Changeset 168668 in webkit


Ignore:
Timestamp:
May 12, 2014 7:25:28 PM (10 years ago)
Author:
jhoneycutt@apple.com
Message:

Don't dispatch 'beforeload' event inside FrameView::layout()

https://bugs.webkit.org/show_bug.cgi?id=132621
<rdar://problem/15661470>

This merges Blink revision 162073 with minor renaming and style
changes. From that commit:

Executing JavaScript code inside FrameView::layout() is problematic.
e.g. an assertion failure tested in fast/events/beforeload-assertion.html.
We should avoid it.

This CL makes 'beforeload' event dispatching for plugins and iframes asynchronous,
except plugin access from JavaScript code (HTMLPlugInElement::
renderWidgetForJSBindings).

Reviewed by Brent Fulgham.

Source/WebCore:
Tests: fast/events/beforeload-assertion.html

fast/events/beforeload-iframe-crash.html
fast/events/beforeload-input-time-crash.html

  • WebCore.exp.in:
  • dom/Document.cpp:

(WebCore::Document::updateLayoutIgnorePendingStylesheets):

  • dom/Document.h:
  • html/HTMLAppletElement.cpp:

(WebCore::HTMLAppletElement::renderWidgetForJSBindings):

  • html/HTMLEmbedElement.cpp:

(WebCore::HTMLEmbedElement::renderWidgetForJSBindings):

  • html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::renderWidgetForJSBindings):

  • page/FrameView.cpp:

(WebCore::FrameView::FrameView):
(WebCore::FrameView::reset):
(WebCore::FrameView::updateEmbeddedObjectsTimerFired):
(WebCore::FrameView::flushAnyPendingPostLayoutTasks):
(WebCore::FrameView::performPostLayoutTasks):

  • page/FrameView.h:
  • testing/Internals.cpp:

(WebCore::Internals::updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • compositing/plugins/composited-plugin.html:
  • compositing/plugins/no-backing-store.html:
  • fast/dom/beforeload/flash-before-load.html:
  • fast/events/beforeload-assertion-expected.txt: Added.
  • fast/events/beforeload-assertion.html: Added.
  • fast/events/beforeload-iframe-crash-expected.txt: Added.
  • fast/events/beforeload-iframe-crash.html: Added.
  • fast/events/beforeload-input-time-crash-expected.txt: Added.
  • fast/events/beforeload-input-time-crash.html: Added.
  • http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html:
  • http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html:
  • http/tests/security/contentSecurityPolicy/object-src-no-url-allowed.html:
  • http/tests/security/contentSecurityPolicy/object-src-no-url-blocked.html:
  • http/tests/security/contentSecurityPolicy/object-src-none-allowed.html:
  • http/tests/security/contentSecurityPolicy/object-src-none-blocked.html:
  • http/tests/security/contentSecurityPolicy/resources/multiple-iframe-plugin-test.js:

(testImpl.iframe.onload):
(testImpl):

  • http/tests/security/mixedContent/insecure-plugin-in-iframe.html:
  • platform/mac/plugins/supports-carbon-event-model.html:
  • plugins/get-user-agent-with-null-npp-from-npp-new.html:
  • plugins/mouse-click-plugin-clears-selection.html:
  • plugins/netscape-plugin-map-data-to-src.html:
  • plugins/no-mime-with-valid-extension.html:
  • plugins/plugin-initiate-popup-window.html:
  • plugins/windowless_plugin_paint_test.html:
  • resources/plugin.js: Added.

