Changeset 192270 in webkit

Timestamp:

Nov 10, 2015 2:19:44 PM (8 years ago)

Author:

ggaren@apple.com

Message:

alert, confirm, prompt, showModalDialog should be forbidden during page close and navigation
​https://bugs.webkit.org/show_bug.cgi?id=150980

Reviewed by Chris Dumez.

Source/WebCore:

Tests: fast/events/beforeunload-alert.html

fast/events/beforeunload-confirm.html
fast/events/beforeunload-prompt.html
fast/events/beforeunload-showModalDialog.html
fast/events/pagehide-alert.html
fast/events/pagehide-confirm.html
fast/events/pagehide-prompt.html
fast/events/pagehide-showModalDialog.html
fast/events/unload-alert.html
fast/events/unload-confirm.html
fast/events/unload-prompt.html
fast/events/unload-showModalDialog.html

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::stopLoading): Factored out a helper function for
unload event processing.
(WebCore::FrameLoader::handleUnloadEvents): Forbid prompts in unload
events just like we do in beforeunload events, and for the same reasons.

(WebCore::FrameLoader::handleBeforeUnloadEvent): Updated for renames.

• loader/FrameLoader.h:

• page/DOMWindow.cpp:

(WebCore::DOMWindow::print):
(WebCore::DOMWindow::alert):
(WebCore::DOMWindow::confirm):
(WebCore::DOMWindow::prompt):
(WebCore::DOMWindow::showModalDialog): Updated for renames. Refactored
some of this code to handle null pages more cleanly. In particular, we
sometimes used to treat null page as "everything is permitted" -- but it
is best practice in a permissions context to treat lack of information
as no permission granted rather than all permissions granted. (I don't
know of a way to trigger this condition in practice.)

• page/Page.cpp:

(WebCore::Page::Page):
(WebCore::Page::forbidPrompts):
(WebCore::Page::allowPrompts):
(WebCore::Page::arePromptsAllowed): Renamed to make these functions
reflect their new, broader context.

(WebCore::Page::incrementFrameHandlingBeforeUnloadEventCount): Deleted.
(WebCore::Page::decrementFrameHandlingBeforeUnloadEventCount): Deleted.
(WebCore::Page::isAnyFrameHandlingBeforeUnloadEvent): Deleted.

• page/Page.h:

LayoutTests:

Added tests to cover the matrix of [ alert, confirm, prompt, showModalDialog ] x [ beforeunload, unload, pagehide ].

• fast/events/beforeunload-alert-expected.txt: Added.
• fast/events/beforeunload-alert.html: Added.
• fast/events/beforeunload-confirm-expected.txt: Added.
• fast/events/beforeunload-confirm.html: Added.
• fast/events/beforeunload-prompt-expected.txt: Added.
• fast/events/beforeunload-prompt.html: Added.
• fast/events/beforeunload-showModalDialog-expected.txt: Added.
• fast/events/beforeunload-showModalDialog.html: Added.
• fast/events/onunload-expected.txt:
• fast/events/onunload-not-on-body-expected.txt:
• fast/events/onunload-window-property-expected.txt:
• fast/events/pagehide-alert-expected.txt: Added.
• fast/events/pagehide-alert.html: Added.
• fast/events/pagehide-confirm-expected.txt: Added.
• fast/events/pagehide-confirm.html: Added.
• fast/events/pagehide-prompt-expected.txt: Added.
• fast/events/pagehide-prompt.html: Added.
• fast/events/pagehide-showModalDialog-expected.txt: Added.
• fast/events/pagehide-showModalDialog.html: Added.
• fast/events/pageshow-pagehide-on-back-cached-expected.txt:
• fast/events/pageshow-pagehide-on-back-uncached-expected.txt:
• fast/events/resources/prompt-landing-page.html: Added.
• fast/events/unload-alert-expected.txt: Added.
• fast/events/unload-alert.html: Added.
• fast/events/unload-confirm-expected.txt: Added.
• fast/events/unload-confirm.html: Added.
• fast/events/unload-prompt-expected.txt: Added.
• fast/events/unload-prompt.html: Added.
• fast/events/unload-showModalDialog-expected.txt: Added.
• fast/events/unload-showModalDialog.html: Added.

