chore: cherry-pick 8731bd8a30f6 from chromium #37657
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
[M110] Use optional SafeRef to save RenderFrameHost in NavigationRequest
This prevents use-after-free if NavigationRequests somehow still
points to an already-deleted RFH, which is currently possible (see bug).
Also converts usages of
render_frame_host_
to use theGetRenderFrameHost() function to ensure that they are all called after
the final RenderFrameHost is picked for the navigation.
(cherry picked from commit 7b75ae34df6d15acf4e5a45f12c9dca4ce7f2586)
Bug: 1416916
Change-Id: I45569e7bb1f160158dc3139fc9e49d7d6bb56738
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4278923
Reviewed-by: Hiroki Nakagawa nhiroki@chromium.org
Commit-Queue: Rakina Zata Amni rakina@chromium.org
Reviewed-by: Alex Moshchuk alexmos@chromium.org
Cr-Original-Commit-Position: refs/heads/main@{#1112656}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4308070
Reviewed-by: Charlie Reis creis@chromium.org
Commit-Queue: Alex Moshchuk alexmos@chromium.org
Cr-Commit-Position: refs/branch-heads/5481@{#1322}
Cr-Branched-From: 130f3e4d850f4bc7387cfb8d08aa993d288a67a9-refs/heads/main@{#1084008}
Notes: Security: backported fix for 1416916.