script/dom/processingoptions.rs
1/* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
4
5use std::str::FromStr;
6
7use base::id::WebViewId;
8use cssparser::match_ignore_ascii_case;
9use http::header::HeaderMap;
10use hyper_serde::Serde;
11use mime::Mime;
12use net_traits::fetch::headers::get_decode_and_split_header_name;
13use net_traits::mime_classifier::{MediaType, MimeClassifier};
14use net_traits::policy_container::PolicyContainer;
15use net_traits::request::{
16 CorsSettings, Destination, Initiator, InsecureRequestsPolicy, PreloadEntry, PreloadKey,
17 Referrer, RequestBuilder, RequestId,
18};
19use net_traits::response::{Response, ResponseBody};
20use net_traits::{
21 FetchMetadata, FetchResponseListener, NetworkError, ReferrerPolicy, ResourceFetchTiming,
22 ResourceTimingType,
23};
24pub use nom_rfc8288::complete::LinkDataOwned as LinkHeader;
25use nom_rfc8288::complete::link_lenient as parse_link_header;
26use servo_url::{ImmutableOrigin, ServoUrl};
27use strum_macros::IntoStaticStr;
28
29use crate::dom::bindings::inheritance::Castable;
30use crate::dom::bindings::refcounted::Trusted;
31use crate::dom::bindings::reflector::DomGlobal;
32use crate::dom::bindings::root::DomRoot;
33use crate::dom::csp::{GlobalCspReporting, Violation};
34use crate::dom::document::Document;
35use crate::dom::element::Element;
36use crate::dom::globalscope::GlobalScope;
37use crate::dom::medialist::MediaList;
38use crate::dom::performance::performanceresourcetiming::InitiatorType;
39use crate::dom::types::HTMLLinkElement;
40use crate::fetch::create_a_potential_cors_request;
41use crate::network_listener::{PreInvoke, ResourceTimingListener, submit_timing};
42use crate::script_runtime::CanGc;
43
44trait ValueForKeyInLinkHeader {
45 fn has_key_in_link_header(&self, key: &str) -> bool;
46 fn value_for_key_in_link_header(&self, key: &str) -> Option<&str>;
47}
48
49impl ValueForKeyInLinkHeader for LinkHeader {
50 fn has_key_in_link_header(&self, key: &str) -> bool {
51 self.params.iter().any(|p| p.key == key)
52 }
53 fn value_for_key_in_link_header(&self, key: &str) -> Option<&str> {
54 let param = self.params.iter().find(|p| p.key == key)?;
55 param.val.as_deref()
56 }
57}
58
59#[derive(PartialEq)]
60pub(crate) enum LinkProcessingPhase {
61 Media,
62 PreMedia,
63}
64
65/// <https://html.spec.whatwg.org/multipage/#link-processing-options>
66#[derive(Debug)]
67pub(crate) struct LinkProcessingOptions {
68 /// <https://html.spec.whatwg.org/multipage/#link-options-href>
69 pub(crate) href: String,
70 /// <https://html.spec.whatwg.org/multipage/#link-options-destination>
71 pub(crate) destination: Destination,
72 /// <https://html.spec.whatwg.org/multipage/#link-options-integrity>
73 pub(crate) integrity: String,
74 /// <https://html.spec.whatwg.org/multipage/#link-options-type>
75 pub(crate) link_type: String,
76 /// <https://html.spec.whatwg.org/multipage/#link-options-nonce>
77 pub(crate) cryptographic_nonce_metadata: String,
78 /// <https://html.spec.whatwg.org/multipage/#link-options-crossorigin>
79 pub(crate) cross_origin: Option<CorsSettings>,
80 /// <https://html.spec.whatwg.org/multipage/#link-options-referrer-policy>
81 pub(crate) referrer_policy: ReferrerPolicy,
82 /// <https://html.spec.whatwg.org/multipage/#link-options-policy-container>
83 pub(crate) policy_container: PolicyContainer,
84 /// <https://html.spec.whatwg.org/multipage/#link-options-source-set>
85 pub(crate) source_set: Option<()>,
86 /// <https://html.spec.whatwg.org/multipage/#link-options-base-url>
87 pub(crate) base_url: ServoUrl,
88 /// <https://html.spec.whatwg.org/multipage/#link-options-origin>
89 pub(crate) origin: ImmutableOrigin,
90 pub(crate) insecure_requests_policy: InsecureRequestsPolicy,
91 pub(crate) has_trustworthy_ancestor_origin: bool,
92 // https://html.spec.whatwg.org/multipage/#link-options-environment
93 // TODO
94 // https://html.spec.whatwg.org/multipage/#link-options-document
95 // TODO
96 // https://html.spec.whatwg.org/multipage/#link-options-on-document-ready
97 // TODO
98 // https://html.spec.whatwg.org/multipage/#link-options-fetch-priority
99 // TODO
100}
101
102impl LinkProcessingOptions {
103 /// <https://html.spec.whatwg.org/multipage/#apply-link-options-from-parsed-header-attributes>
104 fn apply_link_options_from_parsed_header(
105 &mut self,
106 link_object: &LinkHeader,
107 rel: &str,
108 ) -> bool {
109 // Step 1. If rel is "preload":
110 if rel == "preload" {
111 // Step 1.1. If attribs["as"] does not exist, then return false.
