CMXSL.org/trisquel-icecat
2
0
Fork 0
Code Issues Pull requests Projects Releases 11 Packages Wiki Activity Actions

Compare commits

base: CMXSL.org:ecne
Branches Tags
CMXSL.org:ecne
CMXSL.org:aramo
CMXSL.org:aramo/140.8.0-2
CMXSL.org:ecne/140.8.0-2gnu1
CMXSL.org:ecne/140.7.1-1gnu1
CMXSL.org:aramo/140.7.1-1gnu1
CMXSL.org:aramo/140.7.0-1gnu1
CMXSL.org:ecne/140.7.0-1gnu1
CMXSL.org:ecne/140.6.0-1gnu1
CMXSL.org:aramo/140.6.0-1gnu1
CMXSL.org:aramo/140.3.1-1gnu1
CMXSL.org:ecne/140.3.1-1gnu1
CMXSL.org:128.14.0-1gnu1
CMXSL.org:128.13.0-1gnu1
CMXSL.org:128.12.0-1gnu1
..
compare: CMXSL.org:ecne/140.6.0-1gnu1
Branches Tags
CMXSL.org:aramo
CMXSL.org:ecne
CMXSL.org:aramo/140.8.0-2
CMXSL.org:ecne/140.8.0-2gnu1
CMXSL.org:ecne/140.7.1-1gnu1
CMXSL.org:aramo/140.7.1-1gnu1
CMXSL.org:aramo/140.7.0-1gnu1
CMXSL.org:ecne/140.7.0-1gnu1
CMXSL.org:ecne/140.6.0-1gnu1
CMXSL.org:aramo/140.6.0-1gnu1
CMXSL.org:aramo/140.3.1-1gnu1
CMXSL.org:ecne/140.3.1-1gnu1
CMXSL.org:128.14.0-1gnu1
CMXSL.org:128.13.0-1gnu1
CMXSL.org:128.12.0-1gnu1

No commits in common. "ecne" and "ecne/140.6.0-1gnu1" have entirely different histories.
ecne ... ecne/140.6

747 changed files with 33460 additions and 44102 deletions
Download patch file Download diff file Expand all files Collapse all files

4
icecat/.cargo/config.toml.in
View file

@ -100,9 +100,9 @@ git = "https://github.com/mozilla/midir.git"
rev = "85156e360a37d851734118104619f86bd18e94c6"
replace-with = "vendored-sources"
[source."git+https://github.com/mozilla/mp4parse-rust?rev=25ebfa59a21dc0d223052d73a2fafdd55307c2d7"]
[source."git+https://github.com/mozilla/mp4parse-rust?rev=e64650a686e5c5732395cd059e17cfd3b1e5b63b"]
git = "https://github.com/mozilla/mp4parse-rust"
rev = "25ebfa59a21dc0d223052d73a2fafdd55307c2d7"
rev = "e64650a686e5c5732395cd059e17cfd3b1e5b63b"
replace-with = "vendored-sources"
[source."git+https://github.com/mozilla/neqo?tag=v0.13.4"]

4
icecat/.gitignore vendored
View file

@ -37,10 +37,6 @@ ID
# third-party packages is dealt with by the script vendoring them.
*.egg-info/
# Ignore pywebsocket3 intermediate files.
testing/web-platform/tests/tools/third_party/pywebsocket3/pywebsocket3.egg-info
testing/web-platform/tests/tools/third_party/pywebsocket3/build
# Vim swap files.
.*.sw[a-z]
.sw[a-z]

2
icecat/.taskcluster.yml
View file

@ -101,7 +101,7 @@ tasks:
description: 'Created by a [cron task](https://icecat-ci-tc.services.mozilla.com/tasks/${cron.task_id}) (${treeherder_link})'
provisionerId: "${trustDomain}-${repository.level}"
workerType: "decision"
workerType: "decision-gcp"
tags:
$if: 'tasks_for == "hg-push"'

2
icecat/CLOBBER
View file

@ -22,4 +22,4 @@
# changes to stick? As of bug 928195, this shouldn't be necessary! Please
# don't change CLOBBER for WebIDL changes any more.
Merge day clobber 2026-01-12
Merge day clobber 2025-11-10

5
icecat/Cargo.lock generated
View file

@ -1166,7 +1166,6 @@ dependencies = [
name = "crash_helper_common"
version = "0.1.0"
dependencies = [
"getrandom 0.3.3",
"minidump-writer",
"nix 0.30.1",
"num-derive",
@ -4607,7 +4606,7 @@ dependencies = [
[[package]]
name = "mp4parse"
version = "0.17.0"
source = "git+https://github.com/mozilla/mp4parse-rust?rev=25ebfa59a21dc0d223052d73a2fafdd55307c2d7#25ebfa59a21dc0d223052d73a2fafdd55307c2d7"
source = "git+https://github.com/mozilla/mp4parse-rust?rev=e64650a686e5c5732395cd059e17cfd3b1e5b63b#e64650a686e5c5732395cd059e17cfd3b1e5b63b"
dependencies = [
"bitreader",
"byteorder",
@ -4624,7 +4623,7 @@ version = "0.1.0"
[[package]]
name = "mp4parse_capi"
version = "0.17.0"
source = "git+https://github.com/mozilla/mp4parse-rust?rev=25ebfa59a21dc0d223052d73a2fafdd55307c2d7#25ebfa59a21dc0d223052d73a2fafdd55307c2d7"
source = "git+https://github.com/mozilla/mp4parse-rust?rev=e64650a686e5c5732395cd059e17cfd3b1e5b63b#e64650a686e5c5732395cd059e17cfd3b1e5b63b"
dependencies = [
"byteorder",
"fallible_collections",

115
icecat/browser/app/winlauncher/LauncherProcessWin.cpp
View file

@ -11,6 +11,7 @@
#include "mozilla/Attributes.h"
#include "mozilla/CmdLineAndEnvUtils.h"
#include "mozilla/DebugOnly.h"
#include "mozilla/DynamicallyLinkedFunctionPtr.h"
#include "mozilla/glue/Debug.h"
#include "mozilla/GeckoArgs.h"
#include "mozilla/Maybe.h"
@ -18,14 +19,12 @@
#include "mozilla/SafeMode.h"
#include "mozilla/UniquePtr.h"
#include "mozilla/WindowsConsole.h"
#include "mozilla/WindowsProcessMitigations.h"
#include "mozilla/WindowsVersion.h"
#include "mozilla/WinHeaderOnlyUtils.h"
#include "nsWindowsHelpers.h"
#include <windows.h>
#include <processthreadsapi.h>
#include <shlwapi.h>
#include "DllBlocklistInit.h"
#include "ErrorHandler.h"
@ -112,82 +111,16 @@ static nsReturnRef<HANDLE> CreateJobAndAssignProcess(HANDLE aProcess) {
return job.out();
}
enum class VCRuntimeDLLDir : bool {
Application,
System,
};
static bool GetMSVCP140VersionInfo(VCRuntimeDLLDir aDir,
uint64_t& aOutVersion) {
wchar_t dllPath[MAX_PATH];
if (aDir == VCRuntimeDLLDir::Application) {
DWORD size = ::GetModuleFileNameW(nullptr, dllPath, MAX_PATH);
if (!size ||
(size == MAX_PATH && ::GetLastError() == ERROR_INSUFFICIENT_BUFFER) ||
!::PathRemoveFileSpecW(dllPath)) {
return false;
}
} else {
MOZ_ASSERT(aDir == VCRuntimeDLLDir::System);
UINT size = ::GetSystemDirectoryW(dllPath, MAX_PATH);
if (!size || size >= MAX_PATH) {
return false;
}
}
#if !defined( \
PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON)
# define PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON \
(0x00000001ULL << 60)
#endif // !defined(PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON)
if (!::PathAppendW(dllPath, L"msvcp140.dll")) {
return false;
}
HMODULE crt =
::LoadLibraryExW(dllPath, nullptr, LOAD_LIBRARY_AS_IMAGE_RESOURCE);
if (!crt) {
return false;
}
mozilla::nt::PEHeaders headers{crt};
bool result = headers.GetVersionInfo(aOutVersion);
::FreeLibrary(crt);
return result;
}
/**
* Choose whether we want to favor loading DLLs from the system directory over
* the application directory. This choice automatically propagates to all child
* processes. In particular, it determines whether child processes will load
* Visual C++ runtime DLLs from the system or the application directory at
* startup.
*
* Whenever possible, we want all processes to favor loading DLLs from the
* system directory. But if old Visual C++ runtime DLLs are installed
* system-wide, then we must favor loading from the application directory
* instead to ensure compatibility, at least during startup. So in this case we
* only apply the delayed variant of the mitigation and only in sandboxed
* processes, which is the best compromise (see SandboxBroker::LaunchApp).
*
* This function is called from the launcher process *and* the browser process.
* This is because if the launcher process is disabled, we still want the
* browser process to go through this code so that it enforces the correct
* choice for itself and for child processes.
*/
static void EnablePreferLoadFromSystem32IfCompatible() {
// We may already have the mitigation if we are the browser process and we
// inherited it from the launcher process.
if (!mozilla::IsPreferLoadFromSystem32Available() ||
mozilla::IsPreferLoadFromSystem32Enabled()) {
return;
}
// Only bail out if (1) there is a conflict because the two DLLs exist *and*
// (2) the version of the system DLL is problematic.
uint64_t systemDirVersion = 0, appDirVersion = 0;
if (GetMSVCP140VersionInfo(VCRuntimeDLLDir::System, systemDirVersion) &&
GetMSVCP140VersionInfo(VCRuntimeDLLDir::Application, appDirVersion) &&
systemDirVersion < appDirVersion) {
return;
}
mozilla::DebugOnly<bool> setOk = mozilla::EnablePreferLoadFromSystem32();
MOZ_ASSERT(setOk);
}
#if !defined(PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_ALWAYS_OFF)
# define PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_ALWAYS_OFF \
(0x00000002ULL << 40)
#endif // !defined(PROCESS_CREATION_MITIGATION_POLICY_CONTROL_FLOW_GUARD_ALWAYS_OFF)
/**
* Any mitigation policies that should be set on the browser process should go
@ -195,11 +128,10 @@ static void EnablePreferLoadFromSystem32IfCompatible() {
*/
static void SetMitigationPolicies(mozilla::ProcThreadAttributes& aAttrs,
const bool aIsSafeMode) {
// Note: Do *not* handle IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON here. For this
// mitigation we rely on EnablePreferLoadFromSystem32IfCompatible().
// The launcher process or the browser process will choose whether we
// want to apply the mitigation or not, and child processes will
// automatically inherit that choice.
if (mozilla::IsWin10AnniversaryUpdateOrLater()) {
aAttrs.AddMitigationPolicy(
PROCESS_CREATION_MITIGATION_POLICY_IMAGE_LOAD_PREFER_SYSTEM32_ALWAYS_ON);
}
#if defined(_M_ARM64)
// Disable CFG on older versions of ARM64 Windows to avoid a crash in COM.
@ -354,9 +286,6 @@ Maybe<int> LauncherMain(int& argc, wchar_t* argv[],
return Nothing();
}
// Called from the launcher process *and* the browser process.
EnablePreferLoadFromSystem32IfCompatible();
#if defined(MOZ_LAUNCHER_PROCESS)
LauncherRegistryInfo regInfo;
Maybe<bool> runAsLauncher = RunAsLauncherProcess(regInfo, argc, argv);
@ -380,6 +309,22 @@ Maybe<int> LauncherMain(int& argc, wchar_t* argv[],
return Nothing();
}
// Make sure that the launcher process itself has image load policies set
if (IsWin10AnniversaryUpdateOrLater()) {
static const StaticDynamicallyLinkedFunctionPtr<
decltype(&SetProcessMitigationPolicy)>
pSetProcessMitigationPolicy(L"kernel32.dll",
"SetProcessMitigationPolicy");
if (pSetProcessMitigationPolicy) {
PROCESS_MITIGATION_IMAGE_LOAD_POLICY imgLoadPol = {};
imgLoadPol.PreferSystem32Images = 1;
DebugOnly<BOOL> setOk = pSetProcessMitigationPolicy(
ProcessImageLoadPolicy, &imgLoadPol, sizeof(imgLoadPol));
MOZ_ASSERT(setOk);
}
}
#if defined(MOZ_SANDBOX)
// Ensure the relevant mitigations are enforced.
mozilla::sandboxing::ApplyParentProcessMitigations();

1
icecat/browser/app/winlauncher/moz.build
View file

@ -24,7 +24,6 @@ OS_LIBS += [
"oleaut32",
"ole32",
"rpcrt4",
"shlwapi",
"version",
]

