LibWeb: Bring browsing context creation closer to spec

This patch implements the "create a new browsing context" function from
the HTML spec and replaces our existing logic with it.

The big difference is that browsing contexts now initially navigate to
"about:blank" instead of starting out in a strange "empty" state.
This makes it possible for websites to create a new iframe and start
scripting inside it right away, without having to load an URL into it.

Userland/Libraries/LibWeb/DOM/Document.cpp

@@ -659,7 +659,6 @@ void Document::set_title(String const& title)
 void Document::attach_to_browsing_context(Badge<HTML::BrowsingContext>, HTML::BrowsingContext& browsing_context)
 {
     m_browsing_context = browsing_context;
-    update_layout();
 }
 
 void Document::detach_from_browsing_context(Badge<HTML::BrowsingContext>, HTML::BrowsingContext& browsing_context)
@@ -1833,4 +1832,9 @@ void Document::check_favicon_after_loading_link_resource()
     dbgln_if(SPAM_DEBUG, "No favicon found to be used");
 }
 
+void Document::set_window(Badge<HTML::BrowsingContext>, HTML::Window& window)
+{
+    m_window = window;
+}
+
 }

Userland/Libraries/LibWeb/DOM/Document.h

@@ -25,6 +25,7 @@
 #include <LibWeb/DOM/ExceptionOr.h>
 #include <LibWeb/DOM/NonElementParentNode.h>
 #include <LibWeb/DOM/ParentNode.h>
+#include <LibWeb/HTML/CrossOrigin/CrossOriginOpenerPolicy.h>
 #include <LibWeb/HTML/DocumentReadyState.h>
 #include <LibWeb/HTML/HTMLScriptElement.h>
 #include <LibWeb/HTML/History.h>
@@ -82,6 +83,9 @@ public:
     HTML::Origin origin() const;
     void set_origin(HTML::Origin const& origin);
 
+    HTML::CrossOriginOpenerPolicy const& cross_origin_opener_policy() const { return m_cross_origin_opener_policy; }
+    void set_cross_origin_opener_policy(HTML::CrossOriginOpenerPolicy policy) { m_cross_origin_opener_policy = move(policy); }
+
     AK::URL parse_url(String const&) const;
 
     CSS::StyleComputer& style_computer() { return *m_style_computer; }
@@ -263,6 +267,8 @@ public:
     HTML::Window& window() { return *m_window; }
     HTML::Window const& window() const { return *m_window; }
 
+    void set_window(Badge<HTML::BrowsingContext>, HTML::Window&);
+
     ExceptionOr<void> write(Vector<String> const& strings);
     ExceptionOr<void> writeln(Vector<String> const& strings);
 
@@ -484,6 +490,9 @@ private:
     // https://html.spec.whatwg.org/multipage/dom.html#is-initial-about:blank
     bool m_is_initial_about_blank { false };
 
+    // https://html.spec.whatwg.org/multipage/dom.html#concept-document-coop
+    HTML::CrossOriginOpenerPolicy m_cross_origin_opener_policy;
+
     // https://html.spec.whatwg.org/multipage/dom.html#the-document's-referrer
     String m_referrer { "" };
 

Userland/Libraries/LibWeb/HTML/BrowsingContext.cpp

@@ -4,13 +4,18 @@
  * SPDX-License-Identifier: BSD-2-Clause
  */
 
+#include <LibWeb/Bindings/MainThreadVM.h>
+#include <LibWeb/Bindings/Wrapper.h>
 #include <LibWeb/DOM/Document.h>
 #include <LibWeb/DOM/HTMLCollection.h>
 #include <LibWeb/HTML/BrowsingContext.h>
 #include <LibWeb/HTML/BrowsingContextContainer.h>
+#include <LibWeb/HTML/CrossOrigin/CrossOriginOpenerPolicy.h>
 #include <LibWeb/HTML/EventLoop/EventLoop.h>
 #include <LibWeb/HTML/HTMLAnchorElement.h>
 #include <LibWeb/HTML/HTMLInputElement.h>
+#include <LibWeb/HTML/SandboxingFlagSet.h>
+#include <LibWeb/HTML/Scripting/WindowEnvironmentSettingsObject.h>
 #include <LibWeb/HTML/Window.h>
 #include <LibWeb/Layout/BreakNode.h>
 #include <LibWeb/Layout/InitialContainingBlock.h>
@@ -19,6 +24,207 @@
 
