Changeset 188150 in webkit
- Timestamp:
- Aug 7, 2015 1:10:42 PM (9 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r188148 r188150 1 2015-08-07 Andy Estes <aestes@apple.com> 2 3 Crash when following a Google search link to Twitter with Limit Adult Content enabled 4 https://bugs.webkit.org/show_bug.cgi?id=147651 5 6 Reviewed by Brady Eidson. 7 8 When a loaded CachedRawResource gets a new client, it synthesizes the callbacks that the new client would have 9 received while the resource was loading. Unlike a real network load, it synthesizes these callbacks in a single 10 run loop iteration. When DocumentLoader receives a redirect, and finds substitute data in the app cache for the 11 redirect URL, it schedules a timer that removes DocumentLoader as a client of the CachedRawResource then 12 synthesizes its own set of CachedRawResourceClient callbacks. But since CachedRawResource has already delivered 13 client callbacks before the app cache timer fires, DocumentLoader unexpectedly ends up getting two sets of 14 client callbacks and badness ensues. 15 16 The fix is to let CachedRawResource detect if a redirect will trigger the client to load substitute data. If so, 17 stop delivering client callbacks. 18 19 Layout test to follow. 20 21 * loader/DocumentLoader.cpp: 22 (WebCore::DocumentLoader::syntheticRedirectReceived): If there is valid substitute data, do not continue. 23 * loader/DocumentLoader.h: 24 * loader/cache/CachedRawResource.cpp: Returned early if syntheticRedirectReceived() said not to continue. 25 (WebCore::CachedRawResource::didAddClient): 26 * loader/cache/CachedRawResourceClient.h: 27 (WebCore::CachedRawResourceClient::syntheticRedirectReceived): 28 1 29 2015-08-06 Dean Jackson <dino@apple.com> 2 30 -
trunk/Source/WebCore/loader/DocumentLoader.cpp
r188145 r188150 490 490 } 491 491 492 void DocumentLoader::syntheticRedirectReceived(CachedResource* resource, ResourceRequest& request, const ResourceResponse& redirectResponse, bool& shouldContinue) 493 { 494 redirectReceived(resource, request, redirectResponse); 495 496 // If we will soon remove our reference to the CachedRawResource in favor of a SubstituteData load, we don't want to continue receiving synthetic CachedRawResource callbacks. 497 shouldContinue = !m_substituteData.isValid(); 498 } 499 492 500 void DocumentLoader::willSendRequest(ResourceRequest& newRequest, const ResourceResponse& redirectResponse) 493 501 { -
trunk/Source/WebCore/loader/DocumentLoader.h
r187620 r188150 307 307 void mainReceivedError(const ResourceError&); 308 308 WEBCORE_EXPORT virtual void redirectReceived(CachedResource*, ResourceRequest&, const ResourceResponse&) override; 309 WEBCORE_EXPORT virtual void syntheticRedirectReceived(CachedResource*, ResourceRequest&, const ResourceResponse&, bool& /* shouldContinue */) override; 309 310 WEBCORE_EXPORT virtual void responseReceived(CachedResource*, const ResourceResponse&) override; 310 311 WEBCORE_EXPORT virtual void dataReceived(CachedResource*, const char* data, int length) override; -
trunk/Source/WebCore/loader/cache/CachedRawResource.cpp
r186279 r188150 133 133 RedirectPair redirect = m_redirectChain[i]; 134 134 ResourceRequest request(redirect.m_request); 135 client->redirectReceived(this, request, redirect.m_redirectResponse); 136 if (!hasClient(c)) 135 bool shouldContinue = true; 136 client->syntheticRedirectReceived(this, request, redirect.m_redirectResponse, shouldContinue); 137 if (!hasClient(c) || !shouldContinue) 137 138 return; 138 139 } -
trunk/Source/WebCore/loader/cache/CachedRawResourceClient.h
r162139 r188150 42 42 virtual void dataReceived(CachedResource*, const char* /* data */, int /* length */) { } 43 43 virtual void redirectReceived(CachedResource*, ResourceRequest&, const ResourceResponse&) { } 44 45 // In response to a redirect, some clients wish to receive no futher callbacks, but cannot immediately remove themselves as a client. 46 // Those clients can express their desire to recieve no futher callbacks by setting shouldContinue to false. 47 virtual void syntheticRedirectReceived(CachedResource* resource, ResourceRequest& request, const ResourceResponse& response, bool& /* shouldContinue */) { redirectReceived(resource, request, response); } 44 48 #if USE(SOUP) 45 49 virtual char* getOrCreateReadBuffer(CachedResource*, size_t /* requestedSize */, size_t& /* actualSize */) { return 0; }
Note: See TracChangeset
for help on using the changeset viewer.