Changeset 231456 in webkit

Timestamp:

May 7, 2018 2:42:29 PM (6 years ago)

Author:

Chris Dumez

Message:

Stop using an iframe's id as fallback if its name attribute is not set
​https://bugs.webkit.org/show_bug.cgi?id=11388

Reviewed by Geoff Garen.

Source/WebCore:

WebKit had logic to use an iframe's id as fallback name when its name
content attribute is not set. This behavior was not standard and did not
match other browsers:

• ​https://html.spec.whatwg.org/#attr-iframe-name

Gecko / Trident never behaved this way. Blink was aligned with us until
they started to match the specification in:

• ​https://bugs.chromium.org/p/chromium/issues/detail?id=347169

This WebKit quirk was causing some Web-compatibility issues because it
would affect the behavior of Window's name property getter when trying
to look up an iframe by id. Because of Window's named property getter
behavior [1], we would return the frame's contentWindow instead of the
iframe element itself.

[1] ​https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object

Test: fast/dom/Window/named-getter-frame-id.html

• html/HTMLFrameElementBase.cpp:

(WebCore::HTMLFrameElementBase::openURL):
(WebCore::HTMLFrameElementBase::parseAttribute):
(WebCore::HTMLFrameElementBase::didFinishInsertingNode):

• html/HTMLFrameElementBase.h:

LayoutTests:

• fast/dom/Window/named-getter-frame-id-expected.txt: Added.
• fast/dom/Window/named-getter-frame-id.html: Added.

Add layout test coverage.

• fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt:
• fast/dom/Geolocation/srcdoc-watchPosition-expected.txt:
• fast/dom/HTMLAnchorElement/anchor-in-noscroll-iframe-crash.html:
• fast/dom/Window/window-special-properties-expected.txt:
• fast/frames/iframe-no-name-expected.txt:
• fast/frames/iframe-no-name.html:
• fast/layers/prevent-hit-test-during-layout.html:
• fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt:
• http/tests/security/clipboard/copy-paste-html-cross-origin-iframe-across-origin.html:
• http/tests/security/contentSecurityPolicy/iframe-blank-url-programmatically-add-external-script-expected.txt:
• http/tests/security/cross-origin-reified-window-property-access.html:
• http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt:
• http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt:
• http/tests/webrtc/filtering-ice-candidate-same-origin-frame.html:
• http/wpt/beacon/keepalive-after-navigation-expected.txt:
• http/wpt/cache-storage/cache-remove-twice.html:

