upcast::<Type>() is costly in general, but in some cases we can avoid
that call and use a direct field access instead.
Testing: no test change expected.
Signed-off-by: webbeef <me@webbeef.org>
This set of changes introduces a type matching the spec's "target
snapshot params" and uses it as part of determining the origin of new
documents. This has a side benefit of making our sandbox flag
determination more accurate, which leads to a bunch of sandboxing tests
passing as well as some new failures due to spec confusion about
origins.
Testing: Many new passing tests.
Part of the long road to #43149
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This change has two main interdependent parts:
1. It starts to align Servo's focus code with what is written in the
HTML specification. This is going to be a gradual change, so there
are still many parts that do not match the specification yet. Still,
this adds the major pieces.
2. It adds initial support for the `ShadowRoot.delegatesFocus` property
which controls how focusing a shadow DOM root can delegate focus to
one of its children.
Testing: This causes a few WPT tests to start passing.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
We should compare HMAC signatures in constant time when validating
user-provided signatures, to prevent leaking timing information
proportional to the number of matching bytes. The WebCrypto
specification has also updated to require to use constant-time
comparison in HMAC signatures.
We update our implementation accordingly. Since we are still using the
`aws-lc-rs` crate for our HMAC implementation, we use the function
`verify_slices_are_equal` provided by `aws_lc_rs::constant_time` to
guarantees the comparison is constant-time.
Specification Update:
c962bc7ebb
Testing: Existing tests suffice.
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
This workaround was only necessary when click focusing didn't look up
the ancestry chain for an applicable focusable area. Now that this
happens (via the code directly after), the workaround is no longer
necessary.
Testing: This should not change behvior so is covered by existing tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
# Checklist
Relevant methods in Document are:
- [x] enter_fullscreen
- [x] exit_fullscreen
- [x] get_allow_fullscreen
Relevant method in DocumentOrShadowRoot is:
- [x] get_fullscreen_element
Relevant methods in Element are:
- [x] fullscreen_element_ready_check
Relevant structs in element.rs are:
- [x] ElementPerformFullscreenExit
- [x] ElementPerformFullscreenEnter
Testing: The PR moves functions around and we don't need to modify any
tests
Fixes: #43719
---------
Signed-off-by: Niya Gupta <niyabits@disroot.org>
Co-authored-by: Niya Gupta <niyabits@disroot.org>
Add the minimum amount of FreeBSD-specific code to Servo, where no
platform-neutral fallback exists.
Testing: I've succesfully built and run Servo on FreeBSD with these
changes (and some fixes to dependencies). There's no functional change
to any other targets. This pull request was created with Servo running
on FreeBSD.
Fixes: #11625
---------
Signed-off-by: Juhani Krekelä <juhani@krekelä.fi>
Co-authored-by: Juhani Krekelä <juhani@krekelä.fi>
In general, for a normal `BoxFragment`, a `ExternalScrollId` is created
by directly using the `OpaqueNode::id` which is the heap address of the
`Node`. But for a `BoxFragment` from a `::before` or `::after` pseudo
element, we are using the next unused id (starting from zero) with an
increment of two.
This patch modifies so that we are using the bitwise or of
`OpaqueNode::id` and `FragmentType` as the `ExternalScrollId`. With
these changes, the `ExternalScrollId` for the pseudo elements would
remain the same after reflow (instead of getting a new scroll id).
Testing: New WPT test
Fixes: #43308
---------
Signed-off-by: Jo Steven Novaryo <steven.novaryo@gmail.com>
All callers were constructing a DOMString only to have it immediately
converted back to String inside internal_warn, resulting in an
unnecessary allocation and clone. This changes the parameter type to
String and updates all call sites to pass the result of format! or
.to_string() directly.
Fixes: #43091
---------
Signed-off-by: Kelechi Ebiri <ebiritg@gmail.com>
Initialize unminified_css_dir directly in Window::new instead of storing
a separate unminify_css bool and lazily setting the dir in
init_document.
