We should propagate specified info for flex items. This will prevent the
loss of it for boxes that have this info (e.g. table or grid).
Testing: Adding new WPT tests
---------
Signed-off-by: stevennovaryo <steven.novaryo@gmail.com>
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
Add mock SVGImageElement interface to fix TIMEOUT WPT tests
which are related to ImageBitmap (html/canvas/*).
https://svgwg.org/svg2-draft/embedded.html#InterfaceSVGImageElement
Rationality of this change to fire event "error" on any attempt to fetch
image resource on href attribute change to not block WPT tests
execution.
Some WPT tests use the legacy namespace attribute "xlink:href", so
support for it was added to source code.
https://svgwg.org/svg2-draft/linking.html#XLinkHrefAttribute
- setAttributeNS("http://www.w3.org/1999/xlink", 'xlink:href', src);
Testing: Covered by existed WPT tests
- fetch/metadata/generated/svg-image*
- html/canvas/element/manual/*
- html/dom/idlharness.https.html
- html/semantics/embedded-content/the-canvas-element/*
- html/webappapis/scripting/events/event-handler-all-global-events.html
- mozilla/interfaces.https.html
Fixes: https://github.com/servo/servo/issues/35881
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
Also implements a conversion for `TrustedHTMLOrNullIsEmptyString`
to `TrustedHTMLOrString` to avoid introducing a separate
`get_trusted_script_compliant_string` for the new type.
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
`TextRun`s use their parent style to render. Previously, these styles
were cloned and stored directly in the box tree `TextRun` and resulting
`TextFragment`s. This presents a problem for incremental layout.
Wrapping the style in another layer of shared ownership and mutability
will allow updating all `TextFragment`s during repaint-only incremental
layout by simply updating the box tree styles of the original text
parents.
This adds a new set of borrows when accessing text styles, but also
makes it so that during box tree block construction
`InlineFormattingContext`s are created lazily and now
`InlineFormattingContextBuilder::finish` consumes the builder, making
the API make a bit more sense. This should also improve performance of
box tree block construction slightly.
Testing: This should not change observable behavior and thus is covered
by existing WPT tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
It was missing the ShA case in content-security-policy.
Part of #36437
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
The label that is displayed inside a `<select>` element is that of the
selected option, or it's text contents if the option does not have a
label. Therefore, we need to update the `<select>` shadow tree when the
contents of the selected option change.
Testing: Covered by existing web platform tests
Fixes https://github.com/servo/servo/issues/36926
Fixes https://github.com/servo/servo/issues/36925
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Unfortunately while it now passes almost all cases in
`tests/wpt/tests/content-security-policy/script-src/nonce-enforce-blocked.html`,
the test in question doesn't pass yet as it requires all cases to be
correct. Here, we still miss the "check for duplicate attributes during
parsing". Since we don't have this information available yet from the
parser, skip this for now.
Part of #36437
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
When the canvas context mode is a placeholder then we shouldn't resize
the context.
Testing: Includes a new test
Fixes: https://github.com/servo/servo/issues/36846
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
To be able to abort the update, extract the functionality into a
separate method. Otherwise, we don't run the `node.rev_version` at the
end, which according to the comment is probably important.
Not all `style-src` tests pass and I don't fully understand why yet, but
I presume it has to do with some special quirks of stylesheets that
other CSP checks don't have. All `style-src-attr-elem` tests pass
though.
Part of #4577
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
<!-- Please describe your changes on the following line: -->
Fix ImageData constructor to take a Uint8ClampedArray instead of
js_object
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#31320
<!-- Either: -->
- [x] These changes do not require tests because there is not behavior
change.
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: Taym Haddadi <haddadi.taym@gmail.com>
Instead of resolving the canvas background properties (essentially
keeping a possible reference to the `<body>`'s style) during fragment
tree construction, wait until painting to possibly find the style on an
appropriate `<body>` fragment. This is possible now because `Fragment`
keeps a list of flags with relevant information about the root and
`<body>` elements.
A benefit of this approach is that styles aren't cached in the fragment
tree, which would be problematic for incremental layout. In addition,
the old code was making an effort to transform the `<body>`'s background
by the root element's transform. Only Safari does this and there was
a resolution the WG that this should not happen in
https://github.com/w3c/csswg-drafts/issues/6683.
Testing:
- `/css/css-transforms/transform-translate-background-001.html`
- `/css/css-transforms/transform-translate-background-002.html`
- `/css/CSS2/floats/float-root.html`
Fixes: #30475.
Closes: #30569.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
1. Avoid false-positive cycle error when deserilizing
- Only detect cycle for Objects
- Remove last element of seen when success
2. Cite spec
Testing: `./mach test-wpt --product servodriver -r
tests\wpt\tests\webdriver\tests\classic\element_click\events.py`
Fixes: #36890
cc @jdm @xiaochengh
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
All logic is implemented in `report_csp_violations` to avoid
pulling in various element-logic into SecurityManager.
Update the `icon-blocked.sub.html` WPT test to ensure that
the document is the correct target (verified in Firefox and Chrome).
Fixes#36806
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Multiply operations applied in `generic_transform_inplace` were
calculating the new pixel values, but not actually writing them.
This changes fixes that issue.
Testing: /webgl/tests/conformance/context/premultiplyalpha-test.html
Fixes: #35759
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
These changes allow test_dom_token_list from
/execute_script/collections.py to pass, and various tests in
/execute_script/arguments.py to expose new failures.
Testing: Not run in CI yet, but verified results from
tests/wpt/tests/webdriver/tests/classic/{execute_script,execute_async_script}
locally.