Update some layout tests that relied on our old (non-standard) behavior.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt (modified) (1 diff)
• LayoutTests/fast/dom/Geolocation/srcdoc-watchPosition-expected.txt (modified) (1 diff)
• LayoutTests/fast/dom/HTMLAnchorElement/anchor-in-noscroll-iframe-crash.html (modified) (1 diff)
• LayoutTests/fast/dom/Window/named-getter-frame-id-expected.txt (added)
• LayoutTests/fast/dom/Window/named-getter-frame-id.html (added)
• LayoutTests/fast/dom/Window/window-special-properties-expected.txt (modified) (2 diffs)
• LayoutTests/fast/frames/iframe-no-name-expected.txt (modified) (1 diff)
• LayoutTests/fast/frames/iframe-no-name.html (modified) (1 diff)
• LayoutTests/fast/layers/prevent-hit-test-during-layout.html (modified) (1 diff)
• LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/loading/basic-auth-load-URL-with-consecutive-slashes-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/navigation/image-load-in-subframe-unload-handler-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/quicklook/csp-header-ignored-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/clipboard/copy-paste-html-cross-origin-iframe-across-origin.html (modified) (1 diff)
• LayoutTests/http/tests/security/contentSecurityPolicy/iframe-blank-url-programmatically-add-external-script-expected.txt (modified) (1 diff)
• LayoutTests/http/tests/security/cross-origin-reified-window-property-access.html (modified) (1 diff)
• LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt (modified) (5 diffs)
• LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt (modified) (4 diffs)
• LayoutTests/http/tests/webrtc/filtering-ice-candidate-same-origin-frame.html (modified) (1 diff)
• LayoutTests/http/wpt/beacon/keepalive-after-navigation-expected.txt (modified) (1 diff)
• LayoutTests/http/wpt/cache-storage/cache-remove-twice.html (modified) (1 diff)
• LayoutTests/platform/ios/http/tests/quicklook/csp-header-ignored-expected.txt (modified) (1 diff)
• LayoutTests/platform/wk2/http/tests/loading/basic-auth-load-URL-with-consecutive-slashes-expected.txt (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/html/HTMLFrameElementBase.cpp (modified) (4 diffs)
• Source/WebCore/html/HTMLFrameElementBase.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2018-05-07  Chris Dumez  <cdumez@apple.com>
+
+        Stop using an iframe's id as fallback if its name attribute is not set
+        https://bugs.webkit.org/show_bug.cgi?id=11388
+
+        Reviewed by Geoff Garen.
+
+        * fast/dom/Window/named-getter-frame-id-expected.txt: Added.
+        * fast/dom/Window/named-getter-frame-id.html: Added.
+        Add layout test coverage.
+
+        * fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt:
+        * fast/dom/Geolocation/srcdoc-watchPosition-expected.txt:
+        * fast/dom/HTMLAnchorElement/anchor-in-noscroll-iframe-crash.html:
+        * fast/dom/Window/window-special-properties-expected.txt:
+        * fast/frames/iframe-no-name-expected.txt:
+        * fast/frames/iframe-no-name.html:
+        * fast/layers/prevent-hit-test-during-layout.html:
+        * fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt:
+        * http/tests/security/clipboard/copy-paste-html-cross-origin-iframe-across-origin.html:
+        * http/tests/security/contentSecurityPolicy/iframe-blank-url-programmatically-add-external-script-expected.txt:
+        * http/tests/security/cross-origin-reified-window-property-access.html:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt:
+        * http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt:
+        * http/tests/webrtc/filtering-ice-candidate-same-origin-frame.html:
+        * http/wpt/beacon/keepalive-after-navigation-expected.txt:
+        * http/wpt/cache-storage/cache-remove-twice.html:
+        Update some layout tests that relied on our old (non-standard) behavior.
+
 2018-05-07  Youenn Fablet  <youenn@apple.com>
 

trunk/LayoutTests/fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt

@@ -4 +4 @@
 
 --------
-Frame: 'frame'
+Frame: '<!--frame1-->'
 --------
 FAIL should have invoked error callback, but invoked success callback.

trunk/LayoutTests/fast/dom/Geolocation/srcdoc-watchPosition-expected.txt

@@ -4 +4 @@
 
 --------
-Frame: 'frame'
+Frame: '<!--frame1-->'
 --------
 FAIL should have invoked error callback, but invoked success callback.

trunk/LayoutTests/fast/dom/HTMLAnchorElement/anchor-in-noscroll-iframe-crash.html

@@ -15 +15 @@
 
     function setupTopLevel() {
-        var scrollTarget = window.frames['target'].document.getElementById('might_scroll');
+        var scrollTarget = iframeTarget.contentDocument.getElementById('might_scroll');
 
-        window.frames['target'].window.registerAction(function () {
+        iframeTarget.contentWindow.registerAction(function () {
             iframeTarget.remove();
             setTimeout(finish, 0);
         });
 
-        window.frames['target'].window.run();
+        iframeTarget.contentWindow.run();
     }
 </script>    

trunk/LayoutTests/fast/dom/Window/window-special-properties-expected.txt

@@ -43 +43 @@
 Iframe by name (unique): single WINDOW
 Iframe by name (multiple): single WINDOW
-Iframe by id (unique): single WINDOW
-Iframe by id (multiple): single WINDOW
+Iframe by id (unique): single IFRAME(id)
+Iframe by id (multiple): collection(2) IFRAME(id) IFRAME(id)
 Iframe by id/name mixed: single WINDOW
 
