1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-10-26 04:02:40 +00:00
Commit graph

75 commits

Author SHA1 Message Date
Luke Wilde
f52ede23aa LibWeb: Return from "the end" during HTML fragment parsing
This will examine the algorithm known as "the end" from the HTML
specification, which executes when parsing HTML markup has completed,
and it's potential to observably run script or change certain
attributes.

This currently executes in our engine when parsing HTML received from
the internet during navigation, using document.{open,write,close},
setting the innerHTML attribute or using DOMParser. The latter two are
only possible by executing script.

This has been causing some issues in our engine, which will be shown
later, so we are considering removing the call to "the end" for these
two cases.

Spoiler: the implications of running "the end" for DOMParser will be
considered in the future. It is the only script-created HTML/XML parser
remaining after this commit that uses "the end", including it's XML
variant implemented as XMLDocumentBuilder::document_end().

This will only focus on setting the innerHTML attribute, which falls
under "HTML fragment parsing", which starts here in the specification:
https://html.spec.whatwg.org/multipage/parsing.html#parsing-html-fragments
44dd824764/Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp (L3491)

While you may notice our HTMLParser::parse_html_fragment returns `void`
and assume this means no scripts are executed because of our use of
`WebIDL::ExceptionOr<T>` and `JS::ThrowCompletionOr<T>`, note that
dispatched events will execute arbitrary script via a callback, catch
any exceptions, report them and not propagate them. This means that
while a function does not return an exception type, it can still
potentially execute script.

A breakdown of the steps of "the end" in the context of HTML fragment
parsing and its observability follows:
https://html.spec.whatwg.org/multipage/parsing.html#the-end
44dd824764/Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp (L221)

1. No-op, as we don't currently have speculative HTML parsing. Even if
   we did, we would instantly return after stopping the speculative
   HTML parser anyway.

2. No-op, document.{open,write,close} are not accessible from the
   temporary document.

3. No-op, document.readyState, window.navigation.timing and the
   readystatechange event are not accessible from the created temporary
   document.

4. This is presumably done so that reentrant invocation of the HTML
   parser from document.{write,close} during the firing of the events
   after step 4 ends up parsing from a clean state. This is a no-op, as
   the events after step 4 do not fire and are not accessible.

5. No-op, we set HTMLScriptElement::m_already_started to true when
   creating it whilst parsing an HTML fragment, which causes
   HTMLScriptElement::prepare_script to instantly bail, meaning
   `scripts_to_execute_when_parsing_has_finished` is always empty.

6. No-op, tasks are considered not runnable when the document does not
   have a browsing context, which is always the case in fragment
   parsing. Additionally, window.navigation.timing and the
   DOMContentLoaded event aren't reachable from the temporary document.

7. Almost a no-op, `scripts_to_execute_as_soon_as_possible` is always
   empty for the same reason as step 4. However, this step uses an
   unconditional `spin_until` call, which _is_ observable and causes
   one of the alluded to issues, which will be talked about later.

8. No-op, as delaying the load event has no purpose in this case, as
   the task in step 9 will set the current document readiness to
   "complete" and then return immediately after, as the temporary
   document has no browsing context, skipping the Window load event.
   However, this step causes another alluded to issue, which will be
   talked about later.

9. No-op, for the same reason as step 6. Additionally,
   document.readyState is not accessible from the temporary document
   and the temporary document has no browsing context, so navigation
   timing, the Window load event, the pageshow event, the Document load
   event and the `<iframe>` load steps are not executed at all.

10. No-op, as this flag is only set from window.print(), which is not
    accessible for this document.

11. No-op, as the temporary document is not accessible from anything
    else and will be immediately destroyed after HTML fragment parsing.

Additionally, browsing context containers (`<iframe>`, `<frame>` and
`<object>`) cannot run in documents with no browsing context:

- `<iframe>` and `<frame>` use "create a new child navigable":
https://html.spec.whatwg.org/multipage/document-sequences.html#create-a-new-child-navigable
44dd824764/Userland/Libraries/LibWeb/HTML/BrowsingContextContainer.cpp (L43-L45)

> 2. Let group be element's node document's browsing context's
     top-level browsing context's group.

This requires the element's node document's browsing context to be
non-null, but it is always null with the temporary document created for
HTML fragment parsing.

