mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

fix: dangling speculative frames (#45609)

Browse source 
* fix: dangling speculative frames

* harden lifecycle state checks

* feedback

* add const
This commit is contained in:
Sam Maddock 2025-02-18 17:52:05 -05:00 committed by GitHub
parent ecd7eb36ac
commit ee67bc7dcb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 174 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

10
shell/browser/api/electron_api_web_contents.cc
View file

@ -1792,7 +1792,6 @@ void WebContents::RenderFrameDeleted(
// - An <iframe> is removed from the DOM.
// - Cross-origin navigation creates a new RFH in a separate process which
// is swapped by content::RenderFrameHostManager.
//
// WebFrameMain::FromRenderFrameHost(rfh) will use the RFH's FrameTreeNode ID
// to find an existing instance of WebFrameMain. During a cross-origin
@ -1800,8 +1799,13 @@ void WebContents::RenderFrameDeleted(
// this special case, we need to also ensure that WebFrameMain's internal RFH
// matches before marking it as disposed.
auto* web_frame = WebFrameMain::FromRenderFrameHost(render_frame_host);
if (web_frame && web_frame->render_frame_host() == render_frame_host)
web_frame->MarkRenderFrameDisposed();
if (web_frame) {
// Need to directly compare frame tokens as frames pending deletion can no
// longer be looked up using content::RenderFrameHost::FromFrameToken().
if (web_frame->frame_token_ == render_frame_host->GetGlobalFrameToken()) {
web_frame->MarkRenderFrameDisposed();
}
}
}
void WebContents::RenderFrameHostChanged(content::RenderFrameHost* old_host,