Ignore:
Timestamp:
Dec 18, 2008, 10:19:06 AM (16 years ago)
Author:
[email protected]
Message:

2008-12-18 Cameron Zwarich <[email protected]>

Reviewed by Geoff Garen.

Bug 21855: REGRESSION (r37323): Gmail complains about popup blocking when opening a link
<https://bugs.webkit.org/show_bug.cgi?id=21855>
<rdar://problem/6278244>

If JavaScript is not currently executing, the handleEvent member function
of JSAbstractEventListener should set the dynamic global object to the
global object of the context in which the event occurred.


If this is not set, then JavaScriptCore will simply take the global object
of the context where the event handler function was created, which may be
a different frame. This will cause the popup blocker to incorrectly block
windows opened from onclick events inside of an iframe whose handler was
created in the outer frame, as it will check the outer frame and see that
it is not processing any events.

JavaScriptCore:

  • interpreter/Interpreter.cpp:
  • runtime/JSGlobalObject.h: (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope): (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):

WebCore:

  • bindings/js/JSEventListener.cpp: (WebCore::JSAbstractEventListener::handleEvent):

WebKitTools:

  • DumpRenderTree/mac/EventSendingController.h:
  • DumpRenderTree/mac/EventSendingController.mm: (+[EventSendingController isSelectorExcludedFromWebScript:]): Expose scheduleAsynchronousClick to JavaScript. (-[EventSendingController scheduleAsynchronousClick]): Add.

LayoutTests:

  • fast/events/popup-blocking-click-in-iframe-expected.txt: Added.
  • fast/events/popup-blocking-click-in-iframe.html: Added.
  • fast/events/resources/popup-blocking-click-in-iframe-otherFrame.html: Added.
  • platform/gtk/Skipped:
  • platform/qt/Skipped:
  • platform/win/Skipped:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/runtime/JSGlobalObject.h

    r39320 r39377  
    356356        return globalData().dynamicGlobalObject;
    357357    }
    358    
     358
     359    class DynamicGlobalObjectScope : Noncopyable {
     360    public:
     361        DynamicGlobalObjectScope(CallFrame* callFrame, JSGlobalObject* dynamicGlobalObject)
     362            : m_dynamicGlobalObjectSlot(callFrame->globalData().dynamicGlobalObject)
     363            , m_savedDynamicGlobalObject(m_dynamicGlobalObjectSlot)
     364        {
     365            m_dynamicGlobalObjectSlot = dynamicGlobalObject;
     366        }
     367
     368        ~DynamicGlobalObjectScope()
     369        {
     370            m_dynamicGlobalObjectSlot = m_savedDynamicGlobalObject;
     371        }
     372
     373    private:
     374        JSGlobalObject*& m_dynamicGlobalObjectSlot;
     375        JSGlobalObject* m_savedDynamicGlobalObject;
     376    };
     377
    359378} // namespace JSC
    360379
Note: See TracChangeset for help on using the changeset viewer.