/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ use std::cell::Cell; use std::rc::Rc; use base::id::{BrowsingContextId, PipelineId, WebViewId}; use constellation_traits::{ IFrameLoadInfo, IFrameLoadInfoWithData, JsEvalResult, LoadData, LoadOrigin, NavigationHistoryBehavior, ScriptToConstellationMessage, }; use content_security_policy::sandboxing_directive::{ SandboxingFlagSet, parse_a_sandboxing_directive, }; use dom_struct::dom_struct; use embedder_traits::ViewportDetails; use html5ever::{LocalName, Prefix, local_name, ns}; use js::rust::HandleObject; use net_traits::ReferrerPolicy; use net_traits::request::Destination; use profile_traits::ipc as ProfiledIpc; use script_traits::{NewPipelineInfo, UpdatePipelineIdReason}; use servo_url::ServoUrl; use style::attr::{AttrValue, LengthOrPercentageOrAuto}; use stylo_atoms::Atom; use crate::document_loader::{LoadBlocker, LoadType}; use crate::dom::attr::Attr; use crate::dom::bindings::cell::DomRefCell; use crate::dom::bindings::codegen::Bindings::HTMLIFrameElementBinding::HTMLIFrameElementMethods; use crate::dom::bindings::codegen::Bindings::WindowBinding::Window_Binding::WindowMethods; use crate::dom::bindings::codegen::UnionTypes::TrustedHTMLOrString; use crate::dom::bindings::error::Fallible; use crate::dom::bindings::inheritance::Castable; use crate::dom::bindings::reflector::DomGlobal; use crate::dom::bindings::root::{DomRoot, LayoutDom, MutNullableDom}; use crate::dom::bindings::str::{DOMString, USVString}; use crate::dom::document::Document; use crate::dom::domtokenlist::DOMTokenList; use crate::dom::element::{ AttributeMutation, Element, LayoutElementHelpers, reflect_referrer_policy_attribute, }; use crate::dom::eventtarget::EventTarget; use crate::dom::html::htmlelement::HTMLElement; use crate::dom::node::{BindContext, Node, NodeDamage, NodeTraits, UnbindContext}; use crate::dom::trustedhtml::TrustedHTML; use crate::dom::virtualmethods::VirtualMethods; use crate::dom::windowproxy::WindowProxy; use crate::script_runtime::CanGc; use crate::script_thread::{ScriptThread, with_script_thread}; use crate::script_window_proxies::ScriptWindowProxies; #[derive(PartialEq)] enum PipelineType { InitialAboutBlank, Navigation, } #[derive(PartialEq)] enum ProcessingMode { FirstTime, NotFirstTime, } #[dom_struct] pub(crate) struct HTMLIFrameElement { htmlelement: HTMLElement, #[no_trace] webview_id: Cell>, #[no_trace] browsing_context_id: Cell>, #[no_trace] pipeline_id: Cell>, #[no_trace] pending_pipeline_id: Cell>, #[no_trace] about_blank_pipeline_id: Cell>, sandbox: MutNullableDom, #[no_trace] sandboxing_flag_set: Cell>, load_blocker: DomRefCell>, throttled: Cell, #[conditional_malloc_size_of] script_window_proxies: Rc, /// Keeping track of whether the iframe will be navigated /// outside of the processing of it's attribute(for example: form navigation). /// This is necessary to prevent the iframe load event steps /// from asynchronously running for the initial blank document /// while script at this point(when the flag is set) /// expects those to run only for the navigated documented. pending_navigation: Cell, } impl HTMLIFrameElement { /// , /// step 1. fn get_url(&self) -> ServoUrl { let element = self.upcast::(); element .get_attribute(&ns!(), &local_name!("src")) .and_then(|src| { let url = src.value(); if url.is_empty() { None } else { self.owner_document().base_url().join(&url).ok() } }) .unwrap_or_else(|| ServoUrl::parse("about:blank").unwrap()) } pub(crate) fn navigate_or_reload_child_browsing_context( &self, load_data: LoadData, history_handling: NavigationHistoryBehavior, can_gc: CanGc, ) { self.start_new_pipeline( load_data, PipelineType::Navigation, history_handling, can_gc, ); } fn start_new_pipeline( &self, mut load_data: LoadData, pipeline_type: PipelineType, history_handling: NavigationHistoryBehavior, can_gc: CanGc, ) { let browsing_context_id = match self.browsing_context_id() { None => return warn!("Attempted to start a new pipeline on an unattached iframe."), Some(id) => id, }; let webview_id = match self.webview_id() { None => return warn!