7
icecat/browser/base/content/browser-fullScreenAndPointerLock.js
View file

@ -103,9 +103,10 @@ var PointerlockFsWarning = {
} else {
textElem.removeAttribute("hidden");
// Document's principal's URI has a host. Display a warning including it.
let displayHost = BrowserUtils.formatURIForDisplay(uri, {
onlyBaseDomain: true,
});
let { DownloadUtils } = ChromeUtils.importESModule(
"resource://gre/modules/DownloadUtils.sys.mjs"
);
let displayHost = DownloadUtils.getURIHost(uri.spec)[0];
let l10nString = {
"fullscreen-warning": "fullscreen-warning-domain",
"pointerlock-warning": "pointerlock-warning-domain",

2
icecat/browser/base/content/browser.js
View file

@ -2230,7 +2230,7 @@ var XULBrowserWindow = {
// Ensure we close any remaining open locationspecific panels
if (!isSameDocument) {
closeOpenPanels(":is(panel, menupopup)[locationspecific='true']");
closeOpenPanels("panel[locationspecific='true']");
}
gPermissionPanel.onLocationChange();

3
icecat/browser/components/DesktopActorRegistry.sys.mjs
View file

@ -127,9 +127,6 @@ let JSWINDOWACTORS = {
},
},
matches: ["about:messagepreview", "about:messagepreview?*"],
remoteTypes: ["privilegedabout"],
enablePreference:
"browser.newtabpage.activity-stream.asrouter.devtoolsEnabled",
},
AboutPocket: {

1
icecat/browser/components/about/AboutRedirector.cpp
View file

@ -110,7 +110,6 @@ static const RedirEntry kRedirMap[] = {
{"messagepreview",
"chrome://browser/content/messagepreview/messagepreview.html",
nsIAboutModule::URI_MUST_LOAD_IN_CHILD |
nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS |
nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT |
nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT},
{"pocket-saved", "chrome://pocket/content/panels/saved.html",

9
icecat/browser/components/downloads/DownloadsViewUI.sys.mjs
View file

@ -12,7 +12,6 @@ import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs";
const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
BrowserUtils: "resource://gre/modules/BrowserUtils.sys.mjs",
BrowserWindowTracker: "resource:///modules/BrowserWindowTracker.sys.mjs",
DownloadUtils: "resource://gre/modules/DownloadUtils.sys.mjs",
Downloads: "resource://gre/modules/Downloads.sys.mjs",
@ -601,13 +600,7 @@ DownloadsViewUI.DownloadElementShell.prototype = {
this.showStatus(stateLabel, hoverStatus);
return;
}
let uri = URL.parse(this.download.source.url)?.URI;
let displayHost = uri
? lazy.BrowserUtils.formatURIForDisplay(uri, {
onlyBaseDomain: true,
})
: "";
let [displayHost] = lazy.DownloadUtils.getURIHost(this.download.source.url);
let [displayDate] = lazy.DownloadUtils.getReadableDates(
new Date(this.download.endTime)
);

4
icecat/browser/components/icecatview/fxview-tab-list.mjs
View file

@ -513,9 +513,7 @@ export class FxviewTabRowBase extends MozLitElement {
formatURIForDisplay(uriString) {
return !window.IS_STORYBOOK
? lazy.BrowserUtils.formatURIStringForDisplay(uriString, {
showFilenameForLocalURIs: true,
})
? lazy.BrowserUtils.formatURIStringForDisplay(uriString)
: uriString;
}

4
icecat/browser/components/icecatview/helpers.mjs
View file

@ -24,9 +24,7 @@ export const LOGGING_PREF = "browser.tabs.icecat-view.logLevel";
export const MAX_TABS_FOR_RECENT_BROWSING = 5;
export function formatURIForDisplay(uriString) {
return lazy.BrowserUtils.formatURIStringForDisplay(uriString, {
showFilenameForLocalURIs: true,
});
return lazy.BrowserUtils.formatURIStringForDisplay(uriString);
}
export function convertTimestamp(

2
icecat/browser/components/icecatview/history.mjs
View file

@ -18,7 +18,6 @@ const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
HistoryController: "resource:///modules/HistoryController.sys.mjs",
PrivateBrowsingUtils: "resource://gre/modules/PrivateBrowsingUtils.sys.mjs",
ProfileAge: "resource://gre/modules/ProfileAge.sys.mjs",
});
@ -249,7 +248,6 @@ class HistoryInView extends ViewPage {
@click=${this.openInNewPrivateWindow}
data-l10n-id="fxviewtabrow-open-in-private-window"
data-l10n-attrs="accesskey"
?hidden=${!lazy.PrivateBrowsingUtils.enabled}
></panel-item>
<hr />
<panel-item

4
icecat/browser/components/profiles/tests/unit/test_fail_recover_storeID.js
View file

@ -14,8 +14,8 @@ add_task(async function test_recover_storeID() {
await SelectableProfileService.init();
Assert.ok(
ProfilesDatastoreService.initialized,
"Initialized the datastore service"
!ProfilesDatastoreService.initialized,
"Didn't initialize the datastore service"
);
Assert.ok(
!SelectableProfileService.initialized,

23
icecat/browser/components/shell/Windows11TaskbarPinning.cpp
View file

@ -15,7 +15,6 @@
#include "mozilla/Result.h"
#include "mozilla/ResultVariant.h"
#include "mozilla/UniquePtr.h"
#include "mozilla/WindowsVersion.h"
#include "mozilla/WinHeaderOnlyUtils.h"
#include "mozilla/widget/WinTaskbar.h"
#include "WinUtils.h"
@ -187,16 +186,7 @@ Win11PinToTaskBarResult PinCurrentAppToTaskbarWin11(
Win11PinToTaskBarResult unlockStatus =
UnlockLimitedAccessFeature(Win11LimitedAccessFeatureType::Taskbar);
if (unlockStatus.result != Win11PinToTaskBarResultStatus::Success) {
// Limited Access Feature no longer necessary for Windows 11 26200 Build
// 7840, and possibly other channels.
if (!IsWin11OrLater()) {
return unlockStatus;
}
TASKBAR_PINNING_LOG(
LogLevel::Warning,
"Limited Access Feature failed to unlock, attempting to use Taskbar "
"Pinning API assuming LAF is no longer necessary.");
return unlockStatus;
}
HRESULT hr;
@ -417,16 +407,7 @@ Win11PinToTaskBarResult IsCurrentAppPinnedToTaskbarWin11(bool aCheckOnly) {
Win11PinToTaskBarResult unlockStatus =
UnlockLimitedAccessFeature(Win11LimitedAccessFeatureType::Taskbar);
if (unlockStatus.result != Win11PinToTaskBarResultStatus::Success) {
// Limited Access Feature no longer necessary for Windows 11 26200 Build
// 7840, and possibly other channels.
if (!IsWin11OrLater()) {
return unlockStatus;
}
TASKBAR_PINNING_LOG(
LogLevel::Warning,
"Limited Access Feature failed to unlock, attempting to use Taskbar "
"Pinning API assuming LAF is no longer necessary.");
return unlockStatus;
}
HRESULT hr;

2
icecat/browser/config/version.txt
View file

@ -1 +1 @@
140.8.0
140.6.0

2
icecat/browser/config/version_display.txt
View file

@ -1 +1 @@
140.8.0esr
140.6.0esr

2
icecat/browser/confvars.sh
View file

@ -13,5 +13,5 @@ MOZ_BRANDING_DIRECTORY=browser/branding/unofficial
MOZ_OFFICIAL_BRANDING_DIRECTORY=browser/branding/official
# IceCat settings
MOZ_APP_BASENAME=IceCat
MOZ_APP_VERSION=140.8.0
MOZ_APP_VERSION=140.6.0
MOZ_DATA_REPORTING=0

56
icecat/browser/extensions/formautofill/test/browser/browser_dynamic_form_refill_on_site_clearing_values.js
View file

@ -13,7 +13,6 @@ add_setup(async () => {
});
await setStorage(TEST_ADDRESS_1);
await setStorage(TEST_CREDIT_CARD_1);
registerCleanupFunction(async () => {
await removeAllRecords();
@ -102,7 +101,7 @@ add_task(
/* eslint-disable mozilla/no-arbitrary-setTimeout */
await new Promise(resolve => {
setTimeout(resolve, FormAutofill.refillOnSiteClearingFieldsTimeout);
setTimeout(resolve, FormAutofill.refillOnSiteClearingFields);
});
return await SpecialPowers.spawn(
@ -117,56 +116,3 @@ add_task(
Assert.equal(orgaValue, "", "Element was not refilled");
}
);
add_task(async function address_field_not_refilled_after_reformat_by_site() {
const value = await BrowserTestUtils.withNewTab(
CREDITCARD_FORM_URL,
async browser => {
const selectorToTriggerAutocompletion = "#cc-number";
const elementValueToVerifyAutofill = TEST_CREDIT_CARD_1["cc-number"];
info("Triggering autocompletion.");
await openPopupOn(browser, selectorToTriggerAutocompletion);
await BrowserTestUtils.synthesizeKey("VK_DOWN", {}, browser);
await BrowserTestUtils.synthesizeKey("VK_RETURN", {}, browser);
await waitForAutofill(
browser,
selectorToTriggerAutocompletion,
elementValueToVerifyAutofill
);
const formatValue = TEST_CREDIT_CARD_1["cc-number"]
.replace(/(.{4})/g, "$1 ")
.trim();
await SpecialPowers.spawn(
browser,
[selectorToTriggerAutocompletion, formatValue],
async (ccNumberSelector, reformatValue) => {
const ccNumberInput =
content.document.querySelector(ccNumberSelector);
info("Simulating site reformats an input");
ccNumberInput.value = reformatValue;
}
);
/* eslint-disable mozilla/no-arbitrary-setTimeout */
await new Promise(resolve => {
setTimeout(resolve, FormAutofill.refillOnSiteClearingFieldsTimeout);
});
return await SpecialPowers.spawn(
browser,
[selectorToTriggerAutocompletion],
async ccNumberSelector => {
return content.document.querySelector(ccNumberSelector).value;
}
);
}
);
const formatValue = TEST_CREDIT_CARD_1["cc-number"]
.replace(/(.{4})/g, "$1 ")
.trim();
Assert.equal(value, formatValue, "Element was not refilled");
});

39
icecat/browser/extensions/formautofill/test/browser/head.js
View file

@ -1473,9 +1473,6 @@ async function triggerCapture(browser, submitButtonSelector, fillSelectors) {
* @param {object} patterns.captureExpectedRecord
* The expected saved record after capturing the form. Keyed by field name. This
* parameter is only used when `options.testCapture` is set.
* @param {boolean} patterns.useTestYear
* Set to the current year to assign while running the test, useful for credit
* card expiry tests with a manual set of year options in the dropdown.
* @param {object} patterns.only
* This parameter is used solely for debugging purposes. When set to true,
* it restricts the execution to only the specified testcase.
@ -1600,32 +1597,16 @@ async function add_heuristic_tests(
const sleepAfterFocus = contexts.length > 1;
for (const context of contexts) {
await SpecialPowers.spawn(
context,
[testPattern.useTestYear],
async year => {
let FormAutofillHeuristics;
if (year) {
FormAutofillHeuristics = ChromeUtils.importESModule(
"resource://gre/modules/shared/FormAutofillHeuristics.sys.mjs"
).FormAutofillHeuristics;
FormAutofillHeuristics.useTestYear = year;
}
const elements = Array.from(
content.document.querySelectorAll("input, select")
);
// Focus on each field in the test document to trigger autofill field detection
// on all the fields.
elements.forEach(element => {
element.focus();
});
if (year) {
FormAutofillHeuristics.useTestYear = null;
}
}
);
await SpecialPowers.spawn(context, [], async () => {
const elements = Array.from(
content.document.querySelectorAll("input, select")
);
// Focus on each field in the test document to trigger autofill field detection
// on all the fields.
elements.forEach(element => {
element.focus();
});
});
try {
await BrowserTestUtils.synthesizeKey("VK_ESCAPE", {}, context);

1
icecat/browser/extensions/formautofill/test/browser/heuristics/third_party/browser.toml vendored
View file

@ -8,6 +8,7 @@ support-files = [
["browser_BestBuy.js"]
["browser_CDW.js"]
skip-if = ["true"] # Bug 1939626
["browser_CostCo.js"]

1
icecat/browser/extensions/formautofill/test/browser/heuristics/third_party/browser_CDW.js vendored
View file

@ -30,7 +30,6 @@ add_heuristic_tests(
},
{
fixturePath: "Checkout_BillingPaymentInfo.html",
useTestYear: 2024,
expectedResult: [
{
default: {

1
icecat/browser/extensions/formautofill/test/browser/heuristics/third_party/browser_CostCo.js vendored
View file

@ -74,7 +74,6 @@ add_heuristic_tests(
},
{
fixturePath: "Payment.html",
useTestYear: 2025,
expectedResult: [
{
default: {

1
icecat/browser/extensions/formautofill/test/browser/heuristics/third_party/browser_GlobalDirectAsda.js vendored
View file

