Navigable.cpp 94 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919
  1. /*
  2. * Copyright (c) 2022, Andreas Kling <kling@serenityos.org>
  3. * Copyright (c) 2023, Aliaksandr Kalenik <kalenik.aliaksandr@gmail.com>
  4. *
  5. * SPDX-License-Identifier: BSD-2-Clause
  6. */
  7. #include <LibWeb/Crypto/Crypto.h>
  8. #include <LibWeb/DOM/Document.h>
  9. #include <LibWeb/DOM/DocumentLoading.h>
  10. #include <LibWeb/Fetch/Fetching/Fetching.h>
  11. #include <LibWeb/Fetch/Infrastructure/FetchAlgorithms.h>
  12. #include <LibWeb/Fetch/Infrastructure/FetchController.h>
  13. #include <LibWeb/Fetch/Infrastructure/URL.h>
  14. #include <LibWeb/HTML/BrowsingContext.h>
  15. #include <LibWeb/HTML/DocumentState.h>
  16. #include <LibWeb/HTML/HTMLIFrameElement.h>
  17. #include <LibWeb/HTML/HistoryHandlingBehavior.h>
  18. #include <LibWeb/HTML/Navigable.h>
  19. #include <LibWeb/HTML/Navigation.h>
  20. #include <LibWeb/HTML/NavigationParams.h>
  21. #include <LibWeb/HTML/POSTResource.h>
  22. #include <LibWeb/HTML/SandboxingFlagSet.h>
  23. #include <LibWeb/HTML/Scripting/ClassicScript.h>
  24. #include <LibWeb/HTML/SessionHistoryEntry.h>
  25. #include <LibWeb/HTML/StructuredSerialize.h>
  26. #include <LibWeb/HTML/TraversableNavigable.h>
  27. #include <LibWeb/Infra/Strings.h>
  28. #include <LibWeb/Layout/Node.h>
  29. #include <LibWeb/Page/Page.h>
  30. #include <LibWeb/Platform/EventLoopPlugin.h>
  31. #include <LibWeb/XHR/FormData.h>
  32. namespace Web::HTML {
  33. class ResponseHolder : public JS::Cell {
  34. JS_CELL(ResponseHolder, JS::Cell);
  35. public:
  36. [[nodiscard]] static JS::NonnullGCPtr<ResponseHolder> create(JS::VM& vm)
  37. {
  38. return vm.heap().allocate_without_realm<ResponseHolder>();
  39. }
  40. [[nodiscard]] JS::GCPtr<Fetch::Infrastructure::Response> response() const { return m_response; }
  41. void set_response(JS::GCPtr<Fetch::Infrastructure::Response> response) { m_response = response; }
  42. virtual void visit_edges(Cell::Visitor& visitor) override
  43. {
  44. visitor.visit(m_response);
  45. }
  46. private:
  47. JS::GCPtr<Fetch::Infrastructure::Response> m_response;
  48. };
  49. HashTable<Navigable*>& all_navigables()
  50. {
  51. static HashTable<Navigable*> set;
  52. return set;
  53. }
  54. // https://html.spec.whatwg.org/multipage/document-sequences.html#child-navigable
  55. Vector<JS::Handle<Navigable>> Navigable::child_navigables() const
  56. {
  57. Vector<JS::Handle<Navigable>> results;
  58. for (auto& entry : all_navigables()) {
  59. if (entry->current_session_history_entry()->step == SessionHistoryEntry::Pending::Tag)
  60. continue;
  61. if (entry->parent() == this)
  62. results.append(entry);
  63. }
  64. return results;
  65. }
  66. bool Navigable::is_traversable() const
  67. {
  68. return is<TraversableNavigable>(*this);
  69. }
  70. Navigable::Navigable()
  71. {
  72. all_navigables().set(this);
  73. }
  74. Navigable::~Navigable()
  75. {
  76. all_navigables().remove(this);
  77. }
  78. void Navigable::visit_edges(Cell::Visitor& visitor)
  79. {
  80. Base::visit_edges(visitor);
  81. visitor.visit(m_parent);
  82. visitor.visit(m_current_session_history_entry);
  83. visitor.visit(m_active_session_history_entry);
  84. visitor.visit(m_container);
  85. }
  86. void Navigable::set_delaying_load_events(bool value)
  87. {
  88. if (value) {
  89. auto document = container_document();
  90. VERIFY(document);
  91. m_delaying_the_load_event.emplace(*document);
  92. } else {
  93. m_delaying_the_load_event.clear();
  94. }
  95. }
  96. JS::GCPtr<Navigable> Navigable::navigable_with_active_document(JS::NonnullGCPtr<DOM::Document> document)
  97. {
  98. for (auto* navigable : all_navigables()) {
  99. if (navigable->active_document() == document)
  100. return navigable;
  101. }
  102. return nullptr;
  103. }
  104. // https://html.spec.whatwg.org/multipage/document-sequences.html#initialize-the-navigable
  105. ErrorOr<void> Navigable::initialize_navigable(JS::NonnullGCPtr<DocumentState> document_state, JS::GCPtr<Navigable> parent)
  106. {
  107. static int next_id = 0;
  108. m_id = TRY(String::number(next_id++));
  109. // 1. Let entry be a new session history entry, with
  110. JS::NonnullGCPtr<SessionHistoryEntry> entry = *heap().allocate_without_realm<SessionHistoryEntry>();
  111. // URL: document's URL
  112. entry->url = document_state->document()->url();
  113. // document state: documentState
  114. entry->document_state = document_state;
  115. // 2. Set navigable's current session history entry to entry.
  116. m_current_session_history_entry = entry;
  117. // 3. Set navigable's active session history entry to entry.
  118. m_active_session_history_entry = entry;
  119. // 4. Set navigable's parent to parent.
  120. m_parent = parent;
  121. return {};
  122. }
  123. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#getting-the-target-history-entry
  124. JS::GCPtr<SessionHistoryEntry> Navigable::get_the_target_history_entry(int target_step) const
  125. {
  126. // 1. Let entries be the result of getting session history entries for navigable.
  127. auto& entries = get_session_history_entries();
  128. // 2. Return the item in entries that has the greatest step less than or equal to step.
  129. JS::GCPtr<SessionHistoryEntry> result = nullptr;
  130. for (auto& entry : entries) {
  131. auto entry_step = entry->step.get<int>();
  132. if (entry_step <= target_step) {
  133. if (!result || result->step.get<int>() < entry_step) {
  134. result = entry;
  135. }
  136. }
  137. }
  138. return result;
  139. }
  140. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#activate-history-entry
  141. void Navigable::activate_history_entry(JS::GCPtr<SessionHistoryEntry> entry)
  142. {
  143. // FIXME: 1. Save persisted state to the navigable's active session history entry.
  144. // 2. Let newDocument be entry's document.
  145. JS::GCPtr<DOM::Document> new_document = entry->document_state->document().ptr();
  146. // 3. Assert: newDocument's is initial about:blank is false, i.e., we never traverse
  147. // back to the initial about:blank Document because it always gets replaced when we
  148. // navigate away from it.
  149. VERIFY(!new_document->is_initial_about_blank());
  150. // 4. Set navigable's active session history entry to entry.
  151. m_active_session_history_entry = entry;
  152. // 5. Make active newDocument.
  153. new_document->make_active();
  154. // Not in the spec:
  155. VERIFY(active_browsing_context());
  156. VERIFY(active_browsing_context()->page());
  157. active_browsing_context()->page()->client().page_did_create_new_document(*new_document);
  158. }
  159. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-document
  160. JS::GCPtr<DOM::Document> Navigable::active_document()
  161. {
  162. // A navigable's active document is its active session history entry's document.
  163. return m_active_session_history_entry->document_state->document();
  164. }
  165. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-bc
  166. JS::GCPtr<BrowsingContext> Navigable::active_browsing_context()
  167. {
  168. // A navigable's active browsing context is its active document's browsing context.
  169. // If this navigable is a traversable navigable, then its active browsing context will be a top-level browsing context.
  170. if (auto document = active_document())
  171. return document->browsing_context();
  172. return nullptr;
  173. }
  174. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-wp
  175. JS::GCPtr<HTML::WindowProxy> Navigable::active_window_proxy()
  176. {
  177. // A navigable's active WindowProxy is its active browsing context's associated WindowProxy.
  178. if (auto browsing_context = active_browsing_context())
  179. return browsing_context->window_proxy();
  180. return nullptr;
  181. }
  182. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-window
  183. JS::GCPtr<HTML::Window> Navigable::active_window()
  184. {
  185. // A navigable's active window is its active WindowProxy's [[Window]].
  186. if (auto window_proxy = active_window_proxy())
  187. return window_proxy->window();
  188. return nullptr;
  189. }
  190. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-target
  191. String Navigable::target_name() const
  192. {
  193. // A navigable's target name is its active session history entry's document state's navigable target name.
  194. return active_session_history_entry()->document_state->navigable_target_name();
  195. }
  196. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-container
  197. JS::GCPtr<NavigableContainer> Navigable::container() const
  198. {
  199. // The container of a navigable navigable is the navigable container whose nested navigable is navigable, or null if there is no such element.
  200. return NavigableContainer::navigable_container_with_content_navigable(const_cast<Navigable&>(*this));
  201. }
  202. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-container-document
  203. JS::GCPtr<DOM::Document> Navigable::container_document() const
  204. {
  205. auto container = this->container();
  206. // 1. If navigable's container is null, then return null.
  207. if (!container)
  208. return nullptr;
  209. // 2. Return navigable's container's node document.
  210. return container->document();
  211. }
  212. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-traversable
  213. JS::GCPtr<TraversableNavigable> Navigable::traversable_navigable() const
  214. {
  215. // 1. Let navigable be inputNavigable.
  216. auto navigable = const_cast<Navigable*>(this);
  217. // 2. While navigable is not a traversable navigable, set navigable to navigable's parent.
  218. while (navigable && !is<TraversableNavigable>(*navigable))
  219. navigable = navigable->parent();
  220. // 3. Return navigable.
  221. return static_cast<TraversableNavigable*>(navigable);
  222. }
  223. // https://html.spec.whatwg.org/multipage/document-sequences.html#nav-top
  224. JS::GCPtr<TraversableNavigable> Navigable::top_level_traversable()
  225. {
  226. // 1. Let navigable be inputNavigable.
  227. auto navigable = this;
  228. // 2. While navigable's parent is not null, set navigable to navigable's parent.
  229. while (navigable->parent())
  230. navigable = navigable->parent();
  231. // 3. Return navigable.
  232. return verify_cast<TraversableNavigable>(navigable);
  233. }
  234. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#set-the-ongoing-navigation
  235. void Navigable::set_ongoing_navigation(Variant<Empty, Traversal, String> ongoing_navigation)
  236. {
  237. // 1. If navigable's ongoing navigation is equal to newValue, then return.
  238. if (m_ongoing_navigation == ongoing_navigation)
  239. return;
  240. // 2. Inform the navigation API about aborting navigation given navigable.
  241. inform_the_navigation_api_about_aborting_navigation();
  242. // 3. Set navigable's ongoing navigation to newValue.
  243. m_ongoing_navigation = ongoing_navigation;
  244. }
  245. Navigable::ChosenNavigable Navigable::choose_a_navigable(StringView name, TokenizedFeature::NoOpener, ActivateTab)
  246. {
  247. // 1. Let chosen be null.
  248. JS::GCPtr<Navigable> chosen = nullptr;
  249. // 2. Let windowType be "existing or none".
  250. auto window_type = WindowType::ExistingOrNone;
  251. // 3. Let sandboxingFlagSet be current's active document's active sandboxing flag set.
