Also bumps mozjs to the latest version that has support for
`GStackVector` which is what this callback uses.
Part of #36258Fixes#38877
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This shows up sometimes in code reviews, so it makes sense that tidy
enforces it. `rustfmt` supports this via comment normalization, but it
does many other things and is still an unstable feature (with bugs).
Testing: There are new tidy tests for this change.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
It implements the new codeForEvalGets callback to retrieve the
value for a trusted script object. Additionally, it implements
the new logic in can-compile-strings to call the policy
factory if required.
Note that parameter and argument checks aren't implemented yet,
as they require updates to binding generation (see TODO in
script_runtime).
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
currently our devtools impl creates source actors in script, when
executing scripts in HTMLScriptElement or DedicatedWorkerGlobalScope.
this approach is cumbersome, and it means that many pathways to running
scripts are missed, such as imported ES modules.
with the [SpiderMonkey Debugger
API](https://firefox-source-docs.mozilla.org/js/Debugger/), we can pick
up all of the scripts and all of their sources without any extra code,
as long as we tell it about every global we create (#38333, #38551).
this patch adds a [Debugger#onNewScript()
hook](https://firefox-source-docs.mozilla.org/js/Debugger/Debugger.html#onnewscript-script-global)
to the debugger script, which calls
DebuggerGlobalScope#notifyNewSource() to notify our script system when a
new script runs. if the source is relevant to the file tree in the
Sources tab, script tells devtools to create a source actor.
Testing: adds several new automated devtools tests
Fixes: part of #36027
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
This PR removes `jsstring_to_str`, which is replaced with
`jsstr_to_string`, and updates `mozjs` to
6f3dcb99a7.
Given that servo now always replaces unpaired surrogate since
https://github.com/servo/servo/pull/35381, the internal conversion
function `jsstring_to_str` is functionally the same as `jsstr_to_string`
from `mozjs`. This PR removes `jsstring_to_str` and replaces with
`jsstr_to_string` with conversions to `DOMString` where necessary.
Testing: Passes all unit test. No regression was found in WPT test (see
try run: https://github.com/minghuaw/servo/actions/runs/16821156583)
---------
Signed-off-by: minghuaw <wuminghua7@huawei.com>
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Co-authored-by: sagudev <16504129+sagudev@users.noreply.github.com>
- [Dispatch Event](https://dom.spec.whatwg.org/#concept-event-dispatch)
should return a Boolean. This function is used frequently in spec and
the change makes things easier to follow.
- Remove `enum EventStatus` and related functions.
- Update some dead spec link.
- Update some steps.
This is intended as cleanup before working on #38435 and reduces binary
size by 488KB in Release profile.
Testing: No behaviour change.
---------
Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
in the devtools protocol, [source
forms](https://firefox-source-docs.mozilla.org/devtools/backend/protocol.html#loading-script-sources)
announced in `resources-available-array` messages can include the
`introductionType`, which more or less mirrors the field of the same
name in SpiderMonkey’s CompileOptions.
this patch exposes `introductionType` accordingly, allowing us to check
for the correct values in automated tests.
Testing: new coverage in devtools tests
Fixes: part of #36027
---------
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
Incorporates the updates from https://github.com/servo/mozjs/pull/584.
Testing: Existing WPT coverage is enough.
Fixes: Part of #36258
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
to use the [SpiderMonkey Debugger
API](https://firefox-source-docs.mozilla.org/js/Debugger/) as the single
source of truth about scripts and their sources for devtools purposes
(servo/servo#38334), the debugger script needs to be able to distinguish
inline scripts from other scripts, because inline scripts are a special
case where the source contents need to come from the Servo parser.
the mechanism for this is
[Debugger.Script.prototype.**introductionType**](https://firefox-source-docs.mozilla.org/js/Debugger/Debugger.Source.html#introductiontype),
which is `inlineScript` for inline scripts or a variety of other values
for other kinds of scripts, but only the embedder can provide this
information.
this patch bumps mozjs to servo/mozjs#603, which expands on
CompileOptionsWrapper, making it a safe wrapper around CompileOptions.
to construct one from safe code, use Runtime::new_compile_options().
then you can call `set_introduction_type(&'static CStr)` on the new
instance. we also make Runtime::evaluate_script() take a
CompileOptionsWrapper from the caller, instead of constructing one
internally.
in this patch, we set the introductionType to `c"inlineScript"` when
calling run_a_classic_script() and compile_module_script() for inline
scripts, and leave it unset all other cases.
