[webkit-changes] [280863] branches/safari-611.3.10.0-branch/Source

Tue, 10 Aug 2021 14:29:25 -0700

Title: [280863] branches/safari-611.3.10.0-branch/Source

Diff

Modified: branches/safari-611.3.10.0-branch/Source/WebCore/ChangeLog (280862 => 280863)


--- branches/safari-611.3.10.0-branch/Source/WebCore/ChangeLog	2021-08-10 21:24:46 UTC (rev 280862)
+++ branches/safari-611.3.10.0-branch/Source/WebCore/ChangeLog	2021-08-10 21:28:35 UTC (rev 280863)
@@ -1,3 +1,72 @@
+2021-08-10  Russell Epstein  <repst...@apple.com>
+
+        Apply patch. rdar://problem/79924198
+
+    2021-08-10  Russell Epstein  <repst...@apple.com>
+
+            Deploy smart pointers in EventHandler and UserInputBridge
+            https://bugs.webkit.org/show_bug.cgi?id=227481
+
+            Reviewed by Wenson Hsieh and Chris Dumez..
+
+            * page/EventHandler.cpp:
+            (WebCore::EventHandler::selectClosestWordFromHitTestResult):
+            (WebCore::EventHandler::selectClosestContextualWordFromMouseEvent):
+            (WebCore::EventHandler::selectClosestContextualWordOrLinkFromMouseEvent):
+            (WebCore::EventHandler::handleMousePressEventTripleClick):
+            (WebCore::EventHandler::handleMousePressEventSingleClick):
+            (WebCore::EventHandler::selectionExtentRespectingEditingBoundary):
+            (WebCore::EventHandler::handleMouseDraggedEvent):
+            (WebCore::EventHandler::eventMayStartDrag const):
+            (WebCore::EventHandler::updateSelectionForMouseDrag):
+            (WebCore::EventHandler::handleMouseReleaseEvent):
+            (WebCore::EventHandler::hitTestResultAtPoint const):
+            (WebCore::EventHandler::scrollOverflow):
+            (WebCore::EventHandler::logicalScrollOverflow):
+            (WebCore::EventHandler::scrollRecursively):
+            (WebCore::EventHandler::logicalScrollRecursively):
+            (WebCore::EventHandler::updateCursor):
+            (WebCore::EventHandler::selectCursor):
+            (WebCore::EventHandler::handleMousePressEvent):
+            (WebCore::EventHandler::handleMouseMoveEvent):
+            (WebCore::contentFrameForNode):
+            (WebCore::EventHandler::updateDragAndDrop):
+            (WebCore::EventHandler::cancelDragAndDrop):
+            (WebCore::EventHandler::performDragAndDrop):
+            (WebCore::hierarchyHasCapturingEventListeners):
+            (WebCore::EventHandler::updateMouseEventTargetNode):
+            (WebCore::EventHandler::notifyScrollableAreasOfMouseEvents):
+            (WebCore::EventHandler::dispatchMouseEvent):
+            (WebCore::EventHandler::isInsideScrollbar const):
+            (WebCore::EventHandler::handleWheelEvent):
+            (WebCore::EventHandler::handleWheelEventInternal):
+            (WebCore::EventHandler::sendContextMenuEvent):
+            (WebCore::EventHandler::sendContextMenuEventForKey):
+            (WebCore::EventHandler::fakeMouseMoveEventTimerFired):
+            (WebCore::EventHandler::hoverTimerFired):
+            (WebCore::EventHandler::handleAccessKey):
+            (WebCore::EventHandler::isKeyEventAllowedInFullScreen const):
+            (WebCore::EventHandler::keyEvent):
+            (WebCore::EventHandler::internalKeyEvent):
+            (WebCore::setInitialKeyboardSelection):
+            (WebCore::removeDraggedContentDocumentMarkersFromAllFramesInPage):
+            (WebCore::EventHandler::handleTouchEvent):
+            (WebCore::EventHandler::passWheelEventToWidget):
+            (WebCore::targetIsFrame): Deleted.
+            * replay/UserInputBridge.cpp:
+            (WebCore::UserInputBridge::handleMousePressEvent):
+            (WebCore::UserInputBridge::handleMouseReleaseEvent):
+            (WebCore::UserInputBridge::handleMouseMoveEvent):
+            (WebCore::UserInputBridge::handleMouseMoveOnScrollbarEvent):
+            (WebCore::UserInputBridge::handleMouseForceEvent):
+            (WebCore::UserInputBridge::handleKeyEvent):
+            (WebCore::UserInputBridge::handleAccessKeyEvent):
+            (WebCore::UserInputBridge::handleWheelEvent):
+            (WebCore::UserInputBridge::scrollRecursively):
+            (WebCore::UserInputBridge::logicalScrollRecursively):
+            (WebCore::UserInputBridge::loadRequest):
+            (WebCore::UserInputBridge::tryClosePage):
+
 2021-07-02  Ruben Turcios  <rubent...@apple.com>
 
         Cherry-pick r278964. rdar://problem/79474157

Modified: branches/safari-611.3.10.0-branch/Source/WebCore/page/EventHandler.cpp (280862 => 280863)


--- branches/safari-611.3.10.0-branch/Source/WebCore/page/EventHandler.cpp	2021-08-10 21:24:46 UTC (rev 280862)
+++ branches/safari-611.3.10.0-branch/Source/WebCore/page/EventHandler.cpp	2021-08-10 21:28:35 UTC (rev 280863)
@@ -480,7 +480,7 @@
 
 void EventHandler::selectClosestWordFromHitTestResult(const HitTestResult& result, AppendTrailingWhitespace appendTrailingWhitespace)
 {
-    Node* targetNode = result.targetNode();
+    RefPtr targetNode = result.targetNode();
     VisibleSelection newSelection;
 
     if (targetNode && targetNode->renderer()) {
@@ -493,7 +493,7 @@
         if (appendTrailingWhitespace == ShouldAppendTrailingWhitespace && newSelection.isRange())
             newSelection.appendTrailingWhitespace();
 
-        updateSelectionForMouseDownDispatchingSelectStart(targetNode, expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::WordGranularity);
+        updateSelectionForMouseDownDispatchingSelectStart(targetNode.get(), expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::WordGranularity);
     }
 }
 
