Commit graph

10083 commits

Author SHA1 Message Date
Taym Haddadi
b6a89ae408
Fix BorrowMutError crash in form reset (#36726)
Fixes: #36724

Signed-off-by: Taym <haddadi.taym@gmail.com>
2025-04-29 18:59:50 +00:00
Andrei Volykhin
6b2a755736
canvas: Apply large size limitations (#36445)
To prevent any potential crash/OOM issues with "canvas" element
from "rogue" applications let's apply large size limitations for context
canvas2d's draw target to Servo (similar approach in Firefox/Chromium -
they limits width and height to 32767/65535 pixels).

Fixes: #36155, #34117, #30164, #24710

--
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] There are tests for these changes

tests/wpt/tests/html/canvas/element/canvas-host/2d.canvas.host.size.large.html

tests/wpt/tests/html/canvas/offscreen/canvas-host/2d.canvas.host.size.large.html

tests/wpt/tests/html/canvas/offscreen/canvas-host/2d.canvas.host.size.large.worker.js

Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
2025-04-29 13:48:30 +00:00
atbrakhi
b92542b756
Devtools: Support worker scripts in Debugger > Source panel (#36562)
This patch adds support for listing `worker scripts` in `debugger >
source` panel

For example:
```
<!-- test.html -->
<!doctype html><meta charset=utf-8>
<script>
    setTimeout(() => {
        console.log("inline classic");
        new Worker("worker.js");
        
        const blob = new Blob([`console.log("blob worker");`], { type: "text/javascript" });
        const blobURL = URL.createObjectURL(blob);
        new Worker(blobURL);
    }, 2000);
</script>
```

```
// worker.js
console.log("external classic worker");
```

```
./mach run --devtools=6080 http://127.0.0.1:3000/test.html
```

![file1](https://github.com/user-attachments/assets/84dd94b9-95d8-4087-b4bb-ab936fca0023)


Another example:
```
./mach run --devtools=6080 https://charming.daz.cat/ 
```


![blob](https://github.com/user-attachments/assets/a1341ee4-3a1c-4cca-ac04-658675cdcf39)


- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes partially implement #36027
- [x] These changes require tests, but they are blocked on
https://github.com/servo/servo/issues/36325

---------

Signed-off-by: atbrakhi <atbrakhi@igalia.com>
2025-04-29 08:27:42 +00:00
Taym Haddadi
4d975e947b
Start adding support for transforms in readable and writable streams (#36470)
Start adding support for transforms in readable and writable streams.
Part of https://github.com/servo/servo/issues/34676
2025-04-28 11:02:55 +00:00
Xiaocheng Hu
02b38adf43
Rewrite node insertion algorithm to match the spec (#35999)
Per [spec](https://dom.spec.whatwg.org/#concept-node-insert), adoption
of new node should be done while inserting the node. This patch moves
the call site of `adopt` to inside `insert` to match it.

It also rewrites some existing code to better match the spec without any
behavioral changes.

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #___ (GitHub issue number if applicable)

<!-- Either: -->
- [X] There are tests for these changes OR
- [ ] These changes do not require tests because ___

<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->

<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->

---------

Signed-off-by: Xiaocheng Hu <xiaochengh.work@gmail.com>
2025-04-28 10:56:53 +00:00
elomscansio
b1d0b6a37b
htmlinputelement: Update radio group validity logic for disconnected trees (#36431)
This PR updates the validity state revalidation behavior for radio input
elements, ensuring consistent logic regardless of tree connectivity.

---

**What’s changed:**  
- we now always update the validity state.
- Handled more edge cases for disconnected trees, shadow roots, and
cross-tree movement.
- Ensured that radio group updates still trigger when a parent is moved
into a different root.
- Updated test expectations in
`radio-disconnected-group-owner.html.ini`.

---

**Why this matters:**  
The updated logic aligns better with the [HTML
specification](https://html.spec.whatwg.org/multipage/input.html#radio-button-group),
especially regarding radio group behavior in disconnected trees or
shadow DOM.

