diff --git a/Libraries/LibIPC/Decoder.cpp b/Libraries/LibIPC/Decoder.cpp index 58b61c4143a..3a521627aa6 100644 --- a/Libraries/LibIPC/Decoder.cpp +++ b/Libraries/LibIPC/Decoder.cpp @@ -106,7 +106,7 @@ ErrorOr decode(Decoder& decoder) { auto is_opaque = TRY(decoder.decode()); if (is_opaque) - return URL::Origin {}; + return URL::Origin::create_opaque(); auto scheme = TRY(decoder.decode>()); auto host = TRY(decoder.decode()); diff --git a/Libraries/LibURL/Origin.cpp b/Libraries/LibURL/Origin.cpp index 9d14bac6675..481d7e26616 100644 --- a/Libraries/LibURL/Origin.cpp +++ b/Libraries/LibURL/Origin.cpp @@ -10,6 +10,12 @@ namespace URL { +// FIXME: This should be generating a unique origin identifer that can be used for equality checks. +Origin Origin::create_opaque() +{ + return Origin {}; +} + // https://html.spec.whatwg.org/multipage/browsers.html#same-site bool Origin::is_same_site(Origin const& other) const { diff --git a/Libraries/LibURL/Origin.h b/Libraries/LibURL/Origin.h index 8914d1ff764..51e2755ea12 100644 --- a/Libraries/LibURL/Origin.h +++ b/Libraries/LibURL/Origin.h @@ -15,10 +15,6 @@ namespace URL { class Origin { public: - // FIXME: This should be generating a unique origin identifer that can be used for equality checks. - // Probably we should remove the default constructor, and instead expose this as a factory method. - Origin() = default; - Origin(Optional const& scheme, Host const& host, Optional port) : m_state(State { .scheme = scheme, @@ -28,6 +24,8 @@ public: { } + static Origin create_opaque(); + // https://html.spec.whatwg.org/multipage/origin.html#concept-origin-opaque bool is_opaque() const { return !m_state.has_value(); } @@ -102,6 +100,8 @@ public: bool operator==(Origin const& other) const { return is_same_origin(other); } private: + Origin() = default; + struct State { Optional scheme; Host host; diff --git a/Libraries/LibURL/URL.cpp b/Libraries/LibURL/URL.cpp index cd8843dd2ea..6b99b051571 100644 --- a/Libraries/LibURL/URL.cpp +++ b/Libraries/LibURL/URL.cpp @@ -345,14 +345,14 @@ Origin URL::origin() const // 3. If pathURL is failure, then return a new opaque origin. if (!path_url.has_value()) - return Origin {}; + return Origin::create_opaque(); // 4. If pathURL’s scheme is "http", "https", or "file", then return pathURL’s origin. if (path_url->scheme().is_one_of("http"sv, "https"sv, "file"sv)) return path_url->origin(); // 5. Return a new opaque origin. - return Origin {}; + return Origin::create_opaque(); } // -> "ftp" @@ -375,7 +375,7 @@ Origin URL::origin() const // -> Otherwise // Return a new opaque origin. - return Origin {}; + return Origin::create_opaque(); } bool URL::equals(URL const& other, ExcludeFragment exclude_fragments) const diff --git a/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp b/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp index 463f8fa5132..a880b6b81e0 100644 --- a/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp +++ b/Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp @@ -201,7 +201,7 @@ SerializedPolicy Policy::serialize() const .directives = move(serialized_directives), .disposition = m_disposition, .source = m_source, - .self_origin = m_self_origin, + .self_origin = m_self_origin.value(), .pre_parsed_policy_string = m_pre_parsed_policy_string, }; } diff --git a/Libraries/LibWeb/ContentSecurityPolicy/Policy.h b/Libraries/LibWeb/ContentSecurityPolicy/Policy.h index d94998fe726..9461d29f2ae 100644 --- a/Libraries/LibWeb/ContentSecurityPolicy/Policy.h +++ b/Libraries/LibWeb/ContentSecurityPolicy/Policy.h @@ -45,7 +45,7 @@ public: [[nodiscard]] Vector> const& directives() const { return m_directives; } [[nodiscard]] Disposition disposition() const { return m_disposition; } [[nodiscard]] Source source() const { return m_source; } - [[nodiscard]] URL::Origin const& self_origin() const { return m_self_origin; } + [[nodiscard]] URL::Origin const& self_origin() const { return m_self_origin.value(); } [[nodiscard]] String const& pre_parsed_policy_string(Badge) const { return m_pre_parsed_policy_string; } [[nodiscard]] bool contains_directive_with_name(StringView name) const; @@ -81,7 +81,7 @@ private: // Spec Note: This is needed to facilitate the 'self' checks of local scheme documents/workers that have inherited // their