• platform/wk2/TestExpectations: WebKit2 can't handle showModalDialog tests.

• compositing/iframes/page-cache-layer-tree-expected.txt:
• fast/dom/Geolocation/notimer-after-unload-expected.txt:
• fast/history/timed-refresh-in-cached-frame-expected.txt:
• fast/loader/frames-with-unload-handlers-in-page-cache-expected.txt:
• fast/loader/page-dismissal-modal-dialogs-expected.txt: These were

pre-existing tests that tried to alert during unload.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/compositing/iframes/page-cache-layer-tree-expected.txt (modified) (1 diff)
• LayoutTests/fast/dom/Geolocation/notimer-after-unload-expected.txt (modified) (1 diff)
• LayoutTests/fast/events/beforeunload-alert-expected.txt (added)
• LayoutTests/fast/events/beforeunload-alert.html (added)
• LayoutTests/fast/events/beforeunload-confirm-expected.txt (added)
• LayoutTests/fast/events/beforeunload-confirm.html (added)
• LayoutTests/fast/events/beforeunload-prompt-expected.txt (added)
• LayoutTests/fast/events/beforeunload-prompt.html (added)
• LayoutTests/fast/events/beforeunload-showModalDialog-expected.txt (added)
• LayoutTests/fast/events/beforeunload-showModalDialog.html (added)
• LayoutTests/fast/events/onunload-expected.txt (modified) (1 diff)
• LayoutTests/fast/events/onunload-not-on-body-expected.txt (modified) (1 diff)
• LayoutTests/fast/events/onunload-window-property-expected.txt (modified) (1 diff)
• LayoutTests/fast/events/pagehide-alert-expected.txt (added)
• LayoutTests/fast/events/pagehide-alert.html (added)
• LayoutTests/fast/events/pagehide-confirm-expected.txt (added)
• LayoutTests/fast/events/pagehide-confirm.html (added)
• LayoutTests/fast/events/pagehide-prompt-expected.txt (added)
• LayoutTests/fast/events/pagehide-prompt.html (added)
• LayoutTests/fast/events/pagehide-showModalDialog-expected.txt (added)
• LayoutTests/fast/events/pagehide-showModalDialog.html (added)
• LayoutTests/fast/events/pageshow-pagehide-on-back-cached-expected.txt (modified) (1 diff)
• LayoutTests/fast/events/pageshow-pagehide-on-back-uncached-expected.txt (modified) (1 diff)
• LayoutTests/fast/events/resources/prompt-landing-page.html (added)
• LayoutTests/fast/events/unload-alert-expected.txt (added)
• LayoutTests/fast/events/unload-alert.html (added)
• LayoutTests/fast/events/unload-confirm-expected.txt (added)
• LayoutTests/fast/events/unload-confirm.html (added)
• LayoutTests/fast/events/unload-prompt-expected.txt (added)
• LayoutTests/fast/events/unload-prompt.html (added)
• LayoutTests/fast/events/unload-showModalDialog-expected.txt (added)
• LayoutTests/fast/events/unload-showModalDialog.html (added)
• LayoutTests/fast/history/timed-refresh-in-cached-frame-expected.txt (modified) (1 diff)
• LayoutTests/fast/loader/frames-with-unload-handlers-in-page-cache-expected.txt (modified) (1 diff)
• LayoutTests/fast/loader/page-dismissal-modal-dialogs-expected.txt (modified) (1 diff)
• LayoutTests/platform/wk2/TestExpectations (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/loader/FrameLoader.cpp (modified) (4 diffs)
• Source/WebCore/loader/FrameLoader.h (modified) (1 diff)
• Source/WebCore/page/DOMWindow.cpp (modified) (5 diffs)
• Source/WebCore/page/Page.cpp (modified) (2 diffs)
• Source/WebCore/page/Page.h (modified) (2 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2015-11-10  Geoffrey Garen  <ggaren@apple.com>
+
+        alert, confirm, prompt, showModalDialog should be forbidden during page close and navigation
+        https://bugs.webkit.org/show_bug.cgi?id=150980
+
+        Reviewed by Chris Dumez.
+
+        Added tests to cover the matrix of [ alert, confirm, prompt, showModalDialog ] x [ beforeunload, unload, pagehide ].
+
+        * fast/events/beforeunload-alert-expected.txt: Added.
+        * fast/events/beforeunload-alert.html: Added.
+        * fast/events/beforeunload-confirm-expected.txt: Added.
+        * fast/events/beforeunload-confirm.html: Added.
+        * fast/events/beforeunload-prompt-expected.txt: Added.
+        * fast/events/beforeunload-prompt.html: Added.
+        * fast/events/beforeunload-showModalDialog-expected.txt: Added.
+        * fast/events/beforeunload-showModalDialog.html: Added.
+        * fast/events/onunload-expected.txt:
+        * fast/events/onunload-not-on-body-expected.txt:
+        * fast/events/onunload-window-property-expected.txt:
+        * fast/events/pagehide-alert-expected.txt: Added.
+        * fast/events/pagehide-alert.html: Added.
+        * fast/events/pagehide-confirm-expected.txt: Added.
+        * fast/events/pagehide-confirm.html: Added.
+        * fast/events/pagehide-prompt-expected.txt: Added.
+        * fast/events/pagehide-prompt.html: Added.
+        * fast/events/pagehide-showModalDialog-expected.txt: Added.
+        * fast/events/pagehide-showModalDialog.html: Added.
+        * fast/events/pageshow-pagehide-on-back-cached-expected.txt:
+        * fast/events/pageshow-pagehide-on-back-uncached-expected.txt:
+        * fast/events/resources/prompt-landing-page.html: Added.
+        * fast/events/unload-alert-expected.txt: Added.
+        * fast/events/unload-alert.html: Added.
+        * fast/events/unload-confirm-expected.txt: Added.
+        * fast/events/unload-confirm.html: Added.
+        * fast/events/unload-prompt-expected.txt: Added.
+        * fast/events/unload-prompt.html: Added.
+        * fast/events/unload-showModalDialog-expected.txt: Added.
+        * fast/events/unload-showModalDialog.html: Added.
+
+        * platform/wk2/TestExpectations: WebKit2 can't handle showModalDialog tests.
+
+        * compositing/iframes/page-cache-layer-tree-expected.txt:
+        * fast/dom/Geolocation/notimer-after-unload-expected.txt:
+        * fast/history/timed-refresh-in-cached-frame-expected.txt:
+        * fast/loader/frames-with-unload-handlers-in-page-cache-expected.txt:
+        * fast/loader/page-dismissal-modal-dialogs-expected.txt: These were
+        pre-existing tests that tried to alert during unload.
+
 2015-11-09  David Hyatt  <hyatt@apple.com>
 

