This specifically fixes a WPT crash running:
/html/browsers/browsing-the-web/history-traversal/001.html
(And probably a few others).
Isolate::GetCurrentContext can return a 'detached' context. And, for us, that's
a problem, because 'detached' v8::Context references a js.Context that we've
deinit'd. This seems to only happen when frames pass values around to other
frames and then those frames are removed. It might also require some async'ing,
I'm not sure.
To solve this, when we destroy a js.Context, we store null in the v8::Context's
embedder data, removing the link to our (dead) js.Context. When we load a
js.Context from a v8.Context, we check for null. If it is null, we return the
Incumbent context instead. This should never be null, as it's always the context
currently executing code.
I'm not sure if falling back to the Incumbent context is always correct, but
it does solve the crash.
Tests cannot navigate away from the page page. If they do, the testRunner will
crash, as it tries to access `assertOk` on a page that no longer exists. This
commit hacks the history test, using an iframe, to try to test the history API
without navigating off the main page.
This may be a stopgap.
Our identity model assumes that v8 won't allow cross-origin access. It turns out
that with CDP and Inspector, this isn't true. Inspectors can break / violate
cross-origin restrictions. The result is that 2 origins can see the same zig
instance, which causes 2 v8::Objects to reference the same Zig instance.
This likely causes some consistency issue. Like, if you take mo in 1 context,
and write an arbitrary property, mo.hack = true, you won't observe that in the
2nd context (because it's a different v8::Object). But, it _is_ the same Zig
instance, so if you set a known/real property, it will be updated.
That's probably a pretty minor issue. The bigger issue is that it can result in
a use-after-free when using explicit strong/weak ref:
1 - Mutation observer is created in Origin1
2 - It's automatically set to weak
3 - Something is observed, the reference is made strong
4 - The MO is accessed from Origin2
5 - Creates a new v8::Object
6 - Sets it to weak
7 - Object goes out of scope in Origin2
8 - Finalizer is called <- free
9 - MO is manipulated in Origin 1 <- use after free
Maybe the right option is to have a single shared identity map. I need to think
about it. As a stopgap, switching to reference counting (which we already
support) shold prevent the use-after free. While we'll still create 2
v8::Objects, they'll each acquireRef (_rc = 2) and thus it won't be freed until
they both release i
Maybe the right option is to have a single shared identity map. I need to think
about it. As a stopgap, switching to reference counting (which we already
support) shold prevent the use-after free. While we'll still create 2
v8::Objects, they'll each acquireRef (_rc = 2) and thus it won't be freed until
they both release it.
Small follow up to https://github.com/lightpanda-io/browser/pull/1837 If we
sniff the content type from the byte order mark (BOM), then we should set the
charset. This has higher precedence than sniffing the content type from the
content of the document (e.g. meta tags)
The getMessage() fallback returned raw tag names like
"wrong_document_error" instead of human-readable messages.
Fill in all 18 error codes with messages based on the
WebIDL spec error descriptions.
Closes#82
Signed-off-by: JiangNan <1394485448@qq.com>
- Use std.ascii.eqlIgnoreCase instead of custom asciiEqlIgnoreCase
- Fix infinite loop in findAttrValue when attribute has no '=' sign
(e.g. self-closing <meta foo="bar"/>)
- Add is_default_charset flag to Mime struct so prescan only overrides
charset when Content-Type header didn't set one explicitly
- Add regression test for the self-closing meta loop case
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
