This patch implements step 12 of the Main Fetch section of the Fetch API standard. It blocks the load of scripts with `text/csv`, `audio/*`, `video/*` and `image/*` mime types.
Credit for the logic of `should_block_mime_type` function should go to the author of #14770.
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14520
- [X] There are tests for these changes
Source-Repo: https://github.com/servo/servo
Source-Revision: 1071c3339fd858014382b4e9938584279555b5ec
--HG--
extra : subtree_source : https%3A//hg.mozilla.org/projects/converted-servo-linear
extra : subtree_revision : c033d8126b32e2b64be0d9f774f9e6ddbf6af6b9
See the individual commits.
Source-Repo: https://github.com/servo/servo
Source-Revision: 299f9446e6c8b289ac0c88b97614a272e7b2ca32
--HG--
extra : subtree_source : https%3A//hg.mozilla.org/projects/converted-servo-linear
extra : subtree_revision : 25f7511538891ebcbf8009bb7141067335396caf
~Continue the work done in #14811 and #15547~. And applies the Fetch [spec change](0d9a4db8bc) about [allowing redirects after CORS preflights](https://github.com/whatwg/fetch/issues/204).
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix ~#14787 and~ #14519
- [X] There are tests for these changes. Several WPTs go from FAIL to SUCCESS. The new expected FAILs for the cors/redirect-preflight.htm tests are caused by the spec change done [here](0d9a4db8bc), as suggested in the associated [issue](https://github.com/servo/servo/issues/14519#issuecomment-284384667).
Source-Repo: https://github.com/servo/servo
Source-Revision: c90d3d2f06c03d153b2be3ffa9a941cbfe8508cc
--HG--
extra : subtree_source : https%3A//hg.mozilla.org/projects/converted-servo-linear
extra : subtree_revision : 8a0dde32f10f530604eec26929466f886c6cd610
<!-- Please describe your changes on the following line: -->
Implemented [nosniff](https://fetch.spec.whatwg.org/#should-response-to-request-be-blocked-due-to-nosniff?) for [fetch algorithm](https://fetch.spec.whatwg.org).
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14521 (github issue number if applicable).
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 5662af9057557ee3db3b9766b0ef0d3fa11dcbb2
--HG--
extra : subtree_source : https%3A//hg.mozilla.org/projects/converted-servo-linear
extra : subtree_revision : cc453c05fe494adde2f868953c192b8d25cf5fc7
Implemented response validation part of https://w3c.github.io/webappsec-subresource-integrity/.
Implemented step eighteen of the main fetch. If a request has integrity metadata, then following steps are performed
1) Wait for response body
2) If the response does not have a termination reason and response does not match request’s integrity metadata, set response and internalResponse to a network error.
Dependency updated: html5ever-atoms from 0.1.2 to 0.1.3. This will not completely fix#14523, It will implement changes related to response validation. Request validation algorithm implementation needs CSP.
I did not update any WPT-Test. In my local system, I found some assertion issue dependent on the order of execution of test-case. It would be helpful if someone could do "try" build on these changes to get wpt results.
r? @jdm
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: f958dafcaeed643f1232a23f5c2d4f6ba141bfea
Implemented step nine of the main fetch. If current URL scheme is 'HTTP' and
current URL's host is domain and if current URL's host matched with Known
HSTS Host Domain Name Matching results in either a superdomain match with
an asserted includeSubDomains directive or a congruent match then we
change request scheme to 'https'. This change has been made in method.rs
A test case to validate this has been added in fetch.rs. For asserting
https scheme, a https localhost was required. For this purpose I have
created a self-signed certificate and refactored fetch-context and
connector.rs to programmatically trust this certificate for running this
test case.
This should fix https://github.com/servo/servo/issues/14363
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#14363
<!-- Either: -->
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: c7991d596f7453d09c2b2a98eecce72f182a4e24
<!-- Please describe your changes on the following line: -->
Add check for bad ports to http_fetch(), return NetworkError::Internal if bad port/schema combination is seen.
Test added
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#14514 (github issue number if applicable).
