Within the same tree, only one `<details>` element with the same name
may be open at a time. Before this change, this invariant was not
enforced.
I've added a `HashMap` to `Document` and `ShadowRoot` which maps from a
name to the a list of details elements with the same name. This map
allows us to find conflicting details elements without having to
traverse the whole tree. Of course this only works when the tree is a
document tree or a shadow tree, so we still have to fall back to
`traverse_preorder` in some cases (which I believe to be uncommon).
This is ready for review, but I'd like to wait until
https://github.com/servo/servo/pull/40271 is merged to not cause
unnecessary merge conflicts.
Testing: New web platform tests start to pass
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This PR integrates showing context menus into the
`WebViewDelegate::show_embedder_control` API. In addition,
`ContextMenuItem` and `ContextMenuAction` data types are exposed which
abstract away the different components of the context menu. Later
changes will implement this API for servoshell as well as add
element-specific actions such as "Select All" and "Copy Image URL".
Testing: This change adds a WebView API test.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
Start adding X25519 support to WebCrypto API. This patch implements
import key operation of X25519, using X25519 implementation from the
crate `x25519-dalek`.
Testing:
- Pass some WPT tests that were expected to fail.
- Some FAIL expectations are added. They require other
not-yet-implemented operations of X25519. WPT skipped them when "import
key" operation for X25519 were not yet implemented.
Fixes: Part of #39060
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
This removes some unneeded lints, especially `#[allow(unsafe_code)]`.
Testing: Refactor
Part of: #40383
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
- Reduces unnecessary type conversion between `ServoUrl`, `Url`, string
slice
- Share `WebDriverCommandMsg::LoadUrl` handler across platform
Testing: Covered by existing test. Manually tested for OHOS.
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
This change makes it so that the `HTMLCanvasElement` is responsible for
managing the `ImageKey` for associated `RenderingContext`s. Only
canvases display their contents into WebRender directly, so this makes
it so that keys are not generated for `OffscreenCanvas`.
The main goal here is that `ImageKey`s are always associated with a
particular `WebView`, which isn't possible in the various canvas
backends yet. This is important because each `WebView` may soon have a
different WebRender instance entirely with its own set of `ImageKey`s.
This also allows for clearing `ImageKey`s when canvases are disconnected
from the DOM in a future change. One tricky thing here is placeholder
canvases, which are meant to be driven from workers.
It seems that the implementation isn't correct for these at the moment
as they need to be updated to the specification. Instead, what is
happening is that any existing context / image is completely lost when
converting to an `OffscreenCanvas`.
Testing: This shouldn't change observable behavior, so is covered by
existing tests.
Fixes: This is part of #40261.
---------
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
Every `ImageCache` should be assigned a `Pipeline` and a `WebView`, so
that it knows what WebRender instance to create image keys in. This
change accomplishes that by splitting the `ImageCache` trait into
`ImageCache` and `ImageCacheFactory`. There should only be one
`ImageCacheFactory` per process.
Testing: This should not change observable behavior and is thus covered
by
existing tests.
Fixes: This is part of #40261.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
It's taking longer than expected to implement credential management
fully, so I've decided to start branching individual PRs out. This just
implements some basic scaffolding functions.
Testing: Passes a WPT test
Fixes: Partially #38788
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
This implements efficient methods for as_bytes, eq_ascii, is_ascii and
to_jsval.
Tests were added for as_bytes. Additionally, BytesView now has an
internal type to make sure nobody can construct it.
Testing: New unit tests were added and some old ones covered the new
functions.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
These changes implement the restrictions for content rects required by
the ResizeObserver specification: inline boxes must return empty rects,
and any transforms must be ignored.
Testing: Newly passing tests.
Fixes: #40259Fixes: #40258
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Remove the microtask queue from `GlobalScope`. The queue is moved inside
worker global scopes, while for window globals the script thread's queue
is accessed.
Testing: Covered by existing tests
Fixes: #20908
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
The `SubtleCrypto` interface of WebCrypto API needs to encode and decode
keys in base64 alphabets when exporting/importing keys in JsonWebKey
format.
We currently use the `base64` crate to handle base64 encoding and
decoding. This patch switches to use the `base64ct` crate, which is a
constant-time implementation of base64 alphabets.
Using constant-time implementation to handle base64 encoding and
decoding of cryptographic secret provides a better protection against
time-based sidechannel attack.
Remarks: The multi-line changes in `ecdh_operation.rs` are mostly caused
by `./mach fmt`.
Testing: Refactoring. Existing tests suffice.
