Emilio Cobos Álvarez authored 6 months ago and Pier Angelo Vendrame committed 4 months ago

When there's trailing garbage after an @import rule we throw, but we
still trigger the load (that's not great but not trivial to change).

Deal with that case before calling ImportRuleLoaded().

Differential Revision: https://phabricator.services.mozilla.com/D219783

Ed authored 9 months ago and Pier Angelo Vendrame committed 4 months ago

Bug 1844827 - Update the cookie test expectations for iframe samesite r=cookie-reviewers,valentin a=RyanVM

Depends on D199770

Differential Revision: https://phabricator.services.mozilla.com/D199772

edgul authored 1 year ago and Pier Angelo Vendrame committed 4 months ago

Differential Revision: https://phabricator.services.mozilla.com/D201639

edgul authored 1 year ago and Pier Angelo Vendrame committed 4 months ago

Bug 1802057 - Block the following characters from use in the cookie name in the cookie string: 0x3B (semi-colon), 0x3D (equals), and 0x7F (del) r=dveditz,cookie-reviewers

Differential Revision: https://phabricator.services.mozilla.com/D182373

Eden Chuang authored 1 year ago and Pier Angelo Vendrame committed 4 months ago

Bug 1738426 - Ignoring status 206 and vary header checking for opaque response in Cache API. r=asuth

Differential Revision: https://phabricator.services.mozilla.com/D186431

This avoids a deprecation message getting logged when the webRTC code expects
the configuration of the ICE server instead.

Bug 1921991 had updated the package.

Differential Revision: https://phabricator.services.mozilla.com/D212093

Automatic update from web-platform-tests
Automated regeneration of WPT certificates

--

wpt-commits: d7ae7c147606686ba53b9f2b386eaca2b8910e00
wpt-pr: 43616

Differential Revision: https://phabricator.services.mozilla.com/D212093

Differential Revision: https://phabricator.services.mozilla.com/D220779

readfp is deprecated since Python 3.2

Differential Revision: https://phabricator.services.mozilla.com/D190532

Bug 1789787 - Ensure ujson uses escape_forward_slashes=False to match Python stdlib, r=glandium a=test-only

Differential Revision: https://phabricator.services.mozilla.com/D183616

Bug 1895092 - retry task and worker if we do not start with gnome-session and pulseaudio. r=gbrown, a=test-only

Differential Revision: https://phabricator.services.mozilla.com/D209971

Differential Revision: https://phabricator.services.mozilla.com/D213830

Bug 1900059: Get rid of references to 'six' in gittool.py to fix multil10n.py usage of gittool.py  a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D213827

Differential Revision: https://phabricator.services.mozilla.com/D213826

Differential Revision: https://phabricator.services.mozilla.com/D213825

Differential Revision: https://phabricator.services.mozilla.com/D213823

Bug 1881272: remove support for unused 'l10n_repos', 'tag_override', and 'gecko_locale_revisions' in mozharness  a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D213822

Automatic update from web-platform-tests
Correct worker test for unsupported: scheme

Also check that a non-parsable URL throws the correct exception.

Identified in https://github.com/web-platform-tests/wpt/issues/41745.
--

wpt-commits: 2d504ed2b20e9325243ef22fb95b9f645ae7d87c
wpt-pr: 41758

Bug 1833891 - Update the WPT test for error handling behavior when worker loading a cross-origin script. r=dom-worker-reviewers,smaug,zcorpan a=test-only

According to the spec, when a worker is trying to load a cross-origin
script, an onerror handler should be called. The detailed calling
sequence from the spec will be explained in the following paragraph. For the
legacy specification, it will be explained in the bottom.

So we look into current specification first:
(The numbers indicate the calling sequence)
= Explain the current behavior when a worker is trying to load a cross-origin script =

== 1. [run a worker](https://html.spec.whatwg.org/#run-a-worker)

14) [Fetch a classic worker script](https://html.spec.whatwg.org/#fetch-a-classic-worker-script) given url, outside settings, destination, inside settings, and with onComplete and performFetch as defined below
(Note: we use "fetch a classic worker script" as an example here)

== 2. [fetch a classic worker script](https://html.spec.whatwg.org/#fetch-a-classic-worker-script)

given a url, a fetch client settings object, a destination, a script settings object, an onComplete algorithm, and an optional perform the fetch hook performFetch

1) Let request be a new request whose ...  mode is "same-origin", ...

