Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: de0ea2ba7c3a7ac888fab3e1b94716e649294599
https://github.com/WebKit/WebKit/commit/de0ea2ba7c3a7ac888fab3e1b94716e649294599
Author: Michael[tm] Smith <[email protected]>
Date: 2026-03-12 (Thu, 12 Mar 2026)
Changed paths:
A
LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-ancestor-origins-inactive-document.sub-expected.txt
A
LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-ancestor-origins-inactive-document.sub.html
A
LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-ancestor-origins-new-object-expected.txt
A
LayoutTests/imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-ancestor-origins-new-object.html
M Source/WebCore/bindings/js/JSLocationCustom.cpp
M Source/WebCore/dom/DOMStringList.h
M Source/WebCore/dom/DOMStringList.idl
M Source/WebCore/page/Location.cpp
M Source/WebCore/page/Location.h
M Source/WebCore/page/Location.idl
Log Message:
-----------
Make location.ancestorOrigins not return stale origins after iframe removal
https://bugs.webkit.org/show_bug.cgi?id=305922
Reviewed by Ryosuke Niwa.
This change addresses https://github.com/whatwg/html/pull/12071 by
removing [SameObject, CachedAttribute] from the ancestorOrigins WebIDL
and caching the DOMStringList on a member variable instead.
When the document is active, the cached list is returned. When it
becomes inactive (frame() returns null), the cached list is replaced
with an empty one — giving a new JS identity, per spec.
To keep the DOMStringList JS wrapper alive across GC (preserving identity),
this uses the “Reachable from Opaque Roots” mechanism: JSLocation’s
visitAdditionalChildren adds the cached DOMStringList as an opaque root,
and [GenerateIsReachable=Impl] on DOMStringList checks for it.
Test:
imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-ancestor-origins-inactive-document.sub.html
imported/w3c/web-platform-tests/html/browsers/history/the-location-interface/location-ancestor-origins-new-object.html
* Source/WebCore/bindings/js/JSLocationCustom.cpp:
(WebCore::JSLocation::visitAdditionalChildren):
* Source/WebCore/dom/DOMStringList.h:
(WebCore::root):
* Source/WebCore/dom/DOMStringList.idl:
* Source/WebCore/page/Location.cpp:
(WebCore::Location::ancestorOrigins):
* Source/WebCore/page/Location.h:
* Source/WebCore/page/Location.idl:
Canonical link: https://commits.webkit.org/309126@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