 namespace Web::HTML {
 
+// https://html.spec.whatwg.org/multipage/urls-and-fetching.html#matches-about:blank
+static bool url_matches_about_blank(AK::URL const& url)
+{
+    // A URL matches about:blank if its scheme is "about", its path contains a single string "blank", its username and password are the empty string, and its host is null.
+    return url.scheme() == "about"sv
+        && url.path() == "blank"sv
+        && url.username().is_empty()
+        && url.password().is_empty()
+        && url.host().is_null();
+}
+
+// https://url.spec.whatwg.org/#concept-url-origin
+static HTML::Origin url_origin(AK::URL const& url)
+{
+    // FIXME: Move this whole function somewhere better.
+
+    if (url.scheme() == "blob"sv) {
+        // FIXME: Implement
+        return HTML::Origin {};
+    }
+
+    if (url.scheme().is_one_of("ftp"sv, "http"sv, "https"sv, "ws"sv, "wss"sv)) {
+        // Return the tuple origin (url’s scheme, url’s host, url’s port, null).
+        return HTML::Origin(url.scheme(), url.host(), url.port().value_or(0));
+    }
+
+    if (url.scheme() == "file"sv) {
+        // Unfortunate as it is, this is left as an exercise to the reader. When in doubt, return a new opaque origin.
+        return HTML::Origin {};
+    }
+
+    return HTML::Origin {};
+}
+
+// https://html.spec.whatwg.org/multipage/browsers.html#determining-the-origin
+static HTML::Origin determine_the_origin(BrowsingContext const& browsing_context, Optional<AK::URL> url, SandboxingFlagSet sandbox_flags, Optional<HTML::Origin> invocation_origin)
+{
+    // 1. If sandboxFlags has its sandboxed origin browsing context flag set, then return a new opaque origin.
+    if (sandbox_flags.flags & SandboxingFlagSet::SandboxedOrigin) {
+        return HTML::Origin {};
+    }
+
+    // 2. If url is null, then return a new opaque origin.
+    if (!url.has_value()) {
+        return HTML::Origin {};
+    }
+
+    // 3. If invocationOrigin is non-null and url matches about:blank, then return invocationOrigin.
+    if (invocation_origin.has_value() && url_matches_about_blank(*url)) {
+        return invocation_origin.value();
+    }
+
+    // 4. If url is about:srcdoc, then return the origin of browsingContext's container document.
+    if (url == AK::URL("about:srcdoc")) {
+        VERIFY(browsing_context.container_document());
+        return browsing_context.container_document()->origin();
+    }
+
+    // 5. Return url's origin.
+    return url_origin(*url);
+}
+
+// https://html.spec.whatwg.org/multipage/browsers.html#creating-a-new-browsing-context
+NonnullRefPtr<BrowsingContext> BrowsingContext::create_a_new_browsing_context(Page& page, RefPtr<DOM::Document> creator, RefPtr<DOM::Element> embedder)
+{
+    // 1. Let browsingContext be a new browsing context.
+    BrowsingContextContainer* container = (embedder && is<BrowsingContextContainer>(*embedder)) ? static_cast<BrowsingContextContainer*>(embedder.ptr()) : nullptr;
+    auto browsing_context = adopt_ref(*new BrowsingContext(page, container));
+
+    // 2. Let unsafeContextCreationTime be the unsafe shared current time.
+    [[maybe_unused]] auto unsafe_context_creation_time = HTML::main_thread_event_loop().unsafe_shared_current_time();
+
+    // 3. If creator is non-null, then set browsingContext's creator origin to return creator's origin,
+    //    browsingContext's creator URL to return creator's URL,
+    //    browsingContext's creator base URL to return creator's base URL,
+    //    FIXME: and browsingContext's virtual browsing context group ID to creator's top-level browsing context's virtual browsing context group ID.
+    if (creator) {
+        browsing_context->m_creator_origin = creator->origin();
+        browsing_context->m_creator_url = creator->url();
+        browsing_context->m_creator_base_url = creator->base_url();
+    }
+
+    // FIXME: 4. Let sandboxFlags be the result of determining the creation sandboxing flags given browsingContext and embedded.
+    SandboxingFlagSet sandbox_flags;
+
+    // 5. Let origin be the result of determining the origin given browsingContext, about:blank, sandboxFlags, and browsingContext's creator origin.
+    auto origin = determine_the_origin(browsing_context, AK::URL("about:blank"), sandbox_flags, browsing_context->m_creator_origin);
+
+    // FIXME: 6. Let permissionsPolicy be the result of creating a permissions policy given browsingContext and origin. [PERMISSIONSPOLICY]
+
+    // FIXME: 7. Let agent be the result of obtaining a similar-origin window agent given origin, group, and false.
+
+    RefPtr<Window> window;
+
+    // 8. Let realm execution context be the result of creating a new JavaScript realm given agent and the following customizations:
+    auto realm_execution_context = Bindings::create_a_new_javascript_realm(
+        Bindings::main_thread_vm(),
+        [&](JS::Realm& realm) -> JS::Value {
+            // - For the global object, create a new Window object.
+            window = HTML::Window::create();
+            auto* global_object = realm.heap().allocate_without_global_object<Bindings::WindowObject>(realm, *window);
