Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2807123002:
Fix the wrong non-element node handling in EventHanlder and MouseEventManager (Closed)
DescriptionFix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL does:
- Have EventHandlingUtil::ParentElementIfNeeded and use it everywhere so that
we surely adjust a node to the appropriate element, at which an event should be
fired.
- Replaces the usage of Node* to Element* as much as possible so that it rejects
the wrong code at type level check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394, 710425
Review-Url: https://codereview.chromium.org/2807123002
Cr-Commit-Position: refs/heads/master@{#464344}
Committed: https://chromium.googlesource.com/chromium/src/+/85e1871d673fb6c2e4bdb34dde02e5bb1ea896c6
Patch Set 1 #Patch Set 2 : try #
Total comments: 4
Patch Set 3 : try #Patch Set 4 : rebase tests, try #Patch Set 5 : clean up #Patch Set 6 : wip #Patch Set 7 : try after merging https://codereview.chromium.org/2809333002 #Patch Set 8 : Pass the original tapped node to ShadowUnhnadledTapUIIfNeeded #
Total comments: 2
Patch Set 9 : Addressed #
Total comments: 2
Messages
Total messages: 84 (55 generated)
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
try
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Description was changed from ========== # Enter a description of the change. wip BUG= ========== to ========== Fire a click event even when a clicked text node has been removed in mouseup BUG=708394 ==========
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
Description was changed from ========== Fire a click event even when a clicked text node has been removed in mouseup BUG=708394 ========== to ========== Fire a click event even when a clicked text node has been removed in mouseup When a text node is clicked, the following could happen: 1. A user presses a mouse button. 2. UA did a hittest. The result's innerNode() is a text node. 3. MouseEventManager#click_node_ is set to the parent element of the clicked text node 4. Dispatch a mouse press event (or something) 5. A user releases a mouse button. 6. UA did another hittest because UA would dispatch a click event at the common ancestor of: - A location where mouse pressed; MouseEventManager#click_node_ is used in this case. - and A location where mouse released; The 2nd hit test's result is used in this case. 7. A user removed a text node, which is the result of 2nd hit test, in mouseup event listener. 8. Since there is no common ancestor of MouseEventManager#click_node_ and the 2nd hit test's result, a click event is not dispatched. This CL addressed this use case. BUG=708394 ==========
Description was changed from ========== Fire a click event even when a clicked text node has been removed in mouseup When a text node is clicked, the following could happen: 1. A user presses a mouse button. 2. UA did a hittest. The result's innerNode() is a text node. 3. MouseEventManager#click_node_ is set to the parent element of the clicked text node 4. Dispatch a mouse press event (or something) 5. A user releases a mouse button. 6. UA did another hittest because UA would dispatch a click event at the common ancestor of: - A location where mouse pressed; MouseEventManager#click_node_ is used in this case. - and A location where mouse released; The 2nd hit test's result is used in this case. 7. A user removed a text node, which is the result of 2nd hit test, in mouseup event listener. 8. Since there is no common ancestor of MouseEventManager#click_node_ and the 2nd hit test's result, a click event is not dispatched. This CL addressed this use case. BUG=708394 ========== to ========== Fire a click event even when a clicked text node has been removed in mouseup When a text node is clicked, the following could happen: 1. A user presses a mouse button. 2. UA did a hittest. The result's innerNode() is a text node. 3. MouseEventManager#click_node_ is set to the parent element of the clicked text node 4. Dispatch a mouse press event (or something) 5. A user releases a mouse button. 6. UA did another hittest because UA would dispatch a click event at the common ancestor of: - the location where mouse pressed; MouseEventManager#click_node_ is used in this case. - and the location where mouse released; The 2nd hit test's result is used in this case. 7. A user removed a text node, which is the result of 2nd hit test, in mouseup event listener. 8. Since there is no common ancestor of MouseEventManager#click_node_ and the 2nd hit test's result, a click event is not dispatched. This CL addressed this use case. BUG=708394 ==========
hayato@chromium.org changed reviewers: + kochi@chromium.org, tkent@chromium.org
PTAL
Does Patch Set 1 work if an inner Text node is removed on mousedown?
