<rdar://problem/18978497> * STEPS TO REPRODUCE 1. In a new tab, navigate to <data:text/html,1> 2. In the same tab, navigate to <data:text/html,2> 3. In the same tab, navigate to <data:text/html,3> 4. Swipe to navigate back to 2 5. Swipe to navigate back to 1 6. Click or tap the Forward button to navigate forward to 2 7. Click or tap the Forward button to navigate forward to 3 8. Swipe back to 2 * RESULTS In step 8, the 1 snapshot is revealed, instead of the 2 snapshot.
It looks like when using the button to navigate, by the time WebPageProxy::willChangeCurrentHistoryItemForMainFrame() is called, the current item has already changed. In particular, WebPageProxy::backForwardGoToItem() is called before WebPageProxy::willChangeCurrentHistoryItemForMainFrame(). This call ordering happens not only in the button navigation case, but also in the navigation gesture case, but in the latter we are protected by the early return in ViewSnapshotStore::recordSnapshot() as we are still showing a snapshot. I think we can simply make it WebBackForwardList’s job to record a snapshot right before it changes what currentItem() would return.
Created attachment 241616 [details] Record a a navigation snapshot before the current item changes in WebBackForwardList
Fixed in <http://trac.webkit.org/r176136>.