| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 /* | 5 /* |
| 6 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. | 6 * Copyright (C) 2006, 2007, 2008, 2009 Apple Inc. All rights reserved. |
| 7 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) | 7 * Copyright (C) 2008 Nokia Corporation and/or its subsidiary(-ies) |
| 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. | 8 * Copyright (C) 2008, 2009 Torch Mobile Inc. All rights reserved. |
| 9 * (http://www.torchmobile.com/) | 9 * (http://www.torchmobile.com/) |
| 10 * | 10 * |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 79 if (is_target_frame && clone_children_of_target && !item_.isNull()) { | 79 if (is_target_frame && clone_children_of_target && !item_.isNull()) { |
| 80 new_history_node->item().setDocumentSequenceNumber( | 80 new_history_node->item().setDocumentSequenceNumber( |
| 81 item_.documentSequenceNumber()); | 81 item_.documentSequenceNumber()); |
| 82 } | 82 } |
| 83 | 83 |
| 84 if (clone_children_of_target || !is_target_frame) { | 84 if (clone_children_of_target || !is_target_frame) { |
| 85 for (WebFrame* child = current_frame->GetWebFrame()->firstChild(); child; | 85 for (WebFrame* child = current_frame->GetWebFrame()->firstChild(); child; |
| 86 child = child->nextSibling()) { | 86 child = child->nextSibling()) { |
| 87 RenderFrameImpl* child_render_frame = | 87 RenderFrameImpl* child_render_frame = |
| 88 RenderFrameImpl::FromWebFrame(child); | 88 RenderFrameImpl::FromWebFrame(child); |
| 89 // TODO(creis): A child frame may be a RenderFrameProxy. We should still |
| 90 // process its children, but that will be possible when we move this code |
| 91 // to the browser process in https://crbug.com/236848. |
| 92 if (!child_render_frame) |
| 93 continue; |
| 89 HistoryNode* child_history_node = | 94 HistoryNode* child_history_node = |
| 90 entry_->GetHistoryNodeForFrame(child_render_frame); | 95 entry_->GetHistoryNodeForFrame(child_render_frame); |
| 91 if (!child_history_node) | 96 if (!child_history_node) |
| 92 continue; | 97 continue; |
| 93 HistoryNode* new_child_node = | 98 HistoryNode* new_child_node = |
| 94 child_history_node->CloneAndReplace(new_entry, | 99 child_history_node->CloneAndReplace(new_entry, |
| 95 new_item, | 100 new_item, |
| 96 clone_children_of_target, | 101 clone_children_of_target, |
| 97 target_frame, | 102 target_frame, |
| 98 child_render_frame); | 103 child_render_frame); |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 201 return unique_names_to_items_[frame->GetWebFrame()->uniqueName().utf8()]; | 206 return unique_names_to_items_[frame->GetWebFrame()->uniqueName().utf8()]; |
| 202 } | 207 } |
| 203 | 208 |
| 204 WebHistoryItem HistoryEntry::GetItemForFrame(RenderFrameImpl* frame) { | 209 WebHistoryItem HistoryEntry::GetItemForFrame(RenderFrameImpl* frame) { |
| 205 if (HistoryNode* history_node = GetHistoryNodeForFrame(frame)) | 210 if (HistoryNode* history_node = GetHistoryNodeForFrame(frame)) |
| 206 return history_node->item(); | 211 return history_node->item(); |
| 207 return WebHistoryItem(); | 212 return WebHistoryItem(); |
| 208 } | 213 } |
| 209 | 214 |
| 210 } // namespace content | 215 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 913223009:
Avoid crash in HistoryNode::CloneAndReplace with out-of-process iframes. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master