https://codereview.chromium.org/2807123002/diff/20001/third_party/WebKit/Sour... File third_party/WebKit/Source/core/input/MouseEventManager.cpp (right): https://codereview.chromium.org/2807123002/diff/20001/third_party/WebKit/Sour... third_party/WebKit/Source/core/input/MouseEventManager.cpp:263: if ((mev.InnerNode()->IsTextNode() && click_node_->isConnected() && I think this code has the following unexpected behavior. 1. Open fast/events/remove-text-node-in-mouseup.html 2. Mousedown on a Text child of the first <p> element 3. Move mouse cursor onto the second <div> element 4. Mouseup In this case, click_node_ is <p>, mev.InnerNode() is the removed Text node, and this code will dispatch 'click' on <p>.
https://codereview.chromium.org/2807123002/diff/20001/third_party/WebKit/Sour... File third_party/WebKit/Source/core/input/MouseEventManager.cpp (right): https://codereview.chromium.org/2807123002/diff/20001/third_party/WebKit/Sour... third_party/WebKit/Source/core/input/MouseEventManager.cpp:263: if ((mev.InnerNode()->IsTextNode() && click_node_->isConnected() && On 2017/04/11 at 04:16:14, tkent wrote: > I think this code has the following unexpected behavior. > > 1. Open fast/events/remove-text-node-in-mouseup.html > 2. Mousedown on a Text child of the first <p> element > 3. Move mouse cursor onto the second <div> element > 4. Mouseup > > In this case, click_node_ is <p>, mev.InnerNode() is the removed Text node, and this code will dispatch 'click' on <p>. Maybe a logic would be: Node* mouseup_node = mev.InnerNode()->isTextNode() ? mev.InnerNode()->parentNode() : mev.InnerNode(); if (click_node_ == mouseup_node) { ...
https://codereview.chromium.org/2807123002/diff/20001/third_party/WebKit/Sour... File third_party/WebKit/Source/core/input/MouseEventManager.cpp (right): https://codereview.chromium.org/2807123002/diff/20001/third_party/WebKit/Sour... third_party/WebKit/Source/core/input/MouseEventManager.cpp:264: !mev.InnerNode()->isConnected()) || (I am not sure and just checking) - Isn't click_node_->isConnected() already guaranteed somewhere above? (I vaguely assumed that click_node_->isConnected() is implied in |should_dispatch_click_event|, but it seems not.) If click_node_ is not connected, still click event should be dispatched to it? For readability, I prefer the following order: "mev.InnerNode()->IsTextNode() && !mev.InnerNode()->isConnected() && click_node_->isConnected()" but it's up to you. https://codereview.chromium.org/2807123002/diff/20001/third_party/WebKit/Sour... third_party/WebKit/Source/core/input/MouseEventManager.cpp:265: click_node_ == mev.InnerNode()) { I'd guess "click_node_ == mev.InnerNode()" is the more common case, so in that case the condition may be better checked first?
try
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: linux_chromium_asan_rel_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
rebase tests, try
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Description was changed from ========== Fire a click event even when a clicked text node has been removed in mouseup When a text node is clicked, the following could happen: 1. A user presses a mouse button. 2. UA did a hittest. The result's innerNode() is a text node. 3. MouseEventManager#click_node_ is set to the parent element of the clicked text node 4. Dispatch a mouse press event (or something) 5. A user releases a mouse button. 6. UA did another hittest because UA would dispatch a click event at the common ancestor of: - the location where mouse pressed; MouseEventManager#click_node_ is used in this case. - and the location where mouse released; The 2nd hit test's result is used in this case. 7. A user removed a text node, which is the result of 2nd hit test, in mouseup event listener. 8. Since there is no common ancestor of MouseEventManager#click_node_ and the 2nd hit test's result, a click event is not dispatched. This CL addressed this use case. BUG=708394 ========== to ========== Fire a click event even when a clicked text node has been removed in mouseup When a text node is clicked, the following could happen: 1. A user presses a mouse button. 2. UA did a hittest. The result's innerNode() is a text node. 3. MouseEventManager#click_node_ is set to the parent element of the clicked text node 4. Dispatch a mouse press event (or something) 5. A user releases a mouse button. 6. UA did another hittest because UA would dispatch a click event at the common ancestor of: - the location where mouse pressed; MouseEventManager#click_node_ is used in this case. - and the location where mouse released; The 2nd hit test's result is used in this case. 7. A user removed a text node, which is the result of 2nd hit test, in mouseup event listener. 8. Since there is no common ancestor of MouseEventManager#click_node_ and the 2nd hit test's result, a click event is not dispatched. This CL addressed this use case. BUG=708394 ==========
dtapuska@chromium.org changed reviewers: + nzolghadr@chromium.org
On 2017/04/11 09:30:45, hayato wrote: > rebase tests, try Navid should review this from a specification perspective/interop. This doesn't have web platform tests so that is concerning.