policy but have an opaque origin. Most of the time this will simply be the environment settings // object’s origin. - URL::Origin m_self_origin; + Optional m_self_origin; // This is used for reporting which policy was violated. It's not exactly specified, only linking to an ABNF grammar // definition. WebKit and Blink return the original string that was parsed, whereas Firefox seems to try and return diff --git a/Libraries/LibWeb/ContentSecurityPolicy/SerializedPolicy.cpp b/Libraries/LibWeb/ContentSecurityPolicy/SerializedPolicy.cpp index a466a2d5abd..b99afebce4b 100644 --- a/Libraries/LibWeb/ContentSecurityPolicy/SerializedPolicy.cpp +++ b/Libraries/LibWeb/ContentSecurityPolicy/SerializedPolicy.cpp @@ -25,15 +25,13 @@ ErrorOr encode(Encoder& encoder, Web::ContentSecurityPolicy::SerializedPol template<> ErrorOr decode(Decoder& decoder) { - Web::ContentSecurityPolicy::SerializedPolicy serialized_policy {}; - - serialized_policy.directives = TRY(decoder.decode>()); - serialized_policy.disposition = TRY(decoder.decode()); - serialized_policy.source = TRY(decoder.decode()); - serialized_policy.self_origin = TRY(decoder.decode()); - serialized_policy.pre_parsed_policy_string = TRY(decoder.decode()); - - return serialized_policy; + return Web::ContentSecurityPolicy::SerializedPolicy { + .directives = TRY(decoder.decode>()), + .disposition = TRY(decoder.decode()), + .source = TRY(decoder.decode()), + .self_origin = TRY(decoder.decode()), + .pre_parsed_policy_string = TRY(decoder.decode()), + }; } } diff --git a/Libraries/LibWeb/DOM/DocumentLoading.h b/Libraries/LibWeb/DOM/DocumentLoading.h index 0dc81bc50e2..787b68c2d0c 100644 --- a/Libraries/LibWeb/DOM/DocumentLoading.h +++ b/Libraries/LibWeb/DOM/DocumentLoading.h @@ -24,7 +24,7 @@ GC::Ref create_document_for_inline_content(GC::Ptractive_document()); // 1. Let origin be a new opaque origin. - URL::Origin origin {}; + auto origin = URL::Origin::create_opaque(); // 2. Let coop be a new opener policy. auto coop = HTML::OpenerPolicy {}; diff --git a/Libraries/LibWeb/HTML/BrowsingContext.cpp b/Libraries/LibWeb/HTML/BrowsingContext.cpp index 7203022ce9c..bd04b877d5b 100644 --- a/Libraries/LibWeb/HTML/BrowsingContext.cpp +++ b/Libraries/LibWeb/HTML/BrowsingContext.cpp @@ -56,12 +56,12 @@ URL::Origin determine_the_origin(Optional url, SandboxingFlagSe { // 1. If sandboxFlags has its sandboxed origin browsing context flag set, then return a new opaque origin. if (has_flag(sandbox_flags, SandboxingFlagSet::SandboxedOrigin)) { - return URL::Origin {}; + return URL::Origin::create_opaque(); } // 2. If url is null, then return a new opaque origin. if (!url.has_value()) { - return URL::Origin {}; + return URL::Origin::create_opaque(); } // 3. If url is about:srcdoc, then: diff --git a/Libraries/LibWeb/HTML/HTMLLinkElement.cpp b/Libraries/LibWeb/HTML/HTMLLinkElement.cpp index 9e36d6a3c47..24a03b83876 100644 --- a/Libraries/LibWeb/HTML/HTMLLinkElement.cpp +++ b/Libraries/LibWeb/HTML/HTMLLinkElement.cpp @@ -263,26 +263,27 @@ HTMLLinkElement::LinkProcessingOptions HTMLLinkElement::create_link_options() auto& document = this->document(); // 2. Let options be a new link processing options with - LinkProcessingOptions options; - // FIXME: destination the result of translating the state of el's as attribute - // crossorigin the state of el's crossorigin content attribute - options.crossorigin = cors_setting_attribute_from_keyword(get_attribute(AttributeNames::crossorigin)); - // referrer policy the state of el's referrerpolicy content attribute - options.referrer_policy = ReferrerPolicy::from_string(get_attribute(AttributeNames::referrerpolicy).value_or(""_string)).value_or(ReferrerPolicy::ReferrerPolicy::EmptyString); - // FIXME: source set el's source set - // base URL document's document base URL - options.base_url = document.base_url(); - // origin document's origin - options.origin = document.origin(); - // environment document's relevant settings object - options.environment = &document.relevant_settings_object(); - // policy container document's policy container - options.policy_container = document.policy_container(); - // document document - options.document = &document; - // FIXME: cryptographic nonce metadata the current value of el's [[CryptographicNonce]] internal