LibURL+LibWeb: Make URL::Origin default constructor private

Instead, porting over all users to use the newly created
Origin::create_opaque factory function. This also requires porting
over some users of Origin to avoid default construction.

Libraries/LibIPC/Decoder.cpp

@@ -106,7 +106,7 @@ ErrorOr<URL::Origin> decode(Decoder& decoder)
 {
     auto is_opaque = TRY(decoder.decode<bool>());
     if (is_opaque)
-        return URL::Origin {};
+        return URL::Origin::create_opaque();
 
     auto scheme = TRY(decoder.decode<Optional<String>>());
     auto host = TRY(decoder.decode<URL::Host>());

Libraries/LibURL/Origin.cpp

@@ -10,6 +10,12 @@
 
 namespace URL {
 
+// FIXME: This should be generating a unique origin identifer that can be used for equality checks.
+Origin Origin::create_opaque()
+{
+    return Origin {};
+}
+
 // https://html.spec.whatwg.org/multipage/browsers.html#same-site
 bool Origin::is_same_site(Origin const& other) const
 {

Libraries/LibURL/Origin.h

@@ -15,10 +15,6 @@ namespace URL {
 
 class Origin {
 public:
-    // FIXME: This should be generating a unique origin identifer that can be used for equality checks.
-    //        Probably we should remove the default constructor, and instead expose this as a factory method.
-    Origin() = default;
-
     Origin(Optional<String> const& scheme, Host const& host, Optional<u16> port)
         : m_state(State {
               .scheme = scheme,
@@ -28,6 +24,8 @@ public:
     {
     }
 
+    static Origin create_opaque();
+
     // https://html.spec.whatwg.org/multipage/origin.html#concept-origin-opaque
     bool is_opaque() const { return !m_state.has_value(); }
 
@@ -102,6 +100,8 @@ public:
     bool operator==(Origin const& other) const { return is_same_origin(other); }
 
 private:
+    Origin() = default;
+
     struct State {
         Optional<String> scheme;
         Host host;

Libraries/LibURL/URL.cpp

@@ -345,14 +345,14 @@ Origin URL::origin() const
 
         // 3. If pathURL is failure, then return a new opaque origin.
         if (!path_url.has_value())
-            return Origin {};
+            return Origin::create_opaque();
 
         // 4. If pathURL’s scheme is "http", "https", or "file", then return pathURL’s origin.
         if (path_url->scheme().is_one_of("http"sv, "https"sv, "file"sv))
             return path_url->origin();
 
         // 5. Return a new opaque origin.
-        return Origin {};
+        return Origin::create_opaque();
     }
 
     // -> "ftp"
@@ -375,7 +375,7 @@ Origin URL::origin() const
 
     // -> Otherwise
     // Return a new opaque origin.
-    return Origin {};
+    return Origin::create_opaque();
 }
 
 bool URL::equals(URL const& other, ExcludeFragment exclude_fragments) const

Libraries/LibWeb/ContentSecurityPolicy/Policy.cpp

@@ -201,7 +201,7 @@ SerializedPolicy Policy::serialize() const
         .directives = move(serialized_directives),
         .disposition = m_disposition,
         .source = m_source,
-        .self_origin = m_self_origin,
+        .self_origin = m_self_origin.value(),
         .pre_parsed_policy_string = m_pre_parsed_policy_string,
     };
 }

Libraries/LibWeb/ContentSecurityPolicy/Policy.h

@@ -45,7 +45,7 @@ public:
     [[nodiscard]] Vector<GC::Ref<Directives::Directive>> const& directives() const { return m_directives; }
     [[nodiscard]] Disposition disposition() const { return m_disposition; }
     [[nodiscard]] Source source() const { return m_source; }
-    [[nodiscard]] URL::Origin const& self_origin() const { return m_self_origin; }
+    [[nodiscard]] URL::Origin const& self_origin() const { return m_self_origin.value(); }
     [[nodiscard]] String const& pre_parsed_policy_string(Badge<Violation>) const { return m_pre_parsed_policy_string; }
 
     [[nodiscard]] bool contains_directive_with_name(StringView name) const;
@@ -81,7 +81,7 @@ private:
     // Spec Note: This is needed to facilitate the 'self' checks of local scheme documents/workers that have inherited
     //            their policy but have an opaque origin. Most of the time this will simply be the environment settings
     //            object’s origin.
-    URL::Origin m_self_origin;
+    Optional<URL::Origin> m_self_origin;
 
