This includes removing an implementation of normalize for `ByteString`,
because it is effectively duplicated in net under
`trim_http_whitespace`. This is part of an attempt to cleanup and
centralize code for header parsing and manipulation.
Testing: Covered by existing WPT tests
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
When the computed restyle damage is empty, do not do a layout. Instead,
just rebuild the display list. In the future, even that can be omitted,
but that requires changes to the compositor.
These kind of relayouts commonly happen when the cursor is moving around
the page and no style rules cause changes to :hover.
Testing: This is covered existing WPT tests and should only have
performance
impacts. Unfortunately there are currently no performance tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
To properly compute (the video) element's content size for
layout requires to dirty the element on any intrinstic size changes.
Full list of the operations which cause layout invalidation:
- media metadata update (NEW)
- removing "src" attribute
- video frame update
- show poster image
Testing:
html/semantics/embedded-content/the-video-element/intrinsic_sizes.htm
Fixes: https://github.com/servo/servo/issues/34434
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
This makes servo use less file descriptors for animated images and
avoids the crash described in
https://github.com/servo/servo/issues/36792.
Doing this also forces the end users to be more explicit about whether
they want to deal with all image frames or just the first one.
Previously, `Image::bytes` silently returned only the data for the first
frame. With this change there's now a `frames` method which returns an
iterator over all frames in the image.
Testing: No tests - this simply reduces the number of fds used. Servo
doesn't currently display animated gifs anyways.
Fixes: https://github.com/servo/servo/issues/36792
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
I have modified the Blob.ArrayBuffer implementation to comply with the
specification part of #25209.
See also: #35151.
Testing: This does not seem to affect tested behavior, so no new tests.
Signed-off-by: yoseio <98276492+yoseio@users.noreply.github.com>
This changes includes two semi-related things:
1. Fixes some specification compliance issues when parsing mime
types and charsets for `XMLHttpRequest`.
2. Implements a `<stylesheet>` parsing quirk involving mime types.
Testing: There are tests for these changes.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Instead, use the `filter_map` functions of `std::cell::Ref` and
`accountable_refcell::Ref`, which provide the same functionality as
`ref_filter_map`.
Testing: Refactoring for removing dependency. No extra test is needed.
Fixes: #36851
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
This way, we don't always set the destination to Document (which is as
the spec is written today). Instead, we set it it in the load_data,
depending on which context we load it from.
Doing so allows us to set the `Destination::IFrame` for navigations in
iframes, enabling all frame-related CSP checks.
While we currently block iframes when `frame-src` or `child-src` is set,
their respective tests don't pass yet. That's because we don't yet
handle the cases
where we fire the correct `load` event.
Also update one WPT test to correctly fail, rather than erroring. That's
because it was using the wrong JS test variable.
Part of #4577
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
Disabling the TestBinding-related bindings and implementations saves 2mb
in a release build. Also, we lost the related test preferences when we
turned the layout-2020 tests on, so the tests have all been failing for
a long time.
Testing: Existing tests in CI.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This change adds a shadow-tree widget for `<input type=color>` elements.
It also involves some changes to the way layout interacts with the DOM,
because currently all `input` and `textarea` elements are rendered as
plain text and their descendants are ignored. This obviously doesn't
work for `<input type={color, date, range, etc}>`.
<details><summary>HTML used for the screenshot above</summary>
```html
<input type=color>
```
</details>
Testing: I doubt that this affects WPT tests, because the appearance and
behaviour of the widget is almost entirely unspecified.
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Add mock SVGImageElement interface to fix TIMEOUT WPT tests
which are related to ImageBitmap (html/canvas/*).
https://svgwg.org/svg2-draft/embedded.html#InterfaceSVGImageElement
Rationality of this change to fire event "error" on any attempt to fetch
image resource on href attribute change to not block WPT tests
execution.
