Google Git
Sign in
webkit / WebKit / 730068182c21e06de44718d1ba7a5d16f3cdc1d4^! / . / Source / WebCore / loader / FrameLoader.cpp
commit730068182c21e06de44718d1ba7a5d16f3cdc1d4[log] [tgz]
authordarin@apple.com <darin@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Jun 29 20:46:33 2011 +0000
committerdarin@apple.com <darin@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Jun 29 20:46:33 2011 +0000
tree5a03c10c2ecf56cf1d4cebe8af5183d792a180b9
parent6f1067b16b69f998750cb64feee792886e8dc097 [diff] [blame]
2011-06-29  Darin Adler  <darin@apple.com>

        Reviewed by Anders Carlsson.

        [WebKit2] Crash loading page that adds/removes frame in DOMContentLoaded/loaded
        https://bugs.webkit.org/show_bug.cgi?id=63483

        * fast/loader/create-frame-in-DOMContentLoaded-expected.txt: Added.
        * fast/loader/create-frame-in-DOMContentLoaded.html: Added.
2011-06-29  Darin Adler  <darin@apple.com>

        Reviewed by Anders Carlsson.

        [WebKit2] Crash loading page that adds/removes frame in DOMContentLoaded/loaded
        https://bugs.webkit.org/show_bug.cgi?id=63483

        Test: fast/loader/create-frame-in-DOMContentLoaded.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::init): Added an assertion.
        (WebCore::FrameLoader::finishedLoadingDocument): Removed a non-helpful #if
        statement. The rule that we do not call the client when creating the initial
        empty document was nominally specific to Windows and Chromium but is needed
        for all platforms.
2011-06-29  Darin Adler  <darin@apple.com>

        Reviewed by Anders Carlsson.

        [WebKit2] Crash loading page that adds/removes frame in DOMContentLoaded/loaded
        https://bugs.webkit.org/show_bug.cgi?id=63483

        * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
        (WebKit::WebFrameLoaderClient::createFrame): Added a check for null when creating
        a frame. Also added a check that was in the WebKit1 code, but not here. Strangely,
        the comment from the second check was still here, but not the code.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@90038 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/WebCore/loader/FrameLoader.cpp b/Source/WebCore/loader/FrameLoader.cpp
index 7c0943b..0a62b06 100644
--- a/Source/WebCore/loader/FrameLoader.cpp
+++ b/Source/WebCore/loader/FrameLoader.cpp

@@ -220,13 +220,15 @@
     // This needs to be done early, so that an initial document gets correct sandbox flags in its SecurityOrigin.
     updateSandboxFlags();
 
-    // this somewhat odd set of steps is needed to give the frame an initial empty document
+    // This somewhat odd set of steps gives the frame an initial empty document.
+    // It would be better if this could be done with even fewer steps.
     m_stateMachine.advanceTo(FrameLoaderStateMachine::CreatingInitialEmptyDocument);
     setPolicyDocumentLoader(m_client->createDocumentLoader(ResourceRequest(KURL(ParsedURLString, "")), SubstituteData()).get());
     setProvisionalDocumentLoader(m_policyDocumentLoader.get());
     setState(FrameStateProvisional);
     m_provisionalDocumentLoader->setResponse(ResourceResponse(KURL(), "text/html", 0, String(), String()));
     m_provisionalDocumentLoader->finishedLoading();
+    ASSERT(!m_frame->document());
     m_documentLoader->writer()->begin(KURL(), false);
     m_documentLoader->writer()->end();
     m_frame->document()->cancelParsing();
@@ -2050,11 +2052,8 @@
 
 void FrameLoader::finishedLoadingDocument(DocumentLoader* loader)
 {
-    // FIXME: Platforms shouldn't differ here!
-#if PLATFORM(WIN) || PLATFORM(CHROMIUM)
     if (m_stateMachine.creatingInitialEmptyDocument())
         return;
-#endif
 
 #if !ENABLE(WEB_ARCHIVE) && !ENABLE(MHTML)
     m_client->finishedLoading(loader);