trunk/LayoutTests/compositing/iframes/page-cache-layer-tree-expected.txt

@@ -1 +1 @@
 ALERT: pageshow - not from cache
-ALERT: pagehide - entering cache
+CONSOLE MESSAGE: line 70: Use of window.alert is not allowed while unloading a page.
 ALERT: pageshow - from cache
 This tests that layers are rebuilt properly after the page is restored from the page cache.

trunk/LayoutTests/fast/dom/Geolocation/notimer-after-unload-expected.txt

@@ -1 +1 @@
 main frame - has 1 onunload handler(s)
-ALERT: unload-called
+CONSOLE MESSAGE: line 15: Use of window.alert is not allowed while unloading a page.
 You should have seen one unload alert appear.

trunk/LayoutTests/fast/events/onunload-expected.txt

@@ -1 +1 @@
 main frame - has 1 onunload handler(s)
-ALERT: unload
+CONSOLE MESSAGE: line 16: Use of window.alert is not allowed while unloading a page.
 You should have seen an unload alert appear.

trunk/LayoutTests/fast/events/onunload-not-on-body-expected.txt

@@ -1 +1 @@
 frame "<!--framePath //<!--frame2-->-->" - has 1 onunload handler(s)
-ALERT: unload
+CONSOLE MESSAGE: line 1: Use of window.alert is not allowed while unloading a page.
 you should only see one unload alert appear.

trunk/LayoutTests/fast/events/onunload-window-property-expected.txt

@@ -1 @@
-ALERT: unload
+CONSOLE MESSAGE: line 13: Use of window.alert is not allowed while unloading a page.
 You should have seen an unload alert appear.