@@ -517,7 +517,7 @@
     
 void EventHandler::selectClosestContextualWordFromMouseEvent(const MouseEventWithHitTestResults& mouseEvent)
 {
-    Node* targetNode = mouseEvent.targetNode();
+    RefPtr targetNode = mouseEvent.targetNode();
     const HitTestResult& result = mouseEvent.hitTestResult();
     VisibleSelection newSelection;
     bool appendTrailingWhitespace = shouldAppendTrailingWhitespace(mouseEvent, m_frame);
@@ -535,15 +535,15 @@
         if (appendTrailingWhitespace == ShouldAppendTrailingWhitespace && newSelection.isRange())
             newSelection.appendTrailingWhitespace();
         
-        updateSelectionForMouseDownDispatchingSelectStart(targetNode, expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::WordGranularity);
+        updateSelectionForMouseDownDispatchingSelectStart(targetNode.get(), expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::WordGranularity);
     }
 }
     
 void EventHandler::selectClosestContextualWordOrLinkFromMouseEvent(const MouseEventWithHitTestResults& result)
 {
-    Element* urlElement = result.hitTestResult().URLElement();
+    RefPtr urlElement = result.hitTestResult().URLElement();
     if (!urlElement || !isDraggableLink(*urlElement)) {
-        if (Node* targetNode = result.targetNode()) {
+        if (RefPtr targetNode = result.targetNode()) {
             if (isEditableNode(*targetNode))
                 return selectClosestWordFromMouseEvent(result);
         }
@@ -551,15 +551,15 @@
         return selectClosestContextualWordFromMouseEvent(result);
     }
 
-    Node* targetNode = result.targetNode();
+    RefPtr targetNode = result.targetNode();
 
     if (targetNode && targetNode->renderer() && mouseDownMayStartSelect()) {
         VisibleSelection newSelection;
         VisiblePosition pos(targetNode->renderer()->positionForPoint(result.localPoint(), nullptr));
         if (pos.isNotNull() && pos.deepEquivalent().deprecatedNode()->isDescendantOf(*urlElement))
-            newSelection = VisibleSelection::selectionFromContentsOfNode(urlElement);
+            newSelection = VisibleSelection::selectionFromContentsOfNode(urlElement.get());
 
-        updateSelectionForMouseDownDispatchingSelectStart(targetNode, expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::WordGranularity);
+        updateSelectionForMouseDownDispatchingSelectStart(targetNode.get(), expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::WordGranularity);
     }
 }
 
@@ -586,7 +586,7 @@
     if (event.event().button() != LeftButton)
         return false;
     
-    Node* targetNode = event.targetNode();
+    RefPtr targetNode = event.targetNode();
     if (!(targetNode && targetNode->renderer() && mouseDownMayStartSelect()))
         return false;
 
@@ -597,7 +597,7 @@
         newSelection.expandUsingGranularity(TextGranularity::ParagraphGranularity);
     }
 
-    return updateSelectionForMouseDownDispatchingSelectStart(targetNode, expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::ParagraphGranularity);
+    return updateSelectionForMouseDownDispatchingSelectStart(targetNode.get(), expandSelectionToRespectSelectOnMouseDown(*targetNode, newSelection), TextGranularity::ParagraphGranularity);
 }
 
 static uint64_t textDistance(const Position& start, const Position& end)
@@ -613,7 +613,7 @@
     Ref<Frame> protectedFrame(m_frame);
 
     m_frame.document()->updateLayoutIgnorePendingStylesheets();
-    Node* targetNode = event.targetNode();
+    RefPtr targetNode = event.targetNode();
     if (!targetNode || !targetNode->renderer() || !mouseDownMayStartSelect() || m_mouseDownDelegatedFocus)
         return false;
 
@@ -632,7 +632,7 @@
 
     VisiblePosition visiblePosition(targetNode->renderer()->positionForPoint(event.localPoint(), nullptr));
     if (visiblePosition.isNull())
-        visiblePosition = VisiblePosition(firstPositionInOrBeforeNode(targetNode));
+        visiblePosition = VisiblePosition(firstPositionInOrBeforeNode(targetNode.get()));
     Position pos = visiblePosition.deepEquivalent();
 
     VisibleSelection newSelection = m_frame.selection().selection();
@@ -677,7 +677,7 @@
         newSelection = expandSelectionToRespectSelectOnMouseDown(*targetNode, visiblePosition);
     }
 
-    bool handled = updateSelectionForMouseDownDispatchingSelectStart(targetNode, newSelection, granularity);
+    bool handled = updateSelectionForMouseDownDispatchingSelectStart(targetNode.get(), newSelection, granularity);
 
     if (event.event().button() == MiddleButton) {
         // Ignore handled, since we want to paste to where the caret was placed anyway.
@@ -796,11 +796,12 @@
 VisiblePosition EventHandler::selectionExtentRespectingEditingBoundary(const VisibleSelection& selection, const LayoutPoint& localPoint, Node* targetNode)
 {
     FloatPoint selectionEndPoint = localPoint;
-    Element* editableElement = selection.rootEditableElement();
+    RefPtr editableElement = selection.rootEditableElement();
 
     if (!targetNode || !targetNode->renderer())
         return VisiblePosition();
 
+    RefPtr adjustedTarget = targetNode;
     if (editableElement && !editableElement->contains(targetNode)) {
         if (!editableElement->renderer())
             return VisiblePosition();
@@ -807,10 +808,10 @@
 
         FloatPoint absolutePoint = targetNode->renderer()->localToAbsolute(FloatPoint(selectionEndPoint));
         selectionEndPoint = editableElement->renderer()->absoluteToLocal(absolutePoint);
-        targetNode = editableElement;
+        adjustedTarget = editableElement;
     }
 
-    return targetNode->renderer()->positionForPoint(LayoutPoint(selectionEndPoint), nullptr);
+    return adjustedTarget->renderer()->positionForPoint(LayoutPoint(selectionEndPoint), nullptr);
 }
 
 #if ENABLE(DRAG_SUPPORT)
@@ -839,13 +840,13 @@
     if (handleDrag(event, checkDragHysteresis))
         return true;
 
