tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE
commit 19d1b3d2a3c0731e2e5eb467512e73655c479a25
parent b6acd9bb9e714c02cf7fec8c68f44053eb301bd0
Author: Adam Vandolder <avandolder@mozilla.com>
Date:   Tue, 14 Oct 2025 14:21:10 +0000

Bug 1966674 - Part 5: Stop sharing the Navigation API State among session history infos. r=dom-core,jjaschke

Differential Revision: https://phabricator.services.mozilla.com/D268076

Diffstat:

Mdocshell/shistory/SessionHistoryEntry.cpp | 25+++++++++++--------------


Mdocshell/shistory/SessionHistoryEntry.h | 1+


Mdocshell/shistory/nsSHEntryShared.cpp | 1-


Mdocshell/shistory/nsSHEntryShared.h | 2--


4 files changed, 12 insertions(+), 17 deletions(-)

diff --git a/docshell/shistory/SessionHistoryEntry.cpp b/docshell/shistory/SessionHistoryEntry.cpp
@@ -165,6 +165,7 @@ void SessionHistoryInfo::Reset(nsIURI* aURI, const nsID& aDocShellID,
   mTransient = false;
   mHasUserInteraction = false;
   mHasUserActivation = false;
+  mNavigationState = nullptr;
 
   mSharedState.Get()->mTriggeringPrincipal = aTriggeringPrincipal;
   mSharedState.Get()->mPrincipalToInherit = aPrincipalToInherit;
@@ -253,12 +254,12 @@ bool SessionHistoryInfo::IsSubFrame() const {
 }
 
 nsStructuredCloneContainer* SessionHistoryInfo::GetNavigationState() const {
-  return mSharedState.Get()->mNavigationState.get();
+  return mNavigationState.get();
 }
 
 void SessionHistoryInfo::SetNavigationState(
     nsStructuredCloneContainer* aState) {
-  mSharedState.Get()->mNavigationState = aState;
+  mNavigationState = aState;
 }
 
 void SessionHistoryInfo::SetSaveLayoutStateFlag(bool aSaveLayoutStateFlag) {
@@ -1583,14 +1584,12 @@ void IPDLParamTraits<dom::SessionHistoryInfo>::Write(
   }
 
   Maybe<std::tuple<uint32_t, dom::ClonedMessageData>> navigationState;
-  if (aParam.mSharedState.Get()->mNavigationState) {
+  if (aParam.mNavigationState) {
     navigationState.emplace();
-    NS_ENSURE_SUCCESS_VOID(
-        aParam.mSharedState.Get()->mNavigationState->GetFormatVersion(
-            &std::get<0>(*navigationState)));
-    NS_ENSURE_TRUE_VOID(
-        aParam.mSharedState.Get()->mNavigationState->BuildClonedMessageData(
-            std::get<1>(*navigationState)));
+    NS_ENSURE_SUCCESS_VOID(aParam.mNavigationState->GetFormatVersion(
+        &std::get<0>(*navigationState)));
+    NS_ENSURE_TRUE_VOID(aParam.mNavigationState->BuildClonedMessageData(
+        std::get<1>(*navigationState)));
   }
 
   WriteIPDLParam(aWriter, aActor, aParam.mURI);
@@ -1759,13 +1758,11 @@ bool IPDLParamTraits<dom::SessionHistoryInfo>::Read(
 
   if (navigationState.isSome()) {
     uint32_t version = std::get<0>(*navigationState);
-    aResult->mSharedState.Get()->mNavigationState =
-        new nsStructuredCloneContainer(version);
-    aResult->mSharedState.Get()->mNavigationState->StealFromClonedMessageData(
+    aResult->mNavigationState = new nsStructuredCloneContainer(version);
+    aResult->mNavigationState->StealFromClonedMessageData(
         std::get<1>(*navigationState));
   }
-  MOZ_ASSERT_IF(navigationState.isNothing(),
-                !aResult->mSharedState.Get()->mNavigationState);
+  MOZ_ASSERT_IF(navigationState.isNothing(), !aResult->mNavigationState);
 
   return true;
 }
diff --git a/docshell/shistory/SessionHistoryEntry.h b/docshell/shistory/SessionHistoryEntry.h
@@ -198,6 +198,7 @@ class SessionHistoryInfo {
   // Fields needed for NavigationHistoryEntry.
   nsID mNavigationKey = nsID::GenerateUUID();
   nsID mNavigationId = nsID::GenerateUUID();
+  RefPtr<nsStructuredCloneContainer> mNavigationState;
 
   bool mLoadReplace = false;
   bool mURIWasModified = false;
diff --git a/docshell/shistory/nsSHEntryShared.cpp b/docshell/shistory/nsSHEntryShared.cpp
@@ -110,7 +110,6 @@ void SHEntrySharedParentState::CopyFrom(SHEntrySharedParentState* aEntry) {
   mDynamicallyCreated = aEntry->mDynamicallyCreated;
   mCacheKey = aEntry->mCacheKey;
   mLastTouched = aEntry->mLastTouched;
-  mNavigationState = aEntry->mNavigationState;
 }
 
 void dom::SHEntrySharedParentState::NotifyListenersDocumentViewerEvicted() {
diff --git a/docshell/shistory/nsSHEntryShared.h b/docshell/shistory/nsSHEntryShared.h
@@ -85,8 +85,6 @@ struct SHEntrySharedState {
   bool mIsFrameNavigation = false;
   bool mSaveLayoutState = true;
 
-  RefPtr<nsStructuredCloneContainer> mNavigationState;
-
  protected:
   static uint64_t GenerateId();
 };