Testing: Ran ```./mach run --unminify-css google.com``` also checked
```ls unminified-css/``` result was ```www.google.com www.gstatic.com```
Fixes: #43730
Signed-off-by: Sabb <sarafaabbas@gmail.com>
Implement the layout of `<input type="range">`. Support automatically
calculating the position of thumb based on the current input value, and
the size of range-track and range-thumb. Added a
document.has_script_or_layout_blocker function to detect whether it is
possible to run box_area_query during bind_to_tree, add delay_task if
there are blocker.
Here are some of the fixes made in this PR:
1. Fixed the structure for input type range's pseudo elements.
2. Fixed the positioning of input type range's thumb based on current
value, width, and direction.
3. Allow input type range to stretch vertically in a bigger container.
Original PR: #41024
Stylo PR: https://github.com/servo/stylo/pull/310
Testing: Some improvements in WPT tests, with a few regressions. This
change includes a Servo-specific appearance test to detect unexpected
changes to the look and feel of range widgets.
Fixes: #22728
---------
Signed-off-by: Budiman Arbenta <arbenta6@gmail.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: rayguo17 <tin.tun.aung1@huawei.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Expose set_cookie_for_url, get_cookie_for_url, allow applications to
get/set cookies.
Testing: Unit test for `SiteDataManager` and manual test with
ServoShell.
---------
Signed-off-by: batu_hoang <longvatrong111@gmail.com>
Following #43714, which moved the element interfaces into the `element/`
directory and extracted `get_int_attribute` into `attributes.rs` as a
proof-of-concept, this PR moves the remaining attribute getter/setter
methods out of `element.rs` into the separate `attributes.rs` file.
The following methods were moved:
- `set_atomic_attribute`
- `set_bool_attribute`
- `get_url_attribute` / `set_url_attribute`
- `get_trusted_type_url_attribute`
- `get_trusted_html_attribute`
- `get_string_attribute` / `set_string_attribute`
- `get_nullable_string_attribute` / `set_nullable_string_attribute`
- `get_tokenlist_attribute` / `set_tokenlist_attribute`
- `set_atomic_tokenlist_attribute`
- `set_int_attribute`
- `get_uint_attribute` / `set_uint_attribute`
This reduces the size of `element.rs` and groups all attribute-related
helper methods together in one place.
Testing:
No tests required as this is a pure code move with no behavioural
changes. The existing test suite covers the moved methods indirectly
through their callers. `cargo check` passes cleanly.
part of #38901
part of #43709
part of #43714
Signed-off-by: CynthiaOketch <cynthiaoketch6@gmail.com>
The "deriveBits" operation of X25519 in WebCrypto throws an
OperationError when the secret is all-zero value. The check must be done
in constant time.
Although our implementation enforces comparing all bytes one-by-one
without early exit, it still does not guarantee the `u8` comparison is
constant-time due to compiler optimization and CPU microarchitectural
effects.
We switch to using the function `was_contributory` provided by the
`x25519-dalek` crate to check whether the secret is all-zero value, as
it guarantees constant-time execution. This enhances the security of our
WebCrypto API.
Testing: Security enhancement. Existing tests suffice.
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Implement the missing IDBObjectStore.name duplicate name checks so
renaming an object store to an existing store now throw ConstraintError
Testing: more indexeddb WPT test passed.
Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
indexeddb: make put() overwrite existing SQLite records
Testing: more indexeddb test should pass.
Fixes: #43707
---------
Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
We were previously conflating the concept of a navigation request's
origin with the origin of the resulting document. These changes ensure
that the navigation request's origin is based on the navigation
initiator's origin, and the document's origin is not computed until
after the navigation response is received.
The most visible effect of these changes is that documents in sandboxed
iframes now correctly have an opaque origin.
Testing: Lots of new passing tets.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Requires communication between the script thread and the constellation
to be able to retrieve the origin of a cross-origin document. However,
in the fast-path where the document resides in the same script-thread,
we use the `frame_element` instead.
If no CSP list is active, then we skip all this logic, to have a minimal
impact on document navigation.
Part of #4577Fixes#36468
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
UA widgets (such as textual `<input>`) create a shadow DOM to contain
their various parts. When clicking on these parts (such as the text node
of the widget contents), we should use the root node of the widget as
the activable node. This means that wehen you click on the inside of an
`<input>` element, the input matches the `:active` pseudo-selector.