  252. [[maybe_unused]] auto sandboxing_flag_set = active_document()->active_sandboxing_flag_set();
  253. // 4. If name is the empty string or an ASCII case-insensitive match for "_self", then set chosen to currentNavigable.
  254. if (name.is_empty() || Infra::is_ascii_case_insensitive_match(name, "_self"sv)) {
  255. chosen = this;
  256. }
  257. // 5. Otherwise, if name is an ASCII case-insensitive match for "_parent",
  258. // set chosen to currentNavigable's parent, if any, and currentNavigable otherwise.
  259. else if (Infra::is_ascii_case_insensitive_match(name, "_parent"sv)) {
  260. if (auto parent = this->parent())
  261. chosen = parent;
  262. else
  263. chosen = this;
  264. }
  265. // 6. Otherwise, if name is an ASCII case-insensitive match for "_top",
  266. // set chosen to currentNavigable's traversable navigable.
  267. else if (Infra::is_ascii_case_insensitive_match(name, "_top"sv)) {
  268. chosen = traversable_navigable();
  269. }
  270. // 7. Otherwise, if name is not an ASCII case-insensitive match for "_blank",
  271. // there exists a navigable whose target name is the same as name, currentNavigable's
  272. // active browsing context is familiar with that navigable's active browsing context,
  273. // and the user agent determines that the two browsing contexts are related enough that
  274. // it is ok if they reach each other, set chosen to that navigable. If there are multiple
  275. // matching navigables, the user agent should pick one in some arbitrary consistent manner,
  276. // such as the most recently opened, most recently focused, or more closely related, and set
  277. // chosen to it.
  278. else if (!Infra::is_ascii_case_insensitive_match(name, "_blank"sv)) {
  279. TODO();
  280. }
  281. // Otherwise, a new top-level traversable is being requested, and what happens depends on the
  282. // user agent's configuration and abilities — it is determined by the rules given for the first
  283. // applicable option from the following list:
  284. else {
  285. TODO();
  286. }
  287. return { chosen.ptr(), window_type };
  288. }
  289. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#getting-session-history-entries
  290. Vector<JS::NonnullGCPtr<SessionHistoryEntry>>& Navigable::get_session_history_entries() const
  291. {
  292. // 1. Let traversable be navigable's traversable navigable.
  293. auto traversable = traversable_navigable();
  294. // FIXME 2. Assert: this is running within traversable's session history traversal queue.
  295. // 3. If navigable is traversable, return traversable's session history entries.
  296. if (this == traversable)
  297. return traversable->session_history_entries();
  298. // 4. Let docStates be an empty ordered set of document states.
  299. Vector<JS::GCPtr<DocumentState>> doc_states;
  300. // 5. For each entry of traversable's session history entries, append entry's document state to docStates.
  301. for (auto& entry : traversable->session_history_entries())
  302. doc_states.append(entry->document_state);
  303. // 6. For each docState of docStates:
  304. while (!doc_states.is_empty()) {
  305. auto doc_state = doc_states.take_first();
  306. // 1. For each nestedHistory of docState's nested histories:
  307. for (auto& nested_history : doc_state->nested_histories()) {
  308. // 1. If nestedHistory's id equals navigable's id, return nestedHistory's entries.
  309. if (nested_history.id == id())
  310. return nested_history.entries;
  311. // 2. For each entry of nestedHistory's entries, append entry's document state to docStates.
  312. for (auto& entry : nested_history.entries)
  313. doc_states.append(entry->document_state);
  314. }
  315. }
  316. VERIFY_NOT_REACHED();
  317. }
  318. // https://html.spec.whatwg.org/multipage/browsers.html#determining-navigation-params-policy-container
  319. static PolicyContainer determine_navigation_params_policy_container(AK::URL const& response_url,
  320. Optional<PolicyContainer> history_policy_container,
  321. Optional<PolicyContainer> initiator_policy_container,
  322. Optional<PolicyContainer> parent_policy_container,
  323. Optional<PolicyContainer> response_policy_container)
  324. {
  325. // NOTE: The clone a policy container AO is just a C++ copy
  326. // 1. If historyPolicyContainer is not null, then:
  327. if (history_policy_container.has_value()) {
  328. // FIXME: 1. Assert: responseURL requires storing the policy container in history.
  329. // 2. Return a clone of historyPolicyContainer.
  330. return *history_policy_container;
  331. }
  332. // 2. If responseURL is about:srcdoc, then:
  333. if (response_url == "about:srcdoc"sv) {
  334. // 1. Assert: parentPolicyContainer is not null.
  335. VERIFY(parent_policy_container.has_value());
  336. // 2. Return a clone of parentPolicyContainer.
  337. return *parent_policy_container;
  338. }
  339. // 3. If responseURL is local and initiatorPolicyContainer is not null, then return a clone of initiatorPolicyContainer.
  340. if (Fetch::Infrastructure::is_local_url(response_url) && initiator_policy_container.has_value())
  341. return *initiator_policy_container;
  342. // 4. If responsePolicyContainer is not null, then return responsePolicyContainer.
  343. // FIXME: File a spec issue to say "a clone of" here for consistency
  344. if (response_policy_container.has_value())
  345. return *response_policy_container;
  346. // 5. Return a new policy container.
  347. return {};
  348. }
  349. // https://html.spec.whatwg.org/multipage/browsers.html#obtain-coop
  350. static CrossOriginOpenerPolicy obtain_a_cross_origin_opener_policy(JS::NonnullGCPtr<Fetch::Infrastructure::Response>, Fetch::Infrastructure::Request::ReservedClientType const& reserved_client)
  351. {
  352. // 1. Let policy be a new cross-origin opener policy.
  353. CrossOriginOpenerPolicy policy = {};
  354. // AD-HOC: We don't yet setup environments in all cases
  355. if (reserved_client.has<Empty>())
  356. return policy;
  357. auto& reserved_environment = reserved_client.visit(
  358. [](Empty const&) -> Environment& { VERIFY_NOT_REACHED(); },
  359. [](Environment* env) -> Environment& { return *env; },
  360. [](JS::GCPtr<EnvironmentSettingsObject> eso) -> Environment& { return *eso; });
  361. // 2. If reservedEnvironment is a non-secure context, then return policy.
  362. if (is_non_secure_context(reserved_environment))
  363. return policy;
  364. // FIXME: We don't yet have the technology to extract structured data from Fetch headers
  365. // FIXME: 3. Let parsedItem be the result of getting a structured field value given `Cross-Origin-Opener-Policy` and "item" from response's header list.
  366. // FIXME: 4. If parsedItem is not null, then:
  367. // FIXME: nested steps...
  368. // FIXME: 5. Set parsedItem to the result of getting a structured field value given `Cross-Origin-Opener-Policy-Report-Only` and "item" from response's header list.
  369. // FIXME: 6. If parsedItem is not null, then:
  370. // FIXME: nested steps...
  371. // 7. Return policy.
  372. return policy;
  373. }
  374. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#attempt-to-create-a-non-fetch-scheme-document
  375. static JS::GCPtr<DOM::Document> attempt_to_create_a_non_fetch_scheme_document(NonFetchSchemeNavigationParams const& params)
  376. {
  377. // FIXME: Implement this algorithm to hand off to external software or display inline content
  378. dbgln("(FIXME) Don't know how to navigate to {}", params.url);
  379. return nullptr;
  380. }
  381. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#create-navigation-params-from-a-srcdoc-resource
  382. static WebIDL::ExceptionOr<NavigationParams> create_navigation_params_from_a_srcdoc_resource(JS::GCPtr<SessionHistoryEntry> entry, JS::GCPtr<Navigable> navigable, TargetSnapshotParams const& target_snapshot_params, Optional<String> navigation_id)
  383. {
  384. auto& vm = navigable->vm();
  385. auto& realm = navigable->active_window()->realm();
  386. // 1. Let documentResource be entry's document state's resource.
  387. auto document_resource = entry->document_state->resource();
  388. VERIFY(document_resource.has<String>());
  389. // 2. Let response be a new response with
  390. // URL: about:srcdoc
  391. // header list: (`Content-Type`, `text/html`)
  392. // body: the UTF-8 encoding of documentResource, as a body
  393. auto response = Fetch::Infrastructure::Response::create(vm);
  394. response->url_list().append(AK::URL("about:srcdoc"));
  395. auto header = TRY_OR_THROW_OOM(vm, Fetch::Infrastructure::Header::from_string_pair("Content-Type"sv, "text/html"sv));
  396. TRY_OR_THROW_OOM(vm, response->header_list()->append(move(header)));
  397. response->set_body(TRY(Fetch::Infrastructure::byte_sequence_as_body(realm, document_resource.get<String>().bytes())));
  398. // 3. Let responseOrigin be the result of determining the origin given response's URL, targetSnapshotParams's sandboxing flags, and entry's document state's origin.
  399. auto response_origin = determine_the_origin(*response->url(), target_snapshot_params.sandboxing_flags, entry->document_state->origin());
  400. // 4. Let coop be a new cross-origin opener policy.
  401. CrossOriginOpenerPolicy coop = {};
  402. // 5. Let coopEnforcementResult be a new cross-origin opener policy enforcement result with
  403. // url: response's URL
  404. // origin: responseOrigin
  405. // cross-origin opener policy: coop
  406. CrossOriginOpenerPolicyEnforcementResult coop_enforcement_result {
  407. .url = *response->url(),
  408. .origin = response_origin,
  409. .cross_origin_opener_policy = coop
  410. };
  411. // 6. Let policyContainer be the result of determining navigation params policy container given response's URL,
  412. // entry's document state's history policy container, null, navigable's container document's policy container, and null.
  413. Optional<PolicyContainer> history_policy_container = entry->document_state->history_policy_container().visit(
  414. [](PolicyContainer const& c) -> Optional<PolicyContainer> { return c; },
  415. [](DocumentState::Client) -> Optional<PolicyContainer> { return {}; });
  416. auto policy_container = determine_navigation_params_policy_container(*response->url(), history_policy_container, {}, navigable->container_document()->policy_container(), {});
  417. // 7. Return a new navigation params, with
  418. // id: navigationId
  419. // navigable: navigable
  420. // request: null
  421. // response: response
  422. // fetch controller: null
  423. // commit early hints: null
  424. // COOP enforcement result: coopEnforcementResult
  425. // reserved environment: null
  426. // origin: responseOrigin
  427. // policy container: policyContainer
  428. // final sandboxing flag set: targetSnapshotParams's sandboxing flags
  429. // cross-origin opener policy: coop
  430. // FIXME: navigation timing type: navTimingType
  431. // about base URL: entry's document state's about base URL
  432. return NavigationParams {
  433. .id = move(navigation_id),
  434. .navigable = navigable,
  435. .request = nullptr,
  436. .response = *response,
  437. .fetch_controller = nullptr,
  438. .commit_early_hints = nullptr,
  439. .coop_enforcement_result = move(coop_enforcement_result),
  440. .reserved_environment = {},
  441. .origin = move(response_origin),
  442. .policy_container = policy_container,
  443. .final_sandboxing_flag_set = target_snapshot_params.sandboxing_flags,
  444. .cross_origin_opener_policy = move(coop),
  445. .about_base_url = entry->document_state->about_base_url(),
  446. };
  447. }
  448. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#create-navigation-params-by-fetching
  449. static WebIDL::ExceptionOr<Variant<Empty, NavigationParams, NonFetchSchemeNavigationParams>> create_navigation_params_by_fetching(JS::GCPtr<SessionHistoryEntry> entry, JS::GCPtr<Navigable> navigable, SourceSnapshotParams const& source_snapshot_params, TargetSnapshotParams const& target_snapshot_params, CSPNavigationType csp_navigation_type, Optional<String> navigation_id)
  450. {
  451. auto& vm = navigable->vm();
  452. auto& realm = navigable->active_window()->realm();
  453. auto& active_document = *navigable->active_document();
  454. (void)csp_navigation_type;
  455. // FIXME: 1. Assert: this is running in parallel.
