A HTML5 Loophole Can Fill Up You Hard Drive In No Time!

A recent bug found in HTML5 is said to affect almost all major browsers supporting HTML5, this particular bug can make use of a loophole and fill up user’s hard drive in no time. Developer Feross Aboukhadije said in his blog post that he could fill up around 1 GB of date on a SSD based MacBook Pro with Retina Display and all major browsers like Safari, Chrome and Internet Explorer fell prey to this bug. The only browser that could survive this exploit is Firefox as of now.

HTML5

A demo of this exploit can be seen and personally experienced on this site filldisk.com (Warning: We are not responsible for any damages done by visiting this site!). On the site you can test the bug that fills up your hard drive with various cat photos at a rapid pace!

Prior to HTML5 the only way for websites to store data on local machine was in the for of Cookies that are of around 4KB in size typically, but HTML5 allows websites to save data as large as 5MB at a go (Chrome: 2.5MB, Firefox and Opera: 5MB, Internet Explorer: 10MB). But with this newly found bug a cleverly programmed website can create subdomains domains dynamically like this

http://1.filldisk.com

http://2.filldisk.com

http://3.filldisk.com

upon creation of these subdomains the browser will be tricked into allocating the maximum limit for each of these subdomains thus rapidly exhausting the hard drive space.

Feross Aboukhadije seems to have already submitted this bug to all major browsers, we can expect this bug to be covered up in the next update from all these browsers.