[webkit-changes] [WebKit/WebKit] b9a32b: Document leak on pages with text input forms such ...

Chris Dumez noreply at github.com
Fri May 12 13:25:20 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: b9a32bf41135bbdd80f1ea351a5730866358ee80
      https://github.com/WebKit/WebKit/commit/b9a32bf41135bbdd80f1ea351a5730866358ee80
  Author: Chris Dumez <cdumez at apple.com>
  Date:   2023-05-12 (Fri, 12 May 2023)

  Changed paths:
    A LayoutTests/fast/editing/document-leak-altered-text-field-expected.txt
    A LayoutTests/fast/editing/document-leak-altered-text-field.html
    A LayoutTests/fast/editing/resources/document-leak-altered-text-field-popup.html
    A LayoutTests/fast/editing/resources/simple.html
    M Source/WebCore/editing/Editor.cpp
    M Source/WebCore/editing/Editor.h
    M Source/WebCore/page/EditorClient.h
    M Source/WebCore/page/Page.cpp
    M Source/WebCore/page/Page.h
    M Source/WebKitLegacy/mac/WebCoreSupport/WebEditorClient.h
    M Source/WebKitLegacy/mac/WebCoreSupport/WebEditorClient.mm

  Log Message:
  -----------
  Document leak on pages with text input forms such as google.com
https://bugs.webkit.org/show_bug.cgi?id=256404
rdar://108975202

Reviewed by Wenson Hsieh and Ryosuke Niwa.

When typing test in a text input field and then navigating away, the
text field's document would leak. It would be kept alive via a
WebUndoStep stored in the WebPage::m_undoStepMap map.

FrameLoader::closeURL() was calling Editor::clearUndoRedoOperations()
to clear those WebUndoSteps on the WebPage. However, it ended up being
a no-op because Editor::client() would return null because the document
was already detached from the frame and the EditorClient is stored on
the Page. This happens in particular when the previous page was put in
the back/forward cache.

To address the issue, I updated Editor to store a WeakPtr to the
EditorClient object so that it is always able to tell the client to
clear operations if the Page/EditorClient are still alive.

* Source/WebCore/editing/Editor.cpp:
(WebCore::Editor::client const):
(WebCore::Editor::Editor):
* Source/WebCore/editing/Editor.h:

Canonical link: https://commits.webkit.org/264022@main

More information about the webkit-changes mailing list