Testing: will undergo automated tests in #38334
Fixes: part of #36027, part of servo/servo#38378
---------
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: atbrakhi <atbrakhi@igalia.com>
With Rust 1.85 it is possible to const initialize Hashmaps if the hash
algorithm does not rely on a random seed.
Testing: No functional changes, covered by existing tests
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
This refactoring moves various CSP-related methods away from GlobalScope
and Document into a dedicated entrypoint. It also reduces the amount of
imports of the CSP crate, so that types are consolidated into this one
entrypoint. That way, we control how CSP code interacts with the script
crate.
For reviewing purposes, I split up the refactoring into separate
distinct commits that all move 1 method(group) into the new file.
Testing: no change in behavior, only a build improvement + code cleanup
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
Adds indexeddb support to servo. At the moment heed is being used as the
backend, although this can be swapped out by implementing `KvsEngine`.
This PR adds a thread + a thread pool for Indexeddb related operations.
Also `database_access_task_source` is added for Indexeddb related
operations.
This is a partial rewrite of #25214. (Reopened due to branching issue)
Fixes#6963
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Rasmus Viitanen <rasviitanen@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
All logic is implemented in `report_csp_violations` to avoid
pulling in various element-logic into SecurityManager.
Update the `icon-blocked.sub.html` WPT test to ensure that
the document is the correct target (verified in Firefox and Chrome).
Fixes#36806
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This turned out to be a full rabbit hole. The new header
is parsed in the new `parse_csp_list_from_metadata` which
sets `disposition` to `report.
I was testing this with
`script-src-report-only-policy-works-with-external-hash-policy.html`
which was blocking the script incorrectly. Turns out that there
were multiple bugs in the CSP library, as well as a missing
check in `fetch` to report violations.
Additionally, in several locations we were manually reporting csp
violations, instead of the new `global.report_csp_violations`. As
a result of that, they would double report, since the report-only
header would be appended as a policy and now would report twice.
Now, all callsides use `global.report_csp_violations`. As a nice
side-effect, I added the code to set source file information,
since that was already present for the `eval` check, but nowhere
else.
Part of #36437
Requires servo/rust-content-security-policy#5
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
This removes a bunch of duplicated code needed to support
ConditionalMallocSizeOf correctly, and fixes multiple places where that
code was subtly wrong (the seen pointers hashset was never cleared).
Testing: Measuring https://www.nist.gov/image-gallery lots of times.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Current implementation takes arguments for specifying values of
violation report, but is difficult to understand which value should be
passed. These changes create new builder for violation report to address
the issue.
Testing: These changes do not require tests because they just refactor
current code
Signed-off-by: Chocolate Pie <106949016+chocolate-pie@users.noreply.github.com>
* Use 2024 style edition
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Reformat all code
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This patch implements the `FontFace` interface, but with some caveats
1. The interface is only exposed on `Window`. Support for Workers will
be handled in the future.
2. The concept of `css-connected` `FontFace` is not implemented, so
`@font-face` rules in stylesheets will not be represented in the DOM.
3. The constructor only supports using `url()` strings as source
and `ArrayBuffer` and `ArrayBufferView` are not supported yet.
A skeleton implementation of the `load` method of `FontFaceSet` is also
implemented in this patch. The intention is to support some web pages
that don't load without this method.
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
This change exposes a single `InputEvent` type and now there is only a
single delegate method for this `WebViewDelegate::notify_input_event`.
- Clipboard events are now handled as `EditingAction` inpute events. In
the future this can include things like "Select All", etc.
In addition, many parts of the dance to pass these events can now be
simplified due to this abstraction.
- All forwarded events are handled the same way in the `Constellation`,
though they may carry an optional hit test (for events that have a
`point`) which affects which `Pipeline` they are sent to.
- In the `ScriptThread` we now accept these `InputEvents` and use them
everywhere. Now all "compositor events" are "input events".
- This allows removing several data structures which are no longer
necessary.
- We no longer inform the embedder when an event was handled by a
WebView as that was only important for a MDI feature that will
no longer be so important the full-featured `WebView` API.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
Flatten and simplify Servo's preferences code. In addition, have both
preferences and options passed in as arguments to `Servo::new()` and
make sure not to use the globally set preferences in `servoshell` (as
much as possible now).
Instead of a complex procedural macro to generate preferences, just
expose a very simple derive macro that adds string based getters and
setters.
- All command-line parsing is moved to servoshell.