112 let Some(as_) = link_object.value_for_key_in_link_header("as") else {
113 return false;
114 };
115 // Step 1.2. Let destination be the result of translating attribs["as"].
116 let Some(destination) = Self::translate_a_preload_destination(as_) else {
117 // Step 1.3. If destination is null, then return false.
118 return false;
119 };
120 // Step 1.4. Set options's destination to destination.
121 self.destination = destination;
122 }
123 // Step 2. If attribs["crossorigin"] exists and is an ASCII case-insensitive match for one of the
124 // CORS settings attribute keywords, then set options's crossorigin to the CORS settings attribute
125 // state corresponding to that keyword.
126 if let Some(cross_origin) = link_object.value_for_key_in_link_header("crossorigin") {
127 self.cross_origin = determine_cors_settings_for_token(cross_origin);
128 }
129 // Step 3. If attribs["integrity"] exists, then set options's integrity to attribs["integrity"].
130 if let Some(integrity) = link_object.value_for_key_in_link_header("integrity") {
131 self.integrity = integrity.to_owned();
132 }
133 // Step 4. If attribs["referrerpolicy"] exists and is an ASCII case-insensitive match for
134 // some referrer policy, then set options's referrer policy to that referrer policy.
135 if let Some(referrer_policy) = link_object.value_for_key_in_link_header("referrerpolicy") {
136 self.referrer_policy = ReferrerPolicy::from(referrer_policy);
137 }
138 // Step 5. If attribs["nonce"] exists, then set options's nonce to attribs["nonce"].
139 if let Some(nonce) = link_object.value_for_key_in_link_header("nonce") {
140 self.cryptographic_nonce_metadata = nonce.to_owned();
141 }
142 // Step 6. If attribs["type"] exists, then set options's type to attribs["type"].
143 if let Some(link_type) = link_object.value_for_key_in_link_header("type") {
144 self.link_type = link_type.to_owned();
145 }
146 // Step 7. If attribs["fetchpriority"] exists and is an ASCII case-insensitive match
147 // for a fetch priority attribute keyword, then set options's fetch priority to that
148 // fetch priority attribute keyword.
149 // TODO
150 // Step 8. Return true.
151 true
152 }
153
154 /// <https://html.spec.whatwg.org/multipage/#process-a-link-header>
155 fn process_link_header(self, rel: &str, document: &Document) {
156 if rel == "preload" {
157 // https://html.spec.whatwg.org/multipage/#link-type-preload:process-a-link-header
158 // The process a link header step for this type of link given a link processing options options
159 // is to preload options.
160 if !self.type_matches_destination() {
161 return;
162 }
163 self.preload(document.window().webview_id(), None, document);
164 }
165 }
166
167 /// <https://html.spec.whatwg.org/multipage/#translate-a-preload-destination>
168 pub(crate) fn translate_a_preload_destination(
169 potential_destination: &str,
170 ) -> Option<Destination> {
171 // Step 2. Return the result of translating destination.
