It also updates the FetchResponseListener to process CSP violations to
ensure that iframe elements (amongst others) properly generate the CSP
events. These iframe elements are used in the Trusted Types tests
themselves and weren't propagating the violations before.
However, the tests themselves are still not passing since they also use
Websockets, which currently aren't using the fetch machinery itself.
That is fixed as part of [1].
[1]: https://github.com/servo/servo/issues/35028
---------
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
Propagate through documents a flag that represents if any of the
ancestor navigables has a potentially trustworthy origin.
The "potentially trustworthy origin" concept appears to have gotten
confused in a couple of places and we were instead testing if a URL had
"potentially trustworthy" properties.
The main test for the ancestor navigables is
[mixed-content/nested-iframes](https://github.com/web-platform-tests/wpt/blob/master/mixed-content/nested-iframes.window.js)
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#36108
<!-- Either: -->
- [X] There are tests for these changes
---------
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
* Add doc comments to RequestBuilder fields/methods
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Implement Request::cryptographic_nonce_metadata
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Implement HTMLOrSVGElement::nonce
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Set request cryptographic nonce metadata for link elements
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Set request's cryptographic nonce when fetching scripts
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Forward request nonce to rust-content-security-policy
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Update WPT expectations
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Use 2024 style edition
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Reformat all code
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
`EmbedderMsg` was previously paired with an implicit
`Option<WebViewId>`, even though almost all variants were either always
`Some` or always `None`, depending on whether there was a `WebView
involved.
This patch adds the `WebViewId` to as many `EmbedderMsg` variants as
possible, so we can call their associated `WebView` delegate methods
without needing to check and unwrap the `Option`. In many cases, this
required more changes to plumb through the `WebViewId`.
Notably, all `Request`s now explicitly need a `WebView` or not, in order
to ensure that it is passed when appropriate.
Signed-off-by: Delan Azabani <dazabani@igalia.com>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating an IPC channel for every fetch, allow cancelling
fetches based on the `RequestId` of the original request. This requires
that `RequestId`s be UUIDs so that they are unique between processes
that might communicating with the resource process.
In addition, the resource process loop now keeps a `HashMap` or `Weak`
handles to cancellers and cleans them up.
This allows for creating mutiple `FetchCanceller`s in `script` for a
single fetch request, allowing integration of the media and video
elements to integrate with the `Document` canceller list -- meaning
these fetches also get cancelled when the `Document` unloads.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
No longer hide errors while queueing tasks on the main thread. This
requires creating two types of `TaskSource`s: one for the main thread
and one that can be sent to other threads. This makes queueing a bit
more efficient on the main thread and more importantly, no longer hides
task queue errors.
Fixes#25688.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Mukilan Thiyagarajan <mukilan@igalia.com>
* fix: add source browsing ctx id to request when initiate navigation
Signed-off-by: Jason Tsai <git@pews.dev>
* chore: clippy
Signed-off-by: Jason Tsai <git@pews.dev>
* Update components/net/http_loader.rs
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Jason Tsai <git@pews.dev>
* chore: apply suggestions
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Jason Tsai <git@pews.dev>
* chore: fix naming
Signed-off-by: Jason Tsai <git@pews.dev>
* refactor: set request browsing ctx id on pre page load
Signed-off-by: Jason Tsai <git@pews.dev>
---------
Signed-off-by: Jason Tsai <git@pews.dev>
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
Instead of creating a type for each `TaskSource` variety have each `TaskSource`
hold the same kind of sender (this was inconsistent before, but each
sender was effectively the same trait object), a pipeline, and a
`TaskSourceName`. This elminates the need to reimplement the same
queuing code for every task source.
In addition, have workers hold their own `TaskManager`. This allows just
exposing the manager on the `GlobalScope`. Currently the `TaskCanceller`
is different, but this will also be eliminated in a followup change.