("Attempted to start a new pipeline on an unattached iframe."), Some(id) => id, }; let document = self.owner_document(); { let load_blocker = &self.load_blocker; // Any oustanding load is finished from the point of view of the blocked // document; the new navigation will continue blocking it. LoadBlocker::terminate(load_blocker, can_gc); } if load_data.url.scheme() == "javascript" { let window_proxy = self.GetContentWindow(); if let Some(window_proxy) = window_proxy { if !ScriptThread::navigate_to_javascript_url( &document.global(), &window_proxy.global(), &mut load_data, Some(self.upcast()), can_gc, ) { return; } } } match load_data.js_eval_result { Some(JsEvalResult::NoContent) => (), _ => { let mut load_blocker = self.load_blocker.borrow_mut(); *load_blocker = Some(LoadBlocker::new( &document, LoadType::Subframe(load_data.url.clone()), )); }, }; let window = self.owner_window(); let old_pipeline_id = self.pipeline_id(); let new_pipeline_id = PipelineId::new(); self.pending_pipeline_id.set(Some(new_pipeline_id)); let load_info = IFrameLoadInfo { parent_pipeline_id: window.pipeline_id(), browsing_context_id, webview_id, new_pipeline_id, is_private: false, // FIXME inherited_secure_context: load_data.inherited_secure_context, history_handling, }; let viewport_details = window .get_iframe_viewport_details_if_known(browsing_context_id) .unwrap_or_else(|| ViewportDetails { hidpi_scale_factor: window.device_pixel_ratio(), ..Default::default() }); match pipeline_type { PipelineType::InitialAboutBlank => { self.about_blank_pipeline_id.set(Some(new_pipeline_id)); let load_info = IFrameLoadInfoWithData { info: load_info, load_data: load_data.clone(), old_pipeline_id, viewport_details, theme: window.theme(), }; window .as_global_scope() .script_to_constellation_chan() .send(ScriptToConstellationMessage::ScriptNewIFrame(load_info)) .unwrap(); let new_pipeline_info = NewPipelineInfo { parent_info: Some(window.pipeline_id()), new_pipeline_id, browsing_context_id, webview_id, opener: None, load_data, viewport_details, user_content_manager_id: None, theme: window.theme(), }; self.pipeline_id.set(Some(new_pipeline_id)); with_script_thread(|script_thread| { script_thread.spawn_pipeline(new_pipeline_info); }); }, PipelineType::Navigation => { let load_info = IFrameLoadInfoWithData { info: load_info, load_data, old_pipeline_id, viewport_details, theme: window.theme(), }; window .as_global_scope() .script_to_constellation_chan() .send(ScriptToConstellationMessage::ScriptLoadedURLInIFrame( load_info, )) .unwrap(); }, } } /// When an iframe is first inserted into the document, /// an "about:blank" document is created, /// and synchronously processed by the script thread. /// This initial synchronous load should have no noticeable effect in script. /// See the note in `iframe_load_event_steps`. pub(crate) fn is_initial_blank_document(&self) -> bool { self.pending_pipeline_id.get() == self.about_blank_pipeline_id.get() } /// fn process_the_iframe_attributes(&self, mode: ProcessingMode, can_gc: CanGc) { // > 1. If `element`'s `srcdoc` attribute is specified, then: if self .upcast::() .has_attribute(&local_name!("srcdoc")) { let url = ServoUrl::parse("about:srcdoc").unwrap(); let document = self.owner_document(); let window = self.owner_window(); let pipeline_id = Some(window.pipeline_id()); let mut load_data = LoadData::new( LoadOrigin::Script(document.origin().snapshot()), url, pipeline_id, window.as_global_scope().get_referrer(), document.get_referrer_policy(), Some(window.as_global_scope().is_secure_context()), Some(document.insecure_requests_policy()), document.has_trustworthy_ancestor_or_current_origin(), self.sandboxing_flag_set(), ); load_data.destination = Destination::IFrame; load_data.policy_container = Some(window.as_global_scope().policy_container()); let element = self.upcast::(); load_data.srcdoc = String::from(element.get_string_attribute(&local_name!("srcdoc"))); self.navigate_or_reload_child_browsing_context( load_data, NavigationHistoryBehavior::Push, can_gc, ); return; } let window = self.owner_window(); // https://html.spec.whatwg.org/multipage/#attr-iframe-name // Note: the spec says to set the name 'when the nested browsing context is created'. // The current implementation sets the name on the window, // when the iframe attributes are first processed. if mode == ProcessingMode::FirstTime { if let Some(window) = self.GetContentWindow() { window.set_name( self.upcast::() .get_name() .map_or(DOMString::from(""), |n| DOMString::from(&*n)), ); } } if mode == ProcessingMode::FirstTime && !self.upcast::().has_attribute(&local_name!