trunk/LayoutTests/fast/events/pageshow-pagehide-on-back-cached-expected.txt

@@ -1 +1 @@
 ALERT: window.onload
 ALERT: window.onpageshow, target = [object HTMLDocument], persisted = false
-ALERT: window.onpagehide, target = [object HTMLDocument], persisted = true
+CONSOLE MESSAGE: line 25: Use of window.alert is not allowed while unloading a page.
 ALERT: window.onpageshow, target = [object HTMLDocument], persisted = true
 Test pageshow/pagehide event behavior when navigating back to an cached page.

trunk/LayoutTests/fast/events/pageshow-pagehide-on-back-uncached-expected.txt

@@ -2 +2 @@
 ALERT: window.onload
 ALERT: window.onpageshow, target = [object HTMLDocument], persisted = false
-ALERT: window.onpagehide, target = [object HTMLDocument], persisted = false
+CONSOLE MESSAGE: line 28: Use of window.alert is not allowed while unloading a page.
 main frame "pageshow/pagehide" - has 1 onunload handler(s)
 ALERT: window.onload

trunk/LayoutTests/fast/history/timed-refresh-in-cached-frame-expected.txt

@@ -1 @@
-ALERT: pagehide true
+CONSOLE MESSAGE: line 1: Use of window.alert is not allowed while unloading a page.
 PASSED if didn't crash in two seconds.

trunk/LayoutTests/fast/loader/frames-with-unload-handlers-in-page-cache-expected.txt

@@ -2 +2 @@
 ALERT: Subframe onload
 ALERT: Subframe onpageshow
-ALERT: Main frame window.onpagehide called
-ALERT: Subframe onpagehide
-ALERT: Subframe onunload
+CONSOLE MESSAGE: line 16: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 18: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.alert is not allowed while unloading a page.
 

trunk/LayoutTests/fast/loader/page-dismissal-modal-dialogs-expected.txt

@@ -1 +1 @@
 frame "<!--framePath //<!--frame0-->-->" - has 1 onunload handler(s)
-CONSOLE MESSAGE: line 8: Use of window.alert is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 8: Use of window.alert is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 8: Use of window.alert is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 8: Use of window.alert is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed during beforeunload event dispatch.
-CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed during beforeunload event dispatch.
-ALERT: mainFrame pagehide PASS
-CONFIRM: mainFrame pagehide PASS
-PROMPT: mainFrame pagehide PASS, default text: PASS
-ALERT: iFrame click PASS
-CONFIRM: iFrame click PASS
-PROMPT: iFrame click PASS, default text: PASS
-ALERT: mainFrame unload PASS
-CONFIRM: mainFrame unload PASS
-PROMPT: mainFrame unload PASS, default text: PASS
-ALERT: iFrame click PASS
-CONFIRM: iFrame click PASS
-PROMPT: iFrame click PASS, default text: PASS
-ALERT: iFrame pagehide PASS
-CONFIRM: iFrame pagehide PASS
-PROMPT: iFrame pagehide PASS, default text: PASS
-ALERT: iFrame unload PASS
-CONFIRM: iFrame unload PASS
-PROMPT: iFrame unload PASS, default text: PASS
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
+CONSOLE MESSAGE: line 8: Use of window.alert is not allowed while unloading a page.
+CONSOLE MESSAGE: line 9: Use of window.confirm is not allowed while unloading a page.
+CONSOLE MESSAGE: line 10: Use of window.prompt is not allowed while unloading a page.
 PASS

trunk/LayoutTests/platform/wk2/TestExpectations

@@ -139 +139 @@
 # <https://bugs.webkit.org/show_bug.cgi?id=69548>
 fast/events/show-modal-dialog-onblur-onfocus.html
+fast/events/beforeunload-showModalDialog.html
+fast/events/pagehide-showModalDialog.html
+fast/events/unload-showModalDialog.html
 
