Module layout_dom 

A safe wrapper for DOM nodes that prevents layout from mutating the DOM, from letting DOM nodes escape, and from generally doing anything that it isn’t supposed to. This is accomplished via a simple whitelist of allowed operations, along with some lifetime magic to prevent nodes from escaping.

As a security wrapper is only as good as its whitelist, be careful when adding operations to this list. The cardinal rules are:

1. Layout is not allowed to mutate the DOM.

2. Layout is not allowed to see anything with LayoutDom in the name, because it could hang onto these objects and cause use-after-free.

When implementing wrapper functions, be careful that you do not touch the borrow flags, or you will race and cause spurious thread failure. (Note that I do not believe these races are exploitable, but they’ll result in brokenness nonetheless.)

Modules

iterators 🔒

servo_dangerous_style_document 🔒

servo_dangerous_style_element 🔒

servo_dangerous_style_node 🔒

servo_dangerous_style_shadow_root 🔒

servo_layout_element 🔒

servo_layout_node 🔒

Structs

ReverseChildrenIterator

ServoDangerousStyleDocument

A wrapper around documents that ensures layout can only ever access safe properties.

ServoDangerousStyleElement

A wrapper around LayoutDom<_, Element> to be used with stylo and selectors.

ServoDangerousStyleNode

A wrapper around LayoutDom<_, Node> to be used with stylo and selectors.

ServoDangerousStyleShadowRoot

A wrapper around LayoutDom<_, ShadowRoot> to be used with stylo and selectors.

ServoLayoutElement

An implementation of LayoutElement for Servo’s script crate.

ServoLayoutNode

A wrapper around a LayoutDom<Node> which provides a safe interface that can be used during layout. This implements the LayoutNode trait.

Enums

DOMDescendantIterator

ServoLayoutNodeChildrenIterator