Testing: This improves WPT tests.
Fixes: #41102
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Also move the related `navigate_to_fragment` method next to it.
Part of #40600
Testing: It compiles
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This is the first step toward implementing the Web Animations
specification. It adds support for the `AnimationTimeline` and
`DocumentTimeline` specification concepts. Note that there was already
an `AnimationTimeline`, but it did not implement the specification.
Testing: Various WPT start to pass or no longer error / timeout.
Signed-off-by: Martin Robinson <mrobinson@abandonedwig.info>
Co-authored-by: Martin Robinson <mrobinson@abandonedwig.info>
As titled. The `Vec<UnshapedTextRun>` produced by `fn
build_unshaped_text_runs`
is only used by `into_shaped_text_run`, which filters out those without
string or font.
It is better to not allocate them in the first place.
Testing: [Try](https://github.com/servo/servo/actions/runs/23642089615).
Added a Servo-specific crash test to ensure we will not have empty
font/string in a text run.
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
It moves `Element.rs` into a subdirectory and turns on dead code
detection (found 4 methods that could be removed). Then it also extracts
the first attribute-related method into a separate file, to reduce the
file size of `Element` and add more structure as part of #43709.
Part of #38901
Part of #43709
Testing: It compiles
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Both `Window::load_url` and `ScriptThread::navigate` implement parts of
the same navigate algorithm from the HTML spec
(https://html.spec.whatwg.org/multipage/browsing-the-web.html#navigate).
`ScriptThread::navigate` had only one caller: `Window::load_url`.
This merges both methods into a single `navigate` function in
`navigation.rs`, which is the appropriate home for navigation logic. All
previous callers of `Window::load_url` now call `navigation::navigate`
directly.
Testing: This is a pure refactor with no behaviour changes, so no new
tests are needed. Existing tests cover the navigation paths affected.
Fixes: #43494
---------
Signed-off-by: thebabalola <t.babalolajoseph@gmail.com>
The WebIDLs for values were duplicated in PropertyDescriptor and
EvalResultValue, with duplicated handlers across the code.
General cleanup of how debugger values are passed from debugger.js and
how the conversion from JS and to JSON happens.
There shouldn't be a behaviour change.
Testing: Existing devtools tests and manual testing
Part of: #36027
---------
Signed-off-by: eri <eri@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
Fixes#43629.
The `EventSource` constructor was resolving input URLs with
`api_base_url().join(...)`, which is not the same as the HTML spec’s
encoding-parsing step for URLs relative to the relevant settings object.
This change updates `components/script/dom/eventsource.rs` to use
`global.encoding_parse_a_url(&url.str())` when constructing the
`EventSource` request URL. That makes the constructor follow the spec
more
closely while keeping the existing failure behavior of returning
`Error::Syntax(None)` when parsing fails.
Using `GlobalScope::encoding_parse_a_url` also reuses the existing
parsing
path for both window and worker globals, instead of handling
`EventSource`
URL resolution through `api_base_url().join(...)` directly.
Testing:
* Ran ./mach check
* Ran ./mach test-wpt tests/wpt/tests/eventsource/
* Checked relevant coverage under
tests/wpt/tests/html/infrastructure/urls/resolving-urls/query-encoding/
---------
Signed-off-by: veercodeprog <veerpratap945050@gmail.com>
For any enabled command, we should fire corresponding
beforeinput and input events.
Also update a WPT test to make it clearer what the
expected behavior is. None of the test expect a
beforeinput event. Before, it would fail with
"expected undefined, but got", which is not descriptive
as a failure to what's happening.
We are failing these tests, since this behavior is
currently unspecced and also requires changes in
the input element to work with text edits.
Part of #25005
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This update makes service workers properly show up in DevTools and
behave more like dedicated workers.