 # WebKitTestRunner needs testRunner.setWillSendRequestClearHeader

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2015-11-10  Geoffrey Garen  <ggaren@apple.com>
+
+        alert, confirm, prompt, showModalDialog should be forbidden during page close and navigation
+        https://bugs.webkit.org/show_bug.cgi?id=150980
+
+        Reviewed by Chris Dumez.
+
+        Tests: fast/events/beforeunload-alert.html
+               fast/events/beforeunload-confirm.html
+               fast/events/beforeunload-prompt.html
+               fast/events/beforeunload-showModalDialog.html
+               fast/events/pagehide-alert.html
+               fast/events/pagehide-confirm.html
+               fast/events/pagehide-prompt.html
+               fast/events/pagehide-showModalDialog.html
+               fast/events/unload-alert.html
+               fast/events/unload-confirm.html
+               fast/events/unload-prompt.html
+               fast/events/unload-showModalDialog.html
+
+        * loader/FrameLoader.cpp:
+        (WebCore::FrameLoader::stopLoading): Factored out a helper function for
+        unload event processing.
+        (WebCore::FrameLoader::handleUnloadEvents): Forbid prompts in unload
+        events just like we do in beforeunload events, and for the same reasons.
+
+        (WebCore::FrameLoader::handleBeforeUnloadEvent): Updated for renames.
+
+        * loader/FrameLoader.h:
+
+        * page/DOMWindow.cpp:
+        (WebCore::DOMWindow::print):
+        (WebCore::DOMWindow::alert):
+        (WebCore::DOMWindow::confirm):
+        (WebCore::DOMWindow::prompt):
+        (WebCore::DOMWindow::showModalDialog): Updated for renames. Refactored
+        some of this code to handle null pages more cleanly. In particular, we
+        sometimes used to treat null page as "everything is permitted" -- but it
+        is best practice in a permissions context to treat lack of information
+        as no permission granted rather than all permissions granted. (I don't
+        know of a way to trigger this condition in practice.)
+
+        * page/Page.cpp:
+        (WebCore::Page::Page):
+        (WebCore::Page::forbidPrompts):
+        (WebCore::Page::allowPrompts):
+        (WebCore::Page::arePromptsAllowed): Renamed to make these functions
+        reflect their new, broader context.
+
+        (WebCore::Page::incrementFrameHandlingBeforeUnloadEventCount): Deleted.
+        (WebCore::Page::decrementFrameHandlingBeforeUnloadEventCount): Deleted.
+        (WebCore::Page::isAnyFrameHandlingBeforeUnloadEvent): Deleted.
+
+        * page/Page.h:
+
 2015-11-09  David Hyatt  <hyatt@apple.com>
 

trunk/Source/WebCore/loader/FrameLoader.cpp

@@ -176 +176 @@
 }
 
+struct ForbidPromptsScope {
+    ForbidPromptsScope(Page* page) : m_page(page)
+    {
+        if (!m_page)
+            return;
+        m_page->forbidPrompts();
+    }
+
+    ~ForbidPromptsScope()
+    {
+        if (!m_page)
+            return;
+        m_page->allowPrompts();
+    }
+
+    Page* m_page;
+};
+
 class FrameLoader::FrameProgressTracker {
 public:
@@ -419 +437 @@
         m_frame.document()->parser()->stopParsing();
 
