Instead of instantiating a ChildDNSService, we should instantiate the correct
object for the current process, which may very well be the main process.
Differential Revision: https://phabricator.services.mozilla.com/D179093
It's a security risk such that the maximized external program can obscure
the fullscreen notification and the malicious site can use this trick
to load a spoofed page in the background without user notices it.
This patch minimized the risk by always exit the fullscreen mode when
an external protocol is triggered.
Differential Revision: https://phabricator.services.mozilla.com/D177771
It's a security risk such that the maximized external program can obscure
the fullscreen notification and the malicious site can use this trick
to load a spoofed page in the background without user notices it.
This patch minimized the risk by always exit the fullscreen mode when
an external protocol is triggered.
Differential Revision: https://phabricator.services.mozilla.com/D177771
There are some cases that we need to create cookieJarSettings from the
parent document, such as Javascript URL document. We need to inherit the
random key from the parent document to properly propagate the key to the
javascript URL document.
This patch implements the inheritance of the random key and add a test
for it.
Differential Revision: https://phabricator.services.mozilla.com/D177194
Not all parent documents should be referred to. We only want to
defer to the parent document if we are a blob, an about:blank
document, or an about:srcdoc document.
In Fission, cross-origin parent documents have a nullptr here.
So it kind of works without the additional check just by accident.
But without Fission (e.g. on Android) there is a cross-origin
document pointer here, so we need to explicitly say what types
of documents we can defer to the parent.
Differential Revision: https://phabricator.services.mozilla.com/D175544
HasBoxFFI and HasArcFFI aren't great, see bug 1831242 as for examples of
why.
HasArcFFI requires a bit more care, but HasBoxFFI doesn't give us much
benefit. Instead use the same type in the FFI boundary.
Differential Revision: https://phabricator.services.mozilla.com/D177252
This change makes the parent process delay a fullscreen request if there
is a pending fullscreen exit. It also changes the DOMFullscreenParent
actor listener lifecycle. Once it has started handling a fullscreen
request, it will remain a listener to the Document until it receives an
exit event when the manager is out of fullscreen.
Differential Revision: https://phabricator.services.mozilla.com/D175186
This change relaxes the check slightly. Spec requires that the tab is
focused. Our existing check for "active" is additionally requiring the tab
to be non-occluded. Since occlusion updates are asynchronous when the
transition itself is asynchronous, this change allows rapid requests to be
permitted as long as the underlying window and tab state is as expected.
Differential Revision: https://phabricator.services.mozilla.com/D174983
`IMEStateManager` basically runs at focus change. However, when `designMode`
is set to `"off"` or focused editing host becomes non-editable (removing
`contenteditable` attribute or `contenteditable` attribute is set to `false`),
IME may be disabled without a focus change. Therefore, `Document` needs to
notify `IMEStateManager` of the timing.
Additionally, `nsFocusManager` does not change focus when focused element
becomes not focusable (bug 1807597). Therefore, `Document` needs to kick
`focus` or `blur` event handler of `HTMLEditor` when active editing host
becomes not editable.
However, if an ancestor of focused element becomes editable, I think that
`HTMLEditor` does not work well without focus move because it computes
editing host with current editing state in a lot of places, but `Selection`
and `nsFocusManager::GetFocusedElement` keeps working with previous focused
element which is now a editable child of editing host. Therefore, this patch
marks them as `todo` in the new tests.
Differential Revision: https://phabricator.services.mozilla.com/D171196
Replaced the noscript.css stylesheet with a scripting media query
inside of html.css, now that we support it.
Depends on D172995
Differential Revision: https://phabricator.services.mozilla.com/D173086
Implemented the scripting media feature.
Not locked behind a pref as it does not do anything new or particularly
give new data which could be used for fingerprinting (see <noscript>,
etc).
Also added new WPT tests (none previously). Not supported in any other
browsers yet.
Test page: https://goose.icu/media-scripting
Differential Revision: https://phabricator.services.mozilla.com/D172995
