Source/WebCore: Don't treat child frame loads as back-forward navigations
after the load event fires. This can lead to loading
the wrong url in the child frame.
https://bugs.webkit.org/show_bug.cgi?id=64895
Reviewed by Mihai Parparita.
Test: fast/loader/child-frame-add-after-back-forward.html
* dom/Document.h: Drive-by FIXME.
* loader/DocumentLoader.h: Drive-by FIXME.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadURLIntoChildFrame):
LayoutTests: Test for https://bugs.webkit.org/show_bug.cgi?id=64895.
Reviewed by Mihai Parparita.
* fast/loader/child-frame-add-after-back-forward-expected.txt: Added.
* fast/loader/child-frame-add-after-back-forward.html: Added.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@91583 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index dd154f2..7f9ad02 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,19 @@
+2011-07-22 Nate Chapin <japhet@chromium.org>
+
+ Don't treat child frame loads as back-forward navigations
+ after the load event fires. This can lead to loading
+ the wrong url in the child frame.
+ https://bugs.webkit.org/show_bug.cgi?id=64895
+
+ Reviewed by Mihai Parparita.
+
+ Test: fast/loader/child-frame-add-after-back-forward.html
+
+ * dom/Document.h: Drive-by FIXME.
+ * loader/DocumentLoader.h: Drive-by FIXME.
+ * loader/FrameLoader.cpp:
+ (WebCore::FrameLoader::loadURLIntoChildFrame):
+
2011-07-22 Kent Tamura <tkent@google.com>
REGRESSION(r88757): The thumb of a vertical range slider is offset to the right on non-Mac.
diff --git a/Source/WebCore/dom/Document.h b/Source/WebCore/dom/Document.h
index 1480ab5..10751b5 100644
--- a/Source/WebCore/dom/Document.h
+++ b/Source/WebCore/dom/Document.h
@@ -1287,6 +1287,8 @@
// FIXME: Merge these 2 variables into an enum. Also, FrameLoader::m_didCallImplicitClose
// is almost a duplication of this data, so that should probably get merged in too.
+ // FIXME: Document::m_processingLoadEvent and DocumentLoader::m_wasOnloadHandled are roughly the same
+ // and should be merged.
bool m_processingLoadEvent;
bool m_loadEventFinished;
diff --git a/Source/WebCore/loader/DocumentLoader.h b/Source/WebCore/loader/DocumentLoader.h
index 3fead10..595b85c 100644
--- a/Source/WebCore/loader/DocumentLoader.h
+++ b/Source/WebCore/loader/DocumentLoader.h
@@ -302,6 +302,9 @@
bool m_gotFirstByte;
bool m_primaryLoadComplete;
bool m_isClientRedirect;
+
+ // FIXME: Document::m_processingLoadEvent and DocumentLoader::m_wasOnloadHandled are roughly the same
+ // and should be merged.
bool m_wasOnloadHandled;
StringWithDirection m_pageTitle;
diff --git a/Source/WebCore/loader/FrameLoader.cpp b/Source/WebCore/loader/FrameLoader.cpp
index 032e682..47bb220 100644
--- a/Source/WebCore/loader/FrameLoader.cpp
+++ b/Source/WebCore/loader/FrameLoader.cpp
@@ -802,7 +802,8 @@
HistoryItem* parentItem = history()->currentItem();
// If we're moving in the back/forward list, we might want to replace the content
// of this child frame with whatever was there at that point.
- if (parentItem && parentItem->children().size() && isBackForwardLoadType(loadType())) {
+ if (parentItem && parentItem->children().size() && isBackForwardLoadType(loadType())
+ && !m_frame->document()->loadEventFinished()) {
HistoryItem* childItem = parentItem->childItemWithTarget(childFrame->tree()->uniqueName());
if (childItem) {
childFrame->loader()->loadDifferentDocumentItem(childItem, loadType());