slot - // fetch priority the state of el's fetchpriority content attribute - options.fetch_priority = Fetch::Infrastructure::request_priority_from_string(get_attribute_value(HTML::AttributeNames::fetchpriority)).value_or(Fetch::Infrastructure::Request::Priority::Auto); + LinkProcessingOptions options { + // FIXME: destination the result of translating the state of el's as attribute + // crossorigin the state of el's crossorigin content attribute + .crossorigin = cors_setting_attribute_from_keyword(get_attribute(AttributeNames::crossorigin)), + // referrer policy the state of el's referrerpolicy content attribute + .referrer_policy = ReferrerPolicy::from_string(get_attribute(AttributeNames::referrerpolicy).value_or(""_string)).value_or(ReferrerPolicy::ReferrerPolicy::EmptyString), + // FIXME: source set el's source set + // base URL document's document base URL + .base_url = document.base_url(), + // origin document's origin + .origin = document.origin(), + // environment document's relevant settings object + .environment = &document.relevant_settings_object(), + // policy container document's policy container + .policy_container = document.policy_container(), + // document document + .document = &document, + // FIXME: cryptographic nonce metadata the current value of el's [[CryptographicNonce]] internal slot + // fetch priority the state of el's fetchpriority content attribute + .fetch_priority = Fetch::Infrastructure::request_priority_from_string(get_attribute_value(HTML::AttributeNames::fetchpriority)).value_or(Fetch::Infrastructure::Request::Priority::Auto), + }; // 3. If el has an href attribute, then set options's href to the value of el's href attribute. if (auto maybe_href = get_attribute(AttributeNames::href); maybe_href.has_value()) diff --git a/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp b/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp index ffedc4cf340..ca51911c07c 100644 --- a/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp +++ b/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp @@ -4573,7 +4573,7 @@ Vector> HTMLParser::parse_html_fragment(DOM::Element& contex // AD-HOC: The origin is not otherwise set for the document, but it may be accessed during parsing // script. For now, let's just use an opaque origin, but it is likely that the spec is // missing setting this origin. - temp_document->set_origin(URL::Origin {}); + temp_document->set_origin(URL::Origin::create_opaque()); // 2. If context's node document is in quirks mode, then set document's mode to "quirks". if (context_element.document().in_quirks_mode()) diff --git a/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.cpp b/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.cpp index eedd78ed8b2..baafa43ae39 100644 --- a/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.cpp +++ b/Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.cpp @@ -30,20 +30,18 @@ ErrorOr encode(Encoder& encoder, Web::HTML::SerializedEnvironmentSettingsO template<> ErrorOr decode(Decoder& decoder) { - Web::HTML::SerializedEnvironmentSettingsObject object {}; - - object.id = TRY(decoder.decode()); - object.creation_url = TRY(decoder.decode()); - object.top_level_creation_url = TRY(decoder.decode>()); - object.top_level_origin = TRY(decoder.decode>()); - object.api_url_character_encoding = TRY(decoder.decode()); - object.api_base_url = TRY(decoder.decode()); - object.origin = TRY(decoder.decode()); - object.policy_container = TRY(decoder.decode()); - object.cross_origin_isolated_capability = TRY(decoder.decode()); - object.time_origin = TRY(decoder.decode()); - - return object; + return Web::HTML::SerializedEnvironmentSettingsObject { + .id = TRY(decoder.decode()), + .creation_url = TRY(decoder.decode()), + .top_level_creation_url = TRY(decoder.decode>()), + .top_level_origin = TRY(decoder.decode>()), + .api_url_character_encoding = TRY(decoder.decode()), + .api_base_url = TRY(decoder.decode()), + .origin = TRY(decoder.decode()), + .policy_container = TRY(decoder.decode()), + .cross_origin_isolated_capability = TRY(decoder.decode()), + .time_origin = TRY(decoder.decode()), + }; } } diff --git a/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.cpp b/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.cpp