This is protected against here for `<iframe>`:
https://html.spec.whatwg.org/multipage/iframe-embed-object.html#the-iframe-element:the-iframe-element-6
44dd824764/Userland/Libraries/LibWeb/HTML/HTMLIFrameElement.cpp (L45)

> When an iframe element element is inserted into a document whose
  browsing context is non-null, the user agent must run these steps:
  1. Create a new child navigable for element.

This is currently not protected against for `<frame>` in the
specification:
https://html.spec.whatwg.org/multipage/obsolete.html#active-frame-element

> A frame element is said to be an active frame element when it is in a
  document.

> When a frame element element is created as an active frame element,
  or becomes an active frame element after not having been one, the
  user agent must run these steps:
>     1. Create a new child navigable for element.

However, since this would cause a null dereference, this is actually a
specification issue. See: https://github.com/whatwg/html/issues/9136

- `<object>` uses "queue an element task" and has a browsing context
  null check.
https://html.spec.whatwg.org/multipage/iframe-embed-object.html#the-object-element:queue-an-element-task
44dd824764/Userland/Libraries/LibWeb/HTML/HTMLObjectElement.cpp (L58)
44dd824764/Userland/Libraries/LibWeb/HTML/HTMLObjectElement.cpp (L105)

> ...the user agent must queue an element task on the DOM manipulation
  task source given the object element to run the following steps to
  (re)determine what the object element represents.

As established above, tasks are not runnable in documents with null
browsing contexts. However, for avoidance of doubt, it checks if the
document's browsing context is null, and if so, it falls back to
representing the element's children and gets rid of any child navigable
the `<object>` element may have.

> 2. If the element has an ancestor media element, or has an ancestor
     object element that is not showing its fallback content, or if the
     element is not in a document whose browsing context is non-null,
     or if the element's node document is not fully active, or if the
     element is still in the stack of open elements of an HTML parser
     or XML parser, or if the element is not being rendered, then jump
     to the step below labeled fallback.

> 4. Fallback: The object element represents the element's children.
     This is the element's fallback content. Destroy a child navigable
     given the element.

This check also protects against an `<object>` element being adopted
from a document which has a browsing context to one that doesn't during
the time between the element task being queued and then executed.

This means a browsing context container cannot be ran, meaning browsing
context containers cannot access their parent document and access the
properties and events mentioned in steps 1-11 above, or use
document.{open,write,close} on the parent document.

Another potential avenue of running script via HTML fragment parsing
is via custom elements being in the markup, which need to be
synchronously upgraded. For example:
```
<custom-element></custom-element>
```

However, this is already protected against in the spec:
https://html.spec.whatwg.org/multipage/parsing.html#create-an-element-for-the-token
44dd824764/Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp (L643)

> 7. If definition is non-null and the parser was not created as part
     of the HTML fragment parsing algorithm, then let will execute
     script be true. Otherwise, let it be false.

It is protected against overall by disabling custom elements via
returning `null` for all custom element definition lookups if the
document has no browsing context, which is the case for the temporary
document:
https://html.spec.whatwg.org/multipage/custom-elements.html#look-up-a-custom-element-definition
44dd824764/Userland/Libraries/LibWeb/DOM/Document.cpp (L2106-L2108)

> 2. If document's browsing context is null, return null.

This is because the document doesn't have an associated Window, meaning
there will be no associated CustomElementRegistry object.

After running the HTML fragment parser, all of the child nodes are
removed the temporary document and then adopted into the context
element's node document. Skipping the `pre_remove` steps as they are
not relevant in this case, let's first examine Node::remove()'s
potential to execute script, then examine Document::adopt_node() after.
https://dom.spec.whatwg.org/#concept-node-remove
44dd824764/Userland/Libraries/LibWeb/DOM/Node.cpp (L534)

1-7. Does not run any script, it just keeps a copy of some data that
     will be needed later in the algorithm and directly modifies live
     range attributes. However, since this relies on Range objects
     containing the temporary document, the Range steps are no-ops.

8. Though this uses the temporary document, it does not contain any
   NodeIterator objects as no script should have run, thus this
   callback will not be entered. Even if the document _did_ have
   associated NodeIterators, NodeIterator::run_pre_removing_steps does
   not execute any script.

9-11. Does not run any script, it just keeps a copy of some data that
      will be needed later in the algorithm and performs direct tree
      mutation to remove the node from the node tree.

12-14. "assign slottables" and step 13 queue mutation observer
       microtasks via "signal a slot change". However, since this is
       done _after_ running "the end", the "spin the event loop" steps
       in that algorithm does not affect this. Remember that queued
       microtasks due not execute during this algorithm for the next
       few steps.

Sidenote:
Microtasks are supposed to be executed when the JavaScript execution
context stack is empty. Since HTMLParser::parse_html_fragment is only
called from script, the stack will never be empty whilst it is running,
so microtasks will not run until some time after we exit this function.

15. This could potentially run script, let's have a look at the
    removal steps we currently have implemented in our engine:

- HTMLIFrameElement::removed_from()
  https://html.spec.whatwg.org/multipage/iframe-embed-object.html#the-iframe-element:the-iframe-element-7
  44cf92616e/Userland/Libraries/LibWeb/HTML/HTMLIFrameElement.cpp (L102)

  Since browsing context containers cannot create child browsing
  contexts (as shown above), this code will do nothing. This will also
  hold true when we implement HTMLFrameElement::removed_from() in the
  future.

- FormAssociatedElement::removed_from()
  44cf92616e/Userland/Libraries/LibWeb/HTML/FormAssociatedElement.h (L36)
  
  This calls `form_node_was_removed` which can then potentially call
  `reset_form_owner`. However, `reset_form_owner` only does tree
  traversal to find the appropriate form owner and does not execute
  any script. After calling `form_node_was_removed` it then calls
  `form_associated_element_was_removed`, which is a virtual function
  that no one currently overrides, meaning no script is executed.

- HTMLBaseElement::removed_from()
  44dd824764/Userland/Libraries/LibWeb/HTML/HTMLBaseElement.cpp (L45)
  
  This will call `Document::update_base_element` to do tree traversal
  to find out the new first `<base>` element with an href attribute and
  thus does not execute any script.

- HTMLStyleElement::removed_from()
  https://html.spec.whatwg.org/multipage/semantics.html#update-a-style-block
  44dd824764/Userland/Libraries/LibWeb/HTML/HTMLStyleElement.cpp (L49)
  
  This will call `update_a_style_block`, which will parse the `<style>`
  element's text content as CSS and create a style sheet from it. This
  does not execute any script.
  
In summary, step 15 does not currently execute any script and ideally
shouldn't in the future when we implement more `removed_from` steps.

16. Does not run any script, just saves a copy of a variable.

17. Queues a "disconnectedCallback" custom elements callback. This will
    execute script in the future, but not here.
    
18. Performs step 15 and 17 in combination for each of the node's
    descendants. This will not execute any script.
    
19. Does not run any script, it performs a requirement of mutation
    observers by adding certain things to a list.

20. Does not execute any script, as mutation observer callbacks are
    done via microtasks.

21. This will not execute script, as the parent is always the temporary
    document in HTML fragment parsing. There is no Document children
    changed steps, so this step is a no-op.
    
We then do layout invalidation which is our own addition, but this also
does not execute any script.

In short, removing a node does not execute any script. It could execute
script in the future, but since this is done by tasks, it will not
execute until we are outside of HTMLParser::parse_html_fragment.

Let's look at adopting a node:
https://dom.spec.whatwg.org/#concept-node-adopt
44dd824764/Userland/Libraries/LibWeb/DOM/Document.cpp (L1414)

1. Does not run script, it just keeps a reference to the temporary
   document.

2. No-op, we removed the node above.

3.1. Does not execute script, it simply updates all descendants of
     the removed node to be in the context element's node document.

3.2. Does not execute script, see node removal step 17.

3.3. This could potentially execute script, let's have a look at the
     adopting steps we have implemented in our engine:

- HTMLTemplateElement::adopted_from()
  https://html.spec.whatwg.org/multipage/scripting.html#the-template-element:concept-node-adopt-ext
  44dd824764/Userland/Libraries/LibWeb/HTML/HTMLTemplateElement.cpp (L38)

  This simply adopts the `<template>` element's DocumentFragment node
  into its inert document. This does not execute any script.
  
We then have our own addition of adopting NodeIterators over to the
context element's document, but this does not execute any script.

In short, adopting a node does not execute any script.

After adopting the nodes to the context element's document, HTML
fragment parsing is complete and the temporary document is no longer
accessible at all.

Document and element event handlers are also not accessible, even if
the event bubbles. This is simply because the temporary document is not
accessible, so tree traversal, IDL event handler attributes and
EventTarget#addEventListener are not accessible, on the document or any
descendants. Document is also not an Element, so element event handler
attributes do not apply.

In summary, this establishes that HTML fragment parsers should not run
any user script or internal C++ code that relies on things set up by
"the end". This means that the attributes set up and events fired by
"the end" are not observable in this case. This may have not explored
every single possible avenue, but the general assertion should still
hold. However, this assertion is violated by "the end" containing two
unconditional "spin the event loop" invocations and causes issues with
live web content, so we seek to avoid them.

As WebKit, Blink and Gecko have been able to get away with doing fast
path optimizations for HTML fragment parsing which don't setup
navigation timing, run events, etc. it is presumed we are able to get
away with not running "the end" for HTML fragment parsing as well.
WebKit: c69be377e1/Source/WebCore/dom/DocumentFragment.cpp (L90-L98)
Blink: 15444426f9/third_party/blink/renderer/core/editing/serializers/serialization.cc (L681-L702)
Gecko: 6fc2f6d533/dom/base/FragmentOrElement.cpp (L1991-L2002)

Removing the call to "the end" fixes at least a couple of issues:
- Inserting `<img>` elements via innerHTML causes us to spin forever.

  This regressed in 2413de7e10
  
  This is because `m_load_event_delayer.clear()` is performed inside an
  element task callback. Because of the reasons stated above, this will
  never execute. This caused us to spin forever on step 8 of "the end",
  which is delaying the load event.
  
  This affected Google Docs and Google Maps, never allowing them to
  progress after performing this action. I have also seen it cause a
  Scorecard Research `<img>` beacon in a `<noscript>` element inserted
  via innerHTML to spin forever. This presumably affects many more
  sites as well.
  
  Given that the Window load event is not fired for HTML fragment
  parsers, spinning the event loop to delay the load event does not
  change anything, meaning this step can be skipped entirely.
  
- Microtask timing is messed up by the unconditional `spin_until`s on
  steps 7 and 8.
  
  "Spin the event loop" causes an unconditional microtask checkpoint:
  https://html.spec.whatwg.org/multipage/webappapis.html#spin-the-event-loop
  44dd824764/Userland/Libraries/LibWeb/HTML/EventLoop/EventLoop.cpp (L54)
  
  > 3. Let old stack be a copy of the JavaScript execution context
       stack.
  > 4. Empty the JavaScript execution context stack.
  > 5. Perform a microtask checkpoint.
  > 6.2.1. Replace the JavaScript execution context stack with old
           stack.
           
  This broke YouTube with the introduction of custom elements, as
  custom elements use microtasks to upgrade elements and call
  callbacks. See https://github.com/whatwg/html/issues/8646 for a full
  example reduced from YouTube's JavaScript.
  
  Another potential fix for this issue is to remove the above steps
  from "spin the event loop". However, since we have another issue with
  the use of "spin the event loop", it would be best to just avoid
  both calls to it.

Considering all of the above, removing the call to "the end" is the way
forward for HTML fragment parsing, as all of it should be a no-op.

This is done by not simply returning from "the end" if the HTML parser
was created for HTML fragment parsing.

The end.
2023-04-11 21:32:30 +02:00
Kenneth Myhra
cbefab21be LibWeb: Port fire_a_page_transition_event() to new FlyString 2023-04-09 17:27:27 +02:00
Kenneth Myhra
ad5cbdc51b LibWeb: Port {Mouse,UI,Wheel,}Event to new String
This ports MouseEvent, UIEvent, WheelEvent, and Event to new String.
They all had a dependency to T::create() in
WebDriverConnection::fire_an_event() and therefore had to be ported in
the same commit.
2023-04-07 22:41:01 +02:00
Kenneth Myhra
4d87072201 LibWeb: Port {HTML,UIEvents,XHR}::EventNames to new String 2023-04-06 23:49:08 +02:00
Luke Wilde
034aaf3f51 LibWeb: Introduce CustomElementRegistry and creating custom elements
The main missing feature here is form associated custom elements.
2023-04-06 11:36:56 +02:00
Andreas Kling
a925c2dcf2 LibWeb: Remove redundant invocation of children changed in HTMLParser
Setting the `data` of a text node already triggers `children changed`
per spec, so there's no need for an explicit call.

