This is a preparation for publishing to crates.io. Changes include:
- Add `servo-` prefixes to avoid name collisions on crates.io
- Use `-` instead of `_` in package names.
- Rename the crates to their original names in Cargo.toml,
to keep the diff minimal
- Rename `media` to `servo-media-thread` to avoid name collision with
`servo-media` (originally from the media repository).
This is an outcome of the previous discussion at [#general > Switch
remaining git dependencies to
crates.io](https://servo.zulipchat.com/#narrow/channel/263398-general/topic/Switch.20remaining.20git.20dependencies.20to.20crates.2Eio/with/576336288)
Testing: This should be mostly covered by our CI, but some amount of
breakage is to be expected, since some package names could still be
referenced from scripts which are not tested or run in CI. [mach try
run](https://github.com/jschwe/servo/actions/runs/22502945949)
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
That respects the user locale better than hardcoding en-US. This can
also be manually set with the `LANG` environment variable.
Testing: Manual testing with the devtools to check the header sent and
the value of `navigator.language`
Signed-off-by: webbeef <me@webbeef.org>
This implements MallocSizeOf for DevtoolsInstance. Major changes:
- Newtype for ActorRegistry because AtomicRefCell<HashMap<String,
Arc<dyn Actor>>> did not like mallocsizeof (even with trait bound on
Actor)
- Implement MallocSizeOf for BTreeSet.
- Implement MallocSizeOf of 0 for AtomicU32 and TcpStream
- Ignore a couple of MallocSizeof for http::Method, http::HeaderMap and
json::Value
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Testing: Compilation is the test.
Fixes: Part of addressing https://github.com/servo/servo/issues/42453
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
We implemented many more MallocSizeOf tests (even if some such as
channels are zero).
Meaning we can not ignore more of it making the code cleaner.
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Testing: Compilation is the test.
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
With import attributes enabled we can now support non javascript
modules, for now we are limited to json ones.
Switch `GlobalScope` `modulemap` to be keyed by the tuple url and
module's type.
Testing: Enabled a new directory, new tests should pass
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This PR fixes error handling in Servo's HTTP fetch implementations to
properly handle content decompression failures (e.g., bad gzip content)
by treating them as network errors as defined in WPT.
- Fixed some previously failing tests in bad-gzip-body.any.js that now
properly reject when consuming bodies with bad gzip content
- Several fetch metadata tests now pass correctly
---------
Signed-off-by: araya <araya@araya.dev>
Parsed and vectorized representations of SVGs in the image cache are
never evicted when SVGs are updated, leading to stale SVGs staying in
the image cache alongside updated ones. This PR:
- adds a stringified uuid field to SVGSVGElement
- adds a map of `SVGSVGElement` uuid to `PendingImageId` in
`ImageCacheImpl`
- adds an optional argument for the uuid to
`ImageCacheImpl::rasterize_vector_image`, which, if provided, removes
any existing parsed svgs associated with the uuid and stores a new entry
of uuid -> `PendingImageId`
- implements `unbind_from_tree` on SVGSVGElement, which clears the
associated images/representations from the image_cache (from
`vector_images`, `rasterized_vector_images`, and `completed_loads`) as
well as from the layout image resolver image cache.
Testing: Each of the following documents should display their (very
flashy) content correctly and memory usage should stay constant
<details>
<summary>Changing SVGSVGElement</summary>
```
<svg height="100" width="100" xmlns="http://www.w3.org/2000/svg">
<circle id="c" r="1" cx="50" cy="50" fill="red" />
</svg>
<script>
let c = document.querySelector("#c");
let r = 1;
setInterval(() => {
r += 1;
c.setAttribute("r", r.toString());
let tmp = document.createTextNode("ignored");
c.parentNode.appendChild(tmp);
tmp.remove();
}, 100);
</script>
```
</details>
<details>
<summary>Unbinding SVGSVGElements</summary>
```
<div id="parent_div">
<svg id="test" height="100" width="100" xmlns="http://www.w3.org/2000/svg">
<circle id="c" r="10" cx="50" cy="50" fill="red" />
</svg>
</div>
<script>
let div = document.querySelector("#parent_div");
let svg_html_string = div.innerHTML;
let svg = document.querySelector("#test");
let r = 10;
setInterval(() => {
svg.remove();
div.innerHTML = svg_html_string;
svg = document.querySelector("#test");
let circle = document.querySelector("#c");
r += 1;
circle.setAttribute("r", r.toString());
}, 100);
</script>
```
</details>
<details>
<summary>Unbinding SVGSVGElements (and rebinding the same SVG)</summary>
This didn't work until I also evicted the associated image from the
layout image resolver image cache and the image cache's
`completed_loads` on SVGSVGElement unbind, so it seems like a useful, if
a bit redundant, test.
