Add the Storage Standard WebIDL for NavigatorStorage and StorageManager,
wire navigator.storage on Window and Worker, and implement persisted(),
persist(), and estimate().
Testing: covered by WP test.
part of #39100fixes#39101
---------
Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
Bumps orbclient from 0.3.51 to 0.3.53.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [atomic_refcell](https://github.com/mozilla/atomic_refcell) from
0.1.13 to 0.1.14.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/mozilla/atomic_refcell/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The tex-3d-size-limit.html test verifies that TexImage3D errors out with
gl.INVALID_VALUE if the width / height / depth parameters are greater
than gl.MAX_3D_TEXTURE_SIZE / 2 ** level, in accordance with the mipmap
levels definition.
This patch adds this checks, and fixes a s/depth/level/ typo, and should
stabilize tex-3d-size-limit.html: all its sub-tests will succeed until
the first call to (not implemented) TexSubImage3D, that will end the
test.
It's still possible for the test to fail on environments where
gl.MAX_3D_TEXTURE_SIZE is not 8192 (because the numbering of tests will
be different), and this will have to be until we make all sub-tests
pass, i.e. TexSubImage3D is implemented.
Testing: A bunch of expected failures are removed.
Fixes: https://github.com/servo/servo/issues/44280
Signed-off-by: Simon Martin <simon@nasilyan.com>
Switch the remaining `SafeJSContext` usages to `&mut JSContext` inside
script_module.rs
Testing: It compiles.
Part of #40600
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
Several times, we first need to capture the relevant nodes, perform a
step and then iterate over the nodes. Previously, we would iterate over
it, but the iterator could have moved, hence we would jump over some
nodes.
Instead, capture these beforehand and then iterate over them.
Also fixes the issue where text-decoration wasn't properly checked,
since its a shorthand for 3 longhands. And a PropertyDeclarationBlock
only has longhands.
The two regressions are for tests that now generate the correct HTML,
but their ranges are incorrectly moved from the `a` to the `b`. I went
through the relevant algorithms and didn't spot the mistake. To keep on
making babysteps towards a full implementation, I will tackle these in a
follow-up. These algorithms are already difficult enough to reason
about.
Part of #25005
Testing: WPT
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This replaces dead firefox-source-docs.mozilla.org links in debugger.js
Testing: Not relevant for comments
Fixes: No issue
Signed-off-by: Freya Arbjerg <git@arbjerg.dev>
Helps with: https://github.com/servo/servo/issues/38776. Reduces total
Servo crate count by 7 (977 -> 970).
This PR simply:
- Disables the `server` feature in the `webdriver` crate
- Vendors the implementation of the server from the `webdriver` crate
- Updates dependencies + fixes code to work with new versions
Unfortunately `webdriver` depends on `http` even with the `server`
feature disabled, so we still end up with duplicate versions of `http`.
But at least the duplicate `hyper` is eliminated. Future work could
change the implementation to e.g. move away from `warp` or similar.
Testing: WPT tests use webdriver, so this should be exercised heavily by
those tests.
---------
Signed-off-by: Nico Burns <nico@nicoburns.com>
This brings up to date with the specification for declarative shadow
roots: https://github.com/whatwg/html/pull/12267.
The `shadowrootslotassignment` attribute on `<template>` elements
specifies the slot assignment mode used by the declarative shadow root
created by the template.
Testing: New tests start to pass
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Since 5634eab8cc, tex-3d-size-limit.html is not crashing anymore, and
even though I updated the test expectations and the test is consistently
passing locally at that commit, it's now failing some tests that should
have failed since the beginning (since there's no associated check in
the code).
I'm not sure why things seem to work with the previous test expectations
update and will follow-up, but in the meanwhile let's update them.
With this, things seem to be pretty good:
```
$ ./mach test-wpt --dev tests/wpt/webgl/tests/conformance2/textures/misc/tex-3d-size-limit.html --repeat 1000 [...]
web-platform-test
~~~~~~~~~~~~~~~~~
Ran 92000 checks (91000 subtests, 1000 tests)
Expected results: 92000
Unexpected results: 0
OK
```
Testing: Test seems to pass consistently with the updated expectations.
