These changes allow a minimal set of checks for font-src
CSP checks to pass.
Part of #4577
Part of #35035
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Refactor the memory profiler code to return the struct and handle the
serializing in servointernal page.
This allows other users of the memory profiler to see the whole report
without parsing json.
Testing: I do not know if the memory page is covered by tests.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
This change adds support for rendering static SVG images using the
`resvg` crate, allowing svg sources in the `img` tag and in CSS
`background` and `content` properties. There are some limitations in
using resvg:
1. There is no support for animations or interactivity as these would
require implementing the full DOM layer of SVG specification.
2. Only system fonts can be used for text rendering. There is some
mechanism to provide a custom font resolver to usvg, but that is not
explored in this change.
3. resvg's handling of certain edge cases involving lack of explicit
`width` and `height` on the root svg element deviates from what the
specification expects from browsers. For example, resvg uses the values
in `viewBox` to derive the missing width or height dimension, but
without scaling that dimension to preserve the aspect ratio. It also
doesn't allow overriding this behavior.
Demo screenshot:
<details>
<summary>Source</summary>
```
<style>
#svg1 {
border: 1px solid red;
}
#svg2 {
border: 1px solid red;
width: 300px;
}
#svg3 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: contain;
}
#svg4 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: cover;
}
#svg5 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: fill;
}
#svg6 {
border: 1px solid red;
width: 300px;
height: 200px;
object-fit: none;
}
</style>
</head>
<body>
<div>
<img id="svg1" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
</div>
<div>
<img id="svg2" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
<img id="svg3" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
<img id="svg4" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
</div>
<div>
<img id="svg5" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
<img id="svg6" src="https://raw.githubusercontent.com/servo/servo/refs/heads/main/resources/servo.svg" alt="Servo logo">
</div>
</body>
```
</details>
---------
Signed-off-by: Mukilan Thiyagarajan <mukilan@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Replace the holder of actual pixel data of the ImageBitmap interface
([[BitmapData]] slot) from Vec<u8> to snapshot::Snapshot (image bitmap
with metadata).
https://html.spec.whatwg.org/multipage/#the-imagebitmap-interface
It will allow to have all required information (e.g. size, pixel format,
alpha mode)
for further drawing processing to/from canvas2D output bitmap.
Testing: No required tests
Fixes: https://github.com/servo/servo/issues/34112
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
Previously, when the theme was set it was only set on currently active
`Window`s. This change makes setting the `Theme` stateful. Now the
`Constellation` tracks what theme is applied to a `WebView` and properly
passes that value to new `Pipeline`s when they are constructed. In
addition, the value is passed to layout when that is constructed as
well.
Testing: this change adds a unit test.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
According to specification ImageBitmap objects are serializable objects
and transferable objects.
https://html.spec.whatwg.org/multipage/#the-imagebitmap-interface:imagebitmap-11
Testing:
- html/canvas/element/manual/imagebitmap/*
- html/infrastructure/safe-passing-of-structured-data/*
- html/webappapis/structured-clone/*
- workers/semantics/structured-clone/*
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
Removed unused dependencies in various crates using cargo-machete, grep
and cargo-udeps.
Testing: The CI tests if any dependencies were used that are removed.
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Implement missing synchronization in `dispatch_actions` of `WebDriver`.
https://w3c.github.io/webdriver/#dispatching-actions
> The user agent event loop has spun enough times to process the DOM
events generated by the last invocation of the >[dispatch tick
actions](https://w3c.github.io/webdriver/#dfn-dispatch-tick-actions)
steps.
- Add a way for `ScriptThread` to notify `WebDriver` about the
completion of input commands.
- Add a `webdriver_id` field for `InputEvent`. `ScriptThread` uses it to
distinguish WebDriver events and sends notification.
Tests:
`./mach test-wpt --product servodriver -r
tests\wpt\tests\webdriver\tests\classic\element_click\events.py` pass if
`hit_testing` pass. Check
[issue](https://github.com/servo/servo/issues/36676#issuecomment-2882917136)
cc: @xiaochengh
---------
Signed-off-by: batu_hoang <longvatrong111@gmail.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Our persistent localstorage data can be meaningfully large after testing
real world sites. This change ensures it shows up in about:memory.