("src")) { return; } // > 2. Otherwise, if `element` has a `src` attribute specified, or // > `initialInsertion` is false, then run the shared attribute // > processing steps for `iframe` and `frame` elements given // > `element`. let url = self.get_url(); // Step 2.4: Let referrerPolicy be the current state of element's referrerpolicy content // attribute. let document = self.owner_document(); let referrer_policy_token = self.ReferrerPolicy(); // Note: despite not being explicitly stated in the spec steps, this falls back to // document's referrer policy here because it satisfies the expectations that when unset, // the iframe should inherit the referrer policy of its parent let referrer_policy = match ReferrerPolicy::from(&*referrer_policy_token.str()) { ReferrerPolicy::EmptyString => document.get_referrer_policy(), policy => policy, }; // TODO(#25748): // By spec, we return early if there's an ancestor browsing context // "whose active document's url, ignoring fragments, is equal". // However, asking about ancestor browsing contexts is more nuanced than // it sounds and not implemented here. // Within a single origin, we can do it by walking window proxies, // and this check covers only that single-origin case, protecting // against simple typo self-includes but nothing more elaborate. let mut ancestor = window.GetParent(); while let Some(a) = ancestor { if let Some(ancestor_url) = a.document().map(|d| d.url()) { if ancestor_url.scheme() == url.scheme() && ancestor_url.username() == url.username() && ancestor_url.password() == url.password() && ancestor_url.host() == url.host() && ancestor_url.port() == url.port() && ancestor_url.path() == url.path() && ancestor_url.query() == url.query() { return; } } ancestor = a.parent().map(DomRoot::from_ref); } let creator_pipeline_id = if url.as_str() == "about:blank" { Some(window.pipeline_id()) } else { None }; let propagate_encoding_to_child_document = url.origin().same_origin(window.origin()); let mut load_data = LoadData::new( LoadOrigin::Script(document.origin().snapshot()), url, creator_pipeline_id, window.as_global_scope().get_referrer(), referrer_policy, Some(window.as_global_scope().is_secure_context()), Some(document.insecure_requests_policy()), document.has_trustworthy_ancestor_or_current_origin(), self.sandboxing_flag_set(), ); load_data.destination = Destination::IFrame; load_data.policy_container = Some(window.as_global_scope().policy_container()); if propagate_encoding_to_child_document { load_data.container_document_encoding = Some(document.encoding()); } let pipeline_id = self.pipeline_id(); // If the initial `about:blank` page is the current page, load with replacement enabled, // see https://html.spec.whatwg.org/multipage/#the-iframe-element:about:blank-3 let is_about_blank = pipeline_id.is_some() && pipeline_id == self.about_blank_pipeline_id.get(); let history_handling = if is_about_blank { NavigationHistoryBehavior::Replace } else { NavigationHistoryBehavior::Push }; self.navigate_or_reload_child_browsing_context(load_data, history_handling, can_gc); } /// /// Synchronously create a new browsing context(This is not a navigation). /// The pipeline started here should remain unnoticeable to script, but this is not easy /// to refactor because it appears other features have come to rely on the current behavior. /// For now only the iframe load event steps are skipped in some cases for this initial document, /// and we still fire load and pageshow events as part of `maybe_queue_document_completion`. /// Also, some controversy spec-wise remains: fn create_nested_browsing_context(&self, can_gc: CanGc) { let url = ServoUrl::parse("about:blank").unwrap(); let document = self.owner_document(); let window = self.owner_window(); let pipeline_id = Some(window.pipeline_id()); let mut load_data = LoadData::new( LoadOrigin::Script(document.origin().snapshot()), url, pipeline_id, window.as_global_scope().get_referrer(), document.get_referrer_policy(), Some(window.as_global_scope().is_secure_context()), Some(document.insecure_requests_policy()), document.has_trustworthy_ancestor_or_current_origin(), self.sandboxing_flag_set(), ); load_data.destination = Destination::IFrame; load_data.policy_container = Some(window.as_global_scope().policy_container()); let browsing_context_id = BrowsingContextId::new(); let webview_id = window.window_proxy().webview_id(); self.pipeline_id.set(None); self.pending_pipeline_id.set(None); self.webview_id.set(Some(webview_id)); self.browsing_context_id.set(Some(browsing_context_id)); self.start_new_pipeline( load_data, PipelineType::InitialAboutBlank, NavigationHistoryBehavior::Push, can_gc, ); } fn destroy_nested_browsing_context(&self) { self.pipeline_id.set(None); self.pending_pipeline_id.set(None); self.about_blank_pipeline_id.set(None); self.webview_id.set(None); self.browsing_context_id.set(None); } pub(crate) fn update_pipeline_id( &self, new_pipeline_id: PipelineId, reason: UpdatePipelineIdReason, can_gc: CanGc, ) { // For all updates except the one for the initial blank document, // we need to set the flag back to false because the navigation is complete, // because the goal is to, when a navigation is pending, to skip the async load // steps of the initial blank document. if !self.is_initial_blank_document() { self.pending_navigation.set(false); } if self.pending_pipeline_id.get() != Some(new_pipeline_id) && reason == UpdatePipelineIdReason::Navigation { return; } self.pipeline_id.set(Some(new_pipeline_id)); // Only terminate the load blocker if the pipeline id was updated due to a traversal. // The load blocker will be terminated for a navigation in iframe_load_event_steps. if reason == UpdatePipelineIdReason::Traversal { let blocker = &self.load_blocker; LoadBlocker::terminate(blocker, can_gc); } self.upcast::().dirty(NodeDamage::Other); } fn new_inherited( local_name: LocalName, prefix: Option, document: &Document, ) -> HTMLIFrameElement { HTMLIFrameElement { htmlelement: HTMLElement::new_inherited(local_name, prefix, document), browsing_context_id: Cell::new(None), webview_id: Cell::new(None), pipeline_id: Cell::new(None), pending_pipeline_id: Cell::new(None), about_blank_pipeline_id: Cell::new(None), sandbox: Default::default(), sandboxing_flag_set: Cell::new(None), load_blocker: DomRefCell::new(None), throttled: Cell::new(false), script_window_proxies: ScriptThread::window_proxies(), pending_navigation: Default::default(), } } pub(crate) fn new( local_name: LocalName, prefix: Option, document: &Document, proto: Option, can_gc: CanGc, ) -> DomRoot { Node::reflect_node_with_proto( Box::new(HTMLIFrameElement::new_inherited( local_name, prefix, document, )), document, proto, can_gc, ) } #[inline] pub(crate) fn pipeline_id(&self) -> Option { self.pipeline_id.get() } #[inline] pub(crate) fn browsing_context_id(&self) -> Option { self.browsing_context_id.get() } #[inline] pub(crate) fn webview_id(&self) -> Option { self.webview_id.get() } #[inline] pub(crate) fn sandboxing_flag_set(&self) -> SandboxingFlagSet { self.sandboxing_flag_set .get() .unwrap_or_else(SandboxingFlagSet::empty) } pub(crate) fn set_throttled(&self, throttled: bool) { if self.throttled.get() != throttled { self.throttled.set(throttled); } } /// Note a pending navigation. /// This is used to ignore the async load event steps for /// the initial blank document if those haven't run yet. pub(crate) fn note_pending_navigation(&self) { self.pending_navigation.set(true); } /// pub(crate) fn iframe_load_event_steps(&self, loaded_pipeline: PipelineId, can_gc: CanGc) { // TODO(#9592): assert that the load blocker is present at all times when we // can guarantee that it's created for the case of iframe.reload(). if Some(loaded_pipeline) != self.pending_pipeline_id.get() { return; } // TODO 1. Assert: element's content navigable is not null. // TODO 2-4 Mark resource timing. // TODO 5 Set childDocument's iframe load in progress flag. // Note: in the spec, these steps are either run synchronously as part of // "If url matches about:blank and initialInsertion is true, then:" // in `process the iframe attributes`, // or asynchronously when navigation completes. // // In our current implementation, // we arrive here always asynchronously in the following two cases: // 1. as part of loading the initial blank document // created in `create_nested_browsing_context` // 2. optionally, as part of loading a second document created as // as