- There is no longer the concept of a missing preference.
- Preferences no longer have to be part of the resources bundle because
they now have reasonable default values.
- servoshell specific preferences are no longer part of the preferences
exposed by the Servo API.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Previously, senders and receivers to different kinds of event loops (the
main `ScriptThread`, different types of workers) used a rust `trait`
mechanism to implement dynamic behavior. This led to having many unused
implementations of this `trait`. This change moves to using an `enum`
based approach for these senders and receivers and removes all of the
dead code.
In addition, to allowing for use of rust's dead code detection, it
simplifies the code a great deal. All of these generic senders and
receivers are moved to the `messaging.rs` file and given proper
documentation.
Finally, empty an `JSTraceable` implementation is made for all
crossbeam `Sender<...>`s to avoid having to manually skip them everytime
they are included in structs. The pre-existing empty `MallocSizeOf`
implementation is used more thoroughly.
Other unecessary wrappers around these senders and receivers are removed
as well.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
No longer hide errors while queueing tasks on the main thread. This
requires creating two types of `TaskSource`s: one for the main thread
and one that can be sent to other threads. This makes queueing a bit
more efficient on the main thread and more importantly, no longer hides
task queue errors.
Fixes#25688.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
This is a simplification of the internal `TaskQueue` API that moves the
`TaskManager` to the `GlobalScope` itself. In addition, the handling of
cancellers is moved to the `TaskManager` as well. This means that no
arguments other than the `task` are necessary for queueing tasks, which
makes the API a lot easier to use and cleaner.
`TaskSource` now also keeps a copy of the canceller with it, so that
they always know the proper way to cancel any tasks queued on them.
There is one complication here. The event loop `sender` for dedicated
workers is constantly changing as it is set to `None` when not handling
messages. This is because this sender keeps a handle to the main
thread's `Worker` object, preventing garbage collection while any
messages are still in flight or being handled. This change allows
setting the `sender` on the `TaskManager` to `None` to allow proper
garbabge collection.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating a type for each `TaskSource` variety have each `TaskSource`
hold the same kind of sender (this was inconsistent before, but each
sender was effectively the same trait object), a pipeline, and a
`TaskSourceName`. This elminates the need to reimplement the same
queuing code for every task source.
In addition, have workers hold their own `TaskManager`. This allows just
exposing the manager on the `GlobalScope`. Currently the `TaskCanceller`
is different, but this will also be eliminated in a followup change.
This is a the first step toward having a shared set of `Sender`s on
`GlobalScope`.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Create two new data structures in the `script` crate to hold senders and
receiver:
- `ScriptThreadSenders`: holds all outgoing channels from the
`ScriptThread` including a channel to the `ScriptThread` itself. The
ultimate goal with this is to reduce duplication by giving a boxed
version of this this to `Window`s.
- `ScriptThradReceivers`: holds all incoming channels to the
`ScriptThread`. This isn't cloenable like the senders. This is used to
abstract away `recv()` and `try_recv()` methods used to make the
`ScriptThread` event loop easier to read.
In addition:
- The many duplicated `ScriptThread` self-senders for the `TaskManager`
have been removed and, in general, a lot of boilerplate is removed as
well.
- Visibilty of all methods affected by this change is changed to
`pub(crate)` in order to take advantage of dead code detection. Some
dead code produced from macros is removed.
- Some conversion code is refactord into implementations of the `From`
trait.
- The names of channels uses a standard "sender" and "receiver" naming
as well as trying to be descriptive of where they go in `ScriptThread`
as well as `InitialScriptState`
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* few cangc fixes
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
* few cangc fixes
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
---------
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
* Make CanGc non-sendable, and add documentation.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
* Update CanGc usage to fix usages that were moved between threads/tasks.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This change:
1. Adds safety documentation where it was missing.
2. Limits the scope of unsafe code in some cases to where it is actually
unsafe.
3. Converts some free functions to associated functions and methods,
thereby making them more likely to be called safely.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* asan: Add suppression for known false positive
Signed-off-by: ede1998 <online@erik-hennig.me>
* fix: re-suppress lazy_static leaks
lazy_static is still used by dependencies and still leaks
from static variables.
Signed-off-by: ede1998 <online@erik-hennig.me>
* fix: Memory leak of Box<NetworkingTaskSource>
Signed-off-by: ede1998 <online@erik-hennig.me>
---------
Signed-off-by: ede1998 <online@erik-hennig.me>
