Closed
Bug 1727431
Opened 3 years ago
Closed 3 years ago
Replace GetCrossDocParentFrame in nsIFrame::GetOffsetToCrossDoc with GetCrossDocParentFrameInProcess
Categories
(Core :: Layout, task)
Core
Layout
Tracking
()
People
(Reporter: hiro, Assigned: hiro)
References
Details
(Whiteboard: fission-soft-blocker)
Attachments
(1 file)
No description provided.
Assignee | ||
Updated•3 years ago
|
Summary: eplace GetCrossDocParentFrame in nsIFrame::GetOffsetToCrossDoc with GetCrossDocParentFrameInProcess → Replace GetCrossDocParentFrame in nsIFrame::GetOffsetToCrossDoc with GetCrossDocParentFrameInProcess
Assignee | ||
Comment 1•3 years ago
|
||
GetOffsetToCrossDoc takes a valid non null pointer of nsIFrame, so it will not
walk up the frame tree across process boundaries.
If the call site needed the offset up to a frame in a different process, which
means the function call used for obtaining the nsIFrame needs to be audited such
as bug 1727229, which is for auditing GetReferenceFrame call sites
(GetOffsetToCrossDoc is often used with GetReferenceFrame, something like
GetOffsetToCrossDoc(GetReferenceFrame())
.
FWIW, I did skim all GetOffsetToCrossDoc call sites [1], all look okay to me,
they are in auto scrolling, event handling, display list building, in the parent
process (i.e. XUL), etc. etc. Those features have been addressed in Fission.
Assignee | ||
Updated•3 years ago
|
Severity: -- → S3
Updated•3 years ago
|
Fission Milestone: --- → MVP
status-firefox91:
--- → disabled
status-firefox92:
--- → wontfix
status-firefox93:
--- → affected
status-firefox-esr78:
--- → disabled
status-firefox-esr91:
--- → disabled
Whiteboard: fission-soft-blocker
Comment 2•3 years ago
|
||
bugherder |
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 93 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•