These changes improve validity propagation in scenarios like:
- Appending inputs into a disconnected form
- Shadow roots acting as radio group containers
- Cross-tree movement of radio buttons

---

**Tests:**  
- Modified `radio-disconnected-group-owner.html.ini`
  - Removed a test that now passes
- Added a failing test expectation caused by a spec bug: the fragment
parsing algorithm uses the connected tree for HTML set via `innerHTML`,
affecting radio group computation

---

**Spec reference:**  
https://html.spec.whatwg.org/multipage/input.html#radio-button-group

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report an errors
- [ ] These changes fix #

<!-- Either: -->
- [X] There are tests for these changes

Signed-off-by: Emmanuel Paul Elom <elomemmanuel007@gmail.com>
2025-04-28 01:24:43 +00:00
elomscansio
085ad9ea48
script_thread: HTML parser doesn't set relevant option (#36622)
This patch ensures that the Servo HTML parser uses the appropriate
`TreeBuilderOpts` settings
as specified by the HTML specification.

Changes:
- **iframe_srcdoc:** Detect if the parsed document's URL scheme is
`about:srcdoc`, and set the parser’s iframe_srcdoc option accordingly.
- **quirks_mode:** Use the associated Document's quirks mode to set the
parser’s quirks mode flag, improving fragment parsing behavior.
- **scripting_enabled:** Add a `scripting_enabled` method to Document,
based on whether it has a browsing context, and set this flag for the
parser.

These updates align Servo's parsing behavior more closely with the
specification:

https://html.spec.whatwg.org/multipage/parsing.html#the-initial-insertion-mode

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #35478

<!-- Either: -->
- [ ] There are tests for these changes

Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
2025-04-27 20:23:22 +00:00
Taym Haddadi
989739316e
Determine if ResizeTo is allowed (#36704)
Spec says to check If target is not an auxiliary browsing context before
performing ResizeTo.


Fixes: #36701

Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
2025-04-27 10:43:05 +00:00
Simon Wülker
902d2ad8f4
Use snapshot size instead of canvas size when converting canvas to blob (#36705)
The blob data is encoded asynchronously, therefore the canvas size may
have changed since it's data was saved to a snapshot. Using the canvas
size confuses the encoder, because the provided data does not match the
expected size anymore.

Testing: This change includes a new web platform test
Fixes https://github.com/servo/servo/issues/36702

---------

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
2025-04-26 19:44:12 +00:00
Martin Robinson
a62f0eaf0a
layout: Use box tree Fragments for offset parent queries (#36681)
This change switches `offsetParent`, `offsetLeft`, etc queries to use
the BoxTree fragments instead of walking the entire fragment tree. In
addition, fragments are stored for columns and colgroups. In general,
this greatly simplifies the flow of the query and prevents having to do
expensive tree walks.

Testing: This change is covered by newly passing WPT tests and three new
failures:

 - /css/filter-effects/backdrop-filter-edge-clipping-2.html
 - /css/filter-effects/backdrop-filter-edge-mirror.html
 - /css/filter-effects/backdrop-filter-edge-pixels-2.html

These failures are actually progressions, because now the references
start
to render properly whereas before they did not.

Fixes: This is part of #36525 and #36665.

Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
2025-04-25 20:25:10 +00:00
Tim van der Lippe
baa18e18af
Support CSP report-only header (#36623)
This turned out to be a full rabbit hole. The new header
is parsed in the new `parse_csp_list_from_metadata` which
sets `disposition` to `report.

I was testing this with
`script-src-report-only-policy-works-with-external-hash-policy.html`
which was blocking the script incorrectly. Turns out that there
were multiple bugs in the CSP library, as well as a missing
check in `fetch` to report violations.

Additionally, in several locations we were manually reporting csp
violations, instead of the new `global.report_csp_violations`. As
a result of that, they would double report, since the report-only
header would be appended as a policy and now would report twice.

