[webkit-changes] [WebKit/WebKit] e3cbd8: Regression(258149 at main) 1Password autofill is brok...

Chris Dumez noreply at github.com
Thu Mar 9 07:04:46 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e3cbd8226eccb0d445356822f24de7b62db26ee9
      https://github.com/WebKit/WebKit/commit/e3cbd8226eccb0d445356822f24de7b62db26ee9
  Author: Chris Dumez <cdumez at apple.com>
  Date:   2023-03-09 (Thu, 09 Mar 2023)

  Changed paths:
    M Source/WebKit/UIProcess/WebFrameProxy.cpp
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/SiteIsolation.mm

  Log Message:
  -----------
  Regression(258149 at main) 1Password autofill is broken on nytimes.com
https://bugs.webkit.org/show_bug.cgi?id=253576
rdar://106316283

Reviewed by Timothy Hatcher.

Before 258149 at main, the [WKWebView _frames:completionHander:] SPI was relying
on the WebProcess's FrameTree to return the state of the frames as a tree.
However, after the refactoring in 258149 at main, we do the tree traversal on
the UIProcess side and IPC each frame independently. To do this traversal,
we rely on WebFrameProxy::m_childFrames.

However, we have a bug where WebFrameProxy::m_childFrames could contain
subframes from previous pages that were previously visited in this view.
The reason for this is that the main frame (and thus the main WebFrameProxy)
gets reused on navigation. However, WebFrameProxy::m_childFrames is not getting
cleared whenever the frame navigates.

I initially tried to clear m_childFrames when a load gets committed in the
frame. However, this introduced crashes when restoring a back/forward cache
entry. The reason for this is that we currently don't notify the UIProcess
when restoring frames from the back/forward cache. As a result, m_childFrames
would not correctly get re-populated after restoring a back/forward cache
entry and it would lead to issues later on.

To make the fix as minimal and as safe as possible for the branch, I am opting
to update WebFrameProxy::getFrameInfo() to filter out frameData for frames
whose parentFrameID doesn't match the current frame's ID. This makes sure
that we only report about iframes that are currently in the frame tree, just
like we used to before 258149 at main.

In a follow-up, we should refactor this to make sure that m_childFrames is
an accurate and current representation of the frame tree, since we're going
to rely on it more and more for site isolation.

* Source/WebKit/UIProcess/WebFrameProxy.cpp:
(WebKit::WebFrameProxy::didCommitLoad):
(WebKit::WebFrameProxy::didFailLoad):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/SiteIsolation.mm:
(TestWebKitAPI::TEST):

Canonical link: https://commits.webkit.org/261429@main

More information about the webkit-changes mailing list