Some WPT tests use the legacy namespace attribute "xlink:href", so
support for it was added to source code.
https://svgwg.org/svg2-draft/linking.html#XLinkHrefAttribute
- setAttributeNS("http://www.w3.org/1999/xlink", 'xlink:href', src);
Testing: Covered by existed WPT tests
- fetch/metadata/generated/svg-image*
- html/canvas/element/manual/*
- html/dom/idlharness.https.html
- html/semantics/embedded-content/the-canvas-element/*
- html/webappapis/scripting/events/event-handler-all-global-events.html
- mozilla/interfaces.https.html
Fixes: https://github.com/servo/servo/issues/35881
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
This change adds the simplest kind of incremental layout. When Servo
detects that all style changes only require a repaint, only run stacking
context tree and WebRender display list generation. This means that
these kind of restyles do not need a re-layout. Instead, the existing
box and fragment trees will be used and the styles of damaged nodes will
be updated in their box and fragment tree nodes.
This requires a new style repair DOM traversal for nodes that have had
their style damaged. In addition, careful accounting of all the places
where we store style must happen in order ot update those styles.
Testing: This is covered by existing WPT tests as it should not change
observable behavior.
We have created a test case which shows a 50% speedup when run
in Servo, even though there still a long way to go to match the speed
of other browsers:
https://gist.github.com/mrobinson/44ec87d028c0198917a7715a06dd98a0
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
Fix a IPC hang due to `ReadableStream::get_in_memory_bytes` could return
really huge chunk.
Testing: WPT on ReadableStream should pass
Fixes: IPC hang when transferring huge chunk bytes from `ReadableStream`
cc @gterzian @Taym95 since this is also related to ReadableStream.
---------
Signed-off-by: Yu Wei Wu <yuweiwu@YunoMacBook-Air.local>
Co-authored-by: Yu Wei Wu <yuweiwu@YunoMacBook-Air.local>
Before it was only used when converting to a `Record`, using it all the
times allow us to remove two methods.
Plus added a helper method in CodegenRust.py to avoid repeated code.
Testing: a successful build and existing tests should cover the changes.
Fixes: #36410
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
Also implements a conversion for `TrustedHTMLOrNullIsEmptyString`
to `TrustedHTMLOrString` to avoid introducing a separate
`get_trusted_script_compliant_string` for the new type.
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
The label that is displayed inside a `<select>` element is that of the
selected option, or it's text contents if the option does not have a
label. Therefore, we need to update the `<select>` shadow tree when the
contents of the selected option change.
Testing: Covered by existing web platform tests
Fixes https://github.com/servo/servo/issues/36926
Fixes https://github.com/servo/servo/issues/36925
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Unfortunately while it now passes almost all cases in
`tests/wpt/tests/content-security-policy/script-src/nonce-enforce-blocked.html`,
the test in question doesn't pass yet as it requires all cases to be
correct. Here, we still miss the "check for duplicate attributes during
parsing". Since we don't have this information available yet from the
parser, skip this for now.
Part of #36437
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
When the canvas context mode is a placeholder then we shouldn't resize
the context.
Testing: Includes a new test
Fixes: https://github.com/servo/servo/issues/36846
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Prevent overflowing by not calculating the area and reordering
arithmetic operations.
Testing: No regression in wpt tests:
1495105545
Fixes: https://github.com/servo/servo/issues/36940
Signed-off-by: webbeef <me@webbeef.org>
To be able to abort the update, extract the functionality into a
separate method. Otherwise, we don't run the `node.rev_version` at the
end, which according to the comment is probably important.
Not all `style-src` tests pass and I don't fully understand why yet, but
I presume it has to do with some special quirks of stylesheets that
other CSP checks don't have. All `style-src-attr-elem` tests pass
though.
Part of #4577
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
<!-- Please describe your changes on the following line: -->
Fix ImageData constructor to take a Uint8ClampedArray instead of
js_object
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#31320
<!-- Either: -->
- [x] These changes do not require tests because there is not behavior
change.
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
All logic is implemented in `report_csp_violations` to avoid
pulling in various element-logic into SecurityManager.
Update the `icon-blocked.sub.html` WPT test to ensure that
the document is the correct target (verified in Firefox and Chrome).
Fixes#36806
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
These changes allow test_dom_token_list from
/execute_script/collections.py to pass, and various tests in
/execute_script/arguments.py to expose new failures.
Testing: Not run in CI yet, but verified results from
tests/wpt/tests/webdriver/tests/classic/{execute_script,execute_async_script}
locally.
Fixes: #35738
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
`ensure_rare_data` returns a RefMut that extends the borrow of
Node.rare_data. This can lead to a panic in any method that triggers a
GC while this borrow is outstanding, such as Node.childNodes.