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: linux_android_rel_ng on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/linux_androi...)
clean up
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Description was changed from
==========
Fire a click event even when a clicked text node has been removed in mouseup
When a text node is clicked, the following could happen:
1. A user presses a mouse button.
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch a mouse press event (or something)
5. A user releases a mouse button.
6. UA did another hittest because UA would dispatch a click event at the common
ancestor of:
- the location where mouse pressed; MouseEventManager#click_node_ is used in
this case.
- and the location where mouse released; The 2nd hit test's result is used in
this case.
7. A user removed a text node, which is the result of 2nd hit test, in mouseup
event listener.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
This CL addressed this use case.
BUG=708394
==========
to
==========
Fixing the wrong TextNode handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394
==========
I have completely rewritten the CL so that it could fix the root cause, as an experiment. I am not going to land this CL as is. Now, Touch Events is also fixed; Touch event is no longer fired on a text node. However, I am not sure that I can land this patch as is because android's ContextualSearchManagerTest started to fail, which seems to be the only regression of the patch #4. https://build.chromium.org/p/tryserver.chromium.android/builders/linux_androi...
hayato@chromium.org changed reviewers: + donnd@chromium.org
Adding donnd@ as a reviewer because the latest patch set has a regression on Android's ContextualSearchManagerTest. https://build.chromium.org/p/tryserver.chromium.android/builders/linux_androi... donnd@, could you have a chance to take a look? Is this a true regression?
Description was changed from
==========
Fixing the wrong TextNode handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394
==========
to
==========
Fix the wrong TextNode handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394
==========
Description was changed from
==========
Fix the wrong TextNode handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394
==========
to
==========
Fix the wrong TextNode handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394,710425
==========
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: linux_android_rel_ng on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/linux_androi...)
I took a quick look at a few test failures and my guess is that Contextual Search would be completely broken by this change. I'll try to take a closer look at this later today, but my initial impression is that CS probably doesn't get the signal that the event happened but was not handled so it can handle it through ShowUnhandledTapUIIfNeeded.
wip
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
try after merging https://codereview.chromium.org/2809333002
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: chromium_presubmit on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/chromium_presub...)
According to the comment in https://bugs.chromium.org/p/chromium/issues/detail?id=708394#c18, I am thinking that we should have a tentative fix only for bug 708394. See https://codereview.chromium.org/2812613004
Pass the original tapped node to ShadowUnhnadledTapUIIfNeeded
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
Description was changed from
==========
Fix the wrong TextNode handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394,710425
==========
to
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394,710425
==========
The result looks all green. Let me clean up the CL and the description tomorrow. I'll ping you once it is ready. Note that I have already landed https://codereview.chromium.org/2812613004 as a separated CL, so this CL is no longer urgent.
LGTM % nit below. https://codereview.chromium.org/2807123002/diff/140001/third_party/WebKit/Sou... File third_party/WebKit/Source/core/input/GestureManager.cpp (right): https://codereview.chromium.org/2807123002/diff/140001/third_party/WebKit/Sou... third_party/WebKit/Source/core/input/GestureManager.cpp:293: if (event_result == WebInputEventResult::kNotHandled && tapped_element && Nit: I wonder if it would be better to test the tapped_node here instead of the tapped_element since that's what we're going to pass to the client. I suppose it's not possible for one to be null without the other right now, but seems better and cleaner the other way.
Description was changed from
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
EventHandler and MouseEventManager are storing a clicked node (or a touched
node) as Node*, instead of Element*,
That would be a bad practice. Actually, that would be the cause of several wrong
behaviors in Blink, such as:
(A) Blink does NOT fire a click event when a clicked text node has been removed
in mouseup.
This is wrong because a click event should be fired on an element node.
See [1] for details.
(B) Blink DOES fire a touch event on a non-element node.
This is wrong because TouchEvent specification says all kinds of touch events'
event target types are only Document and Element.
For reference, (A) would happen in the following scenario:
1. User presses a mouse button
2. UA did a hittest. The result's innerNode() is a text node.
3. MouseEventManager#click_node_ is set to the parent element of the clicked
text node
4. Dispatch mouse press events (or anything)
5. User releases a mouse button
6. UA did another hittest because UA would dispatch a click event at the commo
n ancestor of:
- A location of mouse pressed; MouseEventManager#click_node_ is used in this
case.
