Part of #36258
Built on top of #36668
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implements the Document.write algorithm covering
Trusted HTML.
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
As a follow-up to the recent introduction of `script.src`
as trusted sink, this PR refactors machinery to also
support `TrustedScript`. In doing so, all trusted sinks
in `HTMLScriptElement` are now covered.
Instead of calling the callbacks in `policy.createX`,
we now have a `TrustedType` enum that specifies which callback
to invoke. Unfortunately we still have the `USVString` vs
`DOMString` problem, which is why we need to `.map` twice
to retrieve the backing `String` and avoid two different
types.
Additionally, I saw that `script.text` should have called
the "String replace all" algorithm rather than setting the
child contents. So that's also now fixed.
Part of #36258
Requires servo/html5ever#608
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implement
[disentangle](https://html.spec.whatwg.org/multipage/#disentangle)
Remove bespoke gc logic which now becomes unnecessary.
Adds a wpt test that hits the "disentangle while in transfer" logic.
Updates streams code, fixing an error where disentanglement is
conditional on an error.
Test coverage: there are existing tests in
`/webmessaging/message-channels/close-event/explicitly-closed.tentative.window.js`
for the no transfer case, and the simple completed transfer case, and
this PR adds a test for the more complicated transfer in progress case.
Fix https://github.com/servo/servo/issues/36465
---------
Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
Implements https://fetch.spec.whatwg.org/#dom-response-json
Restructured the constructor to follow the spec more closely with a
separate "initialize the response" algorithm.
Testing: There are existing WPT tests for this.
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
We now check the sink of script.src for trusted types. This is the first
attribute that we check, other sinks will be implemented in follow-up
changes.
The algorithms currently hardcode various parts. That's because I need
to refactor a couple of algorithms already present in TrustedTypePolicy.
They use callbacks at the moment, which made sense for their initial
use. However, for these new algorithms they don't work. Therefore, I
will align them with the specification by taking in an enum. However,
since that's a bigger refactoring, I left that out of this PR (which is
already quite big).
The other trusted types support (createScript and createHTML) will also
be implemented separately.
Part of #36258
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
These changes make us match Gecko's setup for how Window and non-Window
globals are initialized. Since Window globals are much more common than
Worker globals, using lazy interface definitions can be a useful memory
optimization at the expense of increased complexity for property
lookups.
Also adds the MayResolve hook for all globals, which is an optimization
for the JIT to avoid calling resolve hooks unnecessarily.
Testing: Existing test coverage on global interfaces should suffice.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Profiling from #36609 showed this is an easy win. Ordering of our root
list does not matter, so swap_remove is a constant time operation
compared to a linear time one that caused memmove to appear in profiles
with lots of unrooting.
Testing: Existing WPT tests will cover this change.
Fixes: Part of #36609.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Sets the navigator.onLine attribute to true.
Testing:
Ran `./mach run https://pinterest.com
--enable-experimental-web-platform-features`. This doesn't show the
"Hmm..you're not connected to the internet" text anymore.
<img width="1027" alt="Screenshot 2025-04-16 at 11 31 02 AM"
src="https://github.com/user-attachments/assets/3745077b-dc51-42ce-88a0-38d5f157fc0c"
/>
part of: #36554
---------
Signed-off-by: Siddhant N. Trivedi <sidntrivedi012@gmail.com>
Signed-off-by: Siddhant N Trivedi <sidntrivedi012@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
These changes make our implementation of the enumeration hook for
globals [match
Gecko's](https://searchfox.org/mozilla-central/rev/1f65969e57c757146e3e548614b49d3a4168eeb8/dom/base/nsGlobalWindowInner.cpp#3297),
fixing an assertion failure that occurred in the previous
implementation.
Our enumeration hook is supposed to fill a vector with names of
properties on the global object without modifying the global in any way;
instead we were defining all of the missing webidl interfaces. We now do
much less work and crash less.
Testing: New crashtest based on manual testcase.
Fixes: #34686
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This is needed to implement features like `Response.json` which is a
static helper added to the fetch spec which overlaps with the `json`
instance method `Response` has from `Body`.
Partly based these changes on what Firefox does for this same issue.
(https://searchfox.org/mozilla-central/source/dom/bindings/Codegen.py
and
https://searchfox.org/mozilla-central/source/dom/bindings/Configuration.py
specifically keying `binaryNameFor` on name and `isStatic`).
Testing: I locally updated the Response.webidl to contain the new static
`json` and it compiles.
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
The JS engine uses types like `Handle<Maybe<PropertyDescriptor>>` in
various places and our automated bindings are not able to handle the
Maybe type. We have hand-written bindings that use outparams to indicate
a PropertyDescriptor value is actually the Nothing type, but that data
was getting lost when we passed the property descriptor to
SetPropertyIgnoringNamedGetter, which assumed that the property
descriptor was always valid.