@@ -54 +54 @@
 Span by id/name mixed: collection(2) SPAN(id) SPAN(id)
 
-Mixed by id: single WINDOW
+Mixed by id: collection(7) IMG(id) FORM(id) APPLET(id) EMBED(id) OBJECT(id) IFRAME(id) SPAN(id)
 Mixed by name: single WINDOW
 Mixed by id (no iframe): collection(6) IMG(id) FORM(id) APPLET(id) EMBED(id) OBJECT(id) SPAN(id)

trunk/LayoutTests/fast/frames/iframe-no-name-expected.txt

@@ -4 +4 @@
 
 
-PASS frames[0].name is "id"
+PASS frames[0].name is ""
 PASS frames[1].name is "name"
 PASS frames[2].name is "name"

trunk/LayoutTests/fast/frames/iframe-no-name.html

@@ -12 +12 @@
 <script>
 description("Checks that the id of an iframe does not set the contentWindow's name if the iframe's name is not set.");
-shouldBeEqualToString("frames[0].name", "id");
+shouldBeEqualToString("frames[0].name", "");
 shouldBeEqualToString("frames[1].name", "name");
 shouldBeEqualToString("frames[2].name", "name");

trunk/LayoutTests/fast/layers/prevent-hit-test-during-layout.html

@@ -34 +34 @@
     
     function runTest() {
-        fixedDiv = window.frames['fixedFrame'].document.getElementById('fixedDiv');
+        fixedDiv = fixedFrame.contentDocument.getElementById('fixedDiv');
         target = document.getElementById('target');
 

trunk/LayoutTests/fast/xmlhttprequest/xmlhttprequest-no-file-access-expected.txt

@@ -17 +17 @@
 
 --------
-Frame: 'f'
+Frame: '<!--frame2-->'
 --------
 Successful write into iframe

trunk/LayoutTests/http/tests/loading/basic-auth-load-URL-with-consecutive-slashes-expected.txt

@@ -1 +1 @@
 main frame - didStartProvisionalLoadForFrame
 main frame - didCommitLoadForFrame
-frame "frame" - didStartProvisionalLoadForFrame
+frame "<!--frame1-->" - didStartProvisionalLoadForFrame
 main frame - didFinishDocumentLoadForFrame
 http://127.0.0.1:8000/loading/resources/basic-auth-testing.php?username=webkit&password=rocks - didReceiveAuthenticationChallenge - Responding with webkit:rocks
-frame "frame" - didCommitLoadForFrame
-frame "frame" - didFinishDocumentLoadForFrame
-frame "frame" - willPerformClientRedirectToURL: http://127.0.0.1:8000/a//b/non-existent-file.html 
-frame "frame" - didHandleOnloadEventsForFrame
+frame "<!--frame1-->" - didCommitLoadForFrame
+frame "<!--frame1-->" - didFinishDocumentLoadForFrame
+frame "<!--frame1-->" - willPerformClientRedirectToURL: http://127.0.0.1:8000/a//b/non-existent-file.html 
+frame "<!--frame1-->" - didHandleOnloadEventsForFrame
 main frame - didHandleOnloadEventsForFrame
-frame "frame" - didFinishLoadForFrame
+frame "<!--frame1-->" - didFinishLoadForFrame
 main frame - didFinishLoadForFrame
-frame "frame" - didStartProvisionalLoadForFrame
-frame "frame" - didCancelClientRedirectForFrame
-frame "frame" - didCommitLoadForFrame
-frame "frame" - didReceiveTitle: 404 Not Found
-frame "frame" - didFinishDocumentLoadForFrame
-frame "frame" - didFailLoadWithError
+frame "<!--frame1-->" - didStartProvisionalLoadForFrame
+frame "<!--frame1-->" - didCancelClientRedirectForFrame
+frame "<!--frame1-->" - didCommitLoadForFrame
+frame "<!--frame1-->" - didReceiveTitle: 404 Not Found
+frame "<!--frame1-->" - didFinishDocumentLoadForFrame
+frame "<!--frame1-->" - didFailLoadWithError
 PASS did not cause assertion failure.

