Fixed webViewLoadingStateDidChange crash.

webViewLoadingStateDidChange crashes on dereferencing a null pointer. It is unknown how app gets into this state, but registering another load request is a better option than crashing. TBR=eugenebut@google.com (cherry picked from commit 541f046) (cherry picked from commit 3046ee1) Bug: 737595 Change-Id: Ibbe66fe5689722fea2de205d07871f3dacec136a Reviewed-on: https://chromium-review.googlesource.com/585864 Reviewed-by: Kurt Horimoto <kkhorimoto@chromium.org> Commit-Queue: Eugene But <eugenebut@chromium.org> Cr-Original-Original-Commit-Position: refs/heads/master@{#489537} Reviewed-on: https://chromium-review.googlesource.com/586926 Reviewed-by: Eugene But <eugenebut@chromium.org> Cr-Original-Commit-Position: refs/branch-heads/3112@{#673} Cr-Original-Branched-From: b6460e2-refs/heads/master@{#474897} Reviewed-on: https://chromium-review.googlesource.com/587713 Cr-Commit-Position: refs/branch-heads/3163@{#67} Cr-Branched-From: ff259ba-refs/heads/master@{#488528}
nwjs · Jul 26, 2017 · ad74fc6 · ad74fc6
1 parent 48665a9
commit ad74fc6
Showing 1 changed file with 5 additions and 8 deletions.
diff --git a/ios/web/web_state/ui/crw_web_controller.mm b/ios/web/web_state/ui/crw_web_controller.mm
@@ -4835,10 +4835,8 @@ - (void)webViewLoadingStateDidChange {
   }
 
   if (!navigationWasCommitted && ![_pendingNavigationInfo cancelled]) {
-    // A fast back navigation caused by pushState does not call
-    // |didCommitNavigation:|, so signal page change explicitly.
-    // TODO(crbug.com/659816): Because back-forward navigation is disabled for
-    // pages that used push/replace State API, this code will not be executed.
+    // A fast back-forward navigation does not call |didCommitNavigation:|, so
+    // signal page change explicitly.
     DCHECK_EQ(_documentURL.GetOrigin(), webViewURL.GetOrigin());
     BOOL isSameDocumentNavigation =
         [self isKVOChangePotentialSameDocumentNavigationToURL:webViewURL];
@@ -4847,12 +4845,11 @@ - (void)webViewLoadingStateDidChange {
 
     web::NavigationContextImpl* existingContext =
         [self contextForPendingNavigationWithURL:webViewURL];
-    if (!existingContext && isSameDocumentNavigation) {
-      // This is a renderer-initiated same-document navigation, which needs to
-      // be registered.
+    if (!existingContext) {
+      // This URL was not seen before, so register new load request.
       std::unique_ptr<web::NavigationContextImpl> newContext =
           [self registerLoadRequestForURL:webViewURL];
-      newContext->SetIsSameDocument(true);
+      newContext->SetIsSameDocument(isSameDocumentNavigation);
       _webStateImpl->OnNavigationFinished(newContext.get());
     } else {
       // Same document navigation does not contain response headers.