We enable this mitigation by default because:
- The alternate UX is about:blank or corrupted content. That's never good.
- We want to make sure that our test coverage handles this mitigation because
it's want we want to ship.
However, we do explicitly disable it for all ServiceWorker WPT's via
`__dir__.ini` directive at the root of the service-workers test tree.
This is motivated by the
`/service-workers/service-worker/update-recovery.https.html` test which
intentionally tests a broken ServiceWorker being able to be updated. It
explicitly tests that the intercepted broken iframe shouldn't successfully
load, but our mitigation makes it load, which breaks the test.
Depends on D111845
Differential Revision: https://phabricator.services.mozilla.com/D111993
As it gives us better guarantees about correctness, it allows us to enable
performance optimizations such as D118192, which reduces redraws.
Another advantage is that it does not need any extra knowledge about
compositors as it does not make any assumptions about buffer holding
behaviour.
Differential Revision: https://phabricator.services.mozilla.com/D119668
We enable this mitigation by default because:
- The alternate UX is about:blank or corrupted content. That's never good.
- We want to make sure that our test coverage handles this mitigation because
it's want we want to ship.
However, we do explicitly disable it for all ServiceWorker WPT's via
`__dir__.ini` directive at the root of the service-workers test tree.
This is motivated by the
`/service-workers/service-worker/update-recovery.https.html` test which
intentionally tests a broken ServiceWorker being able to be updated. It
explicitly tests that the intercepted broken iframe shouldn't successfully
load, but our mitigation makes it load, which breaks the test.
Depends on D111845
Differential Revision: https://phabricator.services.mozilla.com/D111993
This patch launches content processes with the `MOZ_HEADLESS` env var set
if they're using GTK with an X11 display (and there's no other reason
they'd need GTK).
The goal is to avoid exhausting Xorg's default limit of 256 clients if
there are many content processes due to Fission. If these conditions
are met, the content process doesn't need to eagerly connect to the X
server. This does not affect the sandbox policy, and content processes
can still use X if needed for, e.g., WebGL.
The boolean pref `dom.ipc.avoid-gtk`, set by default, controls this
feature. In the future it could also be extended to minimize GTK use
with Wayland displays.
Note that disabling `widget.non-native-theme.enabled`, which is also
enabled by default, will restore the use of X11 in all content processes
even if this pref is set; the alternative is that widgets wouldn't render
in that case.
This change will also save some memory for now-unnecessary instances of
GTK's global state, and improve content process startup time.
Remove also the temp pref dom.ipc.remote-mozIcon because it cannot work
anymore with the content process being headless.
Differential Revision: https://phabricator.services.mozilla.com/D112197
Now that the about:third-party page landed (bug 1695817), we can remove the predecessor.
This patch reverts the Part10 patch of bug 1669036 (d9f8cdf2877b), keeping the other patches
which are required for about:third-party page.
Differential Revision: https://phabricator.services.mozilla.com/D118382
This was added in bug 1355661, has been kept Nightly-only since then,
and was only used briefly for omni.ja, and eventually we switched
compression off entirely on omni.ja. If we ever switch compression on
again on omni.ja, it would likely be with zstd, which is much faster
on the compression side.
Differential Revision: https://phabricator.services.mozilla.com/D118654
We have been doing this on Windows for a very very long time, to
increase perceived performance.
Given the default scroll speed on Linux matches windows without the
override, it makes sense doing it on Linux as well, for the same
reasons.
Differential Revision: https://phabricator.services.mozilla.com/D117286
In order to fully comply with the spec and work on all compositors.
This is heavily inspired by `NativeLayerCA`:
- Buffer are managed within a pool, similar to `SurfacePool`. This
makes sure there's always a buffer available, even if the compositor
holds buffers for longer than usually expected. One difference is
that buffers are not shared between windows though, reducing
complexity.
- Partial damage is handled by blitting from the previous buffer,
likely currently held by the Wayland compositor. While the spec is
not completely clear whether this is legal, it strongly suggests it
is - and other Wayland developers suggested it should be.
