This PR addresses [#36593](https://github.com/servo/servo/issues/36593),
where the poster image request for `<video>` elements lacked several
settings introduced in `RequestBuilder`. These settings —
`insecure_requests_policy`, `has_trustworthy_ancestor_origin`, and
`policy_container` — are now forwarded from the document, aligning
poster requests with other fetches using the correct policy container
and trust assessment.
This ensures that poster images are requested under the same security
assumptions as other media or resource loads.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#36593
<!-- Either: -->
- [X] There are tests for these changes
Signed-off-by: Emmanuel Elom <elomemmanuel007@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
Profiling from #36609 showed this is an easy win. Ordering of our root
list does not matter, so swap_remove is a constant time operation
compared to a linear time one that caused memmove to appear in profiles
with lots of unrooting.
Testing: Existing WPT tests will cover this change.
Fixes: Part of #36609.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Now that legacy layout has been removed, the name `layout_2020` doesn't
make much sense any longer, also it's 2025 now for better or worse. The
split between the "layout thread" and "layout" also doesn't make as much
sense since layout doesn't run on it's own thread. There's a possibility
that it will in the future, but that should be something that the user
of the crate controls rather than layout iself.
This is part of the larger layout interface cleanup and optimization
that
@Looriool and I are doing.
Testing: Covered by existing tests as this is just code movement.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
When layout encounters a CSS image, the script thread is responsible for
fetching the image from the image cache. When the image is not yet
available, the script thread creates image cache listeners to perform
actions in response to future updates from the image cache.
In the current implementation, a cache listener would iterate over all
nodes using a particular image and mark them as dirty. However, we
mistakenly added one cache listener per node, leading to n^2 runtime
while performing lots of redundant work. For cases like #36480 with over
1000 elements using the same image, this led to a completely
unresponsive script thread.
Testing: Manual testing on the provided testcase, and a new WPT test
that times out without this PR's changes.
Fixes: #36480
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Sets the navigator.onLine attribute to true.
Testing:
Ran `./mach run https://pinterest.com
--enable-experimental-web-platform-features`. This doesn't show the
"Hmm..you're not connected to the internet" text anymore.
<img width="1027" alt="Screenshot 2025-04-16 at 11 31 02 AM"
src="https://github.com/user-attachments/assets/3745077b-dc51-42ce-88a0-38d5f157fc0c"
/>
part of: #36554
---------
Signed-off-by: Siddhant N. Trivedi <sidntrivedi012@gmail.com>
Signed-off-by: Siddhant N Trivedi <sidntrivedi012@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
Add memory reporter integration for the fragment and box trees that are
persisted in the layout thread.
Testing: Looked at the numbers for https://servo.org and
https://html.spec.whatwg.org/. The former was very small, but the latter
was 700mb.
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Added a simple check to only perform metadata extraction and listener
notification when we haven't already processed the metadata for an image
Testing: Existing tests should cover if we break decoding image metadata
complete.
Fixes: #36502
---------
Signed-off-by: Barigbue <barigbuenbira@gmail.com>
Co-authored-by: Josh Matthews <josh@joshmatthews.net>
1. Move click event trigger from embedding layer to `ScriptThread`
2. Previously, the logic is to trigger click event at same position as
`MouseButtonAction::Up` if `MouseButtonAction::Up` is within 10px of
`MouseButtonAction::Down`, in embedding layer. This PR ~~removes the
condition~~ moves the check to `ScriptThread`.
Testing: tested for webdriver with self written test case. Perform
actions of pointermove, pointerdown, pointerup in sequence. Click event
can now be triggered.
Fixes: #35395
cc @xiaochengh @jdm
For `MAYBE? TODO:` part I added, should we do it? I read the
[spec](https://w3c.github.io/uievents/#event-type-click), it doesn't
specify we have to implement MDN's way.
If we should work in the MDN's way, it also should be fixed in another
PR, as this PR doesn't regress anything. Also I am not sure what is the
best way to do it.
Should I handle it in
4d4f94936f/components/script/dom/document.rs (L1296-L1297)?