trunk/LayoutTests/http/tests/navigation/image-load-in-subframe-unload-handler-expected.txt

@@ -1 @@
-frame "<!--frame1-->" - has 1 onunload handler(s)
+frame "<!--frame2-->" - has 1 onunload handler(s)
 This test triggers an unload handler that starts an image load in a different frame (and deletes both frames), but ensures the main frame is not destroyed. We pass if we don't crash.

trunk/LayoutTests/http/tests/quicklook/csp-header-ignored-expected.txt

@@ -5 +5 @@
 
 --------
-Frame: 'frame'
+Frame: '<!--frame1-->'
 --------
 PASS

trunk/LayoutTests/http/tests/security/clipboard/copy-paste-html-cross-origin-iframe-across-origin.html

@@ -34 +34 @@
     getSelection().removeAllRanges();
     setTimeout(() => {
-        destinationFrame.postMessage({type: 'paste'}, '*');
+        destinationFrame.contentWindow.postMessage({type: 'paste'}, '*');
     }, 0);
 }

trunk/LayoutTests/http/tests/security/contentSecurityPolicy/iframe-blank-url-programmatically-add-external-script-expected.txt

@@ -3 +3 @@
 
 --------
-Frame: 'frame'
+Frame: '<!--frame1-->'
 --------
 

trunk/LayoutTests/http/tests/security/cross-origin-reified-window-property-access.html

@@ -27 +27 @@
 function runTest()
 {
-    crossOriginWindow = crossOriginFrame.window;
-    sameOriginWindow = sameOriginFrame.window;
+    crossOriginWindow = crossOriginFrame.contentWindow;
+    sameOriginWindow = sameOriginFrame.contentWindow;
 
     shouldThrowOrReturnUndefined('crossOriginWindow.document');

trunk/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-and-try-access-from-right-frame-expected.txt

@@ -11 +11 @@
 
 --------
-Frame: 'TheIframeThatRequestsStorageAccess'
+Frame: '<!--frame1-->'
 --------
 After the top frame navigates the sub frame, the sub frame should no longer have access to first-party cookies.
@@ -19 +19 @@
 
 --------
-Frame: '<!--frame1-->'
+Frame: '<!--frame2-->'
 --------
 Should receive first-party cookie.
@@ -27 +27 @@
 
 --------
-Frame: '<!--frame2-->'
+Frame: '<!--frame3-->'
 --------
 Should not receive cookies.
@@ -35 +35 @@
 
 --------
-Frame: '<!--frame3-->'
+Frame: '<!--frame4-->'
 --------
 
@@ -41 +41 @@
 
 --------
-Frame: '<!--frame4-->'
+Frame: '<!--frame5-->'
 --------
 Should receive partitioned cookie.

trunk/LayoutTests/http/tests/storageAccess/request-and-grant-storage-access-cross-origin-sandboxed-iframe-from-prevalent-domain-with-non-recent-user-interaction-but-try-access-from-wrong-frame-expected.txt

@@ -11 +11 @@
 
 --------
-Frame: 'theIframe'
+Frame: '<!--frame1-->'
 --------
 
 
 --------
-Frame: '<!--frame1-->'
+Frame: '<!--frame2-->'
 --------
 Should receive first-party cookie.
@@ -24 +24 @@
 
 --------
-Frame: '<!--frame2-->'
+Frame: '<!--frame3-->'
 --------
 Should not receive cookies.
@@ -32 +32 @@
 
 --------
-Frame: '<!--frame3-->'
+Frame: '<!--frame4-->'
 --------
 
 
-
---------
-Frame: '<!--frame4-->'
---------
-Should receive partitioned cookie.
-Did not receive cookie named 'firstPartyCookie'.
-Received cookie named 'partitionedCookie'.
-Client-side document.cookie: partitionedCookie=value
 
