- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Thu, 26 Aug 2010 15:02:08 -0400
On 8/26/10 11:58 AM, James May wrote: > I thought I just suggested that? > > Everything works normally (as if it was still attached) until it is > reattached, when the situation is re-evaluated. That could fall afoul of security checks that assume that an iframe with a non-null parent is in fact a subframe and that it's owner element is in the DOM. I know Gecko certainly has such internally. Again, nothing insurmountable, but there's a bunch of code in Gecko that makes assumptions about when windows can and can't exist that would need auditing. I can't speak to the web compat aspects. > In terms of resource consumption, I don't see how this would be any > different to any other kind of leak that web content can trigger. I don't think that's an issue, though this does raise the question of when it's OK to gc the iframe. > (I think someone mentioned that iframes can be GC'd normally) Can they, with your proposal? It seems that with your proposal if you remove an iframe from the DOM and then forget about it then as long as there's any network activity in that iframe or anything else which might potentially trigger script it cannot be gced. This seems like it would make it very easy to leak document after document... -Boris
Received on Thursday, 26 August 2010 12:02:08 UTC