From d4004e30ba9a09f75a810d4734dd6be18616b5e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BCri=20Valdmann?= Date: Tue, 21 Apr 2020 17:15:24 +0200 Subject: Fix crash if createWindow returns this for AddNewContents For a QWebEnginePage subclass where createWindow returns the this-pointer, we get a crash in WebContentsDelegateQt::AddNewContents because AddNewContents expects the adapter to be adopted already, but QWebEnginePage delays adoption. Revert 3855015600 by getting rid of the delayed adoption code path. It's not needed anymore with the delayed initialization of the WebContentsAdapter. Revert 8a4091c210 by forcing adoption of the adapter even when it doesn't have contents. This no longer results in a crash since OpenURLFromTab ensures that the adapter is initialized before use. However, it does result in a behavior change since return-this now consistently overrides the adapter, so, e.g. navigation history is now always cleared whereas previously it was only cleared by the AddNewContents code path. Fixed with new approach in next patch. Fixes: QTBUG-80596 Change-Id: I4d2230c1bffcf2d77fa59ded9be51da49a820474 Reviewed-by: Kirill Burtsev --- src/webenginewidgets/api/qwebenginepage.cpp | 19 ------------------- src/webenginewidgets/api/qwebenginepage_p.h | 3 --- 2 files changed, 22 deletions(-) (limited to 'src/webenginewidgets') diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index b267c5dd1..6f0009183 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -358,25 +358,6 @@ void QWebEnginePagePrivate::adoptNewWindow(QSharedPointer ne if (!newPage) return; - if (newPage->d_func() == this) { - // If createWindow returns /this/ we must delay the adoption. - Q_ASSERT(q == newPage); - // WebContents might be null if we just opened a new page for navigation, in that case - // avoid referencing newWebContents so that it is deleted and WebContentsDelegateQt::OpenURLFromTab - // will fall back to navigating current page. - if (newWebContents->webContents()) { - QTimer::singleShot(0, q, [this, newPage, newWebContents, initialGeometry] () { - adoptNewWindowImpl(newPage, newWebContents, initialGeometry); - }); - } - } else { - adoptNewWindowImpl(newPage, newWebContents, initialGeometry); - } -} - -void QWebEnginePagePrivate::adoptNewWindowImpl(QWebEnginePage *newPage, - const QSharedPointer &newWebContents, const QRect &initialGeometry) -{ // Mark the new page as being in the process of being adopted, so that a second mouse move event // sent by newWebContents->initialize() gets filtered in RenderWidgetHostViewQt::forwardEvent. // The first mouse move event is being sent by q->createWindow(). This is necessary because diff --git a/src/webenginewidgets/api/qwebenginepage_p.h b/src/webenginewidgets/api/qwebenginepage_p.h index f37413b8e..ae845c530 100644 --- a/src/webenginewidgets/api/qwebenginepage_p.h +++ b/src/webenginewidgets/api/qwebenginepage_p.h @@ -113,9 +113,6 @@ public: void focusContainer() override; void unhandledKeyEvent(QKeyEvent *event) override; void adoptNewWindow(QSharedPointer newWebContents, WindowOpenDisposition disposition, bool userGesture, const QRect &initialGeometry, const QUrl &targetUrl) override; - void adoptNewWindowImpl(QWebEnginePage *newPage, - const QSharedPointer &newWebContents, - const QRect &initialGeometry); bool isBeingAdopted() override; void close() override; void windowCloseRejected() override; -- cgit v1.2.3