This patch changes inserted HTML sanitize process to check whether tree is in tree or not, for avoiding null pointer reference.

This case is caused by  ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder() when paragraph element contains prohibited paragraph child, e.g. address, article, ..., table, ..., specified in HTML Editing APIs specification.

BUG=257557
R=tkent@chromium.org

Review URL: https://codereview.chromium.org/18960004

git-svn-id: svn://svn.chromium.org/blink/trunk@153983 bbb929c8-8fbe-4397-9dbb-9b2b20218538
4 files changed