Changeset 236862 in webkit


Ignore:
Timestamp:
Oct 4, 2018 5:19:46 PM (6 years ago)
Author:
Chris Dumez
Message:

A Document / Window should lose its browsing context as soon as its iframe is removed from the document
https://bugs.webkit.org/show_bug.cgi?id=190282

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

Rebaseline several WPT tests that are now passing. I have verified that those tests are also passing in
Firefox and Chrome.

  • web-platform-tests/html/browsers/windows/nested-browsing-contexts/window-parent-null-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-synchronously-discard-expected.txt:

Source/WebCore:

A Document / Window should lose its browsing context (aka Frame) as soon as its iframe is removed from
the document. In WebKit, a Document / Window's Frame was only getting nulled out when the frame gets
destroyed, which happens later usually after a GC happens.

Specification:

"""
When an iframe element is removed from a document, the user agent must discard the element's nested browsing
context, if it is not null, and then set the element's nested browsing context to null.
"""

This was not consistent with the specification or other browsers (tested Chrome and Firefox) so this
patch is aligning our behavior.

In a follow-up, I am planning to look into making the Window not be a FrameDestructionObserver, and instead
get its frame from the Document. This should make the code simpler.

No new tests, rebaselined existing tests.

  • Modules/mediastream/MediaDevices.cpp:

(WebCore::MediaDevices::getUserMedia const):

  • Modules/mediastream/MediaDevices.h:

Update getUserMedia() to reject a the Promise with an InvalidStateError when calling after the
document has been detached, instead of throwing an InvalidStateError. This behavior is as per
specification:

I needed to make this change to keep one of our layout tests passing.

  • dom/Document.cpp:

(WebCore::Document::attachToCachedFrame):
(WebCore::Document::detachFromFrame):

  • dom/Document.h:
  • page/DOMWindow.cpp:

(WebCore::DOMWindow::didSecureTransitionTo):
(WebCore::DOMWindow::willDetachDocumentFromFrame):
(WebCore::DOMWindow::setStatus):
(WebCore::DOMWindow::detachFromFrame):
(WebCore::DOMWindow::attachToFrame):

  • page/DOMWindow.h:
  • page/DOMWindowProperty.cpp:

(WebCore::DOMWindowProperty::disconnectFrameForDocumentSuspension):
(WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
(WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):

  • page/Frame.cpp:

(WebCore::Frame::disconnectOwnerElement):

  • platform/mock/MockRealtimeVideoSource.cpp:

(WebCore::MockRealtimeVideoSource::drawText):
Calling drawText() with a null String hits an assertion in debug. This was triggered by one of
our layout tests so I made sure we only call drawText when the String is not null.

LayoutTests:

Update existing layout test to reflect behavior change.

  • fast/dom/Window/BarInfo-after-frame-removed.html:
  • fast/dom/Window/dom-access-from-closure-iframe-expected.txt:
  • fast/dom/Window/dom-access-from-closure-window-expected.txt:
  • fast/dom/Window/dom-access-from-closure-window-with-gc-expected.txt:
  • fast/dom/Window/resources/dom-access-from-closure-iframe-child.html:
  • fast/dom/Window/resources/dom-access-from-closure-window-child.html:
  • fast/events/resources/before-unload-return-string-conversion-frame.html:
  • fast/parser/resources/set-parent-to-javascript-url.html:
  • http/tests/media/media-stream/disconnected-frame.html:
  • http/tests/security/contentSecurityPolicy/resources/checkDidSameOriginChildWindowLoad.js:

(checkDidLoad):

  • http/tests/security/named-window-property-from-same-origin-inactive-document-expected.txt:
  • http/tests/security/named-window-property-from-same-origin-inactive-document.html:
  • http/tests/security/xss-DENIED-contentWindow-eval-expected.txt:
  • http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document-expected.txt:
  • http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document.html:
Location:
trunk
Files:
29 edited

Legend:

Unmodified
Added
Removed

  • trunk/LayoutTests/ChangeLog

    r236856 r236862  
     12018-10-04  Chris Dumez  <cdumez@apple.com>
     2
     3        A Document / Window should lose its browsing context as soon as its iframe is removed from the document
     4        https://bugs.webkit.org/show_bug.cgi?id=190282
     5
     6        Reviewed by Ryosuke Niwa.
     7
     8        Update existing layout test to reflect behavior change.
     9
     10        * fast/dom/Window/BarInfo-after-frame-removed.html:
     11        * fast/dom/Window/dom-access-from-closure-iframe-expected.txt:
     12        * fast/dom/Window/dom-access-from-closure-window-expected.txt:
     13        * fast/dom/Window/dom-access-from-closure-window-with-gc-expected.txt:
     14        * fast/dom/Window/resources/dom-access-from-closure-iframe-child.html:
     15        * fast/dom/Window/resources/dom-access-from-closure-window-child.html:
     16        * fast/events/resources/before-unload-return-string-conversion-frame.html:
     17        * fast/parser/resources/set-parent-to-javascript-url.html:
     18        * http/tests/media/media-stream/disconnected-frame.html:
     19        * http/tests/security/contentSecurityPolicy/resources/checkDidSameOriginChildWindowLoad.js:
     20        (checkDidLoad):
     21        * http/tests/security/named-window-property-from-same-origin-inactive-document-expected.txt:
     22        * http/tests/security/named-window-property-from-same-origin-inactive-document.html:
     23        * http/tests/security/xss-DENIED-contentWindow-eval-expected.txt:
     24        * http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document-expected.txt:
     25        * http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document.html:
     26
    1272018-10-04  Ross Kirsling  <ross.kirsling@sony.com>
    228

  • trunk/LayoutTests/fast/dom/Window/BarInfo-after-frame-removed.html

    r120792 r236862  
    1616        var childWindow = frame.contentWindow;
    1717        frame.parentNode.removeChild(frame);
    18         childWindow.toolbar.visible;
     18        try {
     19            childWindow.toolbar.visible;
     20        } catch (e) { }
    1921       
    2022        document.getElementById("console").firstChild.data = "TEST RAN";

  • trunk/LayoutTests/fast/dom/Window/dom-access-from-closure-iframe-expected.txt

    r42223 r236862  
    11document.URL: LayoutTests/fast/dom/Window/resources/dom-access-from-closure-iframe-child.html
    22window.document.URL: LayoutTests/fast/dom/Window/resources/notify-parent-done.html
    3 name: child
     3name:
    44window.name: child
    55

  • trunk/LayoutTests/fast/dom/Window/dom-access-from-closure-window-expected.txt

    r42223 r236862  
    11document.URL: LayoutTests/fast/dom/Window/resources/dom-access-from-closure-window-child.html
    22window.document.URL: LayoutTests/fast/dom/Window/resources/notify-opener-done.html
    3 name: child
     3name:
    44window.name: child
    55

  • trunk/LayoutTests/fast/dom/Window/dom-access-from-closure-window-with-gc-expected.txt

    r125656 r236862  
    11document.URL: LayoutTests/fast/dom/Window/resources/dom-access-from-closure-window-child.html
    22window.document.URL: LayoutTests/fast/dom/Window/resources/notify-opener-done.html
    3 name: child
     3name:
    44window.name: child
    55

  • trunk/LayoutTests/fast/dom/Window/resources/dom-access-from-closure-iframe-child.html

    r32853 r236862  
    11<script>
     2    const parent = window.parent; // Save parent as the window will be detached when accessFrame() is called.
     3
    24    parent.accessFrame = function()
    35    {

  • trunk/LayoutTests/fast/dom/Window/resources/dom-access-from-closure-window-child.html

    r32853 r236862  
    11<script>
     2    const opener = window.opener; // Save opener as the window will be detached when accessFrame() is called.
     3
    24    opener.accessFrame = function()
    35    {

  • trunk/LayoutTests/fast/events/resources/before-unload-return-string-conversion-frame.html

    r212625 r236862  
    1515        parent.shouldBeEqualToString("event.returnValue", "PASS");
    1616        parent.shouldBeTrue("toStringCalled");
    17         parent.setTimeout(function() {
    18             parent.finishJSTest();
    19         }, 0);
     17        parent.finishJSTest();
    2018    }
    2119

  • trunk/LayoutTests/fast/parser/resources/set-parent-to-javascript-url.html

    r65692 r236862  
    11<script>
     2const parent = window.parent;
    23alert(1);
    34parent.document.getElementsByTagName('iframe')[0].src = "javascript:alert(2),'PASS<script>alert(3)<\/script>'";