2) If performFetch was given, run performFetch with request, true, and with processResponseConsumeBody as defined below.

Note: Run the performFetch provided in (1),

== 3. performFetch defined in Step 14 of [run a worker](https://html.spec.whatwg.org/#run-a-worker)

...
3) [Fetch](https://fetch.spec.whatwg.org/#concept-fetch) request with processResponseConsumeBody set to the following steps given response response and null, failure, or a byte sequence bodyBytes:

== 4. [fetch](https://fetch.spec.whatwg.org/#concept-fetch)

given a request request, ..., an optional algorithm processResponseConsumeBody

7) Let fetchParams be a new fetch params whose request is request, ...,  process response consume body is processResponseConsumeBody
...
17) Run [main fetch](https://fetch.spec.whatwg.org/#concept-main-fetch) given fetchParams.

== 5. [main fetch](https://fetch.spec.whatwg.org/#concept-main-fetch)

given a fetch params fetchParams

12) If response is null, then set response to the result of running the steps corresponding to the first matching statement:

    - request’s current URL’s origin is same origin with request’s origin, and request’s response tainting is "basic":

    Note: Normal SOP script will execute this part, however in this case we are loading a script which is not the same-origin.
    So we will fallback to next statement.

    - request’s mode is "same-origin":
      - Return a network error.

== 6. processResponseConsumeBody defined in Step 2 of (2) [fetch a classic worker script](https://html.spec.whatwg.org/#fetch-a-classic-worker-script)

2) If either of the following conditions are met:
   - bodyBytes is null or failure; or
   - response's status is not an ok status,
     - then run onComplete given null, and abort these steps.

Note: Run onComplete provided in (1)

== 7. onComplete defined in Step 14 of (1) [run a worker](https://html.spec.whatwg.org/#run-a-worker)

1) If script is null or if script's error to rethrow is non-null, then:
   1) Queue a global task on the DOM manipulation task source given worker's relevant global object to fire an event named error at worker.

   2) Run the environment discarding steps for inside settings.

   3) Abort these steps.

---

So when a worker loads a cross-origin script, the worker.onerror(e) should be
called, where e is a Event whose name is "error".

= Explain the legacy behavior when a worker is trying to load a cross-origin script

In the older HTML spec before 2015. Nov,
The specification was actually defined how to handle cross-origin scripts for workers,
see http://web.archive.org/web/20151106154945/https://html.spec.whatwg.org/#dom-worker, step 5:

> If the scheme component of worker URL is not "data", and the origin of worker URL
> is not the same as the origin specified by the incumbent settings object, then
> throw a SecurityError exception and abort these steps.

However, the statement was removed in https://github.com/whatwg/html/commit/24242406daa40cfe5d97cdfbac463c29e63433fd
because the SOP check should be done in Fetch API.
But WPT doesn't get updated since then, so it caused different error
handling behavior between browsers since then.

Differential Revision: https://phabricator.services.mozilla.com/D179544

Automatic update from web-platform-tests
Automated regeneration of WPT certificates

--

wpt-commits: ed67e0b41005f88bf900d650277fcecaad39b658
wpt-pr: 41925

Original Revision: https://phabricator.services.mozilla.com/D205234

Differential Revision: https://phabricator.services.mozilla.com/D206699

Bug 1881416 - Relax expectations for /secure-payment-confirmation/enrollment.https.html to allow timeouts on all platforms. a=test-only

This isn't a feature we support anyway, so let's not make things harder
than they need to be.

Differential Revision: https://phabricator.services.mozilla.com/D203927

Automatic update from web-platform-tests
Bump aioquic from 0.9.20 to 0.9.21 in /tools

Bumps [aioquic](https://github.com/aiortc/aioquic) from 0.9.20 to 0.9.21.
- [Commits](https://github.com/aiortc/aioquic/compare/0.9.20...0.9.21

)

---
updated-dependencies:
- dependency-name: aioquic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
--

wpt-commits: d86eab89c1e5dc4220c89d56cf4e5691ccedc542
wpt-pr: 40879

Pin cffi to 1.14.5 only for our Windows 7 environment, approximated as "Windows and python 3.7".

