`ReadyToExecuteParserBlockingScripts` was walking the ancestor chain but
would stop if it hit an OOP ancestor. With this change we walk the
`WindowContext` tree instead, so that we may skip over OOP ancestors
and continue checking all in process ancestors.
Differential Revision: https://phabricator.services.mozilla.com/D86436
Creating more than 2 nested iframes is not allowed and is now enforced for
about:blank loads because they now take place via DocumentChannel.
Differential Revision: https://phabricator.services.mozilla.com/D85084
This patch enables sandboxed srcdoc loads to take place via DocumentChannel,
and adds mechanisms for enabling unsandboxed ones.
Both unsandboxed srcdoc, and in subsequent patches, about:blank, loads require
that the triggering principal and the principal to inherit point to the same
instance if the load takes place in the same process as where we are inheriting
those principals from. We save those principals on a target browsing context before
we load the URI, and later, when we are deserializing LoadInfoArgs into
LoadInfo in the content process, we retrieve the saved principals if the
current load identifier of the target BC matches the load identifier saved
along with the principals.
We also need to make sure that during a process switch for about:srcdoc load,
we don't use the original URI for about:srcdoc to determine the remote type and
instead we use channel's result principal.
Differential Revision: https://phabricator.services.mozilla.com/D85079
This changes the set of types which can be passed as the second argument to
do_QueryActor to ones which can be unambiguously converted to a JSActorManager,
and combines nsCOMPtr_helper implementations.
Differential Revision: https://phabricator.services.mozilla.com/D84067
With fission enabled, walking the docshell tree to find unloaded
parents would stop at the first OOP parent. Instead we now walk
the `BrowsingContext`/`WindowContext` tree. To still check parents
which are OOP, we take advantage of the fact that a parent
`WindowContext` will no longer be the current `WindowContext` if
the parent was unloaded. For in process docshell's we additionally
check the docshell directly.
Differential Revision: https://phabricator.services.mozilla.com/D85328
With fission enabled, walking the docshell tree to find unloaded
parents would stop at the first OOP parent. Instead we now walk
the `BrowsingContext`/`WindowContext` tree. To still check parents
which are OOP, we take advantage of the fact that a parent
`WindowContext` will no longer be the current `WindowContext` if
the parent was unloaded. For in process docshell's we additionally
check the docshell directly.
Differential Revision: https://phabricator.services.mozilla.com/D85328
This builds on the new API added in bug 1652085 to reduce the chance of a
different BrowsingContextGroup instance being used for process selection at the
start of a process switch, and BrowsingContext creation at the end.
While this would probably not be a serious issue right now, as we always have
only a single "extension" process, it could become an issue in the future if the
specific group specifier is used in more places.
Differential Revision: https://phabricator.services.mozilla.com/D84549
This should ensure that any BrowsingContexts racily created during the discard
process don't end up creating a separate BrowsingContextGroup from their
relatives, and triggering group mismatch assertions.
Differential Revision: https://phabricator.services.mozilla.com/D84548
This requires keeping track of the current process used to host documents with a
particular remote type loaded in each BrowsingContextGroup. Due to lifecycle
oddities, this set is kept separate from the existing subscribers set on
BrowsingContextGroup.
Differential Revision: https://phabricator.services.mozilla.com/D84061
We now cache the shortcuts permission in a synced field on
`WindowContext`. This will allow checking the permission quickly and
without IPC when Fission is enabled and the top-level document is
in another process.
Differential Revision: https://phabricator.services.mozilla.com/D84182
CLOSED TREE
We don't need these macros anymore, for two reasons:
1. We have static analysis to provide the same sort of checks via `MOZ_RAII`
and friends.
2. clang now warns for the "temporary that should have been a declaration" case.
The extra requirements on class construction also show up during debug tests
as performance problems.
This change was automated by using the following sed script:
```
# Remove declarations in classes.
/MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER/d
/MOZ_GUARD_OBJECT_NOTIFIER_INIT/d
# Remove individual macros, carefully.
{
# We don't have to worry about substrings here because the closing
# parenthesis "anchors" the match.
s/MOZ_GUARD_OBJECT_NOTIFIER_PARAM)/)/g;
s/MOZ_GUARD_OBJECT_NOTIFIER_PARAM_TO_PARENT)/)/g;
s/MOZ_GUARD_OBJECT_NOTIFIER_PARAM_IN_IMPL)/)/g;
s/MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM_IN_IMPL)/)/g;
# Remove the longer identifier first.
s/MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM_TO_PARENT//g;
s/MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM//g;
}
# Remove the actual include.
\@# *include "mozilla/GuardObjects.h"@d
```
and running:
```
find . -name \*.cpp -o -name \*.h | grep -v 'GuardObjects.h' |xargs sed -i -f script 2>/dev/null
mach clang-format
```
Differential Revision: https://phabricator.services.mozilla.com/D85168
We don't need these macros anymore, for two reasons:
1. We have static analysis to provide the same sort of checks via `MOZ_RAII`
and friends.
2. clang now warns for the "temporary that should have been a declaration" case.
The extra requirements on class construction also show up during debug tests
as performance problems.
This change was automated by using the following sed script:
```
# Remove declarations in classes.
/MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER/d
/MOZ_GUARD_OBJECT_NOTIFIER_INIT/d
# Remove individual macros, carefully.
{
# We don't have to worry about substrings here because the closing
# parenthesis "anchors" the match.
s/MOZ_GUARD_OBJECT_NOTIFIER_PARAM)/)/g;
s/MOZ_GUARD_OBJECT_NOTIFIER_PARAM_TO_PARENT)/)/g;
s/MOZ_GUARD_OBJECT_NOTIFIER_PARAM_IN_IMPL)/)/g;
s/MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM_IN_IMPL)/)/g;
# Remove the longer identifier first.
s/MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM_TO_PARENT//g;
s/MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM//g;
}
# Remove the actual include.
\@# *include "mozilla/GuardObjects.h"@d
```
and running:
```
find . -name \*.cpp -o -name \*.h | grep -v 'GuardObjects.h' |xargs sed -i -f script 2>/dev/null
mach clang-format
```
Differential Revision: https://phabricator.services.mozilla.com/D85168
Steven MacLeod
Kartikaya Gupta
Kris Maglione
Bogdan Tara
Christoph Kerschbaumer
Emilio Cobos Álvarez
Csoregi Natalia
Edgar Chen
Butkovits Atila
Anny Gakhokidze
Nika Layzell
Sebastian Streich
Simon Giesecke
Noemi Erli
Sylvestre Ledru
Andreas Farre
Olli Pettay
Chris H-C
Nathan Froyd
Mihai Alexandru Michis
Kashav Madan
Peter Van der Beken