This is almost identical to `NativeLayerCA::HandlePartialUpdate`,
with a small optimization for the common case of double buffering,
in witch case use a "damage history", inspired by the EGL partial
damage support. As single or double buffering are by far the most
common cases for shm-buffers, we limit this to double buffering to
avoid complexity.
Changes compared to the existing `WindowSurfaceWayland` include:
- reduced complexity:
- less code
- no extra frame callbacks, avoiding extra steps like D117911
- no compositor specific modes - this solution should always produce
fully correct output with minimal overhead.
Note: a previous version of this patch only worked for SW-WR but not
Basic and thus did not replace `WindowSurfaceWayland`. Now this patch
supports both, making it possible to fully replace `WindowSurfaceWayland`
Differential Revision: https://phabricator.services.mozilla.com/D118025
Building on previous patches, this adds a preference to enable
a low quality pinch-zoom mode that reuses cached tiles where
possible.
It doesn't currently redraw at the higher quality scale at the
end of a pinch-zoom, and there are some sampling artifacts in some
cases. However, it should be enough to do some performance testing
on low and devices and see if it helps.
Differential Revision: https://phabricator.services.mozilla.com/D117497
This doesn't change the state of this feature which currently enabled, but will
allow us to disable it easily if necessary.
Differential Revision: https://phabricator.services.mozilla.com/D117441
This patch converts the pinning preference
"security.cert_pinning.enforcement_level" to be static. It also removes some
unused pinning preferences and parameters.
Differential Revision: https://phabricator.services.mozilla.com/D117095
ExtensionMockAPI is a fake WebExtensions API, locked behind a pref and
used in unit tests related to the API requests handling and WebExtensionStub
methods without relying on a specific WebExtension API.
Depends on D84687
Differential Revision: https://phabricator.services.mozilla.com/D99886
This patch converts the pinning preference
"security.cert_pinning.enforcement_level" to be static. It also removes some
unused pinning preferences and parameters.
Differential Revision: https://phabricator.services.mozilla.com/D117095
Reject software rasterizers on Linux (except Software WebRender) when
trying to create full WebRender, unless WebRender was force enabled.
Differential Revision: https://phabricator.services.mozilla.com/D117534
When trying to create a GLContextEGL or GLContextGLX, we should check to
see what our display is backed by. If using a software driver, we should
fail to create the context for WebRender, so that it can fallback to
Software WebRender.
Differential Revision: https://phabricator.services.mozilla.com/D117473
This patch converts the pinning preference
"security.cert_pinning.enforcement_level" to be static. It also removes some
unused pinning preferences and parameters.
Differential Revision: https://phabricator.services.mozilla.com/D117095
This matches what macOS is doing in bug 1715145, and improves the
situation in the cases the user chooses a light Firefox theme, but a
dark GTK theme, or vice versa.
The nice thing of doing it globally is that we don't need to teach the
GTK code to paint with different color schemes in different windows,
which would be massively annoying.
This is expected to have an slight performance cost on startup for
light-theme users (as we need to read the dark gtk theme colors), but
it's hopefully ok.
Depends on D117227
Differential Revision: https://phabricator.services.mozilla.com/D117228
ExtensionMockAPI is a fake WebExtensions API, locked behind a pref and
used in unit tests related to the API requests handling and WebExtensionStub
methods without relying on a specific WebExtension API.
Depends on D84687
Differential Revision: https://phabricator.services.mozilla.com/D99886
ExtensionMockAPI is a fake WebExtensions API, locked behind a pref and
used in unit tests related to the API requests handling and WebExtensionStub
methods without relying on a specific WebExtension API.
Depends on D84687
Differential Revision: https://phabricator.services.mozilla.com/D99886
Since Bug 1696145, these prefs are accessed on background threads (from a
service worker) so we need to mark them atomic.
Differential Revision: https://phabricator.services.mozilla.com/D117194
This patch also removes the pref widget.system-colors-follow-theme, which was
only true on macOS. System colors now follow the global Firefox theme.
Differential Revision: https://phabricator.services.mozilla.com/D117098
- Require the blocklist v3 everywhere except on Android,
as Android support will be done in bug 1639050.
