RESOLVED FIXED 192277
[PSON] process-swapping may occur even though opener has handle to openee 
https://bugs.webkit.org/show_bug.cgi?id=192277
Summary [PSON] process-swapping may occur even though opener has handle to openee
Chris Dumez
Reported 2018-12-01 10:52:02 PST
Process-swapping may occur even though opener has handle to openee, which is not Web-compatible. The reason is that we rely on the window not having an opener to process-swap. However, the opener can be disowned, which does not mean that the opener doesn't still have a handle to its openee.
Attachments
Patch (23.04 KB, patch)
2018-12-01 11:01 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2018-12-01 11:01:34 PST
Created attachment 356315 [details] Patch
EWS Watchlist
Comment 2 2018-12-01 11:03:21 PST
Attachment 356315 [details] did not pass style-queue: ERROR: Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:2980: Multi-line string ("...") found. This lint script doesn't do well with such strings, and may give bogus warnings. They're ugly and unnecessary, and you should use concatenation instead". [readability/multiline_string] [5] ERROR: Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:2988: Multi-line string ("...") found. This lint script doesn't do well with such strings, and may give bogus warnings. They're ugly and unnecessary, and you should use concatenation instead". [readability/multiline_string] [5] Total errors found: 2 in 14 files If any of these errors are false positives, please file a bug against check-webkit-style.
WebKit Commit Bot
Comment 3 2018-12-01 14:40:16 PST
Comment on attachment 356315 [details] Patch Clearing flags on attachment: 356315 Committed r238787: <https://trac.webkit.org/changeset/238787>
WebKit Commit Bot
Comment 4 2018-12-01 14:40:17 PST
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 5 2018-12-01 14:41:33 PST
<rdar://problem/46398357>
Note You need to log in before you can comment on or make changes to this bug.