Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(380)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/WebCore/loader/FrameLoader.cpp

Issue 11026067: Merge 130313 - Crash when calling document.open during unload (Closed) Base URL: http://svn.webkit.org/repository/webkit/branches/chromium/1271/
Patch Set: Created 8 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « LayoutTests/fast/parser/document-open-in-unload-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed. 2 * Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011 Apple Inc. All rights reserv ed.
3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) 3 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies)
4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/) 4 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. (http://www.t orchmobile.com/)
5 * Copyright (C) 2008 Alp Toker <alp@atoker.com> 5 * Copyright (C) 2008 Alp Toker <alp@atoker.com>
6 * Copyright (C) Research In Motion Limited 2009. All rights reserved. 6 * Copyright (C) Research In Motion Limited 2009. All rights reserved.
7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com> 7 * Copyright (C) 2011 Kris Jordan <krisjordan@gmail.com>
8 * Copyright (C) 2011 Google Inc. All rights reserved. 8 * Copyright (C) 2011 Google Inc. All rights reserved.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
(...skipping 1693 matching lines...) Expand 10 before | Expand all | Expand 10 after
1704 pageCache()->add(item, m_frame->page()); 1704 pageCache()->add(item, m_frame->page());
1705 1705
1706 if (m_loadType != FrameLoadTypeReplace) 1706 if (m_loadType != FrameLoadTypeReplace)
1707 closeOldDataSources(); 1707 closeOldDataSources();
1708 1708
1709 if (!cachedPage && !m_stateMachine.creatingInitialEmptyDocument()) 1709 if (!cachedPage && !m_stateMachine.creatingInitialEmptyDocument())
1710 m_client->makeRepresentation(pdl.get()); 1710 m_client->makeRepresentation(pdl.get());
1711 1711
1712 transitionToCommitted(cachedPage); 1712 transitionToCommitted(cachedPage);
1713 1713
1714 if (pdl) { 1714 if (pdl && m_documentLoader) {
1715 // Check if the destination page is allowed to access the previous page' s timing information. 1715 // Check if the destination page is allowed to access the previous page' s timing information.
1716 RefPtr<SecurityOrigin> securityOrigin = SecurityOrigin::create(pdl->requ est().url()); 1716 RefPtr<SecurityOrigin> securityOrigin = SecurityOrigin::create(pdl->requ est().url());
1717 m_documentLoader->timing()->setHasSameOriginAsPreviousDocument(securityO rigin->canRequest(m_previousUrl)); 1717 m_documentLoader->timing()->setHasSameOriginAsPreviousDocument(securityO rigin->canRequest(m_previousUrl));
1718 } 1718 }
1719 1719
1720 // Call clientRedirectCancelledOrFinished() here so that the frame load dele gate is notified that the redirect's 1720 // Call clientRedirectCancelledOrFinished() here so that the frame load dele gate is notified that the redirect's
1721 // status has changed, if there was a redirect. The frame load delegate may have saved some state about 1721 // status has changed, if there was a redirect. The frame load delegate may have saved some state about
1722 // the redirect in its -webView:willPerformClientRedirectToURL:delay:fireDat e:forFrame:. Since we are 1722 // the redirect in its -webView:willPerformClientRedirectToURL:delay:fireDat e:forFrame:. Since we are
1723 // just about to commit a new page, there cannot possibly be a pending redir ect at this point. 1723 // just about to commit a new page, there cannot possibly be a pending redir ect at this point.
1724 if (m_sentRedirectNotification) 1724 if (m_sentRedirectNotification)
(...skipping 1626 matching lines...) Expand 10 before | Expand all | Expand 10 after
3351 windowRect.setHeight(features.height + (windowRect.height() - pageSize.h eight())); 3351 windowRect.setHeight(features.height + (windowRect.height() - pageSize.h eight()));
3352 page->chrome()->setWindowRect(windowRect); 3352 page->chrome()->setWindowRect(windowRect);
3353 3353
3354 page->chrome()->show(); 3354 page->chrome()->show();
3355 3355
3356 created = true; 3356 created = true;
3357 return frame; 3357 return frame;
3358 } 3358 }
3359 3359
3360 } // namespace WebCore 3360 } // namespace WebCore
OLDNEW
« no previous file with comments | « LayoutTests/fast/parser/document-open-in-unload-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698