35 commits

Author	SHA1	Message	Date
Tim Ledbetter	1263d58689	LibWeb: Ignore zero width when calculating SVG intrinsic aspect ratio ... Previously, an SVG with width of zero would have am intrinsic aspect ratio of zero. With this change, if an SVG has a width or height of zero, the intrinsic aspect ratio is determined by the SVG's viewbox.	2025-07-21 11:29:25 +02:00
Gingeh	28774efa22	LibWeb: Don't crash when drawing null image from offscreen canvas	2025-07-20 08:54:53 +02:00
Gingeh	55129644d5	LibWeb: Don't crash when root element becomes a popover or fullscreen	2025-07-20 08:54:53 +02:00
Sam Atkins	5d1ba658c9	Tests: Import attr()-related WPT tests	2025-07-16 14:47:45 +01:00
Tim Ledbetter	d1678e03ff	LibWeb: Check parent node exists before checking its type	2025-07-15 18:37:50 +12:00
Tim Ledbetter	488333aa4b	Tests: Convert an SVG text test to a crash test ... This should have been a crash test, but the test runner previously didn't wait long enough for the test to crash.	2025-07-14 13:05:17 -04:00
Tim Ledbetter	6ee91c4189	LibWeb: Use correct previous word location when moving selection offset ... Previously, this incorrect offset could cause a crash when moving the selection to the previous word.	2025-07-03 10:28:38 +01:00
Tim Ledbetter	689dff3ee8	Tests: Synchronize imported tests with the WPT repository	2025-06-22 23:51:34 +02:00
Shannon Booth	fc62a05c98	LibWeb/DOM: Set Document's origin in JS constructor ... We were missing this spec step, which meant that the created document had no origin, causing a crash when accessed for same-origin checks.	2025-06-18 08:49:01 +02:00
Sam Atkins	0e168ce631	Tests: Reimport dom/nodes/moveBefore tests ... Apart from these moving out of `tentative/`, the custom-element-move-reactions.html test was updated to be less flaky: 5e87cd92c0	2025-06-17 13:59:01 +02:00
Jelle Raaijmakers	b42c2c5e8f	LibWeb: Use code unit offsets in Document::find_matching_text() ... We were passing in byte offsets instead of UTF-16 code unit offsets, which could lead to crashes if the offsets found exceeded the number of code units in text fragments on the page. Fixes #4908. Co-authored-by: Tim Ledbetter <tim.ledbetter@ladybird.org>	2025-06-13 15:08:26 +02:00
Timothy Flynn	fbd1f77161	LibWeb: Disentangle both ends of a MessagePort at once ... Otherwise, the remote end believes it is still entangled and may try to access its own (now null) remote port. This fixes a crash in WPT.	2025-05-24 10:47:06 +12:00
Lyra	39dae6fb2d	LibWeb: Fix SRI handling of badly-formatted strings	2025-05-06 13:02:58 -04:00
Tim Ledbetter	f854f644a7	LibWeb: Don't crash when interpolating non <number> scale values	2025-04-28 11:46:34 +02:00
Shannon Booth	31a3bc3681	LibWeb: Implement 'State-preserving atomic move integration' ... This was recently added to both the HTML and DOM specifications, introducing the new moveBefore DOM API, as well as the new internal 'removing steps'. See: * 432e8fb * eaf2ac7	2025-04-26 08:45:37 -06:00
Shannon Booth	a14481ee05	LibWeb/HTML: Handle no parent element for Element::list_owner ... Fixes a crash when running Speedometer 3.0 as reduced in the included test case.	2025-04-18 10:48:47 +02:00
Glenn Skrzypczak	1022566bff	LibWeb/Layout: Properly remove layout nodes ... This properly remove the old layout node subtree when no new layout node is created during layout update.	2025-03-31 18:19:58 +01:00
Tim Ledbetter	d67a95c37e	Tests: Remove print statement from crash test ... Print statements aren't necessary in crash tests and will cause a Javascript error when used.	2025-03-27 19:30:41 +00:00
Tim Ledbetter	40760308c6	LibWeb: Don't crash when border-spacing is set to a calc() value ... Previously, the browser would crash if the `border-spacing` property had 2 lengths and either one of these was set to a `calc()` value.	2025-03-21 08:16:30 +00:00
Shannon Booth	b8adf193f5	LibWeb/SVG: Work around no layout node in SVGCircleElement::get_path ... This is clearly not the correct fix, but instead of crashing let's log an error and bail. Works around a crash seen on both: * https://reddit.com * https://www.w3.org/TR/web-animations-1 (#879)	2025-03-17 20:10:11 +01:00
