2011-02-04 Charlie Reis <creis@chromium.org>
Reviewed by Mihai Parparita.
Crash in WebCore::HistoryController::itemsAreClones
https://bugs.webkit.org/show_bug.cgi?id=52819
Tests that navigating back and forward between hash items works.
* fast/history/history-back-forward-within-subframe-hash.html: Added.
* fast/history/history-back-forward-within-subframe-hash-expected.txt: Added.
2011-02-04 Charlie Reis <creis@chromium.org>
Reviewed by Mihai Parparita.
Crash in WebCore::HistoryController::itemsAreClones
https://bugs.webkit.org/show_bug.cgi?id=52819
Avoids deleting the current HistoryItem while it is still in use.
Ensures that provisional items are committed for same document navigations.
Ensures that error pages are committed on back/forward navigations.
Also removes unneeded sanity checks used for diagnosing the problem.
* loader/HistoryController.cpp:
* loader/HistoryController.h:
2011-02-04 Charlie Reis <creis@chromium.org>
Reviewed by Mihai Parparita.
Crash in WebCore::HistoryController::itemsAreClones
https://bugs.webkit.org/show_bug.cgi?id=52819
Removes unneeded sanity checks used for diagnosing a memory error.
* src/WebFrameImpl.cpp:
git-svn-id: svn://svn.chromium.org/blink/trunk@77705 bbb929c8-8fbe-4397-9dbb-9b2b20218538
The Vulnerability History Project