Implemented response validation part of https://w3c.github.io/webappsec-subresource-integrity/.
Implemented step eighteen of the main fetch. If a request has integrity metadata, then following steps are performed
1) Wait for response body
2) If the response does not have a termination reason and response does not match request’s integrity metadata, set response and internalResponse to a network error.
Dependency updated: html5ever-atoms from 0.1.2 to 0.1.3. This will not completely fix#14523, It will implement changes related to response validation. Request validation algorithm implementation needs CSP.
I did not update any WPT-Test. In my local system, I found some assertion issue dependent on the order of execution of test-case. It would be helpful if someone could do "try" build on these changes to get wpt results.
r? @jdm
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: f958dafcaeed643f1232a23f5c2d4f6ba141bfea
Implemented step nine of the main fetch. If current URL scheme is 'HTTP' and
current URL's host is domain and if current URL's host matched with Known
HSTS Host Domain Name Matching results in either a superdomain match with
an asserted includeSubDomains directive or a congruent match then we
change request scheme to 'https'. This change has been made in method.rs
A test case to validate this has been added in fetch.rs. For asserting
https scheme, a https localhost was required. For this purpose I have
created a self-signed certificate and refactored fetch-context and
connector.rs to programmatically trust this certificate for running this
test case.
This should fix https://github.com/servo/servo/issues/14363
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14363
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: c7991d596f7453d09c2b2a98eecce72f182a4e24
<!-- Please describe your changes on the following line: -->
This PR removes the `util` crate.
* Replaced the `spawn_named` and `clamp` functions by appropriate uses of `std:🧵:Builder::spawn`, `std::cmp::min` and `std::cmp::max`.
* Moved `opts`, `prefs` and `resource_files` into a new `config` crate.
* Moved `remutex` and `geometry` into their own crates.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes do not require tests because they are refactorings
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 4eb653817f87e5fb47de34356f558eb76ecbca9f
<!-- Please describe your changes on the following line: -->
Still needs a bunch of code in net to be converted in order to get more
advantage of this for images and stuff, but meanwhile this should help quite a
bit with #13778.
Still wanted to get this in.
r? @SimonSapin
Source-Repo: https://github.com/servo/servo
Source-Revision: 22aebdf5d41a3509cd6515ccf5edcdf33715a76d
<!-- Please describe your changes on the following line: -->
Moved the `pub_domains` module from `net` into `net_traits`, so it can be used by crates which don't depend on `net` (in particular `constellation`, which can use the crate for testing similar-origin).
I also did quite a bit of tidying up, the functions now do no heap allocation, previously there was quite a bit of String allocation going on.
This is the next step to fixing #633. cc @jdm
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] There are tests for these changes (new unit tests)
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 128a61eb9d7a7dbb3ad8bdd9218efcc171229c61
<!-- Please describe your changes on the following line: -->
Add a `mach update-pub-domains` command that update the public domain list used by servo.
Replace the Vec matching with a HashSet which is way quicker.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#11216
<!-- Either: -->
- [X] There are tests for these changes OR
- [ ] These changes do not require tests because _____
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 4dbba2dcabbde11b01a95078ba75742aff3fc44d
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy --faster` does not report any errors
- [x] There are tests for these changes
Changes:
- Add shut down logic for FileManager thread
- Add an unit test for filemanager_thread
Source-Repo: https://github.com/servo/servo
Source-Revision: 0b64586bf5368f6bb200353205459c7ec88f7052
Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data:
- [ ] `./mach build -d` does not report any errors (didn't try to compile past a rustc upgrade on airplane wifi)
- [X] `./mach test-tidy --faster` does not report any errors
- [X] These changes fix#11218 (github issue number if applicable).
Either:
- [ ] There are tests for these changes OR
- [X] These changes do not require tests because we don't have testing infrastructure for profiling.
Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process.
Source-Repo: https://github.com/servo/servo
Source-Revision: 96a86bd952c4c0e41d6164fbd16244ea4420106a
Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data:
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#9965
Either:
- [X] There are tests for these changes OR
- [ ] These changes do not require tests because _____
Add unit tests for the `net` component about cookies. The tests are generated
with a new `mach update-net-cookies` command from this repo: https://github.com/abarth/http-state.
This PR also includes two trivial bug fixes about cookie handling.
From all the tests included, the following ones are currently failing:
- cookie_http_state::test_0003
- cookie_http_state::test_0006
- cookie_http_state::test_attribute0004
- cookie_http_state::test_attribute0005
- cookie_http_state::test_attribute0007
- cookie_http_state::test_attribute0008
- cookie_http_state::test_domain0017
- cookie_http_state::test_mozilla0001
- cookie_http_state::test_mozilla0002
- cookie_http_state::test_mozilla0003
- cookie_http_state::test_mozilla0005
- cookie_http_state::test_mozilla0007
- cookie_http_state::test_mozilla0009
- cookie_http_state::test_mozilla0010
- cookie_http_state::test_mozilla0013
`test_000[36]` and `test_mozilla*` are failing because there is currently no
method to clean a `net::cookie_storage` from expired cookies.
`test_attribute000[4578]` are failing because hyper does not parse the `Secure`
attribute correctly. I will open an issue on the upstream project.
`test_domain0017` fails because the TLD .org is not on the PUB_DOMAINS list.
Source-Repo: https://github.com/servo/servo
Source-Revision: c519739b7bcf408f2f671a89729aa30f39dd67a1
I've been writing tests for creating filtered responses. So far I have three of the four types being made (namely, Basic, CORS, and Opaque), and just need to figure out how to make an OpaqueRedirect filtered response, since it's handled separately from the others. I will also add more tests to ensure the content of the filtered responses matches the limitations placed by the specification.
Along the way I implemented Cors Check, since it's required for the CORS filtered response. @jdm suggested I handle it in here, since it's such a small step, compared to other parts of Fetch.
Since all the tests currently pass, and I've spent a while adding the Cors Check and other pieces, I figured now would be a good time to start having it reviewed.
Source-Repo: https://github.com/servo/servo
Source-Revision: f1018b84a838ec8505f6a0bcb6e13286ce80a95c
As per @jdm's suggestion that I start minimally testing the Fetch protocol to catch any errors, I wrote a very simple test that just calls Fetch and checks that the response isn't a network error. I've made changes as necessary for every failure I encountered, although this doesn't mean the implementation is faultless yet.
As always, I look forward to any feedback for improvements regarding the test itself, the changes to the fetch files I've made, and anything that I missed and should update.
Source-Repo: https://github.com/servo/servo
Source-Revision: 9c713cb4688f1a1729ada64846fac2d8426b1ef4
*The goal of this PR is to get early feedback on this before I go too far down the rabbit hole. This new code path is working, and there's several tests I've written as a proof of concept. There are still some regressions that I'll be fixing in the coming days.*
I've abstracted out the request/response cycle so that it's no longer dependent on the Hyper request/response structs. Since request/response @ hyper are structs, not traits, it made mocking them for tests impossible.
Current issues/concerns:
* This relies on boxing the `HttpResponse` that gets returned from the `HttpRequester` because `HttpResponse` is unsized. I don't know if there's a more idiomatic rust-y way of doing this?
* This relies on boxing the `Read` that is now returned from `load` for the same reason.
* The devtools and resource manager channels are still passed into `load`. It might be easier to inject these as trait dependencies instead of chans as well?
* Needs more tests.
🎩#6727
Source-Repo: https://github.com/servo/servo
Source-Revision: 7dda183022f9bee8b4bdffe8b4cf31e09b885d94
This change makes Servo use serialized messages over IPC channels for resource loading. The goal is to make it easier to make Servo multiprocess in the future. This patch does not make Servo multiprocess now; there are many other channels that need to be changed to IPC before that can happen. It does introduce a dependency on https://github.com/serde-rs/serde and https://github.com/pcwalton/ipc-channel for the first time.
At the moment, `ipc-channel` uses JSON for serialization. This is because serde does not yet have official support for bincode. When serde gains support for bincode, I'll switch to that. For now, however, the JSON encoding and decoding will constitute a significant performance regression in resource loading.
To avoid having to send boxed `AsyncResponseTarget` trait objects across process boundaries, this series of commits changes `AsyncResponseTarget` to wrap a sender only. It is then the client's responsibility to spawn a thread to proxy calls from that sender to the consumer of the resource data. This only had to be done in a few places. In the future, we may want to collapse those threads into one per process to reduce overhead. (It is impossible to continue to use `AsyncResponseTarget` as a boxed trait object across processes, regardless of how much work is done on `ipc-channel`. Vtables are fundamentally incompatible with IPC across mutually untrusting processes.)
In general, I was pretty pleased with how this turned out. The main changes are adding serialization functionality to various objects that `serde` does not know how to serialize natively—the most complicated being Hyper objects—and reworking `AsyncResponseTarget`. The overall structure of the code is unchanged, and other than `AsyncResponseTarget` no functionality was lost in moving to serialization and IPC.
r? @jdm
Source-Repo: https://github.com/servo/servo
Source-Revision: 2eb122f394651232abd683fc576a5c4288bf277f
Implement HSTS (preload-only) servo/servo#6105
* Downloads the HSTS preload list from the chromium repo (same as gecko), then convert it to a list appropriate for servo.
* Reads the preload list when creating a resource task, and implements STS for those domains.
Still todo:
* Read Strict-Transport-Security headers from servers and add details to the in-memory HSTS list. (note: this requires hyper or servo to implement an STS header struct. Hyper seems like the appropriate location, so I will create an issue/PR there soon). The work for this is nearly done with the exception of adding a new ControlMsg and the new header.
* Persist HSTS list to disk with known hosts (perhaps a different issue should be raised for this?)
Source-Repo: https://github.com/servo/servo
Source-Revision: ab3d6c472d409c1602c873dcdcb495a7fec9d4b0
A rebuild after touching components/profile/mem.rs now takes 48 seconds (and
only rebuilds `profile` and `servo`) which is much lower than it used to be.
In comparison, a rebuild after touching components/profile_traits/mem.rs takes
294 seconds and rebuilds many more crates.
This change also removes some unnecessary crate dependencies in `net` and
`net_traits`.
Source-Repo: https://github.com/servo/servo
Source-Revision: 77f653da2c4120ea7ac1a946d97fc70059d513d4
* Simpler image cache API for clients to use.
* Significantly fewer threads.
* One thread for image cache task (multiplexes commands, decoder threads and async resource requests).
* 4 threads for decoder worker tasks.
* Removed ReflowEvent hacks in script and layout tasks.
* Image elements pass a Trusted<T> to image cache, which is used to dirty nodes via script task. Previous use of Untrusted addresses was unsafe.
* Image requests such as background-image on layout / paint threads trigger repaint only rather than full reflow.
* Add reflow batching for when multiple images load quickly.
* Reduces the number of paints loading wikipedia from ~95 to ~35.
* Reasonably simple to add proper prefetch support in a follow up PR.
* Async loaded images always construct Image fragments now, instead of generic.
* Image fragments support the image not being present.
* Simpler implementation of synchronous image loading for reftests.
* Removed image holder.
* image.onload support.
* image NaturalWidth and NaturalHeight support.
* Updated WPT expectations.
Source-Repo: https://github.com/servo/servo
Source-Revision: ac0645c2363b5a6ea3930b0857b3a27f1b6d033f
Closes#5707. (Includes a rebase of it.)
Fixes#5688.
r? @mbrubeck
Source-Repo: https://github.com/servo/servo
Source-Revision: f795440ee3be976d9819b011d4add7ceee3ade1e