 --------
@@ -52 +44 @@
 Received cookie named 'partitionedCookie'.
 Client-side document.cookie: partitionedCookie=value
+
+--------
+Frame: '<!--frame6-->'
+--------
+Should receive partitioned cookie.
+Did not receive cookie named 'firstPartyCookie'.
+Received cookie named 'partitionedCookie'.
+Client-side document.cookie: partitionedCookie=value

trunk/LayoutTests/http/tests/webrtc/filtering-ice-candidate-same-origin-frame.html

@@ -16 +16 @@
     if (event.data === "getUserMedia done") {
         didGetUserMedia = true;
-        frame1.postMessage("check filtering", "*");
+        frame1.contentWindow.postMessage("check filtering", "*");
         return;
     }

trunk/LayoutTests/http/wpt/beacon/keepalive-after-navigation-expected.txt

@@ -1 @@
-frame "testFrame" - has 1 onunload handler(s)
+frame "<!--frame1-->" - has 1 onunload handler(s)
 
 PASS Test that beacon sent from unload event handler is properly received 

trunk/LayoutTests/http/wpt/cache-storage/cache-remove-twice.html

@@ -25 +25 @@
         return new Promise((resolve, reject) => {
             window.addEventListener("message", test.step_func((event) => {
-                return Promise.all([self.caches.open(cacheName), cacheFrame.window.caches.open(cacheName) ]).then(() => {
-                    return Promise.all([self.caches.delete(cacheName), cacheFrame.window.caches.delete(cacheName)]);
+                return Promise.all([self.caches.open(cacheName), cacheFrame.contentWindow.caches.open(cacheName) ]).then(() => {
+                    return Promise.all([self.caches.delete(cacheName), cacheFrame.contentWindow.caches.delete(cacheName)]);
                 }).then(resolve, reject);
             }));

trunk/LayoutTests/platform/ios/http/tests/quicklook/csp-header-ignored-expected.txt

@@ -4 +4 @@
 
 --------
-Frame: 'frame'
+Frame: '<!--frame1-->'
 --------
 PASS

trunk/LayoutTests/platform/wk2/http/tests/loading/basic-auth-load-URL-with-consecutive-slashes-expected.txt

@@ -2 +2 @@
 main frame - didCommitLoadForFrame
 main frame - didFinishDocumentLoadForFrame
-frame "frame" - didStartProvisionalLoadForFrame
+frame "<!--frame1-->" - didStartProvisionalLoadForFrame
 127.0.0.1:8000 - didReceiveAuthenticationChallenge - Responding with webkit:rocks
-frame "frame" - didCommitLoadForFrame
-frame "frame" - didFinishDocumentLoadForFrame
-frame "frame" - willPerformClientRedirectToURL: http://127.0.0.1:8000/a//b/non-existent-file.html 
-frame "frame" - didHandleOnloadEventsForFrame
+frame "<!--frame1-->" - didCommitLoadForFrame
+frame "<!--frame1-->" - didFinishDocumentLoadForFrame
+frame "<!--frame1-->" - willPerformClientRedirectToURL: http://127.0.0.1:8000/a//b/non-existent-file.html 
+frame "<!--frame1-->" - didHandleOnloadEventsForFrame
 main frame - didHandleOnloadEventsForFrame
-frame "frame" - didFinishLoadForFrame
+frame "<!--frame1-->" - didFinishLoadForFrame
 main frame - didFinishLoadForFrame
-frame "frame" - didStartProvisionalLoadForFrame
-frame "frame" - didCancelClientRedirectForFrame
-frame "frame" - didCommitLoadForFrame
-frame "frame" - didReceiveTitle: 404 Not Found
-frame "frame" - didFinishDocumentLoadForFrame
-frame "frame" - didFailLoadWithError
+frame "<!--frame1-->" - didStartProvisionalLoadForFrame
+frame "<!--frame1-->" - didCancelClientRedirectForFrame
+frame "<!--frame1-->" - didCommitLoadForFrame
+frame "<!--frame1-->" - didReceiveTitle: 404 Not Found
+frame "<!--frame1-->" - didFinishDocumentLoadForFrame
+frame "<!--frame1-->" - didFailLoadWithError
 PASS did not cause assertion failure.

