Implement raw export of HMAC keys. JWT export of HMAC keys will come in
a separate PR.
Testing: WPT
Fixes: Partially #39060
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
Phantom line boxes should be treated as non-existing for most purposes,
so don't let them affect the baseline of their block container.
Testing: An existing test passes, and also adding a new one which
doesn't rely on `<button>`
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
Autoincrementedness was previously being reported as always false. This
PR makes the state become queried from the backend, as the spec
specifies. Additionally this PR ensures the backend correctly handles an
object store which autoincrements.
Testing: WPT
Fixes: None
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
This method could iterate all the items in the inline formatting context
that was being created. This patch turns it into a field, replacing
`has_uncollapsible_text_content` (so this doesn't increase memory).
Testing: Not needed, no behavior change
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
This doesn't appear to make a big difference in speedometer results, but
this removes some code from the hot path of creating DomRoot values.
Before: `Score: 30.381097406624708 ± 2.0393225244958018`
After: `Score: 30.344639420871395 ± 1.9359337921154696`
Testing: Existing WPT coverage
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
One commonly encountered mechanism in servo is using ipc channels
together with the router, to register a custom callback to run in the
current process, when receiving a reply.
The new `GenericCallback` abstracts over this, and allows executing an
arbitrary callback in the process of the `GenericCallback` creator. In
multiprocess mode, this internally uses ipc channels and follows the
existing pattern.
In single process mode, we execute the callback directly, which avoids
one call to the router.
Executing the callback still incurs synchronization, since we need to
support cloning the abstraction, and the callback closure may be
`FnMut`. Future work could provide more optimized abstractions for
callbacks that don't have these requirements.
This PR allows applying #38782 again, which was previously reverted in
#38940 due to the lack of custom callback support.
See also the module documentation in `generic_channel/callback.rs`.
Testing: This PR adds unit tests. Also passes the manual testcase from
#38939
Part of #38912
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Signed-off-by: Jonathan Schwender <55576758+jschwe@users.noreply.github.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
These changes add a custom servo:preferences URL that allows modifying
selected preferences at runtime. The goal of this work is to make it
easy to test pages while toggling experimental web platform features,
and support quickly changing the User-Agent header.
Testing: Manually verified that spacex.com loads correctly after
changing the user agent, and that https://polygon.io/ displays grid
elements correctly and no console errors with the experimental prefs
enabled.
Fixes: #35862
<img width="1136" height="880" alt="Screenshot 2025-07-18 at 1 06 23 AM"
src="https://github.com/user-attachments/assets/2d27c321-6ca0-43c3-a347-7bc4b55272df"
/>
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
We store a pointer to the ScriptThread singleton for a thread in
thread-local storage. While we don't have yet have profiles pointing to
this TLS access as a hot spot, we can remove a potential performance
footgun without a lot of effort by passing around small pieces of data
that we otherwise need to fetch from the ScriptThread.
Testing: Existing WPT is sufficient
Fixes: part of #37969
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
According to the WebGPU specification there are the dedicated task
source
which is used to queue a global task for a GPUDevice on content
timeline.
https://gpuweb.github.io/gpuweb/#-webgpu-task-source
Tasks on content timeline:
- to fire "uncaptureevent" event
- to resolve GPUDevice.lost promise
Also fixed the "isTrusted" attribute status (false -> true) of the
"uncaptureevent" event by using non JS version of event dispatching.
Testing: No changes in WebGPU CTS expectations
- webgpu:api,operation,uncapturederror:*
- webgpu:api,operation,device,lost:*
- webgpu:api,validation,state,device_lost,destroy:*
Signed-off-by: Andrei Volykhin <volykhin.andrei@huawei.com>
Co-authored-by: Andrei Volykhin <volykhin.andrei@huawei.com>
Creates schemas to hold index information. These tables are created when
the database is initialized. These tables are not updated however.
Testing: WPT and unit
Fixes: Partially #38100
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
This is fixup for #37776. We forget to skip documents with
waiting_on_canvas_image_updates flag.
Testing: Existing WPT tests and manual testing
Fixes: #39021
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Move interfaces defined by the WebRTC specification to the
`script/dom/webrtc/` module from `script/dom/`.
`script/dom/rtc*.rs -> script/dom/webrtc/`
Testing: No changes, just a refactoring
Fixes (partially): #38901
Signed-off-by: Andrei Volykhin <volykhin.andrei@huawei.com>
Co-authored-by: Andrei Volykhin <volykhin.andrei@huawei.com>
This change ports all `EmbedderMsg` reply channels that don't use the
`ROUTER` to GenericChannel.
The remaining reply channels that use the router are blocked until
#38973 is merged.
This is a breaking change in the API between libservo and embedders.