  456. // 2. Let documentResource be entry's document state's resource.
  457. auto document_resource = entry->document_state->resource();
  458. // 3. Let request be a new request, with
  459. // url: entry's URL
  460. // client: sourceSnapshotParams's fetch client
  461. // destination: "document"
  462. // credentials mode: "include"
  463. // use-URL-credentials flag: set
  464. // redirect mode: "manual"
  465. // replaces client id: navigable's active document's relevant settings object's id
  466. // mode: "navigate"
  467. // referrer: entry's document state's request referrer
  468. // referrer policy: entry's document state's request referrer policy
  469. auto request = Fetch::Infrastructure::Request::create(vm);
  470. request->set_url(entry->url);
  471. request->set_client(source_snapshot_params.fetch_client);
  472. request->set_destination(Fetch::Infrastructure::Request::Destination::Document);
  473. request->set_credentials_mode(Fetch::Infrastructure::Request::CredentialsMode::Include);
  474. request->set_use_url_credentials(true);
  475. request->set_redirect_mode(Fetch::Infrastructure::Request::RedirectMode::Manual);
  476. auto replaces_client_id = TRY_OR_THROW_OOM(vm, String::from_deprecated_string(active_document.relevant_settings_object().id));
  477. request->set_replaces_client_id(replaces_client_id);
  478. request->set_mode(Fetch::Infrastructure::Request::Mode::Navigate);
  479. request->set_referrer(entry->document_state->request_referrer());
  480. // 4. If documentResource is a POST resource, then:
  481. if (document_resource.has<POSTResource>()) {
  482. // 1. Set request's method to `POST`.
  483. request->set_method(TRY_OR_THROW_OOM(vm, ByteBuffer::copy("post"sv.bytes())));
  484. // 2. Set request's body to documentResource's request body.
  485. request->set_body(document_resource.get<POSTResource>().request_body.value());
  486. // 3. Set `Content-Type` to documentResource's request content-type in request's header list.
  487. auto request_content_type = document_resource.get<POSTResource>().request_content_type;
  488. auto request_content_type_string = [request_content_type]() {
  489. switch (request_content_type) {
  490. case POSTResource::RequestContentType::ApplicationXWWWFormUrlencoded:
  491. return "application/x-www-form-urlencoded"sv;
  492. case POSTResource::RequestContentType::MultipartFormData:
  493. return "multipart/form-data"sv;
  494. case POSTResource::RequestContentType::TextPlain:
  495. return "text/plain"sv;
  496. default:
  497. VERIFY_NOT_REACHED();
  498. }
  499. }();
  500. auto header = TRY_OR_THROW_OOM(vm, Fetch::Infrastructure::Header::from_string_pair("Content-Type"sv, request_content_type_string));
  501. TRY_OR_THROW_OOM(vm, request->header_list()->append(move(header)));
  502. }
  503. // 5. If entry's document state's reload pending is true, then set request's reload-navigation flag.
  504. if (entry->document_state->reload_pending())
  505. request->set_reload_navigation(true);
  506. // 6. Otherwise, if entry's document state's ever populated is true, then set request's history-navigation flag.
  507. if (entry->document_state->ever_populated())
  508. request->set_history_navigation(true);
  509. // 7. If sourceSnapshotParams's has transient activation is true, then set request's user-activation to true.
  510. if (source_snapshot_params.has_transient_activation)
  511. request->set_user_activation(true);
  512. // 8. If navigable's container is non-null:
  513. if (navigable->container() != nullptr) {
  514. // 1. If the navigable's container has a browsing context scope origin, then set request's origin to that browsing context scope origin.
  515. // FIXME: From "browsing context scope origin": This definition is broken and needs investigation to see what it was intended to express: see issue #4703.
  516. // The referenced issue suggests that it is a no-op to retrieve the browsing context scope origin.
  517. // 2. Set request's destination to navigable's container's local name.
  518. // FIXME: Are there other container types? If so, we need a helper here
  519. Web::Fetch::Infrastructure::Request::Destination destination = is<HTMLIFrameElement>(*navigable->container()) ? Web::Fetch::Infrastructure::Request::Destination::IFrame
  520. : Web::Fetch::Infrastructure::Request::Destination::Object;
  521. request->set_destination(destination);
  522. // 3. If sourceSnapshotParams's fetch client is navigable's container document's relevant settings object,
  523. // then set request's initiator type to navigable's container's local name.
  524. // NOTE: This ensure that only container-initiated navigations are reported to resource timing.
  525. if (source_snapshot_params.fetch_client == &navigable->container_document()->relevant_settings_object()) {
  526. // FIXME: Are there other container types? If so, we need a helper here
  527. Web::Fetch::Infrastructure::Request::InitiatorType initiator_type = is<HTMLIFrameElement>(*navigable->container()) ? Web::Fetch::Infrastructure::Request::InitiatorType::IFrame
  528. : Web::Fetch::Infrastructure::Request::InitiatorType::Object;
  529. request->set_initiator_type(initiator_type);
  530. }
  531. }
  532. // 9. Let response be null.
  533. // NOTE: We use a heap-allocated cell to hold the response pointer because the processResponse callback below
  534. // might use it after this stack is freed.
  535. auto response_holder = ResponseHolder::create(vm);
  536. // 10. Let responseOrigin be null.
  537. Optional<HTML::Origin> response_origin;
  538. // 11. Let fetchController be null.
  539. JS::GCPtr<Fetch::Infrastructure::FetchController> fetch_controller = nullptr;
  540. // 12. Let coopEnforcementResult be a new cross-origin opener policy enforcement result, with
  541. // - url: navigable's active document's URL
  542. // - origin: navigable's active document's origin
  543. // - cross-origin opener policy: navigable's active document's cross-origin opener policy
  544. // - current context is navigation source: true if navigable's active document's origin is same origin with
  545. // entry's document state's initiator origin otherwise false
  546. CrossOriginOpenerPolicyEnforcementResult coop_enforcement_result = {
  547. .url = active_document.url(),
  548. .origin = active_document.origin(),
  549. .cross_origin_opener_policy = active_document.cross_origin_opener_policy(),
  550. .current_context_is_navigation_source = entry->document_state->initiator_origin().has_value() && active_document.origin().is_same_origin(*entry->document_state->initiator_origin())
  551. };
  552. // 13. Let finalSandboxFlags be an empty sandboxing flag set.
  553. SandboxingFlagSet final_sandbox_flags = {};
  554. // 14. Let responsePolicyContainer be null.
  555. Optional<PolicyContainer> response_policy_container = {};
  556. // 15. Let responseCOOP be a new cross-origin opener policy.
  557. CrossOriginOpenerPolicy response_coop = {};
  558. // 16. Let locationURL be null.
  559. ErrorOr<Optional<AK::URL>> location_url { OptionalNone {} };
  560. // 17. Let currentURL be request's current URL.
  561. AK::URL current_url = request->current_url();
  562. // 18. Let commitEarlyHints be null.
  563. Function<void(DOM::Document&)> commit_early_hints = nullptr;
  564. // 19. While true:
  565. while (true) {
  566. // FIXME: 1. If request's reserved client is not null and currentURL's origin is not the same as request's reserved client's creation URL's origin, then:
  567. // FIXME: 2. If request's reserved client is null, then:
  568. // FIXME: 3. If the result of should navigation request of type be blocked by Content Security Policy? given request and cspNavigationType is "Blocked", then set response to a network error and break. [CSP]
  569. // 4. Set response to null.
  570. response_holder->set_response(nullptr);
  571. // 5. If fetchController is null, then set fetchController to the result of fetching request,
  572. // with processEarlyHintsResponse set to processEarlyHintsResponseas defined below, processResponse
  573. // set to processResponse as defined below, and useParallelQueue set to true.
  574. if (!fetch_controller) {
  575. // FIXME: Let processEarlyHintsResponse be the following algorithm given a response earlyResponse:
  576. // Let processResponse be the following algorithm given a response fetchedResponse:
  577. auto process_response = [response_holder](JS::NonnullGCPtr<Fetch::Infrastructure::Response> fetch_response) {
  578. // 1. Set response to fetchedResponse.
  579. response_holder->set_response(fetch_response);
  580. };
  581. fetch_controller = TRY(Fetch::Fetching::fetch(
  582. realm,
  583. request,
  584. Fetch::Infrastructure::FetchAlgorithms::create(vm,
  585. {
  586. .process_request_body_chunk_length = {},
  587. .process_request_end_of_body = {},
  588. .process_early_hints_response = {},
  589. .process_response = move(process_response),
  590. .process_response_end_of_body = {},
  591. .process_response_consume_body = {},
  592. }),
  593. Fetch::Fetching::UseParallelQueue::Yes));
  594. }
  595. // 6. Otherwise, process the next manual redirect for fetchController.
  596. else {
  597. fetch_controller->process_next_manual_redirect();
  598. }
  599. // 7. Wait until either response is non-null, or navigable's ongoing navigation changes to no longer equal navigationId.
  600. Platform::EventLoopPlugin::the().spin_until([&]() {
  601. if (response_holder->response() != nullptr)
  602. return true;
  603. if (navigation_id.has_value() && (!navigable->ongoing_navigation().has<String>() || navigable->ongoing_navigation().get<String>() != *navigation_id))
  604. return true;
  605. return false;
  606. });
  607. // If the latter condition occurs, then abort fetchController, and return. Otherwise, proceed onward.
  608. if (navigation_id.has_value() && (!navigable->ongoing_navigation().has<String>() || navigable->ongoing_navigation().get<String>() != *navigation_id)) {
  609. fetch_controller->abort(realm, {});
  610. return Empty {};
  611. }
  612. // 8. If request's body is null, then set entry's document state's resource to null.
  613. if (!request->body().has<Empty>()) {
  614. entry->document_state->set_resource(Empty {});
  615. }
  616. // FIXME 9. Set responsePolicyContainer to the result of creating a policy container from a fetch response given response and request's reserved client.
  617. // FIXME 10. Set finalSandboxFlags to the union of targetSnapshotParams's sandboxing flags and responsePolicyContainer's CSP list's CSP-derived sandboxing flags.
  618. // 11. Set responseOrigin to the result of determining the origin given response's URL, finalSandboxFlags, and entry's document state's initiator origin.
  619. response_origin = determine_the_origin(*response_holder->response()->url(), final_sandbox_flags, entry->document_state->initiator_origin());
  620. // 12. If navigable is a top-level traversable, then:
  621. if (navigable->is_top_level_traversable()) {
  622. // 1. Set responseCOOP to the result of obtaining a cross-origin opener policy given response and request's reserved client.
  623. response_coop = obtain_a_cross_origin_opener_policy(*response_holder->response(), request->reserved_client());
  624. // FIXME: 2. Set coopEnforcementResult to the result of enforcing the response's cross-origin opener policy given navigable's active browsing context,
  625. // response's URL, responseOrigin, responseCOOP, coopEnforcementResult and request's referrer.
  626. // FIXME: 3. If finalSandboxFlags is not empty and responseCOOP's value is not "unsafe-none", then set response to an appropriate network error and break.
  627. // NOTE: This results in a network error as one cannot simultaneously provide a clean slate to a response
  628. // using cross-origin opener policy and sandbox the result of navigating to that response.
  629. }
  630. // 13. FIXME If response is not a network error, navigable is a child navigable, and the result of performing a cross-origin resource policy check
  631. // with navigable's container document's origin, navigable's container document's relevant settings object, request's destination, response,
  632. // and true is blocked, then set response to a network error and break.