```
<div id="parent_div">
<svg id="test" height="100" width="100" xmlns="http://www.w3.org/2000/svg">
<circle id="c" r="10" cx="50" cy="50" fill="red" />
</svg>
</div>
<script>
let div = document.querySelector("#parent_div");
let svg_html_string = div.innerHTML;
let svg = document.querySelector("#test");
let r = 10;
setInterval(() => {
svg.remove();
div.innerHTML = svg_html_string;
svg = document.querySelector("#test");
}, 100);
</script>
```
</details>
Fixes: #41070
---------
Signed-off-by: Tom Cummings <cummings.t287@gmail.com>
Regardless of the `Ok` status, we should always create a
stylesheet. However, the determining of the load/error event
is based on whether it has parsed actual content or not.
It also realigns some of the spec text to now only do it for link
elements, since for styles we shouldn't be checking the result of
the content type.
Part of #22715
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
This change finishes the big rename associated with the old
`compositing` crates. Long ago, these crates managed a compositor, like
you might find in a traditional web engine. These days, compositing is
done in WebRender so the name has stopped making much sense. Various
structs inside the crates have already been renamed and this is the
final big change necessary for the rename
Testing: This is just a rename so existing tests should cover it.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Retrieving the origin from the document's URL means the wrong origin can
be returned for documents like about:blank or about:srcdoc.
Testing: Newly-passing test involving a srcdoc and blob.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This updates the existing algorithm to handle three
cases rather than the previous two. The spec was updated
afterwards and wasn't reflected in the code yet.
The usage of `response.redirect_taint` is in [1],
but we don't implement that quite right either. However,
postponing that to a future PR to keep things manageable.
Part of #41807
[1]: https://fetch.spec.whatwg.org/#fetch-finale
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This implements GenericReceiverSet similar to IpcReceiverSet. This
allows us to wait on a group of channels.
IpcReceiverSet was allowed to use IpcReceivers of different type, i.e.,
`IpcReceiver<Foo>` and `IpcReceiver<Bar>` in the same select query. This
changes with GenericReceiverSet to only allow one type, i.e.,
`GenericReceiver<Foo>`. As this functionality was only used in the
CoreResourceThread, we changed the setup slightly for the memory
reporter.
With this we also change the implementation of CoreResourceThread to now
use the GenericReceiverSet.
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Testing: New testcases were added to GenericReceiverSet and browsing
works normally.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
Rather than this catch-all (which I copy-pasted from a usage where I
should have introduced a specific enum value), we now should always use
one of the enum values. If one does not exist, then it should be added
as such.
Follow-up for #36434
Testing: it builds
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
These keep-alive records live on the `CoreResourceManager` since the vec
of records must be modified by the fetch thread. The script thread
sometimes
requires this information as well, which is why it can send a message to
obtain the total size.
The keep-alive records must be tracked per global. That's why all code
needs
to specify the `pipeline_id`. Requests optionally have this field, which
is why
the code expects it to be present. The relevant information is added to
the
navigator request to ensure it can compute it.
Fixes#41230
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Introduce initial support for site-scoped data clearing by enabling
removal of
cookies for a given set of sites.
The API clears cookies across both public and private browsing contexts,
and is
gated by the `StorageType` bitflags. At this stage only the `Cookies`
category
is supported. Support for additional storage types (such as localStorage
and
sessionStorage) will be added in a follow-up.
