Avoid crashing on new window in cross-origin isolated content

The case seems to trigger if the opener is coop-coep-cross-origin-
isolated, the load is speculative, site-related and not (yet) similarly
isolated.

The latter might be a separate/underlying bug though

Change-Id: I9aacc1611ececc91425efe8a1c84ea941b575669
Fixes: QTBUG-92110
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>

1 files changed, 5 insertions, 4 deletions

diff --git a/chromium/content/browser/renderer_host/render_frame_host_manager.cc b/chromium/content/browser/renderer_host/render_frame_host_manager.cc
index af2a0a2e555..9d4f277db2b 100644
--- a/chromium/content/browser/renderer_host/render_frame_host_manager.cc
+++ b/chromium/content/browser/renderer_host/render_frame_host_manager.cc
@@ -151,10 +151,14 @@ bool IsSiteInstanceCompatibleWithCoopCoepCrossOriginIsolation(
     const GURL& url,
     const CoopCoepCrossOriginIsolatedInfo& cross_origin_isolated_info,
     bool is_speculative) {
+  SiteInstanceImpl* site_instance_impl =
+      static_cast<SiteInstanceImpl*>(site_instance);
   // We do not want cross-origin-isolated have any impact on SiteInstances until
   // we get an actual COOP value in a redirect or a final response.
   if (is_speculative)
-    return true;
+    return !site_instance_impl->IsCoopCoepCrossOriginIsolated() ||
+           site_instance_impl->GetCoopCoepCrossOriginIsolatedInfo() ==
+                    cross_origin_isolated_info;
 
   // Note: The about blank case is to accommodate web tests that use COOP. They
   // expect an about:blank page to stay in process, and hang otherwise. In
@@ -164,9 +168,6 @@ bool IsSiteInstanceCompatibleWithCoopCoepCrossOriginIsolation(
   if (url.IsAboutBlank())
     return true;
 
-  SiteInstanceImpl* site_instance_impl =
-      static_cast<SiteInstanceImpl*>(site_instance);
-
   if (is_main_frame) {
     return site_instance_impl->GetCoopCoepCrossOriginIsolatedInfo() ==
            cross_origin_isolated_info;