Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto merge of #15358 - asajeffrey:script-browsingcontext-xorigin-wind…
…ow, r=jdm Allow browsing contexts to resolve to cross-origin windows <!-- Please describe your changes on the following line: --> This PR implements cross-thread `WindowProxy` objects. At the moment, if a `Window` performs a non-similar-origin navigation, the old script thread does not update its `WindowProxy`, since the new `Window` is in the new script thread. With this PR, the `WindowProxy` is updated to a dummy `XOriginWindow` object, that only implements the whitelisted methods that are allowed to be called cross-origin. This PR does not include working implementations of some of the cross-origin `Window` or `Location` methods. This PR causes some cross-origin wpt tests to now pass, in particular `/html/browsers/origin/cross-origin-objects/cross-origin-objects.html ` now passes `Only whitelisted properties are accessible cross-origin`. There are some CORS failures in `fetch`, I suspect caused by the incorrect setting of `origin` in fetch requests. Although there are some functions that now throw `SecurityException`, it is not meant to be a complete implementation, which will have to wait for XOWs to land. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #15180. - [X] There are tests for these changes <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/15358) <!-- Reviewable:end -->
- Loading branch information
Showing
11 changed files
with
598 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
/* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this | ||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
use dom::bindings::codegen::Bindings::DissimilarOriginLocationBinding; | ||
use dom::bindings::codegen::Bindings::DissimilarOriginLocationBinding::DissimilarOriginLocationMethods; | ||
use dom::bindings::error::{Error, ErrorResult, Fallible}; | ||
use dom::bindings::js::{JS, Root}; | ||
use dom::bindings::reflector::Reflector; | ||
use dom::bindings::reflector::reflect_dom_object; | ||
use dom::bindings::str::DOMString; | ||
use dom::bindings::str::USVString; | ||
use dom::dissimilaroriginwindow::DissimilarOriginWindow; | ||
|
||
/// Represents a dissimilar-origin `Location` that exists in another script thread. | ||
/// | ||
/// Since the `Location` is in a different script thread, we cannot access it | ||
/// directly, but some of its accessors (for example setting `location.href`) | ||
/// still need to function. | ||
|
||
#[dom_struct] | ||
pub struct DissimilarOriginLocation { | ||
/// The reflector. Once we have XOWs, this will have a cross-origin | ||
/// wrapper placed around it. | ||
reflector: Reflector, | ||
|
||
/// The window associated with this location. | ||
window: JS<DissimilarOriginWindow>, | ||
} | ||
|
||
impl DissimilarOriginLocation { | ||
#[allow(unrooted_must_root)] | ||
fn new_inherited(window: &DissimilarOriginWindow) -> DissimilarOriginLocation { | ||
DissimilarOriginLocation { | ||
reflector: Reflector::new(), | ||
window: JS::from_ref(window), | ||
} | ||
} | ||
|
||
pub fn new(window: &DissimilarOriginWindow) -> Root<DissimilarOriginLocation> { | ||
reflect_dom_object(box DissimilarOriginLocation::new_inherited(window), | ||
window, | ||
DissimilarOriginLocationBinding::Wrap) | ||
} | ||
} | ||
|
||
impl DissimilarOriginLocationMethods for DissimilarOriginLocation { | ||
// https://html.spec.whatwg.org/multipage/#dom-location-href | ||
fn GetHref(&self) -> Fallible<USVString> { | ||
Err(Error::Security) | ||
} | ||
|
||
// https://html.spec.whatwg.org/multipage/#dom-location-href | ||
fn SetHref(&self, _: USVString) -> ErrorResult { | ||
// TODO: setting href on a cross-origin window should succeed? | ||
Err(Error::Security) | ||
} | ||
|
||
// https://html.spec.whatwg.org/multipage/#dom-location-assign | ||
fn Assign(&self, _: USVString) -> Fallible<()> { | ||
// TODO: setting href on a cross-origin window should succeed? | ||
Err(Error::Security) | ||
} | ||
|
||
// https://html.spec.whatwg.org/multipage/#dom-location-replace | ||
fn Replace(&self, _: USVString) -> Fallible<()> { | ||
// TODO: replacing href on a cross-origin window should succeed? | ||
Err(Error::Security) | ||
} | ||
|
||
// https://html.spec.whatwg.org/multipage/#dom-location-reload | ||
fn Reload(&self) -> Fallible<()> { | ||
Err(Error::Security) | ||
} | ||
|
||
// https://html.spec.whatwg.org/multipage/#dom-location-href | ||
fn Stringifier(&self) -> Fallible<DOMString> { | ||
Err(Error::Security) | ||
} | ||
} |
Oops, something went wrong.