Testing: A new integration test has been added.
Signed-off-by: Jan Varga <jvarga@igalia.com>
This implements waiting for pending preloads, where the preload request
is still fetching the result when the second "real" request is started.
It is
implemented by storing responses in the `SharedPreloadedResources`
which is communicated via `PreloadId` send to the `CoreResourceManager`.
Part of #35035
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
add `is_permanent_failure` method in `NetworkError` and call it from the
`EventSource` instead of the current match against the url's scheme
Testing: `./mach test-wpt tests/wpt/tests/eventsource`
Fixes: #41634
---------
Signed-off-by: WaterWhisperer <waterwhisperer24@qq.com>
Changed most #[allow]s to #[expect]s, mainly for
clippy::too_many_arguments
Removed unfulfilled expectations
This is my first opensource contribution, so please let me know if
anything should
be done differently.
Testing: Refactor
Part of: #40838
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: TimurBora <timurborisov5561@gmail.com>
Co-authored-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
Replace NetworkError::Internal with structured enum variants
- Adds
UnsupportedScheme,CorsViolation,ConnectionFailure,Timeout,RedirectError,InvalidMethod,ResourceError,SecurityBlock,MixedContent,CacheError,InvalidPort,
LocalDirectoryError, variants in NetworkError enum.
- Refactored the usage of NetworkError::Internal(String) to use the
appropriate new variant
Testing: Changes does not require test.
Fixes: https://github.com/servo/servo/issues/36434
---------
Signed-off-by: Uthman Yahaya Baba <uthmanyahayababa@gmail.com>
Signed-off-by: Usman Yahaya Baba <91813795+uthmaniv@users.noreply.github.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Co-authored-by: Tim van der Lippe <tvanderlippe@gmail.com>
In the future, servo components should depend on the generic channels in
base instead of IpcChannels to correctly optimize for multiprocess vs
non-multiprocess mode.
This reexports IpcSharedMemory as GenericSharedMemory in GenericChannel
and changes all dependencies on it.
Currently this is only a type/name change and does not change
functionality. But in the future we would want want to use non-ipc
things for the data.
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Testing: This changes types and does not need testing.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
We now keep track of deferred fetches in globalscope
rather than in document loader. This matches what
the spec expects with its concept of a fetchgroup.
Cancellations are still present in a document loader
and don't match yet all places where we perform fetches.
Therefore, these will leave in document loader for now
until we rearranged the fetch record tracking in the
fetch group (which is a separate field from deferred
fetches).
Fixes#41286
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Add initial support in `NetworkManager` for listing entries currently
stored
in the HTTP cache. Each returned entry is identified by its cache key
(URL).
The necessary support has been added to the net crate to expose cache
entry
information.
Testing: A new integration test has been added.
---------
Signed-off-by: Jan Varga <jvarga@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Extend `SiteDataManager::site_data` to include sites that have cookies
stored by the networking layer.
This aligns cookie handling with the grouping model already used for
localStorage and sessionStorage, allowing embedders to obtain a more
complete
view of site data.
Both public and private browsing contexts are included in the result.
The necessary support has been added to the net crate to expose cookie
site
information.
Testing: The existing integration test has been extended to cover
cookies.
Signed-off-by: Jan Varga <jvarga@igalia.com>
This change replaces a couple calls to `Iterator::fold` with
`Iterator::sum`.
Testing: No tests, this is a small cleanup PR.
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
For all upcoming and already-processed deferred fetches, we now
implement a quota. We don't support policy headers yet to configure the
quota, hence we use the default quota. That's why we have some tests
failing again.
It involves computing which document to compute the quota for, as well
as computing total length of requests. Additionally, the DevTools
computation for headers now uses the same logic for headers as deferred
fetches.
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This PR aligns `ResourceThreads::clear_cache` with the existing
`clear_cookies` function by waiting for a response synchronously.
Testing: Unit tests continue to pass.
