New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 669585 link

Starred by 2 users

Issue metadata

Status: Fixed
Owner:
Last visit > 30 days ago
Closed: Dec 2016
Cc:
Components:
EstimatedDays: ----
NextAction: 2016-12-01
OS: Android
Pri: 1
Type: Bug

Blocking:
issue 652148



Sign in to add a comment

Web payments IFrame support crashes with out of process iframes

Project Member Reported by rouslan@chromium.org, Nov 29 2016

Issue description

What steps will reproduce the problem?
1. Enable chrome://flags/#enable-experimental-web-platform-features
2. Enable chrome://flags/#enable-site-per-process
3. Open https://rsolomakhin.github.io/pr/iframe/

What is the expected result?
No crash

What happens instead of that?
Crash

Please provide any additional information below. Attach a screenshot if
possible.

Crash happens in toHTMLFrameOwnerElement() because of frame->owner()->isLocal() returning false. We'd like to fix this in M-56 timeframe to ship allowPaymentRequest. Please let me know if you're unable to resolve this, so I can assign someone else to this task.
 
Status: Started (was: Assigned)
I am starting to work on it.
Cc: sanjoy....@samsung.com
Owner: ----
Status: Available (was: Started)
I quickly tried by following "allowfullscreen" implementation here
https://codereview.chromium.org/2545693002/

But the frame properties are not getting updated for out-of-process iframes as subframe is not created by that time
https://cs.chromium.org/chromium/src/third_party/WebKit/Source/core/html/HTMLFrameElementBase.cpp?rcl=0&l=120

Please feel free assign to someone else as I'm occupied with few other stuff currently.
Owner: rouslan@chromium.org
Status: Assigned (was: Available)
Components: Internals>Sandbox>SiteIsolation
Cc: dcheng@chromium.org alex...@chromium.org

Comment 6 by creis@chromium.org, Dec 1 2016

rouslan@: Thanks for filing!  And yes, we are on track to turn on the first uses of out-of-process iframes in M56 (for --isolate-extensions mode), so let's aim to get this fixed in M56 if possible.  Let us know if you need any advice on it.

Comment 7 by creis@chromium.org, Dec 1 2016

Ah, is this Android only?  We won't be launching --isolate-extensions there (given that there are no extensions on Android).
creis: Was ttps://codereview.chromium.org/2545693002/ moving in the right direction?
Yes, this feature is currently implemented only on Android. Desktop support is coming some time in 2017.
You can reproduce the crash on desktop with some command-line flags:

$ ninja -Cout/lin chrome \
  && out/lin/chrome \
      --enable-experimental-web-platform-features \
      --site-per-process \
      https://rsolomakhin.github.io/pr/iframe/
Good to hear, and thanks.  Still worth fixing, but we won't have any OOPIFs on Android in M56, so might not be as time sensitive.

alexmos@ or dcheng@: Can you take a look at the CL to see if it's on the right track?
#2: Your general approach of following the allowfullscreen implementation should work.  When the subframe gets created, its FrameOwnerProperties are actually propagated in WebLocalFrameImpl::createChildFrame, here: 
https://cs.chromium.org/chromium/src/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp?l=1590
which you did update.  But it seems your WIP CL didn't update allowedToUsePaymentRequest(), which also needs to be able to handle frame->owner() being a RemoteFrameOwner, so perhaps that needs to be worked out also.  Fullscreen has a very similar set of checks in allowedToUseFullscreen().  Happy to help with any further questions/reviewing for this.  

Cc: -sanjoy....@samsung.com rouslan@chromium.org
Owner: sanjoy....@samsung.com
Status: Started (was: Assigned)
Following up on my #12, duh, I skimmed the CL too quickly and totally misread that you did in fact change allowedToUsePaymentRequest -- sorry.  Looks like you found the real problem already.
Project Member

Comment 16 by bugdroid1@chromium.org, Dec 15 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a1f17e817c65d8f3e8ba10beee7b43e625f21c04

commit a1f17e817c65d8f3e8ba10beee7b43e625f21c04
Author: sanjoy.pal <sanjoy.pal@samsung.com>
Date: Thu Dec 15 03:39:12 2016

Support allowpaymentrequest with out-of-process iframes

BUG= 669585 

Review-Url: https://codereview.chromium.org/2545693002
Cr-Commit-Position: refs/heads/master@{#438724}

[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/chrome/browser/payments/payment_request_impl.cc
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/chrome/browser/payments/payment_request_impl.h
[add] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/chrome/browser/payments/site_per_process_payments_browsertest.cc
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/chrome/test/BUILD.gn
[add] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/chrome/test/data/payment_request_iframe.html
[add] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/chrome/test/data/payment_request_main.html
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/content/common/frame_messages.h
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/content/common/frame_owner_properties.cc
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/content/common/frame_owner_properties.h
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/core/frame/FrameOwner.h
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/core/html/HTMLFrameOwnerElement.h
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/core/html/HTMLIFrameElement.h
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/web/RemoteFrameOwner.cpp
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/web/RemoteFrameOwner.h
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/web/WebFrame.cpp
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp
[modify] https://crrev.com/a1f17e817c65d8f3e8ba10beee7b43e625f21c04/third_party/WebKit/public/web/WebFrameOwnerProperties.h