  633. // NOTE: Here we're running the cross-origin resource policy check against the parent navigable rather than navigable itself
  634. // This is because we care about the same-originness of the embedded content against the parent context, not the navigation source.
  635. // 14. Set locationURL to response's location URL given currentURL's fragment.
  636. auto location_url = response_holder->response()->location_url(current_url.fragment());
  637. VERIFY(!location_url.is_error());
  638. // 15. If locationURL is failure or null, then break.
  639. if (location_url.is_error() || !location_url.value().has_value()) {
  640. break;
  641. }
  642. // 16. Assert: locationURL is a URL.
  643. VERIFY(location_url.value()->is_valid());
  644. // 17. Set entry's classic history API state to StructuredSerializeForStorage(null).
  645. entry->classic_history_api_state = MUST(structured_serialize_for_storage(vm, JS::js_null()));
  646. // 18. Let oldDocState be entry's document state.
  647. auto old_doc_state = entry->document_state;
  648. // 19. Set entry's document state to a new document state, with
  649. // history policy container: a clone of the oldDocState's history policy container if it is non-null; null otherwise
  650. // request referrer: oldDocState's request referrer
  651. // request referrer policy: oldDocState's request referrer policy
  652. // origin: oldDocState's origin
  653. // resource: oldDocState's resource
  654. // ever populated: oldDocState's ever populated
  655. // navigable target name: oldDocState's navigable target name
  656. entry->document_state = navigable->heap().allocate_without_realm<DocumentState>();
  657. entry->document_state->set_history_policy_container(old_doc_state->history_policy_container());
  658. entry->document_state->set_request_referrer(old_doc_state->request_referrer());
  659. entry->document_state->set_request_referrer_policy(old_doc_state->request_referrer_policy());
  660. entry->document_state->set_origin(old_doc_state->origin());
  661. entry->document_state->set_resource(old_doc_state->resource());
  662. entry->document_state->set_ever_populated(old_doc_state->ever_populated());
  663. entry->document_state->set_navigable_target_name(old_doc_state->navigable_target_name());
  664. // 20. If locationURL's scheme is not an HTTP(S) scheme, then:
  665. if (!Fetch::Infrastructure::is_http_or_https_scheme(location_url.value()->scheme())) {
  666. // 1. Set entry's document state's resource to null.
  667. entry->document_state->set_resource(Empty {});
  668. // 2. Break.
  669. break;
  670. }
  671. // 21. Set currentURL to locationURL.
  672. current_url = location_url.value().value();
  673. // 22. Set entry's URL to currentURL.
  674. entry->url = current_url;
  675. }
  676. // 20. If locationURL is a URL whose scheme is not a fetch scheme, then return a new non-fetch scheme navigation params, with
  677. if (!location_url.is_error() && location_url.value().has_value() && !Fetch::Infrastructure::is_fetch_scheme(location_url.value().value().scheme())) {
  678. // - id: navigationId
  679. // - navigable: navigable
  680. // - URL: locationURL
  681. // - target snapshot sandboxing flags: targetSnapshotParams's sandboxing flags
  682. // - source snapshot has transient activation: sourceSnapshotParams's has transient activation
  683. // - initiator origin: responseOrigin
  684. // FIXME: - navigation timing type: navTimingType
  685. return NonFetchSchemeNavigationParams {
  686. .id = navigation_id,
  687. .navigable = navigable,
  688. .url = location_url.release_value().value(),
  689. .target_snapshot_sandboxing_flags = target_snapshot_params.sandboxing_flags,
  690. .source_snapshot_has_transient_activation = source_snapshot_params.has_transient_activation,
  691. .initiator_origin = move(*response_origin),
  692. };
  693. }
  694. // 21. If any of the following are true:
  695. // - response is a network error;
  696. // - locationURL is failure; or
  697. // - locationURL is a URL whose scheme is a fetch scheme
  698. // then return null.
  699. if (response_holder->response()->is_network_error() || location_url.is_error() || (location_url.value().has_value() && Fetch::Infrastructure::is_fetch_scheme(location_url.value().value().scheme()))) {
  700. return Empty {};
  701. }
  702. // 22. Assert: locationURL is null and response is not a network error.
  703. VERIFY(!location_url.value().has_value());
  704. VERIFY(!response_holder->response()->is_network_error());
  705. // 23. Let resultPolicyContainer be the result of determining navigation params policy container given response's URL,
  706. // entry's document state's history policy container, sourceSnapshotParams's source policy container, null, and responsePolicyContainer.
  707. Optional<PolicyContainer> history_policy_container = entry->document_state->history_policy_container().visit(
  708. [](PolicyContainer const& c) -> Optional<PolicyContainer> { return c; },
  709. [](DocumentState::Client) -> Optional<PolicyContainer> { return {}; });
  710. auto result_policy_container = determine_navigation_params_policy_container(*response_holder->response()->url(), history_policy_container, source_snapshot_params.source_policy_container, {}, response_policy_container);
  711. // 24. If navigable's container is an iframe, and response's timing allow passed flag is set, then set container's pending resource-timing start time to null.
  712. if (navigable->container() && is<HTML::HTMLIFrameElement>(*navigable->container()) && response_holder->response()->timing_allow_passed())
  713. static_cast<HTML::HTMLIFrameElement&>(*navigable->container()).set_pending_resource_start_time({});
  714. // 25. Return a new navigation params, with
  715. // id: navigationId
  716. // navigable: navigable
  717. // request: request
  718. // response: response
  719. // fetch controller: fetchController
  720. // commit early hints: commitEarlyHints
  721. // cross-origin opener policy: responseCOOP
  722. // reserved environment: request's reserved client
  723. // origin: responseOrigin
  724. // policy container: resultPolicyContainer
  725. // final sandboxing flag set: finalSandboxFlags
  726. // COOP enforcement result: coopEnforcementResult
  727. // FIXME: navigation timing type: navTimingType
  728. // about base URL: entry's document state's about base URL
  729. HTML::NavigationParams navigation_params {
  730. .id = navigation_id,
  731. .navigable = navigable,
  732. .request = request,
  733. .response = *response_holder->response(),
  734. .fetch_controller = fetch_controller,
  735. .commit_early_hints = move(commit_early_hints),
  736. .coop_enforcement_result = coop_enforcement_result,
  737. .reserved_environment = request->reserved_client(),
  738. .origin = *response_origin,
  739. .policy_container = result_policy_container,
  740. .final_sandboxing_flag_set = final_sandbox_flags,
  741. .cross_origin_opener_policy = response_coop,
  742. .about_base_url = entry->document_state->about_base_url(),
  743. };
  744. return navigation_params;
  745. }
  746. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#attempt-to-populate-the-history-entry's-document
  747. WebIDL::ExceptionOr<void> Navigable::populate_session_history_entry_document(
  748. JS::GCPtr<SessionHistoryEntry> entry,
  749. SourceSnapshotParams const& source_snapshot_params,
  750. TargetSnapshotParams const& target_snapshot_params,
  751. Optional<String> navigation_id,
  752. Variant<Empty, NavigationParams, NonFetchSchemeNavigationParams> navigation_params,
  753. CSPNavigationType csp_navigation_type,
  754. bool allow_POST,
  755. Function<void()> completion_steps)
  756. {
  757. // FIXME: 1. Assert: this is running in parallel.
  758. // 2. Assert: if navigationParams is non-null, then navigationParams's response is non-null.
  759. // NavigationParams' response field is NonnullGCPtr
  760. if (!navigation_params.has<Empty>())
  761. VERIFY(navigation_params.has<NavigationParams>());
  762. // 3. Let currentBrowsingContext be navigable's active browsing context.
  763. [[maybe_unused]] auto current_browsing_context = active_browsing_context();
  764. // 4. Let documentResource be entry's document state's resource.
  765. auto document_resource = entry->document_state->resource();
  766. // 5. If navigationParams is null, then:
  767. if (navigation_params.has<Empty>()) {
  768. // 1. If documentResource is a string, then set navigationParams to the result
  769. // of creating navigation params from a srcdoc resource given entry, navigable,
  770. // targetSnapshotParams, navigationId, and navTimingType.
  771. if (document_resource.has<String>()) {
  772. navigation_params = TRY(create_navigation_params_from_a_srcdoc_resource(entry, this, target_snapshot_params, navigation_id));
  773. }
  774. // 2. Otherwise, if both of the following are true:
  775. // - entry's URL's scheme is a fetch scheme; and
  776. // - documentResource is null, or allowPOST is true and documentResource's request body is not failure (FIXME: check if request body is not failure)
  777. else if (Fetch::Infrastructure::is_fetch_scheme(entry->url.scheme()) && (document_resource.has<Empty>() || allow_POST)) {
  778. navigation_params = TRY(create_navigation_params_by_fetching(entry, this, source_snapshot_params, target_snapshot_params, csp_navigation_type, navigation_id));
  779. }
  780. // 3. Otherwise, if entry's URL's scheme is not a fetch scheme, then set navigationParams to a new non-fetch scheme navigation params, with:
  781. else if (!Fetch::Infrastructure::is_fetch_scheme(entry->url.scheme())) {
  782. // - id: navigationId
  783. // - navigable: navigable
  784. // - URL: entry's URL
  785. // - target snapshot sandboxing flags: targetSnapshotParams's sandboxing flags
  786. // - source snapshot has transient activation: sourceSnapshotParams's has transient activation
  787. // - initiator origin: entry's document state's initiator origin
  788. // FIXME: - navigation timing type: navTimingType
  789. navigation_params = NonFetchSchemeNavigationParams {
  790. .id = navigation_id,
  791. .navigable = this,
  792. .url = entry->url,
  793. .target_snapshot_sandboxing_flags = target_snapshot_params.sandboxing_flags,
  794. .source_snapshot_has_transient_activation = source_snapshot_params.has_transient_activation,
  795. .initiator_origin = *entry->document_state->initiator_origin(),
  796. };
  797. }
  798. }
  799. // NOTE: Not in the spec but queuing task on the next step will fail because active_window() does not exist for destroyed navigable.
  800. if (has_been_destroyed())
  801. return {};
  802. // 6. Queue a global task on the navigation and traversal task source, given navigable's active window, to run these steps:
  803. queue_global_task(Task::Source::NavigationAndTraversal, *active_window(), [this, entry, navigation_params = move(navigation_params), navigation_id, completion_steps = move(completion_steps)]() mutable {
  804. // NOTE: This check is not in the spec but we should not continue navigation if navigable has been destroyed.
  805. if (has_been_destroyed())
  806. return;
  807. // 1. If navigable's ongoing navigation no longer equals navigationId, then run completionSteps and return.
  808. if (navigation_id.has_value() && (!ongoing_navigation().has<String>() || ongoing_navigation().get<String>() != *navigation_id)) {
  809. completion_steps();
  810. return;
  811. }
  812. // 2. Let failure be false.
  813. auto failure = false;
  814. // 3. If navigationParams is a non-fetch scheme navigation params, then set entry's document state's document to the result of
  815. // running attempt to create a non-fetch scheme document navigationParams
  816. if (navigation_params.has<NonFetchSchemeNavigationParams>()) {
  817. // FIXME: https://github.com/whatwg/html/issues/9767
  818. // We probably are expected to skip to steps 13 and 14 and return after doing this
  819. entry->document_state->set_document(attempt_to_create_a_non_fetch_scheme_document(navigation_params.get<NonFetchSchemeNavigationParams>()));
  820. if (entry->document_state->document()) {
  821. entry->document_state->set_ever_populated(true);
  822. }
  823. completion_steps();
  824. return;
  825. }
  826. // 4. Otherwise, if navigationParams is null, then set failure to true.