172 Some(match potential_destination {
173 "fetch" => Destination::None,
174 "font" => Destination::Font,
175 "image" => Destination::Image,
176 "script" => Destination::Script,
177 "style" => Destination::Style,
178 "track" => Destination::Track,
179 // Step 1. If destination is not "fetch", "font", "image",
180 // "script", "style", or "track", then return null.
181 _ => return None,
182 })
183 }
184
185 /// <https://html.spec.whatwg.org/multipage/#create-a-link-request>
186 pub(crate) fn create_link_request(self, webview_id: WebViewId) -> Option<RequestBuilder> {
187 // Step 1. Assert: options's href is not the empty string.
188 assert!(!self.href.is_empty());
189
190 // Step 3. Let url be the result of encoding-parsing a URL given options's href, relative to options's base URL.
191 let Ok(url) = ServoUrl::parse_with_base(Some(&self.base_url), &self.href) else {
192 // Step 4. If url is failure, then return null.
193 return None;
194 };
195
196 // Step 5. Let request be the result of creating a potential-CORS request given
197 // url, options's destination, and options's crossorigin.
198 // Step 6. Set request's policy container to options's policy container.
199 // Step 7. Set request's integrity metadata to options's integrity.
200 // Step 8. Set request's cryptographic nonce metadata to options's cryptographic nonce metadata.
201 // Step 9. Set request's referrer policy to options's referrer policy.
202 // FIXME: Step 10. Set request's client to options's environment.
203 // FIXME: Step 11. Set request's priority to options's fetch priority.
204 // FIXME: Use correct referrer
205 let builder = create_a_potential_cors_request(
206 Some(webview_id),
207 url,
208 self.destination,
209 self.cross_origin,
210 None,
211 Referrer::NoReferrer,
212 self.insecure_requests_policy,
213 self.has_trustworthy_ancestor_origin,
214 self.policy_container,
215 )
216 .initiator(Initiator::Link)
217 .origin(self.origin)
218 .integrity_metadata(self.integrity)
219 .cryptographic_nonce_metadata(self.cryptographic_nonce_metadata)
220 .referrer_policy(self.referrer_policy);
221
222 // Step 12. Return request.
223 Some(builder)
224 }
225
226 /// <https://html.spec.whatwg.org/multipage/#match-preload-type>
227 pub(crate) fn type_matches_destination(&self) -> bool {
228 // Step 1. If type is an empty string, then return true.
229 if self.link_type.is_empty() {
230 return true;
231 }
232 // Step 2. If destination is "fetch", then return true.
233 //
234 // Fetch is handled as an empty string destination in the spec:
235 // https://fetch.spec.whatwg.org/#concept-potential-destination-translate
236 let destination = self.destination;
237 if destination == Destination::None {
238 return true;
239 }
240 // Step 3. Let mimeTypeRecord be the result of parsing type.
241 let Ok(mime_type_record) = Mime::from_str(&self.link_type) else {
242 // Step 4. If mimeTypeRecord is failure, then return false.
243 return false;
244 };
245 // Step 5. If mimeTypeRecord is not supported by the user agent, then return false.
246 //
247 // We currently don't check if we actually support the mime type. Only if we can classify
248 // it according to the spec.
249 let Some(mime_type) = MimeClassifier::get_media_type(&mime_type_record) else {
250 return false;
251 };
252 // Step 6. If any of the following are true:
253 if
254 // destination is "audio" or "video", and mimeTypeRecord is an audio or video MIME type;
255 ((destination == Destination::Audio || destination == Destination::Video) &&
256 mime_type == MediaType::AudioVideo)
257 // destination is a script-like destination and mimeTypeRecord is a JavaScript MIME type;
258 || (destination.is_script_like() && mime_type == MediaType::JavaScript)
259 // destination is "image" and mimeTypeRecord is an image MIME type;
260 || (destination == Destination::Image && mime_type == MediaType::Image)
261 // destination is "font" and mimeTypeRecord is a font MIME type;
262 || (destination == Destination::Font && mime_type == MediaType::Font)
263 // destination is "json" and mimeTypeRecord is a JSON MIME type;
264 || (destination == Destination::Json && mime_type == MediaType::Json)
265 // destination is "style" and mimeTypeRecord's essence is text/css; or
266 || (destination == Destination::Style && mime_type_record == mime::TEXT_CSS)
267 // destination is "track" and mimeTypeRecord's essence is text/vtt,
268 || (destination == Destination::Track && mime_type_record.essence_str() == "text/vtt")
269 {
270 // then return true.