- Added an is_service_worker field to DevtoolsPageInfo so the devtools
server can tell service workers apart from dedicated workers
- Triggered a NewGlobal message when a service worker is created in
serviceworker_manager.rs, similar to what already happens for dedicated
workers
- Routed service workers to root.service_workers so they appear under
"Service Workers" in about:debugging instead of "Other Workers"
- Implemented listServiceWorkerRegistrations with the expected response
format (activeWorker, installingWorker, waitingWorker, evaluatingWorker)
to match Firefox’s LegacyServiceWorkersWatcher
- Added support for getPushSubscription in WorkerActor, currently
returning subscription: null
Enabled the service_worker target type in the watcher’s SessionContext
and handled watchTargets("service_worker")
Testing
Start Servo with:
`RUST_LOG="error,devtools=debug" ./mach run --
--pref=dom_serviceworker_enabled --devtools=6080
"https://mdn.github.io/dom-examples/service-worker/simple-service-worker/"
`
In Firefox, go to about:debugging and connect to localhost:6080
Confirm the service worker shows up under "Service Workers"
Fixes#43574
---------
Signed-off-by: CynthiaOketch <cynthiaoketch6@gmail.com>
The commit contains several related changes:
* iframes that load javascript: URLs as part of the initial insertion
(ie. `<iframe src='javascript:...'>`) get a synchronous load event
dispatched
* javascript: URL evaluation that does not result in a string no longer
treated like a 204 response
* iframes that perform a javascript: URL navigation that does not result
in a new document no longer block the parent document load event
Testing: Lots of new tests passing.
Fixes: #24901
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Moves the cleanup logic to a separate helper struct to comply with the
prohibition of manual `Drop` implementations for DOM types.
Testing: WebGL tests cover these cases
Fixes: Partially #26488
Signed-off-by: Domenico Rizzo <domenico.rizzo@gmail.com>
There were two issues here:
1. We weren't firing the `load` event when we would show an error page
because of a CSP failure. This is to avoid web pages knowing wheter a
page has failed because of CSP.
2. We were reporting the violations in the wrong global. We shouldn't
fire these in the global of the child, but instead in the parent.
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Moves node interfaces into script/dom/node/ module from script/dom/.
Testing: Just a refactor shouldn't need any testing.
Fixes: Part of #38901
Signed-off-by: Jayanta Pradhan <pradhanjayanta91@gmail.com>
Moves interfaces defined by the resizeobserver spec to the
script/dom/resizeobserver/ module from script/dom/.
Testing: Just a refactor shouldn't need any testing
Fixes: Partially https://github.com/servo/servo/issues/38901
Signed-off-by: Emmanuel Paul Elom <elomemmanuel007@gmail.com>
This adds the WebIDl and implementation for the HTMLMarqueeElement type.
The `<marquee>` HTML is now assigned this type.
None of the contained properties or methods are implemented yet.
Testing: Existing WPTs
Signed-off-by: Luke Warlow <lwarlow@igalia.com>
- canvas
- constellation_traits
- canvas_traits
- constellation
Testing: This should not change any behaviour.
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
Moves url interfaces into script/dom/url/ module from script/dom/.
Testing: Just a refactor shouldn't need any testing.
Part of #38901
---------
Signed-off-by: Jayanta Pradhan <pradhanjayanta91@gmail.com>
Moves interfaces defined by the datatransfer spec to the
script/dom/datatransfer/ module from script/dom/.
Testing: Just a refactor shouldn't need any testing
Fixes: Partially #38901
Signed-off-by: Emmanuel Paul Elom <elomemmanuel007@gmail.com>
Moves xpath interfaces into script/dom/xpath/ module from script/dom/.
Testing: Just a refactor.
Fixes: Part of #38901
Signed-off-by: Jayanta Pradhan <pradhanjayanta91@gmail.com>
Updated api base url to encoding_parse_a_url and wrote tests referencing
the suggested format
Fixes: #43557
Testing: new passing test
Signed-off-by: Sabb <sarafaabbas@gmail.com>
Moves interfaces defined by the document spec to the
script/dom/document/ module from script/dom/.
Testing: Just a refactor shouldn't need any testing
Fixes: Partially #38901
---------
Signed-off-by: Emmanuel Paul Elom <elomemmanuel007@gmail.com>
