[Webkit-unassigned] [Bug 204880] New: Automation: scripts are executed in the wrong js context after a history navigation
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Dec 5 02:28:49 PST 2019
https://bugs.webkit.org/show_bug.cgi?id=204880
Bug ID: 204880
Summary: Automation: scripts are executed in the wrong js
context after a history navigation
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
Assignee: webkit-unassigned at lists.webkit.org
Reporter: cgarcia at igalia.com
CC: bburg at apple.com, joepeck at webkit.org
I noticed this while working on bug #204151. After implementing the promises based execute script, tests imported/w3c/webdriver/tests/back/user_prompts.py and imported/w3c/webdriver/tests/forward/user_prompts.py started to fail, but only when the page cache was enabled. After a lot of debugging I realized the problem was that we wee using the script object from the previous frame js context after loading a page from the cache, because didClearWindowObjectForFrame() is not called in that case. We are caching the script object for every frame ID, and after a history navigation the frame ID is the same, but the frame js context isn't. That also mean we might be leaking the script objects in those cases, because we end up calling JSValueUnprotect with the wrong context. It would be easier to set the script object as a property of the global object and let JSC handle the lifetime. Instead of caching the script object and protect/unprotect it, we just check if the global object of the current js context has the property or not to get or create it.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191205/e6e33995/attachment.htm>
More information about the webkit-unassigned
mailing list