This is needed by the IndexedDBKeyRange implementation.
Doesn't fix anything since it isn't used at the moment.
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
Many object store related operations require the transaction to be
checked: to ensure it is still active, and, if the operation is a write,
that the transaction is not read-only. I've added the
`check_transaction` method to perform these checks.
Additionally `Clear` was still half-implemented, so I went ahead and
implemented that.
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
This change refactors how we notify DevTools about network activity so
that all fetches (even those served from cache) appear correctly in the
Network panel, and so that DevTools sees request metadata as soon as
possible rather than waiting until the end of a full HTTP cycle.
- Before, we only send DevTools events inside http_network_fetch, so
cached responses (which skip that path) never show up. By emitting a
minimal HttpRequest event at the very start of main_fetch (with URL,
method, pipeline and browsing IDs), we guarantee every fetch shows up
immediately.
- Then, by moving HttpResponse notifications out of http_network_fetch
into main_fetch (right after process_response and process_response_eof),
we ensure DevTools gets status, header, and completion events for both
network and cache hits. Leveraging nullable fields in NetworkEventActor
lets us incrementally fill in timing, header, and body data later,
improving DevTools’ visibility.
Testing: Ran servo with `--devtools=6080` flag, cached responses now
appear in the network panel
Fixes: https://github.com/servo/servo/issues/37869
---------
Signed-off-by: Uthman Yahaya Baba <uthmanyahayababa@gmail.com>
Digging into several crashing tests revealed that committing
transactions is a fallible operation. Propagating those errors led to
exposing many new errors caused by the IDBRequest implementation
assuming that all successful responses contained a structured clone. The
end result is a bunch of new test failures that were previously hidden.
Testing: Existing test coverage is sufficient.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This change allows the compiler to recognize if any read-only operations
are missing an implementation when processing a readonly transaction.
Testing: The existing behaviour is unchanged, so current tests suffice.
The new code is unused and cannot be tested.
Fixes: part of #6963
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Improves the implementation of keys to a point where key ranges can be
implemented as well.
Due to me making branching mistakes I'll have to cherry-pick out the
first commit (it's from #37682)
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
This pull request introduces changes to the storage subsystem to:
- Isolate sessionStorage per top-level browsing context (WebViewId), in
addition to origin.
- Copy sessionStorage when creating a new auxiliary browsing context
without
noopener, as required by the corresponding spec
These changes bring Servo closer to spec compliance, matching expected
browser
behavior.
Testing: This work affects observable behavior. As a result, some
previously
failing WPT tests now pass. No new tests are added, since the behavior
is
already covered by existing web-platform-tests.
Fixes: #21291
---------
Signed-off-by: Jan Varga <jan.varga@gmail.com>
This creates a new method in shared/compositing/lib to generate image
keys that are send over the webview. This does not immediately return
the keys but goes over the constellation to receive the keys from the
IOCompositor. To make this more efficient, we now cache the keys in
image_cache in a simple FIFO order. The old blocking method stays intact
for now but got renamed to make the blocking clear.
The blocking calls that are left are in:
- `components/canvas/canvas_data.rs`
- `components/script/dom/htmlmediaelement.rs`
Testing: WPT tests should cover this as this doesn't change any
functionality.
Fixes: Was mentioned in
https://github.com/servo/servo/issues/37161#issuecomment-2915750051 and
part of https://github.com/servo/servo/issues/37086
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
Co-authored-by: gterzian <2792687+gterzian@users.noreply.github.com>
This is finishing some incomplete cleanup from #33044. Kitchen sink enum
types like IndexedDBThreadReturnType make code harder to read and
require ignoring variants that will never be sent in many cases.
Testing: No behaviour change; existing WPT tests suffice.
Fixes: part of #6963
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Adds indexeddb support to servo. At the moment heed is being used as the
backend, although this can be swapped out by implementing `KvsEngine`.
This PR adds a thread + a thread pool for Indexeddb related operations.
Also `database_access_task_source` is added for Indexeddb related
operations.
This is a partial rewrite of #25214. (Reopened due to branching issue)
Fixes#6963
---------
Signed-off-by: Ashwin Naren <arihant2math@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Rasmus Viitanen <rasviitanen@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
These changes allow a minimal set of checks for font-src
CSP checks to pass.
Part of #4577
Part of #35035
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This change adds support for rendering static SVG images using the
`resvg` crate, allowing svg sources in the `img` tag and in CSS
`background` and `content` properties. There are some limitations in
using resvg:
1. There is no support for animations or interactivity as these would
require implementing the full DOM layer of SVG specification.
2. Only system fonts can be used for text rendering. There is some
mechanism to provide a custom font resolver to usvg, but that is not
explored in this change.
3. resvg's handling of certain edge cases involving lack of explicit
`width` and `height` on the root svg element deviates from what the
specification expects from browsers. For example, resvg uses the values
in `viewBox` to derive the missing width or height dimension, but
without scaling that dimension to preserve the aspect ratio. It also
doesn't allow overriding this behavior.