Status: Fixed (was: Started)
Labels: Merge-Request-56
Status: Started (was: Fixed)

Comment 19 by dimu@chromium.org, Dec 15 2016

Labels: -Merge-Request-56 Merge-Approved-56 Hotlist-Merge-Approved
Your change meets the bar and is auto-approved for M56 (branch: 2924)
Project Member

Comment 20 by bugdroid1@chromium.org, Dec 15 2016

Labels: -merge-approved-56 merge-merged-2924
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4af576a4562fb7b664732f174f1a112715f31f60

commit 4af576a4562fb7b664732f174f1a112715f31f60
Author: Rouslan Solomakhin <rouslan@chromium.org>
Date: Thu Dec 15 15:28:26 2016

[Merge M-56] Support allowpaymentrequest with out-of-process iframes

BUG= 669585 

Review-Url: https://codereview.chromium.org/2545693002
Cr-Commit-Position: refs/heads/master@{#438724}
(cherry picked from commit a1f17e817c65d8f3e8ba10beee7b43e625f21c04)

Review-Url: https://codereview.chromium.org/2578773003 .
Cr-Commit-Position: refs/branch-heads/2924@{#510}
Cr-Branched-From: 3a87aecc31cd1ffe751dd72c04e5a96a1fc8108a-refs/heads/master@{#433059}

[add] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/chrome/browser/payments/site_per_process_payments_browsertest.cc
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/chrome/test/BUILD.gn
[add] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/chrome/test/data/payment_request_iframe.html
[add] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/chrome/test/data/payment_request_main.html
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/content/common/frame_messages.h
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/content/common/frame_owner_properties.cc
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/content/common/frame_owner_properties.h
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/core/frame/FrameOwner.h
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/core/html/HTMLFrameOwnerElement.h
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/core/html/HTMLIFrameElement.cpp
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/core/html/HTMLIFrameElement.h
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/web/FrameLoaderClientImpl.cpp
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/web/RemoteFrameOwner.cpp
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/web/RemoteFrameOwner.h
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/web/WebFrame.cpp
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/Source/web/WebLocalFrameImpl.cpp
[modify] https://crrev.com/4af576a4562fb7b664732f174f1a112715f31f60/third_party/WebKit/public/web/WebFrameOwnerProperties.h

Project Member

Comment 21 by bugdroid1@chromium.org, Dec 20 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/319b249e933d384d28339f6676b8781fdc077a38

commit 319b249e933d384d28339f6676b8781fdc077a38
Author: rouslan <rouslan@chromium.org>
Date: Tue Dec 20 00:31:17 2016

Gate web payments iframe support on runtime enabled feature.

OOPIF crash fix in http://crrev.com/2545693002 enabled web payments
iframe support unintentionally. This patch disables it again.

BUG= 669585 

Review-Url: https://codereview.chromium.org/2580893002
Cr-Commit-Position: refs/heads/master@{#439634}

[modify] https://crrev.com/319b249e933d384d28339f6676b8781fdc077a38/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp

Labels: Merge-Request-56

Comment 23 by dimu@chromium.org, Dec 20 2016

Labels: -Merge-Request-56 Merge-Approved-56
Your change meets the bar and is auto-approved for M56 (branch: 2924)
Project Member

Comment 24 by bugdroid1@chromium.org, Dec 20 2016

Labels: -merge-approved-56
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/285239b8ac7e7cdae0ce38cd591e8a7b094b720f

commit 285239b8ac7e7cdae0ce38cd591e8a7b094b720f
Author: Rouslan Solomakhin <rouslan@chromium.org>
Date: Tue Dec 20 15:46:03 2016

[Merge M-56] Gate web payments iframe support on runtime enabled feature.

OOPIF crash fix in http://crrev.com/2545693002 enabled web payments
iframe support unintentionally. This patch disables it again.

BUG= 669585 

Review-Url: https://codereview.chromium.org/2580893002
Cr-Commit-Position: refs/heads/master@{#439634}
(cherry picked from commit 319b249e933d384d28339f6676b8781fdc077a38)

Review-Url: https://codereview.chromium.org/2590953002 .
Cr-Commit-Position: refs/branch-heads/2924@{#562}
Cr-Branched-From: 3a87aecc31cd1ffe751dd72c04e5a96a1fc8108a-refs/heads/master@{#433059}

[modify] https://crrev.com/285239b8ac7e7cdae0ce38cd591e8a7b094b720f/third_party/WebKit/Source/modules/payments/PaymentRequest.cpp

Status: Fixed (was: Started)

Sign in to add a comment