-    Node* targetNode = event.targetNode();
+    RefPtr targetNode = event.targetNode();
     if (event.event().button() != LeftButton || !targetNode)
         return false;
 
     RenderObject* renderer = targetNode->renderer();
     if (!renderer) {
-        Element* parent = targetNode->parentOrShadowHostElement();
+        RefPtr parent = targetNode->parentOrShadowHostElement();
         if (!parent)
             return false;
 
@@ -902,8 +903,8 @@
     HitTestResult result(view->windowToContents(event.position()));
     document->hitTest(hitType, result);
     DragState state;
-    Element* targetElement = result.targetElement();
-    return targetElement && page->dragController().draggableElement(&m_frame, targetElement, result.roundedPointInInnerNodeFrame(), state);
+    RefPtr targetElement = result.targetElement();
+    return targetElement && page->dragController().draggableElement(&m_frame, targetElement.get(), result.roundedPointInInnerNodeFrame(), state);
 }
 
 void EventHandler::updateSelectionForMouseDrag()
@@ -932,11 +933,11 @@
     if (!mouseDownMayStartSelect())
         return;
 
-    Node* target = hitTestResult.targetNode();
+    RefPtr target = hitTestResult.targetNode();
     if (!target)
         return;
 
-    VisiblePosition targetPosition = selectionExtentRespectingEditingBoundary(m_frame.selection().selection(), hitTestResult.localPoint(), target);
+    VisiblePosition targetPosition = selectionExtentRespectingEditingBoundary(m_frame.selection().selection(), hitTestResult.localPoint(), target.get());
 
     // Don't modify the selection if we're not on a node.
     if (targetPosition.isNull())
@@ -948,7 +949,7 @@
 
     // Special case to limit selection to the containing block for SVG text.
     // FIXME: Isn't there a better non-SVG-specific way to do this?
-    if (Node* selectionBaseNode = newSelection.base().deprecatedNode()) {
+    if (RefPtr selectionBaseNode = newSelection.base().deprecatedNode()) {
         if (RenderObject* selectionBaseRenderer = selectionBaseNode->renderer()) {
             if (selectionBaseRenderer->isSVGText()) {
                 if (target->renderer()->containingBlock() != selectionBaseRenderer->containingBlock())
@@ -958,7 +959,7 @@
     }
 
 
-    if (m_selectionInitiationState == HaveNotStartedSelection && !dispatchSelectStart(target)) {
+    if (m_selectionInitiationState == HaveNotStartedSelection && !dispatchSelectStart(target.get())) {
         m_mouseDownMayStartSelect = false;
         return;
     }
@@ -970,20 +971,20 @@
     }
 
 #if ENABLE(USERSELECT_ALL)
-    Node* rootUserSelectAllForMousePressNode = Position::rootUserSelectAllForNode(m_mousePressNode.get());
-    if (rootUserSelectAllForMousePressNode && rootUserSelectAllForMousePressNode == Position::rootUserSelectAllForNode(target)) {
-        newSelection.setBase(positionBeforeNode(rootUserSelectAllForMousePressNode).upstream(CanCrossEditingBoundary));
-        newSelection.setExtent(positionAfterNode(rootUserSelectAllForMousePressNode).downstream(CanCrossEditingBoundary));
+    RefPtr rootUserSelectAllForMousePressNode = Position::rootUserSelectAllForNode(m_mousePressNode.get());
+    if (rootUserSelectAllForMousePressNode && rootUserSelectAllForMousePressNode == Position::rootUserSelectAllForNode(target.get())) {
+        newSelection.setBase(positionBeforeNode(rootUserSelectAllForMousePressNode.get()).upstream(CanCrossEditingBoundary));
+        newSelection.setExtent(positionAfterNode(rootUserSelectAllForMousePressNode.get()).downstream(CanCrossEditingBoundary));
     } else {
         // Reset base for user select all when base is inside user-select-all area and extent < base.
         if (rootUserSelectAllForMousePressNode && target->renderer()->positionForPoint(hitTestResult.localPoint(), nullptr) < m_mousePressNode->renderer()->positionForPoint(m_dragStartPosition, nullptr))
-            newSelection.setBase(positionAfterNode(rootUserSelectAllForMousePressNode).downstream(CanCrossEditingBoundary));
+            newSelection.setBase(positionAfterNode(rootUserSelectAllForMousePressNode.get()).downstream(CanCrossEditingBoundary));
         
-        Node* rootUserSelectAllForTarget = Position::rootUserSelectAllForNode(target);
+        RefPtr rootUserSelectAllForTarget = Position::rootUserSelectAllForNode(target.get());
         if (rootUserSelectAllForTarget && m_mousePressNode->renderer() && target->renderer()->positionForPoint(hitTestResult.localPoint(), nullptr) < m_mousePressNode->renderer()->positionForPoint(m_dragStartPosition, nullptr))
-            newSelection.setExtent(positionBeforeNode(rootUserSelectAllForTarget).upstream(CanCrossEditingBoundary));
+            newSelection.setExtent(positionBeforeNode(rootUserSelectAllForTarget.get()).upstream(CanCrossEditingBoundary));
         else if (rootUserSelectAllForTarget && m_mousePressNode->renderer())
-            newSelection.setExtent(positionAfterNode(rootUserSelectAllForTarget).downstream(CanCrossEditingBoundary));
+            newSelection.setExtent(positionAfterNode(rootUserSelectAllForTarget.get()).downstream(CanCrossEditingBoundary));
         else
             newSelection.setExtent(targetPosition);
     }
@@ -1051,7 +1052,7 @@
             && m_frame.selection().isRange()
             && event.event().button() != RightButton) {
         VisibleSelection newSelection;
-        Node* node = event.targetNode();
+        RefPtr node = event.targetNode();
         bool caretBrowsing = m_frame.settings().caretBrowsingEnabled();
         bool allowSelectionChanges = true;
         if (node && node->renderer() && (caretBrowsing || node->hasEditableStyle())) {
@@ -1148,12 +1149,10 @@
     // We always send hitTestResultAtPoint to the main frame if we have one,
     // otherwise we might hit areas that are obscured by higher frames.
     if (!m_frame.isMainFrame()) {
-        Frame& mainFrame = m_frame.mainFrame();
-        FrameView* frameView = m_frame.view();
-        FrameView* mainView = mainFrame.view();
-        if (frameView && mainView) {
+        Ref mainFrame = m_frame.mainFrame();
+        if (RefPtr frameView = m_frame.view(), mainView = mainFrame->view(); frameView && mainView) {
             IntPoint mainFramePoint = mainView->rootViewToContents(frameView->contentsToRootView(roundedIntPoint(point)));
-            return mainFrame.eventHandler().hitTestResultAtPoint(mainFramePoint, hitType, padding);
+            return mainFrame->eventHandler().hitTestResultAtPoint(mainFramePoint, hitType, padding);
         }
     }
 