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Prevent the running of the iframe load event steps for the initial
about:blank document. Part of
https://github.com/servo/servo/issues/31973
Testing:
/html/browsers/browsing-the-web/navigating-across-documents/initial-empty-document/iframe-nosrc.html
Fixes: It is expected that the intermittent issue of 34819 will go away,
but I will leave it open so we can close it when we realize it isn't
being mentioned by PR's anymore.
https://github.com/servo/servo/issues/34819
---------
Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
When resize observations are skipped, they get delayed until the next
turn of the event loop. In headless tests, we're not guaranteed that
this next turn occurs in time, unless some other event happens to run.
This leads to intermittent results unless we ensure that the event loop
will run again.
Testing: Newly passing test.
Fixes: #33599
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This change fixes the Servo-specific FileAPI tests which need the
special `SelectFiles` API. In addition, file selection is now totally
asynchronous, so update the tests to handle this.
Testing: This change fixes some tests.
Fixes: #40348.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
script: add `CanGc` as argument to
`VirtualMethods.post_connection_steps`
Testing: These changes do not require tests because they are a refactor.
Addresses part of https://github.com/servo/servo/issues/34573
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
Servo has a lot of comments like this:
```rust
// https://example-spec.com/#do-the-thing
fn do_the_thing() {}
```
and I keep turning these into doc comments whenever I'm working close to
one of them. Doing so allows me to hover over a function call in an IDE
and open its specification without having to jump to the function
definition first. This change fixes all of these comments at once.
This was done using `find components -name '*.rs' -exec perl -i -0777
-pe 's|^([ \t]*)// (https?://.*)\n\1(fn )|\1/// <$2>\n\1$3|mg' {} +`.
Note that these comments should be doc comments even within trait `impl`
blocks, because rustdoc will use them as fallback documentation when the
method definition on the trait does not have documentation.
Testing: Comments only, no testing required
Preparation for https://github.com/servo/servo/pull/39552
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
script: add CanGc as argument to VirtualMethods::children_changed
Testing: These changes do not require tests because they are a refactor.
Addresses part of https://github.com/servo/servo/issues/34573
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
Fixes the getters for `formMethod` on `<input>` and `<button>` elements
providing a missing value default when they shouldn't.
Testing: 2 new passing tests in `html/dom/reflection-forms.html`.
Fixes: #8302. (`formEnctype` seems to have already been fixed since that
issue was filed.)
---------
Signed-off-by: lumiscosity <averyrudelphe@gmail.com>
We were not following the specification for computing the values of the
content rect. Additionally, any non-content-box observer would get
confused because we never stored the correct size, leading to infinite
notifications when the latest size didn't match the last observed size.
Testing: Various tests now pass.
Fixes: #32549Fixes: #40107
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Continue on adding ECDH support to WebCrypto API. This patch implements
generate key operation of ECDH.
Testing:
- Pass some WPT tests that were expected to fail.
- Some FAIL expectations are added. They require not-yet-implemented
"derive bits" operation of ECDH. WPT skipped them when "generate key"
operation for ECDH were not yet implemented.
Fixes: Part of #39060
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Canvas expects input data to be in RGBA premultiplied format and
WebRender already supports RGBA and BGRA data as long as they are
premultiplied. Pre-multiplying up front allows:
- Avoiding many conversions when painting images to canvas.
- Passing the `RasterImage` IpcSharedMemory of the image instead of
creating
a new one with the premultiplied data every time we upload to
WebRender. This is a big deal for animated gifs, because before every
frame was creating a new shared memory segment.
It seems that for rasterized SVGs were were already putting
premultplied data into the `RasterImage` so it's quite likely SVGs were
being composited incorrectly.
Testing: This causes 8 tests to start passing and 2 tests to fail in the
WebGL conformance suite.
The failures are due to the fact that premultiplying alpha is lossy when
alpha is 0. In that case,
the resulting color of a blend operation might be wrong. This is
typically only a problem if you
use RGBA data as RGB data, which is pretty unusual. In the case that you
are blending with
RGBA the final color values will be 0 or close to 0 anyway. Gecko solves
this issue by having a
cacheable surface generation API that can fetch both premulitplied and
unpremulitplied data
from things like image elements. We do not have that yet, but I argue
that this change
is important anyway due to the amount that it reduces memory and file
descriptor usage
as well as the cost of copying image data so much in memory.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Steps for calculating LCP:
1. When the pref for `largest_contentful_paint_enabled` is enabled,
`LargestContentfulPaintCandidateCollector` is created once per
LayoutThread using `viewport_size`.
2. While building the `display_list`, it send the pre-calculated
`clip_rect` and `bounds` to `LCPCollector` along with `transform` and
`LCPCandidateType` for `visual_rect` calculation for `LCPCandidates`.
3. After `visual_rect` calculation, update the `lcp_candidate` based on
`area` of `visual_rect` and send it to `compositor`.
