New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 617239 link

Starred by 1 user
Status: Fixed
Owner:
creis@chromium.org
Closed: Jan 2017
Cc:
a...@chromium.org
nasko@chromium.org
wfh@chromium.org
creis@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug



Sign in to add a comment

OOPIF: PageState mismatch in subframes in FNE-enabled modes

Project Member Reported by creis@chromium.org, Jun 3 2016 
Version: 53.0.2757.0
OS: All

What steps will reproduce the problem?
1) Visit http://csreis.github.io/tests/cross-site-iframe-initially-blank.html.
2) Add #foo to the URL in the omnibox and hit enter.
3) Click "Go cross-site (simple page)"
4) Go back.
5) Using DevTools, navigate in-page inside the subframe: "location.href='#foo';"
6) Go back.

What is the expected output?

The NavigationEntry's FrameNavigationEntry::url() is about:blank, so we should end up on about:blank.  This matches what happens in default Chrome after we fix the renderer kills in issue 612713.

What do you see instead?

We end up on the cross-site page from step 3 in the subframe.  This is arguably better than about:blank from the user's perspective and might be something we want to make happen in all modes, but it's currently happening for the wrong reason: there's a mismatch between the PageState and URL on the FrameNavigationEntry.

That's dangerous and should be fixed.

Comment 1 by nasko@chromium.org, Dec 7 2016 

I just tried this and I don't see a subframe process with --site-per-process after step 6. Does that mean that it behaves as expected?

Comment 2 by creis@chromium.org, Jan 5 2017

Cc: nasko@chromium.org
Status: Fixed (was: Assigned)
I've confirmed in the debugger that the PageState mismatch is indeed fixed now.  We get to about:blank in step 6, and both the url() and page_state() on the subframe's FrameNavigationEntry agree that it's about:blank.

I still think it would be reasonable to change this at some point so that going back ends up on the page from step 3, since we basically have a race between the subframe committing and the main frame doing an in-page navigation.  Since the subframe commit in step 3 is AUTO_SUBFRAME and should be replacing the about:blank page, it's odd to be able to get back to about:blank.  That would likely require either traversing all NavigationEntries or sharing FrameNavigationEntries, though, and it's not a pressing issue.  Maybe we'll come back to it if it proves to matter in practice.
Project Member

Comment 3 by bugdroid1@chromium.org, Jan 6 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ebfd33fdbbe2b78234fd30c6fdbddfc3d162e06d

commit ebfd33fdbbe2b78234fd30c6fdbddfc3d162e06d
Author: creis <creis@chromium.org>
Date: Fri Jan 06 02:53:59 2017

Remove additional uses of UseSubframeNavigationEntries in tests.

There's no longer a PageState mismatch from  bug 617239 , so we can
re-enable the test expectations for these tests.

BUG= 236848 ,  617239 
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_site_isolation

Review-Url: https://codereview.chromium.org/2614913002
Cr-Commit-Position: refs/heads/master@{#441854}

[modify] https://crrev.com/ebfd33fdbbe2b78234fd30c6fdbddfc3d162e06d/content/browser/frame_host/navigation_controller_impl_browsertest.cc

Sign in to add a comment