Bug 43080 - History.pushState() + navigation operates on top frame when called from nested context
Summary: History.pushState() + navigation operates on top frame when called from neste...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: History (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Darin Fisher (:fishd, Google)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-07-27 14:48 PDT by Justin Schuh
Modified: 2010-07-30 13:56 PDT (History)
4 users (show)

See Also:

Attachments
repro (393 bytes, application/x-zip-compressed)
2010-07-27 14:48 PDT, Justin Schuh 		no flags Details
simple fix (wip) (919 bytes, patch)
2010-07-27 16:53 PDT, Darin Fisher (:fishd, Google) 		no flags Details | Formatted Diff | Diff
v1 patch (6.06 KB, patch)
2010-07-27 22:19 PDT, Darin Fisher (:fishd, Google) 		beidson: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Schuh 2010-07-27 14:48:38 PDT 
Created attachment 62749 [details]
repro

I've attached two files that demonstrate an iframe using pushState() and back() to force navigation of the parent frame. The scripts work automatically on Chrome, but you can observe the same behavior with manual navigation in Safari. Based on my read of the standard we should be navigating the iframe's nested browsing context, not the top frame. This might be a regression from bug 36435.
Comment 1 Darin Fisher (:fishd, Google) 2010-07-27 16:53:47 PDT 
Created attachment 62773 [details]
simple fix (wip)

Here's the fix.  I still need to add a layout test, etc.  I'm also thinking of
changing createItemTree to return the target item as an out param so that we
can avoid the recursive walk done by HistoryItem::targetItem().
Comment 2 Darin Fisher (:fishd, Google) 2010-07-27 22:19:05 PDT 
Created attachment 62795 [details]
v1 patch
Comment 3 Darin Fisher (:fishd, Google) 2010-07-30 13:40:11 PDT 
Landed as http://trac.webkit.org/changeset/64369
Comment 4 WebKit Review Bot 2010-07-30 13:56:42 PDT 
http://trac.webkit.org/changeset/64369 might have broken Qt Linux Release