✨ amp-script: implement new size limits for sandboxed scripts #38185
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
cc @jridgewell |
jridgewell
approved these changes
May 11, 2022
samouri
reviewed
May 11, 2022
|
|
||
| Note: Not to be confused with the **sandbox** attribute. | ||
|
|
||
| If set, this will signal that worker-dom should activate sandboxed mode. In this mode the Worker lives in its own crossorigin iframe, creating a strong security boundary. It also forces **nodom** mode. Because of the strong security boundary, sandboxed scripts do not need to provide a script hash. |
My pleasure 😄 |
westonruter
added a commit
that referenced
this pull request
May 20, 2022
…a-menu-images-validator-spec * 'main' of github.com:ampproject/amphtml: (90 commits) 🔥 [Story mediapool] Fix videos from mediapool with `noaudio` don't have audio when reused. (#38216) Hide progress bar on the control group of auto advance experiment (#38215) ✨ Add Bento Autocomplete Component (#37837) 🌐 [Story subscription] Subscription localization async (#38204) Dable: add new optional parameter "channel" (#38199) ✨ [AMP Story Paywall] Enable developers to specify a custom subscriptions page index (#38175) SwG Release 0.1.22.217 (#38187) amp-script: implements new size limits for sandboxed scripts (#38185) 🖍 Hide the system layer and progress bar in preview mode (#38163) added minItems (#38177) Prevent expandTemplate from ReDOSing (#38178) Change amp-story-subscriptions attribute name to reflect its flexibility (#38176) 🐛 [Story Preview] Enable amp-video to play in preview mode (#38149) Added the possibility to get page count to story messaging api (#38170) SwG Release 0.1.22.216 (#38168) Allow @newmuis to update OWNERS files (#38169) ✨ Add Richaudience to RTC callout vendors (#38160) 🚀 SunMedia: Update amp-ad (#38128) Remove option to deploy PR artifacts to a static website (#38152) added some vars and requests in gfksensic.json (#37722) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #38173
Creates a separate size limit for scripts running in
sandboxedmode. Includes updating thesizeLimitExceededfunction to correctly accumulate and calculate size limit based on whether the script being checked is running insandboxedmode or not.Also updates the documentation to reflect this change.