Testing: Manual testing on the testcase from the issue. It is impossible
to create a deterministic WPT crash test that is fast enough and can be
counted upon to continue working in the future.
Fixes: #36868
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
The two significant changes here are 1) a commit that frees memory used
to perform memory reporting once the reporting is complete, 2) memory
reporting for the system font service. There are various other commits
that remove `#[ignore_malloc_size_of]` attributes for data that we are
now able to measure, but they do not significantly change our
measurements when testing servo.org.
Testing: Comparing the output of about:memory on servo.org.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
The existing code asserts that attribute nodes are never serialized.
This is wrong, because you can pass an attribute node to
`XMLSerializer::serializeToString`. Instead, the spec mandates that
these are serialized as empty strings
(https://w3c.github.io/DOM-Parsing/#dfn-xml-serialization-algorithm).
Testing: Includes a new web platform test
Fixes: https://github.com/servo/servo/issues/36872
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
When slicing a blob that is already sliced we should reference it's
parent's data instead of creating a subview into the sliced blob. This
keeps the blob ancestry chain small and reduces the number of blobs that
we have to resolve.
Testing: Includes a new crashtest
Fixes: https://github.com/servo/servo/issues/36843
[try
run](1484487366)
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
<!-- Please describe your changes on the following line: -->
This implements `document.scrollingElement`
(https://drafts.csswg.org/cssom-view/#dom-document-scrollingelement).
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#35700
- [x] There are tests for these changes
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: JimmyDdotEXE <50691404+JimmyDdotEXE@users.noreply.github.com>
Spec has updated so that all responses that aren't 200 shall fail the
event source connection.
Testing: Covered by
`tests/wpt/tests/eventsource/request-status-error.window.js`
---------
Signed-off-by: Keith Yeung <kungfukeith11@gmail.com>
Spec has updated so that any null characters in the `id` field name
would result in the value being ignored.
Testing: Covered by
`tests/wpt/tests/eventsource/format-field-id-null.window.js`
Signed-off-by: Keith Yeung <kungfukeith11@gmail.com>
This change connects the `HighlighterActor` from the devtools with the
document, which will draw a blue rectangle over any highlighted dom
node.
https://github.com/user-attachments/assets/571b2dab-497f-4102-9e55-517cdcc040ba
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes do not require tests because we don't have devtools
tests
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This change removes the early return in `MessagePort::Close` that
occurred when the message port was detached. The
[spec](https://html.spec.whatwg.org/multipage/web-messaging.html#dom-messageport-close)
doesn't prescribe this behaviour for detached ports for this operation,
so the early return was unnecessary.
Testing: Runs ./mach test-wpt /webmessaging/ and ./mach test-wpt
/streams/
Fixes: [servo-36765](https://github.com/servo/servo/issues/36765)
Signed-off-by: Graham Lowe <graham.lowe@gmail.com>
Co-authored-by: Graham Lowe <graham.lowe@gmail.com>
Part of #36258
Built on top of #36668
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implements the Document.write algorithm covering
Trusted HTML.
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This follows the rules as defined in
https://w3c.github.io/webappsec-csp/#security-inherit-csp
where local iframes (about:blank and about:srcdoc) should
initially start with the CSP rules of the parent. After
that, all new CSP headers should only be set on the
policy container of the iframe.
Part of #36437
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
As a follow-up to the recent introduction of `script.src`
as trusted sink, this PR refactors machinery to also
support `TrustedScript`. In doing so, all trusted sinks
in `HTMLScriptElement` are now covered.
Instead of calling the callbacks in `policy.createX`,
we now have a `TrustedType` enum that specifies which callback
to invoke. Unfortunately we still have the `USVString` vs
`DOMString` problem, which is why we need to `.map` twice
to retrieve the backing `String` and avoid two different
types.
Additionally, I saw that `script.text` should have called
the "String replace all" algorithm rather than setting the
child contents. So that's also now fixed.
Part of #36258
Requires servo/html5ever#608
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Also update a WPT test to fail-fast if the iframe incorrectly
evaluates the `eval`. Before, it would run into a timeout if
the implementation is correct. Now we reject the promise
when an exception is thrown.
Requires servo/rust-content-security-policy#6
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
