Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: cbb8b220c0f1f1ceaf9bac84eafc71dc87f2fc46
https://github.com/WebKit/WebKit/commit/cbb8b220c0f1f1ceaf9bac84eafc71dc87f2fc46
Author: Charlie Wolfe <[email protected]>
Date: 2025-01-21 (Tue, 21 Jan 2025)
Changed paths:
A
LayoutTests/http/tests/site-isolation/history/add-iframe-while-changing-document-title-expected.txt
A
LayoutTests/http/tests/site-isolation/history/add-iframe-while-changing-document-title.html
A
LayoutTests/http/tests/site-isolation/resources/post-message-from-child-to-parent.html
M Source/WebCore/history/HistoryItem.cpp
M Source/WebCore/history/HistoryItem.h
M Source/WebCore/loader/EmptyClients.cpp
M Source/WebKit/Shared/WebBackForwardListFrameItem.cpp
M Source/WebKit/Shared/WebBackForwardListFrameItem.h
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/UIProcess/WebPageProxy.messages.in
M Source/WebKit/WebProcess/WebPage/WebHistoryItemClient.cpp
M Source/WebKit/WebProcess/WebPage/WebHistoryItemClient.h
M Source/WebKitLegacy/mac/WebCoreSupport/LegacyHistoryItemClient.h
M Source/WebKitLegacy/mac/WebCoreSupport/LegacyHistoryItemClient.mm
Log Message:
-----------
[Site Isolation] Creating an iframe while updating the history state of its
parent causes a new back/forward item to be created
https://bugs.webkit.org/show_bug.cgi?id=286334
rdar://143359188
Reviewed by Alex Christensen.
When a root child frame expects its initial history state to be committed, we
store a
WebBackForwardListFrameItem on its WebFrameProxy and add a child to it when the
history item is
committed. If the WebBackForwardListFrameItem is destroyed before the item is
committed, a new item is
added to the back-forward list instead of adding a frame to the existing item.
To fix this, we should stop destroying children in
WebBackForwardListFrameItem::setFrameState.
BackForwardUpdateItem should update only its own state, and there should be a
separate, explicit message
for clearing history item children.
*
LayoutTests/http/tests/site-isolation/history/add-iframe-while-changing-document-title-expected.txt:
Added.
*
LayoutTests/http/tests/site-isolation/history/add-iframe-while-changing-document-title.html:
Added.
*
LayoutTests/http/tests/site-isolation/resources/post-message-from-child-to-parent.html:
Added.
* Source/WebCore/history/HistoryItem.cpp:
(WebCore::HistoryItem::clearChildren):
* Source/WebCore/history/HistoryItem.h:
* Source/WebCore/loader/EmptyClients.cpp:
* Source/WebKit/Shared/WebBackForwardListFrameItem.cpp:
(WebKit::WebBackForwardListFrameItem::setFrameState):
* Source/WebKit/Shared/WebBackForwardListFrameItem.h:
(WebKit::WebBackForwardListFrameItem::clearChildren):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::backForwardClearChildren):
* Source/WebKit/UIProcess/WebPageProxy.h:
* Source/WebKit/UIProcess/WebPageProxy.messages.in:
* Source/WebKit/WebProcess/WebPage/WebHistoryItemClient.cpp:
(WebKit::WebHistoryItemClient::clearChildren const):
* Source/WebKit/WebProcess/WebPage/WebHistoryItemClient.h:
* Source/WebKitLegacy/mac/WebCoreSupport/LegacyHistoryItemClient.h:
* Source/WebKitLegacy/mac/WebCoreSupport/LegacyHistoryItemClient.mm:
(LegacyHistoryItemClient::clearChildren const):
Canonical link: https://commits.webkit.org/289228@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