Depends on https://github.com/servo/mozjs/pull/579.
Testing: Manual testing on testcase from
https://github.com/servo/servo/issues/34709, and new crashtest added.
Fixes: #34709
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Add missing "EnforceRange" attribute to interface methods
https://html.spec.whatwg.org/multipage/canvas.html#canvasimagedata
--
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] There are tests for these changes
tests/wpt/tests/html/canvas/element/pixel-manipulation/2d.imageData*
tests/wpt/tests/html/canvas/offscreen/pixel-manipulation/2d.imageData*
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
<!-- Please describe your changes on the following line: -->
Add transfer support to ReadableStream. Part of
https://github.com/servo/servo/issues/34676
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)
<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
This was missed in #36355 and should have also been gated by the flag.
With these, the wpt.fyi tests should now no longer pass, as the flag
hasn't been removed yet.
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implement enough of the Clipboard API to have a working `writeText`.
Testing: Unfortunately many clipboard-apis tests require testdriver, so
only idlharness ones will pass now.
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
add CanGc as argument to methods in HTMLInputElement, HTMLLinkElement
Testing: These changes do not require tests because they are a refactor.
Addresses part of https://github.com/servo/servo/issues/34573.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
- [x] our [DataClone
error](d733abfca0/components/script/dom/bindings/error.rs (L80))
needs to support an optional message
- [x] we need to add support to our DOMException implementation to allow
an optional message to replace the default message
- [x] we need to create a new struct used by both StructuredDataReader
and StructuredDataWriter for storing the error message in the
report_error_callback
- [x] report_error_callback needs to cast the closure pointer to the new
struct
- [x] the code that [throws a DataClone
error](5d1c64dba9/components/script/dom/bindings/structuredclone.rs (L542))
needs to use the stored error message if it's available
Testing: *Describe how this pull request is tested or why it doesn't
require tests*
Fixes: #36191
---------
Signed-off-by: jerensl <54782057+jerensl@users.noreply.github.com>
add CanGc as argument to methods in HTMLCollection, HTMLDataListElement,
HTMLDialogElement, HTMLElement, HTMLFieldSetElement,
HTMLFormControlsCollection, HTMLFormElement, HTMLIFrameElement
Testing: These changes do not require tests because they are a refactor.
Addresses part of https://github.com/servo/servo/issues/34573.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
add CanGc as argument to methods in ElementInternals, GlobalScope,
HTMLAnchorElement, HTMLAreaElement, HTMLCanvasElement
Testing: These changes do not require tests because they are a refactor.
Addresses part of https://github.com/servo/servo/issues/34573.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
This algorithm is quite straightforward written in the specification,
but leads to some type awkwardness in Rust. Most notably, the callbacks
have different types and cannot be unified easily. They also return
different string types. Similarly, the returning objects are all unique
types and don't have a common denominator.
Therefore, rather than implementing it in 1-to-1 fashion with the
specification text, it instead uses callbacks to instruct the type
system of what to call when.
This is further complicated by the fact that the callback can exist
or not, as well as return a value or not. This requires multiple
unwrangling, combined with the fact that the algorithm should throw
or not.
All in all, the number of lines is relatively low compared to the
specification algorithm and the Rust compiler does a lot of heavy
lifting figuring out which type is what.
Part of https://github.com/servo/servo/issues/36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
add CanGc as argument to methods in Element
Testing: These changes do not require tests because they are a refactor.
Addresses part of https://github.com/servo/servo/issues/34573.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
Adds support for both the content and the IDL attribute.
Note this doesn't cover dynamic updates to `document.styleSheets` and
the owner node of the sheet.
Testing: Covered by WPT
Fixes: #26739
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
copy generated `include!`d files from script_bindings's OUT_DIR, to
script's OUT_DIR to allow Rust Analyzer to load them.
This is done to bypass limitation of Rust Analyzer:
https://github.com/rust-lang/rust-analyzer/issues/17040
Also build script will now be rerun only when there are actual changes
to concrete bindings due to emitted `cargo::rerun-if-changed` (not for
each change in script crate).
Testing: It compiles so it works, I tested manually and RA now works as
expected (although we need to from type alias to concrete union-types
definitions)
Fixes:
https://servo.zulipchat.com/#narrow/channel/263398-general/topic/rust-analyzer.20failed.20to.20include.20codes.20in.20script_bindings
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Remove the `unsafe` annotation from the `cross_origin_get` function and
add `unsafe` blocks around unsafe code within the function
Testing: Testing is not required as this change does not alter
behaviour.
Fixes: #36358
---------
Signed-off-by: Barigbue <barigbuenbira@gmail.com>
add CanGc as argument to methods in DissimilarOriginWindow,
DocumentFragment, DocumentType, DOMRect, DOMRectReadOnly, DOMStringMap
Testing: These changes do not require tests because they are a refactor.
