 00:40, Peter Kasting pkast...@google.com wrote: On Wed, Jul 29, 2009 at 4:23 PM, Kruncher leaha...@gmail.com wrote: Those are the kinds of URL's that I have been trying, but when I hit enter it reverts to: http://www.google.co.uk/search?sourceid=chromeie=UTF-8q=my-scheme:/. .. Put my-scheme://some-url in the address bar and set a breakpoint in URLRequestJobManager::SupportsScheme(). Now type a letter at the end. You should hit your breakpoint. Check and see if |factories_| contains your scheme. If not, you need to make that happen. If it does, and this function therefore returns true, there's some problem at the time you actually open the URL. PK --~--~-~--~~~---~--~~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~--~~~~--~~--~--~---