271 return true;
272 }
273 // Step 7. Return false.
274 false
275 }
276
277 /// <https://html.spec.whatwg.org/multipage/#preload>
278 pub(crate) fn preload(
279 self,
280 webview_id: WebViewId,
281 link: Option<Trusted<HTMLLinkElement>>,
282 document: &Document,
283 ) {
284 // Step 1. If options's type doesn't match options's destination, then return.
285 //
286 // Handled by callers, since we need to check the previous destination type
287 assert!(self.type_matches_destination());
288 // Step 2. If options's destination is "image" and options's source set is not null,
289 // then set options's href to the result of selecting an image source from options's source set.
290 // TODO
291 let integrity = self.integrity.clone();
292 // Step 3. Let request be the result of creating a link request given options.
293 let Some(request) = self.create_link_request(webview_id) else {
294 // Step 4. If request is null, then return.
295 return;
296 };
297 // Step 5. Let unsafeEndTime be 0.
298 // TODO
299 // Step 6. Let entry be a new preload entry whose integrity metadata is options's integrity.
300 let entry = PreloadEntry::new(integrity);
301 // Step 7. Let key be the result of creating a preload key given request.
302 let key = PreloadKey::new(&request);
303 // Step 8. If options's document is "pending", then set request's initiator type to "early hint".
304 // TODO
305 // Step 9. Let controller be null.
306 // Step 10. Let reportTiming given a Document document be to report timing for controller
307 // given document's relevant global object.
308 // Step 11. Set controller to the result of fetching request, with processResponseConsumeBody
309 // set to the following steps given a response response and null, failure, or a byte sequence bodyBytes:
310 let url = request.url.clone();
311 let fetch_context = LinkFetchContext {
312 url,
313 link,
314 document: Trusted::new(document),
315 global: Trusted::new(&document.global()),
316 resource_timing: ResourceFetchTiming::new(ResourceTimingType::Resource),
317 type_: LinkFetchContextType::Preload(key, Box::new(entry)),
318 response_body: vec![],
319 };
320 document.fetch_background(request, fetch_context);
321 }
322}
323
324pub(crate) fn determine_cors_settings_for_token(token: &str) -> Option<CorsSettings> {
325 match_ignore_ascii_case! { token,
326 "anonymous" => Some(CorsSettings::Anonymous),
327 "use-credentials" => Some(CorsSettings::UseCredentials),
328 _ => None,
329 }
330}
331
332/// <https://html.spec.whatwg.org/multipage/#extract-links-from-headers>
333pub(crate) fn extract_links_from_headers(headers: &Option<Serde<HeaderMap>>) -> Vec<LinkHeader> {
334 // Step 1. Let links be a new list.
335 let mut links = Vec::new();
336 let Some(headers) = headers else {
337 return links;
338 };
339 // Step 2. Let rawLinkHeaders be the result of getting, decoding, and splitting `Link` from headers.
340 let Some(raw_link_headers) = get_decode_and_split_header_name("Link", headers) else {
341 return links;
342 };
343 // Step 3. For each linkHeader of rawLinkHeaders:
344 for link_header in raw_link_headers {
345 // Step 3.1. Let linkObject be the result of parsing linkHeader. [WEBLINK]
346 let Ok(parsed_link_header) = parse_link_header(&link_header) else {
347 continue;
348 };
349 for link_object in parsed_link_header {
350 let Some(link_object) = link_object else {
351 // Step 3.2. If linkObject["target_uri"] does not exist, then continue.
352 continue;
353 };
354 // Step 3.3. Append linkObject to links.
355 links.push(link_object.to_owned());
356 }
357 }
358 // Step 4. Return links.
