https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer
"same-origin"
1. If the origin of referrerURL and the origin of request’s current URL are the
same, then return referrerURL.
2. Return no referrer.
Current implementation compares with triggeringPrincipal and current URI,
which is incorrect for static imports.
Also added some test for same-origin in referrer-policy-for-descendants.sub.html
parentWithSameOrigin:
document(origin A) imports import-referrer-checker.sub.js (origin A),
which imports referrer-checker.py (origin A), so referrerURL
(import-referrer-checker.sub.js) is expected.
remoteParentWithSameOriginWhenCrossOriginSameOriginDescendant:
document(origin A) imports a cross-origin import-referrer-checker.sub.js
(origin B),
which imports referrer-checker.py (origin B),
so referrerURL (import-referrer-checker.sub.js) is expected.
remoteParentWithSameOriginWhenCrossOriginRemoteDescendant:
document(origin A) imports a cross-origin import-referrer-checker.sub.js
(origin B),
which imports referrer-checker.py (origin A),
so "" (no referrer) is expected.
Similar tests can also be found in /html/semantics/scripting-1/the-script-element/module/referrer-same-origin.sub.html
Differential Revision: https://phabricator.services.mozilla.com/D187386
https://w3c.github.io/webappsec-referrer-policy/#determine-requests-referrer
"origin-when-cross-origin":
If the origin of referrerURL and the origin of request’s current URL are the same, then return referrerURL.
Originally the implementation checks if the triggeringPrincipal and the
request's current URL are the same-origin.
But this will cause wrong refererr to be sent in the following case:
document (origin: A) -> static import a JS script called Script1 (origin:B)
Script1 imports (statically) another JS script Script2 (origin: B)
According to the spec, when determining the referrer of Script2,
Script1's origin and Script2's origin should be compared,
but in our implementation, the document's origin and the Script2's
origin are compared.
Differential Revision: https://phabricator.services.mozilla.com/D186946
This implementes the following requirement from the spec:
https://html.spec.whatwg.org/#fetch-a-single-module-script
12. In both cases, let processResponseConsumeBody given response response and null, failure, or a byte sequence bodyBytes be the following algorithm:
5. Let referrerPolicy be the result of parsing the `Referrer-Policy` header given response.
6. If referrerPolicy is not the empty string, set options's referrer policy to referrerPolicy.
Differential Revision: https://phabricator.services.mozilla.com/D186944
This patch updates our docs to account for the changes to our mach commands/how best to use them. I noticed some weird spacing and a couple missing words while I was reading through the doc - hopefully the additional changes aren't too distracting.
Differential Revision: https://phabricator.services.mozilla.com/D188385
This modifies the `./mach storybok` command to spin up a local build by default. This should make it easier to ensure the necessary prefs are getting set and reduce some issues we've been hitting lately when new frontend specific prefs get added.
The `time.sleep(5)` call is pretty inelegant, but it works. Wasn't sure how else to go about that since the `npm run storybook` command never terminates, but open to suggestions.
Differential Revision: https://phabricator.services.mozilla.com/D188384
* Lazily calculate changed states and classes when processing pending state & attribute invalidations
* Avoid constructing empty `SmallVec` invalidations when we know there is no invalidation
Differential Revision: https://phabricator.services.mozilla.com/D188733
`putAsciiPrintable` was added temporarily as a substitute for externalizing the
logic done by `QuoteString`, while providing an interface which is as efficient.
Now, `EscapePrinter` is used to replace the content of `QuoteString` while
providing the same implementation, except that it is based on `put` instead of
`putAsciiPrintable`. The `EscapePrinter` already provides the guarantees that
are asserted by `putAsciiPrintable`, thus there is no longer any need for it.
As this patch set introduced `putAsciiPrintable`, there is not yet any external
consumer of it, and `EscapePrinter` should cover all use cases where non-ascii
inputs are provided.
Differential Revision: https://phabricator.services.mozilla.com/D183760
The previous patch reimplemented QuoteString to use a `StringSegmentRange`,
which should avoid mutating the inner parts of `JSRope`, while remaining fast on
`JSAtom`-s.
As the StringSegmentRange does not need to allocate with `ensureLinear`, then
all the failures are reported by the `put` functions using the `GenericPrinter`
mechanism, and the `release` functions of `Sprinter` would report the failure if
any.
Thus, there is no need for retuning a boolean value anymore from `QuoteString`
and `JSONQuoteString`, while this is still necessary to check the returned value
variant of `QuoteString` which returns `UniqueChars` by using the `release`
function of `Sprinter`.
Differential Revision: https://phabricator.services.mozilla.com/D183759
When reporting failure, we have to prevent continuation iterating over the
string segments, and stop early, as well as not ignoring the errors.
Differential Revision: https://phabricator.services.mozilla.com/D188248
`QuoteString` is today only available as a mean to serialize a `JSString` to a
`Sprinter`, or by making an extra temporary allocation whch is most likely
discarded once the serialized content has been used once.