Differential Revision: https://phabricator.services.mozilla.com/D201634

Original Revision: https://phabricator.services.mozilla.com/D187541

Differential Revision: https://phabricator.services.mozilla.com/D200112

distutils have been removed from Python 3.12, so replace it:

Sometimes using packaging's Version, sometimes providing our own in the
case of mozrelease/versions.py. Add more tests for the latter.

Original Revision: https://phabricator.services.mozilla.com/D190540

Differential Revision: https://phabricator.services.mozilla.com/D200111

Following the official migration guide from
https://docs.python.org/3/whatsnew/3.12.html#imp

Original Revision: https://phabricator.services.mozilla.com/D190465

Differential Revision: https://phabricator.services.mozilla.com/D200107

Differential Revision: https://phabricator.services.mozilla.com/D197783

Bug 1865482 - Make CSS :lang() matching more correctly follow the BCP4647 Extended Filtering algorithm. r=layout-reviewers,emilio a=RyanVM

The matching behavior implemented in bug 1857742 did not quite follow the spec,
particularly with regard to language *ranges* (as used in the :lang() pseudo)
that are not themselves valid language *tags*.

This updates the LangTagCompare function to more correctly follow the BCP4647
"Extended Filtering" algorithm, and adjusts the relevant WPT tests (originally
from bug 1857742) to reflect the corrected behavior.

Differential Revision: https://phabricator.services.mozilla.com/D194054

Bug 1857742 - patch 3 - Add some more :lang()-matching reftests. r=layout-reviewers,dholbert a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D195824

Depends on D195823

Bug 1851376 - [geckodriver] Set "services.settings.server" to a dummy URL. r=webdriver-reviewers,Sasha a=test-only

Differential Revision: https://phabricator.services.mozilla.com/D192831

Bug 1849860 - Keep UnderlyingSourceAlgorithms alive until it's explicitly closed. r=smaug,asuth a=RyanVM

1. Adding mAsyncWaitAlgorithms to match mAsyncWaitWorkerRef and keep the algorithms object just like how the workerref is kept right now.
2. Closing mInput also on the window teardown, to prevent memory leak as Fetch does not close the stream automatically.

Differential Revision: https://phabricator.services.mozilla.com/D195132

Depends on D195131

Bug 1848121 - [wptrunner] Increase timeout multiplier for TSAN builds from 4 to 8. r=jgraham a=RyanVM

Differential Revision: https://phabricator.services.mozilla.com/D185917

Bug 1852849 - Make `HTMLEditor::AutoInlineStyleSetter::ExtendOrShrinkRangeToApplyTheStyle` recompute common ancestor of the range if it updates the range r=m_kato a=RyanVM

In this case, `<font face="monospace">abc []<br></font>`, the range applying
new style will be extended as `<font face="monospace">abc [<br>}</font>` first.
https://searchfox.org/mozilla-central/rev/29bdf6ff9965a647c6f64d63fed2b5bd094532c7/editor/libeditor/HTMLStyleEditor.cpp#1944

Then, the start point should be shrunken and the range should become
`<font face="monospace">abc {<br>}</font>`.
https://searchfox.org/mozilla-central/rev/29bdf6ff9965a647c6f64d63fed2b5bd094532c7/editor/libeditor/HTMLStyleEditor.cpp#1977-1978

However, `commonAncestor` is still the text node because it's not updated
after extending the range to include the `<br>`.  Then,
`AutoInlineStyleSetter::GetNextEditableInlineContent` fails to get `<br>`
from the text node.
https://searchfox.org/mozilla-central/rev/29bdf6ff9965a647c6f64d63fed2b5bd094532c7/editor/libeditor/HTMLStyleEditor.cpp#1576-1578

Finally, the unexpected range computation will reach here with the text editor
and adjust the start of the range to start of the text node.
https://searchfox.org/mozilla-central/rev/29bdf6ff9965a647c6f64d63fed2b5bd094532c7/editor/libeditor/HTMLStyleEditor.cpp#420-423

Therefore, the new text which the new style should be applied is jumped to
start of the text node.

Differential Revision: https://phabricator.services.mozilla.com/D190028

Bug 1851829 - Do not send close messages for MIDI ports that have already been disconnected from their remote object r=padenot, a=dmeehan