Commit graph

1181 commits

Author SHA1 Message Date
Patrick Shaughnessy
67827debd8 Now just one is_cors_safelisted_request_header, with closer spec alignment 2019-12-16 09:07:02 -05:00
Josh Matthews
46b155d0e8 Disable H2 ALPN. 2019-12-13 16:13:48 -05:00
Jan Andre Ikenmeyer
b811be764c
Add ALPN and signature algorithms to OpenSSL config 2019-11-30 05:18:00 +01:00
bors-servo
5f1681ad25
Auto merge of #24875 - jdm:wr-no-ipc, r=asajeffrey
Extract IPC out of webrender

Fixes #20172. Fixes #13480.
2019-11-27 20:48:13 -05:00
Josh Matthews
564c16d754 Use non-IPC webrender API over explicit IPC channels. 2019-11-27 20:47:53 -05:00
Patrick Shaughnessy
7363db31db Fix #2909 as far as WPT is concerned, not full data-url class integration 2019-11-26 09:49:30 -05:00
Jan Andre Ikenmeyer
941659bb30
Use HSTS preload list for private HttpState, too. 2019-11-10 20:16:53 +01:00
Shinichi Morimoto
70c62ceee7 Fix check conditions 2019-11-05 11:24:38 +09:00
Shinichi Morimoto
b0a12f6a8a fix #24367 2019-11-05 11:24:38 +09:00
teapotd
c54df2b965 Limit referer header value length to 4096 2019-10-24 20:59:00 +02:00
Anthony Ramine
785a344e32 Update rand to 0.7 (fixes #24448) 2019-10-23 15:34:48 +02:00
bors-servo
bf587f22d7
Auto merge of #24508 - pajamapants3000:21254, r=jdm
Add start_time to resource timing.

<!-- Please describe your changes on the following line: -->
`start_time` property added to `ResourceFetchTiming`, which enables the setting of `start_time` in the `PerformanceEntry` member of `PerformanceResourceTiming`.

Following the specification at https://w3c.github.io/resource-timing/#dfn-starttime, `start_time` is set to the value of `redirect_start` if redirection occurs and the timing allow check passes. Otherwise it has the same value as `fetch_start`.

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix #21254

<!-- Either: -->
- [x] There are tests for these changes OR
- [ ] These changes do not require tests because ___

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
2019-10-22 09:34:07 -04:00
Tommy Lincoln
fcad88cddd Add start_time to resource timing. 2019-10-20 07:28:11 -07:00
Gregory Terzian
2f8932a6a1 continue messageport, transferable, postmessage options 2019-10-19 14:28:18 +08:00
Michael Howell
b8f3e8bb2e Add simple implementation of content-security-policy on scripts / styles
This needs a lot more hooks before it'll actually be a good
implementation, but for a start it can help get some feedback on if this
is the right way to go about it.

Part of servo/servo#4577
2019-10-16 19:46:45 +00:00
bors-servo
d28d9fe273
Auto merge of #23990 - tomasdivito:add-secure-connection-start, r=jdm
Add secure connection start

Implementing `secure_connection_start` as well as we can, this is related to #21268

We are setting the value as well as we can since we don't have a way to know if we are currently using a secure transport or where the handshake before the connection is done as the spec says on the step 15 [https://w3c.github.io/resource-timing/#sec-process](https://w3c.github.io/resource-timing/#sec-process)

Regarding the Timing Allow Check, that's being done on another PR by another person which will take care of setting the rest of the values on `PerformaceResourceTiming` to Zero and prevent them to set them any other way.

I'm currently setting the `secure_connection_time` using `precise_time_ms()` as the `connection_start` and `connection_end` are set that way... but other attributes inside `PerformanceResourceTiming` are set using `precise_time

Another thing, the issue talks about setting `redirect_start` but I'm not really sure if it's related, if so I can look up into that too... I might have just read and thought it was all about secure connection start.

---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [ ] These changes fix #21268

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/23990)
<!-- Reviewable:end -->
2019-10-10 22:16:27 -04:00
Tomas Di Vito
bd0c0b65ba implemented secure_connection_start 2019-10-10 14:30:03 -03:00
bors-servo
b34fc13eee
Auto merge of #24401 - gterzian:ensure_done_chan_is_none_when_revalidating, r=jdm
Fetch: ensure consistency between response, done-chan, and cache state.

This ensures that when a cached response is not used because it requires revalidation, the done chan is set back to `None`(since the cache might have set it to `Some` when constructing the response requiring revalidation).

<!-- Please describe your changes on the following line: -->

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix #24399 (GitHub issue number if applicable)

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24401)
<!-- Reviewable:end -->
2019-10-09 10:53:17 -04:00
bors-servo
3d529b1b88
Auto merge of #24402 - gterzian:remove_thread_spawning_in_ws, r=jdm
Websocket: use ipc router to handle ws dom-action messages

<!-- Please describe your changes on the following line: -->

Use the ipc router as opposed to spawning a dedicated thread.

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24402)
<!-- Reviewable:end -->
2019-10-09 09:16:12 -04:00
Gregory Terzian
c1573cc4fc use ipc router to handle ws dom-action messages 2019-10-09 17:36:45 +08:00
Gregory Terzian
bb1fa88864 fetch: ensure consistency between response, done-chan, and cache state. 2019-10-09 17:13:03 +08:00
CYBAI
f771e5f371 Use RequestBuilder for CORS preflight fetch 2019-10-09 12:23:43 +09:00
Gregory Terzian
4f3ba70704 http-cache: wait on pending stores
and various small improvements
2019-10-08 17:58:20 +08:00
bors-servo
75548f40c6
Auto merge of #24340 - jdm:image-cache-cors, r=Manishearth
Allow using CORS filtered image responses as WebGL textures

More specifically, this makes the "is this image same origin?" check consider the CORS status of the original response, rather than relying on an overly-strict "is this image's response's URL same-origin with a particular global?" check. To do this, we make the image cache double keyed based on the requested URL as well as the requesting origin, and store the CORS status of the eventual response with the final image that eventually gets sent to the HTMLImageElement consumer.

