Closed Bug 554513 Opened 10 years ago Closed 10 years ago
S limit on buffer sizes is too small for attribute values on client .schwab .com to fit
skierpage, can you maybe hunt down the build id of the last working nightly and the build id of the first broken one?
It seems that I made the Denial of Service avoidance limit on attribute value length too small. Marking NEW without actually confirming on the site, because the described symptoms are obvious enough. All that's needed to proceed is a better guess of what the length limit should be so that real sites work but that pages that have immense attribute values don't make the HTML5 parser kill the app with memory exhaustion.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P1
How does the old parser handle this?
(In reply to comment #3) > How does the old parser handle this? It seems to me the old parser has no limit on the length of attribute values.
I guess I could remove all limits from the tokenizer and leave the stack depth limit (copied from the old parser) in the tree builder. The other things to consider are the length of the list of formatting elements (currently unlimited) and a length-based flushing threshold for text node contents (copied from the old parser but doesn't do the same thing as in the old parser).
I removed the limits that didn't have an exact corresponding limit in the old parser. That is, I reverted the limit additions for everything except the stack depth. http://hg.mozilla.org/mozilla-central/rev/560598d37063
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Those POST links work again, thanks!
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.