1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-24 06:32:31 +00:00
Commit graph

77 commits

Author SHA1 Message Date
Timothy Flynn
88814acbd3 LibJS+Everywhere: Convert JS::Error to String
This includes an Error::create overload to create an Error from a UTF-8
StringView. If creating a String from that view fails, the factory will
return an OOM InternalError instead. VM::throw_completion can also make
use of this overload via its perfect forwarding.
2023-02-17 09:14:23 -05:00
networkException
f1dd4f42bc LibWeb: Clarify WebIDL::Promise as an alias for JS::PromiseCapability
This patch adds the WebIDL::Promise type explicitly defined in the
WebIDL spec to be a PromiseCapability Record from ecma262.
2023-02-13 12:11:32 +00:00
Linus Groh
ee68eba0ac LibWeb: Implement Headers.getSetCookie()
This is a normative change in the Fetch spec.
See: e4d3480

This also implements the changes to the 'sort and combine' algorithm,
which now treats "set-cookie" headers differently, and is exposed to JS
via the Headers' iterator.

Passes all 21 WPT tests :^)
http://wpt.live/fetch/api/headers/header-setcookie.any.html
2023-02-11 13:14:26 +00:00
Linus Groh
6bce48e99b LibWeb: Fix UAF in convert_header_names_to_a_sorted_lowercase_set()
We can't keep a span (ReadonlyBytes) to a move()'d ByteBuffer
in the header_names_seen HashTable - copy the original name span instead
which works the same thanks to CaseInsensitiveBytesTraits.

This would sporadically fail the contains() check due to garbage data,
later leading to a VERIFY() crash in the OrderedHashTable append loop.
2023-02-11 13:14:26 +00:00
Luke Wilde
237df9df5c LibWeb: Make extract_header_list_values differentiate parsing failures
Previously, parsing failures and the header not existing made
extract_header_list_values return an empty Optional, making it
impossible to differentiate between the two.

Required for implementing CORS-preflight, where parsing failures for
the headers makes it fail, but not having them doesn't make it fail in
all cases.
2023-02-10 22:18:19 +00:00
Timothy Flynn
7955cb14fb LibWeb: Add missing GCPtr.h includes to Fetch headers
These are missing in most Fetch headers, and clangd is (rightfully) very
loud about it on a few of these.
2023-02-10 13:53:45 +00:00
Timothy Flynn
b75b7f0c0d LibJS+Everywhere: Propagate Cell::initialize errors from Heap::allocate
Callers that are already in a fallible context will now TRY to allocate
cells. Callers in infallible contexts get a FIXME.
2023-01-29 00:02:45 +00:00
Linus Groh
6e7459322d AK: Remove StringBuilder::build() in favor of to_deprecated_string()
Having an alias function that only wraps another one is silly, and
keeping the more obvious name should flush out more uses of deprecated
strings.
No behavior change.
2023-01-27 20:38:49 +00:00
Timothy Flynn
d8044c5358 LibJS+LibWeb: Move the macro to convert ENOMEM to an exception to LibJS
Move the macro to LibJS and change it to return a throw completion
instead of a WebIDL exception. This will let us use this macro within
LibJS to handle OOM conditions.
2023-01-08 12:13:15 +01:00
Linus Groh
22089436ed LibJS: Convert Heap::allocate{,_without_realm}() to NonnullGCPtr 2022-12-15 06:56:37 -05:00
Linus Groh
2f1bda3347 LibWeb/Fetch: Tweak wording in some spec comments
This is a change in the Fetch spec.

See: 223ca89
2022-12-08 15:37:19 +00:00
Linus Groh
a156722744 LibWeb/Fetch: Update spec comment to decode bytes to string
This is a change in the Fetch spec.

See: a04d096
2022-12-08 15:37:19 +00:00
Linus Groh
1c9bb2d8b4 LibWeb/Fetch: Refactor forbidden request-headers
This is a change in the Fetch spec.

See:
- 92e6c91
- 494431a
2022-12-08 15:37:19 +00:00
Linus Groh
011f6a6cb4 LibWeb/Fetch: Use tuple syntax for headers in spec comments
This is an editorial change in the Fetch spec.

