On Fri, Apr 28, 2017 at 1:56 PM, Ehsan Akhgari wrote:
>> While it does not address the attack, it should be limited to secure
>> context, if we keep the API. It's actually in the spec.
>
> Why is that an advantage? Any attacker can use a secure context. The word
>
On 04/27/2017 08:09 AM, Frederik Braun wrote:
On 27.04.2017 13:56, smaug wrote:
On 04/25/2017 04:38 PM, Ehsan Akhgari wrote:
On 04/24/2017 06:04 PM, Martin Thomson wrote:
I think that 60Hz is too high a rate for this.
I suggest that we restrict this to top-level, foreground, and secure
Hi everyone,
It's time for another quick update about the recent Quantum Flow work.
I want to start by shedding some light into the performance of synchronous
IPC caused by JavaScript. Here is a breakdown report
On Thu, Apr 27, 2017 at 8:42 AM, Salvador de la Puente
wrote:
> Well, I'm not saying "don't fix it" but if we switch the API off then
> other-than-evil ways of using the API will never happen and, as Belen said
> before, it undermines the confidence on the Web platform.
On 27.04.2017 13:56, smaug wrote:
> On 04/25/2017 04:38 PM, Ehsan Akhgari wrote:
>> On 04/24/2017 06:04 PM, Martin Thomson wrote:
>>> I think that 60Hz is too high a rate for this.
>>>
>>> I suggest that we restrict this to top-level, foreground, and secure
>>> contexts. Note that foreground is a
On 04/25/2017 04:38 PM, Ehsan Akhgari wrote:
On 04/24/2017 06:04 PM, Martin Thomson wrote:
I think that 60Hz is too high a rate for this.
I suggest that we restrict this to top-level, foreground, and secure
contexts. Note that foreground is a necessary precondition for the
attack, so that
On Thu, Apr 27, 2017 at 10:37 AM, Marco Bonardo wrote:
> I'm far from being an expert here, but I seem to remember from Storage that
> we have malloc_good_size
Thank you!
I filed https://bugzilla.mozilla.org/show_bug.cgi?id=1360139 and
On Wed, Apr 26, 2017 at 9:49 PM, Ehsan Akhgari wrote:
> On 04/26/2017 07:02 AM, Henri Sivonen wrote:
>>
>> On Tue, Apr 25, 2017 at 9:02 PM, Bill McCloskey
>> wrote:
>>>
>>> On Tue, Apr 25, 2017 at 5:41 AM, Henri Sivonen
>>>
I'm far from being an expert here, but I seem to remember from Storage that
we have malloc_good_size
On Thu, Apr 27, 2017 at 9:24 AM, Henri Sivonen wrote:
> For growable buffer types that internally contain the logical length
> (how many slots of the buffer are in use as
For growable buffer types that internally contain the logical length
(how many slots of the buffer are in use as far as external callers
are concerned) and capacity (the actual allocation length of the
buffer), the capacity should ideally always equal to a bucket size of
the underlying allocator.
Well, I'm not saying "don't fix it" but if we switch the API off then
other-than-evil ways of using the API will never happen and, as Belen said
before, it undermines the confidence on the Web platform.
I can not foresee the canonical use of the API that would support the
decision of not
11 matches
Mail list logo