     // This is used for reporting which policy was violated. It's not exactly specified, only linking to an ABNF grammar
     // definition. WebKit and Blink return the original string that was parsed, whereas Firefox seems to try and return

Libraries/LibWeb/ContentSecurityPolicy/SerializedPolicy.cpp

@@ -25,15 +25,13 @@ ErrorOr<void> encode(Encoder& encoder, Web::ContentSecurityPolicy::SerializedPol
 template<>
 ErrorOr<Web::ContentSecurityPolicy::SerializedPolicy> decode(Decoder& decoder)
 {
-    Web::ContentSecurityPolicy::SerializedPolicy serialized_policy {};
+    return Web::ContentSecurityPolicy::SerializedPolicy {
-
+        .directives = TRY(decoder.decode<Vector<Web::ContentSecurityPolicy::Directives::SerializedDirective>>()),
-    serialized_policy.directives = TRY(decoder.decode<Vector<Web::ContentSecurityPolicy::Directives::SerializedDirective>>());
+        .disposition = TRY(decoder.decode<Web::ContentSecurityPolicy::Policy::Disposition>()),
-    serialized_policy.disposition = TRY(decoder.decode<Web::ContentSecurityPolicy::Policy::Disposition>());
+        .source = TRY(decoder.decode<Web::ContentSecurityPolicy::Policy::Source>()),
-    serialized_policy.source = TRY(decoder.decode<Web::ContentSecurityPolicy::Policy::Source>());
+        .self_origin = TRY(decoder.decode<URL::Origin>()),
-    serialized_policy.self_origin = TRY(decoder.decode<URL::Origin>());
+        .pre_parsed_policy_string = TRY(decoder.decode<String>()),
-    serialized_policy.pre_parsed_policy_string = TRY(decoder.decode<String>());
+    };
-
-    return serialized_policy;
 }
 
 }

Libraries/LibWeb/DOM/DocumentLoading.h

@@ -24,7 +24,7 @@ GC::Ref<DOM::Document> create_document_for_inline_content(GC::Ptr<HTML::Navigabl
     VERIFY(navigable->active_document());
 
     // 1. Let origin be a new opaque origin.
-    URL::Origin origin {};
+    auto origin = URL::Origin::create_opaque();
 
     // 2. Let coop be a new opener policy.
     auto coop = HTML::OpenerPolicy {};

Libraries/LibWeb/HTML/BrowsingContext.cpp

@@ -56,12 +56,12 @@ URL::Origin determine_the_origin(Optional<URL::URL const&> url, SandboxingFlagSe
 {
     // 1. If sandboxFlags has its sandboxed origin browsing context flag set, then return a new opaque origin.
     if (has_flag(sandbox_flags, SandboxingFlagSet::SandboxedOrigin)) {
-        return URL::Origin {};
+        return URL::Origin::create_opaque();
     }
 
     // 2. If url is null, then return a new opaque origin.
     if (!url.has_value()) {
-        return URL::Origin {};
+        return URL::Origin::create_opaque();
     }
 
     // 3. If url is about:srcdoc, then:

Libraries/LibWeb/HTML/HTMLLinkElement.cpp

@@ -263,26 +263,27 @@ HTMLLinkElement::LinkProcessingOptions HTMLLinkElement::create_link_options()
     auto& document = this->document();
 
