Firefox3.1/Web Workers Security Review

From MozillaWiki
< Firefox3.1
Revision as of 16:41, 24 September 2008 by Bent.mozilla (talk | contribs) (New page: == Overview == Web workers allow content javascript to take advantage of multicore CPUs and offload expensive processing tasks to background threads. Current working spec: [http://www.wh...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Overview

Web workers allow content javascript to take advantage of multicore CPUs and offload expensive processing tasks to background threads.

Current working spec: whatwg

Major tracking bug: bug 450448

Security and Privacy

  • Workers execute in a tightly controlled sandbox.
    • No access to Components or other global JS components.
    • Only basic JS (Math, Date, etc.), timeouts, XHR, and importScripts.
  • No pref dependencies yet, maybe will provide one to customize the number of OS threads allowed.
  • Script loading and XHR use the same code as the main thread (content policies, same origin restrictions, etc.) so no new attack vectors should be created.

Exported APIs

Current IDL: nsIDOMThreads.idl

Module interactions

  • Necko
  • DOM
  • Content
  • XPCOM
  • XPConnect

Data

  • JS is the only data parsed here.

Reliability

  • Users control the execution of background workers by navigating away from or back to the hosting page.

Configuration

  • Users cannot currently modify the behavior of workers except by normal mechanisms to modify JS execution, content policies, etc.
  • No build configuration options.
  • Need to tune the number of OS threads allowed per app instance.
  • No hidden maintenance requirements.

Relationships to other projects

  • Gears - they're very involved with the spec work so hopefully gears API will converge.

Review comments

Retrieved from "https://wiki.mozilla.org/index.php?title=Firefox3.1/Web_Workers_Security_Review&oldid=109963"