Ensure WindowProxy reinitialization on navigations if needed.

Ensure WindowProxy reinitialization on navigations if needed.

When returning a Window reference to JS, Blink calls ToV8() to
convert the C++ DOMWindow pointer to an associated JS DOM wrapper,
which ensures the associated WindowProxy is initialized. During a
navigation that requires switching DOMWindows, the WindowProxy is
detached from the old DOMWindow by calling setDOMWindow() and
later reattached to the new DOMWindow by calling
ScriptController::updateDocument().

As an optimization, 246e25c5bd72fac9dce3b9b1254e5590d0444d09
skipped initialization of the WindowProxy if it's global proxy
reference was null. Skipping initialization is safe here since a
null global proxy reference means that ToV8() was never called,
and JS cannot hold any references to the Window object. Thus, it
is unnecessary to ensure that the global proxy is attached to a
DOMWindow.

40458d4dd913d5fd6f4f1bb2da083a8a7136a9af cleaned up the complex
WindowProxy initialization logic but introduced a subtle bug:
it changed updateDocument() to be a no-op if the WindowProxy is
not initialized. Unfortunately, this means that any existing
script references to that Window object will be broken unless
WindowProxy reinitialization is triggered by something else,
such as loading a <script> tag in the new Document or getting
a new reference to the Window.

BUG=690178
Review-Url: https://codereview.chromium.org/2732483004
Cr-Commit-Position: refs/heads/master@{#454552}
(cherry picked from commit bee44e2b6c7a93b28e1082743784045447498476)

Review-Url: https://codereview.chromium.org/2735983002 .
Cr-Commit-Position: refs/branch-heads/3029@{#37}
Cr-Branched-From: 939b32ee5ba05c396eef3fd992822fcca9a2e262-refs/heads/master@{#454471}
Committed: https://chromium.googlesource.com/chromium/src/+/4933ae6d5fe4a43fd7d2cbb0017e1492ab455b92

[dcheng, 2017-03-07 06:35:16]

Description was changed from

==========
Ensure WindowProxy reinitialization on navigations if needed.

When returning a Window reference to JS, Blink calls ToV8() to
convert the C++ DOMWindow pointer to an associated JS DOM wrapper,
which ensures the associated WindowProxy is initialized. During a
navigation that requires switching DOMWindows, the WindowProxy is
detached from the old DOMWindow by calling setDOMWindow() and
later reattached to the new DOMWindow by calling
ScriptController::updateDocument().

As an optimization, 246e25c5bd72fac9dce3b9b1254e5590d0444d09
skipped initialization of the WindowProxy if it's global proxy
reference was null. Skipping initialization is safe here since a
null global proxy reference means that ToV8() was never called,
and JS cannot hold any references to the Window object. Thus, it
is unnecessary to ensure that the global proxy is attached to a
DOMWindow.

40458d4dd913d5fd6f4f1bb2da083a8a7136a9af cleaned up the complex
WindowProxy initialization logic but introduced a subtle bug:
it changed updateDocument() to be a no-op if the WindowProxy is
not initialized. Unfortunately, this means that any existing
script references to that Window object will be broken unless
WindowProxy reinitialization is triggered by something else,
such as loading a <script> tag in the new Document or getting
a new reference to the Window.

BUG=690178

Review-Url: https://codereview.chromium.org/2732483004
Cr-Commit-Position: refs/heads/master@{#454552}
(cherry picked from commit bee44e2b6c7a93b28e1082743784045447498476)
==========

to

==========
Ensure WindowProxy reinitialization on navigations if needed.

When returning a Window reference to JS, Blink calls ToV8() to
convert the C++ DOMWindow pointer to an associated JS DOM wrapper,
which ensures the associated WindowProxy is initialized. During a
navigation that requires switching DOMWindows, the WindowProxy is
detached from the old DOMWindow by calling setDOMWindow() and
later reattached to the new DOMWindow by calling
ScriptController::updateDocument().

As an optimization, 246e25c5bd72fac9dce3b9b1254e5590d0444d09
skipped initialization of the WindowProxy if it's global proxy
reference was null. Skipping initialization is safe here since a
null global proxy reference means that ToV8() was never called,
and JS cannot hold any references to the Window object. Thus, it
is unnecessary to ensure that the global proxy is attached to a
DOMWindow.

40458d4dd913d5fd6f4f1bb2da083a8a7136a9af cleaned up the complex
WindowProxy initialization logic but introduced a subtle bug:
it changed updateDocument() to be a no-op if the WindowProxy is
not initialized. Unfortunately, this means that any existing
script references to that Window object will be broken unless
WindowProxy reinitialization is triggered by something else,
such as loading a <script> tag in the new Document or getting
a new reference to the Window.

BUG=690178

Review-Url: https://codereview.chromium.org/2732483004
Cr-Commit-Position: refs/heads/master@{#454552}
(cherry picked from commit bee44e2b6c7a93b28e1082743784045447498476)

Review-Url: https://codereview.chromium.org/2735983002 .
Cr-Commit-Position: refs/branch-heads/3029@{#37}
Cr-Branched-From:
939b32ee5ba05c396eef3fd992822fcca9a2e262-refs/heads/master@{#454471}
Committed:
https://chromium.googlesource.com/chromium/src/+/4933ae6d5fe4a43fd7d2cbb0017e...
==========

[dcheng, 2017-03-07 06:35:17]

Committed patchset #1 (id:1) manually as
4933ae6d5fe4a43fd7d2cbb0017e1492ab455b92.