LibWeb: Add facilities to serialize EnvironmentSettingsObjects

This will be used to transfer information about the parent context to DedicatedWorkers and future out-of-process Worker/Worklet implementations for fetching purposes. In order to properly check same-origin and other policies, we need to know more about the outside settings than we were previously passing to the WebWorker process.
2025-10-31 16:12:44 +00:00 · 2024-03-05 09:29:14 -07:00 · 2024-03-05 09:29:14 -07:00 · 4d22358e05
commit 4d22358e05
parent c79bac70f4
11 changed files with 198 additions and 5 deletions
--- a/Meta/gn/secondary/Userland/Libraries/LibWeb/HTML/BUILD.gn
+++ b/Meta/gn/secondary/Userland/Libraries/LibWeb/HTML/BUILD.gn
@ -133,10 +133,12 @@ source_set("HTML") {
    "NavigatorBeacon.cpp",
    "NavigatorID.cpp",
    "Numbers.cpp",
+    "Origin.cpp",
    "PageTransitionEvent.cpp",
    "Path2D.cpp",
    "Plugin.cpp",
    "PluginArray.cpp",
+    "PolicyContainers.cpp",
    "PotentialCORSRequest.cpp",
    "PromiseRejectionEvent.cpp",
    "SelectItem.cpp",
--- a/Meta/gn/secondary/Userland/Libraries/LibWeb/HTML/Scripting/BUILD.gn
+++ b/Meta/gn/secondary/Userland/Libraries/LibWeb/HTML/Scripting/BUILD.gn
@ -9,6 +9,7 @@ source_set("Scripting") {
    "ModuleMap.cpp",
    "ModuleScript.cpp",
    "Script.cpp",
+    "SerializedEnvironmentSettingsObject.cpp",
    "TemporaryExecutionContext.cpp",
    "WindowEnvironmentSettingsObject.cpp",
    "WorkerEnvironmentSettingsObject.cpp",
--- a/Userland/Libraries/LibWeb/CMakeLists.txt
+++ b/Userland/Libraries/LibWeb/CMakeLists.txt
@ -366,7 +366,9 @@ set(SOURCES
    HTML/NavigatorBeacon.cpp
    HTML/NavigatorID.cpp
    HTML/Numbers.cpp
+    HTML/Origin.cpp
    HTML/PageTransitionEvent.cpp
+    HTML/PolicyContainers.cpp
    HTML/Parser/Entities.cpp
    HTML/Parser/HTMLEncodingDetection.cpp
    HTML/Parser/HTMLParser.cpp
@ -389,6 +391,7 @@ set(SOURCES
    HTML/Scripting/TemporaryExecutionContext.cpp
    HTML/Scripting/WindowEnvironmentSettingsObject.cpp
    HTML/Scripting/WorkerEnvironmentSettingsObject.cpp
+    HTML/Scripting/SerializedEnvironmentSettingsObject.cpp
    HTML/SelectedFile.cpp
    HTML/SelectItem.cpp
    HTML/SessionHistoryEntry.cpp
--- a/Userland/Libraries/LibWeb/HTML/Origin.cpp
+++ b/Userland/Libraries/LibWeb/HTML/Origin.cpp
@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2024, Andrew Kaster <akaster@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <LibIPC/Decoder.h>
+#include <LibIPC/Encoder.h>
+#include <LibWeb/HTML/Origin.h>
+
+namespace IPC {
+template<>
+ErrorOr<void> encode(Encoder& encoder, Web::HTML::Origin const& origin)
+{
+    TRY(encoder.encode<ByteString>(origin.scheme()));
+    TRY(encoder.encode(origin.host()));
+    TRY(encoder.encode(origin.port()));
+
+    return {};
+}
+
+template<>
+ErrorOr<Web::HTML::Origin> decode(Decoder& decoder)
+{
+    auto scheme = TRY(decoder.decode<ByteString>());
+    auto host = TRY(decoder.decode<URL::Host>());
+    u16 port = TRY(decoder.decode<u16>());
+
+    return Web::HTML::Origin { move(scheme), move(host), port };
+}
+
+}
--- a/Userland/Libraries/LibWeb/HTML/Origin.h
+++ b/Userland/Libraries/LibWeb/HTML/Origin.h
@ -10,6 +10,7 @@
 #include <AK/ByteString.h>
 #include <AK/URL.h>
 #include <AK/URLParser.h>
+#include <LibIPC/Forward.h>