index 7ba3f473dab..8d5c3e8fc82 100644 --- a/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.cpp +++ b/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.cpp @@ -30,9 +30,8 @@ GC::Ref WorkerEnvironmentSettingsObject::setup( // 4. Let settings object be a new environment settings object whose algorithms are defined as follows: // NOTE: See the functions defined for this class. - auto settings_object = realm->create(move(execution_context), worker, unsafe_worker_creation_time); + auto settings_object = realm->create(move(execution_context), worker, move(inherited_origin), unsafe_worker_creation_time); settings_object->target_browsing_context = nullptr; - settings_object->m_origin = move(inherited_origin); // FIXME: 5. Set settings object's id to a new unique opaque string, creation URL to worker global scope's url, top-level creation URL to null, target browsing context to null, and active service worker to null. // 6. If worker global scope is a DedicatedWorkerGlobalScope object, then set settings object's top-level origin to outside settings's top-level origin. @@ -64,7 +63,7 @@ URL::Origin WorkerEnvironmentSettingsObject::origin() const { // Return a unique opaque origin if worker global scope's url's scheme is "data", and inherited origin otherwise. if (m_global_scope->url().scheme() == "data") - return URL::Origin {}; + return URL::Origin::create_opaque(); return m_origin; } diff --git a/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.h b/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.h index 0836e7f202c..c1ba0f7a26a 100644 --- a/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.h +++ b/Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.h @@ -18,8 +18,9 @@ class WorkerEnvironmentSettingsObject final GC_DECLARE_ALLOCATOR(WorkerEnvironmentSettingsObject); public: - WorkerEnvironmentSettingsObject(NonnullOwnPtr execution_context, GC::Ref global_scope, HighResolutionTime::DOMHighResTimeStamp unsafe_worker_creation_time) + WorkerEnvironmentSettingsObject(NonnullOwnPtr execution_context, GC::Ref global_scope, URL::Origin origin, HighResolutionTime::DOMHighResTimeStamp unsafe_worker_creation_time) : EnvironmentSettingsObject(move(execution_context)) + , m_origin(move(origin)) , m_global_scope(global_scope) , m_unsafe_worker_creation_time(unsafe_worker_creation_time) { diff --git a/Libraries/LibWeb/HTML/SharedWorkerGlobalScope.h b/Libraries/LibWeb/HTML/SharedWorkerGlobalScope.h index a1516773590..ba477fe6c80 100644 --- a/Libraries/LibWeb/HTML/SharedWorkerGlobalScope.h +++ b/Libraries/LibWeb/HTML/SharedWorkerGlobalScope.h @@ -26,7 +26,7 @@ public: virtual ~SharedWorkerGlobalScope() override; void set_constructor_origin(URL::Origin origin) { m_constructor_origin = move(origin); } - URL::Origin const& constructor_origin() const { return m_constructor_origin; } + URL::Origin const& constructor_origin() const { return m_constructor_origin.value(); } void set_constructor_url(URL::URL url) { m_constructor_url = move(url); } URL::URL const& constructor_url() const { return m_constructor_url; } @@ -48,7 +48,7 @@ private: virtual void initialize_web_interfaces_impl() override; virtual void finalize() override; - URL::Origin m_constructor_origin; + Optional m_constructor_origin; URL::URL m_constructor_url; Fetch::Infrastructure::Request::CredentialsMode m_credentials; }; diff --git a/Libraries/LibWeb/SVG/SVGDecodedImageData.cpp b/Libraries/LibWeb/SVG/SVGDecodedImageData.cpp index 469d6b1082b..aae5ea9c5f6 100644 --- a/Libraries/LibWeb/SVG/SVGDecodedImageData.cpp +++ b/Libraries/LibWeb/SVG/SVGDecodedImageData.cpp @@ -37,15 +37,16 @@ ErrorOr> SVGDecodedImageData::create(JS::Realm& rea GC::Ref navigable = page->top_level_traversable(); auto response = Fetch::Infrastructure::Response::create(navigable->vm()); response->url_list().append(url); + auto origin = URL::Origin::create_opaque(); auto navigation_params = navigable->heap().allocate(OptionalNone {}, navigable, nullptr, response, nullptr, nullptr, - HTML::OpenerPolicyEnforcementResult {}, + HTML::OpenerPolicyEnforcementResult { .url = url, .origin = origin, .opener_policy = HTML::OpenerPolicy {} }, nullptr, - URL::Origin {}, + origin, navigable->heap().allocate(realm.heap()), HTML::SandboxingFlagSet {}, HTML::OpenerPolicy {},