Now, all callsides use `global.report_csp_violations`. As a nice
side-effect, I added the code to set source file information,
since that was already present for the `eval` check, but nowhere
else.

Part of #36437

Requires servo/rust-content-security-policy#5

---------

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
2025-04-25 19:59:44 +00:00
Martin Robinson
b63a1818c4
layout: Implement node geometry queries against BoxTree's Fragment (#36663)
This is a followup to #36629, continuing to implement script-based
layout queries  using the `Fragment`s attached to the `BoxTree`. In this
change, geometry queris (apart from parent offset) are calculated using
`Fragment`s hanging of the `BoxTree`.

In order to make this work, all `Fragment`s for inlines split by blocks,
need to be accessible in the `BoxTree`. This required some changes to
the way that box tree items were stored in DOM `BoxSlot`s. Now every
inline level item can have more than a single `BoxTree` item. These are
carefully collected by the `InlineFormattingContextBuilder` -- currently
a bit fragile, but with more documentation.

Testing: There are tests for these changes.

Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
2025-04-25 13:38:05 +00:00
Sebastian C
281d942981
Implement static Response.json (#36589)
Implements https://fetch.spec.whatwg.org/#dom-response-json
Restructured the constructor to follow the spec more closely with a
separate "initialize the response" algorithm.

Testing: There are existing WPT tests for this.

---------

Signed-off-by: Sebastian C <sebsebmc@gmail.com>
2025-04-25 08:49:21 +00:00
Josh Matthews
dc0c067c9b
Report exceptions for async script executions to webdriver (#27041)
Improving the accuracy of the async script execution for our webdriver
implementation allows us to run many more webdriver tests without
timeouts, which should help with
https://github.com/web-platform-tests/wpt/issues/24257.

Specification:
* https://w3c.github.io/webdriver/#dfn-clone-an-object
* https://w3c.github.io/webdriver/#execute-async-script

---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix #27036 and fix #27035 and fix #27031.
- [x] There are tests for these changes (but we don't run them in CI
yet)

---------

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-25 06:50:00 +00:00
Martin Robinson
cbc363bedd
compositor: Tick animations for an entire WebView at once (#36662)
Previously, when processing animations, the compositor would sent a tick
message to each pipeline. This is an issue because now the
`ScriptThread` always processes rendering updates for all `Document`s in
order to ensure properly ordering. This change makes it so that tick
messages are sent for an entire WebView. This means that each
`ScriptThread` will always receive a single tick for every time that
animations are processed, no matter how many frames are animating. This
is the first step toward a refresh driver.

In addition, we discard the idea of ticking animation only for
animations and or only for request animation frame callbacks. The
`ScriptThread` can no longer make this distinction due to the
specification and the compositor shouldn't either.

This should not really change observable behavior, but should make Servo
more efficient when more than a single frame in a `ScriptThread` is
animting at once.

Testing: This is covered by existing WPT tests as it mainly just improve
animation efficiency in a particular case.

Signed-off-by: Martin Robinson <mrobinson@igalia.com>
2025-04-24 19:03:14 +00:00
Josh Matthews
878d595035
script: Measure stored layout data memory usage. (#36664)
We previously ignored the opaque layout data field inside each node when
measuring a DOM node's memory usage. While some of the reachable memory
was accounted for by measuring the layout's box tree, measuring it via
the node ensures that we don't miss anything. Since there are often Arc
values involved, this means that the layout-thread box tree measurements
now look quite small, while reported JS heap usage has increased.

Testing: Manually compared about:memory for servo.org.

---------

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-24 12:01:51 +00:00
webbeef
30fdf48ca6
Implement CSSStyleSheet::replaceSync (#36586)
Implements the `replaceSync` method on CSSStyleSheet

Testing: Covered by wpt tests. Expectations are updated.

