clean-up navigation

security: check target and source origin before executing JS url implement replacement-enabled flag as a HistoryEntryReplacement enum add source origin string on loaddata add LoadOrigin iframe: remove optional load-data auxiliaries: add load-data into info constellation: remove url from Pipeline::new check load origin: link to whatwg issue switch loadorigin toplevel to constellation
2025-08-03 04:30:10 +01:00 · 2019-05-12 17:37:19 +08:00 · 2019-05-12 17:37:19 +08:00 · 571beec179
commit 571beec179
parent 973a3448a4
14 changed files with 402 additions and 220 deletions
--- a/components/script/dom/htmlanchorelement.rs
+++ b/components/script/dom/htmlanchorelement.rs
@ -11,6 +11,7 @@ use crate::dom::bindings::codegen::Bindings::HTMLAnchorElementBinding::HTMLAncho
 use crate::dom::bindings::codegen::Bindings::MouseEventBinding::MouseEventMethods;
 use crate::dom::bindings::codegen::Bindings::NodeBinding::NodeMethods;
 use crate::dom::bindings::inheritance::Castable;
+use crate::dom::bindings::refcounted::Trusted;
 use crate::dom::bindings::root::{DomRoot, MutNullableDom};
 use crate::dom::bindings::str::{DOMString, USVString};
 use crate::dom::document::determine_policy_for_token;
@ -19,16 +20,19 @@ use crate::dom::domtokenlist::DOMTokenList;
 use crate::dom::element::Element;
 use crate::dom::event::Event;
 use crate::dom::eventtarget::EventTarget;
+use crate::dom::globalscope::GlobalScope;
 use crate::dom::htmlelement::HTMLElement;
 use crate::dom::htmlimageelement::HTMLImageElement;
 use crate::dom::mouseevent::MouseEvent;
 use crate::dom::node::{document_from_node, Node};
 use crate::dom::urlhelper::UrlHelper;
 use crate::dom::virtualmethods::VirtualMethods;
+use crate::task_source::TaskSource;
 use dom_struct::dom_struct;
 use html5ever::{LocalName, Prefix};
 use net_traits::request::Referrer;
 use num_traits::ToPrimitive;
+use script_traits::{HistoryEntryReplacement, LoadData, LoadOrigin};
 use servo_url::ServoUrl;
 use std::default::Default;
 use style::attr::AttrValue;
@ -624,8 +628,19 @@ pub fn follow_hyperlink(subject: &Element, hyperlink_suffix: Option<String>) {

    // Step 7.
    let (maybe_chosen, replace) = match target_attribute_value {
-        Some(name) => source.choose_browsing_context(name.Value(), noopener),
-        None => (Some(window.window_proxy()), false),
+        Some(name) => {
+            let (maybe_chosen, new) = source.choose_browsing_context(name.Value(), noopener);
+            let replace = if new {
+                HistoryEntryReplacement::Enabled
+            } else {
+                HistoryEntryReplacement::Disabled
+            };
+            (maybe_chosen, replace)
+        },
+        None => (
+            Some(window.window_proxy()),
+            HistoryEntryReplacement::Disabled,
+        ),
    };

    // Step 8.
@ -667,7 +682,23 @@ pub fn follow_hyperlink(subject: &Element, hyperlink_suffix: Option<String>) {
        };

        // Step 14
-        debug!("following hyperlink to {}", url);
-        target_window.load_url(url, replace, false, referrer, referrer_policy);
+        let pipeline_id = target_window.upcast::<GlobalScope>().pipeline_id();
+        let load_data = LoadData::new(
+            LoadOrigin::Script(document.origin().immutable().clone()),
+            url,
+            Some(pipeline_id),
+            Some(referrer),
+            referrer_policy,
+        );
+        let target = Trusted::new(target_window);
+        let task = task!(navigate_follow_hyperlink: move || {
+            debug!("following hyperlink to {}", load_data.url);
+            target.root().load_url(replace, false, load_data);
+        });
+        target_window
+            .task_manager()
+            .dom_manipulation_task_source()
+            .queue(task, target_window.upcast())
+            .unwrap();
    };
 }