Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(110)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/frame_host/navigation_entry_impl.cc

Issue 2438743005: Fix history nav to a script-injected about:blank frame. (Closed)
Patch Set: Fix nits. Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/navigation_entry_impl.h ('k') | content/browser/frame_host/navigation_request.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/navigation_entry_impl.cc
diff --git a/content/browser/frame_host/navigation_entry_impl.cc b/content/browser/frame_host/navigation_entry_impl.cc
index 28f9b2ee737445cec291175534a4dc502cdabac4..a77fcf02e95dc6a4a47ee56ffb0b101c68839ce2 100644
--- a/content/browser/frame_host/navigation_entry_impl.cc
+++ b/content/browser/frame_host/navigation_entry_impl.cc
@@ -703,7 +703,7 @@ RequestNavigationParams NavigationEntryImpl::ConstructRequestNavigationParams(
const FrameNavigationEntry& frame_entry,
bool is_same_document_history_load,
bool is_history_navigation_in_new_child,
- const std::set<std::string>& subframe_unique_names,
+ const std::map<std::string, bool>& subframe_unique_names,
bool has_committed_real_load,
bool intended_as_new_entry,
int pending_history_list_offset,
@@ -866,14 +866,34 @@ FrameNavigationEntry* NavigationEntryImpl::GetFrameEntry(
return tree_node ? tree_node->frame_entry.get() : nullptr;
}
-std::set<std::string> NavigationEntryImpl::GetSubframeUniqueNames(
+std::map<std::string, bool> NavigationEntryImpl::GetSubframeUniqueNames(
FrameTreeNode* frame_tree_node) const {
- std::set<std::string> names;
+ std::map<std::string, bool> names;
NavigationEntryImpl::TreeNode* tree_node = FindFrameEntry(frame_tree_node);
if (tree_node) {
// Return the names of all immediate children.
- for (TreeNode* child : tree_node->children)
- names.insert(child->frame_entry->frame_unique_name());
+ for (TreeNode* child : tree_node->children) {
+ // Keep track of whether we would be loading about:blank, since the
+ // renderer should be allowed to just commit the initial blank frame if
+ // that was the default URL. PageState doesn't matter there, because
+ // content injected into about:blank frames doesn't use it.
+ //
+ // Be careful not to include iframe srcdoc URLs in this check, which do
+ // need their PageState. The committed URL in that case gets rewritten to
+ // about:blank, but we can detect it via the PageState's URL.
+ //
+ // See https://crbug.com/657896 for details.
+ bool is_about_blank = false;
+ ExplodedPageState exploded_page_state;
+ if (DecodePageState(child->frame_entry->page_state().ToEncodedData(),
+ &exploded_page_state)) {
+ ExplodedFrameState frame_state = exploded_page_state.top;
+ if (UTF16ToUTF8(frame_state.url_string.string()) == url::kAboutBlankURL)
alexmos 2016/10/21 18:22:10 Just out of curiousity - what is the frame_state.u
Charlie Reis 2016/10/21 18:31:46 about:srcdoc. We rewrite all about: URLs to be ab
+ is_about_blank = true;
+ }
+
+ names[child->frame_entry->frame_unique_name()] = is_about_blank;
+ }
}
return names;
}
« no previous file with comments | « content/browser/frame_host/navigation_entry_impl.h ('k') | content/browser/frame_host/navigation_request.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698