[Webkit-unassigned] [Bug 282622] New: [Navigation] Cross document push navigations don't prune correctly

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 5 10:46:40 PST 2024 

https://bugs.webkit.org/show_bug.cgi?id=282622

            Bug ID: 282622
           Summary: [Navigation] Cross document push navigations don't
                    prune correctly
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: pgriffis at igalia.com

This is test navigation-api/navigation-history-entry/entries-after-cross-document-forward-pruning.html

This is resolved by fixing this fixme: https://github.com/WebKit/WebKit/blob/ac9f0488c548bf6c6bc855059c6b3b27929b1b81/Source/WebCore/page/Navigation.cpp#L141

A diff such as this would be the starting point:

diff --git a/Source/WebCore/page/Navigation.cpp b/Source/WebCore/page/Navigation.cpp
index cf5725257363..c0753548cfb2 100644
--- a/Source/WebCore/page/Navigation.cpp
+++ b/Source/WebCore/page/Navigation.cpp
@@ -138,7 +138,7 @@ void Navigation::initializeForNewWindow(std::optional<NavigationNavigationType>

             // FIXME: This should handle Push, however somewhere before here the currentEntry of previousNavigation was updated
             // to the new navigation so we get duplicate entries.
-            if (navigationType != NavigationNavigationType::Push) {
+            if (true) {
                 if (navigationType == NavigationNavigationType::Traverse) {
                     m_currentEntryIndex = getEntryIndexOfHistoryItem(m_entries, *currentItem);
                     if (m_currentEntryIndex) {
@@ -151,6 +151,11 @@ void Navigation::initializeForNewWindow(std::optional<NavigationNavigationType>
                 } else {
                     Ref previousEntry = m_entries[*previousNavigation->m_currentEntryIndex];

+                    if (navigationType == NavigationNavigationType::Push) {
+                        m_entries.resize(*previousNavigation->m_currentEntryIndex + 1); // Prune forward entries.
+                        m_entries.append(NavigationHistoryEntry::create(protectedScriptExecutionContext().get(), *currentItem)); // fixme
+                    }
+
                     if (navigationType == NavigationNavigationType::Replace)
                         m_entries[*previousNavigation->m_currentEntryIndex] = NavigationHistoryEntry::create(protectedScriptExecutionContext().get(), *currentItem);

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20241105/94072714/attachment.htm>

More information about the webkit-unassigned mailing list