Add XMLHttpRequest.timeout with curl enforcement

Implement the XHR timeout property end-to-end: the JS-visible
getter/setter stores the value, send() passes it to the HTTP client,
and curl enforces it via CURLOPT_TIMEOUT_MS. On timeout, a `timeout`
event is dispatched instead of `error`, per the XHR spec.

.github/workflows/e2e-integration-test.yml

@@ -60,7 +60,20 @@ jobs:
       - run: chmod a+x ./lightpanda
 
       - name: run end to end integration tests
+        continue-on-error: true
         run: |
           ./lightpanda serve --log-level error & echo $! > LPD.pid
-          go run integration/main.go
+          go run integration/main.go |tee result.log
           kill `cat LPD.pid`
+
+      - name: Send result to slack
+        uses: slackapi/slack-github-action@v3.0.1
+        with:
+          errors: true
+          method: files.uploadV2
+          token: ${{ secrets.CI_SLACK_BOT_TOKEN }}
+          payload: |
+            channel_id: ${{ vars.E2E_SLACK_CHANNEL_ID }}
+            initial_comment: "Last e2e integration tests"
+            file: "./result.log"
+            filename: "e2e-integration-${{ github.sha }}.txt"

.github/workflows/wpt.yml

@@ -153,3 +153,34 @@ jobs:
 
       - name: format and send json result
         run: /perf-fmt wpt ${{ github.sha }} wpt.json
+
+  wptdiff:
+    name: perf-fmt
+    needs: perf-fmt
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          repository: 'lightpanda-io/demo'
+          fetch-depth: 0
+
+      - run: |
+          cd ./wptdiff
+          CGO_ENABLED=0 go build
+
+      - run: |
+         ./wptdiff/wptdiff |tee diff.log
+
+      - name: Send regression to slack
+        uses: slackapi/slack-github-action@v3.0.1
+        with:
+          errors: true
+          method: files.uploadV2
+          token: ${{ secrets.CI_SLACK_BOT_TOKEN }}
+          payload: |
+            channel_id: ${{ vars.WPT_SLACK_CHANNEL_ID }}
+            initial_comment: "Last WPT regressions"
+            file: "./diff.log"
+            filename: "wpt-regression-${{ github.sha }}.txt"

src/browser/HttpClient.zig

@@ -928,6 +928,7 @@ pub const Request = struct {
     credentials: ?[:0]const u8 = null,
     notification: *Notification,
     max_response_size: ?usize = null,
+    timeout_ms: u32 = 0,
 
     // This is only relevant for intercepted requests. If a request is flagged
     // as blocking AND is intercepted, then it'll be up to us to wait until
@@ -1142,6 +1143,11 @@ pub const Transfer = struct {
 
         try conn.setPrivate(self);
 
+        // Per-request timeout override (e.g. XHR timeout)
+        if (req.timeout_ms > 0) {
+            try conn.setTimeout(req.timeout_ms);
+        }
+
         // add credentials
         if (req.credentials) |creds| {
             if (self._auth_challenge != null and self._auth_challenge.?.source == .proxy) {

src/browser/tests/net/xhr.html

@@ -306,3 +306,27 @@
     URL.revokeObjectURL(blobUrl);
   });
 </script>
+
+<script id=xhr_timeout>
+  // timeout property: default is 0
+  const req = new XMLHttpRequest();
+  testing.expectEqual(0, req.timeout);
+
+  // timeout can be set and read back
+  req.timeout = 5000;
+  testing.expectEqual(5000, req.timeout);
+
+  // request with timeout set succeeds normally when server responds in time
+  testing.async(async (restore) => {
+    const event = await new Promise((resolve) => {
+      req.onload = resolve;
+      req.open('GET', 'http://127.0.0.1:9582/xhr');
+      req.send();
+    });
+
+    restore();
+    testing.expectEqual('load', event.type);
+    testing.expectEqual(200, req.status);
+    testing.expectEqual(5000, req.timeout);
+  });
+</script>

src/browser/webapi/net/XMLHttpRequest.zig

@@ -63,6 +63,7 @@ _response_type: ResponseType = .text,
 _ready_state: ReadyState = .unsent,
 _on_ready_state_change: ?js.Function.Temp = null,
 _with_credentials: bool = false,
+_timeout: u32 = 0,
 
 const ReadyState = enum(u8) {
     unsent = 0,
@@ -180,6 +181,14 @@ pub fn setWithCredentials(self: *XMLHttpRequest, value: bool) !void {
     self._with_credentials = value;
 }
 
+pub fn getTimeout(self: *const XMLHttpRequest) u32 {
+    return self._timeout;
+}
+
+pub fn setTimeout(self: *XMLHttpRequest, value: u32) void {
+    self._timeout = value;
+}
+
 // TODO: this takes an optional 3 more parameters
 // TODO: url should be a union, as it can be multiple things
 pub fn open(self: *XMLHttpRequest, method_: []const u8, url: [:0]const u8) !void {
@@ -253,6 +262,7 @@ pub fn send(self: *XMLHttpRequest, body_: ?[]const u8) !void {
         .cookie_jar = if (cookie_support) &page._session.cookie_jar else null,
         .cookie_origin = page.url,
         .resource_type = .xhr,
+        .timeout_ms = self._timeout,
         .notification = page._session.notification,
         .start_callback = httpStartCallback,
         .header_callback = httpHeaderDoneCallback,
@@ -539,6 +549,7 @@ fn handleError(self: *XMLHttpRequest, err: anyerror) void {
 }
 fn _handleError(self: *XMLHttpRequest, err: anyerror) !void {
     const is_abort = err == error.Abort;
+    const is_timeout = err == error.OperationTimedout;
 
     const new_state: ReadyState = if (is_abort) .unsent else .done;
     if (new_state != self._ready_state) {
@@ -547,8 +558,12 @@ fn _handleError(self: *XMLHttpRequest, err: anyerror) !void {
         try self.stateChanged(new_state, page);
         if (is_abort) {
             try self._proto.dispatch(.abort, null, page);
+        } else if (is_timeout) {
+            try self._proto.dispatch(.timeout, null, page);
         }
+        if (!is_timeout) {
             try self._proto.dispatch(.err, null, page);
+        }
         try self._proto.dispatch(.load_end, null, page);
     }
 
@@ -610,6 +625,7 @@ pub const JsApi = struct {
     pub const DONE = bridge.property(@intFromEnum(XMLHttpRequest.ReadyState.done), .{ .template = true });
 
     pub const onreadystatechange = bridge.accessor(XMLHttpRequest.getOnReadyStateChange, XMLHttpRequest.setOnReadyStateChange, .{});
+    pub const timeout = bridge.accessor(XMLHttpRequest.getTimeout, XMLHttpRequest.setTimeout, .{});
     pub const withCredentials = bridge.accessor(XMLHttpRequest.getWithCredentials, XMLHttpRequest.setWithCredentials, .{ .dom_exception = true });
     pub const open = bridge.function(XMLHttpRequest.open, .{});
     pub const send = bridge.function(XMLHttpRequest.send, .{ .dom_exception = true });

src/network/http.zig

@@ -234,6 +234,10 @@ pub const Connection = struct {
         try libcurl.curl_easy_setopt(self._easy, .url, url.ptr);
     }
 
+    pub fn setTimeout(self: *const Connection, timeout_ms: u32) !void {
+        try libcurl.curl_easy_setopt(self._easy, .timeout_ms, timeout_ms);
+    }
+
     // a libcurl request has 2 methods. The first is the method that
     // controls how libcurl behaves. This specifically influences how redirects
     // are handled. For example, if you do a POST and get a 301, libcurl will