@ -6,7 +6,6 @@ add_heuristic_tests(
[
{
fixturePath: "Payment.html",
useTestYear: 2024,
expectedResult: [
{
default: {

1
icecat/browser/extensions/formautofill/test/browser/heuristics/third_party/browser_Lufthansa.js vendored
View file

@ -6,7 +6,6 @@ add_heuristic_tests(
[
{
fixturePath: "Checkout_Payment.html",
useTestYear: 2024,
expectedResult: [
{
default: {

1
icecat/browser/extensions/formautofill/test/browser/heuristics/third_party/browser_Lush.js vendored
View file

@ -6,7 +6,6 @@ add_heuristic_tests(
[
{
fixturePath: "index.html",
useTestYear: 2024,
expectedResult: [
{
default: {

62
icecat/browser/extensions/webcompat/injections/js/bug1950282-f1tv.formula1.com-unblock-icecat.js
View file

@ -120,65 +120,3 @@ window.wrappedJSObject.chrome = cloneInto(
window,
{ cloneFunctions: true }
);
const ua = navigator.userAgent;
const mobile = ua.includes("Mobile") || ua.includes("Tablet");
// Very roughly matches Chromium's GetPlatformForUAMetadata()
let platform = "Linux";
if (mobile) {
platform = "Android";
} else if (navigator.platform.startsWith("Win")) {
platform = "Windows";
} else if (navigator.platform.startsWith("Mac")) {
platform = "macOS";
}
const version = (ua.match(/IceCat\/([0-9]+)/) || ["", "58.0"])[1];
// These match Chrome's output as of version 126.
const brands = [
{
brand: "Not/A)Brand",
version: "8",
},
{
brand: "Chromium",
version,
},
{
brand: "Google Chrome",
version,
},
];
const userAgentData = cloneInto(
{
brands,
mobile,
platform,
getHighEntropyValues() {
return window.wrappedJSObject.Promise.resolve(
cloneInto(
{
brands,
mobile,
platform,
platformVersion: "19.0.0",
},
window
)
);
},
},
window,
{ cloneFunctions: true }
);
Object.defineProperty(window.navigator.wrappedJSObject, "userAgentData", {
get: exportFunction(function () {
return userAgentData;
}, window),
set: exportFunction(function () {}, window),
});

2
icecat/browser/extensions/webcompat/manifest.json
View file

@ -2,7 +2,7 @@
"manifest_version": 2,
"name": "Web Compatibility Interventions",
"description": "Urgent post-release fixes for web compatibility.",
"version": "140.12.0",
"version": "140.11.0",
"browser_specific_settings": {
"gecko": {
"id": "webcompat@mozilla.org",

BIN
icecat/build/pgo/certs/cert9.db
View file

Binary file not shown.

BIN
icecat/build/pgo/certs/key4.db
View file

Binary file not shown.

BIN
icecat/build/pgo/certs/mochitest.client
View file

Binary file not shown.

2
icecat/config/milestone.txt
View file

@ -10,4 +10,4 @@
# hardcoded milestones in the tree from these two files.
#--------------------------------------------------------
140.8.0
140.6.0

4
icecat/debian/build/rules.mk
View file

@ -157,12 +157,8 @@ ifeq (official, $(MOZ_BRANDING))
MOZ_DEFINES += -DMOZ_OFFICIAL_BRANDING
endif
ifneq (,$(DEB_PARALLEL_JOBS))
ifneq (,$(filter armhf, $(DEB_HOST_ARCH)))
MOZ_DEFINES += -DDEB_PARALLEL_JOBS=1
else
MOZ_DEFINES += -DDEB_PARALLEL_JOBS=$(DEB_PARALLEL_JOBS)
endif
endif
MOZ_EXECUTABLES_$(MOZ_PKG_NAME) += $(MOZ_LIBDIR)/$(MOZ_PKG_BASENAME).sh \
$(NULL)

18
icecat/debian/changelog
View file

@ -1,21 +1,3 @@
icecat (140.8.0-2gnu1+build1-0.12.0) ecne; urgency=medium
* New upstream stable release (icecat-140.8.0-2gnu1)
-- Capitulo Mexicano de Software Libre <devel@cmxsl.org> Tue, 10 Mar 2026 23:20:02 -0600
icecat (140.7.1-1gnu1+build1-0.12.0) ecne; urgency=medium
* New upstream stable release (icecat-140.7.1-1gnu1)
-- Capitulo Mexicano de Software Libre <devel@cmxsl.org> Mon, 16 Feb 2026 22:12:00 -0600
icecat (140.7.0-1gnu1+build1-0.12.0) ecne; urgency=medium
* New upstream stable release (icecat-140.7.0-1gnu1)
-- Capitulo Mexicano de Software Libre <devel@cmxsl.org> Sat, 17 Jan 2026 21:13:41 -0600
icecat (140.6.0-1gnu1+build1-0.12.0) ecne; urgency=medium
* New upstream stable release (icecat-140.6.0-1gnu1)

4
icecat/debian/config/mozconfig.in
View file

@ -11,11 +11,7 @@ ac_add_options --disable-updater
ac_add_options --enable-application=browser
ac_add_options --with-distribution-id=org.trisquel
%%if DEB_BUILD_ARCH_BITS == 32
%%if DEB_HOST_ARCH == armhf
ac_add_options --disable-debug-symbols
%%else
ac_add_options --enable-debug-symbols=-g1
%%endif
%%else
ac_add_options --enable-debug-symbols
%%endif

18
icecat/debian/patches/armhf-rustc-lto-off.patch → icecat/debian/patches/armhf-rustc-thin-lto.patch
View file

@ -1,30 +1,22 @@
Description: Do not enable LTO for rustc when building on armhf,
Description: Do not enable LTO for rustc when building on arm64 and armhf,
to work around OOM failures on Launchpad builders. Note that this alone is not
sufficient, because by default cargo will also enable full LTO when building
with a release profile, so the top-level Cargo.toml file needs to be
conditionally patched (this is done in debian/build/rules.mk).
Author: Olivier Tilloy <olivier.tilloy@canonical.com>
Author: Nathan Pratte Teodosio <nteodosio@ubuntu.com>
Forwarded: not-needed
--- a/config/makefiles/rust.mk
+++ b/config/makefiles/rust.mk
@@ -70,10 +70,18 @@ ifndef MOZ_DEBUG_RUST
@@ -70,8 +70,10 @@ ifndef MOZ_DEBUG_RUST
# Never enable when coverage is enabled to work around https://github.com/rust-lang/rust/issues/90045.
ifndef MOZ_CODE_COVERAGE
ifeq (,$(findstring gkrust_gtest,$(RUST_LIBRARY_FILE)))
+ifneq (,$(filter arm,$(TARGET_CPU)))
+cargo_rustc_flags += -Clto=off
+else
+ifeq (,$(filter aarch64 arm,$(TARGET_CPU)))
cargo_rustc_flags += -Clto$(if $(filter full,$(MOZ_LTO_RUST_CROSS)),=fat)
+endif
endif
+endif
# We need -Cembed-bitcode=yes for all crates when using -Clto.
+ifneq (,$(filter arm,$(TARGET_CPU)))
+RUSTFLAGS += -Cembed-bitcode=no
+else
RUSTFLAGS += -Cembed-bitcode=yes
+endif
endif
endif
endif

2
icecat/debian/patches/series
View file

@ -7,7 +7,7 @@ webrtc-fix-compiler-flags-for-armhf.patch
s390x-ycbcr.patch
reduce-rust-debuginfo.patch
armhf-reduce-linker-memory-use.patch
armhf-rustc-lto-off.patch
armhf-rustc-thin-lto.patch
ppc64el-workaround-bug-1555531.patch
ppc64el-workaround-gcc-ice.patch
armhf-clang-no-integrated-as-for-neon.patch

43
icecat/devtools/client/netmonitor/src/components/request-details/RequestPanel.js
View file

@ -124,34 +124,30 @@ class RequestPanel extends Component {
}
/**
* This maps an array to a dictionary for TreeView usage,
* sincs the treeView only supports the Object(dict) format.
* Mapping array to dict for TreeView usage.
* Since TreeView only support Object(dict) format.
* This function also deal with duplicate key case
* (for multiple selection and query params with same keys)
*
* This function also deals with the duplicate key scenario
* (i.e multiple selections and query params with same keys)
* This function is not sorting result properties since it can
* results in unexpected order of params. See bug 1469533
*
* Note: This is not sorting the result properties since it can
* result in an unexpected order of parameters. See bug 1469533
*
* @param {object[]} arrOfKeyValuePairs - An array of key-value pairs or form params.
* @param {string} arrOfKeyValuePairs[].name
* @param {string|Array} arrOfKeyValuePairs[].value
*
* @returns {object} Rep compatible object
* @param {Object[]} arr - key-value pair array or form params
* @returns {Object} Rep compatible object
*/
getProperties(arrOfKeyValuePairs) {
return arrOfKeyValuePairs.reduce((dict, { name, value }) => {
if (name in dict) {
const dictValue = dict[name];
if (!Array.isArray(dictValue)) {
dict[name] = [dictValue];
getProperties(arr) {
return arr.reduce((map, obj) => {
const value = map[obj.name];
if (value || value === "") {
if (typeof value !== "object") {
map[obj.name] = [value];
}
dict[name].push(value);
map[obj.name].push(obj.value);
} else {
dict[name] = value;
map[obj.name] = obj.value;
}
return dict;
}, Object.create(null));
return map;
}, {});
}
toggleRawRequestPayload() {
@ -209,9 +205,10 @@ class RequestPanel extends Component {
// Form Data section
if (formDataSections && formDataSections.length) {
const sections = formDataSections.filter(str => /\S/.test(str)).join("&");
component = PropertiesView;
componentProps = {
object: this.getProperties(parseFormData(formDataSections)),
object: this.getProperties(parseFormData(sections)),
filterText,
targetSearchResult,
defaultSelectFirstNode: false,

34
icecat/devtools/client/netmonitor/src/utils/request-utils.js
View file

@ -83,6 +83,7 @@ async function getFormDataSections(
}
}
}
return formDataSections;
}
@ -417,29 +418,28 @@ function parseQueryString(query) {
/**
* Parse a string of formdata sections into its components
*
* @param {Array<string>} sections Array of sections of formdata
* e.g ["", "a=x&b=y", "c=z"]
* @return {Array<object>} Array of formdata params
* e.g [{ name: 'a', value: 'x' }, { name: 'b', value: 'y'}, { name: 'c', value: 'z'}]
* @param {string} sections - sections of formdata joined by &
* @return {array} array of formdata params { name, value }
*/
function parseFormData(sections) {
if (!sections || !sections.length) {
if (!sections) {
return [];
}
const formDataParams = [];
const searchStr = sections
// Filter out empty sections
.filter(str => /\S/.test(str))
.join("&");
const params = new URLSearchParams(searchStr);
for (const [key, value] of params) {
formDataParams.push({
name: getUnicodeUrlPath(key),
value: getUnicodeUrlPath(value),
return sections
.replace(/^&/, "")
.split("&")
.map(e => {
const firstEqualSignIndex = e.indexOf("=");
const paramName =
firstEqualSignIndex !== -1 ? e.slice(0, firstEqualSignIndex) : e;
const paramValue =
firstEqualSignIndex !== -1 ? e.slice(firstEqualSignIndex + 1) : "";
return {
name: paramName ? getUnicodeUrlPath(paramName) : "",
value: paramValue ? getUnicodeUrlPath(paramValue) : "",
};
});
}
return formDataParams;
}
/**

12
icecat/devtools/client/netmonitor/test/browser_net_complex-params.js
View file

@ -20,7 +20,7 @@ add_task(async function () {
store.dispatch(Actions.batchEnable(false));
// Execute requests.
await performRequests(monitor, tab, 13);
await performRequests(monitor, tab, 12);
const requestListItems = document.querySelectorAll(
".network-monitor .request-list-item"
@ -49,7 +49,7 @@ add_task(async function () {
await testRequestWithFormattedView(
monitor,
requestListItems[2],
"foo",
"?foo",
"bar=123=xyz",
"?foo=bar=123=xyz",
1
@ -92,14 +92,6 @@ add_task(async function () {
'{ "foo": "bar" }',
1
);
await testRequestWithFormattedView(
monitor,
requestListItems[12],
"__proto__",
"evil_value",
"__proto__=evil_value",
1
);
await teardown(monitor);
});

4
icecat/devtools/client/netmonitor/test/browser_net_curl-utils.js
View file

@ -326,10 +326,10 @@ function testEscapeStringWin() {
"Percent signs should be escaped."
);
const backslashes = " - \\A simple string\\ - ";
const backslashes = "\\A simple string\\";
is(
CurlUtils.escapeStringWin(backslashes),
'^\" - ^\\^\\A simple string^\\^\\ - ^\"',
'^\"^\\A simple string^\\^\"',
"Backslashes should be escaped."
);