Testing: Opened about:memory after launching the browser with a
persistent config
Fixes: Part of #11559
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Previously, after a layout was finished (or skipped in the case of
repaint-only layout), both the stacking context tree and display list
were built. In the case of repaint-only layout, we should be able to
skip the reconstruction of the stacking context tree and only do display
list building.
This change does that, also generally cleaning and up and clarifying the
data structure used during this phase of layout. This opens up the
possibility of a new kind of incremental layout that does both repaint
and a rebuild of the stacking context tree.
On the blaster.html test case[^1], this reduces tightly-measured layout
time from ~45-50 milliseconds to ~25-30 milliseconds on my M3.
[^1]: https://gist.github.com/mrobinson/44ec87d028c0198917a7715a06dd98a0
Testing: There are currently no performance tests for layout. :( This
should
not modify the results of WPT tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
This reduces the memory used by the preload list to just 1.9MB. The
total memory savings in HSTS from
pre-103cbed928
is now 62MB, or 96%. And in terms of total resident memory is a 7.5%
reduction. The DAFSA/DAWG used by Firefox is 1.1MB so there could be
additional gains available but this seems like the best option based on
maintained libraries available (I could not find a good maintained
library for DAFSAs in Rust).
The main trick is this: the FST map API is currently designed to map
byte sequences to u64 values. Because we only need to determine if a
preloaded domain has the `includeSubdomains` flag set, we encode that
into the lowest bit of the ids in the map. This way finding an entry in
the map directly provides us with the `includeSubdomains` flag and we
don't need to keep another mapping in memory or on disk.
Updated the `./mach update-hsts-preload` command to generate the new FST
map file. (Not sure if I need to update any dev-dependencies anywhere
for this change)
This change also replaces the use of "mozilla.org" with "example.com" in
the HSTS unit tests to make sure that entries in the preload list do not
influence the tests (since example.com should not ever end up on the
preload list)
Testing: Updated unit tests
Fixes: #25929
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
Plumbs in the memory reporting into resource_thread since that's where
the other user of the public suffix list (HSTS) reports.
Testing: Checked about:memory on servo.org
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
This changes includes two semi-related things:
1. Fixes some specification compliance issues when parsing mime
types and charsets for `XMLHttpRequest`.
2. Implements a `<stylesheet>` parsing quirk involving mime types.
Testing: There are tests for these changes.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
This way, we don't always set the destination to Document (which is as
the spec is written today). Instead, we set it it in the load_data,
depending on which context we load it from.
Doing so allows us to set the `Destination::IFrame` for navigations in
iframes, enabling all frame-related CSP checks.
While we currently block iframes when `frame-src` or `child-src` is set,
their respective tests don't pass yet. That's because we don't yet
handle the cases
where we fire the correct `load` event.
Also update one WPT test to correctly fail, rather than erroring. That's
because it was using the wrong JS test variable.
Part of #4577
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
This change adds a shadow-tree widget for `<input type=color>` elements.
It also involves some changes to the way layout interacts with the DOM,
because currently all `input` and `textarea` elements are rendered as
plain text and their descendants are ignored. This obviously doesn't
work for `<input type={color, date, range, etc}>`.
<details><summary>HTML used for the screenshot above</summary>
```html
<input type=color>
```
</details>
Testing: I doubt that this affects WPT tests, because the appearance and
behaviour of the widget is almost entirely unspecified.
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This change also removes the ProfilingCategory::variant_name function,
because strum_macros::IntoStaticStr is already being used and does the
same thing.
Testing: This change compiles and that's good enough
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This change adds a new `WebView` API `evaluate_javascript()`, which
allows embedders to
execute JavaScript code and wait for a reply asynchronously. Ongoing
script execution is
tracked by a libservo `JavaScriptEvaluator` struct, which maps an id to
the callback passed
to the `evaluate_javascript()` method. The id is used to track the
script and its execution
through the other parts of Servo.