@@ -1161,11 +1160,11 @@
     unsigned nonNegativePaddingHeight = std::max<LayoutUnit>(0, padding.height()).toUnsigned();
 
     // We should always start hit testing a clean tree.
-    if (auto* frameView = m_frame.view())
+    if (RefPtr frameView = m_frame.view())
         frameView->updateLayoutAndStyleIfNeededRecursive();
 
     HitTestResult result(point, nonNegativePaddingHeight, nonNegativePaddingWidth, nonNegativePaddingHeight, nonNegativePaddingWidth);
-    auto* document = m_frame.document();
+    RefPtr document = m_frame.document();
     if (!document)
         return result;
 
@@ -1187,7 +1186,7 @@
 
 bool EventHandler::scrollOverflow(ScrollDirection direction, ScrollGranularity granularity, Node* startingNode)
 {
-    Node* node = startingNode;
+    RefPtr node = startingNode;
 
     if (!node)
         node = m_frame.document()->focusedElement();
@@ -1208,7 +1207,7 @@
 
 bool EventHandler::logicalScrollOverflow(ScrollLogicalDirection direction, ScrollGranularity granularity, Node* startingNode)
 {
-    Node* node = startingNode;
+    RefPtr node = startingNode;
 
     if (!node)
         node = m_frame.document()->focusedElement();
@@ -1236,8 +1235,8 @@
     m_frame.document()->updateLayoutIgnorePendingStylesheets();
     if (scrollOverflow(direction, granularity, startingNode))
         return true;    
-    Frame* frame = &m_frame;
-    FrameView* view = frame->view();
+    RefPtr frame = &m_frame;
+    RefPtr view = frame->view();
     if (view && view->scroll(direction, granularity))
         return true;
     frame = frame->tree().parent();
@@ -1255,8 +1254,8 @@
     m_frame.document()->updateLayoutIgnorePendingStylesheets();
     if (logicalScrollOverflow(direction, granularity, startingNode))
         return true;    
-    Frame* frame = &m_frame;
-    FrameView* view = frame->view();
+    RefPtr frame = &m_frame;
+    RefPtr view = frame->view();
     
     bool scrolled = false;
 #if PLATFORM(COCOA)
@@ -1365,11 +1364,11 @@
             return;
     }
 
-    FrameView* view = m_frame.view();
+    RefPtr view = m_frame.view();
     if (!view)
         return;
 
-    auto* document = m_frame.document();
+    RefPtr document = m_frame.document();
     if (!document)
         return;
 
@@ -1420,7 +1419,7 @@
         return pointerCursor();
     }
 
-    Node* node = result.targetNode();
+    RefPtr node = result.targetNode();
     if (!node)
         return WTF::nullopt;
 
@@ -1497,7 +1496,7 @@
     case CursorType::Auto: {
         bool editable = node->hasEditableStyle();
 
-        if (useHandCursor(node, result.isOverLink(), shiftKey))
+        if (useHandCursor(node.get(), result.isOverLink(), shiftKey))
             return handCursor();
 
         bool inResizer = false;
@@ -1727,7 +1726,7 @@
 #if ENABLE(PAN_SCROLLING)
     // We store whether pan scrolling is in progress before calling stopAutoscrollTimer()
     // because it will set m_autoscrollType to NoAutoscroll on return.
-    bool isPanScrollInProgress = m_frame.mainFrame().eventHandler().panScrollInProgress();
+    bool isPanScrollInProgress = Ref(m_frame.mainFrame())->eventHandler().panScrollInProgress();
     stopAutoscrollTimer();
     if (isPanScrollInProgress) {
         // We invalidate the click when exiting pan scrolling so that we don't inadvertently navigate
@@ -1996,7 +1995,7 @@
     }
 
     if (!newSubframe || mouseEvent.scrollbar()) {
-        if (auto* view = m_frame.view())
+        if (RefPtr view = m_frame.view())
             updateCursor(*view, mouseEvent.hitTestResult(), platformMouseEvent.shiftKey());
     }
 
@@ -2259,13 +2258,12 @@
     return dragState().source.get();
 }
 
-static bool targetIsFrame(Node* target, Frame*& frame)
+static std::pair<bool, RefPtr<Frame>> contentFrameForNode(Node* target)
 {
     if (!is<HTMLFrameElementBase>(target))
-        return false;
+        return { false, nullptr };
 
-    frame = downcast<HTMLFrameElementBase>(*target).contentFrame();
-    return true;
+    return { true, downcast<HTMLFrameElementBase>(*target).contentFrame() };
 }
 
 static Optional<DragOperation> convertDropZoneOperationToDragOperation(const String& dragOperation)
@@ -2351,12 +2349,12 @@
     MouseEventWithHitTestResults mouseEvent = prepareMouseEvent(hitType, event);
 