Addressed part of https://github.com/servo/servo/issues/34573.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
Add CanGc as arguments in methods in Document
Testing: These changes do not require tests because they are a refactor.
Addressed part of https://github.com/servo/servo/issues/34573.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
implement the `ClipboardItem` interface
Testing: covered by existing wpt tests
part of #36084
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
Add CanGc as arguments in methods in devtools.rs, CharacterData,
CSSStyleRule, CSSStyleSheet
Testing: These changes do not require tests because they are a refactor.
Addressed part of https://github.com/servo/servo/issues/34573.
---------
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
Remove unsafe from cross_origin_property_fallback
- Refactors `cross_origin_property_fallback` to remove the `unsafe`
annotation from the function signature, as it now uses safe wrappers
instead of raw pointers
- Adds an `unsafe` block around `MutableHandle::from_raw`
Testing: Changes does not require test
Fixes: https://github.com/servo/servo/issues/36359
Signed-off-by: Uthman Yahaya Baba <uthmanyahayababa@gmail.com>
Remove unsafe from maybe_cross_origin_get_prototype
-Refactors `maybe_cross_origin_get_prototype` to remove the `unsafe`
annotation from the function signature and `get_proto_object` argument
-Adds `unsafe` blocks around calls `D::GlobalScope::from_context` and
`MutableHandleObject::from_raw`
Testing: Changes does not require test
Fixes: https://github.com/servo/servo/issues/36357
Signed-off-by: Uthman Yahaya Baba <uthmanyahayababa@gmail.com>
Add CanGc as argument to methods in `Attr` and `Node`.
Addressed part of https://github.com/servo/servo/issues/34573.
---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes do not require tests because they are a refactor.
Signed-off-by: Yerkebulan Tulibergenov <yerkebulan@gmail.com>
The method report_cross_origin_denial was marked as unsafe, have instead
moved the unsafe code within the method into an unsafe block within the
method and removed the unsafe marking for the method.
Testing: No testing needed
Fixes: This PR resolves#36356.
Signed-off-by : Ashok Kaushik kaushikashok45@gmail.com
---------
Signed-off-by: ashok.kaushik <ashok.kaushik@zohocorp.com>
Co-authored-by: ashok.kaushik <ashok.kaushik@zohocorp.com>
Some methods are implemented fully, while others are implemented
partly. With these implementations, there are no observed crashes
when running the trusted-types web-platform-tests.
Most notably, the tests/wpt/tests/trusted-types/idlharness.window.js
is now fully passing.
Part of #36258
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implement the TestUtils namespace from
https://testutils.spec.whatwg.org/.
This should make the `js/builtins/weakrefs` tests run faster and more
consistently.
This change will enable other WPT tests but no tests exist currently for
TestUtils itself.
Fixes: #36290
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Co-authored-by: sagudev <16504129+sagudev@users.noreply.github.com>
This is the final step of #1799, where the majority of the generated
code for the JS bindings is now compiled as part of the script_bindings
build step. The remaining pieces in script must live there because they
refer to concrete DOM types; all code in script_bindings is generic over
the
[DomTypes](https://doc.servo.org/script/dom/bindings/codegen/DomTypes/trait.DomTypes.html)
trait.
My testing with incremental builds shows me a 12 second reduction in
build times on my 2024 M4 Macbook Pro when modifying code in the script
crate after these changes. Before this PR those changes took 20 seconds
to rebuild Servo, and now they take 8 seconds.
Testing: Existing WPT tests ensure no regressions.
Fixes: #1799
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
https://github.com/user-attachments/assets/9aba75ff-4190-4a85-89ed-d3f3aa53d3b0
Among other things this adds a new `EmbedderMsg::ShowSelectElementMenu`
to tell the embedder to display a select popup at the given location.
This is a draft because some small style adjustments need to be made:
* the select element should always have the width of the largest option
* the border should be part of the shadow tree
Apart from that, it's mostly ready for review.
<details><summary>HTML for demo video</summary>
```html
<html>
<body>
<select id="c" name="choice">
<option value="first">First Value</option>
<option value="second">Second Value</option>
<option value="third">Third Value</option>
</select>
</body>
</html>
```
</details>
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] Part of https://github.com/servo/servo/issues/3551
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Note that `StyleRule` may not have the `CssRules` readily available,
they may need to be created. So the previous approach of providing
`CSSGroupingRule` with the `CssRules` is no good: it would require
writing them in advance, just in case they end up being used.
Therefore, this removes the `CSSGroupingRule::rules` field. Instead,
they are lazily obtained in `CSSGroupingRule::rulelist()` by downcasting
and calling the appropriate method for the subclass.
Testing: covered by WPT
Fixes: #36245
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