part of the first processing of the iframe attributes. // // To preserve the logic of the spec--firing the load event once--in the context of // our current implementation, we must not fire the load event // for the initial blank document if we know that a navigation is ongoing, // which can be deducted from `pending_navigation` or the presence of an src. // // Additionally, to prevent a race condition with navigations, // in all cases, skip the load event if there is a pending navigation. // See #40348 // // TODO: run these step synchronously as part of processing the iframe attributes. let should_fire_event = if self.is_initial_blank_document() { // If this is the initial blank doc: // do not fire if there is a pending navigation, // or if the iframe has an src. !self.pending_navigation.get() && !self.upcast::().has_attribute(&local_name!("src")) } else { // If this is not the initial blank doc: // do not fire if there is a pending navigation. !self.pending_navigation.get() }; if should_fire_event { // Step 6. Fire an event named load at element. self.upcast::() .fire_event(atom!("load"), can_gc); } let blocker = &self.load_blocker; LoadBlocker::terminate(blocker, can_gc); // TODO Step 7 - unset child document `mute iframe load` flag } /// Parse the `sandbox` attribute value given the [`Attr`]. This sets the `sandboxing_flag_set` /// property or clears it is the value isn't specified. Notably, an unspecified sandboxing /// attribute (no sandboxing) is different from an empty one (full sandboxing). fn parse_sandbox_attribute(&self) { let attribute = self .upcast::() .get_attribute(&ns!(), &local_name!("sandbox")); self.sandboxing_flag_set .set(attribute.map(|attribute_value| { let tokens: Vec<_> = attribute_value .value() .as_tokens() .iter() .map(|atom| atom.to_string().to_ascii_lowercase()) .collect(); parse_a_sandboxing_directive(&tokens) })); } /// Step 4.2. of pub(crate) fn destroy_document_and_its_descendants(&self, can_gc: CanGc) { let Some(pipeline_id) = self.pipeline_id.get() else { return; }; // Step 4.2. Destroy a document and its descendants given childNavigable's active document and incrementDestroyed. if let Some(exited_document) = ScriptThread::find_document(pipeline_id) { exited_document.destroy_document_and_its_descendants(can_gc); } self.destroy_nested_browsing_context(); } /// fn destroy_child_navigable(&self, can_gc: CanGc) { let blocker = &self.load_blocker; LoadBlocker::terminate(blocker, CanGc::note()); // Step 1. Let navigable be container's content navigable. let Some(browsing_context_id) = self.browsing_context_id() else { // Step 2. If navigable is null, then return. return; }; // Store now so that we can destroy the context and delete the // document later let pipeline_id = self.pipeline_id.get(); // Step 3. Set container's content navigable to null. // // Resetting the pipeline_id to None is required here so that // if this iframe is subsequently re-added to the document // the load doesn't think that it's a navigation, but instead // a new iframe. Without this, the constellation gets very // confused. self.destroy_nested_browsing_context(); // Step 4. Inform the navigation API about child navigable destruction given navigable. // TODO // Step 5. Destroy a document and its descendants given navigable's active document. let (sender, receiver) = ProfiledIpc::channel(self.global().time_profiler_chan().clone()).unwrap(); let msg = ScriptToConstellationMessage::RemoveIFrame(browsing_context_id, sender); self.owner_window() .as_global_scope() .script_to_constellation_chan() .send(msg) .unwrap(); let _exited_pipeline_ids = receiver.recv().unwrap(); let Some(pipeline_id) = pipeline_id else { return; }; if let Some(exited_document) = ScriptThread::find_document(pipeline_id) { exited_document.destroy_document_and_its_descendants(can_gc); } // Step 6. Let parentDocState be container's node navigable's active session history entry's document state. // TODO // Step 7. Remove the nested history from parentDocState's nested histories whose id equals navigable's id. // TODO // Step 8. Let traversable be container's node navigable's traversable navigable. // TODO // Step 9. Append the following session history traversal steps to traversable: // TODO // Step 10. Invoke WebDriver BiDi navigable destroyed with navigable. // TODO } } pub(crate) trait HTMLIFrameElementLayoutMethods { fn pipeline_id(self) -> Option; fn browsing_context_id(self) -> Option; fn get_width(self) -> LengthOrPercentageOrAuto; fn get_height(self) -> LengthOrPercentageOrAuto; } impl HTMLIFrameElementLayoutMethods for LayoutDom<'_, HTMLIFrameElement> { #[inline] fn pipeline_id(self) -> Option { (self.unsafe_get()).pipeline_id.get() } #[inline] fn browsing_context_id(self) -> Option { (self.unsafe_get()).browsing_context_id.get() } fn get_width(self) -> LengthOrPercentageOrAuto { self.upcast::() .get_attr_for_layout(&ns!