[Webkit-unassigned] [Bug 60779] Bug in rubber banding logic for scroll animators

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri May 13 12:01:30 PDT 2011


https://bugs.webkit.org/show_bug.cgi?id=60779





--- Comment #9 from Simon Fraser (smfr) <simon.fraser at apple.com>  2011-05-13 12:01:30 PST ---
(In reply to comment #8)
> (In reply to comment #7)
> 
> > > Source/WebCore/page/EventHandler.cpp:-2144
> > > -    view = m_frame->view();
> > > -    if (!view)
> > > -        return false;
> > > -
> > 
> > Why this change?
> 
> Earlier in the method this check is already performed. Unless there's a possibility that the frame will lose the view by the time we hit this line, I don't think we have to check twice.

You have to be really careful in code that allows arbitrary JS to be executed. This code is probably here because the event handler can run JS which results in the frame getting destroyed.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list