Firefox3.1/Web Workers Security Review

From MozillaWiki
Jump to navigation Jump to search

Overview

Web workers allow content javascript to take advantage of multicore CPUs and offload expensive processing tasks to background threads.

Current working spec: whatwg

Major tracking bug: bug 450448

Security and Privacy

  • Workers execute in a tightly controlled sandbox.
    • No access to Components or other global JS components.
    • Only basic JS (Math, Date, etc.), timeouts, XHR, and importScripts.
  • No pref dependencies yet, maybe will provide one to customize the number of OS threads allowed.
  • Script loading is subject to the same restrictions as on the main thread (content policies, same origin restrictions, etc.).
  • XHR uses the same code as the main thread.

Exported APIs

Current IDL: nsIDOMThreads.idl

Module interactions

  • Necko
  • DOM
  • Content
  • XPCOM
  • XPConnect

Data

  • JS is the only data parsed here.

Reliability

  • Users control the execution of background workers by navigating away from or back to the hosting page.

Configuration

  • Users cannot currently modify the behavior of workers except by normal mechanisms to modify JS execution, content policies, etc.
  • No build configuration options.
  • Need to tune the number of OS threads allowed per app instance.
  • No hidden maintenance requirements.

Relationships to other projects

  • Gears - they're very involved with the spec work so hopefully gears API will converge.

Review comments

  • Need to clear JS regexp statics from the context when global objects are swapped.
  • Crashtest infinite recursion
  • Assertions in the stub security manager
  • worker thread sandbox uses a custom security manager, not CAPS
  • when a page navigates what happens to worker threads?
    • they are suspended in the bfcache, messages get queued
    • if no cache, or evicted, they are destroyed with the page
  • JS contexts are single-threaded, worker threads share them. Current max 3 actual threads.
  • chrome (extensions) can use worker threads
  • haven't implemented location yet
  • don't plan to implement localStorage or openDatabase for now.
  • not implementing shared workers
Retrieved from "https://wiki.mozilla.org/index.php?title=Firefox3.1/Web_Workers_Security_Review&oldid=110768"