eliott/servo
1
0
Fork 0
mirror of https://github.com/servo/servo synced 2026-04-25 17:15:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
430105468fed9c17b7e89e8633866dc59ab08f5d
servo/components/script/lib.rs
Simon Wülker e73c010bb1 Force callers to claim blob url before making a fetch request (#43746) 
`blob` URLs have a implicit blob URL entry attached, which stores the
data contained in the blob. The specification requires this entry to be
resolved as the URL is parsed. We only resolve it inside `net` when
loading the URL. That causes problems if the blob entry has been revoked
in the meantime - see https://github.com/servo/servo/issues/25226.

Ideally we would want to resolve blobs at parse-time as required. But
because `ServoUrl` is such a fundamental type, I've not managed to do
this change without having to touch hundreds of files at once.

Thus, we now require passing a `UrlWithBlobClaim` instead of a
`ServoUrl` when `fetch`-ing. This type proves that the caller has
acquired the blob beforehand.

As a temporary escape hatch, I've added
`UrlWithBlobClaim::from_url_without_having_claimed_blob`. That method
logs a warning if its used unsafely. This method is currently used in
most places to keep this change small. Only workers now acquire the blob
beforehand.

Testing: A new test starts to pass
Part of https://github.com/servo/servo/issues/43326
Part of https://github.com/servo/servo/issues/25226

---------

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
2026-04-06 14:21:55 +00:00

92 lines
2.4 KiB
Rust
Raw Blame History

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
#![cfg_attr(crown, feature(register_tool))]
#![deny(unsafe_code)]
#![doc = "The script crate contains all matters DOM."]
// Register the linter `crown`, which is the Servo-specific linter for the script crate.
#![cfg_attr(crown, register_tool(crown))]
// These are used a lot so let's keep them for now
#[macro_use]
extern crate js;
#[macro_use]
extern crate jstraceable_derive;
#[macro_use]
extern crate log;
#[macro_use]
extern crate malloc_size_of_derive;
#[macro_use]
extern crate stylo_atoms;
mod animations;
mod css;
mod script_window_proxies;
#[macro_use]
mod task;
mod body;
pub(crate) mod clipboard_provider;
pub(crate) mod conversions;
mod devtools;
pub(crate) mod document_loader;
#[macro_use]
mod dom;
pub(crate) use dom::canvas_context;
pub(crate) mod fetch;
pub(crate) mod indexeddb;
mod init;
mod layout_image;
mod url;
pub(crate) mod document_collection;
pub(crate) mod iframe_collection;
pub(crate) mod image_animation;
pub mod layout_dom;
pub(crate) mod messaging;
mod microtask;
pub(crate) mod mime;
mod module_loading;
mod navigation;
mod network_listener;
mod realms;
mod routed_promise;
mod script_module;
mod script_mutation_observers;
pub(crate) mod script_runtime;
#[expect(unsafe_code)]
pub(crate) mod script_thread;
pub(crate) mod serviceworker_manager;
mod stylesheet_loader;
mod stylesheet_set;
mod task_manager;
mod task_queue;
mod task_source;
pub mod test;
pub mod textinput;
mod timers;
mod webdriver_handlers;
mod window_named_properties;
mod xpath;
mod unminify;
mod drag_data_store;
mod links;
pub use init::init;
pub(crate) use script_bindings::DomTypes;
pub use script_runtime::JSEngineSetup;
pub use script_thread::ScriptThread;
pub use serviceworker_manager::ServiceWorkerManager;
pub(crate) use crate::dom::bindings::codegen::DomTypeHolder::DomTypeHolder;
// These trait exports are public, because they are used in the DOM bindings.
// Since they are used in derive macros,
// it is useful that they are accessible at the root of the crate.
pub(crate) use crate::dom::bindings::inheritance::HasParent;
pub(crate) use crate::dom::bindings::reflector::{
AssociatedMemory, DomObject, MutDomObject, Reflector,
};
pub(crate) use crate::dom::bindings::trace::{CustomTraceable, JSTraceable};
Reference in New Issue View Git Blame Copy Permalink