+            VERIFY(window->wrapper() == global_object);
+            return global_object;
+        },
+        [](JS::Realm&) -> JS::Value {
+            // FIXME: - For the global this binding, use browsingContext's WindowProxy object.
+            return JS::js_undefined();
+        });
+
+    // 9. Let topLevelCreationURL be about:blank if embedder is null; otherwise embedder's relevant settings object's top-level creation URL.
+    auto top_level_creation_url = !embedder ? AK::URL("about:blank") : relevant_settings_object(*embedder).top_level_creation_url;
+
+    // 10. Let topLevelOrigin be origin if embedder is null; otherwise embedder's relevant settings object's top-level origin.
+    auto top_level_origin = !embedder ? origin : relevant_settings_object(*embedder).origin();
+
+    // 11. Set up a window environment settings object with about:blank, realm execution context, null, topLevelCreationURL, and topLevelOrigin.
+    HTML::WindowEnvironmentSettingsObject::setup(
+        AK::URL("about:blank"),
+        move(realm_execution_context),
+        {},
+        top_level_creation_url,
+        top_level_origin);
+
+    // FIXME: 12. Let loadTimingInfo be a new document load timing info with its navigation start time set to the result of calling
+    //            coarsen time with unsafeContextCreationTime and the new environment settings object's cross-origin isolated capability.
+
+    // 13. Let coop be a new cross-origin opener policy.
+    auto coop = CrossOriginOpenerPolicy {};
+
+    // 14. If creator is non-null and creator's origin is same origin with creator's relevant settings object's top-level origin,
+    //     then set coop to creator's browsing context's top-level browsing context's active document's cross-origin opener policy.
+    if (creator && creator->origin().is_same_origin(relevant_settings_object(*creator).top_level_origin)) {
+        VERIFY(creator->browsing_context());
+        auto* top_level_document = creator->browsing_context()->top_level_browsing_context().active_document();
+        VERIFY(top_level_document);
+        coop = top_level_document->cross_origin_opener_policy();
+    }
+
+    // 15. Let document be a new Document, marked as an HTML document in quirks mode,
+    //     whose content type is "text/html",
+    //     origin is origin,
+    //     FIXME: active sandboxing flag set is sandboxFlags,
+    //     FIXME: permissions policy is permissionsPolicy,
+    //     cross-origin opener policy is coop,
+    //     FIXME: load timing info is loadTimingInfo,
+    //     FIXME: navigation id is null,
+    //     and which is ready for post-load tasks.
+    auto document = DOM::Document::create();
+
+    // Non-standard
+    document->set_window({}, *window);
+    window->set_associated_document(*document);
+
+    document->set_quirks_mode(DOM::QuirksMode::Yes);
+    document->set_content_type("text/html");
+    document->set_origin(origin);
+    document->set_url(AK::URL("about:blank"));
+    document->set_cross_origin_opener_policy(coop);
+    document->set_ready_for_post_load_tasks(true);
+
+    // FIXME: 16. Assert: document's URL and document's relevant settings object's creation URL are about:blank.
+
+    // 17. Set document's is initial about:blank to true.
+    document->set_is_initial_about_blank(true);
+
+    // 18. Ensure that document has a single child html node, which itself has two empty child nodes: a head element, and a body element.
+    auto html_node = document->create_element(HTML::TagNames::html).release_value();
+    html_node->append_child(document->create_element(HTML::TagNames::head).release_value());
+    html_node->append_child(document->create_element(HTML::TagNames::body).release_value());
+    document->append_child(html_node);
+
+    // 19. Set the active document of browsingContext to document.
+    browsing_context->m_active_document = document;
+
+    // 20. If browsingContext's creator URL is non-null, then set document's referrer to the serialization of it.
+    if (browsing_context->m_creator_url.has_value()) {
+        document->set_referrer(browsing_context->m_creator_url->serialize());
+    }
+
+    // FIXME: 21. If creator is non-null, then set document's policy container to a clone of creator's policy container.
+
+    // 22. Append a new session history entry to browsingContext's session history whose URL is about:blank and document is document.
+    browsing_context->m_session_history.append(HTML::SessionHistoryEntry {
+        .url = AK::URL("about:blank"),
+        .document = document,
+        .serialized_state = {},
+        .policy_container = {},
+        .scroll_restoration_mode = {},
+        .browsing_context_name = {},
+    });
+
+    // Non-standard:
+    document->attach_to_browsing_context({}, browsing_context);
+
+    // 23. Completely finish loading document.
+    document->completely_finish_loading();
+
+    // 24. Return browsingContext.
+    return browsing_context;
+}
+
 BrowsingContext::BrowsingContext(Page& page, HTML::BrowsingContextContainer* container)
     : m_page(page)
     , m_loader(*this)

