Skip to content
Permalink
Browse files
Roll out changes not part of the patch reviewed for Bug 132089
<http://webkit.org/b/132089>

* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::loadOrRedirectSubframe):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::setLocation):
(WebCore::DOMWindow::createWindow):
(WebCore::DOMWindow::open):

Canonical link: https://commits.webkit.org/150261@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@167852 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
ddkilzer committed Apr 27, 2014
1 parent ed504ab commit 5886d5dd847cb4b73b231740450a18f497f99a3c
Showing 3 changed files with 26 additions and 20 deletions.
@@ -1,3 +1,15 @@
2014-04-27 David Kilzer <ddkilzer@apple.com>

Roll out changes not part of the patch reviewed for Bug 132089
<http://webkit.org/b/132089>

* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::loadOrRedirectSubframe):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::setLocation):
(WebCore::DOMWindow::createWindow):
(WebCore::DOMWindow::open):

2014-04-26 Darin Adler <darin@apple.com>

Frame and page lifetime fixes in WebCore::createWindow
@@ -322,9 +322,6 @@ PassRefPtr<Widget> SubframeLoader::createJavaAppletWidget(const IntSize& size, H

Frame* SubframeLoader::loadOrRedirectSubframe(HTMLFrameOwnerElement& ownerElement, const URL& url, const AtomicString& frameName, LockHistory lockHistory, LockBackForwardList lockBackForwardList)
{
if (!url.isValid())
return nullptr;

Frame* frame = ownerElement.contentFrame();
if (frame)
frame->navigationScheduler().scheduleLocationChange(m_frame.document()->securityOrigin(), url.string(), m_frame.loader().outgoingReferrer(), lockHistory, lockBackForwardList);
@@ -1891,20 +1891,19 @@ void DOMWindow::setLocation(const String& urlString, DOMWindow& activeWindow, DO
return;

URL completedURL = firstFrame->document()->completeURL(urlString);
if (!completedURL.isValid())
if (completedURL.isNull())
return;

if (isInsecureScriptAccess(activeWindow, completedURL))
return;

Frame* referrerFrame = activeDocument->frame();
if (!referrerFrame)
return;

// We want a new history item if we are processing a user gesture.
LockHistory lockHistory = (locking != LockHistoryBasedOnGestureState || !ScriptController::processingUserGesture()) ? LockHistory::Yes : LockHistory::No;
LockBackForwardList lockBackForwardList = (locking != LockHistoryBasedOnGestureState) ? LockBackForwardList::Yes : LockBackForwardList::No;
m_frame->navigationScheduler().scheduleLocationChange(activeDocument->securityOrigin(), completedURL, referrerFrame->loader().outgoingReferrer(), lockHistory, lockBackForwardList);
m_frame->navigationScheduler().scheduleLocationChange(activeDocument->securityOrigin(),
// FIXME: What if activeDocument()->frame() is 0?
completedURL, activeDocument->frame()->loader().outgoingReferrer(),
lockHistory, lockBackForwardList);
}

void DOMWindow::printErrorMessage(const String& message)
@@ -1989,7 +1988,7 @@ PassRefPtr<Frame> DOMWindow::createWindow(const String& urlString, const AtomicS
if (!completedURL.isEmpty() && !completedURL.isValid()) {
// Don't expose client code to invalid URLs.
activeWindow.printErrorMessage("Unable to open a window with invalid URL '" + completedURL.string() + "'.\n");
return nullptr;
return 0;
}

// For whatever reason, Firefox uses the first frame to determine the outgoingReferrer. We replicate that behavior here.
@@ -2004,7 +2003,7 @@ PassRefPtr<Frame> DOMWindow::createWindow(const String& urlString, const AtomicS
bool created;
RefPtr<Frame> newFrame = WebCore::createWindow(activeFrame, openerFrame, frameRequest, windowFeatures, created);
if (!newFrame)
return nullptr;
return 0;

newFrame->loader().setOpener(openerFrame);
newFrame->page()->setOpenedByDOM();
@@ -2033,24 +2032,24 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin
DOMWindow& activeWindow, DOMWindow& firstWindow)
{
if (!isCurrentlyDisplayedInFrame())
return nullptr;
return 0;
Document* activeDocument = activeWindow.document();
if (!activeDocument)
return nullptr;
return 0;
Frame* firstFrame = firstWindow.frame();
if (!firstFrame)
return nullptr;
return 0;

if (!firstWindow.allowPopUp()) {
// Because FrameTree::find() returns true for empty strings, we must check for empty frame names.
// Otherwise, illegitimate window.open() calls with no name will pass right through the popup blocker.
if (frameName.isEmpty() || !m_frame->tree().find(frameName))
return nullptr;
return 0;
}

// Get the target frame for the special cases of _top and _parent.
// In those cases, we schedule a location change right now and return early.
Frame* targetFrame = nullptr;
Frame* targetFrame = 0;
if (frameName == "_top")
targetFrame = &m_frame->tree().top();
else if (frameName == "_parent") {
@@ -2061,11 +2060,9 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin
}
if (targetFrame) {
if (!activeDocument->canNavigate(targetFrame))
return nullptr;
return 0;

URL completedURL = firstFrame->document()->completeURL(urlString);
if (!completedURL.isValid())
return nullptr;

if (targetFrame->document()->domWindow()->isInsecureScriptAccess(activeWindow, completedURL))
return targetFrame->document()->domWindow();
@@ -2083,7 +2080,7 @@ PassRefPtr<DOMWindow> DOMWindow::open(const String& urlString, const AtomicStrin

WindowFeatures windowFeatures(windowFeaturesString);
RefPtr<Frame> result = createWindow(urlString, frameName, windowFeatures, activeWindow, firstFrame, m_frame);
return result ? result->document()->domWindow() : nullptr;
return result ? result->document()->domWindow() : 0;
}

void DOMWindow::showModalDialog(const String& urlString, const String& dialogFeaturesString, DOMWindow& activeWindow, DOMWindow& firstWindow, std::function<void (DOMWindow&)> prepareDialogFunction)

0 comments on commit 5886d5d

Please sign in to comment.