The check on the currently active document for an existing favicon has
been removed. It caused an issue during navigation because the active
document will only be updated after the load and the favicon check has
been executed against the old document.
This now defaults to serializing the path with percent decoded segments
(which is what all callers expect), but has an option not to. This fixes
`file://` URLs with spaces in their paths.
The name has been changed to serialize_path() path to make it more clear
that this method will generate a new string each call (except for the
cannot_be_a_base_url() case). A few callers have then been updated to
avoid repeatedly calling this function.
Fixes the issue that XML parser fails when loader passes input that is
prefixed with byte order mark.
Also it generally makes sense to pass text source through encoding
decoder before parsing. Probably we would even want to introduce method
similar to `create_with_uncertain_encoding` in `HTMLParser` but for
`XMLParser` to be make harder unconsciously pass non-UTF8 input to XML
parser.
If a subresource fails to load, we don't care that we got some custom
404 page. The subresource should still be considered failed.
This is an ad-hoc solution that unbreaks Acid2. This code will
eventually be replaced by fetch mechanisms.
This prevents us setting up the document of a removed browsing context
container (BCC, e.g. <iframe>), which will cause a crash if the
document contains a script that inserts another BCC as this will use
the stale browsing context it previously set up, even if it's
reinserted.
Required by Prebid.js, which does this by inserting an `<iframe>` into
a `<div>` in the active document via innerHTML, then transfers it to
the `<html>` element:
7b7389c5ab/src/utils.js (L597)
This is done in the spec by removing all tasks and aborting all fetches
when a document is destroyed:
https://html.spec.whatwg.org/multipage/document-lifecycle.html#destroy-a-document
See the code comments for a simplified example.
We weren't properly creating a `LoadRequest` which resulted in `m_page`
not having a value in certain situations inside
`ResourceLoader::load(LoadRequest&)`
As per Fetch, we are supposed to store cookies from Set-Cookie as soon
as we receive response headers for any HTTP response, even in error
cases.
Required by Twitter to login, as it sets cookies via XHR.
This will make it easier to support both string types at the same time
while we convert code, and tracking down remaining uses.
One big exception is Value::to_string() in LibJS, where the name is
dictated by the ToString AO.
We have a new, improved string type coming up in AK (OOM aware, no null
state), and while it's going to use UTF-8, the name UTF8String is a
mouthful - so let's free up the String name by renaming the existing
class.
Making the old one have an annoying name will hopefully also help with
quick adoption :^)
Previously we labeled redirects as normal FrameLoader::Type::Navigation,
now we introduce a new FrameLoader::Type::Redirect and label redirects
with it. This will allow us to handle redirects in the browser
differently (such as for overwritting the latest history entry when a
redirect happens) :^)
This is the way.
On a more serious note, there's no reason to keep adding ref-counted
classes to LibWeb now that the majority of classes is GC'd - it only
adds the risk of discovering some cycle down the line, and forces us to
use handles as we can't visit().
With the addition of the 'fetch params' struct, the single ownership
model we had so far falls apart completely.
Additionally, this works nicely for FilteredResponse's internal response
instead of risking a dangling reference.
Replacing the public constructor with a create() function also found a
few instances of a Request being stack-allocated!
The HTMLIFrameElement does not create the nested browsing context on
insertion if the document does not have browsing context, which is not
set unless it's the active document.
Previously, in FrameLoader the document was not set as active until
after parsing, which led to iframes without nested browsing contexts,
and crashes.
Fixes#14207
URL had properly named replacements for protocol(), set_protocol() and
create_with_file_protocol() already. This patch removes these function
and updates all call sites to use the functions named according to the
specification.
See https://url.spec.whatwg.org/#concept-url-scheme
This inserts some CSS and JS to make images in Markdown documents which
are wider than the viewport, become shrink-to-fit. Clicking on these
toggles them between shrink-to-fit and full size.
Anyone who displays Markdown documents using LibWeb gets this
functionality for free! That's Browser, Help, and Welcome's README
display.
We don't need to notify the web views that some deeply nested iframe
has started loading a new URL (and we don't want it showing up in the
browser location bar either!)
We now implement the browsing context's "set active document" algorithm
from the spec, as well as the "discard" algorithm for browsing contexts
and documents.
This replaces the previous Web::ImageDecoding::Decoder interface.
While we're doing this, also move the SerenityOS implementation of this
interface from LibWebView to WebContent. That means we no longer have to
link with LibImageDecoderClient in applications that use a web view.
This is a monster patch that turns all EventTargets into GC-allocated
PlatformObjects. Their C++ wrapper classes are removed, and the LibJS
garbage collector is now responsible for their lifetimes.
There's a fair amount of hacks and band-aids in this patch, and we'll
have a lot of cleanup to do after this.
The way we've been creating DOM::Document has been pretty far from what
the spec tells us to do, and this is a first big step towards getting us
closer to spec.
The new Document::create_and_initialize() is called by FrameLoader after
loading a "text/html" resource.
We create the JS Realm and the Window object when creating the Document
(previously, we'd do it on first access to Document::interpreter().)
The realm execution context is owned by the Environment Settings Object.
Each of these strings would previously rely on StringView's char const*
constructor overload, which would call __builtin_strlen on the string.
Since we now have operator ""sv, we can replace these with much simpler
versions. This opens the door to being able to remove
StringView(char const*).
No functional changes.
After this change, LibWeb now expects Web::ImageDecoding::Decoder to be
pre-initialized with a concrete implementation before using the webpage.
The previous implementation, based on the ImageDecoder service, has been
provided directly through an adapter in LibWebClient, and is now used as
the default value by WebContent.
HTML, CSS, JS and text files (among other things) can all legitimately
be empty. Other types may be invalid, but that will be caught when
trying to parse it as a document, so this check can safely be removed.
Block the replacement of the favicon by the default favicon loader
when a favicon that is loaded through a link tag is already active.
This way, the favicon in the link tags will be prioritized against
the default favicons from `/favicon.ico` or the seranity default icon.
BrowsingContext shouldn't be scrolling itself, instead it has to update
the layout (to ensure that we have current document metrics, and then
ask the PageClient nicely to scroll it.
This fixes an issue where BrowsingContext sometimes believed itself to
be scrolled, but OOPWV had a different idea.
We now validate that the provided tag names are valid XML tag names,
and otherwise throw an "invalid character" DOM exception.
2% progression on ACID3. :^)
This necessitated making HTMLParser ref-counted, and having it register
itself with Document when created. That makes it possible for scripts to
add new input at the current parser insertion point.
There is now a reference cycle between Document and HTMLParser. This
cycle is explicitly broken by calling Document::detach_parser() at the
end of HTMLParser::run().
This is a huge progression on ACID3, from 31% to 49%! :^)
According to Fetch, we must send an Accept header with the value
"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
for document, iframe and frame requests.
https://fetch.spec.whatwg.org/#concept-fetch
Required by uber.com.
Since we were previously relying on Document::set_cookie in order to
set cookies received as a 'Set-Cookie' response header, we would ignore
any response header cookies in redirect (status code 3xx) responses.
While this behaviour is not strictly enforced in the specification,
most major browsers do set cookies in redirect responses, and some
sites (e.g. Cookie Clicker) rely on this behaviour.
Since cookies are stored per-site and not per-document, this behaviour
is achieved by simply decoupling the cookie set mechanism from it.