     RefPtr<Element> newTarget;
-    if (Node* targetNode = mouseEvent.targetNode()) {
+    if (RefPtr targetNode = mouseEvent.targetNode()) {
         // Drag events should never go to non-element nodes (following IE, and proper mouseover/out dispatch)
         if (!is<Element>(*targetNode))
             newTarget = targetNode->parentOrShadowHostElement();
         else
-            newTarget = downcast<Element>(targetNode);
+            newTarget = static_pointer_cast<Element>(WTFMove(targetNode));
     }
 
     m_autoscrollController->updateDragAndDrop(newTarget.get(), event.position(), event.timestamp());
@@ -2368,8 +2366,7 @@
         // LayoutTests/fast/events/drag-in-frames.html.
         //
         // Moreover, this ordering conforms to section 7.9.4 of the HTML 5 spec. <http://dev.w3.org/html5/spec/Overview.html#drag-and-drop-processing-model>.
-        Frame* targetFrame;
-        if (targetIsFrame(newTarget.get(), targetFrame)) {
+        if (auto [isFrameOwner, targetFrame] = contentFrameForNode(newTarget.get()); isFrameOwner) {
             if (targetFrame)
                 response = targetFrame->eventHandler().updateDragAndDrop(event, makePasteboard, sourceOperationMask, draggingFiles);
         } else if (newTarget) {
@@ -2378,7 +2375,7 @@
             response = dispatchDragEnterOrDragOverEvent(eventNames().dragenterEvent, *newTarget, event, makePasteboard(), sourceOperationMask, draggingFiles);
         }
 
-        if (targetIsFrame(m_dragTarget.get(), targetFrame)) {
+        if (auto [isFrameOwner, targetFrame] = contentFrameForNode(m_dragTarget.get()); isFrameOwner) {
             // FIXME: Recursing again here doesn't make sense if the newTarget and m_dragTarget were in the same frame.
             if (targetFrame)
                 response = targetFrame->eventHandler().updateDragAndDrop(event, makePasteboard, sourceOperationMask, draggingFiles);
@@ -2394,8 +2391,7 @@
             m_shouldOnlyFireDragOverEvent = true;
         }
     } else {
-        Frame* targetFrame;
-        if (targetIsFrame(newTarget.get(), targetFrame)) {
+        if (auto [isFrameOwner, targetFrame] = contentFrameForNode(newTarget.get()); isFrameOwner) {
             if (targetFrame)
                 response = targetFrame->eventHandler().updateDragAndDrop(event, makePasteboard, sourceOperationMask, draggingFiles);
         } else if (newTarget) {
@@ -2414,8 +2410,7 @@
 {
     Ref<Frame> protectedFrame(m_frame);
 
-    Frame* targetFrame;
-    if (targetIsFrame(m_dragTarget.get(), targetFrame)) {
+    if (auto [isFrameOwner, targetFrame] = contentFrameForNode(m_dragTarget.get()); isFrameOwner) {
         if (targetFrame)
             targetFrame->eventHandler().cancelDragAndDrop(event, WTFMove(pasteboard), sourceOperationMask, draggingFiles);
     } else if (m_dragTarget) {
@@ -2432,9 +2427,8 @@
 {
     Ref<Frame> protectedFrame(m_frame);
 
-    Frame* targetFrame;
     bool preventedDefault = false;
-    if (targetIsFrame(m_dragTarget.get(), targetFrame)) {
+    if (auto [isFrameOwner, targetFrame] = contentFrameForNode(m_dragTarget.get()); isFrameOwner) {
         if (targetFrame)
             preventedDefault = targetFrame->eventHandler().performDragAndDrop(event, WTFMove(pasteboard), sourceOperationMask, draggingFiles);
     } else if (m_dragTarget) {
@@ -2486,7 +2480,7 @@
 
 static bool hierarchyHasCapturingEventListeners(Element* element, const AtomString& pointerEventName, const AtomString& compatibilityMouseEventName)
 {
-    for (ContainerNode* curr = element; curr; curr = curr->parentInComposedTree()) {
+    for (RefPtr<ContainerNode> curr = element; curr; curr = curr->parentInComposedTree()) {
         if (curr->hasCapturingEventListeners(pointerEventName) || curr->hasCapturingEventListeners(compatibilityMouseEventName))
             return true;
     }
@@ -2496,7 +2490,7 @@
 void EventHandler::updateMouseEventTargetNode(const AtomString& eventType, Node* targetNode, const PlatformMouseEvent& platformMouseEvent, FireMouseOverOut fireMouseOverOut)
 {
     Ref<Frame> protectedFrame(m_frame);
-    Element* targetElement = nullptr;
+    RefPtr<Element> targetElement;
     
     // If we're capturing, we always go right to that element.
     if (m_capturingMouseEventsElement)
@@ -2574,7 +2568,8 @@
 
 void EventHandler::notifyScrollableAreasOfMouseEvents(const AtomString& eventType, Element* lastElementUnderMouse, Element* elementUnderMouse)
 {
-    auto* frameView = m_frame.view();
+    Ref protectedFrame = m_frame;
+    RefPtr frameView = m_frame.view();
     if (!frameView)
         return;
 
@@ -2651,7 +2646,7 @@
     m_mouseDownDelegatedFocus = false;
 
     // If clicking on a frame scrollbar, do not make any change to which element is focused.
-    auto* view = m_frame.view();
+    RefPtr view = m_frame.view();
     if (view && view->scrollbarAtPoint(platformMouseEvent.position()))
         return true;
 
@@ -2666,7 +2661,7 @@
     // Walk up the DOM tree to search for an element to focus.
     RefPtr<Element> element;
     for (element = m_elementUnderMouse.get(); element; element = element->parentElementInComposedTree()) {
-        if (auto* shadowRoot = element->shadowRoot()) {
+        if (RefPtr shadowRoot = element->shadowRoot()) {
             if (shadowRoot->delegatesFocus()) {
                 element = findFirstMouseFocusableElementInComposedTree(*element);
                 m_mouseDownDelegatedFocus = true;
@@ -2705,7 +2700,7 @@
 
 bool EventHandler::isInsideScrollbar(const IntPoint& windowPoint) const
 {
-    if (auto* document = m_frame.document()) {
+    if (RefPtr document = m_frame.document()) {
         HitTestResult result { windowPoint };
         document->hitTest(OptionSet<HitTestRequest::RequestType> { HitTestRequest::ReadOnly, HitTestRequest::DisallowUserAgentShadowContent }, result);
         return result.scrollbar();
@@ -2826,6 +2821,7 @@
 
 bool EventHandler::handleWheelEvent(const PlatformWheelEvent& wheelEvent, OptionSet<WheelEventProcessingSteps> processingSteps)
 {
+    Ref protectedFrame = m_frame;
 #if ENABLE(KINETIC_SCROLLING)
     if (wheelEvent.isGestureStart())
         m_wheelScrollGestureState = WTF::nullopt;
@@ -2840,14 +2836,13 @@
 
 bool EventHandler::handleWheelEventInternal(const PlatformWheelEvent& event, OptionSet<WheelEventProcessingSteps> processingSteps, OptionSet<EventHandling>& handling)
 {
-    auto* document = m_frame.document();
+    RefPtr document = m_frame.document();
     if (!document)
         return false;
 