This avoids parsing every HTMLStyleElement sheet twice. :^)
2023-03-30 11:10:02 +02:00
Sam Atkins
4b711932cc LibWeb: Split PercentageStyleValue out of StyleValue.{h,cpp} 2023-03-25 16:56:04 +00:00
Sam Atkins
9a84151169 LibWeb: Split LengthStyleValue out of StyleValue.{h,cpp} 2023-03-25 16:56:04 +00:00
Timothy Flynn
f5f1a5228e LibWeb: Escape HTML text fragments with multi-byte code point awareness
The UTF-8 encoding of U+00A0 (NBSP) is the bytes 0xc2 0xa0. By looping
over the string to escape byte-by-byte, we replace the second byte with
"&nbsp;", but leave the first byte in the resulting text. This creates
an invalid UTF-8 string, with a lone leading byte.
2023-03-13 07:29:40 +00:00
Andreas Kling
a504ac3e2a Everywhere: Rename equals_ignoring_case => equals_ignoring_ascii_case
Let's make it clear that these functions deal with ASCII case only.
2023-03-10 13:15:44 +01:00
Matthew Olsson
c0b2fa74ac LibWeb: Fix a few const-ness issues 2023-03-06 13:05:43 +00:00
Kenneth Myhra
ff92324fa5 LibWeb: Make factory method of DOM::ElementFactory fallible 2023-02-22 09:55:33 +01:00
Kenneth Myhra
c120c46acc LibWeb: Make factory methods of DOM::Event fallible
Because of interdependencies between DOM::Event and UIEvents::MouseEvent
to template function fire_an_event() in WebDriverConnection.cpp, the
commit: 'LibWeb: Make factory methods of UIEvents::MouseEvent fallible'
have been squashed into this commit.
2023-02-18 00:52:47 +01:00
Kenneth Myhra
0d9076c9f5 LibWeb: Make factory methods of DOM::Document fallible 2023-02-18 00:52:47 +01:00
Timothy Flynn
b75b7f0c0d LibJS+Everywhere: Propagate Cell::initialize errors from Heap::allocate
Callers that are already in a fallible context will now TRY to allocate
cells. Callers in infallible contexts get a FIXME.
2023-01-29 00:02:45 +00:00
Timothy Flynn
f3db548a3d AK+Everywhere: Rename FlyString to DeprecatedFlyString
DeprecatedFlyString relies heavily on DeprecatedString's StringImpl, so
let's rename it to A) match the name of DeprecatedString, B) write a new
FlyString class that is tied to String.
2023-01-09 23:00:24 +00:00
Andreas Kling
a915fee5f3 LibWeb: Only log HTML parser errors when HTML_PARSER_DEBUG is enabled
At this point, the parser is reliable enough that we don't need to spam
the debug log about minor parsing issues on every websites.
2023-01-09 14:00:26 +01:00
Linus Groh
22089436ed LibJS: Convert Heap::allocate{,_without_realm}() to NonnullGCPtr 2022-12-15 06:56:37 -05:00
Linus Groh
2a66fc6cae LibJS: Add make_handle({Nonnull,}GCPtr<T>) overloads 2022-12-15 06:56:37 -05:00
Linus Groh
57dc179b1f Everywhere: Rename to_{string => deprecated_string}() where applicable
This will make it easier to support both string types at the same time
while we convert code, and tracking down remaining uses.

