Ensure forced process swaps use the correct page_id and SiteInstance.

BUG=102408 TEST=See bug Review URL: http://codereview.chromium.org/8372036 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@108186 0039d316-1c4b-4281-b951-d872f2087c98
author: creis@chromium.org <creis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-11-01 22:33:39 +0000
committer: creis@chromium.org <creis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-11-01 22:33:39 +0000
commit: 1fbe509628d2f2bb64f68b9640d715a7410b465f (patch)
tree: 4c5af737f81d06da60c79bd9b16fa6e6cc736e0f /content
parent: b027e8a63f0e9f8108db54c8d95ac571089bd8a1 (diff)
download: chromium_src-1fbe509628d2f2bb64f68b9640d715a7410b465f.zip
chromium_src-1fbe509628d2f2bb64f68b9640d715a7410b465f.tar.gz
chromium_src-1fbe509628d2f2bb64f68b9640d715a7410b465f.tar.bz2
3 files changed, 30 insertions, 16 deletions
diff --git a/content/browser/tab_contents/render_view_host_manager.cc b/content/browser/tab_contents/render_view_host_manager.cc
index 2627862..adfa501 100644
--- a/content/browser/tab_contents/render_view_host_manager.cc
+++ b/content/browser/tab_contents/render_view_host_manager.cc
@@ -391,10 +391,17 @@ SiteInstance* RenderViewHostManager::GetSiteInstanceForEntry(
   // is part of an app that has been installed or uninstalled since the last
   // visit.
   if (entry.site_instance()) {
-    if (entry.site_instance()->HasWrongProcessForURL(dest_url))
-      return curr_instance->GetRelatedSiteInstance(dest_url);
-    else
-      return entry.site_instance();
+    if (entry.site_instance()->HasWrongProcessForURL(dest_url)) {
+      // If we need to swap to a different SiteInstance, the new one should have
+      // the same max_page_id as the current one so that it identifies new vs
+      // existing navigations correctly.  We also need to update the entry's
+      // SiteInstance, which we will do in TabContents::NavigateToEntry.
+      SiteInstance* new_instance =
+          curr_instance->GetRelatedSiteInstance(dest_url);
+      new_instance->UpdateMaxPageID(curr_instance->max_page_id());
+      return new_instance;
+    }
+    return entry.site_instance();
   }
 
   // (UGLY) HEURISTIC, process-per-site only:
diff --git a/content/browser/tab_contents/tab_contents.cc b/content/browser/tab_contents/tab_contents.cc
index e920f98..ecc89ff 100644
--- a/content/browser/tab_contents/tab_contents.cc
+++ b/content/browser/tab_contents/tab_contents.cc
@@ -571,27 +571,34 @@ TabContents* TabContents::OpenURL(const OpenURLParams& params) {
 
 bool TabContents::NavigateToPendingEntry(
     NavigationController::ReloadType reload_type) {
-  return NavigateToEntry(*controller_.pending_entry(), reload_type);
+  return NavigateToEntry(controller_.pending_entry(), reload_type);
 }
 
 bool TabContents::NavigateToEntry(
-    const NavigationEntry& entry,
+    NavigationEntry* entry,
     NavigationController::ReloadType reload_type) {
   // The renderer will reject IPC messages with URLs longer than
   // this limit, so don't attempt to navigate with a longer URL.
-  if (entry.url().spec().size() > content::kMaxURLChars)
+  if (entry->url().spec().size() > content::kMaxURLChars)
     return false;
 
-  RenderViewHost* dest_render_view_host = render_manager_.Navigate(entry);
+  RenderViewHost* dest_render_view_host = render_manager_.Navigate(*entry);
   if (!dest_render_view_host)
     return false;  // Unable to create the desired render view host.
 