---------
Signed-off-by: Euclid Ye <yezhizhenjiakang@gmail.com>
Start storing a link to laid-out `Fragment`s in `LayoutBoxBase`, so that
these are accessible for queries and eventually for incremental layout.
Some box tree data structures lacked a `LayoutBoxBase`, such as table
tracks and table track groups[^1].
In addition, start using these `Fragment`s for queries instead of
walking the entire `Fragment` tree. Currently, this isn't possible for
most queries as `Fragment`s do not cache their absolute offsets (which
are often necessary). This change uses the new box tree `Fragment`s for
most resolved style queries.
[^1]: Note that only rows and row groups store `Fragment`s as columsn
and
colgroups do not produce any.
Testing: This is covered by existing tests.
Fixes: This is part of #36525.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
Updates wgpu to v25 and remove some verbose logging from CTS (that also
causes OOM).
Testing: WebGPU CTS
---------
Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com>
This removes a bunch of duplicated code needed to support
ConditionalMallocSizeOf correctly, and fixes multiple places where that
code was subtly wrong (the seen pointers hashset was never cleared).
Testing: Measuring https://www.nist.gov/image-gallery lots of times.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This also ensures that document now reports all violations and we set
the correct directive.
With these changes, all `script-src-attr-elem` WPT tests pass.
Part of #36437
Requires servo/rust-content-security-policy#3 to land first
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
This is a follow-up to #36518, which only addressed inline formatting
contexts. However, flex formatting contexts had the same problem, so it
seems safer to address it in general.
Testing: this makes a WPT test pass
Fixes: #36570
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
These changes make the image-cache memory reporter report much larger
values after loading image-heavy pages.
Testing: Manual testing on https://www.nist.gov/image-galleryFixes: #36559
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This file used to contain the `EmbedderDelegate` and `WindowMethods`
traits, but these are gone now, so we can move the one remaining enum
to be in `compositor.rs` where it is used. This change also stops
exposing the `compositing` crate as public Servo API.
Testing: This does not change behavior so is covered by existing tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
In Servo debug build there are runtime crash due to "attempt to multiply
with overflow" panic
in case of creation too large ImageData (new ImageData(1<<31, 1<<31))
Use checked integer multiplication to catch occurred overflow
and throwing JS error (RangeError OR IndexSizeError).
--
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] There are tests for these changes
tests/wpt/tests/html/canvas/element/pixel-manipulation/2d.imageData.object.ctor.basics.html
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
This allows removing a LazyLock around the resources.
We override the baked in resources unconditionally in servoshell
upon initialization anyway
([desktop](9f93ccd942/ports/servoshell/desktop/cli.rs (L15)),
[android](9f93ccd942/ports/servoshell/egl/android/simpleservo.rs (L49)),
[ohos](9f93ccd942/ports/servoshell/egl/ohos/simpleservo.rs (L43))
), meaning that the baked in resources
are unused in servoshell.
For 3rd-party embedders, we probably also want to the let them know
early that they should initialize the resources, instead of
restricting the panics to production mode.
Rippy is the only resource which was required. Since it is only
253 bytes large, we just bake that resource in as a fallback.
We do want to make using the resources easy from tests, so we add
some logic to keep the baked in resources for tests only and initialize
the resource reader on first access.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
These changes make our implementation of the enumeration hook for
globals [match
Gecko's](https://searchfox.org/mozilla-central/rev/1f65969e57c757146e3e548614b49d3a4168eeb8/dom/base/nsGlobalWindowInner.cpp#3297),
fixing an assertion failure that occurred in the previous
implementation.
Our enumeration hook is supposed to fill a vector with names of
properties on the global object without modifying the global in any way;
instead we were defining all of the missing webidl interfaces. We now do
much less work and crash less.
Testing: New crashtest based on manual testcase.
Fixes: #34686
---------
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
This is needed to implement features like `Response.json` which is a
static helper added to the fetch spec which overlaps with the `json`
instance method `Response` has from `Body`.
