diff --git a/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.cpp b/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.cpp
index 024b223550..21933a6710 100644
--- a/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.cpp
+++ b/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.cpp
@@ -13,6 +13,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -32,6 +33,11 @@ OnFetchScriptComplete create_on_fetch_script_complete(JS::Heap& heap, Function(JS::NonnullGCPtr, IsTopLevel, Fetch::Infrastructure::FetchAlgorithms::ProcessResponseConsumeBodyFunction)> function)
+{
+ return JS::create_heap_function(heap, move(function));
+}
+
ScriptFetchOptions default_classic_script_fetch_options()
{
// The default classic script fetch options are a script fetch options whose cryptographic nonce is the empty string,
@@ -335,6 +341,82 @@ WebIDL::ExceptionOr fetch_classic_script(JS::NonnullGCPtr fetch_classic_worker_script(AK::URL const& url, EnvironmentSettingsObject& fetch_client, Fetch::Infrastructure::Request::Destination destination, EnvironmentSettingsObject& settings_object, PerformTheFetchHook perform_fetch, OnFetchScriptComplete on_complete)
+{
+ auto& realm = settings_object.realm();
+ auto& vm = realm.vm();
+
+ // 1. Let request be a new request whose URL is url, client is fetchClient, destination is destination, initiator type is "other",
+ // mode is "same-origin", credentials mode is "same-origin", parser metadata is "not parser-inserted",
+ // and whose use-URL-credentials flag is set.
+ auto request = Fetch::Infrastructure::Request::create(vm);
+ request->set_url(url);
+ request->set_client(&fetch_client);
+ request->set_destination(destination);
+ request->set_initiator_type(Fetch::Infrastructure::Request::InitiatorType::Other);
+
+ // FIXME: Use proper SameOrigin CORS mode once Origins are set properly in WorkerHost processes
+ request->set_mode(Fetch::Infrastructure::Request::Mode::NoCORS);
+
+ request->set_credentials_mode(Fetch::Infrastructure::Request::CredentialsMode::SameOrigin);
+ request->set_parser_metadata(Fetch::Infrastructure::Request::ParserMetadata::NotParserInserted);
+ request->set_use_url_credentials(true);
+
+ auto process_response_consume_body = [&settings_object, on_complete = move(on_complete)](auto response, auto body_bytes) {
+ // 1. Set response to response's unsafe response.
+ response = response->unsafe_response();
+
+ // 2. If either of the following conditions are met:
+ // - bodyBytes is null or failure; or
+ // - response's status is not an ok status,
+ if (body_bytes.template has() || body_bytes.template has() || !Fetch::Infrastructure::is_ok_status(response->status())) {
+ // then run onComplete given null, and abort these steps.
+ on_complete->function()(nullptr);
+ return;
+ }
+
+ // 3. If all of the following are true:
+ // - response's URL's scheme is an HTTP(S) scheme; and
+ // - the result of extracting a MIME type from response's header list is not a JavaScript MIME type,
+ auto maybe_mime_type = MUST(response->header_list()->extract_mime_type());
+ if (response->url().has_value() && Fetch::Infrastructure::is_http_or_https_scheme(response->url()->scheme()) && (!maybe_mime_type.has_value() || maybe_mime_type->is_javascript())) {
+ dbgln("Invalid non-javascript mime type for worker script at {}", response->url().value());
+ // then run onComplete given null, and abort these steps.
+ on_complete->function()(nullptr);
+ return;
+ }
+ // NOTE: Other fetch schemes are exempted from MIME type checking for historical web-compatibility reasons.
+ // We might be able to tighten this in the future; see https://github.com/whatwg/html/issues/3255.
+
+ // 4. Let sourceText be the result of UTF-8 decoding bodyBytes.
+ auto decoder = TextCodec::decoder_for("UTF-8"sv);
+ VERIFY(decoder.has_value());
+ auto source_text = TextCodec::convert_input_to_utf8_using_given_decoder_unless_there_is_a_byte_order_mark(*decoder, body_bytes.template get()).release_value_but_fixme_should_propagate_errors();
+
+ // 5. Let script be the result of creating a classic script using sourceText, settingsObject,
+ // response's URL, and the default classic script fetch options.
