Bug 185191

Summary:

document.open() event listener removal is not immediate

Product:

WebKit

Reporter:

Anne van Kesteren <annevk>

Component:

DOM

Assignee:

Chris Dumez <cdumez>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

cdumez, commit-queue, darin, dbates, esprehn+autocc, ews-watchlist, ggaren, kangil.han, rniwa, sam, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none

Anne van Kesteren

Reported 2018-05-02 02:13:06 PDT

See https://github.com/w3c/web-platform-tests/pull/10686 and https://github.com/whatwg/html/pull/3653.

Attachments
Patch (4.19 KB, patch) 2018-05-02 09:53 PDT, Chris Dumez	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Chris Dumez

Comment 1 2018-05-02 08:56:35 PDT

I believe the issue is that EventListenerMap::clear() clears m_entries but fails to call markAsRemoved() on each RegisteredEventListener. Therefore, if somebody already had a reference to the RegisteredEventListeners, it can still fire events at them.

Anne van Kesteren

Comment 2 2018-05-02 09:19:52 PDT

Yeah, that sounds similar to how the standard works. When you invoke removeEventListener() it both removes from the list and sets a removed flag that dispatch will take into account. I think this should work similar (and it does in Chrome and Firefox).

Chris Dumez

Comment 3 2018-05-02 09:53:28 PDT

Created attachment 339310 [details] Patch

WebKit Commit Bot

Comment 4 2018-05-02 11:39:25 PDT

Comment on attachment 339310 [details] Patch Clearing flags on attachment: 339310 Committed r231248: <https://trac.webkit.org/changeset/231248>

WebKit Commit Bot

Comment 5 2018-05-02 11:39:27 PDT

All reviewed patches have been landed. Closing bug.

Radar WebKit Bug Importer

Comment 6 2018-05-02 11:40:21 PDT

<rdar://problem/39912521>

Note You need to log in before you can comment on or make changes to this bug.