Testing: This changes includes `WebView` unit tests.
---------
Signed-off-by: Narfinger <Narfinger@users.noreply.github.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Add mock SVGImageElement interface to fix TIMEOUT WPT tests
which are related to ImageBitmap (html/canvas/*).
https://svgwg.org/svg2-draft/embedded.html#InterfaceSVGImageElement
Rationality of this change to fire event "error" on any attempt to fetch
image resource on href attribute change to not block WPT tests
execution.
Some WPT tests use the legacy namespace attribute "xlink:href", so
support for it was added to source code.
https://svgwg.org/svg2-draft/linking.html#XLinkHrefAttribute
- setAttributeNS("http://www.w3.org/1999/xlink", 'xlink:href', src);
Testing: Covered by existed WPT tests
- fetch/metadata/generated/svg-image*
- html/canvas/element/manual/*
- html/dom/idlharness.https.html
- html/semantics/embedded-content/the-canvas-element/*
- html/webappapis/scripting/events/event-handler-all-global-events.html
- mozilla/interfaces.https.html
Fixes: https://github.com/servo/servo/issues/35881
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
Fix a IPC hang due to `ReadableStream::get_in_memory_bytes` could return
really huge chunk.
Testing: WPT on ReadableStream should pass
Fixes: IPC hang when transferring huge chunk bytes from `ReadableStream`
cc @gterzian @Taym95 since this is also related to ReadableStream.
---------
Signed-off-by: Yu Wei Wu <yuweiwu@YunoMacBook-Air.local>
Co-authored-by: Yu Wei Wu <yuweiwu@YunoMacBook-Air.local>
Fix ElementClick: `ElementClick` should use `MouseButton::Left` to
create `action`.
Testing: No pass test now. Tests still fail because of other issues.
For: https://github.com/servo/servo/issues/36658
cc: @xiaochengh , @yezhizhen , @PotatoCP
Signed-off-by: batu_hoang <longvatrong111@gmail.com>
The two significant changes here are 1) a commit that frees memory used
to perform memory reporting once the reporting is complete, 2) memory
reporting for the system font service. There are various other commits
that remove `#[ignore_malloc_size_of]` attributes for data that we are
now able to measure, but they do not significantly change our
measurements when testing servo.org.
Testing: Comparing the output of about:memory on servo.org.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
When slicing a blob that is already sliced we should reference it's
parent's data instead of creating a subview into the sliced blob. This
keeps the blob ancestry chain small and reduces the number of blobs that
we have to resolve.
Testing: Includes a new crashtest
Fixes: https://github.com/servo/servo/issues/36843
[try
run](1484487366)
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
This change connects the `HighlighterActor` from the devtools with the
document, which will draw a blue rectangle over any highlighted dom
node.
https://github.com/user-attachments/assets/571b2dab-497f-4102-9e55-517cdcc040ba
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes do not require tests because we don't have devtools
tests
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Rather than sharing the full image cache in a script_thread, the image
cache is now unique per document. This ensures that CSP factors no
longer affect whether the image is retrieved from the cache incorrectly.
To do so, the thread_pool is shared across all caches, but the store is
fresh. Except for the place_holder{image,url}, which are cloned. That's
because the `rippy_data` is only available in the constellation and no
longer accessible at the point that we need to create the document in
the script_thread.
Contrary to the description in #36505, the script_thread still has an
image_cache for this reason: so it has access to the store and
thread_pool to clone it.
With these changes, the two CSP tests no longer flake. Confirmed with
running the following commmand:
```
./mach test-wpt tests/wpt/tests/content-security-policy/generic/ --rerun=10
```
Fixes#36505
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This follows the rules as defined in
https://w3c.github.io/webappsec-csp/#security-inherit-csp
where local iframes (about:blank and about:srcdoc) should
initially start with the CSP rules of the parent. After
that, all new CSP headers should only be set on the
policy container of the iframe.
Part of #36437
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
All canvases return `Option<ImageKey>`.
Testing: Just refactor without behavior changes
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
Implement
[disentangle](https://html.spec.whatwg.org/multipage/#disentangle)
Remove bespoke gc logic which now becomes unnecessary.
