Fix crash in bug 6315.

BUG=6315 Review URL: http://codereview.chromium.org/18672 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@8679 0039d316-1c4b-4281-b951-d872f2087c98
author: kuchhal@chromium.org <kuchhal@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2009-01-26 23:29:16 +0000
committer: kuchhal@chromium.org <kuchhal@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2009-01-26 23:29:16 +0000
commit: f920128bcd600ed0183e1db2f7e34a9426b80706 (patch)
tree: bb004c8cbce12a54f116608c7c25eb0d35c4e192 /webkit
parent: 34b098f274e55fe9e948a627668f745410ea9d5d (diff)
download: chromium_src-f920128bcd600ed0183e1db2f7e34a9426b80706.zip
chromium_src-f920128bcd600ed0183e1db2f7e34a9426b80706.tar.gz
chromium_src-f920128bcd600ed0183e1db2f7e34a9426b80706.tar.bz2
2 files changed, 7 insertions, 4 deletions
diff --git a/webkit/glue/webframe_impl.cc b/webkit/glue/webframe_impl.cc
index e263a16..ad862c3 100644
--- a/webkit/glue/webframe_impl.cc
+++ b/webkit/glue/webframe_impl.cc
@@ -1656,9 +1656,10 @@ PassRefPtr<Frame> WebFrameImpl::CreateChildFrame(
     }
   }
 
-  child_frame->loader()->loadURL(
-      new_url, request.resourceRequest().httpReferrer(), request.frameName(),
-      child_load_type, 0, 0);
+  child_frame->loader()->loadURL(new_url,
+                                 request.resourceRequest().httpReferrer(),
+                                 child_frame->tree()->name(),
+                                 child_load_type, 0, 0);
 
   // A synchronous navigation (about:blank) would have already processed
   // onload, so it is possible for the frame to have already been destroyed by
diff --git a/webkit/glue/webframeloaderclient_impl.cc b/webkit/glue/webframeloaderclient_impl.cc
index cf14096..2bdb9d8 100644
--- a/webkit/glue/webframeloaderclient_impl.cc
+++ b/webkit/glue/webframeloaderclient_impl.cc
@@ -914,7 +914,9 @@ void WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction(
   WebViewDelegate* d = wv->delegate();
   // It is valid for this function to be invoked in code paths where the
   // the webview is closed.
-  if (d) {
+  // The NULL check here is to fix a crash that seems strange
+  // (see - https://bugs.webkit.org/show_bug.cgi?id=23554).
+  if (d && !request.url().isNull()) {
     WindowOpenDisposition disposition = CURRENT_TAB;
     ActionSpecifiesDisposition(action, &disposition);
author	kuchhal@chromium.org <kuchhal@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-01-26 23:29:16 +0000
committer	kuchhal@chromium.org <kuchhal@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2009-01-26 23:29:16 +0000
commit	f920128bcd600ed0183e1db2f7e34a9426b80706 (patch)
tree	bb004c8cbce12a54f116608c7c25eb0d35c4e192 /webkit
parent	34b098f274e55fe9e948a627668f745410ea9d5d (diff)
download	chromium_src-f920128bcd600ed0183e1db2f7e34a9426b80706.zip chromium_src-f920128bcd600ed0183e1db2f7e34a9426b80706.tar.gz chromium_src-f920128bcd600ed0183e1db2f7e34a9426b80706.tar.bz2