Signed-off-by: Jan Varga <jvarga@igalia.com>
This implements the required plumbing for the keep-alive flag on
requests. The flag already exists on the request object, but now also
exists on the builder itself.
The flag is then passed into a canceller. While we could make canceller
optional, in many cases it isn't and would require a whole lot more
changes. To follow the spec more closely, opted to put the keep_alive
flag on the canceller as well.
Note that this doesn't pass any extra fetch-later tests since we are not
correctly unloading iframe documents. That will be fixed in a follow-up
PR.
Part of #41230
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This is the first part of preparation for implementing the keepalive
flag for requests. It requires implementation of the concept of a task
group, which we already sort of have with `DocumentLoader`. Therefore,
we currently already cancel any loads, which should be updated to
ignored kept-alive requests.
However, termination also requires storing of deferred fetches, which
are also kept-alive. Therefore, to distinguish the two, we need to store
them separately as stated with the TODO.
In a follow-up, we can then skip canceling keep-alive requests for both
`navigator.sendBeacon` (which aren't deferred) and `fetchLater` (which
are deferred).
Part of #41230
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
- make `ImageCache::memory_report` return `Vec<Report>` and rename
`memory_report` to `memory_reports`
- update `ImageCacheImpl::memory_report` to return a new Report for the
fontdb member
- add an implementation of `MallocSizeOf` for `fontdb::FaceInfo` which
sums the result of calling malloc_size_of on each of the string/vector
members
- add an implementation of `MallocSizeOf` for `fontdb::Database` which
sums the result of malloc_size_of on each of the faces
Testing: `./mach check` `./mach clippy`
`grep fontdb::Database::load_fonts_from_file untracked | wc -l` results:
2390 -> 545
- before:
<img width="1536" height="108" alt="截图 2025-12-14 13-53-32"
src="https://github.com/user-attachments/assets/422ce9d4-e962-45af-a072-7d1c0c9e80aa"
/>
- now:
<img width="1536" height="108" alt="截图 2025-12-14 13-58-26"
src="https://github.com/user-attachments/assets/363f933d-8ab0-4354-b8ae-89f6de46ca7b"
/>
Fixes: #38730
Signed-off-by: WaterWhisperer <waterwhisperer24@qq.com>
First PR for #40232.
Implement the getSecurityInfo protocol message to allow DevTools clients
to inspect TLS connection details for HTTPS requests, including:
- Protocol version (TLS 1.2/1.3)
- Cipher suite
- Key exchange group
- ALPN protocol
- HSTS and ECH status
- Security state
Security state is simplified (secure/insecure only) and certificate
details are stubbed out; both will be completed in follow-up work.
Signed-off-by: jiang1997 <jieke@live.cn>
Use the algorithms introduced in #41109 in more places.
Follow more closely the spec when executing classic scripts, introducing
the concepts of rethrowing and muting errors.
Muting errors is not actually implemented, and will be done in a
followup.
Testing: More tests start passing
Fixes#34199Fixes#27260Fixes#15188
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
For a long time, the "Compositor" hasn't done any compositing. This is
handled by WebRender. In addition the "Compositor" does many other
tasks. This change renames `IOCompositor` to `Paint`.
`Paint` is Servo's paint subsystem and contains multiple `Painter`s.
This change does not rename the crate; that will be done in a
followup change.
Testing: This just renames types and updates comments, so no new tests
are necessary.
---------
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This implements a dummy `mailto:` protocol handler in
Servoshell. It registers a new custom handler that
fetches content by substituting the registered url
for the protocol handler.
This does not pass any WPT tests, as that requires
using the `document.protocol_handler_automation_mode`
which will be part of a follow-up PR.
Part of #40615
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Servo can now use a http proxy to connect to the internet. This
currently only supports using all connections through the proxy.
This uses the already used hyper_util crate which had the functionality
in it already.
We also switch from tower_service to tower with only util feature flag.
This might increase the binary size slightly.