359 links
360}
361
362/// <https://html.spec.whatwg.org/multipage/#process-link-headers>
363pub(crate) fn process_link_headers(
364 link_headers: &[LinkHeader],
365 document: &Document,
366 phase: LinkProcessingPhase,
367) {
368 // Step 1. Let links be the result of extracting links from response's header list.
369 //
370 // Already performed once when parsing headers by caller
371 // Step 2. For each linkObject in links:
372 for link_object in link_headers {
373 // Step 2.1. Let rel be linkObject["relation_type"].
374 let Some(rel) = link_object.value_for_key_in_link_header("rel") else {
375 continue;
376 };
377 // Step 2.2. Let attribs be linkObject["target_attributes"].
378 //
379 // Not applicable, that's in `link_object.params`
380 // Step 2.3. Let expectedPhase be "media" if either "srcset", "imagesrcset",
381 // or "media" exist in attribs; otherwise "pre-media".
382 let expected_phase = if link_object.has_key_in_link_header("srcset") ||
383 link_object.has_key_in_link_header("imagesrcset") ||
384 link_object.has_key_in_link_header("media")
385 {
386 LinkProcessingPhase::Media
387 } else {
388 LinkProcessingPhase::PreMedia
389 };
390 // Step 2.4. If expectedPhase is not phase, then continue.
391 if expected_phase != phase {
392 continue;
393 }
394 // Step 2.5. If attribs["media"] exists and attribs["media"] does not match the environment, then continue.
395 if let Some(media) = link_object.value_for_key_in_link_header("media") {
396 if !MediaList::matches_environment(document, media) {
397 continue;
398 }
399 }
400 // Step 2.6. Let options be a new link processing options with
401 let mut options = LinkProcessingOptions {
402 href: link_object.url.clone(),
403 destination: Destination::None,
404 integrity: String::new(),
405 link_type: String::new(),
406 cryptographic_nonce_metadata: String::new(),
407 cross_origin: None,
408 referrer_policy: ReferrerPolicy::EmptyString,
409 policy_container: document.policy_container().to_owned(),
410 source_set: None,
411 origin: document.origin().immutable().to_owned(),
412 base_url: document.base_url(),
413 insecure_requests_policy: document.insecure_requests_policy(),
414 has_trustworthy_ancestor_origin: document.has_trustworthy_ancestor_or_current_origin(),
415 };
416 // Step 2.7. Apply link options from parsed header attributes to options given attribs and rel.
417 // If that returned false, then return.
418 if !options.apply_link_options_from_parsed_header(link_object, rel) {
419 return;
420 }
421 // Step 2.8. If attribs["imagesrcset"] exists and attribs["imagesizes"] exists,
422 // then set options's source set to the result of creating a source set given
423 // linkObject["target_uri"], attribs["imagesrcset"], attribs["imagesizes"], and null.
424 // TODO
425 // Step 2.9. Run the process a link header steps for rel given options.
426 options.process_link_header(rel, document);
427 }
428}
429
430#[derive(Clone, IntoStaticStr)]
431#[strum(serialize_all = "lowercase")]
432pub(crate) enum LinkFetchContextType {
433 Prefetch,
434 Preload(PreloadKey, Box<PreloadEntry>),
435}
436
437impl From<LinkFetchContextType> for InitiatorType {
438 fn from(other: LinkFetchContextType) -> Self {
439 let name: &'static str = other.into();
440 InitiatorType::LocalName(name.to_owned())
441 }
442}
443
444pub(crate) struct LinkFetchContext {
445 /// The `<link>` element (if any) that caused this fetch
446 pub(crate) link: Option<Trusted<HTMLLinkElement>>,
447
448 pub(crate) global: Trusted<GlobalScope>,
449 pub(crate) document: Trusted<Document>,
450
451 pub(crate) resource_timing: ResourceFetchTiming,
452
453 /// The url being prefetched
454 pub(crate) url: ServoUrl,
455
456 /// The type of fetching we perform, used when report timings.