Adds a wpt test that hits the "disentangle while in transfer" logic.
Updates streams code, fixing an error where disentanglement is
conditional on an error.
Test coverage: there are existing tests in
`/webmessaging/message-channels/close-event/explicitly-closed.tentative.window.js`
for the no transfer case, and the simple completed transfer case, and
this PR adds a test for the more complicated transfer in progress case.
Fix https://github.com/servo/servo/issues/36465
---------
Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
This patch adds support for listing `worker scripts` in `debugger >
source` panel
For example:
```
<!-- test.html -->
<!doctype html><meta charset=utf-8>
<script>
setTimeout(() => {
console.log("inline classic");
new Worker("worker.js");
const blob = new Blob([`console.log("blob worker");`], { type: "text/javascript" });
const blobURL = URL.createObjectURL(blob);
new Worker(blobURL);
}, 2000);
</script>
```
```
// worker.js
console.log("external classic worker");
```
```
./mach run --devtools=6080 http://127.0.0.1:3000/test.html
```
Another example:
```
./mach run --devtools=6080 https://charming.daz.cat/
```
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes partially implement #36027
- [x] These changes require tests, but they are blocked on
https://github.com/servo/servo/issues/36325
---------
Signed-off-by: atbrakhi <atbrakhi@igalia.com>
This change switches `offsetParent`, `offsetLeft`, etc queries to use
the BoxTree fragments instead of walking the entire fragment tree. In
addition, fragments are stored for columns and colgroups. In general,
this greatly simplifies the flow of the query and prevents having to do
expensive tree walks.
Testing: This change is covered by newly passing WPT tests and three new
failures:
- /css/filter-effects/backdrop-filter-edge-clipping-2.html
- /css/filter-effects/backdrop-filter-edge-mirror.html
- /css/filter-effects/backdrop-filter-edge-pixels-2.html
These failures are actually progressions, because now the references
start
to render properly whereas before they did not.
Fixes: This is part of #36525 and #36665.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
This is a followup to #36629, continuing to implement script-based
layout queries using the `Fragment`s attached to the `BoxTree`. In this
change, geometry queris (apart from parent offset) are calculated using
`Fragment`s hanging of the `BoxTree`.
In order to make this work, all `Fragment`s for inlines split by blocks,
need to be accessible in the `BoxTree`. This required some changes to
the way that box tree items were stored in DOM `BoxSlot`s. Now every
inline level item can have more than a single `BoxTree` item. These are
carefully collected by the `InlineFormattingContextBuilder` -- currently
a bit fragile, but with more documentation.
Testing: There are tests for these changes.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
Previously, when processing animations, the compositor would sent a tick
message to each pipeline. This is an issue because now the
`ScriptThread` always processes rendering updates for all `Document`s in
order to ensure properly ordering. This change makes it so that tick
messages are sent for an entire WebView. This means that each
`ScriptThread` will always receive a single tick for every time that
animations are processed, no matter how many frames are animating. This
is the first step toward a refresh driver.
In addition, we discard the idea of ticking animation only for
animations and or only for request animation frame callbacks. The
`ScriptThread` can no longer make this distinction due to the
specification and the compositor shouldn't either.
This should not really change observable behavior, but should make Servo
more efficient when more than a single frame in a `ScriptThread` is
animting at once.
Testing: This is covered by existing WPT tests as it mainly just improve
animation efficiency in a particular case.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
We previously ignored the opaque layout data field inside each node when
measuring a DOM node's memory usage. While some of the reachable memory
was accounted for by measuring the layout's box tree, measuring it via
the node ensures that we don't miss anything. Since there are often Arc
values involved, this means that the layout-thread box tree measurements
now look quite small, while reported JS heap usage has increased.
Testing: Manually compared about:memory for servo.org.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
When doing any kind of query, up until now, containing block rectangles
were calculated by walking the `FragmentTree` until the node being
queried was found. In order to make possible answering queries without
walking the `FragmentTree`, `Fragment`s need to cache their cumulative
containing block rectangles.