Testing: Tested on a local machine which is behind a proxy with and
without the flag and it works correctly.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Currently starting a script `EventLoop` depends on sending data about
the initial `Pipeline`. This change breaks this dependency. The goal
here is to:
1. Allow `ScriptThread`s to be shared between `WebView`s. This will
allow more flexiblity with the way that `ScriptThread`s are created,
which should allow us to perserve system resources by allowing them
to be shared between `WebView`s. With this change, we can do away
with the `InitialPipelineState` entirely, which was gather
information necessary for both a new `EventLoop` and a new
`Pipeline`. We no longer have to do many clones when reusing an
existing even loop.
1. Simplify the way that `EventLoop`s and `Pipeline`s are spawned. Now
`Pipeline`s are spawned in the same way no matter what.
Now the general order of operations when starting a pipeline is:
1. Get or create an event loop for the pipeline:
- If the event loop needs to be spawn, spawned it in a new thread or
process.
2. Send the spawn pipeline message to the event loop (kept alive via an
`Rc`.
Testing: This should not change behavior in a way that is observable, so
should
be covered by existing tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
To ensure that tests that modify cookies but don't finish cleanly don't
leave cookie values that interfere with subsequent tests, we need to
clear the cookie storage in between each test that's run.
Testing: Can't test the test runner, just have to watch the patterns in
our test runs.
Fixes: #40668Fixes: #40672Fixes: #40673Fixes: #40674Fixes: #40695Fixes: #40697
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This change is a rework of #22478, originally authored by @vimpunk.
It adds parsing of CSS in parallel with the main script thread. The
big idea here is that when the transfer of stylesheet bytes is
finished, the actual parsing is pushed to a worker thread from the Stylo
thread pool. This also applies for subsequent loads triggered by
`@import` statements.
The design is quite similar to the previous PR with a few significant
changes:
- Error handling works properly. The `CSSErrorReporter` is a crossbeam
`Sender` and a `PipelineId` so it can be trivially cloned and sent to
the worker thread.
- Generation checking is done both before and after parsing, in order
to both remove the race condition and avoid extra work when the
generations do not match.
- The design is reworked a bit to avoid code duplication, dropping added
lines from 345 to 160.
- Now that `process_response_eof` gives up ownership to the
`FetchResponseListener`, this change avoids all extra copies.
Testing: This shouldn't change observable behavior, so is covered
by existing tests.
Fixes: #20721Closes: #22478
---------
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: mandreyel <mandreyel@protonmail.com>
The two are semantically equivalent, but `find_map` is more concise.
Testing: Covered by existing tests
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Adds a wrapper type for vectors that can contain large response bodies
to prevent flooding debug logs with the contents of those bodies.
Testing: Can't test debug log output.
Fixes: #37769
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
RasterImage is now not seralizeable and backed by Vec<u8> storage. Add a
new struct `SharedRasterImage` that allows serializeing. This can be
constructed from RasterImage. This introduces some more copying but I
think the tradeoff is ok. Newly introduced copies are for favicon
response to the embedder and EmbedderNotifications.
Testing: Should not change functionality, so covered by existing tests.
Fixes: https://github.com/servo/servo/issues/39626 and related issues.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
`FetchReponseListener` has traditionally lived in `net` even though it
is only used in `script` currently. Because of the two way dependency,
it has also use a lot of templating to implement something pretty basic
(call methods on a trait object).
This change moves the trait to `script` and removes several levels of
templating, making the code quite a bit shorter and easier to
understand.
This change is preparation for fixing #22550 and implementing
off-the-main-thread CSS parsing.
Testing: This should not change any behavior so is covered by existing
tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Previously, the `ImageCache` would inform consumers of changes to image
availability by messaging an IPC channel. This isn't great, because it
requires serialization and deserialization. Nowadays, `ImageCache`s are
always owned by the same `Global` that uses them. This change replaces
the IPC channel with callback that implements `Send`.
For the case of normal HTML document images, the results are still sent
over the pre-existing Crossbeam channel that was connected via an IPC
route. A followup change might eliminate that channel entirely.
Testing: This should not change observable behavior so is covered by
existing tests.
Fixes: #24338.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