Future work: A lot of the reply channels in this PR look like they
conceptually should be oneshot ipc channels. It might make sense to
provide a `OneshotGenericChannel` abstraction that encodes this.
Testing: No functional changes - covered by existing tests. None of the
channels changed here uses the Router
Part of #38912
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Helvetica isn't quite right but it's a better default choice than a
monospaced font like Menlo (it should be some variant of Apple's San
Francisco font, but that isn't easily exposed)
Testing: Untested, but matches the font family used for `sans-serif` so
it should be safe
Signed-off-by: Darryl Pogue <darryl@dpogue.ca>
Adds epoch to each WR image op command that is sent to compositor. The
renderer now has a `FrameDelayer` data structure that is responsible for
tracking when a frame is ready to be displayed. When asking canvases to
update their rendering, they are given an optional `Epoch` which denotes
the `Document`'s canvas epoch. When all image updates for that `Epoch`
are seen in the renderer, the frame can be displayed.
Testing: Existing WPT tests
Fixes: #35733
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
In #38745, we changed the id of Frame and Window as the result of
`ToString` trait. This PR
- adapts the parsing of frame/window accordingly.
- for frame, return the
[WindowProxy](https://developer.mozilla.org/en-US/docs/Web/API/WindowProxy)
object of the iframe as it's supposed to do.
Testing: `execute_{async_}script/arguments.py`
---------
Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
Add type around CG class for code generatio Web IDL in codegen.py
Testing: *Describe how this pull request is tested or why it doesn't
require tests*
Fixes: *Link to an issue this pull requests fixes or remove this line if
there is no issue*
---------
Signed-off-by: Jerens Lensun <jerensslensun@gmail.com>
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
This change was previously part of
fb1c0a4c48, which got reverted due to an
issue
with the compositor channel.
Split this change out into a separate PR, as it probably should have
been in the first place. Presumably it was one change before, since
serialization of crossbeam generic channels in single-process mode was
not implemented yet at the time.
Testing: Covered by existing tests. No custom callbacks involved.
Part of #38912
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Port the reply / back channels of StorageThreadMsg to GenericChannel.
Testing: No functional changes
Part of #38912
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Move interfaces defined by the WebGL spec to the `script/dom/webgl/
`module from `script/dom/`.
`script/dom/webgl*.rs` -> `script/dom/webgl/`
`script/dom/webgl_extensions` -> `script/dom/webgl/extensions`
`script/dom/webgl_validations` -> `script/dom/webgl/validations`
Testing: No changes, just a refactoring
Fixes (partially): #38901
Signed-off-by: Andrei Volykhin <volykhin.andrei@huawei.com>
Co-authored-by: Andrei Volykhin <volykhin.andrei@huawei.com>
Replaced usage of `typed_insert` since it ended converting `UTF-8` to
lowercase.
Removed one of the test cases since it wasn't following spec since
[xhr/205](https://github.com/whatwg/xhr/pull/205).
Testing: Changes covered by wpt
Fixes: #20436
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
Instead of doing font selection and text shaping in `canvas`, move this
to `script`. This allows canvas to use the shared `Document`
`FontContext`, which has access to web fonts. In addition, ensure that
there is a font style accessible for `OffscreenCanvas` in workers.
Testing: This causes a number of WPT tests to start to pass as web fonts
are
supported on canvas again. In addition, some start to fail as they
expose other
issues:
- The lack of support for the `Context2D.fontStretch` property
- Issues with zerosize gradient interpolation.
- Differences between quoted and unquoted font family names. This seems
like
a timing issue with the way we are handling web fonts. The test seems to
be
expecting Local fonts to be available immediately (without waiting for
them
to load). This isn't how Servo works ATM. Seems like an issue with the
test.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Sets the indexeddb request error when the backend errors out. This also
matches statements to the spec.
Testing: Covered by WPT
Fixes: General indexeddb
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
- Add `ShadowRoot` to `JSValue` to avoid
`WebDriverJSError::UnknownType`, and
`JavaScriptEvaluationError::SerializationError` when execute JS from
embedder.
- Add unit test.
- Move [is_detached](https://w3c.github.io/webdriver/#dfn-is-detached)
to `fn is_detached` to be reused.
- Other random simplification.
Testing: WebDriver conformance tests.
---------
Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
Fixes a check for empty options in `getAll(options)` and makes url
comparison with exclude fragments set to true.
Testing: New passing WPT tests
Part of #37674
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
We pass in the new trait implementation to process the value,
which the CSP crate calls in its implementation. Additionally,
since the request url can change, we need to propagate that
to load_data as well.
This also avoids a crash when a discarded browsing context is
accessed while navigating the iframes in the WPT tests. This
is a known issue, but hampers investigation into actual
Trusted Types support.