(runAfterPluginLoad):

Location:
trunk
Files:
7 added
31 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r168667 r168668  
     12014-05-06  Jon Honeycutt  <jhoneycutt@apple.com>
     2
     3        Don't dispatch 'beforeload' event inside FrameView::layout()
     4
     5        https://bugs.webkit.org/show_bug.cgi?id=132621
     6        <rdar://problem/15661470>
     7
     8        This merges Blink revision 162073 with minor renaming and style
     9        changes. From that commit:
     10
     11        Executing JavaScript code inside FrameView::layout() is problematic.
     12        e.g. an assertion failure tested in fast/events/beforeload-assertion.html.
     13        We should avoid it.
     14
     15        This CL makes 'beforeload' event dispatching for plugins and iframes asynchronous,
     16        except plugin access from JavaScript code (HTMLPlugInElement::
     17        renderWidgetForJSBindings).
     18
     19        Reviewed by Brent Fulgham.
     20
     21        * compositing/plugins/composited-plugin.html:
     22        * compositing/plugins/no-backing-store.html:
     23        * fast/dom/beforeload/flash-before-load.html:
     24        * fast/events/beforeload-assertion-expected.txt: Added.
     25        * fast/events/beforeload-assertion.html: Added.
     26        * fast/events/beforeload-iframe-crash-expected.txt: Added.
     27        * fast/events/beforeload-iframe-crash.html: Added.
     28        * fast/events/beforeload-input-time-crash-expected.txt: Added.
     29        * fast/events/beforeload-input-time-crash.html: Added.
     30        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html:
     31        * http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html:
     32        * http/tests/security/contentSecurityPolicy/object-src-no-url-allowed.html:
     33        * http/tests/security/contentSecurityPolicy/object-src-no-url-blocked.html:
     34        * http/tests/security/contentSecurityPolicy/object-src-none-allowed.html:
     35        * http/tests/security/contentSecurityPolicy/object-src-none-blocked.html:
     36        * http/tests/security/contentSecurityPolicy/resources/multiple-iframe-plugin-test.js:
     37        (testImpl.iframe.onload):
     38        (testImpl):
     39        * http/tests/security/mixedContent/insecure-plugin-in-iframe.html:
     40        * platform/mac/plugins/supports-carbon-event-model.html:
     41        * plugins/get-user-agent-with-null-npp-from-npp-new.html:
     42        * plugins/mouse-click-plugin-clears-selection.html:
     43        * plugins/netscape-plugin-map-data-to-src.html:
     44        * plugins/no-mime-with-valid-extension.html:
     45        * plugins/plugin-initiate-popup-window.html:
     46        * plugins/windowless_plugin_paint_test.html:
     47        * resources/plugin.js: Added.
     48        (runAfterPluginLoad):
     49
    1502014-05-12  Roger Fong  <roger_fong@apple.com>
    251
  • trunk/LayoutTests/compositing/plugins/composited-plugin.html

    r62857 r168668  
    22<html>
    33<body>
     4  <script src="../../resources/plugin.js"></script>
     5  <script>runAfterPluginLoad(null, NotifyDone);</script>
    46  <embed type="application/x-webkit-test-netscape" drawingmodel="coreanimation">
    57</body>
  • trunk/LayoutTests/compositing/plugins/no-backing-store.html

    r130689 r168668  
    77    }
    88  </style>
     9  <script src="../../resources/plugin.js"></script>
    910  <script type="text/javascript" charset="utf-8">
    10     if (window.testRunner) {
     11    if (window.testRunner)
    1112        testRunner.dumpAsText();
    12         testRunner.waitUntilDone();
    13     }
     13
     14    runAfterPluginLoad(doTest, DoNotNotifyDone);
    1415
    1516    function doTest()
     
    2324        }, 0)
    2425    }
    25     window.addEventListener('load', doTest, false);
    2626  </script>
    2727</head>
  • trunk/LayoutTests/fast/dom/beforeload/flash-before-load.html

    r120792 r168668  
    55<body>
    66<div id="console"></div>
     7<script src="../../../resources/plugin.js"></script>
    78<script>
    8 if (window.testRunner)
    9     testRunner.dumpAsText();
     9    if (window.testRunner)
     10        testRunner.dumpAsText();
     11
     12    runAfterPluginLoad(null, NotifyDone);
    1013</script>
    1114
  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/plugintypes-notype-data.html