1
icecat/devtools/client/netmonitor/test/html_params-test-page.html
View file

@ -71,7 +71,6 @@
await get("baz", "?species=in=(52,60)");
await get("baz", "?a=&a=b");
await get("baz", "?a=b&a=c&d=1");
await post("baz", "", urlencoded, "__proto__=evil_value");
}
</script>
</body>

3
icecat/devtools/client/shared/curl.js
View file

@ -458,9 +458,6 @@ const CurlUtils = {
return (
encapsChars +
str
// Replace all the \ (used as the escape character in the next replace) with \\
.replace(/\\/g, "\\\\")
// Replace all " with \" to ensure the first parser does not remove it.
.replace(/"/g, '\\"')

4
icecat/docshell/base/BrowsingContext.cpp
View file

@ -4049,10 +4049,6 @@ bool IPDLParamTraits<dom::MaybeDiscarded<dom::BrowsingContext>>::Read(
if (id == 0) {
*aResult = nullptr;
} else if (RefPtr<dom::BrowsingContext> bc = dom::BrowsingContext::Get(id)) {
if (!bc->Group()->IsKnownForMessageReader(aReader)) {
return false;
}
*aResult = std::move(bc);
} else {
aResult->SetDiscarded(id);

38
icecat/docshell/base/BrowsingContextGroup.cpp
View file

@ -251,42 +251,6 @@ ContentParent* BrowsingContextGroup::GetHostProcess(
return mHosts.GetWeak(aRemoteType);
}
bool BrowsingContextGroup::IsKnownForMessageReader(
IPC::MessageReader* aReader) {
if (!aReader->GetActor()) {
aReader->FatalError(
"No actor for BrowsingContextGroup::IsKnownForMessageReader");
return false;
}
mozilla::ipc::IToplevelProtocol* topActor =
aReader->GetActor()->ToplevelProtocol();
switch (topActor->GetProtocolId()) {
case PInProcessMsgStart:
// PInProcess always exists only within a single process, so we don't need
// to do any validation on it.
return true;
case PContentMsgStart:
// The process should only be able to name this BCG if it is
// subscribed, or if the BCG has been destroyed (and has therefore
// stopped tracking subscribers).
if (topActor->GetSide() == mozilla::ipc::ParentSide && !mDestroyed &&
!mSubscribers.Contains(static_cast<ContentParent*>(topActor))) {
aReader->FatalError(
"Process is not subscribed to this BrowsingContextGroup");
return false;
}
return true;
default:
aReader->FatalError(
"Unsupported toplevel actor for "
"BrowsingContextGroup::IsKnownForMessageReader");
return false;
}
}
void BrowsingContextGroup::UpdateToplevelsSuspendedIfNeeded() {
if (!StaticPrefs::dom_suspend_inactive_enabled()) {
return;
@ -332,8 +296,8 @@ void BrowsingContextGroup::Destroy() {
!sBrowsingContextGroups->Contains(Id()) ||
*sBrowsingContextGroups->Lookup(Id()) != this);
}
#endif
mDestroyed = true;
#endif
// Make sure to call `RemoveBrowsingContextGroup` for every entry in both
// `mHosts` and `mSubscribers`. This will visit most entries twice, but

8
icecat/docshell/base/BrowsingContextGroup.h
View file

@ -87,12 +87,6 @@ class BrowsingContextGroup final : public nsWrapperCache {
// BrowsingContextGroup, if possible.
ContentParent* GetHostProcess(const nsACString& aRemoteType);
// Check if the process which sent the message being read from aReader is
// aware of this BrowsingContextGroup's existence.
// If this returns false, it will first set a fatal error on aReader with more
// details.
bool IsKnownForMessageReader(IPC::MessageReader* aReader);
// When a BrowsingContext is being discarded, we may want to keep the
// corresponding BrowsingContextGroup alive until the other process
// acknowledges that the BrowsingContext has been discarded. A `KeepAlive`
@ -266,7 +260,9 @@ class BrowsingContextGroup final : public nsWrapperCache {
uint32_t mKeepAliveCount = 0;
#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
bool mDestroyed = false;
#endif
// A BrowsingContextGroup contains a series of {Browsing,Window}Context
// objects. They are addressed using a hashtable to avoid linear lookup when

4
icecat/docshell/base/ChildProcessChannelListener.h
View file

@ -45,8 +45,8 @@ class ChildProcessChannelListener final {
};
// TODO Backtrack.
nsTHashMap<NoMemMoveKey<nsUint64HashKey>, Callback> mCallbacks;
nsTHashMap<NoMemMoveKey<nsUint64HashKey>, CallbackArgs> mChannelArgs;
nsTHashMap<nsUint64HashKey, Callback> mCallbacks;
nsTHashMap<nsUint64HashKey, CallbackArgs> mChannelArgs;
};
} // namespace mozilla::dom

4
icecat/docshell/base/WindowContext.cpp
View file

@ -764,10 +764,6 @@ bool IPDLParamTraits<dom::MaybeDiscarded<dom::WindowContext>>::Read(
if (id == 0) {
*aResult = nullptr;
} else if (RefPtr<dom::WindowContext> wc = dom::WindowContext::GetById(id)) {
if (!wc->Group()->IsKnownForMessageReader(aReader)) {
return false;
}
*aResult = std::move(wc);
} else {
aResult->SetDiscarded(id);

5
icecat/dom/base/Document.cpp
View file

@ -687,10 +687,7 @@ class SimpleHTMLCollection final : public nsSimpleContentList,
}
virtual uint32_t Length() override { return nsSimpleContentList::Length(); }
virtual Element* GetElementAt(uint32_t aIndex) override {
if (nsIContent* content = mElements.SafeElementAt(aIndex)) {
return content->AsElement();
}
return nullptr;
return mElements.SafeElementAt(aIndex)->AsElement();
}
virtual Element* GetFirstNamedElement(const nsAString& aName,

4
icecat/dom/base/StructuredCloneBlob.cpp
View file

@ -17,7 +17,6 @@
#include "mozilla/Assertions.h"
#include "mozilla/ErrorResult.h"
#include "mozilla/Maybe.h"
#include "mozilla/Span.h"
#include "mozilla/UniquePtr.h"
#include "mozilla/dom/BindingDeclarations.h"
#include "mozilla/dom/BlobImpl.h"
@ -174,8 +173,7 @@ bool StructuredCloneBlob::Holder::ReadStructuredCloneInternal(
return false;
}
#endif
BlobImpls().AppendElements(
Span(aHolder->BlobImpls()).Subspan(blobOffset, blobCount));
BlobImpls().AppendElements(&aHolder->BlobImpls()[blobOffset], blobCount);
}
JSStructuredCloneData data(mStructuredCloneScope);

11
icecat/dom/base/TimeoutManager.cpp
View file

@ -104,10 +104,6 @@ bool TimeoutManager::IsActive() const {
return true;
}
if (mIsChromeWorker) {
return true;
}
// Check if we're playing audio
if (mGlobalObject.IsPlayingAudio()) {
return true;
@ -326,7 +322,7 @@ TimeDuration TimeoutManager::CalculateDelay(Timeout* aTimeout) const {
TimeDuration result = aTimeout->mInterval;
if (aTimeout->mNestingLevel >=
StaticPrefs::dom_clamp_timeout_nesting_level() && !mIsChromeWorker) {
StaticPrefs::dom_clamp_timeout_nesting_level()) {
uint32_t minTimeoutValue = StaticPrefs::dom_min_timeout_value();
result = TimeDuration::Max(result,
TimeDuration::FromMilliseconds(minTimeoutValue));
@ -408,7 +404,7 @@ uint32_t TimeoutManager::sNestingLevel = 0;
TimeoutManager::TimeoutManager(nsIGlobalObject& aHandle,
uint32_t aMaxIdleDeferMS,
nsISerialEventTarget* aEventTarget, bool aIsChromeWorker)
nsISerialEventTarget* aEventTarget)
: mGlobalObject(aHandle),
mExecutor(new TimeoutExecutor(this, false, 0)),
mIdleExecutor(new TimeoutExecutor(this, true, aMaxIdleDeferMS)),
@ -429,8 +425,7 @@ TimeoutManager::TimeoutManager(nsIGlobalObject& aHandle,
mBudgetThrottleTimeouts(false),
mIsLoading(false),
mEventTarget(aEventTarget),
mIsWindow(aHandle.GetAsInnerWindow()),
mIsChromeWorker(aIsChromeWorker) {
mIsWindow(aHandle.GetAsInnerWindow()) {
MOZ_LOG(gTimeoutLog, LogLevel::Debug,
("TimeoutManager %p created, tracking bucketing %s\n", this,
StaticPrefs::privacy_trackingprotection_annotate_channels()

5
icecat/dom/base/TimeoutManager.h
View file

@ -30,8 +30,7 @@ class TimeoutManager final {
public:
TimeoutManager(nsIGlobalObject& aHandle, uint32_t aMaxIdleDeferMS,
nsISerialEventTarget* aEventTarget,
bool aIsChromeWorker = false);
nsISerialEventTarget* aEventTarget);
~TimeoutManager();
TimeoutManager(const TimeoutManager& rhs) = delete;
void operator=(const TimeoutManager& rhs) = delete;
@ -271,8 +270,6 @@ class TimeoutManager final {
const bool mIsWindow;
const bool mIsChromeWorker;
uint32_t mNestingLevel{0};
static uint32_t sNestingLevel;

8
icecat/dom/base/nsRange.cpp
View file

@ -3583,7 +3583,6 @@ void nsRange::CreateOrUpdateCrossShadowBoundaryRangeIfNeeded(
// Nodes at least needs to be in the same document.
if (startNode && endNode &&
startNode->GetComposedDoc() != endNode->GetComposedDoc()) {
ResetCrossShadowBoundaryRange();
return;
}
@ -3598,13 +3597,6 @@ void nsRange::CreateOrUpdateCrossShadowBoundaryRangeIfNeeded(
return false;
}
// We don't allow ranges to span different NAC subtrees (because we don't
// notify when unbinding NAC roots historically). nsRange can already deal
// with the "same anonymous subtree" case.
if (aContainer->IsInNativeAnonymousSubtree()) {
return false;
}
// AbstractRange::GetClosestCommonInclusiveAncestor only supports
// Document and Content nodes.
return aContainer->IsDocument() || aContainer->IsContent();

24
icecat/dom/bindings/BindingUtils.cpp
View file

@ -14,7 +14,6 @@
#include "mozilla/DebugOnly.h"
#include "mozilla/Encoding.h"
#include "mozilla/FloatingPoint.h"
#include "mozilla/Maybe.h"
#include "mozilla/Preferences.h"
#include "mozilla/ScopeExit.h"
#include "mozilla/StaticPrefs_dom.h"
@ -3801,7 +3800,7 @@ bool HTMLConstructor(JSContext* aCx, unsigned aArgc, JS::Value* aVp,
// Technically, per spec, a window always has a document. In Gecko, a
// sufficiently torn-down window might not, so check for that case. We're
// going to need a document to create an element.
RefPtr<Document> doc = window->GetExtantDoc();
Document* doc = window->GetExtantDoc();
if (!doc) {
rv.Throw(NS_ERROR_UNEXPECTED);
return false;
@ -3844,7 +3843,7 @@ bool HTMLConstructor(JSContext* aCx, unsigned aArgc, JS::Value* aVp,
}
// Step 3.
RefPtr<CustomElementDefinition> definition =
CustomElementDefinition* definition =
registry->LookupCustomElementDefinition(aCx, newTarget);
if (!definition) {
rv.ThrowTypeError<MSG_ILLEGAL_CONSTRUCTOR>();
@ -3944,21 +3943,6 @@ bool HTMLConstructor(JSContext* aCx, unsigned aArgc, JS::Value* aVp,
// Steps 7 and 8.
JS::Rooted<JSObject*> desiredProto(aCx);
// Check which construction path we're taking before running any JS.
// This determines whether we need AutoConstructionDepth protection.
nsTArray<RefPtr<Element>>& constructionStack = definition->mConstructionStack;
const bool isDirectConstruction = constructionStack.IsEmpty();
// For direct construction (not upgrade), create AutoConstructionDepth before
// GetDesiredProto. This ensures mConstructionDepth is incremented before any
// re-entrant JS can run via Proxy traps, preventing desynchronization with
// mPrefixStack which may be pushed by nsContentUtils::NewXULOrHTMLElement.
mozilla::Maybe<AutoConstructionDepth> autoDepth;
if (isDirectConstruction) {
autoDepth.emplace(definition);
}
if (!GetDesiredProto(aCx, args, aProtoId, aCreator, &desiredProto)) {
return false;
}
@ -3969,12 +3953,14 @@ bool HTMLConstructor(JSContext* aCx, unsigned aArgc, JS::Value* aVp,
// one branch and steps 9-12 on another branch, then common up the "return
// element" work.
RefPtr<Element> element;
if (isDirectConstruction) {
nsTArray<RefPtr<Element>>& constructionStack = definition->mConstructionStack;
if (constructionStack.IsEmpty()) {
// Step 8.
// Now we go to construct an element. We want to do this in global's
// realm, not caller realm (the normal constructor behavior),
// just in case those elements create JS things.
JSAutoRealm ar(aCx, global.Get());
AutoConstructionDepth acd(definition);
RefPtr<NodeInfo> nodeInfo = doc->NodeInfoManager()->GetNodeInfo(
definition->mLocalName, definition->mPrefixStack.LastElement(), ns,

12
icecat/dom/canvas/TexUnpackBlob.cpp
View file

@ -580,7 +580,7 @@ bool TexUnpackBytes::TexOrSubImage(bool isSubImage, bool needsRespec,
const auto& unpacking = unpackingRes.inspect();
const auto stride = unpacking.metrics.bytesPerRowStride;
// clang-format off
if (!ConvertIfNeeded(webgl, unpacking.metrics.usedPixelsPerRow,
if (!ConvertIfNeeded(webgl, unpacking.state.rowLength,
unpacking.metrics.totalRows,
format, uploadPtr, AutoAssertCast(stride),
format, AutoAssertCast(stride), &uploadPtr, &tempBuffer)) {
@ -1109,12 +1109,6 @@ bool TexUnpackSurface::TexOrSubImage(bool isSubImage, bool needsRespec,
////
const auto surfSize = surf->GetSize();
if (uint32_t(surfSize.width) < size.x || uint32_t(surfSize.height) < size.y) {
gfxCriticalError() << "Source surface size too small for upload.";
return false;
}
WebGLTexelFormat srcFormat;
uint8_t srcBPP;
if (!GetFormatForSurf(surf, &srcFormat, &srcBPP)) {
@ -1139,7 +1133,7 @@ bool TexUnpackSurface::TexOrSubImage(bool isSubImage, bool needsRespec,
const auto dstFormat = FormatForPackingInfo(dstPI);
const size_t dstBpp = BytesPerPixel(dstPI);
const size_t dstUsedBytesPerRow = dstBpp * surfSize.width;
const size_t dstUsedBytesPerRow = dstBpp * surf->GetSize().width;
size_t dstStride = dstFormat == srcFormat ? srcStride // Try To match
: dstUsedBytesPerRow;
@ -1170,7 +1164,7 @@ bool TexUnpackSurface::TexOrSubImage(bool isSubImage, bool needsRespec,
const uint8_t* dstBegin = srcBegin;
UniqueBuffer tempBuffer;
// clang-format off
if (!ConvertIfNeeded(webgl, surfSize.width, surfSize.height,
if (!ConvertIfNeeded(webgl, surf->GetSize().width, surf->GetSize().height,
srcFormat, srcBegin, AutoAssertCast(srcStride),
dstFormat, AutoAssertCast(dstUnpacking.metrics.bytesPerRowStride), &dstBegin,
&tempBuffer)) {

1
icecat/dom/canvas/WebGLContext.cpp
View file

@ -2885,7 +2885,6 @@ webgl::ExplicitPixelPackingState::ForUseWith(
auto metrics = Metrics{};
metrics.usedSize = subrectSize;
metrics.usedPixelsPerRow = usedPixelsPerRow.value();
metrics.bytesPerPixel = BytesPerPixel(pi);
// -

3
icecat/dom/canvas/WebGLTypes.h
View file

@ -1142,9 +1142,6 @@ struct ExplicitPixelPackingState final {
// ...aligned to ALIGNMENT.
size_t bytesPerRowStride = 0;
// SKIP_PIXELS+size.x
size_t usedPixelsPerRow = 0;
// structuredSrcSize.y, otherwise IMAGE_HEIGHT*(SKIP_IMAGES+size.z)
size_t totalRows = 0;

10
icecat/dom/clients/manager/ClientChannelHelper.cpp
View file

@ -9,9 +9,6 @@
#include "ClientManager.h"
#include "ClientSource.h"
#include "MainThreadUtils.h"
#include "mozilla/AntiTrackingUtils.h"
#include "mozilla/StaticPrefs_privacy.h"
#include "mozilla/StoragePrincipalHelper.h"
#include "mozilla/dom/ClientsBinding.h"
#include "mozilla/dom/ServiceWorkerDescriptor.h"
#include "mozilla/ipc/BackgroundUtils.h"
@ -136,13 +133,6 @@ class ClientChannelHelper : public nsIInterfaceRequestor,
// If it's a cross-origin redirect then we discard the old reserved client
// and create a new one.
else {
// The partition-key, and in particular the foreign bit, can change on a
// cross-origin redirect so it is essential to update the anti-tracking
// info for the channel. This will happen in nsHttpChannel::AsyncOpen but
// that happens strictly after now, whereas we are sampling the principal
// now.
AntiTrackingUtils::UpdateAntiTrackingInfoForChannel(aNewChannel);
nsCOMPtr<nsIPrincipal> foreignPartitionedPrincipal;
rv = StoragePrincipalHelper::GetPrincipal(
aNewChannel,

11
icecat/dom/credentialmanagement/CredentialsContainer.cpp
View file

@ -194,12 +194,6 @@ already_AddRefed<Promise> CredentialsContainer::Get(
return promise.forget();
}
if (aOptions.mMediation != CredentialMediationRequirement::Conditional &&
aOptions.mMediation != CredentialMediationRequirement::Optional &&
aOptions.mMediation != CredentialMediationRequirement::Required) {
return CreateAndRejectWithNotSupported(mParent, aRv);
}
EnsureWebAuthnHandler();
return mWebAuthnHandler->GetAssertion(aOptions.mPublicKey.Value(),
conditionallyMediated,
@ -275,11 +269,6 @@ already_AddRefed<Promise> CredentialsContainer::Create(
return CreateAndRejectWithNotAllowed(mParent, aRv);
}
if (aOptions.mMediation != CredentialMediationRequirement::Optional &&
aOptions.mMediation != CredentialMediationRequirement::Required) {
return CreateAndRejectWithNotSupported(mParent, aRv);
}
EnsureWebAuthnHandler();
return mWebAuthnHandler->MakeCredential(aOptions.mPublicKey.Value(),
aOptions.mSignal, aRv);

6
icecat/dom/events/test/clipboard/browser.toml
View file

@ -10,12 +10,6 @@ support-files = ["simple_navigator_clipboard_keydown.html"]
run-if = ["os != 'win'"] # The popupmenus dismiss when access keys for disabled items are pressed on windows
skip-if = ["os == 'mac' && verify"]
["browser_navigator_clipboard_contextmenu_dismiss.js"]
support-files = [
"file_toplevel.html",
"file_iframe.html",
]
["browser_navigator_clipboard_contextmenu_suppression.js"]
support-files = [
"file_toplevel.html",

64
icecat/dom/events/test/clipboard/browser_navigator_clipboard_contextmenu_dismiss.js
View file

@ -1,64 +0,0 @@
/* -*- Mode: JavaScript; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
"use strict";
const kBaseUrlForContent = getRootDirectory(gTestPath).replace(
"chrome://mochitests/content",
"https://example.com"
);
const kContentFileUrl = kBaseUrlForContent + "file_toplevel.html";
Services.scriptloader.loadSubScript(
"chrome://mochitests/content/browser/gfx/layers/apz/test/mochitest/apz_test_native_event_utils.js",
this
);
async function readText(aBrowser) {
return SpecialPowers.spawn(aBrowser, [], () => {
content.document.notifyUserGestureActivation();
content.eval(`navigator.clipboard.readText();`);
});
}
add_task(async function test_context_menu_dimiss_tab_navigate() {
await BrowserTestUtils.withNewTab(kContentFileUrl, async aBrowser => {
info(`Randomized text to avoid overlappings with other tests`);
await promiseWritingRandomTextToClipboard();
info(`Wait for paste context menu is shown`);
let pasteButtonIsShown = promisePasteButtonIsShown();
await readText(aBrowser);
await pasteButtonIsShown;
info("Navigate tab");
let pasteButtonIsHidden = promisePasteButtonIsHidden();
aBrowser.loadURI(Services.io.newURI("https://example.com/"), {
triggeringPrincipal: Services.scriptSecurityManager.getSystemPrincipal(),
});
info(`Wait for paste context menu is hidden`);
await pasteButtonIsHidden;
});
});
add_task(async function test_context_menu_dimiss_tab_reload() {
await BrowserTestUtils.withNewTab(kContentFileUrl, async aBrowser => {
info(`Randomized text to avoid overlappings with other tests`);
await promiseWritingRandomTextToClipboard();
info(`Wait for paste context menu is shown`);
let pasteButtonIsShown = promisePasteButtonIsShown();
await readText(aBrowser);
await pasteButtonIsShown;
info("Reload tab");
let pasteButtonIsHidden = promisePasteButtonIsHidden();
await BrowserTestUtils.reloadTab(gBrowser.selectedTab);
info(`Wait for paste context menu is hidden`);
await pasteButtonIsHidden;
});
});

3
icecat/dom/fetch/FetchParent.cpp
View file

@ -176,7 +176,7 @@ IPCResult FetchParent::RecvFetchOp(FetchOpArgs&& aArgs) {
self->mResponsePromises =
fetchService->Fetch(AsVariant(FetchService::WorkerFetchArgs(
{self->mRequest.clonePtr(), self->mPrincipalInfo,
self->mWorkerScript, *self->mClientInfo, self->mController,
self->mWorkerScript, self->mClientInfo, self->mController,
self->mCookieJarSettings, self->mNeedOnDataAvailable,
self->mCSPEventListener, self->mAssociatedBrowsingContextID,
self->mBackgroundEventTarget, self->mID,
@ -189,7 +189,6 @@ IPCResult FetchParent::RecvFetchOp(FetchOpArgs&& aArgs) {
fetchService->Fetch(AsVariant(FetchService::MainThreadFetchArgs({
self->mRequest.clonePtr(),
self->mPrincipalInfo,
*self->mClientInfo,
self->mCookieJarSettings,
self->mNeedOnDataAvailable,
self->mCSPEventListener,

4
icecat/dom/fetch/FetchService.cpp
View file

@ -271,7 +271,8 @@ RefPtr<FetchServicePromises> FetchService::FetchInstance::Fetch() {
if (mArgsType == FetchArgsType::WorkerFetch) {
auto& args = mArgs.as<WorkerFetchArgs>();
mFetchDriver->SetWorkerScript(args.mWorkerScript);
mFetchDriver->SetClientInfo(args.mClientInfo);
MOZ_ASSERT(args.mClientInfo.isSome());
mFetchDriver->SetClientInfo(args.mClientInfo.ref());
mFetchDriver->SetController(args.mController);
if (args.mCSPEventListener) {
mFetchDriver->SetCSPEventListener(args.mCSPEventListener);
@ -284,7 +285,6 @@ RefPtr<FetchServicePromises> FetchService::FetchInstance::Fetch() {
if (mArgsType == FetchArgsType::MainThreadFetch) {
auto& args = mArgs.as<MainThreadFetchArgs>();
mFetchDriver->SetClientInfo(args.mClientInfo);
mFetchDriver->SetIsThirdPartyContext(Some(args.mIsThirdPartyContext));
}

3
icecat/dom/fetch/FetchService.h
View file

@ -108,7 +108,7 @@ class FetchService final : public nsIObserver {
SafeRefPtr<InternalRequest> mRequest;
mozilla::ipc::PrincipalInfo mPrincipalInfo;
nsCString mWorkerScript;
ClientInfo mClientInfo;
Maybe<ClientInfo> mClientInfo;
Maybe<ServiceWorkerDescriptor> mController;
Maybe<net::CookieJarSettingsArgs> mCookieJarSettings;
bool mNeedOnDataAvailable;
@ -131,7 +131,6 @@ class FetchService final : public nsIObserver {
struct MainThreadFetchArgs {
SafeRefPtr<InternalRequest> mRequest;
mozilla::ipc::PrincipalInfo mPrincipalInfo;
ClientInfo mClientInfo;
Maybe<net::CookieJarSettingsArgs> mCookieJarSettings;
bool mNeedOnDataAvailable;
nsCOMPtr<nsICSPEventListener> mCSPEventListener;

4
icecat/dom/html/nsHTMLDocument.cpp
View file

@ -596,10 +596,6 @@ void nsHTMLDocument::NamedGetter(JSContext* aCx, const nsAString& aName,
aRv.NoteJSContextException(aCx);
return;
}
if (v.isNullOrUndefined()) {
return;
}
} else {
// Step 3. Otherwise, if elements has only one element, return that
// element.

9
icecat/dom/indexedDB/ActorsParent.cpp
View file

@ -1316,7 +1316,6 @@ class DatabaseConnection::UpdateRefcountFunction::FileInfoEntry final {
}
}
void DecBySavepointDelta() { mDelta -= mSavepointDelta; }
void ResetSavepointDelta() { mSavepointDelta = 0; }
SafeRefPtr<DatabaseFileInfo> ReleaseFileInfo() {
return std::move(mFileInfo);
}
@ -7584,7 +7583,6 @@ void DatabaseConnection::UpdateRefcountFunction::RollbackSavepoint() {
for (const auto& entry : mSavepointEntriesIndex.Values()) {
entry->DecBySavepointDelta();
entry->ResetSavepointDelta();
}
mInSavepoint = false;
@ -10550,8 +10548,8 @@ already_AddRefed<PBackgroundIDBCursorParent> TransactionBase::AllocCursor(
if (NS_AUUF_OR_WARN_IF(!objectStoreMetadata)) {
return nullptr;
}
if (!aTrustParams && NS_AUUF_OR_WARN_IF(!VerifyRequestParams(
commonParams.optionalKeyRange()))) {
if (aTrustParams && NS_AUUF_OR_WARN_IF(!VerifyRequestParams(
commonParams.optionalKeyRange()))) {
return nullptr;
}
direction = commonParams.direction();
@ -18976,8 +18974,7 @@ nsresult ObjectStoreAddOrPutRequestOp::DoDatabaseWork(
// Update index keys if primary key is preserved in child.
for (auto& updateInfo : mParams.indexUpdateInfos()) {
QM_TRY(
updateInfo.value().MaybeUpdateAutoIncrementKey(autoIncrementNum));
updateInfo.value().MaybeUpdateAutoIncrementKey(autoIncrementNum);
}
} else if (key.IsFloat()) {
double numericKey = key.ToFloat();

21
icecat/dom/indexedDB/Key.cpp
View file

@ -585,34 +585,19 @@ void Key::ReserveAutoIncrementKey(bool aFirstOfArray) {
mozilla::BigEndian::writeUint64(buffer, UINT64_MAX);
}
Result<Ok, nsresult> Key::MaybeUpdateAutoIncrementKey(int64_t aKey) {
void Key::MaybeUpdateAutoIncrementKey(int64_t aKey) {
if (mAutoIncrementKeyOffsets.IsEmpty()) {
return Ok{};
return;
}
static constexpr auto maxOffset =
KEY_MAXIMUM_BUFFER_LENGTH - sizeof(double) - 1;
for (uint32_t offset : mAutoIncrementKeyOffsets) {
if (offset > maxOffset) {
return Err(NS_ERROR_DOM_INDEXEDDB_KEY_ERR);
}
char* buffer;
const auto capacity = mBuffer.GetMutableData(&buffer);
MOZ_ALWAYS_TRUE(capacity);
if (offset + sizeof(double) > capacity) {
return Err(NS_ERROR_DOM_INDEXEDDB_KEY_ERR);
}
MOZ_ALWAYS_TRUE(mBuffer.GetMutableData(&buffer));
buffer += offset;
WriteDoubleToUint64(buffer, double(aKey));
}
TrimBuffer();
return Ok{};
}
void Key::WriteDoubleToUint64(char* aBuffer, double aValue) {

2
icecat/dom/indexedDB/Key.h
View file

@ -185,7 +185,7 @@ class Key {
void ReserveAutoIncrementKey(bool aFirstOfArray);
Result<Ok, nsresult> MaybeUpdateAutoIncrementKey(int64_t aKey);
void MaybeUpdateAutoIncrementKey(int64_t aKey);
private:
class MOZ_STACK_CLASS ArrayValueEncoder;

2
icecat/dom/media/eme/MediaKeys.cpp
View file

@ -325,7 +325,6 @@ void MediaKeys::RejectPromise(PromiseId aId, ErrorResult&& aException,
this, aId, errorCodeAsInt);
return;
}
RefPtr<MediaKeys> keys(this);
// This promise could be a createSession or loadSession promise,
// so we might have a pending session waiting to be resolved into
@ -380,7 +379,6 @@ void MediaKeys::ResolvePromise(PromiseId aId) {
if (!promise) {
return;
}
RefPtr<MediaKeys> keys(this);
uint32_t token = 0;
if (!mPromiseIdToken.Get(aId, &token)) {

6
icecat/dom/media/eme/clearkey/ClearKeyUtils.cpp
View file

@ -189,10 +189,8 @@ bool ClearKeyUtils::DecryptCbcs(const vector<uint8_t>& aKey,
/* static */
bool ClearKeyUtils::DecryptAES(const vector<uint8_t>& aKey,
vector<uint8_t>& aData, vector<uint8_t>& aIV) {
if (aKey.size() != CENC_KEY_LEN || aIV.size() != CENC_KEY_LEN) {
CK_LOGE("Key and IV size should be 16!");
return false;
}
assert(aIV.size() == CENC_KEY_LEN);
assert(aKey.size() == CENC_KEY_LEN);
PK11SlotInfo* slot = PK11_GetInternalKeySlot();
if (!slot) {

4
icecat/dom/media/gmp/GMPParent.cpp
View file

@ -657,11 +657,13 @@ void GMPParent::DeleteProcess() {
self->DeleteProcess();
},
[self](const ipc::ResponseRejectReason&) {
// We crashed during shutdown, ActorDestroy will perform cleanup.
GMP_LOG_DEBUG(
"GMPParent[%p|childPid=%d] DeleteProcess: Shutdown handshake "
"error.",
self.get(), self->mChildPid);
self->mState = GMPState::Closed;
self->Close();
self->DeleteProcess();
});
return;
}

14
icecat/dom/media/platforms/wrappers/MediaChangeMonitor.cpp
View file

@ -1200,7 +1200,7 @@ MediaResult MediaChangeMonitor::CreateDecoderAndInit(MediaRawData* aSample) {
return;
}
mDecodePromise.RejectIfExists(
mDecodePromise.Reject(
MediaResult(
aError.Code(),
RESULT_DETAIL("Unable to initialize decoder")),
@ -1215,7 +1215,7 @@ MediaResult MediaChangeMonitor::CreateDecoderAndInit(MediaRawData* aSample) {
mFlushPromise.Reject(aError, __func__);
return;
}
mDecodePromise.RejectIfExists(
mDecodePromise.Reject(
MediaResult(NS_ERROR_DOM_MEDIA_FATAL_ERR,
RESULT_DETAIL("Unable to create decoder")),
__func__);
@ -1259,12 +1259,12 @@ void MediaChangeMonitor::DecodeFirstSample(MediaRawData* aSample) {
[self, this](MediaDataDecoder::DecodedData&& aResults) {
mDecodePromiseRequest.Complete();
mPendingFrames.AppendElements(std::move(aResults));
mDecodePromise.ResolveIfExists(std::move(mPendingFrames), __func__);
mDecodePromise.Resolve(std::move(mPendingFrames), __func__);
mPendingFrames = DecodedData();
},
[self, this](const MediaResult& aError) {
mDecodePromiseRequest.Complete();
mDecodePromise.RejectIfExists(aError, __func__);
mDecodePromise.Reject(aError, __func__);
})
->Track(mDecodePromiseRequest);
}
@ -1323,7 +1323,7 @@ void MediaChangeMonitor::DrainThenFlushDecoder(MediaRawData* aPendingSample) {
mFlushPromise.Reject(aError, __func__);
return;
}
mDecodePromise.RejectIfExists(aError, __func__);
mDecodePromise.Reject(aError, __func__);
})
->Track(mDrainRequest);
}
@ -1367,7 +1367,7 @@ void MediaChangeMonitor::FlushThenShutdownDecoder(
return;
}
MOZ_ASSERT(NS_FAILED(rv));
mDecodePromise.RejectIfExists(rv, __func__);
mDecodePromise.Reject(rv, __func__);
return;
},
[] { MOZ_CRASH("Can't reach here'"); })
@ -1380,7 +1380,7 @@ void MediaChangeMonitor::FlushThenShutdownDecoder(
mFlushPromise.Reject(aError, __func__);
return;
}
mDecodePromise.RejectIfExists(aError, __func__);
mDecodePromise.Reject(aError, __func__);
})
->Track(mFlushRequest);
}

100
icecat/dom/media/test/crashtests/2014824.html
View file

File diff suppressed because one or more lines are too long

1
icecat/dom/media/test/crashtests/crashtests.list
View file

@ -187,4 +187,3 @@ load 1905234.html
load 1905231.webm
load 1917627.mp4
skip-if(Android) load audioworkletprocessor-recursion.html
load 2014824.html

14
icecat/dom/media/webaudio/MediaBufferDecoder.cpp
View file

@ -229,12 +229,7 @@ class AutoResampler final {
MOZ_ASSERT(mResampler);
return mResampler;
}
void operator=(SpeexResamplerState* aResampler) {
if (mResampler) {
speex_resampler_destroy(mResampler);
}
mResampler = aResampler;
}
void operator=(SpeexResamplerState* aResampler) { mResampler = aResampler; }
private:
SpeexResamplerState* mResampler;
@ -569,13 +564,6 @@ void MediaDecodeTask::FinishDecode() {
}
mDecodeJob.mBuffer.mBuffer = std::move(newBuffers);
channelCount = audioData->mChannels;
// Don't bother draining the previous resampler for unexpected edge case.
if (sampleRate != destSampleRate) {
resampler = speex_resampler_init(channelCount, sampleRate, destSampleRate,
SPEEX_RESAMPLER_QUALITY_DEFAULT, nullptr);
speex_resampler_skip_zeros(resampler);
}
}
const AudioDataValue* bufferData =

8
icecat/dom/media/webm/WebMDemuxer.cpp
View file

@ -900,12 +900,6 @@ nsresult WebMDemuxer::GetNextPacket(TrackInfo::TrackType aType,
for (uint8_t i = 0; i < numPartitions; i++) {
uint32_t partition = partitions[i];
if (partition > length || partition < lastOffset) {
WEBM_DEBUG(
"Invalid partition offset: %u (length: %zu, lastOffset: %u)",
partition, length, lastOffset);
return NS_ERROR_DOM_MEDIA_DEMUXER_ERR;
}
uint32_t currentLength = partition - lastOffset;
if (encrypted) {
@ -916,6 +910,8 @@ nsresult WebMDemuxer::GetNextPacket(TrackInfo::TrackType aType,
encrypted = !encrypted;
lastOffset = partition;
MOZ_ASSERT(lastOffset <= length);
}
// Add the data between the last offset and the end of the data.

19
icecat/dom/media/webrtc/libwebrtcglue/VideoConduit.cpp
View file

@ -780,17 +780,6 @@ void WebrtcVideoConduit::OnControlConfigChange() {
.valueOr(-1);
})());
// Set each layer's max-bitrate explicitly or libwebrtc may ignore all
// stream-specific max-bitrate settings later on, as provided by the
// VideoStreamFactory. Default to our max of 10Mbps, overriden by
// SDP/JS.
int maxBps = KBPS(10000);
maxBps = MinIgnoreZero(maxBps, mPrefMaxBitrate);
maxBps = MinIgnoreZero(maxBps, mNegotiatedMaxBitrate);
maxBps = MinIgnoreZero(maxBps,
static_cast<int>(encodingConstraints.maxBr));
video_stream.max_bitrate_bps = maxBps;
// At this time, other values are not used until after
// CreateEncoderStreams(). We fill these in directly from the codec
// config in VideoStreamFactory.
@ -951,14 +940,6 @@ void WebrtcVideoConduit::OnControlConfigChange() {
mEncoderConfig.number_of_streams,
"Each video substream must have a corresponding ssrc.");
mEncoderConfig.video_stream_factory = CreateVideoStreamFactory();
for (const auto& stream : mEncoderConfig.simulcast_layers) {
CSFLogDebug(
LOGTAG,
"%s Reconfigure with simulcast stream maxFps=%d, "
"bitrate=[%dkbps, %dkbps, %dkbps]",
__FUNCTION__, stream.max_framerate, stream.min_bitrate_bps / 1000,
stream.target_bitrate_bps / 1000, stream.max_bitrate_bps / 1000);
}
mSendStream->ReconfigureVideoEncoder(mEncoderConfig.Copy());
}
if (sendSourceUpdateNeeded && mTrackSource) {