457 pub(crate) type_: LinkFetchContextType,
458
459 pub(crate) response_body: Vec<u8>,
460}
461
462impl FetchResponseListener for LinkFetchContext {
463 fn process_request_body(&mut self, _: RequestId) {}
464
465 fn process_request_eof(&mut self, _: RequestId) {}
466
467 fn process_response(
468 &mut self,
469 _: RequestId,
470 fetch_metadata: Result<FetchMetadata, NetworkError>,
471 ) {
472 _ = fetch_metadata;
473 }
474
475 fn process_response_chunk(&mut self, _: RequestId, mut chunk: Vec<u8>) {
476 if matches!(self.type_, LinkFetchContextType::Preload(..)) {
477 self.response_body.append(&mut chunk);
478 }
479 }
480
481 /// Step 7 of <https://html.spec.whatwg.org/multipage/#link-type-prefetch:fetch-and-process-the-linked-resource-2>
482 /// and step 3.1 of <https://html.spec.whatwg.org/multipage/#link-type-preload:fetch-and-process-the-linked-resource-2>
483 fn process_response_eof(
484 &mut self,
485 _: RequestId,
486 response_result: Result<ResourceFetchTiming, NetworkError>,
487 ) {
488 // Steps for https://html.spec.whatwg.org/multipage/#preload
489 if let LinkFetchContextType::Preload(key, entry) = &self.type_ {
490 let response = if let Ok(resource_timing) = &response_result {
491 // Step 11.1. If bodyBytes is a byte sequence, then set response's body to bodyBytes as a body.
492 let response = Response::new(self.url.clone(), resource_timing.clone());
493 *response.body.lock().unwrap() =
494 ResponseBody::Done(std::mem::take(&mut self.response_body));
495 response
496 } else {
497 // Step 11.2. Otherwise, set response to a network error.
498 Response::network_error(NetworkError::Internal("Failed to preload".into()))
499 };
500 // Step 11.5. If entry's on response available is null, then set entry's response to response;
501 // otherwise call entry's on response available given response.
502 let entry = entry.with_response(response);
503
504 // Step 12. Let commit be the following steps given a Document document:
505 // Step 12.1. If entry's response is not null, then call reportTiming given document.
506 // Step 12.2. Set document's map of preloaded resources[key] to entry.
507 // Step 13. If options's document is null, then set options's on document ready to commit. Otherwise, call commit with options's document.
508 let document_preloaded_resources = self.document.root().preloaded_resources();
509 let mut preloaded_resources_lock = document_preloaded_resources.lock();
510 preloaded_resources_lock
511 .as_mut()
512 .unwrap()
513 .insert(key.clone(), entry);
514 }
515
516 // Step 11.6. If processResponse is given, then call processResponse with response.
517 //
518 // Part of Preload
519 //
520 // Step 6. Let processPrefetchResponse be the following steps given a response response and null, failure, or a byte sequence bytesOrNull:
521 //
522 // Part of Prefetch
523 if let Some(link) = self.link.as_ref() {
524 link.root()
525 .fire_event_after_response(response_result, CanGc::note());
526 }
527 }
528
529 fn resource_timing_mut(&mut self) -> &mut ResourceFetchTiming {
530 &mut self.resource_timing
531 }
532
533 fn resource_timing(&self) -> &ResourceFetchTiming {
534 &self.resource_timing
535 }
536
537 fn submit_resource_timing(&mut self) {
538 submit_timing(self, CanGc::note())
539 }
540
541 fn process_csp_violations(&mut self, _request_id: RequestId, violations: Vec<Violation>) {
542 let global = &self.resource_timing_global();
543 let source_position = self.link.as_ref().map(|link| {
544 let link = link.root();
545 link.upcast::<Element>()
546 .compute_source_position(link.line_number())
547 });
548 global.report_csp_violations(violations, None, source_position);
549 }
550}
551
552impl ResourceTimingListener for LinkFetchContext {
553 fn resource_timing_information(&self) -> (InitiatorType, ServoUrl) {
554 (self.type_.clone().into(), self.url.clone())
555 }
556
557 fn resource_timing_global(&self) -> DomRoot<GlobalScope> {
558 self.global.root()
559 }
560}
561
562impl PreInvoke for LinkFetchContext {
563 fn should_invoke(&self) -> bool {
564 // Prefetch and preload requests are never aborted.
565 true
566 }
567}