ricea
commented
1 year ago This actually protects against a use-after-free attack where the buffer is transferred away in the middle of being decompressed. Calling enqueue can result in executing user JavaScript. Maybe there should be a note about that.
It also ensures consistent and robust behaviour if JavaScript attempts to modify the buffer in the middle of decompression.
https://wicg.github.io/compression/#decompress-and-enqueue-a-chunk
Per the spec it's a must to complete the conversion first and then do the enqueue, but would it be bad to enqueue as soon as each output buffer is filled?
Not that there's any important reason to do that, just curious. Maybe enqueuing all at once (as the spec says) makes sure more consistent behavior among implementations, as impls with smaller buffer might enqueue things before error while others with larger buffer might enqueue nothing.