-    if (unloadEventPolicy != UnloadEventPolicyNone) {
-        if (m_frame.document()) {
-            if (m_didCallImplicitClose && !m_wasUnloadEventEmitted) {
-                auto* currentFocusedElement = m_frame.document()->focusedElement();
-                if (is<HTMLInputElement>(currentFocusedElement))
-                    downcast<HTMLInputElement>(*currentFocusedElement).endEditing();
-                if (m_pageDismissalEventBeingDispatched == PageDismissalType::None) {
-                    if (unloadEventPolicy == UnloadEventPolicyUnloadAndPageHide) {
-                        m_pageDismissalEventBeingDispatched = PageDismissalType::PageHide;
-                        m_frame.document()->domWindow()->dispatchEvent(PageTransitionEvent::create(eventNames().pagehideEvent, m_frame.document()->inPageCache()), m_frame.document());
-                    }
-
-                    // FIXME: update Page Visibility state here.
-                    // https://bugs.webkit.org/show_bug.cgi?id=116770
-
-                    if (!m_frame.document()->inPageCache()) {
-                        RefPtr<Event> unloadEvent(Event::create(eventNames().unloadEvent, false, false));
-                        // The DocumentLoader (and thus its DocumentLoadTiming) might get destroyed
-                        // while dispatching the event, so protect it to prevent writing the end
-                        // time into freed memory.
-                        RefPtr<DocumentLoader> documentLoader = m_provisionalDocumentLoader;
-                        m_pageDismissalEventBeingDispatched = PageDismissalType::Unload;
-                        if (documentLoader && documentLoader->timing().navigationStart() && !documentLoader->timing().unloadEventStart() && !documentLoader->timing().unloadEventEnd()) {
-                            auto& timing = documentLoader->timing();
-                            timing.markUnloadEventStart();
-                            m_frame.document()->domWindow()->dispatchEvent(unloadEvent, m_frame.document());
-                            timing.markUnloadEventEnd();
-                        } else
-                            m_frame.document()->domWindow()->dispatchEvent(unloadEvent, m_frame.document());
-                    }
-                }
-                m_pageDismissalEventBeingDispatched = PageDismissalType::None;
-                if (m_frame.document())
-                    m_frame.document()->updateStyleIfNeeded();
-                m_wasUnloadEventEmitted = true;
-            }
-        }
-
-        // Dispatching the unload event could have made m_frame.document() null.
-        if (m_frame.document() && !m_frame.document()->inPageCache()) {
-            // Don't remove event listeners from a transitional empty document (see bug 28716 for more information).
-            bool keepEventListeners = m_stateMachine.isDisplayingInitialEmptyDocument() && m_provisionalDocumentLoader
-                && m_frame.document()->isSecureTransitionTo(m_provisionalDocumentLoader->url());
-
-            if (!keepEventListeners)
-                m_frame.document()->removeAllEventListeners();
-        }
-    }
+    if (unloadEventPolicy != UnloadEventPolicyNone)
+        handleUnloadEvents(unloadEventPolicy);
 
     m_isComplete = true; // to avoid calling completed() in finishedParsing()
@@ -2866 +2838 @@
 }
 
+void FrameLoader::handleUnloadEvents(UnloadEventPolicy unloadEventPolicy)
+{
+    if (!m_frame.document())
+        return;
+
+    // We store the frame's page in a local variable because the frame might get detached inside dispatchEvent.
+    ForbidPromptsScope forbidPrompts(m_frame.page());
+
+    if (m_didCallImplicitClose && !m_wasUnloadEventEmitted) {
+        auto* currentFocusedElement = m_frame.document()->focusedElement();
+        if (is<HTMLInputElement>(currentFocusedElement))
+            downcast<HTMLInputElement>(*currentFocusedElement).endEditing();
+        if (m_pageDismissalEventBeingDispatched == PageDismissalType::None) {
+            if (unloadEventPolicy == UnloadEventPolicyUnloadAndPageHide) {
+                m_pageDismissalEventBeingDispatched = PageDismissalType::PageHide;
+                m_frame.document()->domWindow()->dispatchEvent(PageTransitionEvent::create(eventNames().pagehideEvent, m_frame.document()->inPageCache()), m_frame.document());
+            }
+
+            // FIXME: update Page Visibility state here.
+            // https://bugs.webkit.org/show_bug.cgi?id=116770
+
+            if (!m_frame.document()->inPageCache()) {
+                RefPtr<Event> unloadEvent(Event::create(eventNames().unloadEvent, false, false));
+                // The DocumentLoader (and thus its DocumentLoadTiming) might get destroyed
+                // while dispatching the event, so protect it to prevent writing the end
+                // time into freed memory.
+                RefPtr<DocumentLoader> documentLoader = m_provisionalDocumentLoader;
+                m_pageDismissalEventBeingDispatched = PageDismissalType::Unload;
+                if (documentLoader && documentLoader->timing().navigationStart() && !documentLoader->timing().unloadEventStart() && !documentLoader->timing().unloadEventEnd()) {
+                    auto& timing = documentLoader->timing();
+                    timing.markUnloadEventStart();
+                    m_frame.document()->domWindow()->dispatchEvent(unloadEvent, m_frame.document());
+                    timing.markUnloadEventEnd();
+                } else
+                    m_frame.document()->domWindow()->dispatchEvent(unloadEvent, m_frame.document());
+            }
+        }
+        m_pageDismissalEventBeingDispatched = PageDismissalType::None;
+        if (m_frame.document())
+            m_frame.document()->updateStyleIfNeeded();
+        m_wasUnloadEventEmitted = true;
+    }
+
+    // Dispatching the unload event could have made m_frame.document() null.
+    if (!m_frame.document())
+        return;
+
+    if (m_frame.document()->inPageCache())
+        return;
+
+    // Don't remove event listeners from a transitional empty document (see bug 28716 for more information).
+    bool keepEventListeners = m_stateMachine.isDisplayingInitialEmptyDocument() && m_provisionalDocumentLoader
+        && m_frame.document()->isSecureTransitionTo(m_provisionalDocumentLoader->url());
+
+    if (!keepEventListeners)
+        m_frame.document()->removeAllEventListeners();
+}
+
 bool FrameLoader::handleBeforeUnloadEvent(Chrome& chrome, FrameLoader* frameLoaderBeingNavigated)
 {
@@ -2879 +2909 @@
     m_pageDismissalEventBeingDispatched = PageDismissalType::BeforeUnload;
 
