[webkit-changes] [214771] releases/WebKitGTK/webkit-2.16

[carlosgc]

Title: [214771] releases/WebKitGTK/webkit-2.16

Revision

214771

Author

carlo...@webkit.org

Date

2017-04-03 05:01:58 -0700 (Mon, 03 Apr 2017)

Log Message

Merge r214194 - Prevent new navigations from onbeforeunload handler
https://bugs.webkit.org/show_bug.cgi?id=169891
<rdar://problem/31155736>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Ensure that all navigations initiated from an onbeforeunload handler are disallowed
regardless of how they were scheduled. Such navigations go against the expectation
of a user.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::isNavigationAllowed): Added.
(WebCore::FrameLoader::loadURL): Modified code to call FrameLoader::isNavigationAllowed().
(WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
(WebCore::FrameLoader::stopAllLoaders): Ditto.
* loader/FrameLoader.h:

LayoutTests:

Update test to ensure that we disallow navigation initiated via a DOM click event from
an onbeforeunload handler.

* fast/events/before-unload-forbidden-navigation.html:

Modified Paths

• releases/WebKitGTK/webkit-2.16/LayoutTests/ChangeLog
• releases/WebKitGTK/webkit-2.16/LayoutTests/fast/events/before-unload-forbidden-navigation.html
• releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog
• releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.cpp
• releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.h

Diff

Modified: releases/WebKitGTK/webkit-2.16/LayoutTests/ChangeLog (214770 => 214771)

--- releases/WebKitGTK/webkit-2.16/LayoutTests/ChangeLog	2017-04-03 11:25:05 UTC (rev 214770)
+++ releases/WebKitGTK/webkit-2.16/LayoutTests/ChangeLog	2017-04-03 12:01:58 UTC (rev 214771)
@@ -1,3 +1,16 @@
+2017-03-20  Daniel Bates  <daba...@apple.com>
+
+        Prevent new navigations from onbeforeunload handler
+        https://bugs.webkit.org/show_bug.cgi?id=169891
+        <rdar://problem/31155736>
+
+        Reviewed by Ryosuke Niwa.
+
+        Update test to ensure that we disallow navigation initiated via a DOM click event from
+        an onbeforeunload handler.
+
+        * fast/events/before-unload-forbidden-navigation.html:
+
 2017-03-19  Chris Dumez  <cdu...@apple.com>
 
         `const location = "foo"` throws in a worker

Modified: releases/WebKitGTK/webkit-2.16/LayoutTests/fast/events/before-unload-forbidden-navigation.html (214770 => 214771)

--- releases/WebKitGTK/webkit-2.16/LayoutTests/fast/events/before-unload-forbidden-navigation.html	2017-04-03 11:25:05 UTC (rev 214770)
+++ releases/WebKitGTK/webkit-2.16/LayoutTests/fast/events/before-unload-forbidden-navigation.html	2017-04-03 12:01:58 UTC (rev 214771)
@@ -12,6 +12,7 @@
 }
 
 var log = document.getElementById('log');
+var didFireBeforeUnloadEvent = false;
 
 function test(iframe) {
     if (iframe.done) {
@@ -25,9 +26,22 @@
     iframe.contentWindow.location.href = '';
 }
 
+function navigateByClickingHyperlink(contentWindow, url) {
+    var link = contentWindow.document.createElement('a');
+    link.href = ""
+    link.click();
+}
+
 function fired(contentWindow) {
+    if (didFireBeforeUnloadEvent)
+        return;
+    didFireBeforeUnloadEvent = true;
+
     location.href = '';
     contentWindow.location.href = '';
+    navigateByClickingHyperlink(contentWindow, 'resources/before-unload-in-subframe-fail.html');
+    navigateByClickingHyperlink(window, 'resources/before-unload-in-subframe-fail.html');
+
     log.innerHTML = 'PASS 1/2';
     contentWindow.frameElement.halfPassed = true;
 }

Modified: releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog (214770 => 214771)

--- releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog	2017-04-03 11:25:05 UTC (rev 214770)
+++ releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog	2017-04-03 12:01:58 UTC (rev 214771)
@@ -1,3 +1,22 @@
+2017-03-20  Daniel Bates  <daba...@apple.com>
+
+        Prevent new navigations from onbeforeunload handler
+        https://bugs.webkit.org/show_bug.cgi?id=169891
+        <rdar://problem/31155736>
+
+        Reviewed by Ryosuke Niwa.
+
+        Ensure that all navigations initiated from an onbeforeunload handler are disallowed
+        regardless of how they were scheduled. Such navigations go against the expectation
+        of a user.
+
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::isNavigationAllowed): Added.
+        (WebCore::FrameLoader::loadURL): Modified code to call FrameLoader::isNavigationAllowed().
+        (WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
+        (WebCore::FrameLoader::stopAllLoaders): Ditto.
+        * loader/FrameLoader.h:
+
 2017-03-20  Simon Fraser  <simon.fra...@apple.com>
 
         Move code out of renderer destructors into willBeDestroyed()

Modified: releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.cpp (214770 => 214771)

--- releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.cpp	2017-04-03 11:25:05 UTC (rev 214770)
+++ releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.cpp	2017-04-03 12:01:58 UTC (rev 214771)
@@ -1185,6 +1185,11 @@
     return propagatedPolicy;
 }
 
+bool FrameLoader::isNavigationAllowed() const
+{
+    return m_pageDismissalEventBeingDispatched == PageDismissalType::None && NavigationDisablerForBeforeUnload::isNavigationAllowed();
+}
+
 void FrameLoader::loadURL(const FrameLoadRequest& frameLoadRequest, const String& referrer, FrameLoadType newLoadType, Event* event, FormState* formState)
 {
     if (m_inStopAllLoaders)
@@ -1223,7 +1228,7 @@
         return;
     }
 
-    if (m_pageDismissalEventBeingDispatched != PageDismissalType::None)
+    if (!isNavigationAllowed())
         return;
 
     NavigationAction action(request, newLoadType, isFormSubmission, event, frameLoadRequest.shouldOpenExternalURLsPolicy(), frameLoadRequest.downloadAttribute());
@@ -1425,7 +1430,7 @@
 
     ASSERT(m_frame.view());
 
-    if (m_pageDismissalEventBeingDispatched != PageDismissalType::None)
+    if (!isNavigationAllowed())
         return;
 
     if (m_frame.document())
@@ -1612,7 +1617,7 @@
 void FrameLoader::stopAllLoaders(ClearProvisionalItemPolicy clearProvisionalItemPolicy)
 {
     ASSERT(!m_frame.document() || m_frame.document()->pageCacheState() != Document::InPageCache);
-    if (m_pageDismissalEventBeingDispatched != PageDismissalType::None)
+    if (!isNavigationAllowed())
         return;
 
     // If this method is called from within this method, infinite recursion can occur (3442218). Avoid this.

Modified: releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.h (214770 => 214771)

--- releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.h	2017-04-03 11:25:05 UTC (rev 214770)
+++ releases/WebKitGTK/webkit-2.16/Source/WebCore/loader/FrameLoader.h	2017-04-03 12:01:58 UTC (rev 214771)
@@ -386,6 +386,8 @@
 
     void applyShouldOpenExternalURLsPolicyToNewDocumentLoader(DocumentLoader&, ShouldOpenExternalURLsPolicy propagatedPolicy);
 
+    bool isNavigationAllowed() const;
+
     Frame& m_frame;
     FrameLoaderClient& m_client;
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes