Closes#16008
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes do not require tests because there are no code changes
Source-Repo: https://github.com/servo/servo
Source-Revision: f873a4aba5beae1f3a7529dee1d23070846a59fc
I don't know what it is for, so I believe it would be better to remove it
entirely until and unless we start using it.
Source-Repo: https://github.com/servo/servo
Source-Revision: 8b60a409c1f5f4dd069a04cc736643682dd4117b
<!-- Please describe your changes on the following line: -->
Implemented [nosniff](https://fetch.spec.whatwg.org/#should-response-to-request-be-blocked-due-to-nosniff?) for [fetch algorithm](https://fetch.spec.whatwg.org).
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14521 (github issue number if applicable).
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 5662af9057557ee3db3b9766b0ef0d3fa11dcbb2
<!-- Please describe your changes on the following line: -->
This PR adds a serializable type `ImmutableOrigin` and a non-serializable type `MutableOrigin`. The immutable type represents an origin with `null` domain, and the mutable type represents an origin with a mutable domain. This separation is needed for implementing setting `document.domain`.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14892.
- [X] These changes do not require tests because it's a refactoring which will enable other features.
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 78e8c31a4d1890260dda83f2db85672f693c1e97
<!-- Please describe your changes on the following line: -->
Avoids mapping response types that are distinct according to [the spec](https://fetch.spec.whatwg.org/#concept-response-type) to fewer response types. Also updates test expectations to match that we now pass tests that check the response type.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14068
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: f1c82be0e61df679db25199ac3e7afc4be5d141f
Implemented response validation part of https://w3c.github.io/webappsec-subresource-integrity/.
Implemented step eighteen of the main fetch. If a request has integrity metadata, then following steps are performed
1) Wait for response body
2) If the response does not have a termination reason and response does not match request’s integrity metadata, set response and internalResponse to a network error.
Dependency updated: html5ever-atoms from 0.1.2 to 0.1.3. This will not completely fix#14523, It will implement changes related to response validation. Request validation algorithm implementation needs CSP.
I did not update any WPT-Test. In my local system, I found some assertion issue dependent on the order of execution of test-case. It would be helpful if someone could do "try" build on these changes to get wpt results.
r? @jdm
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: f958dafcaeed643f1232a23f5c2d4f6ba141bfea
Refactored HSTSList to use HashMap, where the key of HashMap is the base domain. Every time when we check if a host is secure, we find the base domain of the host and get a vector of HSTS entries associated with the base domain.
While this will not give O(1) look up time, we would have a smaller list to iterate for every lookup. I have added one unit test to validate `HashMap` changes.
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14756
<!-- Either: -->
- [X] There are tests for these changes OR
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: b06f4aec67ff93b1d667a5817084b0952e56664e
Implemented step nine of the main fetch. If current URL scheme is 'HTTP' and
current URL's host is domain and if current URL's host matched with Known
HSTS Host Domain Name Matching results in either a superdomain match with
an asserted includeSubDomains directive or a congruent match then we
change request scheme to 'https'. This change has been made in method.rs
A test case to validate this has been added in fetch.rs. For asserting
https scheme, a https localhost was required. For this purpose I have
created a self-signed certificate and refactored fetch-context and
connector.rs to programmatically trust this certificate for running this
test case.
This should fix https://github.com/servo/servo/issues/14363
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14363
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: c7991d596f7453d09c2b2a98eecce72f182a4e24
<!-- Please describe your changes on the following line: -->
Add check for bad ports to http_fetch(), return NetworkError::Internal if bad port/schema combination is seen.
Test added
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#14514 (github issue number if applicable).
<!-- Either: -->
- [x] There are tests for these changes OR
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: de7d73adb0a51627e4aaa568787fe36c22029bd3
<!-- Please describe your changes on the following line: -->
This PR removes the `util` crate.
* Replaced the `spawn_named` and `clamp` functions by appropriate uses of `std:🧵:Builder::spawn`, `std::cmp::min` and `std::cmp::max`.
* Moved `opts`, `prefs` and `resource_files` into a new `config` crate.
* Moved `remutex` and `geometry` into their own crates.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes do not require tests because they are refactorings
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 4eb653817f87e5fb47de34356f558eb76ecbca9f
CookieStorage has been refactored to use HashMap with the base domain as the key. Values of hashmap are vector of cookies.