This is a the first step toward having a shared set of `Sender`s on
`GlobalScope`.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* Implement PolicyContainer
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
* implement small parts of fetch that interact with policy container
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
* fix: allow policy container's csp list to be unset
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
* fix: use the correct default policy when parsing from a token
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
---------
Signed-off-by: Shane Handley <shanehandley@fastmail.com>
* few cangc fixes
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
* few cangc fixes
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
---------
Signed-off-by: L Ashwin B <lashwinib@gmail.com>
Instead of creating a `ROUTER` for each fetch, create a fetch thread
which handles all incoming and outcoming fetch requests. Now messages
involving fetches carry a "request id" which indicates which fetch is
being addressed by the message. This greatly reduces the number of file
descriptors used by fetch.
In addition, the interface for kicking off fetches is simplified when
using the `Listener` with `Document`s and the `GlobalScope`.
This does not fix all leaked file descriptors / mach ports, but greatly
eliminates the number used. Now tests can be run without limiting
procesess on modern macOS systems.
Followup work:
1. There are more instances where fetch is done using the old method.
Some of these require more changes in order to be converted to the
`FetchThread` approach.
2. Eliminate usage of IPC channels when doing redirects.
3. Also eliminate the IPC channel used for cancel handling.
4. This change opens up the possiblity of controlling the priority of
fetch requests.
Fixes#29834.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
* Document "fetch" method
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Bring http_network_or_cache_fetch closer to the spec
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* fix test-tidy errors
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Move all code into http_loader.rs
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Don't panic if hyper/servo disagree about valid origins
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Add "otherwise" to spec comment
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Convert FIXME's to TODOs when appropriate
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Remove TODO about No-Store cache directive
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Remove indentation from multiline spec comments
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Add fetch assertions
This is from a spec update where assertions
about requests origin not being client
were added.
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Add note about serializing headers
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Add TODO about partitioning http cache
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Convert FIXME to TODO in script/
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Link to relevant issue for TODO comments
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
---------
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
* Remove script_plugins
* Use crown instead of script_plugins
* crown_is_not_used
* Use crown in command base
* bootstrap crown
* tidy happy
* disable sccache
* Bring crown in tree
* Install crown from tree
* fix windows ci
* fix warning
* fix mac
libscript_plugins.dylib is not available anymore
* Update components/script/lib.rs
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
* Update for nightly-2023-03-18
Mostly just based off https://github.com/servo/servo/pull/30630
* Always install crown
it's slow only when there is new version
* Run crown test with `mach test-unit`
* Small fixups; better trace_in_no_trace tests
* Better doc
* crown in config.toml
* Fix tidy for real
* no sccache on rustc_wrapper
* document rustc overrides
* fixup of compiletest
* Make a few minor comment adjustments
* Fix a typo in python/servo/platform/base.py
Co-authored-by: Samson <16504129+sagudev@users.noreply.github.com>
* Proper test types
* Ignore tidy on crown/tests
---------
Co-authored-by: Martin Robinson <mrobinson@igalia.com>
* constellation: crash to a new “sad tab” page
* check in resources/crash.html
* use a separate enum variant instead of keying on reason
* fmt + tidy
* rename Resource::Crash to Resource::CrashHTML
* clean up crash page and add details (reason + backtrace)
* avoid repeating crash errors in script::script_thread warn log
* make new LoadData init more idiomatic
* clarify comments and new fields
* fix doc comment style
* Add `no_trace` option to JSTraceable derive
* NoTrace wrapper
* Port some types to no_trace schematics
* Fixing my unsafe mistakes (not tracing traceables)
* Add docs & safety guards for no_trace
Safety guards (trait shenanigans) guarantees safety usage of `no_trace`
* Port canvas_traits to no_trace
* Port servo_media to no_trace
* Port net_traits to no_trace
* Port style to no_trace
* Port webgpu to no_trace
* Port script_traits to no_trace
* Port canvas_traits, devtools_traits, embedder_traits, profile_traits to no_trace
* unrooted_must_root lint in seperate file
* Add trace_in_no_trace_lint as script_plugin
* Composable types in must_not_have_traceable
* Introduced HashMapTracedValues wrapper
* `HashMap<NoTrace<K>,V>`->`HashMapTracedValues<K,V>`
* Port rest of servo's types to no_trace
* Port html5ever, euclid, mime and http to no_trace
* Port remaining externals to no_trace
* Port webxr and Arc<Mutex<_>>
* Fix spelling in notrace doc
