Companion to https://github.com/servo/mozjs/pull/650
We added 3 new options to bindings.conf, each more powerful then the
previous one, so one should use the least powerful as possible to keep
things flexible:
1 `cx_no_gc` prepends argument `&JSContext`, which allows creating NoGC
tokens and using functions that do not trigger GC.
2. `cx` prepends argument `&mut JSContext`, which allows everything that
previous one allows, but it also allows calling GC triggering functions.
3. `realm` prepends argument `&mut CurrentRealm`, which can be deref_mut
to `&mut JSContext` (so it can do everything that previous can), but it
also ensures that there is current entered realm, which can be used for
creation of InRealm.
next steps: #40600
reviewable per commit
Testing: It's just refactoring
try run: https://github.com/sagudev/servo/actions/runs/19287700927
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
The goal of this change is to prevent having to copy so much data out of
listeners when a fetch completes, which will be particularly important
for off-the-main thread parsing of CSS (see #22478). This change has
pros and cons:
Pros:
- This makes the design of the `FetchResponseListener` a great deal
simpler.
They no longer individually store a dummy `ResourceFetchTiming` that is
only replaced right before `process_response_eof`.
- The creation of the `Arc<Mutex<FetchResponseListener>>` in the
`NetworkListener` is abstracted away from clients and now they just
pass the `FetchResponseListener` to the fetch methods in the global.
Cons:
- Now each `FetchResponseListener` must explicitly call `submit_timing`
instead of having the `NetworkListener` do it. This is arguably a bit
easier to follow in the code.
- Since the internal data of the `NetworkListener` is now an
`Arc<Mutex<Option<FetchResponseListener>>>`, when the fetching code
needs to share state with the `NetworkListener` it either needs to
share an `Option` or some sort of internal state. In one case I've
stored the `Option` and in another case, I've stored a new inner
shared value.
Testing: This should not change observable behavior and is thus covered
by existing tests.
Fixes: #22550
---------
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This is last step toward enabling the default rustc
`unsafe_op_in_unsafe_fn` warning for the script crate. It wraps the
remaining unsafe code in `unsafe {}` and removes the line disabling this
warning from `script`'s `Cargo.toml`. In addition, two variables are
renamed from `v` to something slightly more descriptive.
Testing: This should not change behavior so is covered by existing
tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
`FetchReponseListener` has traditionally lived in `net` even though it
is only used in `script` currently. Because of the two way dependency,
it has also use a lot of templating to implement something pretty basic
(call methods on a trait object).
This change moves the trait to `script` and removes several levels of
templating, making the code quite a bit shorter and easier to
understand.
This change is preparation for fixing #22550 and implementing
off-the-main-thread CSS parsing.
Testing: This should not change any behavior so is covered by existing
tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Moves interfaces defined by the performance spec to the
`script/dom/performance/` module from `script/dom/`.
Testing: Just a refactor shouldn't need any testing
Fixes: Partially #38901
Signed-off-by: WaterWhisperer <waterwhisperer24@qq.com>
This implements LazyDOMString (from now on DOMString) as outlined in
https://github.com/servo/servo/issues/39479.
Constructing from a *mut JSString we keep the in a
RootedTraceableBox<Heap<*mut JSString>> and transform
the string into a rust string if necessary via the `make_rust_string`
method.
Methods used in script are implemented on this string. Currently we
transform the string at all times.
But in the future more efficient implementations are possible.
We implement the safety critical sections in a separate module
DOMStringInner which allows simple constructors, `make_rust_string` and
the `bytes` method.
This method returns the new type `EncodedBytes` which contains the
reference to the underlying string in either format.
Testing: WPT tests still seem to work, so this should test this
functionality.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
This updates all Rc that were ignored for malloc_size_of to use
conditional_malloc_size_of, unless the type in the Rc itself doesn't
support malloc_size.
Regular expressions used to search for all occurrences:
```
ignore_malloc_size_of = "Rc.*"
ignore_malloc_size_of = "Arc.*"
```
There are a couple left since they have nested Rc, which I don't know
how to fix.
To be able to define these, several new implementations were added to
`malloc_size_of/lib.rs` as well as
`HashMapTracedValues`.
Testing: if it compiles, it's safe
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Script: added ```line_no``` as argument to both
```fetch_inline_module_script()``` & ```compile_module_script()``` to
fix the inline script reporting wrong line issue
([#39415](https://github.com/servo/servo/issues/39415)).
Originally, the function ```compile_module_script()``` hardwires the
value 1 when invoking ```CompileOptionsWrapper::new()```. This is fine
if the script is written in separate JS file, but for inline scripts, it
will cause confusion if the ```<script>``` tag doesn't start from line
#1.
