Chrome does not allow nested execCommand calls.
https://source.chromium.org/chromium/chromium/src/+/master:third_party/blink/renderer/core/editing/commands/document_exec_command.cc;l=75;drc=301e5d079a1b4c29c5b17574d0470e6db7370acc

Although Safari allows it, I think that we don't need to support nested execCommand calls for security and that must cause backward compatibility issue rarely.

(But I guess that we should keep supporting it with a pref for fuzzing team.)

WDYT, smaug?

Oh, interesting. If Chrome doesn't support it, I guess we could try that. It is unlikely that any web site relies on the nested behavior.

This will be speced: https://github.com/w3c/editing/issues/200#issuecomment-578097441

Chrome does not allow nested Document.execCommand() calls:
https://source.chromium.org/chromium/chromium/src/+/master:third_party/blink/renderer/core/editing/commands/document_exec_command.cc;l=75;drc=301e5d079a1b4c29c5b17574d0470e6db7370acc

On the other hand, Safari (and Firefox) allows it. However, it's worthwhile to
follow Chrome's behavior.

This patch makes Document::ExecCommand() return false when it's called
while running another Document::ExecCommand() call on Nightly and early Beta.
This is exactly same behavior, and we should watch broken web apps reports
for a while before riding this on the train.

And this patch sets the pref to true when all crash tests under
editor/libeditor/crashtests which depend on nested calls of execCommand run
since same things may be reproducible with other DOM APIs.

https://hg.mozilla.org/mozilla-central/rev/eaf48f8ba83f