<!-- Either: -->
- [x] There are tests for these changes OR
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: de7d73adb0a51627e4aaa568787fe36c22029bd3
Checks for the Client value should reside in the script thread.
I also noted some other issues in this code.
Source-Repo: https://github.com/servo/servo
Source-Revision: 882d5512bb9aa7263864fb18d702c1efb6401914
<!-- Please describe your changes on the following line: -->
Still needs a bunch of code in net to be converted in order to get more
advantage of this for images and stuff, but meanwhile this should help quite a
bit with #13778.
Still wanted to get this in.
r? @SimonSapin
Source-Repo: https://github.com/servo/servo
Source-Revision: 22aebdf5d41a3509cd6515ccf5edcdf33715a76d
<!-- Please describe your changes on the following line: -->
Disallow an extraneous space in a function call between
the function name and the opening parenthesis in Rust
code, while ignoring macro declarations.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy --all` does not report any errors
- [x] `./mach test-tidy --self` does not report any errors
- [x] These changes fix#13980
<!-- Either: -->
- [x] There are tests for these changes, these are written in
- `python/tidy/servo_tidy_tests/rust_tidy.rs`
- `python/tidy/servo_tidy_tests/test_tidy.py`
- [ ] These changes do not require tests
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: ccefef5be43b6d174933196fd7552cbbfbdf53d6
In most scenarios, where the user of Servo will not override the default
user agent, the user agent can be a `&'static str`. But since we allow
for customization, we currently use a `String` to represent the user
agent. This commit migrates the user agent to be represented as a
`Cow<'static, str`, which (at the cost of ergonomics) prevents
unnecessary allocations whenever cloning the user agent string in the
scenario the user doesn't override the user agent.
Source-Repo: https://github.com/servo/servo
Source-Revision: 4dcd223e8370816f8d0a424d9e31492aa4755f47
<!-- Please describe your changes on the following line: -->
The spec removed it. Check the scheme instead, data is always same origin now,
except for workers.
Closes#13362
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix#13362 .
<!-- Either: -->
- [ ] There are tests for these changes OR
- [x] These changes do not require tests because they only remove code.
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: e494dedce5e5215d6d0953ab28668825234237dc
On playpen, similar code caused a deadlock on 1.11 stable, and worked fine
on nightly 1.13; it seems safer to avoid the pattern entirely.
Source-Repo: https://github.com/servo/servo
Source-Revision: 1d5a05d112fb7063fdcec603da2ddf0cecc0a8ac
Replace most uses of the word "referer" with "referrer", except for `hyper::header::Referer`. Also update the unit tests to compile & pass after those changes.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#13286
<!-- Either: -->
- [ ] There are tests for these changes OR
- [X] These changes do not require tests because they're only typo fixes.
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 8ccfffaa774a05fa12db09c872cc59c4bf070ab2
This pull request's primary purpose is to store basic auth credentials based on the url origin instead of the entire url. This fixes an issue where servo continuously prompts the user for credentials any time a basic auth secured resource is requested even though the user has already entered auth credentials for a different resource from the same origin.
The test associated with this PR hides image redirects behind a python handler that requires basic authentication. The reference page loads two images by directly specifying the image to load, while the test page loads the two images using the basic auth redirect handler with only the first image tag providing auth credentials.
I'd like to point a few specific items for review:
* url::Origin does not derive ```Hash```, so I am using ```ascii_serialization``` as the cache key. This seems like a stable enough representation.
* I've updated the http loader to store credentials not only on Success responses, but Redirect responses as well. I stumbled on this because nginx was redirecting 'test' -> 'test/' in my testing, and other browsers were storing the credentials on the redirect response vs. prompting for credentials a second time.
* In the test I'm using a timeout to load the second image (without authentication), otherwise the order that the images were loaded was unpredictable.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors related to these changes
- [x] These changes fix#12095 (github issue number if applicable).
<!-- Either: -->
- [x] There are tests for these changes OR
- [ ] These changes do not require tests because _____
Source-Repo: https://github.com/servo/servo
Source-Revision: e5b998791749819540c1c7a59d07058c8978978b
<!-- Please describe your changes on the following line: -->
This PR adds the [dom::Response](https://fetch.spec.whatwg.org/#response-class) implementation and addresses #11896.
