https://bugs.webkit.org/show_bug.cgi?id=171376
<rdar://problem/
31863296>
Reviewed by Chris Dumez.
Source/WebCore:
For some reasons, we fire search events immediately for search type input elements with incremental
attribute set only when the length of the input equals to zero. This behaviour should be prevented
as event listeners in the middle might perform unexpectedly.
Test: fast/forms/search/search-incremental-crash.html
* html/SearchInputType.cpp:
(WebCore::SearchInputType::startSearchEventTimer):
LayoutTests:
* fast/forms/search/search-incremental-crash-expected.txt: Added.
* fast/forms/search/search-incremental-crash.html: Added.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@216443
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2017-05-04 Jiewen Tan <jiewen_tan@apple.com>
+
+ Search events should not fire synchronously for search type input elements with incremental attribute set
+ https://bugs.webkit.org/show_bug.cgi?id=171376
+ <rdar://problem/31863296>
+
+ Reviewed by Chris Dumez.
+
+ * fast/forms/search/search-incremental-crash-expected.txt: Added.
+ * fast/forms/search/search-incremental-crash.html: Added.
+
2017-05-08 Zalan Bujtas <zalan@apple.com>
Text overlaps on http://www.duden.de/rechtschreibung/Acre
--- /dev/null
+ Test passes if WebKit doesn't crash.
--- /dev/null
+<!DOCTYPE html>
+<html>
+<head>
+<script>
+ if (window.testRunner)
+ testRunner.dumpAsText();
+
+ var runcount = 0;
+ function go() {
+ runcount++;
+ if (runcount > 2)
+ return;
+
+ i.type = "foo";
+ i.select();
+ i.type = "search";
+
+ document.onsearch = document.body.onload;
+
+ document.execCommand("insertHTML", false, "");
+ }
+</script>
+</head>
+<body onload=go()>
+<input id="i" type="checkbox" incremental="incremental">
+Test passes if WebKit doesn't crash.
+</body>
+</html>
\ No newline at end of file
+2017-05-04 Jiewen Tan <jiewen_tan@apple.com>
+
+ Search events should not fire synchronously for search type input elements with incremental attribute set
+ https://bugs.webkit.org/show_bug.cgi?id=171376
+ <rdar://problem/31863296>
+
+ Reviewed by Chris Dumez.
+
+ For some reasons, we fire search events immediately for search type input elements with incremental
+ attribute set only when the length of the input equals to zero. This behaviour should be prevented
+ as event listeners in the middle might perform unexpectedly.
+
+ Test: fast/forms/search/search-incremental-crash.html
+
+ * html/SearchInputType.cpp:
+ (WebCore::SearchInputType::startSearchEventTimer):
+
2017-05-08 Zalan Bujtas <zalan@apple.com>
Text overlaps on http://www.duden.de/rechtschreibung/Acre
unsigned length = element().innerTextValue().length();
if (!length) {
- stopSearchEventTimer();
- element().onSearch();
+ m_searchEventTimer.startOneShot(0_ms);
return;
}
git://git.webkit.org / WebKit-https.git / commitdiff