One big exception is Value::to_string() in LibJS, where the name is
dictated by the ToString AO.
2022-12-06 08:54:33 +01:00
Linus Groh
6e19ab2bbc AK+Everywhere: Rename String to DeprecatedString
We have a new, improved string type coming up in AK (OOM aware, no null
state), and while it's going to use UTF-8, the name UTF8String is a
mouthful - so let's free up the String name by renaming the existing
class.
Making the old one have an annoying name will hopefully also help with
quick adoption :^)
2022-12-06 08:54:33 +01:00
Timothy Flynn
99d8c115a0 LibWeb: Remove outdated FIXME regarding application cache selection
This algorithm, and window.applicationCache, was removed from the spec:
e4330d5

This also adds a spec link and comments to the affected parser method.
2022-11-29 19:04:31 +01:00
Baitinq
2f16198bd6 LibWeb: Remove unused should_invalidate_styles_on_attribute_changes()
This getter and setter were previously labelled as a "hack" and used to
disable style invalidation on attribute changes during the HTML parsing
phase (as it caused big sites's loading to be slow). These functions
are currently not used, so they can be removed:^)
2022-11-21 10:12:07 +01:00
Andreas Kling
b21b27fda3 LibWeb: Update the HTML parser part that deals with text in <script>
This commit adds inline spec comments to the part of the parser that
ends up calling HTMLScriptElement::prepare().

The code is tweaked to match the spec more closely.
2022-11-21 10:08:50 +01:00
Andreas Kling
7d45927d41 LibWeb: Rename HTMLScriptElement "non-blocking" to "force async"
This has been renamed in the spec, so let's do it here too.
2022-11-21 10:08:50 +01:00
MacDue
8a5d2be617 Everywhere: Remove unnecessary mutable attributes from lambdas
These lambdas were marked mutable as they captured a Ptr wrapper
class by value, which then only returned const-qualified references
to the value they point from the previous const pointer operators.

Nothing is actually mutating in the lambdas state here, and now
that the Ptr operators don't add extra const qualifiers these
can be removed.
2022-11-19 14:37:31 +00:00
Andreas Kling
e9eba66361 LibWeb: Adjust foreignobject to foreignObject in HTML parser
This conversion was missing from the table we copied from the spec
for whatever reason.
2022-11-16 13:01:21 +01:00
Linus Groh
acfb546048 LibWeb: Handle currently ignored WebIDL::ExceptionOr<T>s 2022-10-31 14:12:44 +00:00
Andreas Kling
5530040b3c LibWeb: Annotate and simplify the HTML fragment parsing algorithm
This patch adds inline spec comments, and then adjusts the code a bit
so it reads more like the spec.
2022-10-29 15:16:57 +02:00
Andreas Kling
6e0f80fbe0 LibWeb: Make the HTMLParser GC-allocated
This prevents a reference cycle between a HTMLParser opened via
document.open() and the document. It was one of many things keeping
some documents alive indefinitely.
2022-10-20 15:16:23 +02:00
Andreas Kling
9869405802 LibWeb: Put HTML parser encoding sniffing debug logging behind a flag 2022-10-10 20:22:50 +02:00
Linus Groh
32ad939e44 LibWeb: Rename HighResolutionTime/{CoarsenTime => TimeOrigin}.cpp/h
This is being used for more than just time coarsening now, so let's use
the spec's section title for the name.
2022-10-05 09:12:59 +01:00
Linus Groh
4ea6cc56be LibWeb: Move unsafe_shared_current_time() to HighResolutionTime
This doesn't belong on the EventLoop at all, as far as I can tell.
2022-10-05 09:12:59 +01:00
Linus Groh
fb21271334 LibWeb: Replace incorrect uses of AK::is_ascii_space() 2022-10-02 21:32:49 +02:00
Andrew Kaster
f0c5f77f99 LibWeb: Remove unecessary dependence on Window from HTML classes
These classes only needed Window to get at its realm. Pass a realm
directly to construct HTML classes.
2022-10-01 21:05:32 +01:00
Luke Wilde
7b8a6b8e7a LibWeb: Set HTMLParser::m_scripting_enabled as according to the spec
This allows <noscript> elements to display their content as proper HTML
instead of raw text when scripting is disabled.
2022-09-23 22:25:09 +01:00
Andreas Kling
797d28adca LibWeb: Save begin/end timestamps for load and DOMContentLoaded events 2022-09-21 11:51:18 +02:00
Andreas Kling
ab8432783e LibWeb: Implement aborting the HTML parser
This is roughly on-spec, although I had to invent a simple "aborted"
state for the tokenizer.
2022-09-20 23:44:59 +02:00
Andreas Kling
88f2f50c55 LibWeb: Don't use the internal window object when parsing HTML fragments
Instead, use the window object from the context element. This fixes an
issue where activating event handlers during fragment parsing would try
to set up callbacks using the internal window object's ESO.