     // 2. Let options be a new link processing options with
-    LinkProcessingOptions options;
+    LinkProcessingOptions options {
         // FIXME: destination                      the result of translating the state of el's as attribute
         // crossorigin                      the state of el's crossorigin content attribute
-    options.crossorigin = cors_setting_attribute_from_keyword(get_attribute(AttributeNames::crossorigin));
+        .crossorigin = cors_setting_attribute_from_keyword(get_attribute(AttributeNames::crossorigin)),
         // referrer policy                  the state of el's referrerpolicy content attribute
-    options.referrer_policy = ReferrerPolicy::from_string(get_attribute(AttributeNames::referrerpolicy).value_or(""_string)).value_or(ReferrerPolicy::ReferrerPolicy::EmptyString);
+        .referrer_policy = ReferrerPolicy::from_string(get_attribute(AttributeNames::referrerpolicy).value_or(""_string)).value_or(ReferrerPolicy::ReferrerPolicy::EmptyString),
         // FIXME: source set                       el's source set
         // base URL                         document's document base URL
-    options.base_url = document.base_url();
+        .base_url = document.base_url(),
         // origin                           document's origin
-    options.origin = document.origin();
+        .origin = document.origin(),
         // environment                      document's relevant settings object
-    options.environment = &document.relevant_settings_object();
+        .environment = &document.relevant_settings_object(),
         // policy container                 document's policy container
-    options.policy_container = document.policy_container();
+        .policy_container = document.policy_container(),
         // document                         document
-    options.document = &document;
+        .document = &document,
         // FIXME: cryptographic nonce metadata     the current value of el's [[CryptographicNonce]] internal slot
         // fetch priority                   the state of el's fetchpriority content attribute
-    options.fetch_priority = Fetch::Infrastructure::request_priority_from_string(get_attribute_value(HTML::AttributeNames::fetchpriority)).value_or(Fetch::Infrastructure::Request::Priority::Auto);
+        .fetch_priority = Fetch::Infrastructure::request_priority_from_string(get_attribute_value(HTML::AttributeNames::fetchpriority)).value_or(Fetch::Infrastructure::Request::Priority::Auto),
+    };
 
     // 3. If el has an href attribute, then set options's href to the value of el's href attribute.
     if (auto maybe_href = get_attribute(AttributeNames::href); maybe_href.has_value())

Libraries/LibWeb/HTML/Parser/HTMLParser.cpp

@@ -4573,7 +4573,7 @@ Vector<GC::Root<DOM::Node>> HTMLParser::parse_html_fragment(DOM::Element& contex
     // AD-HOC: The origin is not otherwise set for the document, but it may be accessed during parsing
     //         script. For now, let's just use an opaque origin, but it is likely that the spec is
     //         missing setting this origin.
-    temp_document->set_origin(URL::Origin {});
+    temp_document->set_origin(URL::Origin::create_opaque());
 
     // 2. If context's node document is in quirks mode, then set document's mode to "quirks".
     if (context_element.document().in_quirks_mode())

Libraries/LibWeb/HTML/Scripting/SerializedEnvironmentSettingsObject.cpp

@@ -30,20 +30,18 @@ ErrorOr<void> encode(Encoder& encoder, Web::HTML::SerializedEnvironmentSettingsO
 template<>
 ErrorOr<Web::HTML::SerializedEnvironmentSettingsObject> decode(Decoder& decoder)
 {
-    Web::HTML::SerializedEnvironmentSettingsObject object {};
+    return Web::HTML::SerializedEnvironmentSettingsObject {
-
+        .id = TRY(decoder.decode<String>()),
-    object.id = TRY(decoder.decode<String>());
+        .creation_url = TRY(decoder.decode<URL::URL>()),
-    object.creation_url = TRY(decoder.decode<URL::URL>());
+        .top_level_creation_url = TRY(decoder.decode<Optional<URL::URL>>()),
-    object.top_level_creation_url = TRY(decoder.decode<Optional<URL::URL>>());
+        .top_level_origin = TRY(decoder.decode<Optional<URL::Origin>>()),
-    object.top_level_origin = TRY(decoder.decode<Optional<URL::Origin>>());
+        .api_url_character_encoding = TRY(decoder.decode<String>()),
-    object.api_url_character_encoding = TRY(decoder.decode<String>());
+        .api_base_url = TRY(decoder.decode<URL::URL>()),
-    object.api_base_url = TRY(decoder.decode<URL::URL>());
+        .origin = TRY(decoder.decode<URL::Origin>()),
-    object.origin = TRY(decoder.decode<URL::Origin>());
+        .policy_container = TRY(decoder.decode<Web::HTML::SerializedPolicyContainer>()),
-    object.policy_container = TRY(decoder.decode<Web::HTML::SerializedPolicyContainer>());
+        .cross_origin_isolated_capability = TRY(decoder.decode<Web::HTML::CanUseCrossOriginIsolatedAPIs>()),
-    object.cross_origin_isolated_capability = TRY(decoder.decode<Web::HTML::CanUseCrossOriginIsolatedAPIs>());
+        .time_origin = TRY(decoder.decode<double>()),
-    object.time_origin = TRY(decoder.decode<double>());
+    };
-
-    return object;
 }
 
 }

Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.cpp

@@ -30,9 +30,8 @@ GC::Ref<WorkerEnvironmentSettingsObject> WorkerEnvironmentSettingsObject::setup(
 
