So, everybody ready?
starting:
A window can listen for dispatched messages by executing the following JavaScript:
window.addEventListener("message", (event) => {
if (event.origin !== "http://example.org:8080
")
return;
// ...
}, false);
"Always specify an exact target origin, not *, when you use postMessage to send data to other windows. A malicious site can change the location of the window without your knowledge, and therefore it can intercept the data sent using postMessage."
(their security..and our probable attack)
"However, the shared data block referenced by the two SharedArrayBuffer objects is the same data block, and a side effect to the block in one agent will eventually become visible in the other agent.
var sab = new SharedArrayBuffer(1024);
worker.postMessage(sab);
Web content uses Web Workers to run scripts in background threads. Data gets sent to and from the worker by using the postMessage() method and certain types are so-called transferable objects, that are transferred from one context to another with a zero-copy operation, resulting in high performance.
When transferring an ArrayBuffer from your main app to a worker script, the original ArrayBuffer is cleared and no longer usable. Its content is (quite literally) transferred to the worker context.
JavaScript
Shrink ▲ Copy Code
var ab = new ArrayBuffer(1024);
var uInt8Array = new Uint8Array(ab);
for (var i = 0; i < uInt8Array.length; ++i) {
uInt8Array[i] = i;
}
var worker = new Worker("worker.js");
// before transferring
console.log(uInt8Array.byteLength); // 1024
worker.postMessage(uInt8Array.buffer, [uInt8Array.buffer]);
// after transferring
console.log(uInt8Array.byteLength); // 0
Now with a SharedArrayBuffer, you can share this memory with the worker by transferring it using the same postMessage() call.
No comments:
Post a Comment