```line_no``` is obtained from ```line_number```, a member variable from ```HTMLScriptElement```.
Credits to @jdm for actually pointing out which functions to fix.
Testing: Created a WPT test for this change, specifically: ```tests/wpt/tests/html/semantics/scripting-1/the-script-element/module/evaluation-error-5.html```.
Fixes: issue [#39415](https://github.com/servo/servo/issues/39415)
---------
Signed-off-by: RichardTjokroutomo <richard.tjokro2@gmail.com>
Signed-off-by: Rocketjumper <112361665+RichardTjokroutomo@users.noreply.github.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Euclid Ye <yezhizhenjiakang@gmail.com>
This is part of the future work of implementing LazyDOMString as
outlined in issue #39479.
We use str() method or direct implementations on DOMString for these
methods. We also change some types.
This is independent of https://github.com/servo/servo/pull/39480
Signed-off-by: Narfinger Narfinger@users.noreply.github.com
Testing: This is essentially just renaming a method and a type and
should not change functionality.
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Adding an optional message to be attached to a NotFoundError.
Testing: Just a refactor
Part of #39053
---------
Signed-off-by: Rodion Borovyk <rodion.borovyk@gmail.com>
This shows up sometimes in code reviews, so it makes sense that tidy
enforces it. `rustfmt` supports this via comment normalization, but it
does many other things and is still an unstable feature (with bugs).
Testing: There are new tidy tests for this change.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
to use the [SpiderMonkey Debugger
API](https://firefox-source-docs.mozilla.org/js/Debugger/) as the single
source of truth about scripts and their sources for devtools purposes
(servo/servo#38334), the debugger script needs to be able to distinguish
inline scripts from other scripts, because inline scripts are a special
case where the source contents need to come from the Servo parser.
the mechanism for this is
[Debugger.Script.prototype.**introductionType**](https://firefox-source-docs.mozilla.org/js/Debugger/Debugger.Source.html#introductiontype),
which is `inlineScript` for inline scripts or a variety of other values
for other kinds of scripts, but only the embedder can provide this
information.
this patch bumps mozjs to servo/mozjs#603, which expands on
CompileOptionsWrapper, making it a safe wrapper around CompileOptions.
to construct one from safe code, use Runtime::new_compile_options().
then you can call `set_introduction_type(&'static CStr)` on the new
instance. we also make Runtime::evaluate_script() take a
CompileOptionsWrapper from the caller, instead of constructing one
internally.
in this patch, we set the introductionType to `c"inlineScript"` when
calling run_a_classic_script() and compile_module_script() for inline
scripts, and leave it unset all other cases.
Testing: will undergo automated tests in #38334
Fixes: part of #36027, part of servo/servo#38378
---------
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
The scripted_caller only has information if the context is coming
from a script. If an element fetch listener processes CSP
violations, then this information doesn't exist. Instead, we should
use the global URL and the line number. WPT tests don't appear
to expect a column number, as they are all zero. Not all elements
are updated, as I am not actually sure all of them need it.
The source position remains an Option, since there are also code
paths that don't correspond to element or script sources. Maybe
in the future we can always determine the source position, but
let's take small steps towards that.
Part of #4577
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This refactoring moves various CSP-related methods away from GlobalScope
and Document into a dedicated entrypoint. It also reduces the amount of
imports of the CSP crate, so that types are consolidated into this one
entrypoint. That way, we control how CSP code interacts with the script
crate.
For reviewing purposes, I split up the refactoring into separate
distinct commits that all move 1 method(group) into the new file.
Testing: no change in behavior, only a build improvement + code cleanup
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
Implement whole spec of `resolve_module_specifier`. Servo can now
support script element with import map type!
Testing: `tests/wpt/tests/import-map`
Fixes: #37316#36394
---------
Signed-off-by: Wu Yu Wei <yuweiwu@pm.me>
- Register import map when preparing HTML script element
- Added `import_map` to `GlobalScope`
Testing: should pass existing WPT
Fixes: part of https://github.com/servo/servo/issues/37316
---------
Signed-off-by: Jason Tsai <git@pews.dev>
adding `resolve_url_like_module_specifier` method to `ModuleTree`.
Testing: Existing WPT test for script element should pass.
Fixes: https://github.com/servo/servo/issues/37316, resolving a URL-like
module specifier
Signed-off-by: Jason Tsai <git@pews.dev>
All logic is implemented in `report_csp_violations` to avoid
pulling in various element-logic into SecurityManager.
Update the `icon-blocked.sub.html` WPT test to ensure that
the document is the correct target (verified in Firefox and Chrome).