-    // We store the frame's page in a local variable because the frame might get detached inside dispatchEvent.
-    Page* page = m_frame.page();
-    page->incrementFrameHandlingBeforeUnloadEventCount();
-    domWindow->dispatchEvent(beforeUnloadEvent.get(), domWindow->document());
-    page->decrementFrameHandlingBeforeUnloadEventCount();
+    {
+        ForbidPromptsScope forbidPrompts(m_frame.page());
+        domWindow->dispatchEvent(beforeUnloadEvent.get(), domWindow->document());
+    }
 
     m_pageDismissalEventBeingDispatched = PageDismissalType::None;

trunk/Source/WebCore/loader/FrameLoader.h

@@ -322 +322 @@
 
     bool handleBeforeUnloadEvent(Chrome&, FrameLoader* frameLoaderBeingNavigated);
+    void handleUnloadEvents(UnloadEventPolicy);
 
     void continueLoadAfterNavigationPolicy(const ResourceRequest&, PassRefPtr<FormState>, bool shouldContinue, AllowNavigationToInvalidURL);

trunk/Source/WebCore/page/DOMWindow.cpp

@@ -1048 +1048 @@
         return;
 
-    Page* page = m_frame->page();
+    auto* page = m_frame->page();
     if (!page)
         return;
 
-    // Pages are not allowed to bring up a modal print dialog during BeforeUnload dispatch.
-    if (page->isAnyFrameHandlingBeforeUnloadEvent()) {
-        printErrorMessage("Use of window.print is not allowed during beforeunload event dispatch.");
+    if (!page->arePromptsAllowed()) {
+        printErrorMessage("Use of window.print is not allowed while unloading a page.");
         return;
     }
@@ -1081 +1080 @@
         return;
 
-    // Pages are not allowed to cause modal alerts during BeforeUnload dispatch.
-    if (page() && page()->isAnyFrameHandlingBeforeUnloadEvent()) {
-        printErrorMessage("Use of window.alert is not allowed during beforeunload event dispatch.");
+    auto* page = m_frame->page();
+    if (!page)
+        return;
+
+    if (!page->arePromptsAllowed()) {
+        printErrorMessage("Use of window.alert is not allowed while unloading a page.");
         return;
     }
 
     m_frame->document()->updateStyleIfNeeded();
-
-    Page* page = m_frame->page();
-    if (!page)
-        return;
 
     page->chrome().runJavaScriptAlert(m_frame, message);
@@ -1101 +1099 @@
         return false;
     
-    // Pages are not allowed to cause modal alerts during BeforeUnload dispatch.
-    if (page() && page()->isAnyFrameHandlingBeforeUnloadEvent()) {
-        printErrorMessage("Use of window.confirm is not allowed during beforeunload event dispatch.");
-        return false;
-    }
-
-    m_frame->document()->updateStyleIfNeeded();
-
-    Page* page = m_frame->page();
+    auto* page = m_frame->page();
     if (!page)
         return false;
 