13
icecat/dom/media/webrtc/libwebrtcglue/VideoStreamFactory.cpp
View file

@ -223,20 +223,15 @@ std::vector<webrtc::VideoStream> VideoStreamFactory::CreateEncoderStreams(
__FUNCTION__, encoding.rid.c_str());
}
CSFLogInfo(LOGTAG, "%s Stream with RID %s maxFps=%d (global max fps = %u)",
__FUNCTION__, encoding.rid.c_str(), video_stream.max_framerate,
(unsigned)mMaxFramerateForAllStreams);
SelectBitrates({video_stream.width, video_stream.height}, mMinBitrate,
mStartBitrate,
SaturatingCast<int>(encoding.constraints.maxBr),
mPrefMaxBitrate, mNegotiatedMaxBitrate, video_stream);
CSFLogInfo(LOGTAG,
"%s Stream with RID %s maxFps=%d (global max fps = %u), "
"bitrate=[%dkbps, %dkbps, %dkbps]",
__FUNCTION__, encoding.rid.c_str(), video_stream.max_framerate,
(unsigned)mMaxFramerateForAllStreams,
video_stream.min_bitrate_bps / 1000,
video_stream.target_bitrate_bps / 1000,
video_stream.max_bitrate_bps / 1000);
video_stream.bitrate_priority = aConfig.bitrate_priority;
video_stream.max_qp = kQpMax;

11
icecat/dom/media/webrtc/libwebrtcglue/WebrtcGmpVideoCodec.cpp
View file

@ -491,8 +491,6 @@ int32_t WebrtcGmpVideoEncoder::SetRates_g(uint32_t aOldBitRateKbps,
return WEBRTC_VIDEO_CODEC_ERROR;
}
GMP_LOG_DEBUG("GMP Encoder %p setting rate %ukbps", this, aNewBitRateKbps);
mNeedKeyframe |= (aOldBitRateKbps == 0 && aNewBitRateKbps != 0);
GMPErr err = mGMP->SetRates(
@ -855,15 +853,6 @@ int32_t WebrtcGmpVideoDecoder::Decode(const webrtc::EncodedImage& aInputImage,
}
void WebrtcGmpVideoDecoder::Decode_g(UniquePtr<GMPDecodeData>&& aDecodeData) {
CheckedInt<uint32_t> dataSize(aDecodeData->mImage.size());
dataSize -= 4;
if (!dataSize.isValid()) {
GMP_LOG_ERROR("%s: bad input size (%zu)!", __PRETTY_FUNCTION__,
aDecodeData->mImage.size());
mDecoderStatus = GMPInvalidArgErr;
return;
}
if (!mGMP) {
if (mInitting) {
// InitDone hasn't been called yet (race)

72
icecat/dom/media/webrtc/transport/ipc/WebrtcTCPSocket.cpp
View file

@ -685,52 +685,44 @@ WebrtcTCPSocket::OnInputStreamReady(nsIAsyncInputStream* in) {
MOZ_ASSERT(mTransport, "webrtc TCP socket not connected");
MOZ_ASSERT(mSocketIn == in, "wrong input stream");
while (true) {
char buffer[9216];
uint32_t remainingCapacity = sizeof(buffer);
uint32_t read = 0;
char buffer[9216];
uint32_t remainingCapacity = sizeof(buffer);
uint32_t read = 0;
while (remainingCapacity > 0) {
uint32_t count = 0;
nsresult rv = mSocketIn->Read(buffer + read, remainingCapacity, &count);
if (rv == NS_BASE_STREAM_WOULD_BLOCK) {
break;
}
if (NS_FAILED(rv)) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p failed %u\n", this,
static_cast<uint32_t>(rv)));
CloseWithReason(rv);
return rv;
}
// base stream closed
if (count == 0) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p connection closed\n",
this));
CloseWithReason(NS_ERROR_FAILURE);
return NS_OK;
}
remainingCapacity -= count;
read += count;
}
if (read > 0) {
nsTArray<uint8_t> array(read);
array.AppendElements(buffer, read);
InvokeOnRead(std::move(array));
}
if (remainingCapacity != 0) {
// Loop exited above, but not because we ran out of space. We're actually
// done, break out of the while(true) loop.
while (remainingCapacity > 0) {
uint32_t count = 0;
nsresult rv = mSocketIn->Read(buffer + read, remainingCapacity, &count);
if (rv == NS_BASE_STREAM_WOULD_BLOCK) {
break;
}
if (NS_FAILED(rv)) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p failed %u\n", this,
static_cast<uint32_t>(rv)));
CloseWithReason(rv);
return rv;
}
// base stream closed
if (count == 0) {
LOG(("WebrtcTCPSocket::OnInputStreamReady %p connection closed\n", this));
CloseWithReason(NS_ERROR_FAILURE);
return NS_OK;
}
remainingCapacity -= count;
read += count;
}
if (read > 0) {
nsTArray<uint8_t> array(read);
array.AppendElements(buffer, read);
InvokeOnRead(std::move(array));
}
mSocketIn->AsyncWait(this, 0, 0, nullptr);
return NS_OK;
}

27
icecat/dom/svg/SVGContentUtils.cpp
View file

@ -436,8 +436,9 @@ static gfx::Matrix GetCTMInternal(SVGElement* aElement, CTMType aCTMType,
auto postTranslateFrameOffset = [](nsIFrame* aFrame, nsIFrame* aAncestorFrame,
gfx::Matrix& aMatrix) {
auto point = aFrame->GetOffsetTo(aAncestorFrame);
aMatrix.PostTranslate(nsPresContext::AppUnitsToFloatCSSPixels(point.x),
nsPresContext::AppUnitsToFloatCSSPixels(point.y));
aMatrix =
aMatrix.PostTranslate(nsPresContext::AppUnitsToFloatCSSPixels(point.x),
nsPresContext::AppUnitsToFloatCSSPixels(point.y));
};
gfxMatrix matrix = getLocalTransformHelper(aElement, aHaveRecursed);
@ -498,7 +499,8 @@ static gfx::Matrix GetCTMInternal(SVGElement* aElement, CTMType aCTMType,
if (frame->IsSVGOuterSVGFrame()) {
nsMargin bp = frame->GetUsedBorderAndPadding();
int32_t appUnitsPerCSSPixel = AppUnitsPerCSSPixel();
nscoord xOffset, yOffset;
float xOffset = NSAppUnitsToFloatPixels(bp.left, appUnitsPerCSSPixel);
float yOffset = NSAppUnitsToFloatPixels(bp.top, appUnitsPerCSSPixel);
// See
// https://drafts.csswg.org/css-transforms/#valdef-transform-box-fill-box
// For elements with associated CSS layout box, the used value for fill-box
@ -506,24 +508,17 @@ static gfx::Matrix GetCTMInternal(SVGElement* aElement, CTMType aCTMType,
switch (frame->StyleDisplay()->mTransformBox) {
case StyleTransformBox::FillBox:
case StyleTransformBox::ContentBox:
xOffset = bp.left;
yOffset = bp.top;
// Apply border/padding separate from the rest of the transform.
// i.e. after it's been transformed
tm.PostTranslate(xOffset, yOffset);
break;
case StyleTransformBox::StrokeBox:
case StyleTransformBox::ViewBox:
case StyleTransformBox::BorderBox: {
// Extract the rotation component of the matrix.
float angle = std::atan2(tm._12, tm._11);
float cosAngle = std::cos(angle);
float sinAngle = std::sin(angle);
// Apply that rotation to bp.left and bp.top.
xOffset = bp.left * cosAngle - bp.top * sinAngle;
yOffset = bp.top * cosAngle + bp.left * sinAngle;
case StyleTransformBox::BorderBox:
// Apply border/padding before we transform the surface.
tm.PreTranslate(xOffset, yOffset);
break;
}
}
tm.PostTranslate(NSAppUnitsToFloatPixels(xOffset, appUnitsPerCSSPixel),
NSAppUnitsToFloatPixels(yOffset, appUnitsPerCSSPixel));
}
if (!ancestor || !ancestor->IsElement()) {

26
icecat/dom/webauthn/MacOSWebAuthnService.mm
View file

@ -823,20 +823,6 @@ MacOSWebAuthnService::MakeCredential(uint64_t aTransactionId,
*userVerificationPreference;
}
if (__builtin_available(macos 13.5, *)) {
// Show the hybrid transport unless we have a non-empty hint list and
// none of the hints are for the hybrid transport.
bool hasHybridHint = false;
nsTArray<nsString> hints;
(void)aArgs->GetHints(hints);
for (nsString& hint : hints) {
if (hint.Equals(u"hybrid"_ns)) {
hasHybridHint = true;
}
}
platformRegistrationRequest.shouldShowHybridTransport =
hints.Length() == 0 || hasHybridHint;
}
if (__builtin_available(macos 14.0, *)) {
bool largeBlobSupportRequired;
nsresult rv =
@ -1187,19 +1173,11 @@ void MacOSWebAuthnService::DoGetAssertion(
*userVerificationPreference;
}
if (__builtin_available(macos 13.5, *)) {
// Show the hybrid transport option if (1) none of the allowlist
// credentials list transports, or (2) at least one allow list entry
// lists the hybrid transport, or (3) the request has the hybrid hint.
// Show the hybrid transport option if (1) we have no transport hints
// or (2) at least one allow list entry lists the hybrid transport.
bool shouldShowHybridTransport =
!transports ||
(transports & MOZ_WEBAUTHN_AUTHENTICATOR_TRANSPORT_ID_HYBRID);
nsTArray<nsString> hints;
(void)aArgs->GetHints(hints);
for (nsString& hint : hints) {
if (hint.Equals(u"hybrid"_ns)) {
shouldShowHybridTransport = true;
}
}
platformAssertionRequest.shouldShowHybridTransport =
shouldShowHybridTransport;
}

2
icecat/dom/webauthn/PWebAuthnTransaction.ipdl
View file

@ -143,7 +143,6 @@ struct WebAuthnMakeCredentialInfo {
WebAuthnExtension[] Extensions;
WebAuthnAuthenticatorSelection AuthenticatorSelection;
nsString attestationConveyancePreference;
nsString[] Hints;
};
struct WebAuthnMakeCredentialResult {
@ -169,7 +168,6 @@ struct WebAuthnGetAssertionInfo {
WebAuthnExtension[] Extensions;
nsString userVerificationRequirement;
bool ConditionallyMediated;
nsString[] Hints;
};
struct WebAuthnGetAssertionResult {

4
icecat/dom/webauthn/PublicKeyCredential.cpp
View file

@ -659,8 +659,6 @@ void PublicKeyCredential::ParseCreationOptionsFromJSON(
aResult.mAuthenticatorSelection = aOptions.mAuthenticatorSelection.Value();
}
aResult.mHints = aOptions.mHints;
aResult.mAttestation = aOptions.mAttestation;
if (aOptions.mExtensions.WasPassed()) {
@ -754,8 +752,6 @@ void PublicKeyCredential::ParseRequestOptionsFromJSON(
aResult.mUserVerification = aOptions.mUserVerification;
aResult.mHints = aOptions.mHints;
if (aOptions.mExtensions.WasPassed()) {
if (aOptions.mExtensions.Value().mAppid.WasPassed()) {
aResult.mExtensions.mAppid.Construct(

12
icecat/dom/webauthn/WebAuthnArgs.cpp
View file

@ -245,12 +245,6 @@ WebAuthnRegisterArgs::GetLargeBlobSupportRequired(
return NS_ERROR_NOT_AVAILABLE;
}
NS_IMETHODIMP
WebAuthnRegisterArgs::GetHints(nsTArray<nsString>& aHints) {
aHints.Assign(mInfo.Hints());
return NS_OK;
}
NS_IMPL_ISUPPORTS(WebAuthnSignArgs, nsIWebAuthnSignArgs)
NS_IMETHODIMP
@ -490,10 +484,4 @@ WebAuthnSignArgs::GetLargeBlobWrite(nsTArray<uint8_t>& aLargeBlobWrite) {
return NS_ERROR_NOT_AVAILABLE;
}
NS_IMETHODIMP
WebAuthnSignArgs::GetHints(nsTArray<nsString>& aHints) {
aHints.Assign(mInfo.Hints());
return NS_OK;
}
} // namespace mozilla::dom

4
icecat/dom/webauthn/WebAuthnHandler.cpp
View file

@ -392,7 +392,7 @@ already_AddRefed<Promise> WebAuthnHandler::MakeCredential(
WebAuthnMakeCredentialInfo info(rpId, challenge, adjustedTimeout, excludeList,
rpInfo, userInfo, coseAlgos, extensions,
authSelection, attestation, aOptions.mHints);
authSelection, attestation);
// Set up the transaction state. Fallible operations should not be performed
// below this line, as we must not leave the transaction state partially
@ -666,7 +666,7 @@ already_AddRefed<Promise> WebAuthnHandler::GetAssertion(
WebAuthnGetAssertionInfo info(
rpId, maybeAppId, challenge, adjustedTimeout, allowList, extensions,
aOptions.mUserVerification, aConditionallyMediated, aOptions.mHints);
aOptions.mUserVerification, aConditionallyMediated);
// Set up the transaction state. Fallible operations should not be performed
// below this line, as we must not leave the transaction state partially

