- Revision
- 278900
- Author
- alanc...@apple.com
- Date
- 2021-06-15 14:49:24 -0700 (Tue, 15 Jun 2021)
Log Message
Cherry-pick r278318. rdar://problem/79355222
REGRESSION (iOS 14.5): Can't go back and render previous page properly after "location.href"
https://bugs.webkit.org/show_bug.cgi?id=226323
<rdar://problem/78623536>
Reviewed by Alex Christensen.
Source/WebKit:
A while back, we did an optimization to allow several WebPage objects associated with the
same WebPageProxy to live in the same WebProcess. This allowed us to reuse a process from
a SuspendedPageProxy for a forward navigation, without destroying the SuspendedPageProxy.
However, this added quite a bit of complexity and this broke some same-process back/forward
navigations like in this bug. In particular, it is really hard to get do our history
management right (with the current model) if there is more than more WebPage in a process
for the same WebPageProxy.
To address issues, we go back to the older model with one WebPage per WebProcess for a
given WebPageProxy. To achieve this, we make sure to destroy of SuspendedPageProxy objects
for the current page and destination process before we process-swap (like we used to do).
* UIProcess/WebBackForwardCache.cpp:
(WebKit::WebBackForwardCache::removeEntriesForPageAndProcess):
* UIProcess/WebBackForwardCache.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::receivedNavigationPolicyDecision):
Tools:
New API test written by Alex Christensen to cover this case.
* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278318 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-611-branch/Source/WebKit/ChangeLog (278899 => 278900)
--- branches/safari-611-branch/Source/WebKit/ChangeLog 2021-06-15 21:49:19 UTC (rev 278899)
+++ branches/safari-611-branch/Source/WebKit/ChangeLog 2021-06-15 21:49:24 UTC (rev 278900)
@@ -1,3 +1,68 @@
+2021-06-15 Alan Coon <alanc...@apple.com>
+
+ Cherry-pick r278318. rdar://problem/79355222
+
+ REGRESSION (iOS 14.5): Can't go back and render previous page properly after "location.href"
+ https://bugs.webkit.org/show_bug.cgi?id=226323
+ <rdar://problem/78623536>
+
+ Reviewed by Alex Christensen.
+
+ Source/WebKit:
+
+ A while back, we did an optimization to allow several WebPage objects associated with the
+ same WebPageProxy to live in the same WebProcess. This allowed us to reuse a process from
+ a SuspendedPageProxy for a forward navigation, without destroying the SuspendedPageProxy.
+ However, this added quite a bit of complexity and this broke some same-process back/forward
+ navigations like in this bug. In particular, it is really hard to get do our history
+ management right (with the current model) if there is more than more WebPage in a process
+ for the same WebPageProxy.
+
+ To address issues, we go back to the older model with one WebPage per WebProcess for a
+ given WebPageProxy. To achieve this, we make sure to destroy of SuspendedPageProxy objects
+ for the current page and destination process before we process-swap (like we used to do).
+
+ * UIProcess/WebBackForwardCache.cpp:
+ (WebKit::WebBackForwardCache::removeEntriesForPageAndProcess):
+ * UIProcess/WebBackForwardCache.h:
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
+
+ Tools:
+
+ New API test written by Alex Christensen to cover this case.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278318 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-06-01 Chris Dumez <cdu...@apple.com>
+
+ REGRESSION (iOS 14.5): Can't go back and render previous page properly after "location.href"
+ https://bugs.webkit.org/show_bug.cgi?id=226323
+ <rdar://problem/78623536>
+
+ Reviewed by Alex Christensen.
+
+ A while back, we did an optimization to allow several WebPage objects associated with the
+ same WebPageProxy to live in the same WebProcess. This allowed us to reuse a process from
+ a SuspendedPageProxy for a forward navigation, without destroying the SuspendedPageProxy.
+ However, this added quite a bit of complexity and this broke some same-process back/forward
+ navigations like in this bug. In particular, it is really hard to get do our history
+ management right (with the current model) if there is more than more WebPage in a process
+ for the same WebPageProxy.
+
+ To address issues, we go back to the older model with one WebPage per WebProcess for a
+ given WebPageProxy. To achieve this, we make sure to destroy of SuspendedPageProxy objects
+ for the current page and destination process before we process-swap (like we used to do).