This change adds a new `FragmentTree` pass (during construction) that
takes care of calculating and caching these values. The new cached value
is used during resolved style queries and also scrolling area queries
(with the idea that all queries will eventually use them).
In addition, extra `FragmentTree` walks used for cancelling animations
for elements no longer in the `FragmentTree` are integrated into this
new traversal.
Testing: Covered by existing WPT tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
Each canvas context returns snapshot instead of just raw bytes. This
allows as to hold off conversions (BGRA <-> RGBA, (un)premultiply) to
when/if they are actually needed. For example when loading snapshot into
webgl we can load both RGBA and BGRA so no conversion is really needed.
Currently whole thing is designed to be able to be extend on
https://github.com/servo/ipc-channel/pull/356, to make less copies.
Hence some commented out code.
Fixes#35759
There are tests for these changes in WPT
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
remove `webrender_document` in script and constellation's pipeline
Testing: `webrender_document` in script crate is not being referenced
anywhere in the Servo, should be safe to remove.
Fixes: https://github.com/servo/servo/issues/36647
Signed-off-by: Jason Tsai <git@pews.dev>
Rather than creating unique types for each pipeline-namespaced index
type (eg. MessagePortId, DomExceptionId, etc.), we can create a generic
common type that uses a marker to prevent type confusion. This change
allows us to reduce the boilerplate code required when implementing
serializable/transferable interfaces, since the structured clone
implementation can rely on the common type.
Testing: Existing WPT tests for serialization and transferring provide
coverage.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
There is a `WebView` in libservo (new) and a `WebView` in compositing
(old). Nowadays, the "real" `WebView` is the one in the libservo. The
`WebView` in `compositing` is really about rendering the contents of a
`WebView` from libservo. In addition there is also a trait exposed by
the compositor called `RendererWebView` which is a way for the
compositor to talk to libservo without a circular dependency.
This changes does some renames to make things clearer and so that there
is One Less WebView™:
- `compositing::WebView` -> `compositing::WebViewRenderer` (this is the
same kind of naming as `ServoRenderer`).
- `compositing::RendererWebView` -> `compositing::WebViewTrait`
Testing: This is just a couple renames so should be covered by existing
tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
In #36364 I moved both serializable and transferable implementations
from the `script_traits` crate into a single file called
`message_ports.rs`. Gregory raised the point that this was a bit of a
inaccurate grouping. This change attempts to fix it according to the
division in the specification.
See [the relevant thread on zulip][thread].
[thread]:
510864104.
Testing: Covered by existing test as this is just code movement.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Rework `ScriptThread::handle_input_event` for correct behaviour and
better performance
1. Only trigger click event with primary button, according to spec
2. Avoid unnecessary clone of `ConstellationInputEvent`
This is a follow up of #36413
Testing: Manually tested. Right mouse won't trigger click event now.
Fixes: #35666
cc @jdm @xiaochengh
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
Add memory reporter integration for the fragment and box trees that are
persisted in the layout thread.
Testing: Looked at the numbers for https://servo.org and
https://html.spec.whatwg.org/. The former was very small, but the latter
was 700mb.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
1. Move click event trigger from embedding layer to `ScriptThread`
2. Previously, the logic is to trigger click event at same position as
`MouseButtonAction::Up` if `MouseButtonAction::Up` is within 10px of
`MouseButtonAction::Down`, in embedding layer. This PR ~~removes the
condition~~ moves the check to `ScriptThread`.
Testing: tested for webdriver with self written test case. Perform
actions of pointermove, pointerdown, pointerup in sequence. Click event
can now be triggered.
Fixes: #35395
cc @xiaochengh @jdm
For `MAYBE? TODO:` part I added, should we do it? I read the
[spec](https://w3c.github.io/uievents/#event-type-click), it doesn't
specify we have to implement MDN's way.
If we should work in the MDN's way, it also should be fixed in another
PR, as this PR doesn't regress anything. Also I am not sure what is the
best way to do it.
Should I handle it in
4d4f94936f/components/script/dom/document.rs (L1296-L1297)?
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
