mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-12-04 13:30:31 +00:00
LibWeb: Omit origin check for content document in FrameBox::paint()
Once we paint, it's way too late for this check to happen anyway. Additionally, the spec's steps for retrieving the content document assume that both the browsing context's active document and the container's node document are non-null, which evidently isn't always the case here, as seen by crashes on the SerenityOS 2nd and 3rd birthday pages (I'm not sure about the details though). Fixes #12565.
This commit is contained in:
parent
27c30ca063
commit
c7f8c20f8b
Notes:
sideshowbarker
2024-07-17 18:39:34 +09:00
3 changed files with 9 additions and 1 deletions
|
@ -60,4 +60,11 @@ const DOM::Document* BrowsingContextContainer::content_document() const
|
|||
return document;
|
||||
}
|
||||
|
||||
DOM::Document const* BrowsingContextContainer::content_document_without_origin_check() const
|
||||
{
|
||||
if (!m_nested_browsing_context)
|
||||
return nullptr;
|
||||
return m_nested_browsing_context->active_document();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -19,6 +19,7 @@ public:
|
|||
const BrowsingContext* nested_browsing_context() const { return m_nested_browsing_context; }
|
||||
|
||||
const DOM::Document* content_document() const;
|
||||
DOM::Document const* content_document_without_origin_check() const;
|
||||
|
||||
virtual void inserted() override;
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ void FrameBox::paint(PaintContext& context, PaintPhase phase)
|
|||
ReplacedBox::paint(context, phase);
|
||||
|
||||
if (phase == PaintPhase::Foreground) {
|
||||
auto* hosted_document = dom_node().content_document();
|
||||
auto* hosted_document = dom_node().content_document_without_origin_check();
|
||||
if (!hosted_document)
|
||||
return;
|
||||
auto* hosted_layout_tree = hosted_document->layout_node();
|
||||
|
|
Loading…
Reference in a new issue