See: b482186
2022-12-08 15:37:19 +00:00
Linus Groh
525f22d018 LibJS: Replace standalone js_string() with PrimitiveString::create()
Note that js_rope_string() has been folded into this, the old name was
misleading - it would not always create a rope string, only if both
sides are not empty strings. Use a three-argument create() overload
instead.
2022-12-07 16:43:06 +00:00
Linus Groh
6e19ab2bbc AK+Everywhere: Rename String to DeprecatedString
We have a new, improved string type coming up in AK (OOM aware, no null
state), and while it's going to use UTF-8, the name UTF8String is a
mouthful - so let's free up the String name by renaming the existing
class.
Making the old one have an annoying name will hopefully also help with
quick adoption :^)
2022-12-06 08:54:33 +01:00
Andreas Kling
b81816a539 LibJS+LibWeb: Make CyclicModule.h not include AST.h
This led to some fallout as many things in LibJS and LibWeb were pulling
in other things via CyclicModule.h
2022-11-23 16:05:59 +00:00
Linus Groh
216f68c566 LibWeb: Register PendingResponse with a Request to keep it alive
This was an oversight from when I converted PendingResponse and various
other classes from being ref-counted to GC-allocated last minute - no
one takes care to keep all of them alive. Some are on the stack, and
some might be captured in another PendingResponse's JS::SafeFunction,
but ultimately, we need a better solution.
Since a PendingResponse is *always* the result of someone having created
a Request, let's just let that keep a list of each PendingResponse that
has been created for it, and visit them until they are resolved. After
that, they can be GC'd with no complaints.
2022-11-01 20:14:12 +00:00
Linus Groh
a1de15498d LibWeb: Use proper origins in Request::has_redirect_tainted_origin()
URL::url_origin() is a globally available function now, so let's use it!
2022-10-31 18:04:11 +00:00
Linus Groh
c8d121fa32 LibWeb: Implement most of the 'Fetching' AOs
This implements the following operations from section 4 of the Fetch
spec (https://fetch.spec.whatwg.org/#fetching):

- Fetch
- Main fetch
- Fetch response handover
- Scheme fetch
- HTTP fetch
- HTTP-redirect fetch
- HTTP-network-or-cache fetch (without caching)

It does *not* implement:

- HTTP-network fetch
- CORS-preflight fetch

Instead, we let ResourceLoader handle the actual networking for now,
which isn't ideal, but certainly enough to get enough functionality up
and running for most websites to not complain.
2022-10-30 20:10:29 +00:00
Linus Groh
32e0f0aec8 LibWeb: Require error message for Response::network_error()
There will be a lot of different cases where we'll return an error
response, and having a customized Promise rejection message seems quite
useful.

Note that this has to be distinct from the existing 'status message',
which is required to be empty in those cases.
2022-10-30 20:10:29 +00:00
Linus Groh
caa13bf41d LibWeb: Fix URL parsing in Response::location_url()
We need to use URLParser in order to provide a base URL. This makes it
work for the common case of `Location: /some/path`.
2022-10-30 20:10:29 +00:00
Linus Groh
fd042dce55 LibWeb: Actually extract Location header in Response::location_url() 2022-10-30 20:10:29 +00:00
Linus Groh
455aa34011 LibWeb: Partially implement 'Extract header (list) values' AOs
The header-specific ABNF rules are completely ignored for now, but we
can at least extract a single header value, which at least works for
simple cases like `Location`-based redirects.
2022-10-30 20:10:29 +00:00
Linus Groh
6deb5ce9b5 LibWeb: Implement 'Default User-Agent value' AO 2022-10-30 20:10:29 +00:00
Linus Groh
5ee9feb9cf LibWeb: Implement 'Append a request Origin header' AO 2022-10-30 20:10:29 +00:00
Linus Groh
c93e6ea0d9 LibWeb: Implement 'Appropriate network error' AO 2022-10-30 20:10:29 +00:00
Linus Groh
cc6eaafe6b LibWeb: Implement 'Byte sequence as body' AO 2022-10-30 20:10:29 +00:00
Linus Groh
55315d72f7 LibWeb: Explain the use-URL-credentials flag
This is a change in the Fetch spec.

See: a388348
2022-10-30 14:51:58 +00:00
Linus Groh
d2deb8fa6d LibWeb: Add has-cross-origin-redirects flag to Fetch::Infra::Response
This is a change in the Fetch spec.

See: 7c30987
2022-10-30 14:51:58 +00:00
Linus Groh
b1968b8bed LibWeb: Make Fetch::Infrastructure::{Request,Response,HeaderList} GC'd
This is the way.