Signed-off-by: webbeef <me@webbeef.org>
2025-04-23 15:29:01 +00:00
Josh Matthews
5d3cbc67ee
script: Add generic root storage to StructuredCloneReader. (#36640)
This reduces the boilerplate necessary for adding new
serializable/transferable interfaces to the structured cloning code. We
always need to root the deserialized objects when performing a read
operation, but we don't actually need the concrete object types in the
majority of cases. By storing a list of rooted JS object values, we can
push generic reflector objects into it, and extract the types we need
(MessagePort) at the very end.

Testing: Existing WPT structured cloning tests will provide coverage.

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-23 13:05:41 +00:00
Martin Robinson
e9e103b46c
layout: Add a new FragmentTree pass to calculate containing block rectangles (#36629)
When doing any kind of query, up until now, containing block rectangles
were calculated by walking the `FragmentTree` until the node being
queried was found. In order to make possible answering queries without
walking the `FragmentTree`, `Fragment`s need to cache their cumulative
containing block rectangles.

This change adds a new `FragmentTree` pass (during construction) that
takes care of calculating and caching these values. The new cached value
is used during resolved style queries and also scrolling area queries
(with the idea that all queries will eventually use them).

In addition, extra `FragmentTree` walks used for cancelling animations
for elements no longer in the `FragmentTree` are integrated into this
new traversal.

Testing: Covered by existing WPT tests.

Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
2025-04-23 09:14:15 +00:00
sagudev
73b778e67f
Introduce snapshot concept of canvas (#36119)
Each canvas context returns snapshot instead of just raw bytes. This
allows as to hold off conversions (BGRA <-> RGBA, (un)premultiply) to
when/if they are actually needed. For example when loading snapshot into
webgl we can load both RGBA and BGRA so no conversion is really needed.

Currently whole thing is designed to be able to be extend on
https://github.com/servo/ipc-channel/pull/356, to make less copies.
Hence some commented out code.


Fixes #35759
There are tests for these changes in WPT

---------

Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
2025-04-23 07:32:47 +00:00
Jason Tsai
0eec22303b
chore: remove unnecessary webrender_document in script (#36648)
remove `webrender_document` in script and constellation's pipeline

Testing: `webrender_document` in script crate is not being referenced
anywhere in the Servo, should be safe to remove.
Fixes: https://github.com/servo/servo/issues/36647

Signed-off-by: Jason Tsai <git@pews.dev>
2025-04-22 08:38:29 +00:00
Gregory Terzian
57b0a3f231
Streams: fix writable transfer sink abort steps (#36638)
Fixes an error where a promise was rejected where it should have been
resolved.

Follow-up to
https://github.com/servo/servo/pull/36588/files#r2049437506; the initial
diagnosis was wrong.

Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
2025-04-22 06:49:18 +00:00
Josh Matthews
7b16ae26b4
Reduce indexing boilerplate for serializable/transferrable objects. (#36624)
Rather than creating unique types for each pipeline-namespaced index
type (eg. MessagePortId, DomExceptionId, etc.), we can create a generic
common type that uses a marker to prevent type confusion. This change
allows us to reduce the boilerplate code required when implementing
serializable/transferable interfaces, since the structured clone
implementation can rely on the common type.

Testing: Existing WPT tests for serialization and transferring provide
coverage.

---------

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-22 02:02:02 +00:00
Tim van der Lippe
9a14ad8535
Set correct policy-container for worker construction (#36603)
This makes sure that when workers are created, their global scope has
the correct policy-container set
so that we can do CSP-checks.

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
2025-04-21 12:47:06 +00:00
Gregory Terzian
a0419faa85
Streams: remove unnecessary special hanlding of dataclone error (#36628)
This removes a now unnecessary handling of dataclone error when port
posts a message handling error to support stream transfers.

Fix https://github.com/servo/servo/issues/36479

Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
2025-04-21 08:31:25 +00:00
Josh Matthews
233c9aaea6
Remove unnecessary map_err. (#36625)
#36361 changed the return type of structuredclone::read, so this code is
just stomping on an error value that is potentially more useful since
#36308 was merged.