Fixes: https://github.com/servo/servo/issues/44280
Signed-off-by: Simon Martin <simon@nasilyan.com>
Our choice is to either override the user's locale or updated the
expected result to depend on the locale. Updating the expectation seemed
easier.
Testing: Unit tests pass locally, but CI runs with the en-US locale so
there's no observable difference.
Fixes: #43069
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Automated downstream sync of changes from upstream as of 19-04-2026
[no-wpt-sync]
Signed-off-by: WPT Sync Bot <ghbot+wpt-sync@servo.org>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
These dates were chosen 10 years ago, which I'm sure felt like a
reasonably far-future date for a very young web engine. Surprise! We're
still here, so we can be more bold this time.
Testing: Unit tests stop failing.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Use the full IP address as the cookie storage bucket key instead of
passing IP hosts through the public suffix registrable-domain helper.
This prevents unrelated IP hosts that share suffix-like address segments
from sharing a per-host eviction bucket.
Testing: Added `test_ip_cookie_bucket_collision_eviction`; ran `cargo
test -p servo-net --test main test_ip_cookie_bucket_collision_eviction
--locked`.
Fixes: #44097
---------
Signed-off-by: Asish Kumar <officialasishkumar@gmail.com>
This makes further steps to generate the correct HTML. Some tests now
have more appropriate HTML, but are not fully passing yet as they
require more fixes. I also missed the fact that there is actually an
algorithm to set the tag name, which I thought didn't exist. Therefore,
also correctly implement that.
Part of #25005
Testing: WPT
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
Previously, when the `Document` element was removed, no further display
list updates would be sent to paint. This change makes it so that when
the `Document` element is removed a single new empty display list is
sent.
Testing: This change adds a new WPT test .
Fixes: #44101
---------
Signed-off-by: Rover track <rishan.pgowda@gmail.com>
Drop the `ModuleOwner` logic in favour of closures passed down by the
script fetching initiator.
When processing inline module scripts a task in now queued on the
networking task source. Since `Rc<ModuleTree>` is not `Send`, a `result`
field is now introduced to `HTMLScriptElement`, which is initialized
before queueing the task.
This slightly improves `inline-async-inserted-execorder.html`, which now
fails at the fourth assertion instead of stopping at the second one (the
inline module script with no dependencies still resolves after the one
that has a parse error).
Testing: Covered by existing tests.
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
Previously absolutely positioned direct children of a CSS Grid had their
position (relative to their parent) hardcoded to (0, 0). This PR changes
that to correctly propagate the position computed by Taffy.
Testing: WPT tests.
---------
Signed-off-by: Nico Burns <nico@nicoburns.com>
This introduces a mechanism that let script threads register and
unregister themselves from receiving messages from the constellation.
This is useful when only globals with event listeners or callbacks will
process some message types.
The first migrated API is the webstorage 'storage' event. This patch
ensures that we only send IPC to same origin globals that have an event
handler set.
While we use it for an event here, this is also usable for DOM callbacks
such as the ones used in the Geolocation API.
Testing: optimization with no tests regression:
https://github.com/webbeef/servo/actions/runs/22880845745
---------
Signed-off-by: webbeef <me@webbeef.org>
I wanted to follow up to #43987, but don't know how to proceed
meaningfully :(
- Reduce visibility
- Add TODO for `Response::url`. This should be removed and determined by
`url_list` instead.
- Fix some spec link
Testing: Nothing should change as no code change.
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
Instead of walking the entire fragment tree to find nodes for which
animations and image animations need to be cancelled, this change moves
that logic to `script`. Now, for each animating node the animation
managers will explicitly ask `layout` if the node is being rendered (or
delegating rendering in the case of CSS animations and transitions).
The main goal here is a performance improvement, elimating roughly 1% of
layout time from the profiler when running the
`flexbox-deeply-nested-column-flow.html` test case. This will almost
certainly be an even better improvement on more complex pages as we are
no longer doing things once per fragment tree entry, but once per
animating node.