 namespace Web::HTML {

@ -132,3 +133,11 @@ struct Traits<Web::HTML::Origin> : public DefaultTraits<Web::HTML::Origin> {
    }
 };
 } // namespace AK
+
+namespace IPC {
+template<>
+ErrorOr<void> encode(Encoder&, Web::HTML::Origin const&);
+
+template<>
+ErrorOr<Web::HTML::Origin> decode(Decoder&);
+}
--- a/Userland/Libraries/LibWeb/HTML/PolicyContainers.cpp
+++ b/Userland/Libraries/LibWeb/HTML/PolicyContainers.cpp
@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2024, Andrew Kaster <akaster@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <LibIPC/Decoder.h>
+#include <LibIPC/Encoder.h>
+#include <LibWeb/HTML/PolicyContainers.h>
+
+namespace IPC {
+
+template<>
+ErrorOr<void> encode(IPC::Encoder& encoder, Web::HTML::PolicyContainer const& policy_container)
+{
+    TRY(encode(encoder, policy_container.referrer_policy));
+
+    return {};
+}
+
+template<>
+ErrorOr<Web::HTML::PolicyContainer> decode(IPC::Decoder& decoder)
+{
+    auto referrer_policy = TRY(decoder.decode<Web::ReferrerPolicy::ReferrerPolicy>());
+
+    return Web::HTML::PolicyContainer { .referrer_policy = referrer_policy };
+}
+
+}
--- a/Userland/Libraries/LibWeb/HTML/PolicyContainers.h
+++ b/Userland/Libraries/LibWeb/HTML/PolicyContainers.h
@ -6,6 +6,7 @@

 #pragma once

+#include <LibIPC/Forward.h>
 #include <LibWeb/ReferrerPolicy/ReferrerPolicy.h>

 namespace Web::HTML {
@ -25,3 +26,11 @@ struct PolicyContainer {
 };

 }
+
+namespace IPC {
+template<>
+ErrorOr<void> encode(IPC::Encoder&, Web::HTML::PolicyContainer const&);
+
+template<>
+ErrorOr<Web::HTML::PolicyContainer> decode(IPC::Decoder&);
+}
--- a/Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp
+++ b/Userland/Libraries/LibWeb/HTML/Scripting/Environments.cpp
@ -489,4 +489,22 @@ bool is_non_secure_context(Environment const& environment)
    return !is_secure_context(environment);
 }

+SerializedEnvironmentSettingsObject EnvironmentSettingsObject::serialize()
+{
+    SerializedEnvironmentSettingsObject object;
+
+    object.id = this->id;
+    object.creation_url = this->creation_url;
+    object.top_level_creation_url = this->top_level_creation_url;
+    object.top_level_origin = this->top_level_origin;
+
+    object.api_url_character_encoding = api_url_character_encoding();
+    object.api_base_url = api_base_url();
+    object.origin = origin();
+    object.policy_container = policy_container();
+    object.cross_origin_isolated_capability = cross_origin_isolated_capability();
+
+    return object;
+}
+
 }
--- a/Userland/Libraries/LibWeb/HTML/Scripting/Environments.h
+++ b/Userland/Libraries/LibWeb/HTML/Scripting/Environments.h
@ -12,6 +12,7 @@
 #include <LibWeb/HTML/EventLoop/EventLoop.h>
 #include <LibWeb/HTML/Origin.h>
 #include <LibWeb/HTML/Scripting/ModuleMap.h>
+#include <LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.h>

 namespace Web::HTML {

@ -40,11 +41,6 @@ struct Environment {
    bool execution_ready { false };
 };