  • trunk/LayoutTests/http/tests/media/media-stream/disconnected-frame.html

    r226160 r236862  
    1313
    1414function onIframeLoaded() {
    15     iframeNavigator = iframe.contentWindow.navigator;
     15    iframeMediaDevices = iframe.contentWindow.navigator.mediaDevices;
    1616    iframe.remove();
    1717    onIframeUnloaded();
     
    1919
    2020function onIframeUnloaded() {
     21    handle = setTimeout(function() {
     22        testFailed('Timeout: promise resolve and reject functions not called.');
     23        finishJSTest();
     24    }, 100);
     25
    2126    var options = {audio: true, video: true};
    22     iframeNavigator.mediaDevices.getUserMedia(options)
     27    iframeMediaDevices.getUserMedia(options)
    2328        .then(stream => {
    2429            testFailed('Promise resolved unexpectedly.');
     30            clearTimeout(handle);
    2531            finishJSTest();
    2632        })
    2733        .catch(err => {
    2834            testPassed('Promise rejected as expected.');
     35            clearTimeout(handle);
    2936            finishJSTest();
    3037        });
    31 
    32     setTimeout(function() {
    33         testFailed('Timeout: promise resolve and reject functions not called.');
    34         finishJSTest();
    35     }, 100);
    3638}
    3739

  • trunk/LayoutTests/http/tests/security/contentSecurityPolicy/resources/checkDidSameOriginChildWindowLoad.js

    r234149 r236862  
    99function checkDidSameOriginChildWindowLoad(childWindow, callback)
    1010{
    11     function checkDidLoad() {
    12         if (childWindow.document.location.origin !== document.location.origin)
    13             return;
    14         // Child window did load
    15         window.clearInterval(intervalID);
    16         callback()
    17     }
    18     intervalID = window.setInterval(checkDidLoad, 10);
     11    childWindow.onload = callback;
    1912}

  • trunk/LayoutTests/http/tests/security/named-window-property-from-same-origin-inactive-document-expected.txt

    r217061 r236862  
    66Lookup named element whose name corresponds to an element in the initial about:blank document:
    77PASS frame.contentDocument.getElementById('A') is not elementAInInactiveDocument
    8 PASS elementAInActiveDocumentFunction() is frame.contentDocument.getElementById('A')
     8PASS elementAInDetachedWindowFunction() threw exception ReferenceError: Can't find variable: A.
    99
    1010Lookup named element whose name does not correspond to an element in the initial about:blank document:
    11 PASS elementBInActiveDocumentFunction() is frame.contentDocument.getElementById('B')
     11PASS elementBInDetachedWindowFunction() threw exception ReferenceError: Can't find variable: B.
    1212PASS successfullyParsed is true
    1313

  • trunk/LayoutTests/http/tests/security/named-window-property-from-same-origin-inactive-document.html

    r217061 r236862  
    1818frameDocument.body.appendChild(elementAInInactiveDocument);
    1919
    20 var elementAInActiveDocumentFunction = frame.contentWindow.Function("return A;");
    21 var elementBInActiveDocumentFunction = frame.contentWindow.Function("return B;");
     20var elementAInDetachedWindowFunction = frame.contentWindow.Function("return A;");
     21var elementBInDetachedWindowFunction = frame.contentWindow.Function("return B;");
    2222
    2323frame.onload = function ()
     
    2525    debug("Lookup named element whose name corresponds to an element in the initial about:blank document:");
    2626    shouldNotBe("frame.contentDocument.getElementById('A')", "elementAInInactiveDocument");
    27     shouldBe("elementAInActiveDocumentFunction()", "frame.contentDocument.getElementById('A')");
     27    shouldThrowErrorName("elementAInDetachedWindowFunction()", "ReferenceError");
    2828
    2929    debug("<br>Lookup named element whose name does not correspond to an element in the initial about:blank document:");
    30     shouldBe("elementBInActiveDocumentFunction()", "frame.contentDocument.getElementById('B')");
     30    shouldThrowErrorName("elementBInDetachedWindowFunction()", "ReferenceError");
    3131
    3232    finishJSTest();

  • trunk/LayoutTests/http/tests/security/xss-DENIED-contentWindow-eval-expected.txt

    r217895 r236862  
    1 CONSOLE MESSAGE: line 1: TypeError: Type error
    21This test passes if alert() is not called.