+    if (!page->arePromptsAllowed()) {
+        printErrorMessage("Use of window.confirm is not allowed while unloading a page.");
+        return false;
+    }
+
+    m_frame->document()->updateStyleIfNeeded();
+
     return page->chrome().runJavaScriptConfirm(m_frame, message);
 }
@@ -1121 +1118 @@
         return String();
 
-    // Pages are not allowed to cause modal alerts during BeforeUnload dispatch.
-    if (page() && page()->isAnyFrameHandlingBeforeUnloadEvent()) {
-        printErrorMessage("Use of window.prompt is not allowed during beforeunload event dispatch.");
-        return String();
-    }
-
-    m_frame->document()->updateStyleIfNeeded();
-
-    Page* page = m_frame->page();
+    auto* page = m_frame->page();
     if (!page)
         return String();
+
+    if (!page->arePromptsAllowed()) {
+        printErrorMessage("Use of window.prompt is not allowed while unloading a page.");
+        return String();
+    }
+
+    m_frame->document()->updateStyleIfNeeded();
 
     String returnValue;
@@ -2238 +2234 @@
         return;
 
-    // Pages are not allowed to cause modal alerts during BeforeUnload dispatch.
-    if (page() && page()->isAnyFrameHandlingBeforeUnloadEvent()) {
-        printErrorMessage("Use of window.showModalDialog is not allowed during beforeunload event dispatch.");
+    auto* page = m_frame->page();
+    if (!page)
+        return;
+
+    if (!page->arePromptsAllowed()) {
+        printErrorMessage("Use of window.showModalDialog is not allowed while unloading a page.");
         return;
     }

trunk/Source/WebCore/page/Page.cpp

@@ -216 +216 @@
 #endif
     , m_lastSpatialNavigationCandidatesCount(0) // NOTE: Only called from Internals for Spatial Navigation testing.
-    , m_framesHandlingBeforeUnloadEvent(0)
+    , m_forbidPromptsDepth(0)
     , m_applicationCacheStorage(pageConfiguration.applicationCacheStorage ? *WTF::move(pageConfiguration.applicationCacheStorage) : ApplicationCacheStorage::singleton())
     , m_databaseProvider(*WTF::move(pageConfiguration.databaseProvider))
@@ -1614 +1614 @@
 #endif
 
-void Page::incrementFrameHandlingBeforeUnloadEventCount()
-{
-    ++m_framesHandlingBeforeUnloadEvent;
-}
-
-void Page::decrementFrameHandlingBeforeUnloadEventCount()
-{
-    ASSERT(m_framesHandlingBeforeUnloadEvent);
-    --m_framesHandlingBeforeUnloadEvent;
-}
-
-bool Page::isAnyFrameHandlingBeforeUnloadEvent()
-{
-    return m_framesHandlingBeforeUnloadEvent;
+void Page::forbidPrompts()
+{
+    ++m_forbidPromptsDepth;
+}
+
+void Page::allowPrompts()
+{
+    ASSERT(m_forbidPromptsDepth);
+    --m_forbidPromptsDepth;
+}
+
+bool Page::arePromptsAllowed()
+{
+    return !m_forbidPromptsDepth;
 }
 

trunk/Source/WebCore/page/Page.h

@@ -424 +424 @@
 #endif
 
-    void incrementFrameHandlingBeforeUnloadEventCount();
-    void decrementFrameHandlingBeforeUnloadEventCount();
-    bool isAnyFrameHandlingBeforeUnloadEvent();
+    void forbidPrompts();
+    void allowPrompts();
+    bool arePromptsAllowed();
+
     void setLastSpatialNavigationCandidateCount(unsigned count) { m_lastSpatialNavigationCandidatesCount = count; }
     unsigned lastSpatialNavigationCandidateCount() const { return m_lastSpatialNavigationCandidatesCount; }
@@ -632 +633 @@
 
     unsigned m_lastSpatialNavigationCandidatesCount;
-    unsigned m_framesHandlingBeforeUnloadEvent;
+    unsigned m_forbidPromptsDepth;
 
     Ref<ApplicationCacheStorage> m_applicationCacheStorage;