-enum class CanUseCrossOriginIsolatedAPIs {
-    No,
-    Yes,
-};
-
 enum class RunScriptDecision {
    Run,
    DoNotRun,
@ -115,6 +111,8 @@ struct EnvironmentSettingsObject

    void disallow_further_import_maps();

+    SerializedEnvironmentSettingsObject serialize();
+
 protected:
    explicit EnvironmentSettingsObject(NonnullOwnPtr<JS::ExecutionContext>);

--- a/Userland/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.cpp
+++ b/Userland/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.cpp
@ -0,0 +1,47 @@
+/*
+ * Copyright (c) 2024, Andrew Kaster <akaster@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <LibIPC/Decoder.h>
+#include <LibIPC/Encoder.h>
+#include <LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.h>
+
+namespace IPC {
+
+template<>
+ErrorOr<void> encode(Encoder& encoder, Web::HTML::SerializedEnvironmentSettingsObject const& object)
+{
+    TRY(encoder.encode(object.id));
+    TRY(encoder.encode(object.creation_url));
+    TRY(encoder.encode(object.top_level_creation_url));
+    TRY(encoder.encode(object.top_level_origin));
+    TRY(encoder.encode(object.api_url_character_encoding));
+    TRY(encoder.encode(object.api_base_url));
+    TRY(encoder.encode(object.origin));
+    TRY(encoder.encode(object.policy_container));
+    TRY(encoder.encode(object.cross_origin_isolated_capability));
+
+    return {};
+}
+
+template<>
+ErrorOr<Web::HTML::SerializedEnvironmentSettingsObject> decode(Decoder& decoder)
+{
+    Web::HTML::SerializedEnvironmentSettingsObject object {};
+
+    object.id = TRY(decoder.decode<String>());
+    object.creation_url = TRY(decoder.decode<URL>());
+    object.top_level_creation_url = TRY(decoder.decode<URL>());
+    object.top_level_origin = TRY(decoder.decode<Web::HTML::Origin>());
+    object.api_url_character_encoding = TRY(decoder.decode<String>());
+    object.api_base_url = TRY(decoder.decode<URL>());
+    object.origin = TRY(decoder.decode<Web::HTML::Origin>());
+    object.policy_container = TRY(decoder.decode<Web::HTML::PolicyContainer>());
+    object.cross_origin_isolated_capability = TRY(decoder.decode<Web::HTML::CanUseCrossOriginIsolatedAPIs>());
+
+    return object;
+}
+
+}
--- a/Userland/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.h
+++ b/Userland/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.h
@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2024, Andrew Kaster <akaster@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#include <AK/String.h>
+#include <AK/URL.h>
+#include <LibIPC/Forward.h>
+#include <LibWeb/HTML/Origin.h>
+#include <LibWeb/HTML/PolicyContainers.h>
+
+namespace Web::HTML {
+
+enum class CanUseCrossOriginIsolatedAPIs {
+    No,
+    Yes,
+};
+
+struct SerializedEnvironmentSettingsObject {
+    String id;
+    URL creation_url;
+    URL top_level_creation_url;
+    Origin top_level_origin;
+
+    String api_url_character_encoding;
+    URL api_base_url;
+    Origin origin;
+    PolicyContainer policy_container;
+    CanUseCrossOriginIsolatedAPIs cross_origin_isolated_capability;
+};
+
+}
+
+namespace IPC {
+
+template<>
+ErrorOr<void> encode(Encoder&, Web::HTML::SerializedEnvironmentSettingsObject const&);
+
+template<>
+ErrorOr<Web::HTML::SerializedEnvironmentSettingsObject> decode(Decoder&);
+
+}