+ auto response_url = response->url().value_or({});
+ auto script = ClassicScript::create(response_url.to_deprecated_string(), source_text, settings_object, response_url);
+
+ // 6. Run onComplete given script.
+ on_complete->function()(script);
+ };
+
+ // 2. If performFetch was given, run performFetch with request, true, and with processResponseConsumeBody as defined below.
+ if (perform_fetch != nullptr) {
+ TRY(perform_fetch->function()(request, IsTopLevel::Yes, move(process_response_consume_body)));
+ }
+
+ // Otherwise, fetch request with processResponseConsumeBody set to processResponseConsumeBody as defined below.
+ else {
+ Fetch::Infrastructure::FetchAlgorithms::Input fetch_algorithms_input {};
+ fetch_algorithms_input.process_response_consume_body = move(process_response_consume_body);
+ TRY(Fetch::Fetching::fetch(realm, request, Fetch::Infrastructure::FetchAlgorithms::create(vm, move(fetch_algorithms_input))));
+ }
+ return {};
+}
+
// https://html.spec.whatwg.org/multipage/webappapis.html#internal-module-script-graph-fetching-procedure
void fetch_internal_module_script_graph(JS::Realm& realm, JS::ModuleRequest const& module_request, EnvironmentSettingsObject& fetch_client_settings_object, Fetch::Infrastructure::Request::Destination destination, ScriptFetchOptions const& options, Script& referring_script, HashTable const& visited_set, OnFetchScriptComplete on_complete)
{
diff --git a/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.h b/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.h
index a662e95d15..41dc714cc0 100644
--- a/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.h
+++ b/Userland/Libraries/LibWeb/HTML/Scripting/Fetching.h
@@ -6,6 +6,7 @@
#pragma once
+#include
#include
#include
#include
@@ -15,9 +16,16 @@
namespace Web::HTML {
+enum class IsTopLevel {
+ No,
+ Yes,
+};
+
using OnFetchScriptComplete = JS::NonnullGCPtr)>>;
+using PerformTheFetchHook = JS::GCPtr(JS::NonnullGCPtr, IsTopLevel, Fetch::Infrastructure::FetchAlgorithms::ProcessResponseConsumeBodyFunction)>>;
OnFetchScriptComplete create_on_fetch_script_complete(JS::Heap& heap, Function)> function);
+PerformTheFetchHook create_perform_the_fetch_hook(JS::Heap& heap, Function(JS::NonnullGCPtr, IsTopLevel, Fetch::Infrastructure::FetchAlgorithms::ProcessResponseConsumeBodyFunction)> function);
// https://html.spec.whatwg.org/multipage/webappapis.html#script-fetch-options
struct ScriptFetchOptions {
@@ -67,6 +75,7 @@ WebIDL::ExceptionOr> resolve_imports_match(DeprecatedString co
Optional resolve_url_like_module_specifier(DeprecatedString const& specifier, AK::URL const& base_url);
WebIDL::ExceptionOr fetch_classic_script(JS::NonnullGCPtr, AK::URL const&, EnvironmentSettingsObject& settings_object, ScriptFetchOptions options, CORSSettingAttribute cors_setting, String character_encoding, OnFetchScriptComplete on_complete);
+WebIDL::ExceptionOr fetch_classic_worker_script(AK::URL const&, EnvironmentSettingsObject& fetch_client, Fetch::Infrastructure::Request::Destination, EnvironmentSettingsObject& settings_object, PerformTheFetchHook, OnFetchScriptComplete);
void fetch_internal_module_script_graph(JS::Realm&, JS::ModuleRequest const& module_request, EnvironmentSettingsObject& fetch_client_settings_object, Fetch::Infrastructure::Request::Destination, ScriptFetchOptions const&, Script& referring_script, HashTable const& visited_set, OnFetchScriptComplete on_complete);
void fetch_external_module_script_graph(JS::Realm&, AK::URL const&, EnvironmentSettingsObject& settings_object, ScriptFetchOptions const&, OnFetchScriptComplete on_complete);
void fetch_inline_module_script_graph(JS::Realm&, DeprecatedString const& filename, DeprecatedString const& source_text, AK::URL const& base_url, EnvironmentSettingsObject& settings_object, OnFetchScriptComplete on_complete);