+
+ * UIProcess/WebBackForwardCache.cpp:
+ (WebKit::WebBackForwardCache::removeEntriesForPageAndProcess):
+ * UIProcess/WebBackForwardCache.h:
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
+
2021-06-14 Russell Epstein <repst...@apple.com>
Apply patch. rdar://problem/77619702
Modified: branches/safari-611-branch/Source/WebKit/UIProcess/WebBackForwardCache.cpp (278899 => 278900)
--- branches/safari-611-branch/Source/WebKit/UIProcess/WebBackForwardCache.cpp 2021-06-15 21:49:19 UTC (rev 278899)
+++ branches/safari-611-branch/Source/WebKit/UIProcess/WebBackForwardCache.cpp 2021-06-15 21:49:24 UTC (rev 278900)
@@ -145,6 +145,14 @@
});
}
+void WebBackForwardCache::removeEntriesForPageAndProcess(WebPageProxy& page, WebProcessProxy& process)
+{
+ removeEntriesMatching([pageID = page.identifier(), processIdentifier = process.coreProcessIdentifier()](auto& item) {
+ ASSERT(item.backForwardCacheEntry());
+ return item.pageID() == pageID && item.backForwardCacheEntry()->processIdentifier() == processIdentifier;
+ });
+}
+
void WebBackForwardCache::removeEntriesMatching(const Function<bool(WebBackForwardListItem&)>& matches)
{
Vector<Ref<WebBackForwardListItem>> itemsWithEntriesToClear;
Modified: branches/safari-611-branch/Source/WebKit/UIProcess/WebBackForwardCache.h (278899 => 278900)
--- branches/safari-611-branch/Source/WebKit/UIProcess/WebBackForwardCache.h 2021-06-15 21:49:19 UTC (rev 278899)
+++ branches/safari-611-branch/Source/WebKit/UIProcess/WebBackForwardCache.h 2021-06-15 21:49:24 UTC (rev 278900)
@@ -53,6 +53,7 @@
void pruneToSize(unsigned);
void removeEntriesForProcess(WebProcessProxy&);
void removeEntriesForPage(WebPageProxy&);
+ void removeEntriesForPageAndProcess(WebPageProxy&, WebProcessProxy&);
void removeEntriesForSession(PAL::SessionID);
void addEntry(WebBackForwardListItem&, std::unique_ptr<SuspendedPageProxy>&&);
Modified: branches/safari-611-branch/Source/WebKit/UIProcess/WebPageProxy.cpp (278899 => 278900)
--- branches/safari-611-branch/Source/WebKit/UIProcess/WebPageProxy.cpp 2021-06-15 21:49:19 UTC (rev 278899)
+++ branches/safari-611-branch/Source/WebKit/UIProcess/WebPageProxy.cpp 2021-06-15 21:49:24 UTC (rev 278900)
@@ -3240,6 +3240,13 @@
ASSERT(!destinationSuspendedPage || navigation->targetItem());
auto suspendedPage = destinationSuspendedPage ? backForwardCache().takeSuspendedPage(*navigation->targetItem()) : nullptr;
+
+ // It is difficult to get history right if we have several WebPage objects inside a single WebProcess for the same WebPageProxy. As a result, if we make sure to
+ // clear any SuspendedPageProxy for the current page that are backed by the destination process before we proceed with the navigation. This makes sure the WebPage
+ // we are about to create in the destination process will be the only one associated with this WebPageProxy.
+ if (!destinationSuspendedPage)
+ backForwardCache().removeEntriesForPageAndProcess(*this, processForNavigation);
+
ASSERT(suspendedPage.get() == destinationSuspendedPage);
if (suspendedPage && suspendedPage->pageIsClosedOrClosing())
suspendedPage = nullptr;
Modified: branches/safari-611-branch/Tools/ChangeLog (278899 => 278900)
--- branches/safari-611-branch/Tools/ChangeLog 2021-06-15 21:49:19 UTC (rev 278899)
+++ branches/safari-611-branch/Tools/ChangeLog 2021-06-15 21:49:24 UTC (rev 278900)
@@ -1,3 +1,54 @@
+2021-06-15 Alan Coon <alanc...@apple.com>
+
+ Cherry-pick r278318. rdar://problem/79355222
+
+ REGRESSION (iOS 14.5): Can't go back and render previous page properly after "location.href"
+ https://bugs.webkit.org/show_bug.cgi?id=226323
+ <rdar://problem/78623536>
+
+ Reviewed by Alex Christensen.