There is also a subtle behavior improvement here. Before nodes with
`display: contents` had their animations canceled, but now they are not.
For instance, this test case now works properly:
```html
<!DOCTYPE html>
<style>
@keyframes anim {
from { color: cyan }
to { color: magenta }
}
div {
display: contents;
animation: anim 1s infinite alternate linear;
}
</style>
```
The new layout query will additionally be useful for other parts of
script that need to answer the same "being rendered" or "delegates
rendering to children" question.
Testing: This change adds a new test and gets one more subtest passing.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This removes some complains that clippy will have in 1.95.
As this is mostly just match guards, it doesn't update MSRV.
Testing: This is equivalent exchanges, so current WPT would find
anything.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Support applications to get cookies asynchronously from embedder.
Testing:
`servo/components/servo/tests/site_data_manager.rs::test_get_cookie_async`
---------
Signed-off-by: batu_hoang <longvatrong111@gmail.com>
This PR refactors parts of the net crate with one minor functional
change.
Most of the main functions in the net crate are quite long and rather
unwieldly. This PR tries to help make them more understandable.
- Split parts of obtain_response to have the Router callback setup in
another function.
- Move functions related to devtools into another file.
- Add some servo_tracing.
- http_network_or_cache_fetch has another function for append_cache_data
to headers.
- One functional change: previously in obtain_response, we used the
encoded_url via copies and multiple replace calls. We now use the
percent_encode crate which is already included in
content_security_policy to do this a bit more efficiently. In practice
the compiler probably fixed the multiple copies but this is more
straightforward. The output should be identical.
Testing: As this is mostly a refactor compilation is the test. The
percent_encode change is tested in multiple unit tests.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
The generated HTML was setting `text-decoration-line` whereas it instead
should set `text-decoration`.
Part of #25005
Testing: WPT
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This is somehow introduced in #43617. This is causing CI failure.
For whatever reason, this thing should only be in `.git` folder. But
somehow it is at the root?
Also changed `.yml` to avoid ambiguity: we are using revision instead of
path.
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
This functionality already provided by `icu_properties` which is already
in our dependency graph, so this change allows us to remove one
dependency.
Testing: This should not change behavior, so is covered by existing
tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Add definition for generation of custom fields for interfaces inheriting
from PerformanceEntry.
Testing: More WPT Tests Passed
---------
Signed-off-by: Shubham Gupta <shubham.gupta@chromium.org>
Integrate client storage into indexeddb for the creation and deletion of
databases.
Testing: Existing WPT tests.
Fixes: None
---------
Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
Rather than node, we should check `new_parent` for this. Unfortunately
some regressions, which have been flip-flopping in recent PRs. That's
because underline itself uses its own state to determine what to do.
However, this is a net positive PR that also adheres to the spec, so
it's another step in the right direction.
