DescriptionMove UndoStack from Page to Editor
Blink currently maintains per-page undo stacks, leading to:
- Security risks. A frame can directly manipulate content of another frame
by running document.execCommand('undo'), allowing Javascript to bypass
frame and even origin boundaries.
- Inconsistent behaviors. Without OOPIF, all changes in a page can be undone
by repeatedly invoking keyboard undo (CTRL+Z); With OOPIF, only those changes
in the focused frame and its same-origin frames can be undone.
Redos have analogous defects.
This patch changes UndoStack from per-page to per-frame, so that undos and
redos are consistently resolved by the frame where script is run or which
gets focused.
This patch also removes |UndoStack::didUnloadFrame()| since its only purpose
is to filter out the undo steps for a particular frame, which no longer makes
sense after undo stacks are made per-frame.
BUG=349272, 549334
TEST=editing/undo/undo-iframe-location-change.html
Committed: https://crrev.com/6447f384cf6d95f70475798e3fd45b689316ce50
Cr-Commit-Position: refs/heads/master@{#403653}
Patch Set 1 #Patch Set 2 : Fix layout test #
Total comments: 8
Patch Set 3 : Address comments and rewrite test #
Total comments: 4
Patch Set 4 : Use |const Member| and add notes to UndoStack class #Messages
Total messages: 21 (9 generated)
|