  • trunk/LayoutTests/http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document-expected.txt

    r230864 r236862  
    55
    66Lookup named element whose name corresponds to an element in the initial about:blank document:
    7 PASS elementAInActiveDocumentFunction() threw exception SecurityError: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a cross-origin frame. Protocols, domains, and ports must match..
     7PASS elementAInDetachedWindowFunction() threw exception ReferenceError: Can't find variable: A.
    88
    99Lookup named element whose name does not correspond to an element in the initial about:blank document:
    10 PASS elementBInActiveDocumentFunction() threw exception SecurityError: Blocked a frame with origin "http://127.0.0.1:8000" from accessing a cross-origin frame. Protocols, domains, and ports must match..
     10PASS elementBInDetachedWindowFunction() threw exception ReferenceError: Can't find variable: B.
    1111PASS successfullyParsed is true
    1212

  • trunk/LayoutTests/http/tests/security/xss-DENIED-named-window-property-from-cross-origin-inactive-document.html

    r219663 r236862  
    1818frameDocument.body.appendChild(elementAInInactiveDocument);
    1919
    20 var elementAInActiveDocumentFunction = frame.contentWindow.Function("return A;");
    21 var elementBInActiveDocumentFunction = frame.contentWindow.Function("return B;");
     20var elementAInDetachedWindowFunction = frame.contentWindow.Function("return A;");
     21var elementBInDetachedWindowFunction = frame.contentWindow.Function("return B;");
    2222
    2323frame.onload = function ()
    2424{
    2525    debug("Lookup named element whose name corresponds to an element in the initial about:blank document:")
    26     shouldThrowErrorName("elementAInActiveDocumentFunction()", 'SecurityError');
     26    shouldThrowErrorName("elementAInDetachedWindowFunction()", 'ReferenceError');
    2727
    2828    debug("<br>Lookup named element whose name does not correspond to an element in the initial about:blank document:");
    29     shouldThrowErrorName("elementBInActiveDocumentFunction()", 'SecurityError');
     29    shouldThrowErrorName("elementBInDetachedWindowFunction()", 'ReferenceError');
    3030
    3131    finishJSTest();

  • trunk/LayoutTests/imported/w3c/ChangeLog

    r236840 r236862  
     12018-10-04  Chris Dumez  <cdumez@apple.com>
     2
     3        A Document / Window should lose its browsing context as soon as its iframe is removed from the document
     4        https://bugs.webkit.org/show_bug.cgi?id=190282
     5
     6        Reviewed by Ryosuke Niwa.
     7
     8        Rebaseline several WPT tests that are now passing. I have verified that those tests are also passing in
     9        Firefox and Chrome.
     10
     11        * web-platform-tests/html/browsers/windows/nested-browsing-contexts/window-parent-null-expected.txt:
     12        * web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-synchronously-discard-expected.txt:
     13
    1142018-10-04  YUHAN WU  <yuhan_wu@apple.com>
    215

  • trunk/LayoutTests/imported/w3c/web-platform-tests/html/browsers/windows/nested-browsing-contexts/window-parent-null-expected.txt

    r213882 r236862  
    11
    2 FAIL `window.parent` is null when browsing context container element removed assert_equals: expected null but got object "[object Window]"
    3 FAIL `window.parent` null when parent browsing context container removed assert_equals: expected null but got object "[object Window]"
    4 
     2PASS `window.parent` is null when browsing context container element removed
     3PASS `window.parent` null when parent browsing context container removed
     4 

  • trunk/LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-synchronously-discard-expected.txt

    r212202 r236862  
    11
    2 FAIL IFrame discards are processed synchronously assert_equals: child window should be discarded expected null but got object "[object Window]"
     2PASS IFrame discards are processed synchronously
    33

