[HollowEyes]

No prompts?

Sorry do I have to launch the browser with a specific flag?

Worried a site can just swamp a local filesystem.

[iddan]

The OPFS is subject to browser quota restrictions.

[lol768]

So any sufficiently motivated/funded malicious actor who can register a whole bundle of domains can use up 50% of the entire free space on my disk? Am I getting this right?

Is the only defense against this the requirement for per-origin permission to be granted?

[roca]

That's been true for over a decade. Hasn't happened in the wild though AFAIK. I don't think there's an incentive for anyone to do this.

[sgbeal]

> The OPFS is subject to browser quota restrictions.

FWIW, 256mb last i checked (summer 2022). Perhaps less on mobile browsers, but that's just speculation.

[ur-whale]

Which means nothing unless the defaults are restrictive.

What are the default browser quota restrictions on install?

[maccard]

Docs here - https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_A...

[madeofpalk]

OPFS doesn't really change this concern that much. IndexedDB already allows for relatively arbitary blobs of data to be stored per site (subject to existing quotas)

[account42]

IndexedDB should also be disabled by default. Adding more and more storage options instead of restricting the existing ones that are already being abused is madness.

[secondcoming]

Firefox swamping the disk is already an issue. Mine has several gigabytes of random crap cached, and I'm not the only one.

[daneel_w]

I run desktop (not mobile) Firefox with an in-memory cache only. My opinion is that on-disk cache with several days (or weeks) old content is almost entirely useless, and that the most beneficial cache use is what you fetch/reuse through a single day of running browser.

Here's how you can "make the switch":

First of all, clear your disk cache entirely. Then, head into "about:config" and change accordingly:

  browser.cache.disk.enable -> false
  browser.cache.disk.smart_size.enabled -> false
  browser.cache.disk_cache_ssl -> false
  browser.cache.offline.enable -> false
  browser.cache.memory.enable -> true
  browser.cache.memory.capacity -> 512000
  browser.privatebrowsing.forceMediaMemoryCache -> true

The number 512000 is in kilobytes. Adjust to preference. Firefox will still do some caching to disk, but these settings stop the most pressing disk writes. You may confirm the change by visiting "about:cache".

[KyeRussell]

“Several gigabytes” for a browser cache is not abnormal, nor “swamping the disk”. Welcome to the web.

[makapuf]

Nowadays "several gigabytes" can also be read as "almost a percent" for a 1TB disk, which for an app so central is not outrageous to me. Well maybe it could be less for smaller 256G disks.

[michaelt]

Right now, today, Apple will sell you a brand new phone with only 64GB of storage. And that's for users whose budget stretches to a brand new iphone - plenty of people spend less.

The modern web isn't just for people browsing from high-spec workstations and gaming PCs.