This caused a verify_cast crash on Google Maps, since the internal realm
doesn't have an associated ESO. Perhaps it should, but in this specific
case, it makes more sense for fragment parsing to fully adopt the
context provided.
2022-09-06 01:12:44 +02:00
Andreas Kling
6f433c8656 LibWeb+LibJS: Make the EventTarget hierarchy (incl. DOM) GC-allocated
This is a monster patch that turns all EventTargets into GC-allocated
PlatformObjects. Their C++ wrapper classes are removed, and the LibJS
garbage collector is now responsible for their lifetimes.

There's a fair amount of hacks and band-aids in this patch, and we'll
have a lot of cleanup to do after this.
2022-09-06 00:27:09 +02:00
Andreas Kling
7c3db526b0 LibWeb: Make DOM::Event and all its subclasses GC-allocated 2022-09-06 00:27:09 +02:00
sin-ack
3f3f45580a Everywhere: Add sv suffix to strings relying on StringView(char const*)
Each of these strings would previously rely on StringView's char const*
constructor overload, which would call __builtin_strlen on the string.
Since we now have operator ""sv, we can replace these with much simpler
versions. This opens the door to being able to remove
StringView(char const*).

No functional changes.
2022-07-12 23:11:35 +02:00
Andreas Kling
1956c52c68 LibWeb: Remove unused HTML::parse_html_document() 2022-04-06 19:35:07 +02:00
Idan Horowitz
086969277e Everywhere: Run clang-format 2022-04-01 21:24:45 +01:00
Ali Mohammad Pur
5a0123fd2f LibWeb: Load X(HT)ML documents and transform them into HTML DOM 2022-03-28 23:11:48 +02:00
Andreas Kling
fda25f9505 LibWeb: Move HTML dimension value parsing from CSS to HTML namespace
These are part of HTML, not CSS, so let's not confuse things.
2022-03-26 17:31:01 +01:00
Idan Horowitz
5626e1b324 LibWeb: Rename PARSER_DEBUG => HTML_PARSER_DEBUG
Since this macro was created we gained a couple more parsers in the
system :^)
2022-03-24 21:37:49 +01:00
Timothy Flynn
5608bc4eaf LibWeb: Remove inheritance of FormAssociatedElement from HTMLElement
HTMLObjectElement will need to be both a FormAssociatedElement and a
BrowsingContextContainer. Currently, both of these classes inherit from
HTMLElement. This can work in C++, but is generally frowned upon, and
doesn't play particularly well with the rest of LibWeb.

Instead, we can essentially revert commit 3bb5c62 to remove HTMLElement
from FormAssociatedElement's hierarchy. This means that objects such as
HTMLObjectElement individually inherit from FormAssociatedElement and
HTMLElement now.

Some caveats are:

* FormAssociatedElement still needs to know when the HTMLElement is
  inserted into and removed from the DOM. This hook is automatically
  injected via a macro now, while still allowing classes like
  HTMLInputElement to also know when the element is inserted.

* Casting from a DOM::Element to a FormAssociatedElement is now a
  sideways cast, rather than directly following an inheritance chain.
  This means static_cast cannot be used here; but we can safely use
  dynamic_cast since the only 2 instances of this already use RTTI to
  verify the cast.
2022-03-24 03:35:11 +01:00
Simon Wanner
1d95745901 LibWeb: Implement the rest of the Adoption Agency Algorithm
This gets us 2 points on html5test.com :^)
- Before: https://html5te.st/4cf57659bc08272e (208)
- After: https://html5te.st/fb8a9259bda1c115 (210)
2022-03-20 02:52:37 +01:00
Andreas Kling
cbd343dced LibWeb: Only delay "load" event for script elements that load something
We shouldn't delay the load event for scripts that we're completely
refusing to run anyway. Also, for scripts that have inline text content,
we don't need to delay them either, as they will become ready before
returning from "prepare script".

This makes the "load" event finally fire on lots of websites, including
Wikipedia. :^)
2022-03-19 16:11:36 +01:00