Testing: Existing WPT test coverage.

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-21 08:18:08 +00:00
Tim van der Lippe
6bb087e381
Implement trusted types url setter (#36596)
We now check the sink of script.src for trusted types. This is the first
attribute that we check, other sinks will be implemented in follow-up
changes.

The algorithms currently hardcode various parts. That's because I need
to refactor a couple of algorithms already present in TrustedTypePolicy.
They use callbacks at the moment, which made sense for their initial
use. However, for these new algorithms they don't work. Therefore, I
will align them with the specification by taking in an enum. However,
since that's a bigger refactoring, I left that out of this PR (which is
already quite big).

The other trusted types support (createScript and createHTML) will also
be implemented separately.

Part of #36258

---------

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
2025-04-21 06:56:40 +00:00
Josh Matthews
76ee127af8
Eagerly define interfaces on non-Window globals (#36604)
These changes make us match Gecko's setup for how Window and non-Window
globals are initialized. Since Window globals are much more common than
Worker globals, using lazy interface definitions can be a useful memory
optimization at the expense of increased complexity for property
lookups.

Also adds the MayResolve hook for all globals, which is an optimization
for the JIT to avoid calling resolve hooks unnecessarily.

Testing: Existing test coverage on global interfaces should suffice.

---------

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-21 03:32:21 +00:00
saku
436dee8450
Fix: Slot Assignment mode according to the spec (#36620)
When parsing a Declarative Shadow DOM, the slot assignment isn't being
triggered as mentioned in the
[spec](https://html.spec.whatwg.org/multipage/parsing.html#parsing-main-inhead:~:text=Attach%20a%20shadow%20root%20with%20declarative%20shadow%20host%20element%2C%20mode%2C%20clonable%2C%20serializable%2C%20delegatesFocus%2C%20%22named%22%2C%20and%20registry.).

When creating a shadow root declaratively, SlotAssignment mode was set
to "manual" instead of "named".

Tests: The followings should get fully passed with this change, so
`.ini`s are removed.
 - `declarative-shadow-dom-basic.html` 
 - `declarative-shadow-dom-write-to-iframe.html`
 - `declarative-shadow-dom-repeats.html`

Fixes: #36100

---------

Signed-off-by: saku <saku@email.sakupi01.com>
2025-04-20 16:09:31 +00:00
elomscansio
d05496277e
htmlvideoelement: Include security settings in poster image request (#36605)
This PR addresses [#36593](https://github.com/servo/servo/issues/36593),
where the poster image request for `<video>` elements lacked several
settings introduced in `RequestBuilder`. These settings —
`insecure_requests_policy`, `has_trustworthy_ancestor_origin`, and
`policy_container` — are now forwarded from the document, aligning
poster requests with other fetches using the correct policy container
and trust assessment.

This ensures that poster images are requested under the same security
assumptions as other media or resource loads.

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix #36593

<!-- Either: -->
- [X] There are tests for these changes

Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
2025-04-20 01:46:09 +00:00
Nico Burns
c792e6db7c
Use version of markup5ever with web_atoms crate (#36542)
Upgrades `markup5ever` and fixes "unnecessary import" lints.

See https://github.com/servo/html5ever/pull/599
And https://github.com/servo/stylo/pull/173

Signed-off-by: Nico Burns <nico@nicoburns.com>
2025-04-19 11:49:37 +00:00
Josh Matthews
3ab5b8c447
script: Only register one image callback per CSS image in use. (#36612)
When layout encounters a CSS image, the script thread is responsible for
fetching the image from the image cache. When the image is not yet
available, the script thread creates image cache listeners to perform
actions in response to future updates from the image cache.

In the current implementation, a cache listener would iterate over all
nodes using a particular image and mark them as dirty. However, we
mistakenly added one cache listener per node, leading to n^2 runtime
while performing lots of redundant work. For cases like #36480 with over
1000 elements using the same image, this led to a completely
unresponsive script thread.