On Firefox desktop it is not possible to switch back to blocklist v2.
- The application size (Firefox/Thunderbird) shrinks by 1 MB
because the addons.json dump no longer needs to be packaged.
- Thunderbird will now use blocklist v3 instead of v2.
Doesn't matter because it didn't use the blocklist in practice.
Differential Revision: https://phabricator.services.mozilla.com/D116418
- Require the blocklist v3 everywhere except on Android,
as Android support will be done in bug 1639050.
On Firefox desktop it is not possible to switch back to blocklist v2.
- The application size (Firefox/Thunderbird) shrinks by 1 MB
because the addons.json dump no longer needs to be packaged.
- Thunderbird will now use blocklist v3 instead of v2.
Doesn't matter because it didn't use the blocklist in practice.
Differential Revision: https://phabricator.services.mozilla.com/D116418
This provides feedback to the user, otherwise nothing happens and the user doesn't know if their input was accepted or not. This matches what Chrome does.
We add a new flag for ZoomToRect that only double tap uses. We also need to add the cursor position to the ZoomTarget struct as that is what we will be zooming in on. (CalculateRectToZoomTo has a little bit of refactoring to calculate this point sooner and without an intermediate variable.)
The rest of the patch is some logic in ZoomToRect to decide when to do this, and some math to compute the zoom to rect (which is similar to the zoom out code).
Differential Revision: https://phabricator.services.mozilla.com/D116370
To compile SM to .wasm we need to use clang from wasi-sdk, this patch
allows us to use default clang-12 from mozilla's repo.
We remove usage of rpath-link flag because wasm-ld doesn't support it,
enable single thread model because wasi is single threaded
and finally add <unistd.h> becase it is forbidden to use read/write/lseek
without this header.
Differential Revision: https://phabricator.services.mozilla.com/D116207
As long as the upcoming WebDriver BiDi implementation isn't stable
enough, it will only be enabled for Nighlty builds for now.
Differential Revision: https://phabricator.services.mozilla.com/D116414
With the migration completed, we don't need to keep this pref
around anymore. The profile migration code used to set the pref
value to 0 but since FF 86 the value of the pref didn't matter
as the code would always clamp it to 100. So for consistency
we eliminate that setting of the pref as well.
Depends on D116322
Differential Revision: https://phabricator.services.mozilla.com/D116323
There are performance problems we need to sort out, so let's just turn
off the pref which lets us continue testing without backing out.
Differential Revision: https://phabricator.services.mozilla.com/D116407
Andrew Sutherland
Robert Mader
Jonathan Kew
Iulian Moraru
Julian Descottes
Mike Kaply
Jed Davis
Toshihito Kikuchi
Andrew Creskey
Randell Jesup
Christoph Kerschbaumer
Jeff Muizelaar
Florian Quèze
Brindusan Cristian
Brad Werth
Mike Hommey
Denis Palmeiro
Kagami Sascha Rosylight
Nihanth Subramanya
Dorel Luca
Dale Harvey
Emilio Cobos Álvarez
Cosmin Sabou
Mats Palmgren
Valentin Gosu
Peter Van der Beken
Henri Sivonen
Matt Woodrow
Kershaw Chang
Landry Breuil
Jon Coppeard
Anny Gakhokidze
Sandor Molnar
Yaron Tausky
Kris Maglione
Csoregi Natalia
Sean Feng
Glenn Watson
Dana Keeler
Luca Greco
Michelle Goossens
Butkovits Atila
Andrew Osmond
Dimi Lee
Alexandru Michis
Eden Chuang
Boris Chiou
Harry Twyford
Tim Giles
Agi Sferro
Jon Bauman
Markus Stange
Matthew Gaudet
Noemi Erli
Rob Wu
Morgan Reschenberg
Timothy Nikkel
Edgar Chen
Sonia Singla
Dmitry Bezhetskov
Henrik Skupin
Kartikaya Gupta
Dragana Damjanovic
Olli Pettay
Ava Katushka
Tim Huang
Andreas Farre