Part of #25005
Testing: WPT
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Bumps [mako](https://github.com/sqlalchemy/mako) from 1.2.2 to 1.3.11.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sqlalchemy/mako/releases">mako's
releases</a>.</em></p>
<blockquote>
<h1>1.3.11</h1>
<p>Released: Tue Apr 14 2026</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [template]</strong> Fixed issue in
<code>TemplateLookup</code> where a URI with a double-slash
prefix (e.g. <code>//../../</code>) could bypass the directory traversal
check in
<code>Template</code>, allowing reads of arbitrary files outside of the
template directory. The issue was caused by an inconsistency in how
leading
slashes were stripped between <code>TemplateLookup.get_template()</code>
and
<code>Template</code> initialization.</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/mako/issues/434">#434</a></p>
</li>
</ul>
<h1>1.3.10</h1>
<p>Released: Thu Apr 10 2025</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [lexer]</strong> Fix undefined variable errors when
<code>strict_undefined=True</code> when using a
nested list comprehension. Pull request courtesy Sébastien Granjoux.</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/mako/issues/418">#418</a></p>
</li>
</ul>
<h1>1.3.9</h1>
<p>Released: Tue Feb 4 2025</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [tests]</strong> Fixed test suite to not rely upon
ancient "future division" statement to
test the <code>Template.future_imports</code> feature. The test is
replaced with one that tests only the rendering, not the ultimate
effect.</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/mako/issues/408">#408</a></p>
</li>
</ul>
<h1>1.3.8</h1>
<p>Released: Sat Dec 7 2024</p>
<h2>bug</h2>
<ul>
<li><strong>[bug] [lexer]</strong> Reverted the fix for <a
href="https://redirect.github.com/sqlalchemy/mako/issues/140">#140</a>
released in Mako 1.3.7 as it produced
regressions in existing user code.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sqlalchemy/mako/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/servo/servo/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [mako](https://github.com/sqlalchemy/mako) from 1.2.2 to 1.3.11.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sqlalchemy/mako/releases">mako's
releases</a>.</em></p>
<blockquote>
<h1>1.3.11</h1>
<p>Released: Tue Apr 14 2026</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [template]</strong> Fixed issue in
<code>TemplateLookup</code> where a URI with a double-slash
prefix (e.g. <code>//../../</code>) could bypass the directory traversal
check in
<code>Template</code>, allowing reads of arbitrary files outside of the
template directory. The issue was caused by an inconsistency in how
leading
slashes were stripped between <code>TemplateLookup.get_template()</code>
and
<code>Template</code> initialization.</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/mako/issues/434">#434</a></p>
</li>
</ul>
<h1>1.3.10</h1>
<p>Released: Thu Apr 10 2025</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [lexer]</strong> Fix undefined variable errors when
<code>strict_undefined=True</code> when using a
nested list comprehension. Pull request courtesy Sébastien Granjoux.</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/mako/issues/418">#418</a></p>
</li>
</ul>
<h1>1.3.9</h1>
<p>Released: Tue Feb 4 2025</p>
<h2>bug</h2>
<ul>
<li>
<p><strong>[bug] [tests]</strong> Fixed test suite to not rely upon
ancient "future division" statement to
test the <code>Template.future_imports</code> feature. The test is
replaced with one that tests only the rendering, not the ultimate
effect.</p>
<p>References: <a
href="https://redirect.github.com/sqlalchemy/mako/issues/408">#408</a></p>
</li>
</ul>
<h1>1.3.8</h1>
<p>Released: Sat Dec 7 2024</p>
<h2>bug</h2>
<ul>
<li><strong>[bug] [lexer]</strong> Reverted the fix for <a
href="https://redirect.github.com/sqlalchemy/mako/issues/140">#140</a>
released in Mako 1.3.7 as it produced
regressions in existing user code.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/sqlalchemy/mako/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/servo/servo/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
First of all, the effective command value was wrong, since there is no
relevant CSS property for the underline command. Instead, we should
directly use the text-decoration property. This then allows us to
implement reordering of modifiable elements.
We also need to "change the element to a span", which is quite annoying
to do. Instead, it mimics what would have happened by moving children
and copying attributes.
There are some regressions, but overall this is another big step towards
the right track. The regressions look related to tricky edge cases that
I am not even sure other browsers handle.
Part of #25005
Testing: WPT
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This file was renamed incorrectly due to automated renaming of directory
contents.
Testing: This does not seem to change test results, but whether or not
the
option in this `__dir__.ini` file is another issue.
Signed-off-by: Martin Robinson <mrobinson@fastmail.fm>
Co-authored-by: Martin Robinson <mrobinson@fastmail.fm>
`servo-layout` only depends on `html5ever` for it's atom types which are
now split out into the `web_atoms` crate. This switches the dependency
to `web_atoms` to remove the unncessary dependency
Testing: This just imports the same types from a different crate. So if
it builds, it should work.
Signed-off-by: Nico Burns <nico@nicoburns.com>
Mostly reuses the original error message from #39051, but on the rest of
the methods that require it. Also adds a new error message for
`document_if_same_origin`.
Testing: None
Fixes: Partially #40756
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