  827. if (navigation_params.has<Empty>()) {
  828. failure = true;
  829. }
  830. // FIXME: 5. Otherwise, if the result of should navigation response to navigation request of type in target be blocked by Content Security Policy? given navigationParams's request,
  831. // navigationParams's response, navigationParams's policy container's CSP list, cspNavigationType, and navigable is "Blocked", then set failure to true.
  832. // FIXME: 6. Otherwise, if navigationParams's reserved environment is non-null and the result of checking a navigation response's adherence to its embedder policy given
  833. // navigationParams's response, navigable, and navigationParams's policy container's embedder policy is false, then set failure to true.
  834. // FIXME: 7. Otherwise, if the result of checking a navigation response's adherence to `X-Frame-Options` given navigationParams's response, navigable,
  835. // navigationParams's policy container's CSP list, and navigationParams's origin is false, then set failure to true.
  836. // 8. If failure is true, then:
  837. if (failure) {
  838. // 1. Set entry's document state's document to the result of creating a document for inline content that doesn't have a DOM, given navigable, null, and navTimingType.
  839. // The inline content should indicate to the user the sort of error that occurred.
  840. // FIXME: Use SourceGenerator to produce error page from file:///res/html/error.html
  841. // and display actual error from fetch response.
  842. auto error_html = String::formatted("<h1>Failed to load {}</h1>"sv, entry->url).release_value_but_fixme_should_propagate_errors();
  843. entry->document_state->set_document(create_document_for_inline_content(this, navigation_id, error_html));
  844. // 2. Set entry's document state's document's salvageable to false.
  845. entry->document_state->document()->set_salvageable(false);
  846. // FIXME: 3. If navigationParams is not null, then:
  847. if (!navigation_params.has<Empty>()) {
  848. // 1. FIXME: Run the environment discarding steps for navigationParams's reserved environment.
  849. // 2. Invoke WebDriver BiDi navigation failed with currentBrowsingContext and a new WebDriver BiDi navigation status
  850. // whose id is navigationId, status is "canceled", and url is navigationParams's response's URL.
  851. }
  852. }
  853. // FIXME: 9. Otherwise, if navigationParams's response's status is 204 or 205, then:
  854. else if (navigation_params.get<NavigationParams>().response->status() == 204 || navigation_params.get<NavigationParams>().response->status() == 205) {
  855. // 1. Run completionSteps.
  856. completion_steps();
  857. // 2. Return.
  858. return;
  859. }
  860. // FIXME: 10. Otherwise, if navigationParams's response has a `Content-Disposition`
  861. // header specifying the attachment disposition type, then:
  862. // 11. Otherwise:
  863. else {
  864. // 1. Let document be the result of loading a document given navigationParams, sourceSnapshotParams,
  865. // and entry's document state's initiator origin.
  866. auto document = load_document(move(navigation_params.get<NavigationParams>()));
  867. // 2. If document is null, then run completionSteps and return.
  868. if (!document) {
  869. completion_steps();
  870. return;
  871. }
  872. // 3. Set entry's document state's document to document.
  873. entry->document_state->set_document(document.ptr());
  874. // 4. Set entry's document state's origin to document's origin.
  875. entry->document_state->set_origin(document->origin());
  876. }
  877. // FIXME: 12. If entry's document state's request referrer is "client", then set it to request's referrer.
  878. // https://github.com/whatwg/html/issues/9767
  879. // What is "request" here?
  880. // 13. If entry's document state's document is not null, then set entry's document state's ever populated to true.
  881. if (entry->document_state->document()) {
  882. entry->document_state->set_ever_populated(true);
  883. }
  884. // 14. Run completionSteps.
  885. completion_steps();
  886. });
  887. return {};
  888. }
  889. // To navigate a navigable navigable to a URL url using a Document sourceDocument,
  890. // with an optional POST resource, string, or null documentResource (default null),
  891. // an optional response-or-null response (default null), an optional boolean exceptionsEnabled (default false),
  892. // an optional NavigationHistoryBehavior historyHandling (default "auto"),
  893. // an optional serialized state-or-null navigationAPIState (default null),
  894. // an optional entry list or null formDataEntryList (default null),
  895. // an optional referrer policy referrerPolicy (default the empty string),
  896. // and an optional user navigation involvement userInvolvement (default "none"):
  897. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#navigate
  898. WebIDL::ExceptionOr<void> Navigable::navigate(
  899. AK::URL const& url,
  900. JS::NonnullGCPtr<DOM::Document> source_document,
  901. Variant<Empty, String, POSTResource> document_resource,
  902. JS::GCPtr<Fetch::Infrastructure::Response> response,
  903. bool exceptions_enabled,
  904. Bindings::NavigationHistoryBehavior history_handling,
  905. Optional<SerializationRecord> navigation_api_state,
  906. Optional<Vector<XHR::FormDataEntry>&> form_data_entry_list,
  907. ReferrerPolicy::ReferrerPolicy referrer_policy,
  908. UserNavigationInvolvement user_involvement)
  909. {
  910. auto& active_document = *this->active_document();
  911. auto& realm = active_document.realm();
  912. auto& vm = this->vm();
  913. // 1. Let cspNavigationType be "form-submission" if formDataEntryList is non-null; otherwise "other".
  914. auto csp_navigation_type = form_data_entry_list.has_value() ? CSPNavigationType::FormSubmission : CSPNavigationType::Other;
  915. // 2. Let sourceSnapshotParams be the result of snapshotting source snapshot params given sourceDocument.
  916. auto source_snapshot_params = source_document->snapshot_source_snapshot_params();
  917. // 3. Let initiatorOriginSnapshot be sourceDocument's origin.
  918. auto initiator_origin_snapshot = source_document->origin();
  919. // 4. Let initiatorBaseURLSnapshot be sourceDocument's document base URL.
  920. auto initiator_base_url_snapshot = source_document->base_url();
  921. // 5. If sourceDocument's node navigable is not allowed by sandboxing to navigate navigable given and sourceSnapshotParams, then:
  922. if (!source_document->navigable()->allowed_by_sandboxing_to_navigate(*this, source_snapshot_params)) {
  923. // 1. If exceptionsEnabled is true, then throw a "SecurityError" DOMException.
  924. if (exceptions_enabled) {
  925. return WebIDL::SecurityError::create(realm, "Source document's node navigable is not allowed to navigate"_fly_string);
  926. }
  927. // 2 Return.
  928. return {};
  929. }
  930. // 6. Let navigationId be the result of generating a random UUID.
  931. String navigation_id = TRY_OR_THROW_OOM(vm, Crypto::generate_random_uuid());
  932. // FIXME: 7. If the surrounding agent is equal to navigable's active document's relevant agent, then continue these steps.
  933. // Otherwise, queue a global task on the navigation and traversal task source given navigable's active window to continue these steps.
  934. // 8. If navigable's active document's unload counter is greater than 0,
  935. // then invoke WebDriver BiDi navigation failed with a WebDriver BiDi navigation status whose id is navigationId,
  936. // status is "canceled", and url is url, and return.
  937. if (active_document.unload_counter() > 0) {
  938. // FIXME: invoke WebDriver BiDi navigation failed with a WebDriver BiDi navigation status whose id is navigationId,
  939. // status is "canceled", and url is url
  940. return {};
  941. }
  942. // 9. If historyHandling is "auto", then:
  943. if (history_handling == Bindings::NavigationHistoryBehavior::Auto) {
  944. // FIXME: Fix spec typo targetNavigable --> navigable
  945. // 1. If url equals navigable's active document's URL,
  946. // and initiatorOriginSnapshot is same origin with targetNavigable's active document's origin,
  947. // then set historyHandling to "replace".
  948. if (url.equals(active_document.url(), AK::URL::ExcludeFragment::Yes) && initiator_origin_snapshot.is_same_origin(active_document.origin()))
  949. history_handling = Bindings::NavigationHistoryBehavior::Replace;
  950. // 2. Otherwise, set historyHandling to "push".
  951. else
  952. history_handling = Bindings::NavigationHistoryBehavior::Push;
  953. }
  954. // 10. If the navigation must be a replace given url and navigable's active document, then set historyHandling to "replace".
  955. if (navigation_must_be_a_replace(url, active_document))
  956. history_handling = Bindings::NavigationHistoryBehavior::Replace;
  957. // 11. If all of the following are true:
  958. // - documentResource is null;
  959. // - response is null;
  960. // - url equals navigable's active session history entry's URL with exclude fragments set to true; and
  961. // - url's fragment is non-null
  962. if (document_resource.has<Empty>()
  963. && !response
  964. && url.equals(active_session_history_entry()->url, AK::URL::ExcludeFragment::Yes)
  965. && url.fragment().has_value()) {
  966. // 1. Navigate to a fragment given navigable, url, historyHandling, and navigationId.
  967. TRY(navigate_to_a_fragment(url, to_history_handling_behavior(history_handling), navigation_id));
  968. traversable_navigable()->process_session_history_traversal_queue();
  969. // 2. Return.
  970. return {};
  971. }
  972. // 12. If navigable's parent is non-null, then set navigable's is delaying load events to true.
  973. if (parent() != nullptr)
  974. set_delaying_load_events(true);
  975. // 13. Let targetBrowsingContext be navigable's active browsing context.
  976. [[maybe_unused]] auto target_browsing_context = active_browsing_context();
  977. // 14. Let targetSnapshotParams be the result of snapshotting target snapshot params given navigable.
  978. auto target_snapshot_params = snapshot_target_snapshot_params();
  979. // 15. Invoke WebDriver BiDi navigation started with targetBrowsingContext, and a new WebDriver BiDi navigation status whose id is navigationId, url is url, and status is "pending".
  980. // 16. If navigable's ongoing navigation is "traversal", then:
  981. if (ongoing_navigation().has<Traversal>()) {
  982. // FIXME: 1. Invoke WebDriver BiDi navigation failed with targetBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId, status is "canceled", and url is url.
  983. // 2. Return.
  984. return {};
  985. }
  986. // 17. Set navigable's ongoing navigation to navigationId.
  987. set_ongoing_navigation(navigation_id);
  988. // 18. If url's scheme is "javascript", then:
  989. if (url.scheme() == "javascript"sv) {
  990. // 1. Queue a global task on the navigation and traversal task source given navigable's active window to navigate to a javascript: URL given navigable, url, historyHandling, initiatorOriginSnapshot, and cspNavigationType.
  991. queue_global_task(Task::Source::NavigationAndTraversal, *active_window(), [this, url, history_handling, initiator_origin_snapshot, csp_navigation_type, navigation_id] {
  992. (void)navigate_to_a_javascript_url(url, to_history_handling_behavior(history_handling), initiator_origin_snapshot, csp_navigation_type, navigation_id);
  993. });
  994. // 2. Return.
  995. return {};
  996. }
  997. // 19. If all of the following are true:
  998. // - userInvolvement is not "browser UI";
  999. // - navigable's active document's origin is same origin-domain with sourceDocument's origin;
  1000. // - navigable's active document's is initial about:blank is false; and
  1001. // - url's scheme is a fetch scheme
  1002. // then:
  1003. if (user_involvement != UserNavigationInvolvement::BrowserUI && active_document.origin().is_same_origin_domain(source_document->origin()) && !active_document.is_initial_about_blank() && Fetch::Infrastructure::is_fetch_scheme(url.scheme())) {
  1004. // 1. Let navigation be navigable's active window's navigation API.
  1005. auto navigation = active_window()->navigation();
  1006. // 2. Let entryListForFiring be formDataEntryList if documentResource is a POST resource; otherwise, null.
