Fix GetInProcessScriptableTop usage in pointer lock code for OOP iframes
Categories
(Core :: DOM: Core & HTML, defect, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox82 | --- | fixed |
People
(Reporter: kmag, Assigned: edgar)
References
(Blocks 1 open bug)
Details
(Whiteboard: patch in review)
Attachments
(2 files, 1 obsolete file)
It's possible we have some other code that makes things work when OOP frames are involved, but I'm not sure.
Reporter | ||
Comment 1•4 years ago
|
||
(This also includes nsContentUtils::IsInPointerLockContext
I suppose)
Updated•4 years ago
|
Comment 2•4 years ago
|
||
Tracking "Figure out GetInProcessTop usage" bugs for Fission M6b.
Comment 3•4 years ago
•
|
||
Olli, can you do this audit and point it to someone else in DOM to fix?
Assignee | ||
Comment 4•4 years ago
|
||
I will take a look at this.
Assignee | ||
Comment 5•4 years ago
|
||
There are two GetInProcessScriptableTop usages for pointer lock, both of them doesn't work when OOP frames are involved,
-
https://searchfox.org/mozilla-central/rev/73a14f1b367948faa571ed2fe5d7eb29460787c1/dom/base/Document.cpp#14303 is to check if toplevel document is active, this now doesn't work as expected on fission.
- Other than that, https://searchfox.org/mozilla-central/rev/73a14f1b367948faa571ed2fe5d7eb29460787c1/dom/base/Document.cpp#14275 is also incorrect, it could possible that pointer lock is requested by an OOP iframe, checking
EventStateManager::sPointerLockedElement
won't work.
- Other than that, https://searchfox.org/mozilla-central/rev/73a14f1b367948faa571ed2fe5d7eb29460787c1/dom/base/Document.cpp#14275 is also incorrect, it could possible that pointer lock is requested by an OOP iframe, checking
-
https://searchfox.org/mozilla-central/rev/73a14f1b367948faa571ed2fe5d7eb29460787c1/dom/base/nsContentUtils.cpp#6620-6621 is to check if pointer lock is requested under certain toplevel document,
EventStateManager::sPointerLockedDoc
won't point to the right thing if the lock is requested by an OOP iframe.
Assignee | ||
Updated•4 years ago
|
Assignee | ||
Comment 6•4 years ago
|
||
by replacing the usage of GetInProcessScriptableTop with {Browsing/Window}Context
Assignee | ||
Updated•4 years ago
|
Pushed by echen@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/0ff509769a96 Make GetPointerLockError Fission compatible; r=smaug
Comment 8•4 years ago
|
||
bugherder |
Updated•4 years ago
|
Assignee | ||
Comment 9•4 years ago
|
||
Unfortunately, this change makes content process and chrome process doesn't go
through the same code path because nsFocusManager handles their state
separately on purpose.
Assignee | ||
Comment 10•4 years ago
|
||
After working on bug 1662587 and understand focus handling a bit more, I think we don't need to wait for bug 1662587, could fix this bug separately.
Assignee | ||
Comment 11•4 years ago
|
||
Comment 12•4 years ago
|
||
Comment on attachment 9175877 [details]
Bug 1646493 - Tests;
Revision D90313 was moved to bug 1662587. Setting attachment 9175877 [details] to obsolete.
Updated•4 years ago
|
Assignee | ||
Updated•4 years ago
|
Comment 13•4 years ago
|
||
Pushed by echen@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/90e073a9c89d Make pointer auto-unlocking for active top-level document changes fission compatible; r=hsivonen
Comment 14•4 years ago
|
||
bugherder |
Description
•