     Ref<Frame> protectedFrame(m_frame);
-    RefPtr<FrameView> protector(m_frame.view());
 
-    FrameView* view = m_frame.view();
+    RefPtr view = m_frame.view();
     if (!view)
         return false;
 
@@ -3106,8 +3101,8 @@
 {
     Ref<Frame> protectedFrame(m_frame);
 
-    Document* doc = m_frame.document();
-    FrameView* view = m_frame.view();
+    RefPtr doc = m_frame.document();
+    RefPtr view = m_frame.view();
     if (!view)
         return false;
 
@@ -3144,11 +3139,11 @@
 {
     Ref<Frame> protectedFrame(m_frame);
 
-    FrameView* view = m_frame.view();
+    RefPtr view = m_frame.view();
     if (!view)
         return false;
 
-    Document* doc = m_frame.document();
+    RefPtr doc = m_frame.document();
     if (!doc)
         return false;
 
@@ -3164,7 +3159,7 @@
 #endif
     IntPoint location;
 
-    Element* focusedElement = doc->focusedElement();
+    RefPtr focusedElement = doc->focusedElement();
     const VisibleSelection& selection = m_frame.selection().selection();
     Position start = selection.start();
 
@@ -3193,13 +3188,13 @@
     IntPoint position = view->contentsToRootView(location);
     IntPoint globalPosition = view->hostWindow()->rootViewToScreen(IntRect(position, IntSize())).location();
 
-    Node* targetNode = doc->focusedElement();
+    RefPtr<Node> targetNode = doc->focusedElement();
     if (!targetNode)
         targetNode = doc;
 
     // Use the focused node as the target for hover and active.
     HitTestResult result(position);
-    result.setInnerNode(targetNode);
+    result.setInnerNode(targetNode.get());
     doc->updateHoverActiveState(OptionSet<HitTestRequest::RequestType> { HitTestRequest::Active, HitTestRequest::DisallowUserAgentShadowContent }, result.targetElement());
 
     // The contextmenu event is a mouse event even when invoked using the keyboard.
@@ -3289,8 +3284,8 @@
 {
     ASSERT(!m_mousePressed);
 
-    FrameView* view = m_frame.view();
-    if (!view)
+    Ref protectedFrame = m_frame;
+    if (!m_frame.view())
         return;
 
     if (!m_frame.page() || !m_frame.page()->isVisible() || !m_frame.page()->focusController().isActive())
@@ -3325,8 +3320,8 @@
 
     Ref<Frame> protectedFrame(m_frame);
 
-    if (auto* document = m_frame.document()) {
-        if (FrameView* view = m_frame.view()) {
+    if (RefPtr document = m_frame.document()) {
+        if (RefPtr view = m_frame.view()) {
             HitTestResult result(view->windowToContents(m_lastKnownMousePosition));
             constexpr OptionSet<HitTestRequest::RequestType> hitType { HitTestRequest::Move, HitTestRequest::DisallowUserAgentShadowContent };
             document->hitTest(hitType, result);
@@ -3337,6 +3332,7 @@
 
 bool EventHandler::handleAccessKey(const PlatformKeyboardEvent& event)
 {
+    Ref protectedFrame = m_frame;
     // FIXME: Ignoring the state of Shift key is what neither IE nor Firefox do.
     // IE matches lower and upper case access keys regardless of Shift key state - but if both upper and
     // lower case variants are present in a document, the correct element is matched based on Shift key state.
@@ -3362,7 +3358,7 @@
 #if ENABLE(FULLSCREEN_API)
 bool EventHandler::isKeyEventAllowedInFullScreen(const PlatformKeyboardEvent& keyEvent) const
 {
-    Document* document = m_frame.document();
+    RefPtr document = m_frame.document();
     if (document->fullscreenManager().isFullscreenKeyboardInputAllowed())
         return true;
 
@@ -3383,7 +3379,8 @@
 
 bool EventHandler::keyEvent(const PlatformKeyboardEvent& keyEvent)
 {
-    Document* topDocument = m_frame.document() ? &m_frame.document()->topDocument() : nullptr;
+    Ref protectedFrame = m_frame;
+    RefPtr topDocument = m_frame.document() ? &m_frame.document()->topDocument() : nullptr;
     MonotonicTime savedLastHandledUserGestureTimestamp;
     bool savedUserDidInteractWithPage = topDocument ? topDocument->userDidInteractWithPage() : false;
 
@@ -3450,7 +3447,7 @@
         capsLockStateMayHaveChanged();
 
 #if ENABLE(PAN_SCROLLING)
-    if (m_frame.mainFrame().eventHandler().panScrollInProgress()) {
+    if (Ref(m_frame.mainFrame())->eventHandler().panScrollInProgress()) {
         // If a key is pressed while the panScroll is in progress then we want to stop
         if (initialKeyEvent.type() == PlatformEvent::KeyDown || initialKeyEvent.type() == PlatformEvent::RawKeyDown)
             stopAutoscrollTimer();
@@ -3588,7 +3585,7 @@
 
 static void setInitialKeyboardSelection(Frame& frame, SelectionDirection direction)
 {
-    Document* document = frame.document();
+    RefPtr document = frame.document();
     if (!document)
         return;
 
@@ -3597,7 +3594,7 @@
     if (!selection.isNone())
         return;
 
-    Element* focusedElement = document->focusedElement();
+    RefPtr focusedElement = document->focusedElement();
     VisiblePosition visiblePosition;
 
     switch (direction) {
@@ -3604,16 +3601,16 @@
     case SelectionDirection::Backward:
     case SelectionDirection::Left:
         if (focusedElement)
-            visiblePosition = VisiblePosition(positionBeforeNode(focusedElement));
+            visiblePosition = VisiblePosition(positionBeforeNode(focusedElement.get()));
         else
-            visiblePosition = endOfDocument(document);
+            visiblePosition = endOfDocument(document.get());
         break;
     case SelectionDirection::Forward:
     case SelectionDirection::Right:
         if (focusedElement)
-            visiblePosition = VisiblePosition(positionAfterNode(focusedElement));
+            visiblePosition = VisiblePosition(positionAfterNode(focusedElement.get()));
         else
-            visiblePosition = startOfDocument(document);
+            visiblePosition = startOfDocument(document.get());
         break;
     }
 