  • trunk/Source/WebCore/ChangeLog

    r236860 r236862  
     12018-10-04  Chris Dumez  <cdumez@apple.com>
     2
     3        A Document / Window should lose its browsing context as soon as its iframe is removed from the document
     4        https://bugs.webkit.org/show_bug.cgi?id=190282
     5
     6        Reviewed by Ryosuke Niwa.
     7
     8        A Document / Window should lose its browsing context (aka Frame) as soon as its iframe is removed from
     9        the document. In WebKit, a Document / Window's Frame was only getting nulled out when the frame gets
     10        destroyed, which happens later usually after a GC happens.
     11
     12        Specification:
     13        - https://html.spec.whatwg.org/#the-iframe-element
     14        """
     15        When an iframe element is removed from a document, the user agent must discard the element's nested browsing
     16        context, if it is not null, and then set the element's nested browsing context to null.
     17        """
     18
     19        This was not consistent with the specification or other browsers (tested Chrome and Firefox) so this
     20        patch is aligning our behavior.
     21
     22        In a follow-up, I am planning to look into making the Window not be a FrameDestructionObserver, and instead
     23        get its frame from the Document. This should make the code simpler.
     24
     25        No new tests, rebaselined existing tests.
     26
     27        * Modules/mediastream/MediaDevices.cpp:
     28        (WebCore::MediaDevices::getUserMedia const):
     29        * Modules/mediastream/MediaDevices.h:
     30        Update getUserMedia() to reject a the Promise with an InvalidStateError when calling after the
     31        document has been detached, instead of throwing an InvalidStateError. This behavior is as per
     32        specification:
     33        - https://w3c.github.io/mediacapture-main/#dom-mediadevices-getusermedia (Step 4)
     34        I needed to make this change to keep one of our layout tests passing.
     35
     36        * dom/Document.cpp:
     37        (WebCore::Document::attachToCachedFrame):
     38        (WebCore::Document::detachFromFrame):
     39        * dom/Document.h:
     40        * page/DOMWindow.cpp:
     41        (WebCore::DOMWindow::didSecureTransitionTo):
     42        (WebCore::DOMWindow::willDetachDocumentFromFrame):
     43        (WebCore::DOMWindow::setStatus):
     44        (WebCore::DOMWindow::detachFromFrame):
     45        (WebCore::DOMWindow::attachToFrame):
     46        * page/DOMWindow.h:
     47        * page/DOMWindowProperty.cpp:
     48        (WebCore::DOMWindowProperty::disconnectFrameForDocumentSuspension):
     49        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
     50        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
     51        * page/Frame.cpp:
     52        (WebCore::Frame::disconnectOwnerElement):
     53
     54        * platform/mock/MockRealtimeVideoSource.cpp:
     55        (WebCore::MockRealtimeVideoSource::drawText):
     56        Calling drawText() with a null String hits an assertion in debug. This was triggered by one of
     57        our layout tests so I made sure we only call drawText when the String is not null.
     58
    1592018-10-04  Jeremy Jones  <jeremyj@apple.com>
    260

  • trunk/Source/WebCore/Modules/mediastream/MediaDevices.cpp

    r236465 r236862  
    9797}
    9898
    99 ExceptionOr<void> MediaDevices::getUserMedia(const StreamConstraints& constraints, Promise&& promise) const
     99void MediaDevices::getUserMedia(const StreamConstraints& constraints, Promise&& promise) const
    100100{
    101101    auto* document = this->document();
    102     if (!document)
    103         return Exception { InvalidStateError };
     102    if (!document) {
     103        promise.reject(Exception { InvalidStateError });
     104        return;
     105    }
    104106
    105107    auto audioConstraints = createMediaConstraints(constraints.audio);
     
    112114        request->start();
    113115
    114     return { };
     116    return;
    115117}
    116118

  • trunk/Source/WebCore/Modules/mediastream/MediaDevices.h

    r235900 r236862  
    7575        Variant<bool, MediaTrackConstraints> audio;
    7676    };
    77     ExceptionOr<void> getUserMedia(const StreamConstraints&, Promise&&) const;
     77    void getUserMedia(const StreamConstraints&, Promise&&) const;
    7878    ExceptionOr<void> getDisplayMedia(const StreamConstraints&, Promise&&) const;
    7979    void enumerateDevices(EnumerateDevicesPromise&&) const;

