[html5] r6368 - [] (0) Allow UAs to opt out of the storage mutex and corrupt data instead of bei [...]

whatwg at whatwg.org whatwg at whatwg.org
Thu Aug 4 14:41:43 PDT 2011 

Author: ianh
Date: 2011-08-04 14:41:41 -0700 (Thu, 04 Aug 2011)
New Revision: 6368

Modified:
   complete.html
   index
   source
Log:
[] (0) Allow UAs to opt out of the storage mutex and corrupt data instead of being slow.
Fixing http://www.w3.org/Bugs/Public/show_bug.cgi?id=13020

Modified: complete.html
===================================================================
--- complete.html	2011-08-04 21:29:25 UTC (rev 6367)
+++ complete.html	2011-08-04 21:41:41 UTC (rev 6368)
@@ -67995,12 +67995,28 @@
   was queued; if the task was queued by or for a <a href=#concept-script title=concept-script>script</a> then the document is the
   <a href="#script's-document">script's document</a>.</p>
 
-  <p>A user agent is required to have one <dfn id=storage-mutex>storage
-  mutex</dfn>. This mutex is used to control access to shared state
-  like cookies. At any one point, the <a href=#storage-mutex>storage mutex</a> is
-  either free, or owned by a particular <a href=#event-loop>event loop</a> or
-  instance of the <a href=#fetch title=fetch>fetching</a> algorithm.</p>
+  <p>A user agent may have one <dfn id=storage-mutex>storage mutex</dfn>. This mutex is
+  used to control access to shared state like cookies. At any one
+  point, the <a href=#storage-mutex>storage mutex</a> is either free, or owned by a
+  particular <a href=#event-loop>event loop</a> or instance of the <a href=#fetch title=fetch>fetching</a> algorithm.</p>
 
+  <p>If a user agent does not implement a <a href=#storage-mutex>storage mutex</a>,
+  it is exempt from implementing the requirements that require it to
+  acquire or release it.</p>
+
+  <p class=note>User agent implementors have to make a choice
+  between two evils. On the one hand, not implementing the storage
+  mutex means that there is a risk of data corruption: a site could,
+  for instance, try to read a cookie, increment its value, then write
+  it back out, using the new value of the cookie as a unique
+  identifier for the session; if the site does this twice in two
+  different browser windows at the same time, it might end up using
+  the same "unique" identifier for both sessions, with potentially
+  disastrous effects. On the other hand, implementing the storage
+  mutex has potentially serious performance implications: whenever a
+  site uses Web Storage or cookies, all other sites that try to use
+  Web Storage or cookies are blocked until the first site finishes.</p>
+
   <p>Whenever a <a href=#concept-script title=concept-script>script</a> calls into
   a <a href=#plugin>plugin</a>, and whenever a <a href=#plugin>plugin</a> calls into
   a <a href=#concept-script title=concept-script>script</a>, the user agent must

Modified: index
===================================================================
--- index	2011-08-04 21:29:25 UTC (rev 6367)
+++ index	2011-08-04 21:41:41 UTC (rev 6368)
@@ -67887,12 +67887,28 @@
   was queued; if the task was queued by or for a <a href=#concept-script title=concept-script>script</a> then the document is the
   <a href="#script's-document">script's document</a>.</p>
 
-  <p>A user agent is required to have one <dfn id=storage-mutex>storage
-  mutex</dfn>. This mutex is used to control access to shared state
-  like cookies. At any one point, the <a href=#storage-mutex>storage mutex</a> is
-  either free, or owned by a particular <a href=#event-loop>event loop</a> or
-  instance of the <a href=#fetch title=fetch>fetching</a> algorithm.</p>
+  <p>A user agent may have one <dfn id=storage-mutex>storage mutex</dfn>. This mutex is
+  used to control access to shared state like cookies. At any one
+  point, the <a href=#storage-mutex>storage mutex</a> is either free, or owned by a
+  particular <a href=#event-loop>event loop</a> or instance of the <a href=#fetch title=fetch>fetching</a> algorithm.</p>
 
+  <p>If a user agent does not implement a <a href=#storage-mutex>storage mutex</a>,
+  it is exempt from implementing the requirements that require it to
+  acquire or release it.</p>
+
+  <p class=note>User agent implementors have to make a choice
+  between two evils. On the one hand, not implementing the storage
+  mutex means that there is a risk of data corruption: a site could,
+  for instance, try to read a cookie, increment its value, then write
+  it back out, using the new value of the cookie as a unique
+  identifier for the session; if the site does this twice in two
+  different browser windows at the same time, it might end up using
+  the same "unique" identifier for both sessions, with potentially
+  disastrous effects. On the other hand, implementing the storage
+  mutex has potentially serious performance implications: whenever a
+  site uses Web Storage or cookies, all other sites that try to use
+  Web Storage or cookies are blocked until the first site finishes.</p>
+
   <p>Whenever a <a href=#concept-script title=concept-script>script</a> calls into
   a <a href=#plugin>plugin</a>, and whenever a <a href=#plugin>plugin</a> calls into
   a <a href=#concept-script title=concept-script>script</a>, the user agent must

Modified: source
===================================================================
--- source	2011-08-04 21:29:25 UTC (rev 6367)
+++ source	2011-08-04 21:41:41 UTC (rev 6368)
@@ -77351,12 +77351,29 @@
   title="concept-script">script</span> then the document is the
   <span>script's document</span>.</p>
 
-  <p>A user agent is required to have one <dfn>storage
-  mutex</dfn>. This mutex is used to control access to shared state
-  like cookies. At any one point, the <span>storage mutex</span> is
-  either free, or owned by a particular <span>event loop</span> or
-  instance of the <span title="fetch">fetching</span> algorithm.</p>
+  <p>A user agent may have one <dfn>storage mutex</dfn>. This mutex is
+  used to control access to shared state like cookies. At any one
+  point, the <span>storage mutex</span> is either free, or owned by a
+  particular <span>event loop</span> or instance of the <span
+  title="fetch">fetching</span> algorithm.</p>
 
+  <p>If a user agent does not implement a <span>storage mutex</span>,
+  it is exempt from implementing the requirements that require it to
+  acquire or release it.</p>
+
+  <p class="note">User agent implementors have to make a choice
+  between two evils. On the one hand, not implementing the storage
+  mutex means that there is a risk of data corruption: a site could,
+  for instance, try to read a cookie, increment its value, then write
+  it back out, using the new value of the cookie as a unique
+  identifier for the session; if the site does this twice in two
+  different browser windows at the same time, it might end up using
+  the same "unique" identifier for both sessions, with potentially
+  disastrous effects. On the other hand, implementing the storage
+  mutex has potentially serious performance implications: whenever a
+  site uses Web Storage or cookies, all other sites that try to use
+  Web Storage or cookies are blocked until the first site finishes.</p>
+
   <p>Whenever a <span title="concept-script">script</span> calls into
   a <span>plugin</span>, and whenever a <span>plugin</span> calls into
   a <span title="concept-script">script</span>, the user agent must

More information about the Commit-Watchers mailing list