  1007. auto entry_list_for_firing = [&]() -> Optional<Vector<XHR::FormDataEntry>&> {
  1008. if (document_resource.has<POSTResource>())
  1009. return form_data_entry_list;
  1010. return {};
  1011. }();
  1012. // 3. Let navigationAPIStateForFiring be navigationAPIState if navigationAPIState is not null;
  1013. // otherwise, StructuredSerializeForStorage(undefined).
  1014. auto navigation_api_state_for_firing = navigation_api_state.value_or(MUST(structured_serialize_for_storage(vm, JS::js_undefined())));
  1015. // FIXME: 4. Let continue be the result of firing a push/replace/reload navigate event at navigation
  1016. // with navigationType set to historyHandling, isSameDocument set to false, userInvolvement set to userInvolvement,
  1017. // formDataEntryList set to entryListForFiring, destinationURL set to url, and navigationAPIState set to navigationAPIStateForFiring.
  1018. (void)navigation;
  1019. (void)entry_list_for_firing;
  1020. (void)navigation_api_state_for_firing;
  1021. // FIXME: 5. If continue is false, then return.
  1022. }
  1023. if (is_top_level_traversable()) {
  1024. if (auto* page = active_browsing_context()->page())
  1025. page->client().page_did_start_loading(url, false);
  1026. }
  1027. // 20. In parallel, run these steps:
  1028. Platform::EventLoopPlugin::the().deferred_invoke([this, source_snapshot_params, target_snapshot_params, csp_navigation_type, document_resource, url, navigation_id, referrer_policy, initiator_origin_snapshot, response, history_handling, initiator_base_url_snapshot] {
  1029. // NOTE: Not in the spec but subsequent steps will fail because destroyed navigable does not have active document.
  1030. if (has_been_destroyed())
  1031. return;
  1032. // FIXME: 1. Let unloadPromptCanceled be the result of checking if unloading is user-canceled for navigable's active document's inclusive descendant navigables.
  1033. // FIXME: 2. If unloadPromptCanceled is true, or navigable's ongoing navigation is no longer navigationId, then:
  1034. if (!ongoing_navigation().has<String>() || ongoing_navigation().get<String>() != navigation_id) {
  1035. // FIXME: 1. Invoke WebDriver BiDi navigation failed with targetBrowsingContext and a new WebDriver BiDi navigation status whose id is navigationId, status is "canceled", and url is url.
  1036. // 2. Abort these steps.
  1037. return;
  1038. }
  1039. // 3. Queue a global task on the navigation and traversal task source given navigable's active window to abort navigable's active document.
  1040. queue_global_task(Task::Source::NavigationAndTraversal, *active_window(), [this] {
  1041. VERIFY(this->active_document());
  1042. this->active_document()->abort();
  1043. });
  1044. // 4. Let documentState be a new document state with
  1045. // request referrer policy: referrerPolicy
  1046. // initiator origin: initiatorOriginSnapshot
  1047. // resource: documentResource
  1048. // navigable target name: navigable's target name
  1049. JS::NonnullGCPtr<DocumentState> document_state = *heap().allocate_without_realm<DocumentState>();
  1050. document_state->set_request_referrer_policy(referrer_policy);
  1051. document_state->set_initiator_origin(initiator_origin_snapshot);
  1052. document_state->set_resource(document_resource);
  1053. document_state->set_navigable_target_name(target_name());
  1054. // 5. If url matches about:blank or is about:srcdoc, then set documentState's origin to documentState's initiator origin.
  1055. // FIXME: should this say "matches about:srcdoc"
  1056. if (url_matches_about_blank(url) || url == "about:srcdoc"sv) {
  1057. // 1. Set documentState's origin to initiatorOriginSnapshot.
  1058. document_state->set_origin(document_state->initiator_origin());
  1059. // 2. Set documentState's about base URL to initiatorBaseURLSnapshot.
  1060. document_state->set_about_base_url(initiator_base_url_snapshot);
  1061. }
  1062. // 6. Let historyEntry be a new session history entry, with its URL set to url and its document state set to documentState.
  1063. JS::NonnullGCPtr<SessionHistoryEntry> history_entry = *heap().allocate_without_realm<SessionHistoryEntry>();
  1064. history_entry->url = url;
  1065. history_entry->document_state = document_state;
  1066. // 8. Let navigationParams be null.
  1067. Variant<Empty, NavigationParams, NonFetchSchemeNavigationParams> navigation_params = Empty {};
  1068. // FIXME: 9. If response is non-null:
  1069. if (response) {
  1070. }
  1071. // 10. Attempt to populate the history entry's document
  1072. // for historyEntry, given navigable, "navigate", sourceSnapshotParams,
  1073. // targetSnapshotParams, navigationId, navigationParams, cspNavigationType, with allowPOST
  1074. // set to true and completionSteps set to the following step:
  1075. populate_session_history_entry_document(history_entry, source_snapshot_params, target_snapshot_params, navigation_id, move(navigation_params), csp_navigation_type, true, [this, history_entry, history_handling, navigation_id] {
  1076. // 1. Append session history traversal steps to navigable's traversable to finalize a cross-document navigation given navigable, historyHandling, and historyEntry.
  1077. traversable_navigable()->append_session_history_traversal_steps([this, history_entry, history_handling, navigation_id] {
  1078. if (this->has_been_destroyed()) {
  1079. // NOTE: This check is not in the spec but we should not continue navigation if navigable has been destroyed.
  1080. return;
  1081. }
  1082. if (this->ongoing_navigation() != navigation_id) {
  1083. // NOTE: This check is not in the spec but we should not continue navigation if ongoing navigation id has changed.
  1084. return;
  1085. }
  1086. finalize_a_cross_document_navigation(*this, to_history_handling_behavior(history_handling), history_entry);
  1087. });
  1088. }).release_value_but_fixme_should_propagate_errors();
  1089. });
  1090. return {};
  1091. }
  1092. WebIDL::ExceptionOr<void> Navigable::navigate_to_a_fragment(AK::URL const& url, HistoryHandlingBehavior history_handling, String navigation_id)
  1093. {
  1094. (void)navigation_id;
  1095. // FIXME: 1. Let navigation be navigable's active window's navigation API.
  1096. // FIXME: 2. Let destinationNavigationAPIState be navigable's active session history entry's navigation API state.
  1097. // FIXME: 3. If navigationAPIState is not null, then set destinationNavigationAPIState to navigationAPIState.
  1098. // FIXME: 4. Let continue be the result of firing a push/replace/reload navigate event at navigation with navigationType set to historyHandling, isSameDocument set to true,
  1099. // userInvolvement set to userInvolvement, and destinationURL set to url, and navigationAPIState set to destinationNavigationAPIState.
  1100. // FIXME: 5. If continue is false, then return.
  1101. // 6. Let historyEntry be a new session history entry, with
  1102. // URL: url
  1103. // document state: navigable's active session history entry's document state
  1104. // navigation API state: destinationNavigationAPIState
  1105. // scroll restoration mode: navigable's active session history entry's scroll restoration mode
  1106. JS::NonnullGCPtr<SessionHistoryEntry> history_entry = heap().allocate_without_realm<SessionHistoryEntry>();
  1107. history_entry->url = url;
  1108. history_entry->document_state = active_session_history_entry()->document_state;
  1109. history_entry->scroll_restoration_mode = active_session_history_entry()->scroll_restoration_mode;
  1110. // 7. Let entryToReplace be navigable's active session history entry if historyHandling is "replace", otherwise null.
  1111. auto entry_to_replace = history_handling == HistoryHandlingBehavior::Replace ? active_session_history_entry() : nullptr;
  1112. // FIXME: 8. Let history be navigable's active document's history object.
  1113. // FIXME: 9. Let scriptHistoryIndex be history's index.
  1114. // FIXME: 10. Let scriptHistoryIndex be history's index.
  1115. // 11. If historyHandling is "push", then:
  1116. if (history_handling == HistoryHandlingBehavior::Push) {
  1117. // FIXME: 1. Set history's state to null.
  1118. // FIXME: 2. Increment scriptHistoryIndex.
  1119. // FIXME: 3. Set scriptHistoryLength to scriptHistoryIndex + 1.
  1120. }
  1121. // 12. Set navigable's active session history entry to historyEntry.
  1122. m_active_session_history_entry = history_entry;
  1123. // FIXME: 13. Update document for history step application given navigable's active document, historyEntry, true, scriptHistoryIndex, and scriptHistoryLength.
  1124. // FIXME: 14. Update the navigation API entries for a same-document navigation given navigation, historyEntry, and historyHandling.
  1125. // 15. Scroll to the fragment given navigable's active document.
  1126. // FIXME: Specification doesn't say when document url needs to update during fragment navigation
  1127. active_document()->set_url(url);
  1128. active_document()->scroll_to_the_fragment();
  1129. // 16. Let traversable be navigable's traversable navigable.
  1130. auto traversable = traversable_navigable();
  1131. // 17. Append the following session history synchronous navigation steps involving navigable to traversable:
  1132. traversable->append_session_history_traversal_steps([this, traversable, history_entry, entry_to_replace, navigation_id] {
  1133. if (this->ongoing_navigation() != navigation_id) {
  1134. // NOTE: This check is not in the spec but we should not continue navigation if ongoing navigation id has changed.
  1135. return;
  1136. }
  1137. // 1. Finalize a same-document navigation given traversable, navigable, historyEntry, and entryToReplace.
  1138. finalize_a_same_document_navigation(*traversable, *this, history_entry, entry_to_replace);
  1139. // FIXME: 2. Invoke WebDriver BiDi fragment navigated with navigable's active browsing context and a new WebDriver BiDi
  1140. // navigation status whose id is navigationId, url is url, and status is "complete".
  1141. });
  1142. return {};
  1143. }
  1144. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#evaluate-a-javascript:-url
  1145. WebIDL::ExceptionOr<JS::GCPtr<DOM::Document>> Navigable::evaluate_javascript_url(AK::URL const& url, Origin const& new_document_origin, String navigation_id)
  1146. {
  1147. auto& vm = this->vm();
  1148. auto& realm = active_window()->realm();
  1149. // 1. Let urlString be the result of running the URL serializer on url.
  1150. auto url_string = url.serialize();
  1151. // 2. Let encodedScriptSource be the result of removing the leading "javascript:" from urlString.
  1152. auto encoded_script_source = url_string.substring_view(11, url_string.length() - 11);
  1153. // 3. Let scriptSource be the UTF-8 decoding of the percent-decoding of encodedScriptSource.
  1154. auto script_source = AK::URL::percent_decode(encoded_script_source);
  1155. // 4. Let settings be targetNavigable's active document's relevant settings object.
  1156. auto& settings = active_document()->relevant_settings_object();
  1157. // 5. Let baseURL be settings's API base URL.
  1158. auto base_url = settings.api_base_url();
  1159. // 6. Let script be the result of creating a classic script given scriptSource, settings, baseURL, and the default classic script fetch options.
  1160. auto script = HTML::ClassicScript::create("(javascript url)", script_source, settings, base_url);
  1161. // 7. Let evaluationStatus be the result of running the classic script script.
  1162. auto evaluation_status = script->run();
  1163. // 8. Let result be null.
  1164. String result;
  1165. // 9. If evaluationStatus is a normal completion, and evaluationStatus.[[Value]] is a String, then set result to evaluationStatus.[[Value]].
  1166. if (evaluation_status.type() == JS::Completion::Type::Normal && evaluation_status.value()->is_string()) {
  1167. result = evaluation_status.value()->as_string().utf8_string();
  1168. } else {
  1169. // 10. Otherwise, return null.