4. Then among `lcp_candidates`, we find out the
`largest_contentful_paint` and send it to `paint_metric`
5. In addition to above `LCP` also uses `PaintMetricState` to save
console from spamming with duplicate entries.
This PR includes following commits better segregation of code
1. Add `LargestContentfulPaintCandidate` struct
2. Add `LargestContentfulPaintCandidateCollector`
6. Collect the `LargestContentfulPaintCandidates`when feature is
enabled.
7. Send the `LargestContentfulPaintCandidates` to compositor
8. Add `LargestContentfulPaintCalculator`
9. Calculates the `LargestContentfulPaint`
10. Send `LCP` to `PaintMetrics`
11. Disable `LCP` feature on user interaction
Elements considered for LCP in this PR:
- Image element
- An element with background image
Reference: https://github.com/servo/servo/pull/38041
Testing: Tested using
[perf-analysis-tools](https://github.com/servo/perf-analysis-tools) See
attached screenshot.
Fixes: None
Perfetto
<img width="2566" height="1151" alt="Screenshot from 2025-10-16
11-37-41"
src="https://github.com/user-attachments/assets/96e4f933-b39c-4ac7-833c-46dcc0c1671e"
/>
Console Output of Metric
<img width="1784" height="282" alt="Screenshot from 2025-10-16 11-33-16"
src="https://github.com/user-attachments/assets/441746a5-92ae-47c6-9022-f49114f23a2d"
/>
---------
Signed-off-by: Shubham Gupta <shubham.gupta@chromium.org>
Co-authored-by: boluochoufeng <1355990831@qq.com>
Continue on adding ECDH support to WebCrypto WPI. This patch implements
export key operation of ECDH.
Testing:
- Pass some WPT tests that were expected to fail.
- Some FAIL expectations are added. They require not-yet-implemented
"derive bits" operation of ECDH. WPT skipped them when "export key"
operation for ECDH were not yet implemented.
Fixes: Part of #39060
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
These two functions no longer use unsafe code. The annotation
`#[allow(unsafe_code)]` can be removed.
Testing: Refactoring. Existing tests suffice.
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Each shadow root holds a map of slot names to slot elements. Slot
elements dynamically register and unregister themselves at their
respective shadow root when they are bound and unbound from the tree.
Previously, they were doing this too often. When a slot element is
unbound from the tree then it might still be connected to its shadow
root, in case the entire shadow tree is being unbound.
Fixing this requires the slot element to know whether it was in a shadow
tree prior to `bind_to_tree` being called (then it's already registered
and doesn't need to do so again), and whether it will be in a shadow
tree after `unbind_from_tree` is called (then there's no need to
unregister).
Testing: This change adds a new web platform test
Fixes: https://github.com/servo/servo/issues/40242
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Implement import key operation for ECDH, using cryptographic calculation
implementation from the crates `p256`, `p384` and `p521`.
Testing:
- Pass some WPT tests that were expected to fail.
- Some FAIL expectations are added. They are related to the
not-yet-implemented "derive bits" operation of ECDH. WPT skipped them
when "import key" operation for ECDH were not yet implemented.
Fixes: Part of #39060
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
ResizeObservers are supposed to have an initial 0x0 notification for
targets that don't have a CSS layout box, but our default values were
interfering with that.
Testing: New passing tests.
Fixes: part of #31182
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Moves interfaces defined by the performance spec to the
`script/dom/performance/` module from `script/dom/`.
Testing: Just a refactor shouldn't need any testing
Fixes: Partially #38901
Signed-off-by: WaterWhisperer <waterwhisperer24@qq.com>
This is part of a series of changes to unify the different APIs we have
currently for requesting the embedder to display UI elements.
This patch doesn't change how the script requests the dialogs to be
displayed, it only switches the webview delegate method that gets
invoked in response to the request from script. The change also adds an
`EmbedderControlId` field to the simple dialogs, but these are not
currently used. They exist only to satify the calls to `id()` method of
the `EmbedderControl` enum.
Testing: Added new unit tests to validate that the dialogs are
displayed.
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
We never cleared the containing shadowRoot when unbinding
a node, which meant that slots wouldn't update their
slottables.
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implement `Document.parseHTMLUnsafe`
Testing: Covered by existing WPTs, expectations have been updated.
Fixes: #40245
---------
Signed-off-by: Luke Warlow <lwarlow@igalia.com>
Moves interfaces defined by the CSS spec to the `script/dom/css/` module
from `script/dom/`.
Testing: Just a refactor shouldn't need any testing
Fixes: Partially #38901
Signed-off-by: WaterWhisperer <waterwhisperer24@qq.com>
The patch implements Compression (https://compression.spec.whatwg.org/)
with the compression and decompression provided by the `flate2` crate
(https://crates.io/crates/flate2).