Userland/Libraries/LibWeb/HTML/BrowsingContext.h

@@ -16,6 +16,7 @@
 #include <LibGfx/Size.h>
 #include <LibWeb/DOM/Position.h>
 #include <LibWeb/HTML/BrowsingContextContainer.h>
+#include <LibWeb/HTML/Origin.h>
 #include <LibWeb/HTML/SessionHistoryEntry.h>
 #include <LibWeb/Loader/FrameLoader.h>
 #include <LibWeb/Page/EventHandler.h>
@@ -25,8 +26,8 @@ namespace Web::HTML {
 
 class BrowsingContext : public TreeNode<BrowsingContext> {
 public:
-    static NonnullRefPtr<BrowsingContext> create_nested(Page& page, HTML::BrowsingContextContainer& container) { return adopt_ref(*new BrowsingContext(page, &container)); }
-    static NonnullRefPtr<BrowsingContext> create(Page& page) { return adopt_ref(*new BrowsingContext(page, nullptr)); }
+    static NonnullRefPtr<BrowsingContext> create_a_new_browsing_context(Page&, RefPtr<DOM::Document> creator, RefPtr<DOM::Element> embedder);
+
     ~BrowsingContext();
 
     class ViewportClient {
@@ -132,6 +133,15 @@ private:
     // https://html.spec.whatwg.org/multipage/history.html#session-history
     Vector<SessionHistoryEntry> m_session_history;
 
+    // https://html.spec.whatwg.org/multipage/browsers.html#creator-url
+    Optional<AK::URL> m_creator_url;
+
+    // https://html.spec.whatwg.org/multipage/browsers.html#creator-base-url
+    Optional<AK::URL> m_creator_base_url;
+
+    // https://html.spec.whatwg.org/multipage/browsers.html#creator-origin
+    Optional<HTML::Origin> m_creator_origin;
+
     WeakPtr<HTML::BrowsingContextContainer> m_container;
     RefPtr<DOM::Document> m_active_document;
     Gfx::IntSize m_size;

Userland/Libraries/LibWeb/HTML/BrowsingContextContainer.cpp

@@ -34,7 +34,7 @@ void BrowsingContextContainer::create_new_nested_browsing_context()
 
     // 2. Let browsingContext be the result of creating a new browsing context with element's node document, element, and group.
     // 3. Set element's nested browsing context to browsingContext.
-    m_nested_browsing_context = BrowsingContext::create_nested(*group->page(), *this);
+    m_nested_browsing_context = BrowsingContext::create_a_new_browsing_context(*group->page(), document(), *this);
     group->append_child(*m_nested_browsing_context);
     m_nested_browsing_context->set_frame_nesting_levels(group->frame_nesting_levels());
     m_nested_browsing_context->register_frame_nesting(document().url());

Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp

@@ -334,6 +334,12 @@ EnvironmentSettingsObject& relevant_settings_object(JS::Object const& object)
     return verify_cast<EnvironmentSettingsObject>(*relevant_realm(object).host_defined());
 }
 
+EnvironmentSettingsObject& relevant_settings_object(DOM::Node const& node)
+{
+    // Then, the relevant settings object for a platform object o is the environment settings object of the relevant Realm for o.
+    return const_cast<DOM::Document&>(node.document()).relevant_settings_object();
+}
+
 // https://html.spec.whatwg.org/multipage/webappapis.html#concept-relevant-global
 JS::GlobalObject& relevant_global_object(JS::Object const& object)
 {

Userland/Libraries/LibWeb/HTML/Scripting/Environments.h

@@ -126,6 +126,7 @@ EnvironmentSettingsObject& current_settings_object();
 JS::GlobalObject& current_global_object();
 JS::Realm& relevant_realm(JS::Object const&);
 EnvironmentSettingsObject& relevant_settings_object(JS::Object const&);
+EnvironmentSettingsObject& relevant_settings_object(DOM::Node const&);
 JS::GlobalObject& relevant_global_object(JS::Object const&);
 
 }

Userland/Libraries/LibWeb/Page/Page.cpp

@@ -4,6 +4,7 @@
  * SPDX-License-Identifier: BSD-2-Clause
  */
 
+#include <LibWeb/DOM/Document.h>
 #include <LibWeb/HTML/BrowsingContext.h>
 #include <LibWeb/Page/Page.h>
 
@@ -12,7 +13,7 @@ namespace Web {
 Page::Page(PageClient& client)
     : m_client(client)
 {
-    m_top_level_browsing_context = HTML::BrowsingContext::create(*this);
+    m_top_level_browsing_context = HTML::BrowsingContext::create_a_new_browsing_context(*this, nullptr, nullptr);
 }
 
 Page::~Page() = default;