+
+ Source/WebKit:
+
+ A while back, we did an optimization to allow several WebPage objects associated with the
+ same WebPageProxy to live in the same WebProcess. This allowed us to reuse a process from
+ a SuspendedPageProxy for a forward navigation, without destroying the SuspendedPageProxy.
+ However, this added quite a bit of complexity and this broke some same-process back/forward
+ navigations like in this bug. In particular, it is really hard to get do our history
+ management right (with the current model) if there is more than more WebPage in a process
+ for the same WebPageProxy.
+
+ To address issues, we go back to the older model with one WebPage per WebProcess for a
+ given WebPageProxy. To achieve this, we make sure to destroy of SuspendedPageProxy objects
+ for the current page and destination process before we process-swap (like we used to do).
+
+ * UIProcess/WebBackForwardCache.cpp:
+ (WebKit::WebBackForwardCache::removeEntriesForPageAndProcess):
+ * UIProcess/WebBackForwardCache.h:
+ * UIProcess/WebPageProxy.cpp:
+ (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
+
+ Tools:
+
+ New API test written by Alex Christensen to cover this case.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278318 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-06-01 Chris Dumez <cdu...@apple.com>
+
+ REGRESSION (iOS 14.5): Can't go back and render previous page properly after "location.href"
+ https://bugs.webkit.org/show_bug.cgi?id=226323
+ <rdar://problem/78623536>
+
+ Reviewed by Alex Christensen.
+
+ New API test written by Alex Christensen to cover this case.
+
+ * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
+
2021-05-06 Russell Epstein <repst...@apple.com>
Cherry-pick r276983. rdar://problem/77581150
Modified: branches/safari-611-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm (278899 => 278900)
--- branches/safari-611-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm 2021-06-15 21:49:19 UTC (rev 278899)
+++ branches/safari-611-branch/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm 2021-06-15 21:49:24 UTC (rev 278900)
@@ -3350,6 +3350,33 @@
EXPECT_EQ(2u, seenPIDs.size());
}
+TEST(ProcessSwap, NavigateBackAfterCrossOriginClientRedirect)
+{
+ auto processPoolConfiguration = psonProcessPoolConfiguration();
+ auto processPool = adoptNS([[WKProcessPool alloc] _initWithConfiguration:processPoolConfiguration.get()]);
+
+ auto webViewConfiguration = adoptNS([[WKWebViewConfiguration alloc] init]);
+ [webViewConfiguration setProcessPool:processPool.get()];
+ auto handler = adoptNS([[PSONScheme alloc] init]);
+ [handler addMappingFromURLString:@"pson://webkit.org/navigated_from" toData:"<a href=''>hello</a>"];
+ [handler addMappingFromURLString:@"pson://apple.com/" toData:"<script>window.location.href=''</script>redirecting..."];
+ [handler addMappingFromURLString:@"pson://webkit.org/redirected_to" toData:"<p>hello again</p>"];
+ [webViewConfiguration setURLSchemeHandler:handler.get() forURLScheme:@"PSON"];
+
+ auto webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:webViewConfiguration.get()]);
+
+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"pson://webkit.org/navigated_from"]]];
+ [webView _test_waitForDidFinishNavigation];
+
+ [webView evaluateJavaScript:@"document.querySelector('a').click()" completionHandler:nil];
+ [webView _test_waitForDidFinishNavigation];
+ [webView _test_waitForDidFinishNavigation];
+ EXPECT_WK_STREQ([webView objectByEvaluatingJavaScript:@"window.location.href"], "pson://webkit.org/redirected_to");
+ [webView goBack];
+ [webView _test_waitForDidFinishNavigation];
+ EXPECT_WK_STREQ([webView objectByEvaluatingJavaScript:@"window.location.href"], "pson://webkit.org/navigated_from");
+}
+
TEST(ProcessSwap, BackForwardCacheSkipBackForwardListItem)
{
auto processPoolConfiguration = psonProcessPoolConfiguration();