The relevant passing tests` expectations have been updated.
In order to allow non-UTF-8-encoded status messages, `net_traits::response::Response`'s `raw_status` field has been changed from type [`Option<RawStatus>`](https://doc.servo.org/hyper/http/struct.RawStatus.html) to type `Option<(u16, Vec<u8>)>`. As a result, a few other files which rely on the `raw_status` field were affected and updated.
TODOs:
- The `body` and `trailer` methods. Relies on implementation of `ReadableStream` and `Promise`s.
- Similarly, replace the dummy constructor `_body: Option<USVString>` argument with `body: ResponseBodyInit`.
- Currently, whenever `r's response's header list` or `r's Headers object` are mentioned, I always modify the `headers_reflector` field (of type dom::Headers, or `r's Headers object`) and not the corresponding hyper::Headers list in the net_traits::Response field. A completely accurate interpretation of the spec might consider making both of these lists the same thing via a reference. [Discussion](https://github.com/whatwg/fetch/issues/358) was [had](https://github.com/servo/servo/pull/12884).
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [ ] These changes fix #__ (github issue number if applicable).
<!-- Either: -->
- [X] There are tests for these changes OR
- [ ] These changes do not require tests because _____
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 5a5a76cc5db830d2e622d4e0924837383b64dfa2
Solved wrong referrer policy in cors_preflight_fetch
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#13026
- [X] There are tests for these changes
Source-Repo: https://github.com/servo/servo
Source-Revision: f66382f75c80c7d8141c30348304600e5155b057
<!-- Please describe your changes on the following line: -->
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#13025
<!-- Either: -->
- [X] These changes do not require tests because stated in the issue
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: b399fcb54bf721b745f2313dabadc1f4363db6c9
<!-- Please describe your changes on the following line: -->
Added devtools support for fetch for XHR, but devtools can't show the request in the XHR tab. I've attached a picture of an XHR request in devtools.
<img width="694" alt="screenshot 2016-07-19 11 07 55" src="https://cloud.githubusercontent.com/assets/11877868/16944480/210b0e8a-4da1-11e6-8288-48005ede33f6.png">
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#11774 (github issue number if applicable).
<!-- Either: -->
- [ ] There are tests for these changes OR
- [X] These changes do not require tests because I don't know how to automate devtools testing for this
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: b5fe7db8b451f86777fb5c8d1f086319be8170c2
Adds a new `Option<ReferrerPolicy>` field to Document and sets it appropriately in `ScriptThread::load` if a Referrer-Policy header is present.
r? @jdm
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes fix#11860
- [X] There are tests for these changes
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: b382cc2103180f7dfd8df9c34970a95ed57a2d88
<!-- Please describe your changes on the following line: -->
Moves XHR over to the fetch backend.
Previous PR: https://github.com/servo/servo/pull/114
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [x] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors (Will fix later)
<!-- Either: -->
- [x] There are tests for these changes OR
- [ ] These changes do not require tests because _____
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 0c11e8340b26aa86faf9ea40aae253392b338ba3
<!-- Please describe your changes on the following line: -->
1. Advertise support for the network monitor in the initial protocol communication.
1. Only notify the developer tools server about the final request in an HTTP transaction.
1. Add timing information for connecting to the HTTP server and sending the HTTP request.
1. Reduce duplication between various networkEventUpdate structures by creating a helper function
that merges two JSON structures together. This also corrects the JSON structure so the devtools
client interprets the output correctly.
1. Calculate various header size fields correctly.
1. Remove unnecessary usize->u32 casts by making the appropriate fields usize.
1. Add header values to request and response header messages.
1. Support triggering page reloads via the devtools client.
I apologize that these aren't broken apart. I was making a lot of changes trying to figure out why the panel wasn't working right, and a lot of them were tangled together.
---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [X] `./mach test-tidy` does not report any errors
- [X] These changes do not require tests because there are no automated tests for the devtools server.
<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
Source-Repo: https://github.com/servo/servo
Source-Revision: 1bc94c132e6820293c2178bf95991518b1e8a677
