Reported by mailto:[email protected], Mar 24 2016
When a top-level navigation is triggered on a frame displaying the initial empty document, FrameLoader::load is invoked directly:
void LocalFrame::navigate(Document& originDocument, const KURL& url, bool replaceCurrentItem, UserGestureStatus userGestureStatus)
{
(...)
if (isMainFrame() && !m_loader.stateMachine()->committedFirstRealDocumentLoad()) {
FrameLoadRequest request(&originDocument, url);
request.resourceRequest().setHasUserGesture(userGestureStatus == UserGestureStatus::Active);
m_loader.load(request);
} else {
m_navigationScheduler->scheduleLocationChange(&originDocument, url.getString(), replaceCurrentItem);
}
}As a result, FrameNavigationDisabler will fail to prevent the navigation when the URL is loaded synchronously.
Chrome 49.0.2623.87 (Stable) Chrome 50.0.2661.49 (Beta) Chrome 51.0.2687.0 (Dev) Chromium 51.0.2690.0 + Pepper Flash (Release build compiled today)
Link: https://bugs.chromium.org/p/chromium/issues/detail?id=597532