@@ -3773,8 +3770,8 @@
 
 static void removeDraggedContentDocumentMarkersFromAllFramesInPage(Page& page)
 {
-    for (Frame* frame = &page.mainFrame(); frame; frame = frame->tree().traverseNext()) {
-        if (auto* document = frame->document())
+    for (RefPtr frame = &page.mainFrame(); frame; frame = frame->tree().traverseNext()) {
+        if (RefPtr document = frame->document())
             document->markers().removeMarkers(DocumentMarker::DraggedContent);
     }
 
@@ -4352,15 +4349,16 @@
             if (freshTouchEvents) {
                 result = hitTestResultAtPoint(pagePoint, hitType | HitTestRequest::AllowChildFrameContent);
                 m_originatingTouchPointTargetKey = touchPointTargetKey;
-            } else if (m_originatingTouchPointDocument.get() && m_originatingTouchPointDocument->frame()) {
-                LayoutPoint pagePointInOriginatingDocument = documentPointForWindowPoint(*m_originatingTouchPointDocument->frame(), point.pos());
-                result = hitTestResultInFrame(m_originatingTouchPointDocument->frame(), pagePointInOriginatingDocument, hitType);
+            } else if (m_originatingTouchPointDocument && m_originatingTouchPointDocument->frame()) {
+                Ref frame = *m_originatingTouchPointDocument->frame();
+                LayoutPoint pagePointInOriginatingDocument = documentPointForWindowPoint(frame.get(), point.pos());
+                result = hitTestResultInFrame(frame.ptr(), pagePointInOriginatingDocument, hitType);
                 if (!result.innerNode())
                     continue;
             } else
                 continue;
 
-            Element* element = result.targetElement();
+            RefPtr element = result.targetElement();
             ASSERT(element);
 
             if (element && InspectorInstrumentation::handleTouchEvent(m_frame, *element))
@@ -4395,7 +4393,7 @@
         auto& document = downcast<Node>(*touchTarget).document();
         if (!document.hasTouchEventHandlers())
             continue;
-        auto* targetFrame = document.frame();
+        RefPtr targetFrame = document.frame();
         if (!targetFrame)
             continue;
 
@@ -4409,7 +4407,7 @@
         int adjustedPageX = lroundf(pagePoint.x() / scaleFactor);
         int adjustedPageY = lroundf(pagePoint.y() / scaleFactor);
 
-        auto touch = Touch::create(targetFrame, touchTarget.get(), point.id(),
+        auto touch = Touch::create(targetFrame.get(), touchTarget.get(), point.id(),
             point.screenPos().x(), point.screenPos().y(), adjustedPageX, adjustedPageY,
             point.radiusX(), point.radiusY(), point.rotationAngle(), point.force());
 
@@ -4536,7 +4534,7 @@
     if (!is<FrameView>(widget))
         return false;
 
-    return downcast<FrameView>(widget).frame().eventHandler().handleWheelEvent(event, processingSteps);
+    return Ref(downcast<FrameView>(widget).frame())->eventHandler().handleWheelEvent(event, processingSteps);
 }
 
 bool EventHandler::tabsToAllFormControls(KeyboardEvent*) const

Modified: branches/safari-611.3.10.0-branch/Source/WebCore/replay/UserInputBridge.cpp (280862 => 280863)


--- branches/safari-611.3.10.0-branch/Source/WebCore/replay/UserInputBridge.cpp	2021-08-10 21:24:46 UTC (rev 280862)
+++ branches/safari-611.3.10.0-branch/Source/WebCore/replay/UserInputBridge.cpp	2021-08-10 21:28:35 UTC (rev 280863)
@@ -55,42 +55,42 @@
 
 bool UserInputBridge::handleMousePressEvent(const PlatformMouseEvent& mouseEvent, InputSource)
 {
-    return m_page.mainFrame().eventHandler().handleMousePressEvent(mouseEvent);
+    return Ref(m_page.mainFrame())->eventHandler().handleMousePressEvent(mouseEvent);
 }
 
 bool UserInputBridge::handleMouseReleaseEvent(const PlatformMouseEvent& mouseEvent, InputSource)
 {
-    return m_page.mainFrame().eventHandler().handleMouseReleaseEvent(mouseEvent);
+    return Ref(m_page.mainFrame())->eventHandler().handleMouseReleaseEvent(mouseEvent);
 }
 
 bool UserInputBridge::handleMouseMoveEvent(const PlatformMouseEvent& mouseEvent, InputSource)
 {
-    return m_page.mainFrame().eventHandler().mouseMoved(mouseEvent);
+    return Ref(m_page.mainFrame())->eventHandler().mouseMoved(mouseEvent);
 }
 
 bool UserInputBridge::handleMouseMoveOnScrollbarEvent(const PlatformMouseEvent& mouseEvent, InputSource)
 {
-    return m_page.mainFrame().eventHandler().passMouseMovedEventToScrollbars(mouseEvent);
+    return Ref(m_page.mainFrame())->eventHandler().passMouseMovedEventToScrollbars(mouseEvent);
 }
 
 bool UserInputBridge::handleMouseForceEvent(const PlatformMouseEvent& mouseEvent, InputSource)
 {
-    return m_page.mainFrame().eventHandler().handleMouseForceEvent(mouseEvent);
+    return Ref(m_page.mainFrame())->eventHandler().handleMouseForceEvent(mouseEvent);
 }
 
 bool UserInputBridge::handleKeyEvent(const PlatformKeyboardEvent& keyEvent, InputSource)
 {
-    return m_page.focusController().focusedOrMainFrame().eventHandler().keyEvent(keyEvent);
+    return Ref(m_page.focusController().focusedOrMainFrame())->eventHandler().keyEvent(keyEvent);
 }
 