    r125531 r168668  
    22<html>
    33<head>
     4<script src="/js-test-resources/plugin.js"></script>
    45<script>
    5 if (window.testRunner) {
    6     testRunner.dumpAsText();
    7     testRunner.dumpChildFramesAsText();
    8 }
     6    if (window.testRunner) {
     7        testRunner.dumpAsText();
     8        testRunner.dumpChildFramesAsText();
     9    }
     10
     11    runAfterPluginLoad(null, NotifyDone);
    912</script>
    1013<script src="/plugins/resources/mock-plugin-logger.js"></script>
  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/1.1/plugintypes-nourl-blocked.html

    r125531 r168668  
    22<html>
    33<head>
     4<script src="/js-test-resources/plugin.js"></script>
    45<script>
    5 if (window.testRunner)
    6     testRunner.dumpAsText();
     6    if (window.testRunner)
     7        testRunner.dumpAsText();
     8
     9    runAfterPluginLoad(null, NotifyDone);
    710</script>
    811<meta http-equiv="X-WebKit-CSP" content="plugin-types text/plain">
  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/object-src-no-url-allowed.html

    r133095 r168668  
    22<html>
    33<head>
     4<script src="/js-test-resources/plugin.js"></script>
    45<script>
    5 if (window.testRunner)
    6   testRunner.dumpAsText();
     6    if (window.testRunner)
     7        testRunner.dumpAsText();
     8
     9    runAfterPluginLoad(null, NotifyDone);
    710</script>
    811<meta http-equiv="Content-Security-Policy" content="object-src 'self'">
  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/object-src-no-url-blocked.html

    r133095 r168668  
    22<html>
    33<head>
     4<script src="/js-test-resources/plugin.js"></script>
    45<script>
    5 if (window.testRunner)
    6   testRunner.dumpAsText();
     6    if (window.testRunner)
     7        testRunner.dumpAsText();
     8
     9    runAfterPluginLoad(null, NotifyDone);
    710</script>
    811<meta http-equiv="Content-Security-Policy" content="object-src 'none'">
  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/object-src-none-allowed.html

    r125531 r168668  
    22<html>
    33<head>
    4 <script>
    5 if (window.testRunner) {
    6   testRunner.dumpAsText();
    7   testRunner.dumpChildFramesAsText();
    8 }
    9 </script>
     4<script src="/js-test-resources/plugin.js"></script>
    105</head>
    116<body>
    127  <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-object-data.pl?plugin=data:application/x-webkit-test-netscape,logifloaded&log=PASS!&csp=img-src%20'none'"></iframe>
    138</body>
     9<script>
     10    if (window.testRunner) {
     11        testRunner.dumpAsText();
     12        testRunner.dumpChildFramesAsText();
     13    }
     14
     15    runAfterPluginLoad(null, NotifyDone, document.getElementsByTagName("iframe")[0]);
     16</script>
    1417</html>
  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/object-src-none-blocked.html

    r125531 r168668  
    22<html>
    33<head>
    4 <script>
    5 if (window.testRunner) {
    6   testRunner.dumpAsText();
    7   testRunner.dumpChildFramesAsText();
    8 }
    9 </script>
     4<script src="/js-test-resources/plugin.js"></script>
    105</head>
    116<body>
    127  <iframe src="http://127.0.0.1:8000/security/contentSecurityPolicy/resources/echo-object-data.pl?plugin=data:application/x-webkit-test-netscape,logifloaded&log=FAIL&csp=object-src%20'none'"></iframe>
    138</body>
     9<script>
     10    if (window.testRunner) {
     11        testRunner.dumpAsText();
     12        testRunner.dumpChildFramesAsText();
     13    }
     14
     15    runAfterPluginLoad(null, NotifyDone, document.getElementsByTagName("iframe")[0]);
     16</script>
    1417</html>
  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/resources/multiple-iframe-plugin-test.js

    r133095 r168668  
    3939        iframe.src += "&type=application/x-webkit-test-netscape";
    4040
    41     iframe.onload = function() { testImpl(experimental); };
     41    iframe.onload = function() {
     42        if (window.internals)
     43            internals.updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(iframe);
     44        testImpl(experimental);
     45    };
    4246    document.body.appendChild(iframe);
    4347}
  • trunk/LayoutTests/http/tests/security/mixedContent/insecure-plugin-in-iframe.html

