fix(fillField): prevent rich-editor keystroke leak to sibling inputs#5531
Merged
fix(fillField): prevent rich-editor keystroke leak to sibling inputs#5531
Conversation
The IFRAME branch typed via the root-page keyboard against an iframe body that's not contenteditable (Monaco-style editors), so keystrokes landed on whatever the outer document had focused. Detection also climbed the DOM when the matched element looked hidden, which could pick up unrelated editors elsewhere on the page. Now: detection only walks down from the user's locator, the IFRAME branch re-detects the real input surface inside the iframe, and every focus/click is verified against document.activeElement before typing — a failed focus throws instead of leaking. Backing-textarea fixtures (TinyMCE legacy, CKEditor 4/5, CodeMirror 5, Summernote) wrapped so #editor is the visible container. Adds sibling-input regression coverage for IFRAME, CONTENTEDITABLE and HIDDEN_TEXTAREA paths plus a negative test for hidden backing locators. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
… form controls - WebDriver/BiDi rejects element refs as executeScript args from inside a switched-frame context, breaking the inner-iframe focus/select calls. Run those scripts via document.querySelector on the marker instead, then send keystrokes via the already-frame-aware page keyboard. - Add EDITOR.UNREACHABLE: when the user's locator points at a display:none INPUT/TEXTAREA, throw a clear error instead of falling through. Without this, Puppeteer's lenient el.type() silently leaks to whatever has focus. - Test reads outer-input value via executeScript to dodge a pre-existing WebDriver grabValueFrom bug that drops empty strings in forEachAsync. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
I.fillField('iframe', …)(and similar wrappers) typing into an unrelated outer input instead of the editor inside the iframe.lib/helper/extras/richTextEditor.js:<body>was editable — on Monaco/CodeMirror/ACE (hidden internal textarea)body.focus()silently no-ops andpage.keyboard.typelands on whatever the root page had focused.document.activeElementbefore typing — a failed focus throws instead of leaking.#editoris the visible container, matching the new descendant-only contract.Test plan
#fillField - rich text editors— all 12 editors, 4 cases each (48 tests) pass against Playwright.rich editor with sibling focused input — no keystroke leaksuite (7 tests): IFRAME (Monaco), HIDDEN_TEXTAREA (CodeMirror 5) and CONTENTEDITABLE (CKEditor 5) paths each verify thatI.fillFieldon the editor does not leak into an outer<input autofocus placeholder="Title">sibling. Plus a negative test confirmingI.fillField('#editor-inner', …)on adisplay:nonebacking textarea throws instead of leaking.npx mocha test/helper/Playwright_test.js --grep "#fillField - rich text editors").Puppeteer_test.js/WebDriver_test.jsonce their environments are up.🤖 Generated with Claude Code