Fixes: #35738
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Most sites that feature detect Service Workers in Servo immediately
break when this pref is enabled, since our implementation is very
incomplete. This provides a poor user experience when recommending the
`--enable-experimental-web-platform-features` flag.
Testing: Existing test coverage should be unchanged.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
The existing code asserts that attribute nodes are never serialized.
This is wrong, because you can pass an attribute node to
`XMLSerializer::serializeToString`. Instead, the spec mandates that
these are serialized as empty strings
(https://w3c.github.io/DOM-Parsing/#dfn-xml-serialization-algorithm).
Testing: Includes a new web platform test
Fixes: https://github.com/servo/servo/issues/36872
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
When slicing a blob that is already sliced we should reference it's
parent's data instead of creating a subview into the sliced blob. This
keeps the blob ancestry chain small and reduces the number of blobs that
we have to resolve.
Testing: Includes a new crashtest
Fixes: https://github.com/servo/servo/issues/36843
[try
run](1484487366)
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
<!-- Please describe your changes on the following line: -->
This implements `document.scrollingElement`
(https://drafts.csswg.org/cssom-view/#dom-document-scrollingelement).
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#35700
- [x] There are tests for these changes
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: JimmyDdotEXE <50691404+JimmyDdotEXE@users.noreply.github.com>
Spec has updated so that all responses that aren't 200 shall fail the
event source connection.
Testing: Covered by
`tests/wpt/tests/eventsource/request-status-error.window.js`
---------
Signed-off-by: Keith Yeung <kungfukeith11@gmail.com>
Spec has updated so that any null characters in the `id` field name
would result in the value being ignored.
Testing: Covered by
`tests/wpt/tests/eventsource/format-field-id-null.window.js`
Signed-off-by: Keith Yeung <kungfukeith11@gmail.com>
Rather than sharing the full image cache in a script_thread, the image
cache is now unique per document. This ensures that CSP factors no
longer affect whether the image is retrieved from the cache incorrectly.
To do so, the thread_pool is shared across all caches, but the store is
fresh. Except for the place_holder{image,url}, which are cloned. That's
because the `rippy_data` is only available in the constellation and no
longer accessible at the point that we need to create the document in
the script_thread.
Contrary to the description in #36505, the script_thread still has an
image_cache for this reason: so it has access to the store and
thread_pool to clone it.
With these changes, the two CSP tests no longer flake. Confirmed with
running the following commmand:
```
./mach test-wpt tests/wpt/tests/content-security-policy/generic/ --rerun=10
```
Fixes#36505
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Part of #36258
Built on top of #36668
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implements the Document.write algorithm covering
Trusted HTML.
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This follows the rules as defined in
https://w3c.github.io/webappsec-csp/#security-inherit-csp
where local iframes (about:blank and about:srcdoc) should
initially start with the CSP rules of the parent. After
that, all new CSP headers should only be set on the
policy container of the iframe.
Part of #36437
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
As a follow-up to the recent introduction of `script.src`
as trusted sink, this PR refactors machinery to also
support `TrustedScript`. In doing so, all trusted sinks
in `HTMLScriptElement` are now covered.
Instead of calling the callbacks in `policy.createX`,
we now have a `TrustedType` enum that specifies which callback
to invoke. Unfortunately we still have the `USVString` vs
`DOMString` problem, which is why we need to `.map` twice
to retrieve the backing `String` and avoid two different
types.
Additionally, I saw that `script.text` should have called
the "String replace all" algorithm rather than setting the
child contents. So that's also now fixed.
Part of #36258
Requires servo/html5ever#608
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Also update a WPT test to fail-fast if the iframe incorrectly
evaluates the `eval`. Before, it would run into a timeout if
the implementation is correct. Now we reject the promise
when an exception is thrown.
Requires servo/rust-content-security-policy#6
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
`PositioningContext` held two vectors, one inside an `Option`, to
differentiate between the version used for a containing block for all
descendants (including `position: absolute` and `position: fixed`) or
only for `position: absolute` descendants. This distinction was really
hard to reason about and required a lot of bookkeeping about what kind
of `PositioningContext` a layout box's parent expected. In addition, it
led to a lot of mistakes.
This change simplifies things so that `PositioningContext` only holds a
single vector. When it comes time to lay out hoisted absolutely
positioned
fragments, the code then:
- lays out all of them (in the case of a `PositioningContext` for all
descendants), or
- only lays out the `position: absolute` descendants and preserves the
`position: fixed` descendants (in the case the `PositioningContext`
is only for `position: absolute`.), or
- lays out none of them if the `PositioningContext` was created for
box that did not establish a containing block for absolutes.
It's possible that this way of dealing with hoisted absolutes is a bit
less efficient, but, the number of these descendants is typically quite
small, so it should not be significant. In addition, this decreases the
size in memory of all `PositioningContexts` which are created in more
situations as time goes on.
Testing: There is a new WPT test with this change.
Fixes: #36696.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Non-initial values for the `scale`, `rotate` and `translate` properties
should establish a stacking context, just like `transform`.
Testing: adding new WPT tests.
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
https://github.com/web-platform-tests/wpt/pull/50041 allows us to start
running the webdriver conformance tests in Servo, which will make it
easier for us to track regressions/improvements in our webdriver server
implementation.
---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes are part of #15274
- [x] There are tests for these changes
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Previously, spans were partially clamped during layout, but this means
that accessing and setting these properties via script wouldn't behave
according to the HTML specification. In addition, the value wasn't
floored in layout, so could lead to panics. This change improves
clamping and moves it to script.
Testing: This change includes a new WPT test.
Fixes#36699.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Fixes: #36717.
Testing: This is covered by existing tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