  • trunk/Source/WebCore/dom/Document.cpp

    r236855 r236862  
    23422342    ASSERT(m_pageCacheState == Document::InPageCache);
    23432343    observeFrame(&cachedFrame.view()->frame());
     2344    if (auto* window = domWindow())
     2345        window->attachToFrame(cachedFrame.view()->frame());
    23442346}
    23452347
     
    82468248}
    82478249
     8250void Document::detachFromFrame()
     8251{
     8252    if (auto* window = domWindow())
     8253        window->willDetachDocumentFromFrame();
     8254
     8255    observeFrame(nullptr);
     8256}
     8257
    82488258} // namespace WebCore

  • trunk/Source/WebCore/dom/Document.h

    r236855 r236862  
    15061506    bool isRunningUserScripts() const { return m_isRunningUserScripts; }
    15071507
     1508    void detachFromFrame();
     1509
    15081510protected:
    15091511    enum ConstructionFlags { Synthesized = 1, NonRenderedPlaceholder = 1 << 1 };
     
    15221524
    15231525    bool shouldInheritContentSecurityPolicyFromOwner() const;
    1524 
    1525     void detachFromFrame() { observeFrame(nullptr); }
    15261526
    15271527    void updateTitleElement(Element& changingTitleElement);

  • trunk/Source/WebCore/page/DOMWindow.cpp

    r236762 r236862  
    415415{
    416416    observeContext(&document);
     417    observeFrame(document.frame());
    417418}
    418419
     
    512513    if (m_performance)
    513514        m_performance->clearResourceTimings();
     515
     516    detachFromFrame();
    514517}
    515518
     
    14031406    ASSERT(m_frame->document()); // Client calls shouldn't be made when the frame is in inconsistent state.
    14041407    page->chrome().setStatusbarText(*m_frame, m_status);
    1405 }
     1408}
     1409
     1410void DOMWindow::detachFromFrame()
     1411{
     1412    observeFrame(nullptr);
     1413}
     1414
     1415void DOMWindow::attachToFrame(Frame& frame)
     1416{
     1417    observeFrame(&frame);
     1418}
    14061419   
    14071420void DOMWindow::setDefaultStatus(const String& string)

  • trunk/Source/WebCore/page/DOMWindow.h

    r235050 r236862  
    334334    void willDestroyCachedFrame();
    335335
     336    void attachToFrame(Frame&);
     337    void detachFromFrame();
     338
    336339    void enableSuddenTermination();
    337340    void disableSuddenTermination();

  • trunk/Source/WebCore/page/DOMWindowProperty.cpp

    r211033 r236862  
    5858void DOMWindowProperty::disconnectFrameForDocumentSuspension()
    5959{
    60     // If this property is being disconnected from its Frame to enter the PageCache, it must have
    61     // been created with a Frame in the first place.
    62     ASSERT(m_frame);
    6360    ASSERT(m_associatedDOMWindow);
    6461
     
    9491void DOMWindowProperty::willDestroyGlobalObjectInFrame()
    9592{
    96     // If the property is getting this callback it must have been created with a Frame/DOMWindow and it should still have them.
    97     ASSERT(m_frame);
    9893    ASSERT(m_associatedDOMWindow);
    9994
     
    108103void DOMWindowProperty::willDetachGlobalObjectFromFrame()
    109104{
    110     // If the property is getting this callback it must have been created with a Frame/DOMWindow and it should still have them.
    111     ASSERT(m_frame);
    112     ASSERT(m_associatedDOMWindow);
     105    m_frame = nullptr;
    113106}
    114107

  • trunk/Source/WebCore/page/Frame.cpp

    r235758 r236862  
    832832    }
    833833    m_ownerElement = nullptr;
     834
     835    if (auto* document = this->document())
     836        document->detachFromFrame();
    834837}
    835838

  • trunk/Source/WebCore/platform/mock/MockRealtimeVideoSource.cpp

    r236855 r236862  
    373373        statsLocation.move(0, m_statsFontSize);
    374374        context.drawText(statsFont, TextRun((StringView(string))), statsLocation);
    375     } else {
     375    } else if (!name().isNull()) {
    376376        statsLocation.move(0, m_statsFontSize);
    377377        context.drawText(statsFont, TextRun { name() }, statsLocation);
Note: See TracChangeset for help on using the changeset viewer.