Allows top level non-XUL documents to share this code. Three tests had to
be adjusted to account for the attributes being chrome only now and not
available to content privilege XUL. In two tests, the values attributes
are now simply undefined. The crashtest was converted to a chrome
mochitest to preserve what it was testing.
MozReview-Commit-ID: 99w9Ax4et3C
--HG--
rename : dom/base/crashtests/473284.xul => dom/base/test/chrome/test_bug473284.xul
extra : rebase_source : 924d34a88fe8a48d766f78b02e64275f6e7cdc2b
This is sound because the unlink implementation of the stylesheet drops the
preserved wrapper, and there are no strong references back to any node from the
stylesheet or any of the non-unlinked members.
This almost is the same setup that works for document sheets. We need to account
for a double reference in case the sheet is applicable because Servo keeps
another reference to it in that case, instead of in the StyleSet / PresShell.
Added the testcase as a crashtest, in the hopes that if it regresses leak
reporting on automation will catch it.
MozReview-Commit-ID: Kcc5oaOvP9A
Most of the Shadow DOM related code are behind "dom.webcomponents.enabled" and
this pref is only used by Shadow DOM right now, so we should rename it to
"dom.webcomponents.shadowdom.enabled"
MozReview-Commit-ID: er1c7AsSSW
CustomElements feature now is only controlled by dom.webcomponents.customelements.enabled pref.
MozReview-Commit-ID: G6hdIAsSeX7
--HG--
extra : rebase_source : 064349a0319e445e4bcd6bfbdcd69b7085c347b6
In the test file 1411473.html, there are 3 calls to
nsImageLoadingContent::LoadImage
1. Triggered by setting src attribute, and this sets the mCurrentRequest.
2. Triggered by setting crossOrigin attribute, this forcibly reloads the image,
and this sets the mPendingRequest.
3. Triggered by loading the image which is adopted into a new created data
document by
'document.implementation.createDocument('', '', null).adoptNode(img)'
However in the 3rd call, when it calls nsImageLoadingContent::LoadImage, It
will bail out in the aDocument->IsLoadedAsData() part
http://searchfox.org/mozilla-central/rev/5a60492a53667fc61a62af1847d005a210b7a4f6/dom/base/nsImageLoadingContent.cpp#942
And when it calls SetBlockedRequest, at this time we have a non-null
mCurrentRequest and a non-null mPendingRequest, so this triggers the
assertion of mPendingRequest should be null when we got blocked, which
is added in bug 1267075.
Since data document is not the active document,
per https://html.spec.whatwg.org/multipage/images.html#updating-the-image-data,
Step 1, we should skip the image loading in HTMLImageElement.
nsDOMAttributeMap::BlastSubtreeToPieces() uses a hash table iterator
to get an arbitrary element from a hash table. This marks the hash
table as being in use. It then modifies the hash table before the
iterator is destroyed, triggering an assertion. The fix is to restrict
the scope of the iterator so that it is destroyed before the hashtable
is modified.
The existing code is safe because the iterator is never used after the
hash table has been modified.
MozReview-Commit-ID: DUjqewvwEe7
--HG--
extra : rebase_source : 698046af75890c8f52ba15331115b9ff119c689a
Brendan Dahl
Jesse Ruderman
Olli Pettay
Emilio Cobos Álvarez
Dão Gottwald
Tyson Smith
Boris Zbarsky
Jonathan Watt
Jessica Jong
Christoph Kerschbaumer
Andreea Pavel
Narcis Beleuzu
Edgar Chen
Yoshi Huang
Sebastian Hengst
Jason Orendorff
Ryan VanderMeulen
Ehsan Akhgari
Cameron McCormack
cku
Andrew McCreight
Ethan Lin
Andrea Marchesini
Xidorn Quan
Samael Wang
Henri Sivonen