Demo screenshot:
<details>
<summary>Source</summary>
```
<style>
#svg1 {
border: 1px solid red;
}
#svg2 {
border: 1px solid red;
width: 300px;
}
#svg3 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: contain;
}
#svg4 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: cover;
}
#svg5 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: fill;
}
#svg6 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: none;
}
</style>
</head>
<body>
<div>
<img id="svg1" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
</div>
<div>
<img id="svg2" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
<img id="svg3" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
<img id="svg4" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
</div>
<div>
<img id="svg5" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
<img id="svg6" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
</div>
</body>
```
</details>
---------
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Our persistent localstorage data can be meaningfully large after testing
real world sites. This change ensures it shows up in about:memory.
Testing: Opened about:memory after launching the browser with a
persistent config
Fixes: Part of #11559
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Plumbs in the memory reporting into resource_thread since that's where
the other user of the public suffix list (HSTS) reports.
Testing: Checked about:memory on servo.org
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
This changes includes two semi-related things:
1. Fixes some specification compliance issues when parsing mime
types and charsets for `XMLHttpRequest`.
2. Implements a `<stylesheet>` parsing quirk involving mime types.
Testing: There are tests for these changes.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Fix a IPC hang due to `ReadableStream::get_in_memory_bytes` could return
really huge chunk.
Testing: WPT on ReadableStream should pass
Fixes: IPC hang when transferring huge chunk bytes from `ReadableStream`
cc @gterzian @Taym95 since this is also related to ReadableStream.
---------
Signed-off-by: Yu Wei Wu <yuweiwu@YunoMacBook-Air.local>
Co-authored-by: Yu Wei Wu <yuweiwu@YunoMacBook-Air.local>
When slicing a blob that is already sliced we should reference it's
parent's data instead of creating a subview into the sliced blob. This
keeps the blob ancestry chain small and reduces the number of blobs that
we have to resolve.
Testing: Includes a new crashtest
Fixes: https://github.com/servo/servo/issues/36843
[try
run](https://github.com/simonwuelker/servo/actions/runs/14844873660)
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Rather than sharing the full image cache in a script_thread, the image
cache is now unique per document. This ensures that CSP factors no
longer affect whether the image is retrieved from the cache incorrectly.
To do so, the thread_pool is shared across all caches, but the store is
fresh. Except for the place_holder{image,url}, which are cloned. That's
because the `rippy_data` is only available in the constellation and no
longer accessible at the point that we need to create the document in
the script_thread.
Contrary to the description in #36505, the script_thread still has an
image_cache for this reason: so it has access to the store and
thread_pool to clone it.
With these changes, the two CSP tests no longer flake. Confirmed with
running the following commmand:
```
./mach test-wpt tests/wpt/tests/content-security-policy/generic/ --rerun=10
```
Fixes#36505
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This removes a bunch of duplicated code needed to support
ConditionalMallocSizeOf correctly, and fixes multiple places where that
code was subtly wrong (the seen pointers hashset was never cleared).
Testing: Measuring https://www.nist.gov/image-gallery lots of times.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This allows removing a LazyLock around the resources.
We override the baked in resources unconditionally in servoshell
upon initialization anyway
([desktop](9f93ccd942/ports/servoshell/desktop/cli.rs (L15)),
[android](9f93ccd942/ports/servoshell/egl/android/simpleservo.rs (L49)),
[ohos](9f93ccd942/ports/servoshell/egl/ohos/simpleservo.rs (L43))
), meaning that the baked in resources
are unused in servoshell.
For 3rd-party embedders, we probably also want to the let them know
early that they should initialize the resources, instead of
restricting the panics to production mode.
Rippy is the only resource which was required. Since it is only
253 bytes large, we just bake that resource in as a fallback.
We do want to make using the resources easy from tests, so we add
some logic to keep the baked in resources for tests only and initialize
the resource reader on first access.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
These changes add a new report for image cache memory usage for each
script thread.
Testing: Looked at the numbers after browsing various stock photo sites
that show galleries of images.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
It also updates the FetchResponseListener to process CSP violations to
ensure that iframe elements (amongst others) properly generate the CSP
events. These iframe elements are used in the Trusted Types tests
themselves and weren't propagating the violations before.
However, the tests themselves are still not passing since they also use
Websockets, which currently aren't using the fetch machinery itself.
That is fixed as part of [1].
[1]: https://github.com/servo/servo/issues/35028
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
These two traits both exposed different parts of the compositing API,
but now that the compositor doesn't depend directly on `script` any
longer and the `script_traits` crate has been split into the
`constellation_traits` crate, this can be finally be cleaned up without
causing circular dependencies. In addition, some unit tests for the
`IOPCompositor`'s scroll node tree are also moved into
`compositing_traits` as well.
