Because of the previous awkward factoring of Origin we had two
implementations of Origin serializing and creation. Move the
implementation of DOMURL::url_origin into URL::origin, and
instead use the implemenation of URL::Origin::serialize for
serialization (replacing URL::serialize_origin).
This happens to fix 8 URL subtests as the two implemenations had
diverged, and URL::serialize_origin was previously missing the spec
changes of: whatwg/url@eee49fd and whatwg/url@fff33c3
(cherry picked from commit 501f92b54eee7bcf7b60621aa4238fcbdc610d99;
amended to add leading whitespace to expectation due to serenity not
yet having LadybirdBrowser/ladybird#1603)
While Origin is defined in the HTML spec - this leaves us with quite an
awkward relationship as the URL spec makes use of AO's from what is
defined in the HTML spec.
To simplify this factoring, relocate Origin into LibURL.
(cherry picked from commit dc401f49ea7e861064484e79594e35c3d93000ae;
amended to fix minor conflicts due to serenity not (yet?) having a
LibUnicode/Segmenter.h include in Document.cpp, and due to
BrowsingContext already having LadybirdBrowser/ladybird#2358 in
serenity)
This matches the text of the spec a little more closely in many cases
and is also more efficient than serializing the URL path.
(cherry picked from commit ffe070d7f9164ff51644f8d912b580a0b291e26a)
Reading the RFC9111 spec makes it clear that the stored response was
not intended to be cloned. This is because there is a "clone response"
operation that is used in other places, but never for stored responses.
(cherry picked from commit afe74afa9e61569d35797d6ada5d54f0c22da412)
Responses returned from `http_network_or_cache_fetch` were copied
directly from the cache, which is incorrect, since revalidation may
later modify the response, or even invalidate it, such as when the
`Access-Control-Allow-Origin` header is changed.
This fixes WPT test [wpt/cors/304.htm](http://wpt.live/cors/304.htm)
(cherry picked from commit c7a51ed297ebd0dcb200d8dc1ba3918880c56a55)
This change causes HTTP status codes to be set on cached HTTP responses.
Otherwise, without this change, no status codes at all are set on cached
HTTP responses — which causes all cached responses to default to being
loaded/served with a 200 status code. And as a result of that, if the
cached response is from a 30x redirect, then without this change, when
that cached 30x response is loaded, we don’t follow the redirect —
because we see a 200 status, rather than the expected/original 30x.
Fixes https://github.com/LadybirdBrowser/ladybird/issues/863
Note that this change also reverts the temporary workaround added in
https://github.com/LadybirdBrowser/ladybird/commit/f735c464d3f
(https://github.com/LadybirdBrowser/ladybird/pull/899).
(cherry picked from commit 23da1752b50568f2c49b1c63c2777ddffddaf6f5)
If a HTTP 401 response we get does not contain a `WWW-Authenticate`
header, we should not trigger the logic to ask the user for credentials
and retry the request.
This part is hinted at in a TODO / 'Needs testing' remark in the spec
but needs to be fleshed out. Raised an upstream issue to do so:
https://github.com/whatwg/fetch/issues/1766
This fixes login forms triggering an infinite fetch loop when providing
incorrect credentials.
Co-Authored-By: Victor Tran <vicr12345@gmail.com>
(cherry picked from commit e7984a77116d47fde150f81f6e18cae6aaa147ad)
This change disables caching for 301, 302, 303, 307, and 308 responses.
This is just for now, ad-hoc — not adhering to any particular spec.
Fixes https://github.com/LadybirdBrowser/ladybird/issues/863
(cherry picked from commit f735c464d3fe02ac43a1fa46c82ae9a3bb5de8b1)
This also changes fetch to use the preferred languages for the
Accept-Language header.
(cherry picked from commit 2ca8fd1832462c05fdec16a1de73494820597140)
This patch adds a simple in-memory HTTP cache to each WebContent
process.
It's currently off by default (turn it on with --enable-http-cache)
since the validation logic is lacking and incomplete.
(cherry picked from commit a3c8e60710451c1325f6718b253e8d1ee2029a30)
This is currently no-op and a FIXME exists to implement the "consume a
preloaded resource" AO.
(cherry picked from commit aee77b975cdd2efddb57a4648c84d4e208cf50c9)
This simplifies a bunch of places which were needing to error check and
convert from a ByteString to String.
(cherry picked from commit 84a7fead0eefd967d4319f4d71c0a0ca3095d2d1)
Doing it is not part of the spec. Whenever needed, the spec will
explicitly percent decode the username and password.
This fixes some URL WPT tests.
(cherry picked from commit f511c0b441a591bc85f409242229c7b295e118e4)
They are now blocked on pages which:
- Don't have an opaque origin (should be only user-initiated or about:)
- Aren't other file: pages
- Aren't other resource: pages
(cherry picked from commit 1f3285eb0410ff5c902e148932205d9e4b7fbd9b)
Instead of using a HashMap<ByteString, ByteString, CaseInsensitive...>
everywhere, we now encapsulate this in a class.
Even better, the new class also allows keeping track of multiple headers
with the same name! This will make it possible for HTTP responses to
actually retain all their headers on the perilous journey from
RequestServer to LibWeb.
(cherry picked from commit e636851481eabdf00953573a5eb459ee52feeacc)
Updated various SerenityOS components to make it build.
Fetch: Make sure we iterate over HeaderMap's headers()
This fixes a build failure when built with CMake option
'-DENABLE_ALL_THE_DEBUG_MACROS=ON'.
(cherry picked from commit c51d01bea712d75f9b2cd700be942935044e49b4)
Supporting unbuffered fetches is actually part of the fetch spec in its
HTTP-network-fetch algorithm. We had previously implemented this method
in a very ad-hoc manner as a simple wrapper around ResourceLoader. This
is still the case, but we now implement a good amount of these steps
according to spec, using ResourceLoader's unbuffered API. The response
data is forwarded through to the fetch response using streams.
This will eventually let us remove the use of ResourceLoader's buffered
API, as all responses should just be streamed this way. The streams spec
then supplies ways to wait for completion, thus allowing fully buffered
responses. However, we have more work to do to make the other parts of
our fetch implementation (namely, Body::fully_read) use streams before
we can do this.
This callback is meant to be triggered by streams, which does not always
provide a WebIDL::DOMException. Pass a plain value instead. Of all the
users of this callback, only one actually uses the value, and already
converts the DOMException to a plain value.
Performing a lookup in the blob URL registry does not work in the case
of a web worker - as the registry is not shared between processes.
However - the URL itself passed to a worker has the blob attached to it,
which we can pull out of the URL on a fetch.
Fetched bodies can be on the order of gigabytes, so rather than crashing
when we hit OOM here, we can simply invoke the error callback with a DOM
exception. We use "UnknownError" here as the spec directly supports this
for OOM errors:
UnknownError: The operation failed for an unknown transient reason
(e.g. out of memory).
This is still an ad-hoc implementation. We should be using streams, and
we do have the AOs available to do so. But they need to be massaged to
be compatible with callers of Body::fully_read. And once we do use
streams, this function will become infallible - so making it infallible
here is at least a step in the right direction.