Testing: Manual testing on the provided testcase, and a new WPT test
that times out without this PR's changes.
Fixes: #36480

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-19 06:09:03 +00:00
Siddhant N Trivedi
7ee9d07a9a
content/dom: set navigator.onLine attribute to true (#36560)
Sets the navigator.onLine attribute to true.

Testing:
Ran `./mach run https://pinterest.com
--enable-experimental-web-platform-features`. This doesn't show the
"Hmm..you're not connected to the internet" text anymore.
<img width="1027" alt="Screenshot 2025-04-16 at 11 31 02 AM"
src="https://github.com/user-attachments/assets/3745077b-dc51-42ce-88a0-38d5f157fc0c"
/>


part of: #36554

---------

Signed-off-by: Siddhant N. Trivedi <sidntrivedi012@gmail.com>
Signed-off-by: Siddhant N Trivedi <sidntrivedi012@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
2025-04-19 01:34:13 +00:00
Gregory Terzian
fc201927ae
Streams: make writable streams transferrable (#36588)
Making writable streams transferrable, part of
https://github.com/servo/servo/issues/34676

Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
2025-04-18 08:33:36 +00:00
sagudev
05b5268061
chore: Update wgpu to v25 (#36486)
Updates wgpu to v25 and remove some verbose logging from CTS (that also
causes OOM).

Testing: WebGPU CTS

---------

Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
2025-04-18 07:49:06 +00:00
Josh Matthews
5e2d42e944
Refactor common infrastructure for creating memory reports. (#36579)
This removes a bunch of duplicated code needed to support
ConditionalMallocSizeOf correctly, and fixes multiple places where that
code was subtly wrong (the seen pointers hashset was never cleared).

Testing: Measuring https://www.nist.gov/image-gallery lots of times.

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-18 02:14:49 +00:00
Tim van der Lippe
2a81987590
Check CSP for inline event handlers (#36510)
This also ensures that document now reports all violations and we set
the correct directive.

With these changes, all `script-src-attr-elem` WPT tests pass.

Part of #36437 

Requires servo/rust-content-security-policy#3 to land first

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
2025-04-17 21:11:25 +00:00
Andrei Volykhin
95ee5708fa
imagedata: Fix overflow panic for too large ImageData (#36569)
In Servo debug build there are runtime crash due to "attempt to multiply
with overflow" panic
in case of creation too large ImageData (new ImageData(1<<31, 1<<31))

Use checked integer multiplication to catch occurred overflow
and throwing JS error (RangeError OR IndexSizeError).

--
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] There are tests for these changes

tests/wpt/tests/html/canvas/element/pixel-manipulation/2d.imageData.object.ctor.basics.html

Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
2025-04-17 06:41:23 +00:00
Josh Matthews
30390f8c5e
Fix crash when enumerating properties of global object (#36491)
These changes make our implementation of the enumeration hook for
globals [match
Gecko's](https://searchfox.org/mozilla-central/rev/1f65969e57c757146e3e548614b49d3a4168eeb8/dom/base/nsGlobalWindowInner.cpp#3297),
fixing an assertion failure that occurred in the previous
implementation.

Our enumeration hook is supposed to fill a vector with names of
properties on the global object without modifying the global in any way;
instead we were defining all of the missing webidl interfaces. We now do
much less work and crash less.

Testing: New crashtest based on manual testcase.
Fixes: #34686

---------

Signed-off-by: Josh Matthews <josh@joshmatthews.net>
2025-04-17 03:32:53 +00:00
Taym Haddadi
f2ee40e40b
fix writablestream assertion crash when getting chunk size following spec change (#36566)
One-line change to align with the new spec and avoid a crash.
fix #36565

Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
2025-04-16 18:26:38 +00:00
TIN TUN AUNG
f5e6eb289a
media element: support seekable attribute (#36541)
support seekable attribute in `htmlmediaelement`, modify `seek`
algorithm to use `seekable` attribute.