(), &local_name!("width")) .map(AttrValue::as_dimension) .cloned() .unwrap_or(LengthOrPercentageOrAuto::Auto) } fn get_height(self) -> LengthOrPercentageOrAuto { self.upcast::() .get_attr_for_layout(&ns!(), &local_name!("height")) .map(AttrValue::as_dimension) .cloned() .unwrap_or(LengthOrPercentageOrAuto::Auto) } } impl HTMLIFrameElementMethods for HTMLIFrameElement { // https://html.spec.whatwg.org/multipage/#dom-iframe-src make_url_getter!(Src, "src"); // https://html.spec.whatwg.org/multipage/#dom-iframe-src make_url_setter!(SetSrc, "src"); /// fn Srcdoc(&self) -> TrustedHTMLOrString { let element = self.upcast::(); element.get_trusted_html_attribute(&local_name!("srcdoc")) } /// fn SetSrcdoc(&self, value: TrustedHTMLOrString, can_gc: CanGc) -> Fallible<()> { // Step 1: Let compliantString be the result of invoking the // Get Trusted Type compliant string algorithm with TrustedHTML, // this's relevant global object, the given value, "HTMLIFrameElement srcdoc", and "script". let element = self.upcast::(); let value = TrustedHTML::get_trusted_script_compliant_string( &element.owner_global(), value, "HTMLIFrameElement srcdoc", can_gc, )?; // Step 2: Set an attribute value given this, srcdoc's local name, and compliantString. element.set_attribute( &local_name!("srcdoc"), AttrValue::String(value.str().to_owned()), can_gc, ); Ok(()) } /// /// /// The supported tokens for sandbox's DOMTokenList are the allowed values defined in the /// sandbox attribute and supported by the user agent. These range of possible values is /// defined here: fn Sandbox(&self, can_gc: CanGc) -> DomRoot { self.sandbox.or_init(|| { DOMTokenList::new( self.upcast::(), &local_name!("sandbox"), Some(vec![ Atom::from("allow-downloads"), Atom::from("allow-forms"), Atom::from("allow-modals"), Atom::from("allow-orientation-lock"), Atom::from("allow-pointer-lock"), Atom::from("allow-popups"), Atom::from("allow-popups-to-escape-sandbox"), Atom::from("allow-presentation"), Atom::from("allow-same-origin"), Atom::from("allow-scripts"), Atom::from("allow-top-navigation"), Atom::from("allow-top-navigation-by-user-activation"), Atom::from("allow-top-navigation-to-custom-protocols"), ]), can_gc, ) }) } /// fn GetContentWindow(&self) -> Option> { self.browsing_context_id .get() .and_then(|id| self.script_window_proxies.find_window_proxy(id)) } /// fn GetContentDocument(&self) -> Option> { // Step 1. If container's content navigable is null, then return null. let pipeline_id = self.pipeline_id.get()?; // Step 2. Let document be container's content navigable's active document. // Note that this lookup will fail if the document is dissimilar-origin, // so we should return None in that case. let document = ScriptThread::find_document(pipeline_id)?; // Step 3. If document's origin and container's node document's origin are not same origin-domain, then return null. if !self .owner_document() .origin() .same_origin_domain(document.origin()) { return None; } // Step 4. Return document. Some(document) } /// fn ReferrerPolicy(&self) -> DOMString { reflect_referrer_policy_attribute(self.upcast::()) } // https://html.spec.whatwg.org/multipage/#attr-iframe-referrerpolicy make_setter!(SetReferrerPolicy, "referrerpolicy"); // https://html.spec.whatwg.org/multipage/#attr-iframe-allowfullscreen make_bool_getter!(AllowFullscreen, "allowfullscreen"); // https://html.spec.whatwg.org/multipage/#attr-iframe-allowfullscreen make_bool_setter!(SetAllowFullscreen, "allowfullscreen"); // make_getter!(Width, "width"); // make_dimension_setter!(SetWidth, "width"); // make_getter!(Height, "height"); // make_dimension_setter!