     // 4. Let settings object be a new environment settings object whose algorithms are defined as follows:
     // NOTE: See the functions defined for this class.
-    auto settings_object = realm->create<WorkerEnvironmentSettingsObject>(move(execution_context), worker, unsafe_worker_creation_time);
+    auto settings_object = realm->create<WorkerEnvironmentSettingsObject>(move(execution_context), worker, move(inherited_origin), unsafe_worker_creation_time);
     settings_object->target_browsing_context = nullptr;
-    settings_object->m_origin = move(inherited_origin);
 
     // FIXME: 5. Set settings object's id to a new unique opaque string, creation URL to worker global scope's url, top-level creation URL to null, target browsing context to null, and active service worker to null.
     // 6. If worker global scope is a DedicatedWorkerGlobalScope object, then set settings object's top-level origin to outside settings's top-level origin.
@@ -64,7 +63,7 @@ URL::Origin WorkerEnvironmentSettingsObject::origin() const
 {
     // Return a unique opaque origin if worker global scope's url's scheme is "data", and inherited origin otherwise.
     if (m_global_scope->url().scheme() == "data")
-        return URL::Origin {};
+        return URL::Origin::create_opaque();
     return m_origin;
 }
 

Libraries/LibWeb/HTML/Scripting/WorkerEnvironmentSettingsObject.h

@@ -18,8 +18,9 @@ class WorkerEnvironmentSettingsObject final
     GC_DECLARE_ALLOCATOR(WorkerEnvironmentSettingsObject);
 
 public:
-    WorkerEnvironmentSettingsObject(NonnullOwnPtr<JS::ExecutionContext> execution_context, GC::Ref<WorkerGlobalScope> global_scope, HighResolutionTime::DOMHighResTimeStamp unsafe_worker_creation_time)
+    WorkerEnvironmentSettingsObject(NonnullOwnPtr<JS::ExecutionContext> execution_context, GC::Ref<WorkerGlobalScope> global_scope, URL::Origin origin, HighResolutionTime::DOMHighResTimeStamp unsafe_worker_creation_time)
         : EnvironmentSettingsObject(move(execution_context))
+        , m_origin(move(origin))
         , m_global_scope(global_scope)
         , m_unsafe_worker_creation_time(unsafe_worker_creation_time)
     {

Libraries/LibWeb/HTML/SharedWorkerGlobalScope.h

@@ -26,7 +26,7 @@ public:
     virtual ~SharedWorkerGlobalScope() override;
 
     void set_constructor_origin(URL::Origin origin) { m_constructor_origin = move(origin); }
-    URL::Origin const& constructor_origin() const { return m_constructor_origin; }
+    URL::Origin const& constructor_origin() const { return m_constructor_origin.value(); }
 
     void set_constructor_url(URL::URL url) { m_constructor_url = move(url); }
     URL::URL const& constructor_url() const { return m_constructor_url; }
@@ -48,7 +48,7 @@ private:
     virtual void initialize_web_interfaces_impl() override;
     virtual void finalize() override;
 
-    URL::Origin m_constructor_origin;
+    Optional<URL::Origin> m_constructor_origin;
     URL::URL m_constructor_url;
     Fetch::Infrastructure::Request::CredentialsMode m_credentials;
 };

Libraries/LibWeb/SVG/SVGDecodedImageData.cpp

@@ -37,15 +37,16 @@ ErrorOr<GC::Ref<SVGDecodedImageData>> SVGDecodedImageData::create(JS::Realm& rea
     GC::Ref<HTML::Navigable> navigable = page->top_level_traversable();
     auto response = Fetch::Infrastructure::Response::create(navigable->vm());
     response->url_list().append(url);
+    auto origin = URL::Origin::create_opaque();
     auto navigation_params = navigable->heap().allocate<HTML::NavigationParams>(OptionalNone {},
         navigable,
         nullptr,
         response,
         nullptr,
         nullptr,
-        HTML::OpenerPolicyEnforcementResult {},
+        HTML::OpenerPolicyEnforcementResult { .url = url, .origin = origin, .opener_policy = HTML::OpenerPolicy {} },
         nullptr,
-        URL::Origin {},
+        origin,
         navigable->heap().allocate<HTML::PolicyContainer>(realm.heap()),
         HTML::SandboxingFlagSet {},
         HTML::OpenerPolicy {},