| Index: third_party/WebKit/Source/core/html/ImageDocument.cpp
|
| diff --git a/third_party/WebKit/Source/core/html/ImageDocument.cpp b/third_party/WebKit/Source/core/html/ImageDocument.cpp
|
| index 7521cbd249b6b29bee79116b9984087a32cb6690..e5c5f8b2ad86df77d74d181ee6341afab9fca8f1 100644
|
| --- a/third_party/WebKit/Source/core/html/ImageDocument.cpp
|
| +++ b/third_party/WebKit/Source/core/html/ImageDocument.cpp
|
| @@ -146,9 +146,7 @@ void ImageDocumentParser::appendBytes(const char* data, size_t length)
|
| document()->cachedImage()->appendData(data, length);
|
| }
|
|
|
| - // TODO(esprehn): These null checks on Document don't make sense, document()
|
| - // will ASSERT if it was null. Do these want to check isDetached() ?
|
| - if (document())
|
| + if (!isDetached())
|
| document()->imageUpdated();
|
| }
|
|
|
| @@ -171,14 +169,14 @@ void ImageDocumentParser::finish()
|
| if (fileName.isEmpty())
|
| fileName = document()->url().host();
|
| document()->setTitle(imageTitle(fileName, size));
|
| + if (isDetached())
|
| + return;
|
| }
|
|
|
| document()->imageUpdated();
|
| }
|
|
|
| - // TODO(esprehn): These null checks on Document don't make sense, document()
|
| - // will ASSERT if it was null. Do these want to check isDetached() ?
|
| - if (document())
|
| + if (!isDetached())
|
| document()->finishedParsing();
|
| }
|
|
|
| @@ -207,8 +205,10 @@ void ImageDocument::createDocumentStructure(bool loadingMultipartContent)
|
| appendChild(rootElement);
|
| rootElement->insertedByParser();
|
|
|
| - if (frame())
|
| - frame()->loader().dispatchDocumentElementAvailable();
|
| + frame()->loader().dispatchDocumentElementAvailable();
|
| + frame()->loader().runScriptsAtDocumentElementAvailable();
|
| + if (isStopped())
|
| + return; // runScriptsAtDocumentElementAvailable can detach the frame.
|
| // Normally, ImageDocument creates an HTMLImageElement that doesn't actually load
|
| // anything, and the ImageDocument routes the main resource data into the HTMLImageElement's
|
| // ImageResource. However, the main resource pipeline doesn't know how to handle multipart content.
|
| @@ -226,8 +226,7 @@ void ImageDocument::createDocumentStructure(bool loadingMultipartContent)
|
| RefPtrWillBeRawPtr<HTMLBodyElement> body = HTMLBodyElement::create(*this);
|
| body->setAttribute(styleAttr, "margin: 0px;");
|
|
|
| - if (frame())
|
| - frame()->loader().client()->dispatchWillInsertBody();
|
| + frame()->loader().client()->dispatchWillInsertBody();
|
|
|
| m_imageElement = HTMLImageElement::create(*this);
|
| m_imageElement->setAttribute(styleAttr, "-webkit-user-select: none");
|
| @@ -416,8 +415,13 @@ void ImageDocument::windowSizeChanged(ScaleType type)
|
| ImageResource* ImageDocument::cachedImage()
|
| {
|
| bool loadingMultipartContent = loader() && loader()->loadingMultipartContent();
|
| - if (!m_imageElement)
|
| + if (!m_imageElement) {
|
| createDocumentStructure(loadingMultipartContent);
|
| + if (isStopped()) {
|
| + m_imageElement = nullptr;
|
| + return nullptr;
|
| + }
|
| + }
|
|
|
| return loadingMultipartContent ? nullptr : m_imageElement->cachedImage();
|
| }
|
|
|
Chromium Code Reviews
Issue 1825873002:
Deal with frame removal by content scripts (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@2661