On a more serious note, there's no reason to keep adding ref-counted
classes to LibWeb now that the majority of classes is GC'd - it only
adds the risk of discovering some cycle down the line, and forces us to
use handles as we can't visit().
2022-10-30 11:30:23 +00:00
Linus Groh
16136f0bdd LibWeb: Fix incorrect peek offset in HeaderList::get_decode_and_split()
We want to look at the current character, not the next one.
2022-10-26 10:36:48 +01:00
Linus Groh
7e7def71c1 LibWeb: Use getters instead of direct member access in Response methods
This fixes the behavior of those methods for FilteredResponse subclasses
as those only override the getter methods, not their private members.
2022-10-24 22:58:37 +01:00
Linus Groh
8f8fcfee1a LibWeb: Also make non-const Response getters virtual
We wouldn't want a filtered response to bypass the overridden methods
based on constness.
2022-10-24 22:58:37 +01:00
Linus Groh
0a186cb460 LibWeb: Handle filtered response in Response::clone() 2022-10-24 22:58:37 +01:00
Linus Groh
e40c8f550f LibWeb: Add non-const variants of Request::{current_,}url() 2022-10-24 22:58:37 +01:00
Linus Groh
9ad6031bca LibWeb: Move internal response in FilteredResponse create() functions 2022-10-24 09:26:16 +01:00
Linus Groh
02a4cba086 LibWeb: Use MUST() for infallible ByteBuffer::copy() invocations
ByteBuffer has an inline capacity of 32 bytes, so when we provide a
string smaller than that, it cannot fail.
2022-10-24 09:26:16 +01:00
Linus Groh
65f5c7adbc LibWeb: Add Fetch::Infrastructure::Header::from_string_pair() helper
This allows us to use this:

```cpp
auto header = TRY_OR_RETURN_OOM(realm,
    Infrastructure::Header::from_string_pair(name, value));
```

Instead of the somewhat unwieldly:

```cpp
auto header = Infrastructure::Header {
    .name = TRY_OR_RETURN_OOM(realm, ByteBuffer::copy(name.bytes())),
    .value = TRY_OR_RETURN_OOM(realm, ByteBuffer::copy(value.bytes())),
};
```
2022-10-24 09:26:16 +01:00
Linus Groh
c12c6fd5ea LibWeb: Fix typo in Fetch::Infrastructure::Request::add_range_header() 2022-10-24 09:24:15 +01:00
Linus Groh
acc1c2b3cb LibWeb/Fetch: Add "webidentity" destination for FedCM
This is a change in the Fetch spec.

See:
- 30d462d
- 7487a97
2022-10-15 12:15:31 +02:00
Linus Groh
60e9790a40 LibWeb/Fetch: Add support for parsing a single range header value
This is a change in the Fetch spec.

See:
- 2d080d7
- a18fb3e
2022-10-15 12:15:31 +02:00
Ben Wiederhake
3aeb57ed09 AK+Everywhere: Fix data corruption due to code-point-to-char conversion
In particular, StringView::contains(char) is often used with a u32
code point. When this is done, the compiler will for some reason allow
data corruption to occur silently.

In fact, this is one of two reasons for the following OSS Fuzz issue:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49184
This is probably a very old bug.

In the particular case of URLParser, AK::is_url_code_point got confused:
    return /* ... */ || "!$&'()*+,-./:;=?@_~"sv.contains(code_point);
If code_point is a large code point that happens to have the correct
lower bytes, AK::is_url_code_point is then convinced that the given
code point is okay, even if it is actually problematic.

This commit fixes *only* the silent data corruption due to the erroneous
conversion, and does not fully resolve OSS-Fuzz#49184.
2022-10-09 10:37:20 -06:00
Linus Groh
1c12f5c31d LibWeb: Make Fetch::Infrastructure::{Request,Response} ref-counted
With the addition of the 'fetch params' struct, the single ownership
model we had so far falls apart completely.

Additionally, this works nicely for FilteredResponse's internal response
instead of risking a dangling reference.

Replacing the public constructor with a create() function also found a
few instances of a Request being stack-allocated!
2022-10-05 09:14:49 +01:00
Linus Groh
886ca9c7b6 LibWeb: Add missing Request::policy_container() getter and setter 2022-10-05 09:14:49 +01:00
Linus Groh
16d6c62193 LibWeb: Make Fetch::Infrastructure::Request::set_client() take a pointer 2022-10-05 09:14:49 +01:00
Linus Groh
72a752685f LibWeb: Add missing link to Fetch::Infrastructure::Response member 2022-10-05 09:14:49 +01:00
Linus Groh
7b50e96434 LibWeb: Add missing links to Fetch::Infrastructure::Request members 2022-10-05 09:14:49 +01:00
Linus Groh
fc9d587e39 LibJS: Make PromiseCapability GC-allocated
A struct with three raw pointers to other GC'd types is a pretty big
liability, let's just turn this into a Cell itself.
This comes with the additional benefit of being able to capture it in
a lambda effortlessly, without having to create handles for individual
members.
2022-10-02 23:02:27 +01:00
Linus Groh
c2326ec95a LibJS: Move PromiseCapability into its own cpp/h file
This is not strictly connected to PromiseReaction in any way.
Preparation before doing some actual work on it :^)
2022-10-02 23:02:27 +01:00