A 22-year-old Web developer from Stanford, Feross Aboukhadijeh, has discovered that a slip-up in the implementation of HTML5 in Chrome, Internet Explorer and Safari (Opera has been ruled out) can be exploited to fill a viewer's entire hard drive. He even offers a proof-of-concept of the exploit, and a demonstration page backing up his discovery.
As Feross explains, the HTML5 Web Storage standard "localStorage" was developed to allow sites to store larger amounts of data than was previously allowed by cookies. Before web sites could store 4k of data outside the browser cache, used to store simple data like the state of the previous visit, login info and more. But HTML5 websites are allowed to hoard around 5 to 10 MB of data locally. Given hard drives are jumping into 4 TB capacities, that's still virtually nothing.
According to Feross, Google Chrome will store 2.5 MB per origin, whereas Firefox and Opera will store 5 MB. Internet Explorer is the biggest storage hog of the group, eating up a mere 10 MB per origin. Based on the HTML5 spec, all subdomain storage must fit within the origin domain's storage limit. Unfortunately, Chrome, Safari and Internet Explorer skipped that rule.
Feross claims that a cleverly coded website could take advantage of those browsers and essentially use a viewer's entire hard drive capacity as storage rather than the allowed 5 to 10 MB limit. In a proof-of-concept website, he was able to full up 1 GB of HDD space every 16 seconds. Even Safari on iOS is affected by this exploit, meaning the tablet or smartphone will run out of space in minutes.
The report states that Chrome 25, Safari 6 and Internet Explorer 10 were tested positive with the exploit. For 32-bit browsers like Google's Chrome, the entire browser may crash before the disk is filled. Even more, Feross claims that Firefox isn’t affected because Mozilla's browser has a smarter implantation of "localStorage".
For those who want to see their hard drive load up with data through a web browser, check out FillDisk.com. There's also a button planted on the page that will reclaim your gobbled-up disk space. Feross is calling on web surfers to submit a bug report to Google, Apple and Microsoft so that a fix will be released in the immediate future.