---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix #24330 and fix #24368
- [x] There are tests for these changes

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24340)
<!-- Reviewable:end -->
2019-10-07 18:39:36 -04:00
bors-servo
37ab273c82
Auto merge of #24370 - jdm:cache-crossorigin-test, r=gterzian
Cache crossorigin test

This adds a test for #24356 to ensure that we don't regress our cache behaviour.

---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] There are tests for these changes

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/24370)
<!-- Reviewable:end -->
2019-10-07 11:28:53 -04:00
Tugdual JULLIEN
85e6418271 Pass argument by reference to CacheKey constructor
Argument now passed by reference, and clone() removed when calling
constructor.
2019-10-05 11:18:51 +02:00
Josh Matthews
b347cf877c Add some useful HTTP cache debug output. 2019-10-04 15:26:03 -04:00
Josh Matthews
a241232c2b Add useful debug output for HTTP response and image cache. 2019-10-04 15:08:40 -04:00
Josh Matthews
1df8d57dc6 Support CORS attributes for image elements. 2019-10-04 15:08:40 -04:00
Josh Matthews
81a67aed9e Double key image cache by requesting origin, and store CORS status with cached images. 2019-10-04 09:22:21 -04:00
Josh Matthews
2156ed7ab2
rustfmt 2019-10-03 03:12:18 -04:00
Josh Matthews
d8cdc71a28
Use unfiltered response body when replicating body of cached responses. 2019-10-03 02:21:27 -04:00
Shotaro Yamada
b228d2700e Remove unused dependencies 2019-10-01 21:15:53 +09:00
Javed Nissar
7596c36959 Move ResourceFetchTiming into Arc
The purpose of this commit is to ensure that the Response object has
access to Timing updates as previously the Response object simply
stored a ResourceFetchTiming struct so updates on ResourceFetchTiming
that were not explicitly done on the Response would not be passed down.
The references to ServoArc are added because Response uses
servo_arc::Arc rather than std::sync::Arc as is used elsewhere. So,
we've switched those other places to servo_arc::Arc instead of switching
Response to std::sync::Arc.
2019-09-18 11:54:28 -04:00
Javed Nissar
bb8166bb97 Add PerformanceResourceTiming: TimingAllowCheck
The purpose of this commit is to implement https://w3c.github.io/resource-timing/#dfn-timing-allow-check
2019-09-18 11:54:28 -04:00
Alan Jeffrey
49a5e84fb1 Responding to review comments 2019-09-11 11:40:50 -05:00
Alan Jeffrey
aeac382058 Make http_loader more robust against hyperium parse errors 2019-09-10 16:13:50 -05:00
Alan Jeffrey
1aeb97b281 Prefetch img and scripts during parsing 2019-09-10 16:13:49 -05:00
Josh Matthews
0d88b04f32 Update hyper to 0.12.33. 2019-08-29 14:51:01 -07:00
Bastien Orivel
92161ecfbc Update ipc-channel and related dependencies 2019-08-27 23:44:04 +02:00
Simon Sapin
8eb650bafd Deduplicate idna, log, mime, mime_guess, percent-encoding, unicase, url, ws 2019-08-19 20:09:20 +02:00
Simon Sapin
734fa6da2b Update to percent-encoding 2.0 2019-08-17 10:03:44 +02:00
Simon Sapin
9392180007 Update to url 2.0 2019-08-17 10:03:44 +02:00
Alan Jeffrey
701256d837 Pass the event loop waker into WebXR 2019-07-25 12:55:26 -05:00
Thomas Delacour
18178fa107
ISSUE-21257: set redirectEnd on PerformanceResourceTiming 2019-07-19 21:36:24 +02:00
Patrick Walton
2f9c9cefdb WebRender units are no longer reexported. 2019-07-09 10:50:27 -04:00
Kamil Niski
d84513cc50 Add PerformanceResourceTiming: domainLookupStart
Remove wpt tests for domainLookupStart

Set ResourceAttribute::DomainLookupTime

Move DomainLookupStart timing before HTTP request initialization

Change label of domainLookupStart TAO zero test to PASS

Adjust the from_resource_timing method to initialize domain_lookup_start value

Restore domainLookupsStart test
2019-06-30 00:20:26 +02:00
bors-servo
1d2c0ba0bc
Auto merge of #23593 - georgeroman:fix_panic_on_opening_directory, r=Manishearth
Fix panic on opening a directory

<!-- Please describe your changes on the following line: -->

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors

Continued from https://github.com/servo/servo/pull/23548

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/23593)
<!-- Reviewable:end -->
2019-06-22 22:24:08 -04:00
bors-servo
5592682c4b
Auto merge of #23494 - gterzian:improve_http_cache, r=jdm
Various improvements and update to the http cache

<!-- Please describe your changes on the following line: -->

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/23494)
<!-- Reviewable:end -->
2019-06-22 11:36:14 -04:00
Gregory Terzian
689b7971b8 http-cache: re-enable and update test 2019-06-22 06:28:32 -07:00