    r120174 r168668  
    44if (window.testRunner)
    55    testRunner.dumpAsText();
     6
     7onload = function() {
     8    if (window.internals)
     9        internals.updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(document.querySelector('iframe'));
     10};
    611</script>
    712<p>This test loads a secure iframe that loads an insecure plugin.  We should
  • trunk/LayoutTests/platform/mac/plugins/supports-carbon-event-model.html

    r120417 r168668  
     1<script src="../../../resources/plugin.js"></script>
    12<script>
    2 if (window.testRunner)
    3     testRunner.dumpAsText();
     3    if (window.testRunner)
     4        testRunner.dumpAsText();
     5
     6    runAfterPluginLoad(null, NotifyDone);
    47</script>
    58
  • trunk/LayoutTests/plugins/get-user-agent-with-null-npp-from-npp-new.html

    r120417 r168668  
    22<html>
    33<head>
     4    <script src="../resources/plugin.js"></script>
    45    <script>
    56        if (window.testRunner)
    67            testRunner.dumpAsText();
     8        runAfterPluginLoad(null, NotifyDone);
    79    </script>
    810</head>
  • trunk/LayoutTests/plugins/mouse-click-plugin-clears-selection.html

    r120417 r168668  
    11<html>
    22<head>
     3<script src="../resources/plugin.js"></script>
    34<script>
    45
    5 function runTest() {
     6runAfterPluginLoad(function() {
    67    inputElement = document.getElementById('frame');
    78    inputElement.focus();
     
    1516        eventSender.mouseUp();
    1617    }
    17 }
     18}, NotifyDone);
    1819</script>
    1920</head>
    20 <body onload="runTest();">
     21<body>
    2122<embed id="plg" type="application/x-webkit-test-netscape" width="100" height="100" windowedplugin="false"></embed><br>
    2223<input id="frame" value="hello"/>
  • trunk/LayoutTests/plugins/netscape-plugin-map-data-to-src.html

    r120417 r168668  
    11<html>
    22<head>
     3<script src="../resources/plugin.js"></script>
    34<script>
    45    if (window.testRunner)
    56        testRunner.dumpAsText();
     7    runAfterPluginLoad(null, NotifyDone);
    68</script>
    79<body style="margin:0px;overflow:hidden">
  • trunk/LayoutTests/plugins/no-mime-with-valid-extension.html

    r120417 r168668  
     1<script src="../resources/plugin.js"></script>
    12<script>
    2     if (window.testRunner) {
     3    if (window.testRunner)
    34        testRunner.dumpAsText();
    4         testRunner.waitUntilDone();
    5     }
     5    runAfterPluginLoad(null, NotifyDone);
    66</script>
    77<p>
     
    1414<!-- Embed tag with missing type="" parameter -->
    1515<embed id="plugin" name="plugin" src="resources/test.testnetscape" logSrc="1">
    16 <script>
    17     if (window.testRunner)
    18         testRunner.notifyDone();
    19 </script>
  • trunk/LayoutTests/plugins/plugin-initiate-popup-window.html

    r120417 r168668  
    6565</script>
    6666</head>
    67 <body onload="window.setTimeout(test, 0);">
     67<body onload="internals.updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(); test();">
    6868<embed type="application/x-webkit-test-netscape" width=100 height=40 evaluatescript="mouse::popup_by_mousedown()" windowedplugin="false"></embed><br>
    6969<embed type="application/x-webkit-test-netscape" width=100 height=40 evaluatescript="key::popup_by_keydown()" windowedplugin="false"></embed><br>
  • trunk/LayoutTests/plugins/windowless_plugin_paint_test.html

    r120417 r168668  
    1515        // Create the plugin in the middle of the page.
    1616        pluginDiv.innerHTML = "<embed id=\"testPlugin\" type=\"application/x-webkit-test-netscape\" width=\"200\" height=\"200\" onpaintevent=\"didPaint()\" windowedPlugin=\"false\"></embed>";
     17        if (window.internals)
     18            internals.updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks();
    1719        testRunner.displayInvalidatedRegion();
    1820      }
  • trunk/Source/WebCore/ChangeLog