related
[specs](https://html.spec.whatwg.org/multipage/media.html#dom-media-seekable)
Testing: Run WPT Test
Fixes: https://github.com/servo/servo/issues/22297

Will wait for https://github.com/servo/media/pull/435 before turning
this to ready for review.
cc @jdm @xiaochengh

Signed-off-by: rayguo17 <rayguo17@gmail.com>
2025-04-16 05:52:19 +00:00
Martin Robinson
e9daec7d42
compositor: Unify the cross process and in-process API (#36543)
Because there used to be two traits exposing messages to the compositor,
there were two kinds of messages that could be sent:

1. In-process messages from the `Constellation`
2. Cross-process messages from other parts of Servo

Now these two types of messages can be unified into one type.

This is a reland of #36443, which caused regressions due to the fact
that messages to the compositor were no longer triggering the event loop
waker. This version of the PR splits out just the bits that unify the
two APIs, leaving the cleanup of routes in the constellation for another
PR.

Testing: This is covered by existing WPT tests.

Signed-off-by: Martin Robinson <mrobinson@igalia.com>
2025-04-15 18:31:46 +00:00
webbeef
98884a5081
Switch to data_url::mime for document content type (#36522)
The data_url Mime parser has a more conformant behavior in most cases,
including dealing with charsets.

Testing: wpt expectations with new passes are updated.

Signed-off-by: webbeef <me@webbeef.org>
2025-04-15 17:12:48 +00:00
Oriol Brufau
10f6f50c61
script: Implement CSSStyleSheet constructor (#36521)
https://drafts.csswg.org/cssom/#dom-cssstylesheet-cssstylesheet

Testing: covered by WPT
This is part of #36162

Signed-off-by: Oriol Brufau <obrufau@igalia.com>
2025-04-15 14:05:13 +00:00
Simon Wülker
372fd04b23
Remove two outdated TODO comments in HTMLScriptElement (#36540)
We support both the "referrerpolicy" and the "nonce" attribute on script
elements, just not where the spec tells us to do it.

Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
2025-04-15 13:44:48 +00:00
Kingsley Yung
dacd951c9f
Make DOMException serializable (#36535)
Follow the implementation of making DOMPoint and DOMPointReadOnly
serializable in PR #35989

Testing: Passed a test previously expected to fail.
Fixes: #36463

---------

Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
2025-04-15 13:25:31 +00:00
Oriol Brufau
cc04caa8ce
Unify media query and media query list parsing (#36520)
Several places were using identical logic in order to parse a media
queries or media query lists.

This patch centralizes the logic into 2 new helper methods in MediaList.

Testing: not needed (no behavior change)

Signed-off-by: Oriol Brufau <obrufau@igalia.com>
2025-04-15 11:48:01 +00:00
Martin Robinson
fe4306fc30
Revert "compositor: Unify the cross process and in-process API (#36443)" (#36533)
This reverts commit 4c55104b36.

This commit introduced an issue where messages from script to the
compositor no longer woke up the embedder. There is a larger issue
here, but this change exacerbated it.

Fixes #36528.

Signed-off-by: Martin Robinson <mrobinson@igalia.com>
2025-04-15 09:15:14 +00:00
Gregory Terzian
f8b6b9f7b6
Transfer ReadableStream (#36181)
<!-- Please describe your changes on the following line: -->

Add transfer support to ReadableStream. Part of
https://github.com/servo/servo/issues/34676

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___

<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->

<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->

---------

Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
2025-04-15 07:39:26 +00:00
Tim van der Lippe
4e1ea81992
Implement CSP check for Trusted Types (#36363)
The algorithm [1] is implemented in the content-security-policy
package.

Requires
https://github.com/rust-ammonia/rust-content-security-policy/pull/56
This is part of #36258

[1]:
https://w3c.github.io/trusted-types/dist/spec/#abstract-opdef-should-trusted-type-policy-creation-be-blocked-by-content-security-policy

Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
2025-04-14 16:44:50 +00:00