Frame flattening: Hit-testing an iframe could end up destroying the associated inline...
[WebKit-https.git] / Source / WebCore / rendering / RenderView.cpp
index eed495e..9d03c02 100644 (file)
 
 namespace WebCore {
 
+struct FrameFlatteningLayoutDisallower {
+    FrameFlatteningLayoutDisallower(FrameView& frameView)
+        : m_frameView(frameView)
+        , m_disallowLayout(frameView.frame().settings().frameFlatteningEnabled())
+    {
+        if (m_disallowLayout)
+            m_frameView.startDisallowingLayout();
+    }
+
+    ~FrameFlatteningLayoutDisallower()
+    {
+        if (m_disallowLayout)
+            m_frameView.endDisallowingLayout();
+    }
+
+private:
+    FrameView& m_frameView;
+    bool m_disallowLayout { false };
+};
+
 struct SelectionIterator {
     RenderObject* m_current;
     Vector<RenderMultiColumnSpannerPlaceholder*> m_spannerStack;
@@ -176,6 +196,8 @@ bool RenderView::hitTest(const HitTestRequest& request, const HitTestLocation& l
 {
     document().updateLayout();
 
+    FrameFlatteningLayoutDisallower disallower(frameView());
+
     if (layer()->hitTest(request, location, result))
         return true;