 bool UserInputBridge::handleAccessKeyEvent(const PlatformKeyboardEvent& keyEvent, InputSource)
 {
-    return m_page.focusController().focusedOrMainFrame().eventHandler().handleAccessKey(keyEvent);
+    return Ref(m_page.focusController().focusedOrMainFrame())->eventHandler().handleAccessKey(keyEvent);
 }
 
 bool UserInputBridge::handleWheelEvent(const PlatformWheelEvent& wheelEvent, OptionSet<WheelEventProcessingSteps> processingSteps, InputSource)
 {
-    return m_page.mainFrame().eventHandler().handleWheelEvent(wheelEvent, processingSteps);
+    return Ref(m_page.mainFrame())->eventHandler().handleWheelEvent(wheelEvent, processingSteps);
 }
 
 void UserInputBridge::focusSetActive(bool active, InputSource)
@@ -105,12 +105,12 @@
 
 bool UserInputBridge::scrollRecursively(ScrollDirection direction, ScrollGranularity granularity, InputSource)
 {
-    return m_page.focusController().focusedOrMainFrame().eventHandler().scrollRecursively(direction, granularity, nullptr);
+    return Ref(m_page.focusController().focusedOrMainFrame())->eventHandler().scrollRecursively(direction, granularity, nullptr);
 }
 
 bool UserInputBridge::logicalScrollRecursively(ScrollLogicalDirection direction, ScrollGranularity granularity, InputSource)
 {
-    return m_page.focusController().focusedOrMainFrame().eventHandler().logicalScrollRecursively(direction, granularity, nullptr);
+    return Ref(m_page.focusController().focusedOrMainFrame())->eventHandler().logicalScrollRecursively(direction, granularity, nullptr);
 }
 
 void UserInputBridge::loadRequest(FrameLoadRequest&& request, InputSource)
@@ -118,7 +118,7 @@
 #if ENABLE(WEB_AUTHN)
     m_page.authenticatorCoordinator().resetUserGestureRequirement();
 #endif
-    m_page.mainFrame().loader().load(WTFMove(request));
+    Ref(m_page.mainFrame())->loader().load(WTFMove(request));
 }
 
 void UserInputBridge::reloadFrame(Frame& frame, OptionSet<ReloadOption> options, InputSource)
@@ -136,7 +136,7 @@
 
 bool UserInputBridge::tryClosePage(InputSource)
 {
-    return m_page.mainFrame().loader().shouldClose();
+    return Ref(m_page.mainFrame())->loader().shouldClose();
 }
 
 } // namespace WebCore

Modified: branches/safari-611.3.10.0-branch/Source/WebKit/ChangeLog (280862 => 280863)


--- branches/safari-611.3.10.0-branch/Source/WebKit/ChangeLog	2021-08-10 21:24:46 UTC (rev 280862)
+++ branches/safari-611.3.10.0-branch/Source/WebKit/ChangeLog	2021-08-10 21:28:35 UTC (rev 280863)
@@ -1,5 +1,20 @@
 2021-08-10  Russell Epstein  <repst...@apple.com>
 
+        Apply patch. rdar://problem/79924198
+
+    2021-08-10  Russell Epstein  <repst...@apple.com>
+
+            Deploy smart pointers in EventHandler and UserInputBridge
+            https://bugs.webkit.org/show_bug.cgi?id=227481
+
+            Reviewed by Wenson Hsieh and Chris Dumez.
+
+            * WebProcess/WebPage/WebPage.cpp:
+            (WebKit::WebPage::contextMenuAtPointInWindow):
+            (WebKit::handleContextMenuEvent):
+
+2021-08-10  Russell Epstein  <repst...@apple.com>
+
         Cherry-pick r279287. rdar://problem/80635807
 
     Explicitly invalidate WKFullScreenViewController after a video exits fullscreen

Modified: branches/safari-611.3.10.0-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp (280862 => 280863)


--- branches/safari-611.3.10.0-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp	2021-08-10 21:24:46 UTC (rev 280862)
+++ branches/safari-611.3.10.0-branch/Source/WebKit/WebProcess/WebPage/WebPage.cpp	2021-08-10 21:28:35 UTC (rev 280863)
@@ -2604,7 +2604,8 @@
     // Simulate a mouse click to generate the correct menu.
     PlatformMouseEvent mousePressEvent(point, point, RightButton, PlatformEvent::MousePressed, 1, false, false, false, false, WallTime::now(), WebCore::ForceAtClick, WebCore::NoTap);
     corePage()->userInputBridge().handleMousePressEvent(mousePressEvent);
-    bool handled = corePage()->userInputBridge().handleContextMenuEvent(mousePressEvent, corePage()->mainFrame());
+    Ref mainFrame = corePage()->mainFrame();
+    bool handled = corePage()->userInputBridge().handleContextMenuEvent(mousePressEvent, mainFrame);
     auto* menu = handled ? &contextMenu() : nullptr;
     PlatformMouseEvent mouseReleaseEvent(point, point, RightButton, PlatformEvent::MouseReleased, 1, false, false, false, false, WallTime::now(), WebCore::ForceAtClick, WebCore::NoTap);
     corePage()->userInputBridge().handleMouseReleaseEvent(mouseReleaseEvent);
@@ -2756,11 +2757,11 @@
     constexpr OptionSet<HitTestRequest::RequestType> hitType { HitTestRequest::ReadOnly, HitTestRequest::Active, HitTestRequest::DisallowUserAgentShadowContent,  HitTestRequest::AllowChildFrameContent };
     HitTestResult result = page->corePage()->mainFrame().eventHandler().hitTestResultAtPoint(point, hitType);
 
-    Frame* frame = &page->corePage()->mainFrame();
+    Ref frame = page->corePage()->mainFrame();
     if (result.innerNonSharedNode())
-        frame = result.innerNonSharedNode()->document().frame();
+        frame = *result.innerNonSharedNode()->document().frame();
 
-    bool handled = page->corePage()->userInputBridge().handleContextMenuEvent(platformMouseEvent, *frame);
+    bool handled = page->corePage()->userInputBridge().handleContextMenuEvent(platformMouseEvent, frame);
 #if ENABLE(CONTEXT_MENUS)
     if (handled)
         page->contextMenu().show();

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to