[Webkit-unassigned] [Bug 202402] New: [GTK] 'instanceof' fails to identify objects properly inside an iframe

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Oct 1 06:18:36 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=202402

            Bug ID: 202402
           Summary: [GTK] 'instanceof' fails to identify objects properly
                    inside an iframe
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcrha at redhat.com

Using WebKitGTK+ 2.26.0, aka webkit-2.26 branch at r249660. Using 'instanceof' operator in JSC fails to properly identify objects, returning 'false' even for cases which are should return 'true', including console output.

Steps to reproduce:
a) open a Console tab in an inspector and issue this set of commands:

   document.documentElement.innerHTML = "<html><body>main<iframe id='frm1' src='empty:///'></iframe></body></html>";
   document.getElementById("frm1").contentDocument.documentElement.innerHTML = "<html><body>frm1<iframe id='frm2' src='empty:///'></iframe></body></html>";
   document.getElementById("frm1").contentDocument.getElementById("frm2").contentDocument.documentElement.innerHTML = "<html><body>frm1<iframe id='frm2' src='empty:///'></iframe></body></html>";
   function checkit(elem) { if (elem) console.log("elem:" + elem + " tag:" + elem.tagName + " id:" + elem.id + " is iframe:" + (elem instanceof HTMLIFrameElement) + " is HTMLElem:" + (elem instanceof HTMLElement)); else console.log("elem is null");}

b) try what checkit() returns for respective elements. The "quoted" string is what it writes in the console.

   checkit(document.documentElement);
> elem:[object HTMLHtmlElement] tag:HTML id: is iframe:false is HTMLElem:true

   checkit(document.getElementById("frm1"));
> elem:[object HTMLIFrameElement] tag:IFRAME id:frm1 is iframe:true is HTMLElem:true

   checkit(document.getElementById("frm1").contentDocument.getElementById("frm2"));
> elem:[object HTMLIFrameElement] tag:IFRAME id:frm2 is iframe:false is HTMLElem:false

I expect to see 'true' / 'true' at the end of the log above.

   checkit(document.getElementById("frm1").contentDocument.getElementById("frm2").contentDocument.getElementById("frm2"));
> elem:[object HTMLIFrameElement] tag:IFRAME id:frm2 is iframe:false is HTMLElem:false

Similarly here and below, where it tried the HTML document of the inner iframe-s, which should work the same as the first checkit() call above, I believe.

   checkit(document.getElementById("frm1").contentDocument.getElementById("frm2").contentDocument);
> elem:[object HTMLDocument] tag:undefined id:undefined is iframe:false is HTMLElem:false

   checkit(document.getElementById("frm1").contentDocument);
> elem:[object HTMLDocument] tag:undefined id:undefined is iframe:false is HTMLElem:false

   checkit(document.getElementById("frm1"));
> elem:[object HTMLIFrameElement] tag:IFRAME id:frm1 is iframe:true is HTMLElem:true

This just re-runs the working call from the above again.


I doubt I do anything wrong, but I'm new to Javascript, thus I'll be happy to be corrected.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191001/d630daa5/attachment.html>

More information about the webkit-unassigned mailing list