`flate2` supports several different backends, controlled through the
crate's features. By default, it uses `miniz_oxide`
(https://crates.io/crates/miniz_oxide).
`flate2` provides three modules `read`, `write` and `bufread` which work
on instances of the `std::io::Read`, `std::io::Write` and
`std::io::Bufread` traits, respectively. The `write` module is chosen in
the patch since it matches the streaming model in the specification.
Testing: Enable WPT for Compression API, and introduce WPT expectation.
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
I always thought that exceptions thrown in namespace resolver callbacks
should be propagated to the call site of `document.evaluate`.
That is not the case - the exception is silently swallowed and you get a
namespace error, the same as if the callback had returned any other
invalid value.
Testing: New web platform tests start to pass
Fixes https://github.com/servo/servo/issues/39931
Part of #34527
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This patch adds the cryptographic algorithm Ed25519 support to
`SubtleCrypto` interface, covering the "sign", "verify", "generateKey",
"importKey" and "exportKey" operations.
One may notice that the following related WPT tests do not pass in this
patch. They are caused by the unimplemented Step 2 and 3 of the "verify"
operation (https://w3c.github.io/webcrypto/#ed25519-operations-verify)
of Ed25519, which check whether the key represents an invalid point or a
small-order element on the Elliptic Curve of Ed25519.
```plaintext
[Ed25519 Verification checks with small-order key of order - Test 0]
[Ed25519 Verification checks with small-order key of order - Test 1]
[Ed25519 Verification checks with small-order key of order - Test 2]
[Ed25519 Verification checks with small-order key of order - Test 12]
[Ed25519 Verification checks with small-order key of order - Test 13]
```
The specification mentions that not all implementation perform this
check. There is also a discussion on it at specification level
(https://github.com/WICG/webcrypto-secure-curves/issues/27). As of
today, Chrome, Edge, Firefox and Safari do not implement it, and do not
pass those tests [1]. Meanwhile, the `aws-lc-rs` crate does not provide
relevant code. We may leave it unimplemented for now, and decide what to
do later.
[1]
https://wpt.fyi/results/WebCryptoAPI/sign_verify/eddsa_small_order_points.https.any.html?run_id=4820942170882048&run_id=6289205228732416&run_id=5178672043786240&run_id=5113794717286400
Testing: Pass WPT tests that were expected to fail.
Fixes: Part of #39060
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Moves interfaces defined by the SVG spec to the `script/dom/svg/` module
from `script/dom/`.
Testing: Just a refactor shouldn't need any testing
Fixes: Partially #38901
Signed-off-by: WaterWhisperer <waterwhisperer24@qq.com>
When changing the 'volume' attribute of media element, should also call
`set_volume()` api of underlying player if it is valid value.
Testing: No Test is required, as this should not affect any WPT Test
Fixes: N/A
---------
Signed-off-by: rayguo17 <rayguo17@gmail.com>
Signed-off-by: TIN TUN AUNG <62133983+rayguo17@users.noreply.github.com>
Co-authored-by: Euclid Ye <yezhizhenjiakang@gmail.com>
The current message mentions XML namespaces, which doesn't always make
sense because namespace errors are not necessarily related to xml.
Firefox uses
> An attempt was made to create or change an object in a way which is
incorrect with regard to namespaces
which is phrased much more defensively.
I've used
> The operation is incorrect with regard to namespaces.
here because that matches the style of other existing messages better.
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
When we are unbinding a slot from the tree then "assign slottables for a
tree" is called with the slot, which unassigns all slottables that are
no longer in the slot. Without this change the slot would keep its
assigned slottables.
cc @TimvdLippe
Testing: New web platform tests start to pass
Fixes https://github.com/servo/servo/issues/35188
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
rename `WorkerGlobalScope.get_worker_id` to
`WorkerGlobalScope.worker_id`
Testing: This is a simple rename. No testing is necessary, since
compiler will complain if something is wrong.
Context: In
https://github.com/servo/servo/pull/40156#discussion_r2462627713 I
received feedback to use Rust getter name
[convention](https://rust-lang.github.io/api-guidelines/naming.html#getter-names-follow-rust-convention-c-getter)
and avoid adding `get_` methods. I initially chose `get_worker_name()`
to match existing `get_worker_id()` below it. Overall I think it does
make sense to rename `get_worker_id()` to `worker_id()`.
`WorkerGlobalScope` has 2 more methods that start with `get_`:
`get_cx(&self) -> JSContext` and `get_url`. `get_url` has a
corresponding `set_url` as well in the same file. I am not sure if folks
prefer to have those renamed as well or not, so I left those out of this
PR, and instead started a discussion in a separate
[issue](https://github.com/servo/servo/issues/40192) to figure out a
consistent policy on Rust getter name convention in Servo codebase.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
