Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(707)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 138213002: Fix crash when popstate handler detaches frame during history navigation (Closed)

Created:
6 years, 11 months ago by Jens Widell
Modified:
6 years, 11 months ago
CC:
blink-reviews, Nate Chapin, gavinp+loader_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/blink.git@master
Visibility:
Public.

Description

Fix crash when popstate handler detaches frame during history navigation Protect FrameLoader::m_frame in FrameLoader::loadHistoryItem() to keep it from being destroyed if a popstate event handler, dispatched via FrameLoader::loadInSameDocument(), removes the frame from the parent document. BUG=334239 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=165081

Patch Set 1 : #

Unified diffs Side-by-side diffs Delta from patch set Stats (+11 lines, -0 lines) Patch
M LayoutTests/fast/loader/stateobjects/resources/pushstate-in-iframe-child.html View 1 chunk +8 lines, -0 lines 0 comments Download
M Source/core/loader/FrameLoader.cpp View 1 chunk +3 lines, -0 lines 0 comments Download

Messages

Total messages: 4 (0 generated)
Jens Widell
Hi, please review when you have time. This is a simple (and safe, I hope) ...
6 years, 11 months ago (2014-01-14 14:13:11 UTC) #1
arv (Not doing code reviews)
LGTM
6 years, 11 months ago (2014-01-14 15:31:53 UTC) #2
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/jl@opera.com/138213002/30001
6 years, 11 months ago (2014-01-14 15:55:53 UTC) #3
commit-bot: I haz the power
6 years, 11 months ago (2014-01-14 17:14:06 UTC) #4
Message was sent while issue was closed. 
Change committed as 165081

Powered by Google App Engine
This is Rietveld 408576698