All tests using iframes don't work, as they don't have the
correct browsing context. The other tests do work, but some
fail on header ascii parsing (#36801) or error while handling
errors. That last one I don't understand based on the current
code and I would need to do a deep-dive in the existing code
to understand better what's going on.
Part of #36258
Part of #37920
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Moves interfaces defined by the gamepad spec to the
`script/dom/gamepad/` module from `script/dom/`.
Testing: Just a refactor shouldn't need any testing
Fixes: N/A
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
Currently the embedding API only provides the embedder with the URL for
a favicon. This is not great, for multiple reasons:
* Loading the icon should happen according to the fetch spec which is
not easy for the embedder to recreate (consider CSP, timing information
etc)
* Rasterizing a svg favicon is not trivial
With this change, servo fetches and rasterizes the icon to a bitmap
which is then passed to the embedder.
Testing: I'm not sure how I can write tests for the embedding api. I've
tested the correctness manually using
https://github.com/servo/servo/pull/36680.
Prepares for https://github.com/servo/servo/pull/36680
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Forward any deserialization errors to the receiver, instead of panicking
on the router thread. This change was previously part of #38782, which
got reverted, since generic channels don't support custom router
callbacks yet. Propagating the error is still something we want, and
landing this separately will reduce the diff of the PR that introduces
generic callbacks.
Testing: Should be covered by existing tests. Also manually tested
https://github.com/servo/servo/issues/38939
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Signed-off-by: Jonathan Schwender <55576758+jschwe@users.noreply.github.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
In general, `raqote` is essentially umaintained and has issues with
quality (for instance text rendering has lots of issues) and removing it
finally lets us remove our dependency on `font-kit`. Although,
`vello_cpu` performance is not yet equal to raqote, rendering quality is
a lot better. It's expected that `vello` and `vello_cpu` performance
will keep improving.
Testing: This is covered by existing WPT tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Sanitization of object store names brought some problems because of
replacing special characters and making it impossible to have certain
object store names that are allowed by the spec. These changes make sure
deterministic UUIDs are used for file paths plus object store names are
inserted into SQLite without sanitization.
Testing: Covered by existing tests and new unit tests were added.
Fixes: #37569
---------
Signed-off-by: Rodion Borovyk <rodion.borovyk@gmail.com>
This is preparation for #38740, which wants to use DOMExceptions without
immediately throwing them and aborting execution.
Testing: Existing WPT coverage will suffice for this refactor.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
The `CrossProcessCompositorApi` already provides methods for most
messages.
Remove the `sender()` method, and hide the IpcSender as an
implementation detail. This is a preparation for abstracting over the
internal IpcSender.
Testing: No functional changes
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Ports the channel returning the result of `GenerateFontKeys` to generic
channel
Testing: No functional changes - Covered by existing tests
Part of https://github.com/servo/servo/issues/38912
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
We really want to remove font-kit from dep tree, so this is the first
step into removing raqote from servo. While vello_cpu is not perfect
replacement, I am confident that we will resolve all issues eventually:
https://github.com/servo/servo/issues/38345 (most important ones already
have PRs).
Reviewable per commit.
Testing: Existing WPT tests.
Try run: https://github.com/sagudev/servo/actions/runs/17138369290
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Bumps [data-url](https://github.com/servo/rust-url) from 0.3.1 to 0.3.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/servo/rust-url/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Euclid Ye <euclid.ye@huawei.com>
Parameterize and rename both `Layout::content_box_query` and
`Layout::content_boxes_query` to support the query of rendered padding
area and content area that accounts for transform and scroll. Both of
these query have been misleading for a time since they are using border
box, instead of content box of a Node.
This PR adds a new type `layout_api::BoxAreaType` to be passed from
`ScriptThread` to `LayoutThread` to query the respective area. It is
then used for the query within `IntersectionObserver` to pass several
WPTs.
Testing: Existing WPT Coverage.
---------
Signed-off-by: Jo Steven Novaryo <jo.steven.novaryo@huawei.com>
This change includes the following additions to GenericChannel:
- Add a GenericSend trait which is meant to replace the `IpcSend` trait
over time, as channels are migrated. For the time being this means, that
we often need to use `GenericSend::send()` to disambiguate from the
`IpcSend::send` function, until all usages of `IpcSend` have been
replaced.
- Add an OpaqueSender impl for GenericSender
- Add a profiled version of GenericChannel. The profiling is 1:1 the
same as for the existing profiled IPC channel, namely that only the
blocked time during `recv` is measured.
Testing: No functional changes, covered by existing tests
Part of #38912
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
Testing: These changes should be covered by existing web platform tests
and `image`'s own test suite.
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