    r168666 r168668  
     12014-05-06  Jon Honeycutt  <jhoneycutt@apple.com>
     2
     3        Don't dispatch 'beforeload' event inside FrameView::layout()
     4
     5        https://bugs.webkit.org/show_bug.cgi?id=132621
     6        <rdar://problem/15661470>
     7
     8        This merges Blink revision 162073 with minor renaming and style
     9        changes. From that commit:
     10
     11        Executing JavaScript code inside FrameView::layout() is problematic.
     12        e.g. an assertion failure tested in fast/events/beforeload-assertion.html.
     13        We should avoid it.
     14
     15        This CL makes 'beforeload' event dispatching for plugins and iframes asynchronous,
     16        except plugin access from JavaScript code (HTMLPlugInElement::
     17        renderWidgetForJSBindings).
     18
     19        Reviewed by Brent Fulgham.
     20
     21        Tests: fast/events/beforeload-assertion.html
     22               fast/events/beforeload-iframe-crash.html
     23               fast/events/beforeload-input-time-crash.html
     24
     25        * WebCore.exp.in:
     26        * dom/Document.cpp:
     27        (WebCore::Document::updateLayoutIgnorePendingStylesheets):
     28        * dom/Document.h:
     29        * html/HTMLAppletElement.cpp:
     30        (WebCore::HTMLAppletElement::renderWidgetForJSBindings):
     31        * html/HTMLEmbedElement.cpp:
     32        (WebCore::HTMLEmbedElement::renderWidgetForJSBindings):
     33        * html/HTMLObjectElement.cpp:
     34        (WebCore::HTMLObjectElement::renderWidgetForJSBindings):
     35        * page/FrameView.cpp:
     36        (WebCore::FrameView::FrameView):
     37        (WebCore::FrameView::reset):
     38        (WebCore::FrameView::updateEmbeddedObjectsTimerFired):
     39        (WebCore::FrameView::flushAnyPendingPostLayoutTasks):
     40        (WebCore::FrameView::performPostLayoutTasks):
     41        * page/FrameView.h:
     42        * testing/Internals.cpp:
     43        (WebCore::Internals::updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks):
     44        * testing/Internals.h:
     45        * testing/Internals.idl:
     46
    1472014-05-12  Roger Fong  <roger_fong@apple.com>
    248
  • trunk/Source/WebCore/WebCore.exp.in

    r168661 r168668  
    12571257__ZN7WebCore8Document26pageSizeAndMarginsInPixelsEiRNS_7IntSizeERiS3_S3_S3_
    12581258__ZN7WebCore8Document27removeMediaCanStartListenerEPNS_21MediaCanStartListenerE
    1259 __ZN7WebCore8Document36updateLayoutIgnorePendingStylesheetsEv
     1259__ZN7WebCore8Document36updateLayoutIgnorePendingStylesheetsENS0_18RunPostLayoutTasksE
    12601260__ZN7WebCore8Document4headEv
    12611261__ZN7WebCore8Document8iconURLsEi
     
    17741774__ZNK7WebCore21BackForwardController18canGoBackOrForwardEi
    17751775__ZNK7WebCore21BackForwardController9backCountEv
     1776__ZNK7WebCore21HTMLFrameOwnerElement15contentDocumentEv
    17761777__ZNK7WebCore21NetworkStorageSession13cookieStorageEv
    17771778__ZNK7WebCore21RenderLayerCompositor11scrollLayerEv
  • trunk/Source/WebCore/dom/Document.cpp

    r168416 r168668  
    18321832// lets us get reasonable answers. The long term solution to this problem is
    18331833// to instead suspend JavaScript execution.
    1834 void Document::updateLayoutIgnorePendingStylesheets()
     1834void Document::updateLayoutIgnorePendingStylesheets(Document::RunPostLayoutTasks runPostLayoutTasks)
    18351835{
    18361836    bool oldIgnore = m_ignorePendingStylesheets;
    1837    
     1837
    18381838    if (!haveStylesheetsLoaded()) {
    18391839        m_ignorePendingStylesheets = true;
     
