[Webkit-unassigned] [Bug 204332] Nullptr crash in Node::setTextContent via Document::setTitle if title element is removed before setTextContent call.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 18 21:17:35 PST 2019
https://bugs.webkit.org/show_bug.cgi?id=204332
--- Comment #9 from Ryosuke Niwa <rniwa at webkit.org> ---
(In reply to Sunny He from comment #8)
> Firefox does update the text value, but Chrome does not. So this patch will
> align with Chrome's behavior.
I don't think Firefox updates the text value per se. I think the behavior we observed is that Firefox would set the text content value of HTMLTitleElement before DOMNodeInserted event fires. In neither browsers, document's title was updated because the title element is ultimately removed.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191119/25399fef/attachment.htm>
More information about the webkit-unassigned
mailing list