  1170. return nullptr;
  1171. }
  1172. // 11. Let response be a new response with
  1173. // URL: targetNavigable's active document's URL
  1174. // header list: «(`Content-Type`, `text/html;charset=utf-8`)»
  1175. // body: the UTF-8 encoding of result, as a body
  1176. auto response = Fetch::Infrastructure::Response::create(vm);
  1177. response->url_list().append(active_document()->url());
  1178. auto header = TRY_OR_THROW_OOM(vm, Fetch::Infrastructure::Header::from_string_pair("Content-Type"sv, "text/html"sv));
  1179. TRY_OR_THROW_OOM(vm, response->header_list()->append(move(header)));
  1180. response->set_body(TRY(Fetch::Infrastructure::byte_sequence_as_body(realm, result.bytes())));
  1181. // 12. Let policyContainer be targetNavigable's active document's policy container.
  1182. auto const& policy_container = active_document()->policy_container();
  1183. // FIXME: 13. Let finalSandboxFlags be policyContainer's CSP list's CSP-derived sandboxing flags.
  1184. auto final_sandbox_flags = SandboxingFlagSet {};
  1185. // 14. Let coop be targetNavigable's active document's cross-origin opener policy.
  1186. auto const& coop = active_document()->cross_origin_opener_policy();
  1187. // 15. Let coopEnforcementResult be a new cross-origin opener policy enforcement result with
  1188. // url: url
  1189. // origin: newDocumentOrigin
  1190. // cross-origin opener policy: coop
  1191. CrossOriginOpenerPolicyEnforcementResult coop_enforcement_result {
  1192. .url = url,
  1193. .origin = new_document_origin,
  1194. .cross_origin_opener_policy = coop,
  1195. };
  1196. // 16. Let navigationParams be a new navigation params, with
  1197. // id: navigationId
  1198. // navigable: targetNavigable
  1199. // request: null
  1200. // response: response
  1201. // fetch controller: null
  1202. // commit early hints: null
  1203. // COOP enforcement result: coopEnforcementResult
  1204. // reserved environment: null
  1205. // origin: newDocumentOrigin
  1206. // policy container: policyContainer
  1207. // final sandboxing flag set: finalSandboxFlags
  1208. // cross-origin opener policy: coop
  1209. // FIXME: navigation timing type: "navigate"
  1210. // about base URL: targetNavigable's active document's about base URL
  1211. NavigationParams navigation_params {
  1212. .id = navigation_id,
  1213. .navigable = this,
  1214. .request = {},
  1215. .response = response,
  1216. .fetch_controller = nullptr,
  1217. .commit_early_hints = nullptr,
  1218. .coop_enforcement_result = move(coop_enforcement_result),
  1219. .reserved_environment = {},
  1220. .origin = new_document_origin,
  1221. .policy_container = policy_container,
  1222. .final_sandboxing_flag_set = final_sandbox_flags,
  1223. .cross_origin_opener_policy = coop,
  1224. .about_base_url = active_document()->about_base_url(),
  1225. };
  1226. // 17. Return the result of loading an HTML document given navigationParams.
  1227. return load_document(move(navigation_params));
  1228. }
  1229. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#navigate-to-a-javascript:-url
  1230. WebIDL::ExceptionOr<void> Navigable::navigate_to_a_javascript_url(AK::URL const& url, HistoryHandlingBehavior history_handling, Origin const& initiator_origin, CSPNavigationType csp_navigation_type, String navigation_id)
  1231. {
  1232. // 1. Assert: historyHandling is "replace".
  1233. VERIFY(history_handling == HistoryHandlingBehavior::Replace);
  1234. // 2. Set the ongoing navigation for targetNavigable to null.
  1235. set_ongoing_navigation({});
  1236. // 3. If initiatorOrigin is not same origin-domain with targetNavigable's active document's origin, then return.
  1237. if (!initiator_origin.is_same_origin_domain(active_document()->origin()))
  1238. return {};
  1239. // FIXME: 4. Let request be a new request whose URL is url.
  1240. // FIXME: 5. If the result of should navigation request of type be blocked by Content Security Policy? given request and cspNavigationType is "Blocked", then return.
  1241. (void)csp_navigation_type;
  1242. // 6. Let newDocument be the result of evaluating a javascript: URL given targetNavigable, url, and initiatorOrigin.
  1243. auto new_document = TRY(evaluate_javascript_url(url, initiator_origin, navigation_id));
  1244. // 7. If newDocument is null, then return.
  1245. if (!new_document) {
  1246. // NOTE: In this case, some JavaScript code was executed, but no new Document was created, so we will not perform a navigation.
  1247. return {};
  1248. }
  1249. // 8. Assert: initiatorOrigin is newDocument's origin.
  1250. VERIFY(initiator_origin == new_document->origin());
  1251. // 9. Let entryToReplace be targetNavigable's active session history entry.
  1252. auto entry_to_replace = active_session_history_entry();
  1253. // 10. Let oldDocState be entryToReplace's document state.
  1254. auto old_doc_state = entry_to_replace->document_state;
  1255. // 11. Let documentState be a new document state with
  1256. // document: newDocument
  1257. // history policy container: a clone of the oldDocState's history policy container if it is non-null; null otherwise
  1258. // request referrer: oldDocState's request referrer
  1259. // request referrer policy: oldDocState's request referrer policy
  1260. // initiator origin: initiatorOrigin
  1261. // origin: initiatorOrigin
  1262. // about base URL: oldDocState's about base URL
  1263. // resource: null
  1264. // ever populated: true
  1265. // navigable target name: oldDocState's navigable target name
  1266. JS::NonnullGCPtr<DocumentState> document_state = *heap().allocate_without_realm<DocumentState>();
  1267. document_state->set_document(new_document);
  1268. document_state->set_history_policy_container(old_doc_state->history_policy_container());
  1269. document_state->set_request_referrer(old_doc_state->request_referrer());
  1270. document_state->set_request_referrer_policy(old_doc_state->request_referrer_policy());
  1271. document_state->set_initiator_origin(initiator_origin);
  1272. document_state->set_origin(initiator_origin);
  1273. document_state->set_about_base_url(old_doc_state->about_base_url());
  1274. document_state->set_ever_populated(true);
  1275. document_state->set_navigable_target_name(old_doc_state->navigable_target_name());
  1276. // 12. Let historyEntry be a new session history entry, with
  1277. // URL: entryToReplace's URL
  1278. // document state: documentState
  1279. JS::NonnullGCPtr<SessionHistoryEntry> history_entry = *heap().allocate_without_realm<SessionHistoryEntry>();
  1280. history_entry->url = entry_to_replace->url;
  1281. history_entry->document_state = document_state;
  1282. // 13. Append session history traversal steps to targetNavigable's traversable to finalize a cross-document navigation with targetNavigable, historyHandling, and historyEntry.
  1283. traversable_navigable()->append_session_history_traversal_steps([this, history_entry, history_handling, navigation_id] {
  1284. finalize_a_cross_document_navigation(*this, history_handling, history_entry);
  1285. });
  1286. return {};
  1287. }
  1288. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#reload
  1289. void Navigable::reload()
  1290. {
  1291. // 1. Set navigable's active session history entry's document state's reload pending to true.
  1292. active_session_history_entry()->document_state->set_reload_pending(true);
  1293. // 2. Let traversable be navigable's traversable navigable.
  1294. auto traversable = traversable_navigable();
  1295. // 3. Append the following session history traversal steps to traversable:
  1296. traversable->append_session_history_traversal_steps([traversable] {
  1297. // 1. Apply the reload history step to traversable.
  1298. traversable->apply_the_reload_history_step();
  1299. });
  1300. }
  1301. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#the-navigation-must-be-a-replace
  1302. bool navigation_must_be_a_replace(AK::URL const& url, DOM::Document const& document)
  1303. {
  1304. return url.scheme() == "javascript"sv || document.is_initial_about_blank();
  1305. }
  1306. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#allowed-to-navigate
  1307. bool Navigable::allowed_by_sandboxing_to_navigate(Navigable const& target, SourceSnapshotParams const& source_snapshot_params)
  1308. {
  1309. auto& source = *this;
  1310. auto is_ancestor_of = [](Navigable const& a, Navigable const& b) {
  1311. for (auto parent = b.parent(); parent; parent = parent->parent()) {
  1312. if (parent.ptr() == &a)
  1313. return true;
  1314. }
  1315. return false;
  1316. };
  1317. // A navigable source is allowed by sandboxing to navigate a second navigable target,
  1318. // given a source snapshot params sourceSnapshotParams, if the following steps return true:
  1319. // 1. If source is target, then return true.
  1320. if (&source == &target)
  1321. return true;
  1322. // 2. If source is an ancestor of target, then return true.
  1323. if (is_ancestor_of(source, target))
  1324. return true;
  1325. // 3. If target is an ancestor of source, then:
  1326. if (is_ancestor_of(target, source)) {
  1327. // 1. If target is not a top-level traversable, then return true.
  1328. if (!target.is_top_level_traversable())
  1329. return true;
  1330. // 2. If sourceSnapshotParams's has transient activation is true, and sourceSnapshotParams's sandboxing flags's
  1331. // sandboxed top-level navigation with user activation browsing context flag is set, then return false.
  1332. if (source_snapshot_params.has_transient_activation && has_flag(source_snapshot_params.sandboxing_flags, SandboxingFlagSet::SandboxedTopLevelNavigationWithUserActivation))
  1333. return false;
  1334. // 3. If sourceSnapshotParams's has transient activation is false, and sourceSnapshotParams's sandboxing flags's
  1335. // sandboxed top-level navigation without user activation browsing context flag is set, then return false.
  1336. if (!source_snapshot_params.has_transient_activation && has_flag(source_snapshot_params.sandboxing_flags, SandboxingFlagSet::SandboxedTopLevelNavigationWithoutUserActivation))
  1337. return false;
  1338. // 4. Return true.
  1339. return true;
  1340. }
  1341. // 4. If target is a top-level traversable:
  1342. if (target.is_top_level_traversable()) {
  1343. // FIXME: 1. If source is the one permitted sandboxed navigator of target, then return true.
  1344. // 2. If sourceSnapshotParams's sandboxing flags's sandboxed navigation browsing context flag is set, then return false.
  1345. if (has_flag(source_snapshot_params.sandboxing_flags, SandboxingFlagSet::SandboxedNavigation))
  1346. return false;
  1347. // 3. Return true.
  1348. return true;
  1349. }
  1350. // 5. If sourceSnapshotParams's sandboxing flags's sandboxed navigation browsing context flag is set, then return false.
  1351. // 6. Return true.
  1352. return !has_flag(source_snapshot_params.sandboxing_flags, SandboxingFlagSet::SandboxedNavigation);
  1353. }
  1354. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#snapshotting-target-snapshot-params
  1355. TargetSnapshotParams Navigable::snapshot_target_snapshot_params()
  1356. {
  1357. // To snapshot target snapshot params given a navigable targetNavigable, return a new target snapshot params
  1358. // with sandboxing flags set to the result of determining the creation sandboxing flags given targetNavigable's
  1359. // active browsing context and targetNavigable's container.
  1360. return { determine_the_creation_sandboxing_flags(*active_browsing_context(), container()) };
  1361. }
  1362. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#finalize-a-cross-document-navigation
  1363. void finalize_a_cross_document_navigation(JS::NonnullGCPtr<Navigable> navigable, HistoryHandlingBehavior history_handling, JS::NonnullGCPtr<SessionHistoryEntry> history_entry)
  1364. {
  1365. // NOTE: This is not in the spec but we should not navigate destroyed navigable.
  1366. if (navigable->has_been_destroyed())
  1367. return;
  1368. // 1. FIXME: Assert: this is running on navigable's traversable navigable's session history traversal queue.
