These changes allow a minimal set of checks for font-src
CSP checks to pass.
Part of #4577
Part of #35035
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
It also updates the FetchResponseListener to process CSP violations to
ensure that iframe elements (amongst others) properly generate the CSP
events. These iframe elements are used in the Trusted Types tests
themselves and weren't propagating the violations before.
However, the tests themselves are still not passing since they also use
Websockets, which currently aren't using the fetch machinery itself.
That is fixed as part of [1].
[1]: https://github.com/servo/servo/issues/35028
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
* Use 2024 style edition
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Reformat all code
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Rework the `WebViewDelegate::intercept_web_resource_load` into
`WebViewDelegate::load_web_resource` and clean up internal messaging.
The main thing here is adding objects which manage the response to these
delegate methods. Now we have `WebResourceLoad` and
`InterceptedWebResourceLoad` which make it much harder to misuse the
API.
In addition, the internal messaging for this is cleaned up. Canceling
and finishing the load are unrelated to the HTTP body so they are no
longer subtypes of an HttpBodyData message. Processing of messages is
made a bit more efficient by collecting all body chunks in a vector and
only flattening the chunks at the end.
Finally, "interceptor" is a much more common spelling than "intercepter"
so I've gone ahead and made this change everywhere.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Add a delegate method for HTTP authentication and a related
`AuthenticationRequest` object that carries with it the URL as well as
whether or not the authentication request is for a proxy or not.
This is now separate from the prompt API because requesting
authentication doesn't necessarily involve prompting -- this is an
implementation detail of the embedder. In addition, the internal bits
are cleaned up slightly.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
`EmbedderMsg` was previously paired with an implicit
`Option<WebViewId>`, even though almost all variants were either always
`Some` or always `None`, depending on whether there was a `WebView
involved.
This patch adds the `WebViewId` to as many `EmbedderMsg` variants as
possible, so we can call their associated `WebView` delegate methods
without needing to check and unwrap the `Option`. In many cases, this
required more changes to plumb through the `WebViewId`.
Notably, all `Request`s now explicitly need a `WebView` or not, in order
to ensure that it is passed when appropriate.
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating an IPC channel for every fetch, allow cancelling
fetches based on the `RequestId` of the original request. This requires
that `RequestId`s be UUIDs so that they are unique between processes
that might communicating with the resource process.
In addition, the resource process loop now keeps a `HashMap` or `Weak`
handles to cancellers and cleans them up.
This allows for creating mutiple `FetchCanceller`s in `script` for a
single fetch request, allowing integration of the media and video
elements to integrate with the `Document` canceller list -- meaning
these fetches also get cancelled when the `Document` unloads.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* prompt user to get their credentials
Signed-off-by: Lloyd Massiah artmis9@protonmail.com
move credential prompt to a function
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* add prompt for step 15.4
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* add new prompt definition for user credentials
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* remove default implementation for HttpState which allowed making the embedder_proxy non-optional
- default implementation was only used in tests so created an alternative create_http_state function
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
add credentials to authentication cache
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* add tests that are successful for the happy path
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* add test for user cancels prompt and user inputs incorrect credentials, and refactor shared code between tests
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* handle error when setting username and password in Url and ran formatting
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
renaming test functions
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* change authentication flag to false for proxy authentication. The spec doesn't specify that the flag should be true, and the flag is by default false
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* clean up test code a bit
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* add skeleton implementation to support open harmony and android
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* update warning message to include Android
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* fix build error for OH os and Android
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
* remove unused import to fix warning
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
---------
Signed-off-by: Lloyd Massiah <artmis9@protonmail.com>
Co-authored-by: lazypassion <25536767+lazypassion@users.noreply.github.com>
Instead of creating a `ROUTER` for each fetch, create a fetch thread
which handles all incoming and outcoming fetch requests. Now messages
involving fetches carry a "request id" which indicates which fetch is
being addressed by the message. This greatly reduces the number of file
descriptors used by fetch.
In addition, the interface for kicking off fetches is simplified when
using the `Listener` with `Document`s and the `GlobalScope`.
This does not fix all leaked file descriptors / mach ports, but greatly
eliminates the number used. Now tests can be run without limiting
procesess on modern macOS systems.
Followup work:
1. There are more instances where fetch is done using the old method.
Some of these require more changes in order to be converted to the
`FetchThread` approach.
2. Eliminate usage of IPC channels when doing redirects.
3. Also eliminate the IPC channel used for cancel handling.
4. This change opens up the possiblity of controlling the priority of
fetch requests.
Fixes#29834.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
This change replaces OpenSSL with rustls and also the manually curated
CA certs file with webpki-roots (effectively the same thing, but as a
crate).
Generally speaking the design of the network stack is the same. Changes:
- Code around certificate overrides needed to be refactored to work with
rustls so the various thread-safe list of certificates is refactored
into `CertificateErrorOverrideManager`
- hyper-rustls takes care of setting ALPN protocols for HTTP requests,
so for WebSockets this is moved to the WebSocket code.
- The safe set of cypher suites is chosen, which seem to correspond to
the "Modern" configuration from [1]. This can be adjusted later.
- Instead of passing a string of PEM CA certificates around, an enum is
used that includes parsed Certificates (or the default which reads
them from webpki-roots).
- Code for starting up an SSL server for testing is cleaned up a little,
due to the fact that the certificates need to be overriden explicitly
now. This is due to the fact that the `webpki` crate is more stringent
with self-signed certificates than SSL (CA certificates cannot used as
end-entity certificates). [2]
1. https://wiki.mozilla.org/Security/Server_Side_TLS
2. https://github.com/briansmith/webpki/issues/114Fixes#7888.
Fixes#13749.
Fixes#26835.
Fixes#29291.
The purpose of this commit is to ensure that the Response object has
access to Timing updates as previously the Response object simply
stored a ResourceFetchTiming struct so updates on ResourceFetchTiming
that were not explicitly done on the Response would not be passed down.
The references to ServoArc are added because Response uses
servo_arc::Arc rather than std::sync::Arc as is used elsewhere. So,
we've switched those other places to servo_arc::Arc instead of switching
Response to std::sync::Arc.
refactoring with ResourceFetchMetadata
implemented deprecated window.timing functionality
created ResourceTimingListener trait
fixed w3c links in navigation timing
updated include.ini to run resource timing tests on ci