Testing: This just combines two crates, so no new tests are necessary.
Fixes: #35984.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Propagate through documents a flag that represents if any of the
ancestor navigables has a potentially trustworthy origin.
The "potentially trustworthy origin" concept appears to have gotten
confused in a couple of places and we were instead testing if a URL had
"potentially trustworthy" properties.
The main test for the ancestor navigables is
[mixed-content/nested-iframes](https://github.com/web-platform-tests/wpt/blob/master/mixed-content/nested-iframes.window.js)
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#36108
<!-- Either: -->
- [X] There are tests for these changes
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
* Add doc comments to RequestBuilder fields/methods
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Implement Request::cryptographic_nonce_metadata
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Implement HTMLOrSVGElement::nonce
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Set request cryptographic nonce metadata for link elements
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Set request's cryptographic nonce when fetching scripts
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Forward request nonce to rust-content-security-policy
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Update WPT expectations
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Use 2024 style edition
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Reformat all code
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Update to rust 1.85
This is needed for cargo-deny
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Upgrade crown
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Clippy fixes
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Re-upgrade cargo-deny to 0.18
Keeping it locked to 0.18 just in case they
update their required rustc version again
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This patch implements the `FontFace` interface, but with some caveats
1. The interface is only exposed on `Window`. Support for Workers will
be handled in the future.
2. The concept of `css-connected` `FontFace` is not implemented, so
`@font-face` rules in stylesheets will not be represented in the DOM.
3. The constructor only supports using `url()` strings as source
and `ArrayBuffer` and `ArrayBufferView` are not supported yet.
A skeleton implementation of the `load` method of `FontFaceSet` is also
implemented in this patch. The intention is to support some web pages
that don't load without this method.
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
`EmbedderMsg` was previously paired with an implicit
`Option<WebViewId>`, even though almost all variants were either always
`Some` or always `None`, depending on whether there was a `WebView
involved.
This patch adds the `WebViewId` to as many `EmbedderMsg` variants as
possible, so we can call their associated `WebView` delegate methods
without needing to check and unwrap the `Option`. In many cases, this
required more changes to plumb through the `WebViewId`.
Notably, all `Request`s now explicitly need a `WebView` or not, in order
to ensure that it is passed when appropriate.
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Instead of setting up a route for every image load in the DOM / Layout,
route all incoming image cache responses through the `ScriptThread`.
This avoids creating a set of file descriptor for every image that is
loaded.
This change requires having the `ImageCache` track the `PipelineId` of
the original the listener so that the `ScriptThread` can route it
properly to the correct `Window`.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating an IPC channel for every fetch, allow cancelling
fetches based on the `RequestId` of the original request. This requires
that `RequestId`s be UUIDs so that they are unique between processes
that might communicating with the resource process.
In addition, the resource process loop now keeps a `HashMap` or `Weak`
handles to cancellers and cleans them up.
This allows for creating mutiple `FetchCanceller`s in `script` for a
single fetch request, allowing integration of the media and video
elements to integrate with the `Document` canceller list -- meaning
these fetches also get cancelled when the `Document` unloads.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This allows reusing the asynchrnous fetch mechanism that we use for page
resources and is likely a step toward removing the `FetchThread`.
Benefits:
- Reduces IPC traffic during navigation. Now instead of bouncing
between the constellation and the `ScriptThread` responses are sent
directly to the `ScriptThread`.
- Allows cancelling loads after redirects, which was not possible
before.
There is the question of what to do when a redirect is cross-origin
(#23037). This currently isn't handled properly as the `Constellation`
sends data to the same `Pipeline` that initiated the load. This change
doesn't fix this issue, but does make it more possible for the
`ScriptThread` to shut down the pipeline and ask the `Constellation` to
replace it with a new one.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* fix: add source browsing ctx id to request when initiate navigation
Signed-off-by: Jason Tsai <git@pews.dev>
* chore: clippy
Signed-off-by: Jason Tsai <git@pews.dev>
* Update components/net/http_loader.rs
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Jason Tsai <git@pews.dev>
* chore: apply suggestions
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Jason Tsai <git@pews.dev>
* chore: fix naming
Signed-off-by: Jason Tsai <git@pews.dev>
* refactor: set request browsing ctx id on pre page load
Signed-off-by: Jason Tsai <git@pews.dev>
---------
Signed-off-by: Jason Tsai <git@pews.dev>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
* Fix deprecated PanicInfo alias
Fixes:
```rust
use of deprecated type alias `std::panic::PanicInfo`: use `PanicHookInfo` instead
```
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
* build: upgrade rustc to 1.82.0
Tracking issue for the silenced lints:
https://github.com/servo/servo/issues/34591
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
* Remove unused deps
This doesn't seem to remove any deps from the workspace.
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
* ohos: Remove gaol dependency
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
---------
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
