A Document / Window should loose its browsing context (aka Frame) as soon as its iframe is removed from the document. Currently, in WebKit, a Document / Window's Frame only get nulled out when the frame gets destroyed, we happens later usually after a GC happens. This is not consistent with the specification or other browsers (tested Chrome and Firefox).
Created attachment 351611 [details] WIP Patch
Created attachment 351614 [details] Patch
Created attachment 351615 [details] Patch
Is there any provision in specs for reparenting?
(In reply to Alexey Proskuryakov from comment #4) > Is there any provision in specs for reparenting? No sure what you mean. If you remove an iframe from a document and add it back to the document, then it will do a fresh load and you'll get a brand new document / window, as per HTML spec.
(In reply to Chris Dumez from comment #5) > (In reply to Alexey Proskuryakov from comment #4) > > Is there any provision in specs for reparenting? > > No sure what you mean. If you remove an iframe from a document and add it > back to the document, then it will do a fresh load and you'll get a brand > new document / window, as per HTML spec. Once a window / document loose their frame, they do not normally get reattached later, expect in the PageCache case.
Created attachment 351618 [details] Patch
Created attachment 351630 [details] Patch
Comment on attachment 351630 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=351630&action=review > LayoutTests/fast/dom/Window/resources/dom-access-from-closure-iframe-child.html:2 > + p = parent; // Save parent as the window will be detached when accessFrame() is called. Can we do const parent = window.parent instead? > LayoutTests/fast/dom/Window/resources/dom-access-from-closure-window-child.html:2 > + o = opener; // Save opener as the window will be detached when accessFrame() is called. Ditto. > LayoutTests/fast/parser/resources/set-parent-to-javascript-url.html:2 > +p = parent; Ditto.
Created attachment 351642 [details] Patch
Comment on attachment 351642 [details] Patch Clearing flags on attachment: 351642 Committed r236862: <https://trac.webkit.org/changeset/236862>
All reviewed patches have been landed. Closing bug.
<rdar://problem/45028073>