(SetHeight, "height"); // https://html.spec.whatwg.org/multipage/#other-elements,-attributes-and-apis:attr-iframe-frameborder make_getter!(FrameBorder, "frameborder"); // https://html.spec.whatwg.org/multipage/#other-elements,-attributes-and-apis:attr-iframe-frameborder make_setter!(SetFrameBorder, "frameborder"); // https://html.spec.whatwg.org/multipage/#dom-iframe-name // A child browsing context checks the name of its iframe only at the time // it is created; subsequent name sets have no special effect. make_atomic_setter!(SetName, "name"); // https://html.spec.whatwg.org/multipage/#dom-iframe-name // This is specified as reflecting the name content attribute of the // element, not the name of the child browsing context. make_getter!(Name, "name"); } impl VirtualMethods for HTMLIFrameElement { fn super_type(&self) -> Option<&dyn VirtualMethods> { Some(self.upcast::() as &dyn VirtualMethods) } fn attribute_mutated(&self, attr: &Attr, mutation: AttributeMutation, can_gc: CanGc) { self.super_type() .unwrap() .attribute_mutated(attr, mutation, can_gc); match *attr.local_name() { // From : // // > When an iframe element's sandbox attribute is set or changed while // > it has a non-null content navigable, the user agent must parse the // > sandboxing directive given the attribute's value and the iframe // > element's iframe sandboxing flag set. // // > When an iframe element's sandbox attribute is removed while it has // > a non-null content navigable, the user agent must empty the iframe // > element's iframe sandboxing flag set. local_name!("sandbox") if self.browsing_context_id.get().is_some() => { self.parse_sandbox_attribute(); }, local_name!("srcdoc") => { // https://html.spec.whatwg.org/multipage/#the-iframe-element:the-iframe-element-9 // "Whenever an iframe element with a non-null nested browsing context has its // srcdoc attribute set, changed, or removed, the user agent must process the // iframe attributes." // but we can't check that directly, since the child browsing context // may be in a different script thread. Instead, we check to see if the parent // is in a document tree and has a browsing context, which is what causes // the child browsing context to be created. // trigger the processing of iframe attributes whenever "srcdoc" attribute is set, changed or removed if self.upcast::().is_connected_with_browsing_context() { debug!("iframe srcdoc modified while in browsing context."); self.process_the_iframe_attributes(ProcessingMode::NotFirstTime, can_gc); } }, local_name!("src") => { // https://html.spec.whatwg.org/multipage/#the-iframe-element // "Similarly, whenever an iframe element with a non-null nested browsing context // but with no srcdoc attribute specified has its src attribute set, changed, or removed, // the user agent must process the iframe attributes," // but we can't check that directly, since the child browsing context // may be in a different script thread. Instead, we check to see if the parent // is in a document tree and has a browsing context, which is what causes // the child browsing context to be created. if self.upcast::().is_connected_with_browsing_context() { debug!("iframe src set while in browsing context."); self.process_the_iframe_attributes(ProcessingMode::NotFirstTime, can_gc); } }, _ => {}, } } fn attribute_affects_presentational_hints(&self, attr: &Attr) -> bool { match attr.local_name() { &local_name!("width") | &local_name!("height") => true, _ => self .super_type() .unwrap() .attribute_affects_presentational_hints(attr), } } fn parse_plain_attribute(&self, name: &LocalName, value: DOMString) -> AttrValue { match *name { local_name!("sandbox") => AttrValue::from_serialized_tokenlist(value.into()), local_name!("width") => AttrValue::from_dimension(value.into()), local_name!("height") => AttrValue::from_dimension(value.into()), _ => self .super_type() .unwrap() .parse_plain_attribute(name, value), } } /// fn post_connection_steps(&self, can_gc: CanGc) { if let Some(s) = self.super_type() { s.post_connection_steps(can_gc); } // This isn't mentioned any longer in the specification, but still seems important. This is // likely due to the fact that we have deviated a great deal with it comes to navigables // and browsing contexts. if !self.upcast::().is_connected_with_browsing_context() { return; } debug!("