Fixes#36806
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This PR resolves [#36592](https://github.com/servo/servo/issues/36592)
by updating the `RequestBuilder` used in `script_module.rs` to include:
- `insecure_requests_policy`
- `has_trustworthy_ancestor_origin`
- `policy_container`
These fields are critical for enforcing proper fetch behavior under
modern web security models, and were previously omitted from module
script requests.
This change ensures that scripts loaded via `<script type="module">` or
dynamic `import()` correctly reflect the calling document’s security
environment.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#36592
<!-- Either: -->
- [X] There are tests for these changes
Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
It also updates the FetchResponseListener to process CSP violations to
ensure that iframe elements (amongst others) properly generate the CSP
events. These iframe elements are used in the Trusted Types tests
themselves and weren't propagating the violations before.
However, the tests themselves are still not passing since they also use
Websockets, which currently aren't using the fetch machinery itself.
That is fixed as part of [1].
[1]: https://github.com/servo/servo/issues/35028
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
`EmbedderMsg` was previously paired with an implicit
`Option<WebViewId>`, even though almost all variants were either always
`Some` or always `None`, depending on whether there was a `WebView
involved.
This patch adds the `WebViewId` to as many `EmbedderMsg` variants as
possible, so we can call their associated `WebView` delegate methods
without needing to check and unwrap the `Option`. In many cases, this
required more changes to plumb through the `WebViewId`.
Notably, all `Request`s now explicitly need a `WebView` or not, in order
to ensure that it is passed when appropriate.
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating an IPC channel for every fetch, allow cancelling
fetches based on the `RequestId` of the original request. This requires
that `RequestId`s be UUIDs so that they are unique between processes
that might communicating with the resource process.
In addition, the resource process loop now keeps a `HashMap` or `Weak`
handles to cancellers and cleans them up.
This allows for creating mutiple `FetchCanceller`s in `script` for a
single fetch request, allowing integration of the media and video
elements to integrate with the `Document` canceller list -- meaning
these fetches also get cancelled when the `Document` unloads.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Expose two new helpers and start using them as much as possible.
- `NodeTraits::owner_global`: which gets the `GlobalScope` that currenty
owns a `Node`. This may be different than `.global()` in the case that
the `Node` was adopted by a different `Document`.
- `Window::as_global_scope`: A helper to avoid having to cast so much
when treating a `Window` like a `GlobalScope`.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
No longer hide errors while queueing tasks on the main thread. This
requires creating two types of `TaskSource`s: one for the main thread
and one that can be sent to other threads. This makes queueing a bit
more efficient on the main thread and more importantly, no longer hides
task queue errors.
Fixes#25688.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
This is a simplification of the internal `TaskQueue` API that moves the
`TaskManager` to the `GlobalScope` itself. In addition, the handling of
cancellers is moved to the `TaskManager` as well. This means that no
arguments other than the `task` are necessary for queueing tasks, which
makes the API a lot easier to use and cleaner.
`TaskSource` now also keeps a copy of the canceller with it, so that
they always know the proper way to cancel any tasks queued on them.
There is one complication here. The event loop `sender` for dedicated
workers is constantly changing as it is set to `None` when not handling
messages. This is because this sender keeps a handle to the main
thread's `Worker` object, preventing garbage collection while any
messages are still in flight or being handled. This change allows
setting the `sender` on the `TaskManager` to `None` to allow proper
garbabge collection.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This puts a few commonly used `Node` helpers into a trait (`NodeTraits`)
and gives them more descriptive names and documentation. The renames:
- `document_from_node` -> `NodeTraits::owner_document`
- `window_from_node` -> `NodeTraits::owner_window`
- `stylesheets_owner_from_node<T:` -> `NodeTraits::stylesheet_list_owner`
- `containing_shadow_root` -> `NodeTraits::containing_shadow_root`
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating a type for each `TaskSource` variety have each `TaskSource`
hold the same kind of sender (this was inconsistent before, but each
sender was effectively the same trait object), a pipeline, and a
`TaskSourceName`. This elminates the need to reimplement the same
queuing code for every task source.
In addition, have workers hold their own `TaskManager`. This allows just
exposing the manager on the `GlobalScope`. Currently the `TaskCanceller`
is different, but this will also be eliminated in a followup change.
This is a the first step toward having a shared set of `Sender`s on
`GlobalScope`.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* Remove the referrer policy from document and rely on its policy container
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
* Make ReferrerPolicy non-optional, instead using a new enum value to represent the empty string case
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
* Fix clippy issue
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
* Fix usage of Option<ReferrerPolicy> in unit test
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
---------
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