This implementation provide a generic escaping mechanism, named `EscapePrinter`,
which can be used on top of any existing Printer class, and with any escaping
logic such as different quotes, or different quotation marks if needed. The
different quoting strategies are implemented using a class which provides
`isSafeChar` and `convertInto` to normalize the `JSString` input characters into
characters which are properly encoded for the Printer.
This change keep the original `QuoteString` behavior, while replacing its
fallible implementation by an infallible implementation. `QuoteString` had an
undocummented side-effect of linearizing the strings while reading them, which
causes memory allocation and potential GC failures. This change replaces the
`ensureLinear` call by the new `GenericPrinter::putString` function which relies
on `StringSegmentRange` to iterate over the string fragments and serialize the
content which does not have the same side-effects.
If performance issue arise from this modification, calls to `ensureLinear`
should be added before the `QuoteString` calls.
Differential Revision: https://phabricator.services.mozilla.com/D183758
`putString` requires a JSContext, and it is taken out of Sprinter, which does
not make much sense. Making it explicit that a JSContext is required to print
JSString would make things simpler for users instead of failing during the
execution.
Differential Revision: https://phabricator.services.mozilla.com/D187202
Sprinter::jsprintf is nowadays the same as GenericPrinter::printf which Sprinter
inherit from. This patch removes all calls to Sprinter::jsprintf and replaces
them by Sprinter::printf.
The advantage of using GenericPrinter::printf is that this reduce the dependency
on Sprinter-specific interface and moves us toward being able to move more
consumers over to the GenericPrinter.
Differential Revision: https://phabricator.services.mozilla.com/D181500
Now that Sprinter::put and Sprinter::jsprintf functions are infallible, there is
no need to return a boolean from Nursery::printProfileDurations and
Statistics::printProfileTimes functions.
Differential Revision: https://phabricator.services.mozilla.com/D181499
Remove the boolean returned value of printing functions of the GenericPrinter
and all descendant classes.
The goal being that error checking is the responsibility of the wrapping
function in charge of the GenericPrinter, and that functions in charge of
providing content should assume that everything is always written successfully.
This patch only look at the GenericPrinter methods, consumers of these functions
would be updated in subsequent patches.
Differential Revision: https://phabricator.services.mozilla.com/D181498
As we are going to remove the returned value, and to be extra cautious, we skip
future re-entry in case of previous failures.
Differential Revision: https://phabricator.services.mozilla.com/D181497
As functions are made infallible, only the 2 release functions are reporting
errors. The advantage of this approach is that the error reporting and checking
would only happen in the release functions calls in the future. This enables
the upcoming set of patches to change the return type of put functions to make
them infallible, reduce the number of visible branches in debugging code.
This makes the Sprinter class more like a "Sink allocator", where the smell of
allocation failures does not propagate immediatly through the sinking water until
all the water has been through.
Differential Revision: https://phabricator.services.mozilla.com/D181496
When using Sprinter::string, one assumes that out-of-memory errors have been
reported earlier. As the code is being converted to be infallible, the
out-of-memory is thus needed when the release function is called. This change
replaces all Sprinter::string by Sprinter::release and explicit the error
checking code path which would be relevant when the Sprinter::put function would
become infallible in follow-up patches.
Differential Revision: https://phabricator.services.mozilla.com/D181495
Sprinter::releaseJS centralize a mechanism which used in many places across the
JS engine, and replaces it with a single function call as well as democratising
the proper handling of UTF8 which might be added to Sprinter allocated strings.
Differential Revision: https://phabricator.services.mozilla.com/D181494
Sprinter already create strings, and the ExpressionDecompiler duplicates this
logic to copy the content of the Sprinter buffer. While there is a benefit in
case we over-allocated ahead using Sprinter, this should still reduce the peak
memory allocation.
Differential Revision: https://phabricator.services.mozilla.com/D181489
QuoteString is currently specialized with a Sprinter argument, but to do that it
relies on the `operator[]`, which implies being able to read the bytes. While
there is no issue today, this goes against making the *Printers infallible.
Thus, this change moves the append logic to a dedicated `putAsciiPrintable`,
removing the `getOffset()` and `operator[]` usage from `QuoteString`.
Differential Revision: https://phabricator.services.mozilla.com/D181488
The `GenericPrinterPrintTarget` uses the same `GenericPrinter`, which already
handles the out-of-memory reporting. Thus, there is no need to report it once
more in `GenericPrinter::vprintf`.
Differential Revision: https://phabricator.services.mozilla.com/D181487
This change move the error reporting to the JSContext to be an independent
function, such that we can later migrate `Sprinter::put` to become infallible.
Differential Revision: https://phabricator.services.mozilla.com/D181486
* Modify panel-list and panel-item to support submenu list items
* Add submenu items for Move Tabs and Send Tabs to Devices to open tabs
* Add test coverage for submenu items in open tabs
Differential Revision: https://phabricator.services.mozilla.com/D186471