+  // If we were forced to swap the entry's existing SiteInstance, we need to
+  // update it before the navigation begins so that we can find it when the
+  // navigation commits.
+  if (entry->site_instance() &&
+      entry->site_instance() != dest_render_view_host->site_instance())
+    entry->set_site_instance(dest_render_view_host->site_instance());
+
   // For security, we should never send non-Web-UI URLs to a Web UI renderer.
   // Double check that here.
   int enabled_bindings = dest_render_view_host->enabled_bindings();
   bool is_allowed_in_web_ui_renderer = content::GetContentClient()->
       browser()->GetWebUIFactory()->IsURLAcceptableForWebUI(browser_context(),
-                                                            entry.url());
+                                                            entry->url());
   CHECK(!(enabled_bindings & content::BINDINGS_POLICY_WEB_UI) ||
         is_allowed_in_web_ui_renderer);
 
@@ -600,7 +607,7 @@ bool TabContents::NavigateToEntry(
   if (devtools_manager) {  // NULL in unit tests.
     devtools_manager->OnNavigatingToPendingEntry(render_view_host(),
                                                  dest_render_view_host,
-                                                 entry.url());
+                                                 entry->url());
   }
 
   // Used for page load time metrics.
@@ -608,24 +615,24 @@ bool TabContents::NavigateToEntry(
 
   // Navigate in the desired RenderViewHost.
   ViewMsg_Navigate_Params navigate_params;
-  MakeNavigateParams(entry, controller_, delegate_, reload_type,
+  MakeNavigateParams(*entry, controller_, delegate_, reload_type,
                      &navigate_params);
   dest_render_view_host->Navigate(navigate_params);
 
-  if (entry.page_id() == -1) {
+  if (entry->page_id() == -1) {
     // HACK!!  This code suppresses javascript: URLs from being added to
     // session history, which is what we want to do for javascript: URLs that
     // do not generate content.  What we really need is a message from the
     // renderer telling us that a new page was not created.  The same message
     // could be used for mailto: URLs and the like.
-    if (entry.url().SchemeIs(chrome::kJavaScriptScheme))
+    if (entry->url().SchemeIs(chrome::kJavaScriptScheme))
       return false;
   }
 
   // Notify observers about navigation.
   FOR_EACH_OBSERVER(TabContentsObserver,
                     observers_,
-                    NavigateToPendingEntry(entry.url(), reload_type));
+                    NavigateToPendingEntry(entry->url(), reload_type));
 
   if (delegate_)
     delegate_->DidNavigateToPendingEntry(this);
@@ -1090,7 +1097,7 @@ void TabContents::OnGoToEntryAtOffset(int offset) {
         content::PageTransitionFromInt(
             entry->transition_type() |
             content::PAGE_TRANSITION_FORWARD_BACK));
-    NavigateToEntry(*entry, NavigationController::NO_RELOAD);
+    NavigateToEntry(entry, NavigationController::NO_RELOAD);
 
     // If the entry is being restored and doesn't have a SiteInstance yet, fill
     // it in now that we know. This allows us to find the entry when it commits.
diff --git a/content/browser/tab_contents/tab_contents.h b/content/browser/tab_contents/tab_contents.h
index 9c7d2b4..11c0a82 100644
--- a/content/browser/tab_contents/tab_contents.h
+++ b/content/browser/tab_contents/tab_contents.h
@@ -592,7 +592,7 @@ class CONTENT_EXPORT TabContents : public PageNavigator,
   // Causes the TabContents to navigate in the right renderer to |entry|, which
   // must be already part of the entries in the navigation controller.
   // This does not change the NavigationController state.
-  bool NavigateToEntry(const NavigationEntry& entry,
+  bool NavigateToEntry(NavigationEntry* entry,
                        NavigationController::ReloadType reload_type);
 
   // Sets the history for this tab_contents to |history_length| entries, and
author	creis@chromium.org <creis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-11-01 22:33:39 +0000
committer	creis@chromium.org <creis@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-11-01 22:33:39 +0000
commit	1fbe509628d2f2bb64f68b9640d715a7410b465f (patch)
tree	4c5af737f81d06da60c79bd9b16fa6e6cc736e0f /content
parent	b027e8a63f0e9f8108db54c8d95ac571089bd8a1 (diff)
download	chromium_src-1fbe509628d2f2bb64f68b9640d715a7410b465f.zip chromium_src-1fbe509628d2f2bb64f68b9640d715a7410b465f.tar.gz chromium_src-1fbe509628d2f2bb64f68b9640d715a7410b465f.tar.bz2