    18561856
    18571857    updateLayout();
     1858
     1859    if (runPostLayoutTasks == RunPostLayoutTasksSynchronously && view())
     1860        view()->flushAnyPendingPostLayoutTasks();
    18581861
    18591862    m_ignorePendingStylesheets = oldIgnore;
  • trunk/Source/WebCore/dom/Document.h

    r168416 r168668  
    588588    bool updateStyleIfNeededForNode(const Node&);
    589589    void updateLayout();
    590     void updateLayoutIgnorePendingStylesheets();
     590    enum RunPostLayoutTasks {
     591        RunPostLayoutTasksAsyhnchronously,
     592        RunPostLayoutTasksSynchronously,
     593    };
     594    void updateLayoutIgnorePendingStylesheets(RunPostLayoutTasks = RunPostLayoutTasksAsyhnchronously);
    591595    PassRef<RenderStyle> styleForElementIgnoringPendingStylesheets(Element*);
    592596
  • trunk/Source/WebCore/html/HTMLAppletElement.cpp

    r164441 r168668  
    8989        return 0;
    9090
    91     document().updateLayoutIgnorePendingStylesheets();
     91    // Needs to load the plugin immediatedly because this function is called
     92    // when JavaScript code accesses the plugin.
     93    // FIXME: <rdar://16893708> Check if dispatching events here is safe.
     94    document().updateLayoutIgnorePendingStylesheets(Document::RunPostLayoutTasksSynchronously);
    9295    return renderWidget();
    9396}
  • trunk/Source/WebCore/html/HTMLEmbedElement.cpp

    r166853 r168668  
    7272{
    7373    FrameView* view = document().view();
    74     if (!view || (!view->isInLayout() && !view->isPainting()))
    75         document().updateLayoutIgnorePendingStylesheets();
     74    if (!view || (!view->isInLayout() && !view->isPainting())) {
     75        // Needs to load the plugin immediatedly because this function is called
     76        // when JavaScript code accesses the plugin.
     77        // FIXME: <rdar://16893708> Check if dispatching events here is safe.
     78        document().updateLayoutIgnorePendingStylesheets(Document::RunPostLayoutTasksSynchronously);
     79    }
    7680    return findWidgetRenderer(this);
    7781}
  • trunk/Source/WebCore/html/HTMLObjectElement.cpp

    r167291 r168668  
    8484RenderWidget* HTMLObjectElement::renderWidgetForJSBindings() const
    8585{
    86     document().updateLayoutIgnorePendingStylesheets();
     86    // Needs to load the plugin immediatedly because this function is called
     87    // when JavaScript code accesses the plugin.
     88    // FIXME: <rdar://16893708> Check if dispatching events here is safe.
     89    document().updateLayoutIgnorePendingStylesheets(Document::RunPostLayoutTasksSynchronously);
    8790    return renderWidget(); // This will return 0 if the renderer is not a RenderWidget.
    8891}
  • trunk/Source/WebCore/page/FrameView.cpp

    r168664 r168668  
    161161    , m_inSynchronousPostLayout(false)
    162162    , m_postLayoutTasksTimer(this, &FrameView::postLayoutTimerFired)
     163    , m_updateEmbeddedObjectsTimer(this, &FrameView::updateEmbeddedObjectsTimerFired)
    163164    , m_isTransparent(false)
    164165    , m_baseBackgroundColor(Color::white)
     
    251252    m_nestedLayoutCount = 0;
    252253    m_postLayoutTasksTimer.stop();
     254    m_updateEmbeddedObjectsTimer.stop();
    253255    m_firstLayout = true;
    254256    m_firstLayoutCallbackPending = false;
     
