Bug 222589 - WebKitLegacy needs to keep JSDOMWindow even though it is used while its origin is not set
Summary: WebKitLegacy needs to keep JSDOMWindow even though it is used while its origi...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Local Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: youenn fablet
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-03-02 02:39 PST by youenn fablet
Modified: 2021-03-03 08:55 PST (History)
2 users (show)

See Also:


Attachments
Patch (6.16 KB, patch)
2021-03-02 02:44 PST, youenn fablet
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description youenn fablet 2021-03-02 02:39:45 PST
WebKitLegacy needs to keep JSDOMWindow even though it is used while its origin is not set
Comment 1 youenn fablet 2021-03-02 02:40:10 PST
<rdar://problem/74258258>
Comment 2 youenn fablet 2021-03-02 02:44:53 PST
Created attachment 421917 [details]
Patch
Comment 3 Geoffrey Garen 2021-03-02 12:38:20 PST
Comment on attachment 421917 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=421917&action=review

r=me

> Source/WebCore/bindings/js/JSWindowProxy.cpp:109
> +        if (!localWindow.document()->haveInitializedSecurityOrigin() && localWindow.document()->settings().windowObjectAlwaysInitializedWithSecurityOriginEnabled())

I wonder if this should include a linked on or after check -- or just be a linked on or after check? Would be nice to avoid unnecessary divergence in web platform behavior.
Comment 4 youenn fablet 2021-03-03 08:36:50 PST
(In reply to Geoffrey Garen from comment #3)
> Comment on attachment 421917 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=421917&action=review
> 
> r=me
> 
> > Source/WebCore/bindings/js/JSWindowProxy.cpp:109
> > +        if (!localWindow.document()->haveInitializedSecurityOrigin() && localWindow.document()->settings().windowObjectAlwaysInitializedWithSecurityOriginEnabled())
> 
> I wonder if this should include a linked on or after check -- or just be a
> linked on or after check? Would be nice to avoid unnecessary divergence in
> web platform behavior.

I do not really know.
Are WK1 APIs good enough to handle that case, ie provide easy hooks to delay what people are doing to the point where the origin is set?
I guess we can do that as a follow-up.
Comment 5 EWS 2021-03-03 08:55:10 PST
Committed r273817: <https://commits.webkit.org/r273817>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 421917 [details].