Partly based these changes on what Firefox does for this same issue.
(https://searchfox.org/mozilla-central/source/dom/bindings/Codegen.py
and
https://searchfox.org/mozilla-central/source/dom/bindings/Configuration.py
specifically keying `binaryNameFor` on name and `isStatic`).
Testing: I locally updated the Response.webidl to contain the new static
`json` and it compiles.
Signed-off-by: Sebastian C <sebsebmc@gmail.com>
Expose a `ServoBuilder` for easily creating Servo instances using
default values. This change enables removing `EmbedderTraits`.
Testing: This is covered by `Servo` unit tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
`::before` and `::after` pseudo-elements can have their own `::marker`
pseudo-element. Since this case wasn't taken into account, they were
being stored in main element's `::marker` `BoxSlot`. This could cause
problems where two layout boxes would try to use the same `BoxSlot`. For
now, just don't store the nested version of the marker. Later, we'll
need to figure out how to store these layout objects without causing too
much memory usage.
Testing: This is covered by `/css/css-lists/nested-marker-styling.html`.
In
addition, we also made a test case that always causes this crash, but
since it
had to create 100000 `<div>`s it's probably not appropriate for a test
suite.
Fixes: #36551
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
These changes add a new report for image cache memory usage for each
script thread.
Testing: Looked at the numbers after browsing various stock photo sites
that show galleries of images.
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Records the memory usage of the HSTS lists in the network thread.
Testing: Verified the presence of the new reports for servo.org.
Fixes: #35059
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
A `Servo` instance can only be constructed once per program execution
and cannot be passed between threads. This change adds a special thread
to run `Servo` unit tests. This will allow creating suites of `WebView`
unit tests.
Testing: This change includes a new test.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
The JS engine uses types like `Handle<Maybe<PropertyDescriptor>>` in
various places and our automated bindings are not able to handle the
Maybe type. We have hand-written bindings that use outparams to indicate
a PropertyDescriptor value is actually the Nothing type, but that data
was getting lost when we passed the property descriptor to
SetPropertyIgnoringNamedGetter, which assumed that the property
descriptor was always valid.
Depends on https://github.com/servo/mozjs/pull/579.
Testing: Manual testing on testcase from
https://github.com/servo/servo/issues/34709, and new crashtest added.
Fixes: #34709
Signed-off-by: Josh Matthews <josh@joshmatthews.net>
Refactor getting an element's container. Previously this is inlined and
only done for `HTMLOptionElement`.
[Try](https://github.com/PotatoCP/servo/actions/runs/14399482275)
Fixes: #24106
Signed-off-by: Kenzie Raditya Tirtarahardja <kenzieradityatirtarahardja.18@gmail.com>
Co-authored-by: Kenzie Raditya Tirtarahardja <kenzieradityatirtarahardja.18@gmail.com>
This data structure is unused.
Testing: No tests as this just removes dead code.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Because there used to be two traits exposing messages to the compositor,
there were two kinds of messages that could be sent:
1. In-process messages from the `Constellation`
2. Cross-process messages from other parts of Servo
Now these two types of messages can be unified into one type.
This is a reland of #36443, which caused regressions due to the fact
that messages to the compositor were no longer triggering the event loop
waker. This version of the PR splits out just the bits that unify the
two APIs, leaving the cleanup of routes in the constellation for another
PR.
Testing: This is covered by existing WPT tests.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
The data_url Mime parser has a more conformant behavior in most cases,
including dealing with charsets.
Testing: wpt expectations with new passes are updated.
Signed-off-by: webbeef <me@webbeef.org>
Add missing "EnforceRange" attribute to interface methods
https://html.spec.whatwg.org/multipage/canvas.html#canvasimagedata
--
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] There are tests for these changes
tests/wpt/tests/html/canvas/element/pixel-manipulation/2d.imageData*
tests/wpt/tests/html/canvas/offscreen/pixel-manipulation/2d.imageData*
Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
We support both the "referrerpolicy" and the "nonce" attribute on script
elements, just not where the spec tells us to do it.