Aliaksandr Kalenik	0f697193f0	LibWeb: Check if navigable has active window before navigating ... Fixes https://github.com/LadybirdBrowser/ladybird/issues/3733	2025-02-28 23:15:35 +01:00
Aliaksandr Kalenik	da5d4e9f6a	LibWeb: Assign sticky insets to Layout::InlineNode ... Before this change we were ignoring boxes with `display: inline` while assigning sticky insets. This was not correct because inline boxes are allowed to have sticky positioning. Fixes: https://github.com/LadybirdBrowser/ladybird/issues/3718 https://github.com/LadybirdBrowser/ladybird/issues/3507 https://github.com/LadybirdBrowser/ladybird/issues/3133	2025-02-27 19:55:46 +01:00
Jelle Raaijmakers	5f5d18d719	LibWeb: Do not crash when inserting block elements into inline SVGBoxes ... Fixes #3395.	2025-02-19 13:49:24 +01:00
Tim Ledbetter	dd8cca180f	LibWeb: Remove unintentional recursion in ValidityState::valid	2025-02-18 21:58:35 +01:00
Tim Ledbetter	4bb22c52d1	LibWeb: Initialize AnalyserNode previous block at construction time	2025-02-13 20:31:37 +00:00
Shannon Booth	b17746eb94	Tests/LibWeb: Fix file path for crash test script src ... Simply meaning the test would never get the internals object.	2025-02-10 09:25:09 +00:00
Andreas Kling	5f10f8c54c	LibWeb: Do includes_properties_from_invalidation_set() for :link & co ... Fixes #3511.	2025-02-09 15:20:53 +01:00
Psychpsyo	402d8220dd	LibWeb: Make style containment influence quotes	2025-02-06 17:44:50 +00:00
Andreas Kling	4f855286d7	LibWeb: Clamp layout content sizes to a max value instead of crashing ... We've historically asserted that no "saturated" size values end up as final metrics for boxes in layout. This always had a chance of producing false positives, since you can trivially create extremely large boxes with CSS. The reason we had those assertions was to catch bugs in our own engine code where we'd incorrectly end up with non-finite values in layout algorithms. At this point, we've found and fixed all known bugs of that nature, and what remains are a bunch of false positives on pages that create very large scrollable areas, iframes etc. So, let's change it! We now clamp content width and height of boxes to 17895700 pixels, apparently the same cap as Firefox uses. There's also the issue of calc() being able to produce non-finite values. Note that we don't clamp the result of calc() directly, but instead just clamp values when assigning them to content sizes. Fixes #645. Fixes #1236. Fixes #1249. Fixes #1908. Fixes #3057.	2025-02-05 18:28:55 +01:00
Jelle Raaijmakers	d94906fa1a	LibWeb: Only apply style for continuation nodes once ... This fixes the very, _very_ slow loading of https://yzy-sply.com. The `apply_style()` method also calls into this method recursively, so we just need to call it once instead of once per node in the continuation chain.	2025-02-05 14:34:21 +01:00
Luke Warlow	62f4cebbee	LibWeb: Fix dialog.requestClose() crash ... The spec previously asserted that close watcher was not null. This could lead to a crash in some situations, so instead we skip to close the dialog.	2025-02-04 12:22:25 +01:00
Psychpsyo	67ed676831	LibWeb: Implement CSS 'contain' property	2025-01-28 11:24:40 +00:00
Andreas Kling	51a91771b8	LibJS+LibGC: Run FinalizationRegistry cleanup host hook *after* GC ... Before this change, it was possible for a second GC to get triggered in the middle of a first GC, due to allocations happening in the FinalizationRegistry cleanup host hook. To avoid this causing problems, we add a "post-GC task" mechanism and use that to invoke the host hook once all other GC activity is finished, and we've unset the "collecting garbage" flag. Note that the test included here only fails reliably when running with the -g flag (collect garbage after each allocation). Fixes #3051	2025-01-23 12:10:21 +01:00
Andreas Kling	a0b44ff5e7	LibWeb: Iterate over a copy of associated form controls in form.reset() ... DOM structure may change during reset algorithm invocation, which may lead to form controls being unregistered.	2025-01-21 17:02:51 +01:00
Tim Ledbetter	ded19eaab8	Tests: Convert existing text test to crash test	2025-01-17 09:08:15 +01:00