- and A location of mouse released; The 2nd hit test's result is used in this
case.
7. Users removed a text node, which is the result of 2nd hit test.
8. Since there is no common ancestor of MouseEventManager#click_node_ and the
2nd hit test's result, a click event is not dispatched.
To prevent these wrong behaviors, this CL does:
- Replaces the usage of |Node*| to |Element*| as much as possible so that it
rejects the wrong code at type level.
- To prevent a false-negative event firing, like in the mentioned case, preserve
the parent *element*, if necessary, of a clicked node
before dispatching MouseRelease event so that a following click event should
be fired correctly even when a text node has been removed in mouseup.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
This CL mainly aims to fix bug 708394. I think there are other places, such as
other events, which should be fixed, which can be done in another CL.
BUG=708394,710425
==========
to
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
EventHandler/MouseEventManager is storing a clicked node/tapped node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was jsut tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL replaces the usage of Node* to
Element* as much as possible so that it rejects the wrong code at type level
check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
Description was changed from ========== Fix the wrong non-element node handling in EventHanlder and MouseEventManager EventHandler/MouseEventManager is storing a clicked node/tapped node as Node*, instead of Element*, that would be a bad practice. Actually, that has been the cause of several wrong behaviors in Blink, such as: 1. Blink does NOT fire a click event when a clicked text node has been removed in mouseup. This is wrong because a click event should be fired on an element node. See [1] for details. This bug was jsut tentatively fixed at another CL [2]. 2. Blink DOES fire a touch event on a non-element node. This is wrong because TouchEvent specification says all kinds of touch events' event target types are limited to Document and Element [3]. To prevent these wrong behaviors, this CL replaces the usage of Node* to Element* as much as possible so that it rejects the wrong code at type level check. - [1]: topmost event target; https://www.w3.org/TR/uievents/#topmost-event-target - [2] https://codereview.chromium.org/2812613004 - [3]: Trusted proximal event target types are: Document and Element; https://w3c.github.io/touch-events/#list-of-touchevent-types BUG=708394,710425 ========== to ========== Fix the wrong non-element node handling in EventHanlder and MouseEventManager {EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*, instead of Element*, that would be a bad practice. Actually, that has been the cause of several wrong behaviors in Blink, such as: 1. Blink does NOT fire a click event when a clicked text node has been removed in mouseup. This is wrong because a click event should be fired on an element node. See [1] for details. This bug was jsut tentatively fixed at another CL [2]. 2. Blink DOES fire a touch event on a non-element node. This is wrong because TouchEvent specification says all kinds of touch events' event target types are limited to Document and Element [3]. To prevent these wrong behaviors, this CL replaces the usage of Node* to Element* as much as possible so that it rejects the wrong code at type level check. - [1]: topmost event target; https://www.w3.org/TR/uievents/#topmost-event-target - [2] https://codereview.chromium.org/2812613004 - [3]: Trusted proximal event target types are: Document and Element; https://w3c.github.io/touch-events/#list-of-touchevent-types BUG=708394,710425 ==========
Description was changed from
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was jsut tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL replaces the usage of Node* to
Element* as much as possible so that it rejects the wrong code at type level
check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
to
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL replaces the usage of Node* to
Element* as much as possible so that it rejects the wrong code at type level
check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
Description was changed from
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL replaces the usage of Node* to
Element* as much as possible so that it rejects the wrong code at type level
check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
to
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL does:
- Have EventHandlingUtil::ParentElementIfNeeded and use it everywhere so that
we surely adjust a node to the appropriate element, where an event should be
fired.
- Replaces the usage of Node* to Element* as much as possible so that it rejects
the wrong code at type level check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
Description was changed from
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL does:
- Have EventHandlingUtil::ParentElementIfNeeded and use it everywhere so that
we surely adjust a node to the appropriate element, where an event should be
fired.
- Replaces the usage of Node* to Element* as much as possible so that it rejects
the wrong code at type level check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
to
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL does:
- Have EventHandlingUtil::ParentElementIfNeeded and use it everywhere so that
we surely adjust a node to the appropriate element, at which an event should
be
fired.