    27432745}
    27442746
     2747void FrameView::updateEmbeddedObjectsTimerFired(Timer<FrameView>*)
     2748{
     2749    RefPtr<FrameView> protect(this);
     2750    m_updateEmbeddedObjectsTimer.stop();
     2751    for (unsigned i = 0; i < maxUpdateEmbeddedObjectsIterations; i++) {
     2752        if (updateEmbeddedObjects())
     2753            break;
     2754    }
     2755}
     2756
    27452757void FrameView::flushAnyPendingPostLayoutTasks()
    27462758{
    2747     if (!m_postLayoutTasksTimer.isActive())
    2748         return;
    2749 
    2750     performPostLayoutTasks();
     2759    if (m_postLayoutTasksTimer.isActive())
     2760        performPostLayoutTasks();
     2761    if (m_updateEmbeddedObjectsTimer.isActive())
     2762        updateEmbeddedObjectsTimerFired(nullptr);
    27512763}
    27522764
    27532765void FrameView::performPostLayoutTasks()
    27542766{
     2767    // FIXME: We should not run any JavaScript code in this function.
     2768
    27552769    m_postLayoutTasksTimer.stop();
    27562770
     
    27832797    Ref<FrameView> protect(*this);
    27842798
    2785     for (unsigned i = 0; i < maxUpdateEmbeddedObjectsIterations; i++) {
    2786         if (updateEmbeddedObjects())
    2787             break;
    2788     }
     2799    m_updateEmbeddedObjectsTimer.startOneShot(0);
    27892800
    27902801    if (auto* page = frame().page()) {
  • trunk/Source/WebCore/page/FrameView.h

    r168602 r168668  
    592592    void speculativeTilingEnableTimerFired(Timer<FrameView>&);
    593593
     594    void updateEmbeddedObjectsTimerFired(Timer<FrameView>*);
    594595    bool updateEmbeddedObjects();
    595596    void updateEmbeddedObject(RenderEmbeddedObject&);
     
    646647    unsigned m_nestedLayoutCount;
    647648    Timer<FrameView> m_postLayoutTasksTimer;
     649    Timer<FrameView> m_updateEmbeddedObjectsTimer;
    648650    bool m_firstLayoutCallbackPending;
    649651
  • trunk/Source/WebCore/testing/Internals.cpp

    r168075 r168668  
    5151#include "FrameLoader.h"
    5252#include "FrameView.h"
     53#include "HTMLIFrameElement.h"
    5354#include "HTMLInputElement.h"
    5455#include "HTMLNames.h"
     
    18961897}
    18971898
     1899void Internals::updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(ExceptionCode& ec)
     1900{
     1901    updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(nullptr, ec);
     1902}
     1903
     1904void Internals::updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(Node* node, ExceptionCode& ec)
     1905{
     1906    Document* document;
     1907    if (!node)
     1908        document = contextDocument();
     1909    else if (node->isDocumentNode())
     1910        document = toDocument(node);
     1911    else if (node->hasTagName(HTMLNames::iframeTag))
     1912        document = toHTMLIFrameElement(node)->contentDocument();
     1913    else {
     1914        ec = TypeError;
     1915        return;
     1916    }
     1917
     1918    document->updateLayoutIgnorePendingStylesheets(Document::RunPostLayoutTasksSynchronously);
     1919}
     1920
    18981921#if !PLATFORM(IOS)
    18991922static const char* cursorTypeToString(Cursor::Type cursorType)
  • trunk/Source/WebCore/testing/Internals.h

    r167530 r168668  
    271271    void startTrackingRepaints(ExceptionCode&);
    272272    void stopTrackingRepaints(ExceptionCode&);
     273    void updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(ExceptionCode&);
     274    void updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(Node*, ExceptionCode&);
    273275
    274276    PassRefPtr<ArrayBuffer> serializeObject(PassRefPtr<SerializedScriptValue>) const;
  • trunk/Source/WebCore/testing/Internals.idl

    r168302 r168668  
    232232    [RaisesException] void stopTrackingRepaints();
    233233
     234    // |node| should be Document, HTMLIFrameElement, or unspecified.
     235    // If |node| is an HTMLIFrameElement, it assumes node.contentDocument is
     236    // specified without security checks. Unspecified means this document.
     237    [RaisesException] void updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks(optional Node node);
     238
    234239    // Returns a string with information about the mouse cursor used at the specified client location.
    235240    [RaisesException] DOMString getCurrentCursorInfo();
Note: See TracChangeset for help on using the changeset viewer.