[Webkit-unassigned] [Bug 194189] New: Validate navigation policy decisions to avoid crashes in continueLoadAfterNavigationPolicy

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Feb 2 00:33:07 PST 2019 

https://bugs.webkit.org/show_bug.cgi?id=194189

            Bug ID: 194189
           Summary: Validate navigation policy decisions to avoid crashes
                    in continueLoadAfterNavigationPolicy
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rniwa at webkit.org
                CC: beidson at apple.com

We're hitting crashes in FrameLoader::continueLoadAfterNavigationPolicy
where isBackForwardLoadType would return true yet history().provisionalItem() is null.

We think this is because we're mixing up one policy decision requests / responses for different navigations.

Add identifiers for each policy decision in WebCore as done in WebKit2.

<rdar://problem/22872341>

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190202/d8e2a6da/attachment.html>

More information about the webkit-unassigned mailing list