  1369. // 2. Set navigable's is delaying load events to false.
  1370. navigable->set_delaying_load_events(false);
  1371. // 3. If historyEntry's document is null, then return.
  1372. if (!history_entry->document_state->document())
  1373. return;
  1374. // 4. If all of the following are true:
  1375. // - navigable's parent is null;
  1376. // - historyEntry's document's browsing context is not an auxiliary browsing context whose opener browsing context is non-null; and
  1377. // - historyEntry's document's origin is not navigable's active document's origin
  1378. // then set historyEntry's document state's navigable target name to the empty string.
  1379. if (navigable->parent() == nullptr && history_entry->document_state->document()->browsing_context()->opener_browsing_context() != nullptr && history_entry->document_state->document()->origin() != navigable->active_document()->origin())
  1380. history_entry->document_state->set_navigable_target_name(String {});
  1381. // 5. Let entryToReplace be navigable's active session history entry if historyHandling is "replace", otherwise null.
  1382. auto entry_to_replace = history_handling == HistoryHandlingBehavior::Replace ? navigable->active_session_history_entry() : nullptr;
  1383. // 6. Let traversable be navigable's traversable navigable.
  1384. auto traversable = navigable->traversable_navigable();
  1385. // 7. Let targetStep be null.
  1386. int target_step;
  1387. // 8. Let targetEntries be the result of getting session history entries for navigable.
  1388. auto& target_entries = navigable->get_session_history_entries();
  1389. // 9. If entryToReplace is null, then:
  1390. if (entry_to_replace == nullptr) {
  1391. // 1. Clear the forward session history of traversable.
  1392. traversable->clear_the_forward_session_history();
  1393. // 2. Set targetStep to traversable's current session history step + 1.
  1394. target_step = traversable->current_session_history_step() + 1;
  1395. // 3. Set historyEntry's step to targetStep.
  1396. history_entry->step = target_step;
  1397. // 4. Append historyEntry to targetEntries.
  1398. target_entries.append(history_entry);
  1399. } else {
  1400. // 1. Replace entryToReplace with historyEntry in targetEntries.
  1401. *(target_entries.find(*entry_to_replace)) = history_entry;
  1402. // 2. Set historyEntry's step to entryToReplace's step.
  1403. history_entry->step = entry_to_replace->step;
  1404. // 3. If historyEntry's document state's origin is same origin with entryToReplace's document state's origin,
  1405. // then set historyEntry's navigation API key to entryToReplace's navigation API key.
  1406. if (history_entry->document_state->origin().has_value() && entry_to_replace->document_state->origin().has_value() && history_entry->document_state->origin()->is_same_origin(*entry_to_replace->document_state->origin())) {
  1407. history_entry->navigation_api_key = entry_to_replace->navigation_api_key;
  1408. }
  1409. // 4. Set targetStep to traversable's current session history step.
  1410. target_step = traversable->current_session_history_step();
  1411. }
  1412. // 10. Apply the push/replace history step targetStep to traversable.
  1413. traversable->apply_the_push_or_replace_history_step(target_step);
  1414. }
  1415. // https://html.spec.whatwg.org/multipage/browsing-the-web.html#url-and-history-update-steps
  1416. void perform_url_and_history_update_steps(DOM::Document& document, AK::URL new_url, HistoryHandlingBehavior history_handling)
  1417. {
  1418. // 1. Let navigable be document's node navigable.
  1419. auto navigable = document.navigable();
  1420. // 2. Let activeEntry be navigable's active session history entry.
  1421. auto active_entry = navigable->active_session_history_entry();
  1422. // 3. Let newEntry be a new session history entry, with
  1423. // URL: newURL
  1424. // serialized state: if serializedData is not null, serializedData; otherwise activeEntry's classic history API state
  1425. // document state: activeEntry's document state
  1426. // scroll restoration mode: activeEntry's scroll restoration mode
  1427. // persisted user state: activeEntry's persisted user state
  1428. JS::NonnullGCPtr<SessionHistoryEntry> new_entry = document.heap().allocate_without_realm<SessionHistoryEntry>();
  1429. new_entry->url = new_url;
  1430. new_entry->document_state = active_entry->document_state;
  1431. new_entry->scroll_restoration_mode = active_entry->scroll_restoration_mode;
  1432. // 4. If document's is initial about:blank is true, then set historyHandling to "replace".
  1433. if (document.is_initial_about_blank()) {
  1434. history_handling = HistoryHandlingBehavior::Replace;
  1435. }
  1436. // 5. Let entryToReplace be activeEntry if historyHandling is "replace", otherwise null.
  1437. auto entry_to_replace = history_handling == HistoryHandlingBehavior::Replace ? active_entry : nullptr;
  1438. // 6. If historyHandling is "push", then:
  1439. if (history_handling == HistoryHandlingBehavior::Push) {
  1440. // FIXME: 1. Increment document's history object's index.
  1441. // FIXME: 2. Set document's history object's length to its index + 1.
  1442. TODO();
  1443. }
  1444. // FIXME: 7. If serializedData is not null, then restore the history object state given document and newEntry.
  1445. // 8. Set document's URL to newURL.
  1446. document.set_url(new_url);
  1447. // FIXME: 9. Set document's latest entry to newEntry.
  1448. // 10. Set navigable's active session history entry to newEntry.
  1449. navigable->set_active_session_history_entry(new_entry);
  1450. // FIXME: 11. Update the navigation API entries for a same-document navigation given document's relevant global object's navigation API, newEntry, and historyHandling.
  1451. // 12. Let traversable be navigable's traversable navigable.
  1452. auto traversable = navigable->traversable_navigable();
  1453. // 13. Append the following session history synchronous navigation steps involving navigable to traversable:
  1454. traversable->append_session_history_traversal_steps([traversable, navigable, new_entry, entry_to_replace] {
  1455. // 1. Finalize a same-document navigation given traversable, navigable, newEntry, and entryToReplace.
  1456. finalize_a_same_document_navigation(*traversable, *navigable, new_entry, entry_to_replace);
  1457. });
  1458. }
  1459. void Navigable::scroll_offset_did_change()
  1460. {
  1461. // https://w3c.github.io/csswg-drafts/cssom-view-1/#scrolling-events
  1462. // Whenever a viewport gets scrolled (whether in response to user interaction or by an API), the user agent must run these steps:
  1463. // 1. Let doc be the viewport’s associated Document.
  1464. auto doc = active_document();
  1465. VERIFY(doc);
  1466. // 2. If doc is already in doc’s pending scroll event targets, abort these steps.
  1467. for (auto& target : doc->pending_scroll_event_targets()) {
  1468. if (target.ptr() == doc)
  1469. return;
  1470. }
  1471. // 3. Append doc to doc’s pending scroll event targets.
  1472. doc->pending_scroll_event_targets().append(*doc);
  1473. }
  1474. CSSPixelRect Navigable::to_top_level_rect(CSSPixelRect const& a_rect)
  1475. {
  1476. auto rect = a_rect;
  1477. rect.set_location(to_top_level_position(a_rect.location()));
  1478. return rect;
  1479. }
  1480. CSSPixelPoint Navigable::to_top_level_position(CSSPixelPoint a_position)
  1481. {
  1482. auto position = a_position;
  1483. for (auto ancestor = parent(); ancestor; ancestor = ancestor->parent()) {
  1484. if (is<TraversableNavigable>(*ancestor))
  1485. break;
  1486. if (!ancestor->container())
  1487. return {};
  1488. if (!ancestor->container()->layout_node())
  1489. return {};
  1490. position.translate_by(ancestor->container()->layout_node()->box_type_agnostic_position());
  1491. }
  1492. return position;
  1493. }
  1494. void Navigable::set_viewport_rect(CSSPixelRect const& rect)
  1495. {
  1496. bool did_change = false;
  1497. if (m_size != rect.size()) {
  1498. m_size = rect.size();
  1499. if (auto document = active_document()) {
  1500. // NOTE: Resizing the viewport changes the reference value for viewport-relative CSS lengths.
  1501. document->invalidate_style();
  1502. document->set_needs_layout();
  1503. }
  1504. did_change = true;
  1505. }
  1506. if (m_viewport_scroll_offset != rect.location()) {
  1507. m_viewport_scroll_offset = rect.location();
  1508. scroll_offset_did_change();
  1509. did_change = true;
  1510. }
  1511. if (did_change && active_document()) {
  1512. active_document()->inform_all_viewport_clients_about_the_current_viewport_rect();
  1513. }
  1514. // Schedule the HTML event loop to ensure that a `resize` event gets fired.
  1515. HTML::main_thread_event_loop().schedule();
  1516. }
  1517. void Navigable::set_size(CSSPixelSize size)
  1518. {
  1519. if (m_size == size)
  1520. return;
  1521. m_size = size;
  1522. if (auto document = active_document()) {
  1523. document->invalidate_style();
  1524. document->set_needs_layout();
  1525. }
  1526. if (auto document = active_document()) {
  1527. document->inform_all_viewport_clients_about_the_current_viewport_rect();
  1528. }
  1529. // Schedule the HTML event loop to ensure that a `resize` event gets fired.
  1530. HTML::main_thread_event_loop().schedule();
  1531. }
  1532. void Navigable::set_needs_display()
  1533. {
  1534. set_needs_display(viewport_rect());
  1535. }
  1536. void Navigable::set_needs_display(CSSPixelRect const& rect)
  1537. {
  1538. if (!viewport_rect().intersects(rect))
  1539. return;
  1540. if (is<TraversableNavigable>(*this)) {
  1541. static_cast<TraversableNavigable*>(this)->page()->client().page_did_invalidate(to_top_level_rect(rect));
  1542. return;
  1543. }
  1544. if (container() && container()->layout_node())
  1545. container()->layout_node()->set_needs_display();
  1546. }
  1547. // https://html.spec.whatwg.org/#rendering-opportunity
  1548. bool Navigable::has_a_rendering_opportunity() const
  1549. {
  1550. // A navigable has a rendering opportunity if the user agent is currently able to present
  1551. // the contents of the navigable to the user,
  1552. // accounting for hardware refresh rate constraints and user agent throttling for performance reasons,
  1553. // but considering content presentable even if it's outside the viewport.
  1554. // A navigable has no rendering opportunities if its active document is render-blocked
  1555. // or if it is suppressed for view transitions;
  1556. // otherwise, rendering opportunities are determined based on hardware constraints
  1557. // such as display refresh rates and other factors such as page performance
  1558. // or whether the document's visibility state is "visible".
  1559. // Rendering opportunities typically occur at regular intervals.
  1560. // FIXME: We should at the very least say `false` here if we're an inactive browser tab.
  1561. return true;
  1562. }
  1563. // https://html.spec.whatwg.org/multipage/nav-history-apis.html#inform-the-navigation-api-about-aborting-navigation
  1564. void Navigable::inform_the_navigation_api_about_aborting_navigation()
  1565. {
  1566. // FIXME: 1. If this algorithm is running on navigable's active window's relevant agent's event loop, then continue on to the following steps.
  1567. // Otherwise, queue a global task on the navigation and traversal task source given navigable's active window to run the following steps.
  1568. queue_global_task(Task::Source::NavigationAndTraversal, *active_window(), [this] {
  1569. // 2. Let navigation be navigable's active window's navigation API.
  1570. auto navigation = active_window()->navigation();
  1571. // 3. If navigation's ongoing navigate event is null, then return.
  1572. if (navigation->ongoing_navigate_event() == nullptr)
  1573. return;
  1574. // 4. Abort the ongoing navigation given navigation.
  1575. navigation->abort_the_ongoing_navigation();
  1576. });
  1577. }
  1578. }