CookieStorage now has max_per_host which restricts maximum cookies that can be added per base domain.
Cookie eviction does not take place if max_per_host is not reached.
Cookie eviction logic implemented here does following steps
1) Evict all expired cookies
2) Remove oldest accessed non-secure cookie If any
3) When no non-secure cookie exists, remove oldest accessed secure cookie if new cookie being added is secure. Else ignore new cookie
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [ ] These changes fix #__ (github issue number if applicable).
<!-- Either: -->
- [X] There are tests for these changes OR
- [ ] These changes do not require tests because _____
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: b05c27cb58e8d625f4f436b6e9e1f0c29e908f21
<!-- Please describe your changes on the following line: -->
Still needs a bunch of code in net to be converted in order to get more
advantage of this for images and stuff, but meanwhile this should help quite a
bit with #13778.
Still wanted to get this in.
r? @SimonSapin
Source-Repo: https://github.com/servo/servo
Source-Revision: 22aebdf5d41a3509cd6515ccf5edcdf33715a76d
The Fetch standard defines this value as twenty; there is no good reason to
allow changing that at runtime.
Source-Repo: https://github.com/servo/servo
Source-Revision: bcd409cf4af7cdef6527af853f1c27410c8a6781
This pull request contains commit implementing initial steps for Improving Network Security project. As part of initial steps referer policy enums for strict-origin and strict-origin-when-cross-origin have been added to [hyper](https://github.com/hyperium/hyper/pull/943). Unit tests and additional logic has been added to handle these policies. Since enum changes are available on hyper version 0.9.11. We had to update hyper version to 0.9.11.
Hyper 0.9.11 depends on num_cpus 1.1.0. To avoid different version of num_cpus. We have updated rayon version from 0.4.0 to 0.4.3. Cargo.toml of util, style, geckolib, stylo component has been updated to use num_cpus version 1.1.0 instead of 0.2.2.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [ X] `./mach build -d` does not report any errors
- [ X] `./mach test-tidy` does not report any errors
- [ ] These changes fix #__ (github issue number if applicable).
<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
…igin
Referer policy strict-origin and strict-origin-when-cross-origin changes have been implemented. Relevant unit test cases have been added. Enum for RefererPolicy has been added to hyper codebase and v 0.9.11 of hyper contains these changes.
This commit also contains changes related to upgrade of hyper from v0.9.10 to v0.9.11. Other dependencies changed are rayon, utils, num_cpus.
Source-Repo: https://github.com/servo/servo
Source-Revision: dd34b2a3355dc7fa23d118888359d70f8b445db8
In most scenarios, where the user of Servo will not override the default
user agent, the user agent can be a `&'static str`. But since we allow
for customization, we currently use a `String` to represent the user
agent. This commit migrates the user agent to be represented as a
`Cow<'static, str`, which (at the cost of ergonomics) prevents
unnecessary allocations whenever cloning the user agent string in the
scenario the user doesn't override the user agent.
Source-Repo: https://github.com/servo/servo
Source-Revision: 4dcd223e8370816f8d0a424d9e31492aa4755f47
I made this branch months ago and forgot about it. Instead of just throwing the changes away, I rebased off origin/master and opened this pull request. If these changes aren't desired, no feelings hurt, just close this. If they are desired, let me know if there are any changes you want me to make and I'll also need to rewrite/squash the commits.
Source-Repo: https://github.com/servo/servo
Source-Revision: b1d8eff467d3c324e0cc729b06983931000c2680
<!-- Please describe your changes on the following line: -->
This PR stores the FrameId as well as the PipelineId in an html iframe. The iframes are now responsible for creating frame ids, not the constellation.
This is the first step in fixing #633, because it means we know the frame id of each script thread when it is created. It also means we can share the frame id, for example using it in the debugger.
cc @jdm, @ConnorGBrewster and @ejpbruel.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes do not require tests because it's a refactoring.
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: d01a8662154924a551c8d7a2f12b22bcaf998a7c
<!-- Please describe your changes on the following line: -->
The spec removed it. Check the scheme instead, data is always same origin now,
except for workers.
Closes#13362
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#13362 .
<!-- Either: -->
- [ ] There are tests for these changes OR
- [x] These changes do not require tests because they only remove code.
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: e494dedce5e5215d6d0953ab28668825234237dc
