Index: Source/core/html/HTMLElement.cpp |
diff --git a/Source/core/html/HTMLElement.cpp b/Source/core/html/HTMLElement.cpp |
index 2500b8a53596aa222e187172cb7312d9e698b7ca..f23093fe80811e11fe7dbf2c8a48fc6e9ee347e5 100644 |
--- a/Source/core/html/HTMLElement.cpp |
+++ b/Source/core/html/HTMLElement.cpp |
@@ -526,6 +526,9 @@ void HTMLElement::insertAdjacentHTML(const String& where, const String& markup, |
if (!contextElement) |
return; |
+ // Parsing can result in losing our last ref to contextElement when JS event handlers fire. |
+ RefPtr<Element> protect = contextElement; |
inferno
2013/11/10 09:10:46
Please define the contextElement as RefPtr itself,
davve
2013/11/10 20:02:13
OK.
|
+ |
RefPtr<DocumentFragment> fragment = createFragmentForInnerOuterHTML(markup, contextElement, AllowScriptingContent, "insertAdjacentHTML", es); |
if (!fragment) |
return; |