- Replaces the usage of Node* to Element* as much as possible so that it rejects
the wrong code at type level check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
Addressed
The CQ bit was checked by hayato@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
https://codereview.chromium.org/2807123002/diff/140001/third_party/WebKit/Sou... File third_party/WebKit/Source/core/input/GestureManager.cpp (right): https://codereview.chromium.org/2807123002/diff/140001/third_party/WebKit/Sou... third_party/WebKit/Source/core/input/GestureManager.cpp:293: if (event_result == WebInputEventResult::kNotHandled && tapped_element && Nice catch. tapped_node should be better. Done.
The CQ bit was checked by hayato@chromium.org
The patchset sent to the CQ was uploaded after l-g-t-m from donnd@chromium.org Link to the patchset: https://codereview.chromium.org/2807123002/#ps160001 (title: "Addressed")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: linux_chromium_chromeos_ozone_rel_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
The CQ bit was checked by hayato@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: linux_chromium_chromeos_ozone_rel_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
The CQ bit was checked by hayato@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
CQ is committing da patch.
Bot data: {"patchset_id": 160001, "attempt_start_ts": 1492072163282880,
"parent_rev": "3b8cd5612815432d74825a69c4431ea4968e7050", "commit_rev":
"85e1871d673fb6c2e4bdb34dde02e5bb1ea896c6"}
Message was sent while issue was closed.
Description was changed from
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL does:
- Have EventHandlingUtil::ParentElementIfNeeded and use it everywhere so that
we surely adjust a node to the appropriate element, at which an event should
be
fired.
- Replaces the usage of Node* to Element* as much as possible so that it rejects
the wrong code at type level check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
==========
to
==========
Fix the wrong non-element node handling in EventHanlder and MouseEventManager
{EventHandler,MouseEventManager} is storing a {clicked,tapped} node as Node*,
instead of Element*, that would be a bad practice. Actually, that has been the
cause of several wrong behaviors in Blink, such as:
1. Blink does NOT fire a click event when a clicked text node has been removed
in mouseup. This is wrong because a click event should be fired on an
element node. See [1] for details. This bug was just tentatively fixed at
another CL [2].
2. Blink DOES fire a touch event on a non-element node. This is wrong because
TouchEvent specification says all kinds of touch events' event target types
are limited to Document and Element [3].
To prevent these wrong behaviors, this CL does:
- Have EventHandlingUtil::ParentElementIfNeeded and use it everywhere so that
we surely adjust a node to the appropriate element, at which an event should
be
fired.
- Replaces the usage of Node* to Element* as much as possible so that it rejects
the wrong code at type level check.
- [1]: topmost event target;
https://www.w3.org/TR/uievents/#topmost-event-target
- [2] https://codereview.chromium.org/2812613004
- [3]: Trusted proximal event target types are: Document and Element;
https://w3c.github.io/touch-events/#list-of-touchevent-types
BUG=708394,710425
Review-Url: https://codereview.chromium.org/2807123002
Cr-Commit-Position: refs/heads/master@{#464344}
Committed:
https://chromium.googlesource.com/chromium/src/+/85e1871d673fb6c2e4bdb34dde02...
==========
Message was sent while issue was closed.
Committed patchset #9 (id:160001) as https://chromium.googlesource.com/chromium/src/+/85e1871d673fb6c2e4bdb34dde02...
Message was sent while issue was closed.
dtapuska@chromium.org changed reviewers: + dtapuska@chromium.org
Message was sent while issue was closed.
https://codereview.chromium.org/2807123002/diff/160001/third_party/WebKit/Sou... File third_party/WebKit/Source/core/input/EventHandlingUtil.h (right): https://codereview.chromium.org/2807123002/diff/160001/third_party/WebKit/Sou... third_party/WebKit/Source/core/input/EventHandlingUtil.h:34: Element* ParentElementIfNeeded(Node*); Ia this method really needed? Could HitTestResult::innerElement not be called instead of adding this additional code?
Message was sent while issue was closed.
https://codereview.chromium.org/2807123002/diff/160001/third_party/WebKit/Sou... File third_party/WebKit/Source/core/input/EventHandlingUtil.h (right): https://codereview.chromium.org/2807123002/diff/160001/third_party/WebKit/Sou... third_party/WebKit/Source/core/input/EventHandlingUtil.h:34: Element* ParentElementIfNeeded(Node*); Ah, I didn't notice innerElement() at all because the old code around here didn't use it. :( HitTestResult::innerElement() (after some refinements) would be better. |
