From 572ebe00eacd5aaeecc17207c75c6bf2327a3897 Mon Sep 17 00:00:00 2001
From: Tim Ledbetter <timledbetter@gmail.com>
Date: Fri, 14 Jun 2024 00:53:04 +0100
Subject: [PATCH] LibWeb: Avoid null dereference when performing mixed content
 checks

Previously, navigating to or from `about:newtab` caused a crash due to
inadvertent null dereferences when checking whether a request or
response to a request should be blocked as mixed content.
---
 Userland/Libraries/LibWeb/MixedContent/AbstractOperations.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Userland/Libraries/LibWeb/MixedContent/AbstractOperations.cpp b/Userland/Libraries/LibWeb/MixedContent/AbstractOperations.cpp
index ae3e63580e7..17332f5f9e1 100644
--- a/Userland/Libraries/LibWeb/MixedContent/AbstractOperations.cpp
+++ b/Userland/Libraries/LibWeb/MixedContent/AbstractOperations.cpp
@@ -80,7 +80,7 @@ Fetch::Infrastructure::RequestOrResponseBlocking should_fetching_request_be_bloc
         || false
 
         // 4. request’s destination is "document", and request’s target browsing context has no parent browsing context.
-        || (request.destination() == Fetch::Infrastructure::Request::Destination::Document && !request.client()->target_browsing_context->parent())) {
+        || (request.destination() == Fetch::Infrastructure::Request::Destination::Document && !(request.client()->target_browsing_context && request.client()->target_browsing_context->parent()))) {
         return Fetch::Infrastructure::RequestOrResponseBlocking::Allowed;
     }
 
@@ -104,7 +104,7 @@ Web::Fetch::Infrastructure::RequestOrResponseBlocking should_response_to_request
         || false
 
         // 4. request’s destination is "document", and request’s target browsing context has no parent browsing context.
-        || (request.destination() == Fetch::Infrastructure::Request::Destination::Document && !request.client()->target_browsing_context->parent())) {
+        || (request.destination() == Fetch::Infrastructure::Request::Destination::Document && !(request.client()->target_browsing_context && request.client()->target_browsing_context->parent()))) {
         return Fetch::Infrastructure::RequestOrResponseBlocking::Allowed;
     }