HTML5 Weakness Allows Data Dump On Hard disks
A developer has discovered a loophole in the HTML5 web code, which could allow gigabytes of junk data to be dumped on your hard disks.
Developer Faross Aboukhadijeh found the bug and set up a demo page (FillDisk.com) as a proof-of-concept, which that fills visitors hard drives with pictures of cartoon cats.
The HTML5 Web Storage standard was developed to allow sites to store larger amounts of data (10 MB) than was previously allowed by cookies (4KB). The standard anticipated that sites might abuse this feature and advised that browsers limit the total amount of storage space that each origin could use. So currently, Google Chrome limits the amount of data to 2.5 MB per origin, Mozilla Firefox and Opera alllows up to 5 MB per origin and Internet Explorer up to 10 MB per origin. In addition, the web standard says that HTML 5 user agents should guard against sites storing data under the origins other affiliated sites, a move that would not allow for circumventing the storage limits.
However, Chrome, Safari, and IE currently do not implement any such "affiliated site" storage limit. Thus, cleverly coded websites, like FillDisk.com, have effectively unlimited storage space on visitor?s computers.
The proof-of-concept page fills up the user?s hard disk on Chrome, Safari (iOS and desktop), Opera, and IE. The page has been tested to work with Chrome 25, Safari 6, Opera (12), IE 10. The page does not work on Firefox, since Firefox?s implementation of localStorage is smarter, said Mr Aboukhadijeh.
In a bid to solve the problem, bug reports about the exploit have been filed with major browser makers.
The HTML5 Web Storage standard was developed to allow sites to store larger amounts of data (10 MB) than was previously allowed by cookies (4KB). The standard anticipated that sites might abuse this feature and advised that browsers limit the total amount of storage space that each origin could use. So currently, Google Chrome limits the amount of data to 2.5 MB per origin, Mozilla Firefox and Opera alllows up to 5 MB per origin and Internet Explorer up to 10 MB per origin. In addition, the web standard says that HTML 5 user agents should guard against sites storing data under the origins other affiliated sites, a move that would not allow for circumventing the storage limits.
However, Chrome, Safari, and IE currently do not implement any such "affiliated site" storage limit. Thus, cleverly coded websites, like FillDisk.com, have effectively unlimited storage space on visitor?s computers.
The proof-of-concept page fills up the user?s hard disk on Chrome, Safari (iOS and desktop), Opera, and IE. The page has been tested to work with Chrome 25, Safari 6, Opera (12), IE 10. The page does not work on Firefox, since Firefox?s implementation of localStorage is smarter, said Mr Aboukhadijeh.
In a bid to solve the problem, bug reports about the exploit have been filed with major browser makers.