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2018-05-07  Chris Dumez  <cdumez@apple.com>
+
+        Stop using an iframe's id as fallback if its name attribute is not set
+        https://bugs.webkit.org/show_bug.cgi?id=11388
+
+        Reviewed by Geoff Garen.
+
+        WebKit had logic to use an iframe's id as fallback name when its name
+        content attribute is not set. This behavior was not standard and did not
+        match other browsers:
+        - https://html.spec.whatwg.org/#attr-iframe-name
+
+        Gecko / Trident never behaved this way. Blink was aligned with us until
+        they started to match the specification in:
+        - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
+
+        This WebKit quirk was causing some Web-compatibility issues because it
+        would affect the behavior of Window's name property getter when trying
+        to look up an iframe by id. Because of Window's named property getter
+        behavior [1], we would return the frame's contentWindow instead of the
+        iframe element itself.
+
+        [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
+
+        Test: fast/dom/Window/named-getter-frame-id.html
+
+        * html/HTMLFrameElementBase.cpp:
+        (WebCore::HTMLFrameElementBase::openURL):
+        (WebCore::HTMLFrameElementBase::parseAttribute):
+        (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
+        * html/HTMLFrameElementBase.h:
+
 2018-05-07  Chris Dumez  <cdumez@apple.com>
 

trunk/Source/WebCore/html/HTMLFrameElementBase.cpp

@@ -97 +97 @@
         return;
 
-    parentFrame->loader().subframeLoader().requestFrame(*this, m_URL, m_frameName, lockHistory, lockBackForwardList);
+    parentFrame->loader().subframeLoader().requestFrame(*this, m_URL, getNameAttribute(), lockHistory, lockBackForwardList);
 }
 
@@ -106 +106 @@
     else if (name == srcAttr && !hasAttributeWithoutSynchronization(srcdocAttr))
         setLocation(stripLeadingAndTrailingHTMLSpaces(value));
-    else if (name == idAttr) {
-        HTMLFrameOwnerElement::parseAttribute(name, value);
-        // Falling back to using the 'id' attribute is not standard but some content relies on this behavior.
-        if (!hasAttributeWithoutSynchronization(nameAttr))
-            m_frameName = value;
-    } else if (name == nameAttr) {
-        m_frameName = value;
-        // FIXME: If we are already attached, this doesn't actually change the frame's name.
-        // FIXME: If we are already attached, this doesn't check for frame name
-        // conflicts and generate a unique frame name.
-    } else if (name == marginwidthAttr) {
+    else if (name == marginwidthAttr) {
         m_marginWidth = value.toInt();
         // FIXME: If we are already attached, this has no effect.
@@ -133 +123 @@
 }
 
-void HTMLFrameElementBase::setNameAndOpenURL()
-{
-    m_frameName = getNameAttribute();
-    // Falling back to using the 'id' attribute is not standard but some content relies on this behavior.
-    if (m_frameName.isNull())
-        m_frameName = getIdAttribute();
-    openURL();
-}
-
 Node::InsertedIntoAncestorResult HTMLFrameElementBase::insertedIntoAncestor(InsertionType insertionType, ContainerNode& parentOfInsertedTree)
 {
@@ -164 +145 @@
     if (!renderer())
         invalidateStyleAndRenderersForSubtree();
-    setNameAndOpenURL();
+    openURL();
 }
 

trunk/Source/WebCore/html/HTMLFrameElementBase.h

@@ -71 +71 @@
     bool isFrameElementBase() const final { return true; }
 
-    void setNameAndOpenURL();
     void openURL(LockHistory = LockHistory::Yes, LockBackForwardList = LockBackForwardList::Yes);
 
     AtomicString m_URL;
-    AtomicString m_frameName;
 
     ScrollbarMode m_scrolling;