Signed-off-by: Simon Wülker <simon.wuelker@arcor.de>
Follow the implementation of making DOMPoint and DOMPointReadOnly
serializable in PR #35989
Testing: Passed a test previously expected to fail.
Fixes: #36463
---------
Signed-off-by: Kingsley Yung <kingsley@kkoyung.dev>
Several places were using identical logic in order to parse a media
queries or media query lists.
This patch centralizes the logic into 2 new helper methods in MediaList.
Testing: not needed (no behavior change)
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
- We previously converted all mouse move events to touch events, but we
should only be doing that while a mouse button is pressed (a finger
always does touch-down -> move -> up / cancel)
- Only consider Left mouse button for mouse-to-touch. We currently
already hardcode TouchId 0, which we would need to change in order to
properly support Multi-touch. Since we don't have any Multi-touch
gestures at the moment, we leave this unimplemented and simply only
evaluate the left mouse button.
Testing: Manual testing. We don't have servodriver support yet.
Fixes: #36526
Signed-off-by: Jonathan Schwender <schwenderjonathan@gmail.com>
This reverts commit 4c55104b36.
This commit introduced an issue where messages from script to the
compositor no longer woke up the embedder. There is a larger issue
here, but this change exacerbated it.
Fixes#36528.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
<!-- Please describe your changes on the following line: -->
Add transfer support to ReadableStream. Part of
https://github.com/servo/servo/issues/34676
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by
`[X]` when the step is complete, and replace `___` with appropriate
data: -->
- [ ] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix #___ (GitHub issue number if applicable)
<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because ___
<!-- Also, please make sure that "Allow edits from maintainers" checkbox
is checked, so that we can help you if you get stuck somewhere along the
way.-->
<!-- Pull requests that do not address these steps are welcome, but they
will require additional verification as part of the review process. -->
---------
Signed-off-by: gterzian <2792687+gterzian@users.noreply.github.com>
It's typically a given that the min-content size can't exceed the
max-content size. However, it was possible to break that assumption when
an inline formatting context had contents with a negative outer size
(due to margins). This could lead to assert failures.
This patch avoids the problem by flooring the max-content size to not be
smaller than the min-content size. Note there is no interoperability:
https://github.com/w3c/csswg-drafts/issues/12076
Testing: adding new reftest and crashtest
Fixes: #36481
Signed-off-by: Oriol Brufau <obrufau@igalia.com>
`LayoutBoxBase` will soon contain laid out `Fragment`s of a box tree
node in order to facilitate incremental layout and also layout queries.
This is currently missing for inline boxes, so this change adds a
`LayoutBoxBase` to them.
Testing: This should not change any observable behavior, so existing
WPT suites should suffice for testing.
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Oriol Brufau <obrufau@igalia.com>
This was missed in #36355 and should have also been gated by the flag.
With these, the wpt.fyi tests should now no longer pass, as the flag
hasn't been removed yet.
Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com>
Implement enough of the Clipboard API to have a working `writeText`.
Testing: Unfortunately many clipboard-apis tests require testdriver, so
only idlharness ones will pass now.
---------
Signed-off-by: Gae24 <96017547+Gae24@users.noreply.github.com>
libservo: Make zooming and HiDPI scaling work per-`WebView`
This change moves all zooming and HiDPI scaling to work per-`WebView` in
both libservo and Compositor. This means that you can pinch zoom one
`WebView` and it should now work independently of other `WebView`s.
This is accomplished by making each `WebView` in the WebRender scene
have its own scaling reference frame.
All WebViews are now expected to manage their HiDPI scaling factor and
this can be set independently of other WebViews. Perhaps in the future
this will become a Servo-wide setting.
This allows full removal of the `WindowMethods` trait from Servo.
Testing: There are not yet any tests for the WebView API, but I hope
to add those soon.
Co-authored-by: Shubham Gupta <shubham13297@gmail.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Signed-off-by: Martin Robinson <mrobinson@igalia.com>
Co-authored-by: Shubham Gupta <shubham13297@gmail.com>