52
icecat/dom/webauthn/WinWebAuthnService.cpp
View file

@ -30,10 +30,6 @@ StaticRWLock gWinWebAuthnModuleLock;
static bool gWinWebAuthnModuleUnusable = false;
static HMODULE gWinWebAuthnModule = 0;
static const LPCWSTR gWebAuthnHintStrings[3] = {
WEBAUTHN_CREDENTIAL_HINT_SECURITY_KEY,
WEBAUTHN_CREDENTIAL_HINT_CLIENT_DEVICE, WEBAUTHN_CREDENTIAL_HINT_HYBRID};
static decltype(WebAuthNIsUserVerifyingPlatformAuthenticatorAvailable)*
gWinWebauthnIsUVPAA = nullptr;
static decltype(WebAuthNAuthenticatorMakeCredential)*
@ -54,6 +50,7 @@ static decltype(WebAuthNGetPlatformCredentialList)*
gWinWebauthnGetPlatformCredentialList = nullptr;
static decltype(WebAuthNFreePlatformCredentialList)*
gWinWebauthnFreePlatformCredentialList = nullptr;
} // namespace
/***********************************************************************
@ -179,18 +176,6 @@ WinWebAuthnService::~WinWebAuthnService() {
gWinWebAuthnModule = 0;
}
// static
void PrunePublicKeyCredentialHints(const nsTArray<nsString>& aInHints,
/* out */ nsTArray<LPCWSTR>& aOutHints) {
for (const nsString& inputHint : aInHints) {
for (const LPCWSTR knownHint : gWebAuthnHintStrings) {
if (inputHint.Equals(knownHint)) {
aOutHints.AppendElement(knownHint);
}
}
}
}
// static
bool WinWebAuthnService::AreWebAuthNApisAvailable() {
nsresult rv = EnsureWinWebAuthnModuleLoaded();
@ -609,16 +594,10 @@ WinWebAuthnService::MakeCredential(uint64_t aTransactionId,
winPrivateBrowsing = TRUE;
}
nsTArray<nsString> inputHints;
(void)aArgs->GetHints(inputHints);
nsTArray<LPCWSTR> hints;
PrunePublicKeyCredentialHints(inputHints, hints);
// MakeCredentialOptions
WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS
WebAuthNCredentialOptions = {
WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_8,
WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7,
timeout,
{0, NULL},
{0, NULL},
@ -630,16 +609,13 @@ WinWebAuthnService::MakeCredential(uint64_t aTransactionId,
&cancellationId, // CancellationId
pExcludeCredentialList,
WEBAUTHN_ENTERPRISE_ATTESTATION_NONE,
largeBlobSupport, // LargeBlobSupport
winPreferResidentKey, // PreferResidentKey
winPrivateBrowsing, // BrowserInPrivateMode
winEnablePrf, // EnablePrf
NULL, // LinkedDevice
0, // size of JsonExt
NULL, // JsonExt
NULL, // PRFGlobalEval
(DWORD)hints.Length(), // Size of CredentialHints
hints.Elements(), // CredentialHints
largeBlobSupport, // LargeBlobSupport
winPreferResidentKey, // PreferResidentKey
winPrivateBrowsing, // BrowserInPrivateMode
winEnablePrf, // EnablePrf
NULL, // LinkedDevice
0, // size of JsonExt
NULL, // JsonExt
};
if (rgExtension.Length() != 0) {
@ -992,12 +968,6 @@ void WinWebAuthnService::DoGetAssertion(
pAllowCredentialList = &allowCredentialList;
}
nsTArray<nsString> inputHints;
(void)aArgs->GetHints(inputHints);
nsTArray<LPCWSTR> hints;
PrunePublicKeyCredentialHints(inputHints, hints);
uint32_t timeout_u32;
Unused << aArgs->GetTimeoutMS(&timeout_u32);
DWORD timeout = timeout_u32;
@ -1011,7 +981,7 @@ void WinWebAuthnService::DoGetAssertion(
WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS WebAuthNAssertionOptions =
{
WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_8,
WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7,
timeout,
{0, NULL},
{0, NULL},
@ -1031,8 +1001,6 @@ void WinWebAuthnService::DoGetAssertion(
FALSE, // AutoFill
0, // Size of JsonExt
NULL, // JsonExt
(DWORD)hints.Length(), // Size of CredentialHints
hints.Elements(), // CredentialHints
};
PWEBAUTHN_ASSERTION pWebAuthNAssertion = nullptr;

4
icecat/dom/webauthn/nsIWebAuthnArgs.idl
View file

@ -65,8 +65,6 @@ interface nsIWebAuthnRegisterArgs : nsISupports {
// consent popup.
[must_use] readonly attribute AString attestationConveyancePreference;
readonly attribute Array<AString> hints;
readonly attribute boolean privateBrowsing;
};
@ -113,8 +111,6 @@ interface nsIWebAuthnSignArgs : nsISupports {
// cancel transactions.
readonly attribute unsigned long timeoutMS;
readonly attribute Array<AString> hints;
readonly attribute boolean conditionallyMediated;
readonly attribute boolean privateBrowsing;

19
icecat/dom/webauthn/tests/test_webauthn_get_assertion.html
View file

@ -47,7 +47,6 @@
add_task(test_empty_credential_list);
add_task(test_credential_protection_policy_uv_optional_with_list);
add_task(test_credential_protection_policy_uv_required);
add_task(test_unsupported_mediation_requirements);
function requestGetAssertion(params) {
return navigator.credentials.get(params);
@ -81,11 +80,6 @@
is(aResult.code, DOMException.ABORT_ERR, "Expecting an AbortError");
}
function expectNotSupportedError(aResult) {
ok(aResult.toString().startsWith("NotSupportedError"), "Expecting a NotSupportedError");
return Promise.resolve();
}
// Set up a valid credential
async function test_setup_valid_credential() {
let publicKey = {
@ -299,19 +293,6 @@
setUserVerified(authenticatorId, true)
}
async function test_unsupported_mediation_requirements() {
let publicKey = {
challenge: gAssertionChallenge,
allowCredentials: [validCred]
};
for (const mediation of ["silent"]) {
await requestGetAssertion({publicKey, mediation})
.then(arrivingHereIsBad)
.catch(expectNotSupportedError);
}
}
</script>
</body>

12
icecat/dom/webauthn/tests/test_webauthn_make_credential.html
View file

@ -78,7 +78,6 @@
add_task(test_no_unexpected_extensions);
add_task(test_cred_props_with_rk_required);
add_task(test_cred_props_with_rk_discouraged);
add_task(test_unsupported_mediation_requirements);
function arrivingHereIsGood(aResult) {
ok(true, "Good result! Received a: " + aResult);
@ -454,17 +453,6 @@
is(extensionResults.credProps?.rk, false, "rk is false");
}
async function test_unsupported_mediation_requirements() {
let makeCredentialOptions = {
rp, user, challenge: gCredentialChallenge, pubKeyCredParams: [param]
};
for (const mediation of ["conditional", "silent"]) {
await credm.create({publicKey: makeCredentialOptions, mediation})
.then(arrivingHereIsBad)
.catch(expectNotSupportedError);
}
}
</script>
</body>

24
icecat/dom/webauthn/tests/test_webauthn_serialization.html
View file

@ -36,18 +36,6 @@
is(arr.length, 0, `${description} (array should be empty)`);
}
function stringArrayEquals(actual, expected, description) {
is(actual.length, expected.length, `${description} (actual and expected should have the same length)`);
for (let i = 0; i < actual.length; i++) {
if (actual[i] instanceof String) {
throw new Error(`actual[${i}] is not a string` + typeof actual[i]);
}
if (actual[i] !== expected[i]) {
throw new Error(`actual and expected differ in position ${i}: ${actual[i]} vs ${expected[i]}`);
}
}
}
function shouldThrow(func, expectedError, description) {
let threw = false;
try {
@ -67,7 +55,7 @@
pubKeyCredParams: [],
};
let creationOptions = PublicKeyCredential.parseCreationOptionsFromJSON(creationOptionsJSON);
is(Object.getOwnPropertyNames(creationOptions).length, 9, "creation options should have 9 properties");
is(Object.getOwnPropertyNames(creationOptions).length, 8, "creation options should have 8 properties");
is(creationOptions.rp.id, undefined, "rp.id should be undefined");
is(creationOptions.rp.name, "Example", "rp.name should be Example");
arrayBufferEqualsArray(creationOptions.user.id, [ 250, 93, 234, 52, 180, 202, 38, 120 ], "user.id should be as expected");
@ -82,7 +70,6 @@
is(creationOptions.authenticatorSelection.requireResidentKey, false, "creationOptions.authenticatorSelection.requireResidentKey should be false");
is(creationOptions.authenticatorSelection.userVerification, "preferred", "creationOptions.authenticatorSelection.userVerification should be preferred");
is(creationOptions.attestation, "none", "attestation should be none");
stringArrayEquals(creationOptions.hints, [], "hints should be an empty array");
is(Object.getOwnPropertyNames(creationOptions.extensions).length, 0, "extensions should be an empty object");
});
@ -118,7 +105,7 @@
},
};
let creationOptions = PublicKeyCredential.parseCreationOptionsFromJSON(creationOptionsJSON);
is(Object.getOwnPropertyNames(creationOptions).length, 10, "creation options should have 10 properties");
is(Object.getOwnPropertyNames(creationOptions).length, 9, "creation options should have 9 properties");
is(creationOptions.rp.name, "Example", "rp.name should be Example");
is(creationOptions.rp.id, "example.com", "rp.id should be example.com");
arrayBufferEqualsArray(creationOptions.user.id, [ 215, 212, 213, 166, 160, 65, 56, 3 ], "user.id should be as expected");
@ -138,7 +125,6 @@
is(creationOptions.authenticatorSelection.residentKey, "required", "creationOptions.authenticatorSelection.residentKey should be required");
is(creationOptions.authenticatorSelection.requireResidentKey, true, "creationOptions.authenticatorSelection.requireResidentKey should be true");
is(creationOptions.authenticatorSelection.userVerification, "discouraged", "creationOptions.authenticatorSelection.userVerification should be discouraged");
stringArrayEquals(creationOptions.hints, creationOptionsJSON.hints, "creationOptions.hints should be as expected");
is(creationOptions.attestation, "indirect", "attestation should be indirect");
is(creationOptions.extensions.appid, "https://www.example.com/appID", "extensions.appid should be https://www.example.com/appID");
is(creationOptions.extensions.credProps, true, "extensions.credProps should be true");
@ -200,13 +186,12 @@
challenge: "3yW2WHD_jbU",
};
let requestOptions = PublicKeyCredential.parseRequestOptionsFromJSON(requestOptionsJSON);
is(Object.getOwnPropertyNames(requestOptions).length, 5, "request options should have 5 properties");
is(Object.getOwnPropertyNames(requestOptions).length, 4, "request options should have 4 properties");
arrayBufferEqualsArray(requestOptions.challenge, [ 223, 37, 182, 88, 112, 255, 141, 181 ], "challenge should be as expected");
is(requestOptions.timeout, undefined, "timeout should be undefined");
is(requestOptions.rpId, undefined, "rpId should be undefined");
isEmptyArray(requestOptions.allowCredentials, "allowCredentials should be an empty array");
is(requestOptions.userVerification, "preferred", "userVerification should be preferred");
stringArrayEquals(requestOptions.hints, [], "hints should be an empty array");
is(Object.getOwnPropertyNames(requestOptions.extensions).length, 0, "extensions should be an empty object");
});
@ -237,7 +222,7 @@
},
};
let requestOptions = PublicKeyCredential.parseRequestOptionsFromJSON(requestOptionsJSON);
is(Object.getOwnPropertyNames(requestOptions).length, 7, "request options should have 7 properties");
is(Object.getOwnPropertyNames(requestOptions).length, 6, "request options should have 6 properties");
arrayBufferEqualsArray(requestOptions.challenge, [ 64, 7, 218, 103, 1, 16, 10, 68 ], "challenge should be as expected");
is(requestOptions.timeout, 25000, "timeout should be 25000");
is(requestOptions.rpId, "example.com", "rpId should be example.com");
@ -247,7 +232,6 @@
is(requestOptions.allowCredentials[0].transports.length, 1, "allowCredentials[0].transports should have one element");
is(requestOptions.allowCredentials[0].transports[0], "smart-card", "allowCredentials[0].transports[0] should be usb");
is(requestOptions.userVerification, "discouraged", "userVerification should be discouraged");
stringArrayEquals(requestOptions.hints, requestOptionsJSON.hints, "requestOptions.hints should be as expected");
is(requestOptions.extensions.appid, "https://www.example.com/anotherAppID", "extensions.appid should be https://www.example.com/anotherAppID");
arrayBufferEqualsArray(requestOptions.extensions.prf.eval.first, [102, 105, 114, 115, 116], "extensions.prf.eval.first should be 'first'");
arrayBufferEqualsArray(requestOptions.extensions.prf.eval.second, [115, 101, 99, 111, 110, 100], "extensions.prf.eval.second should be 'second'");

330
icecat/dom/webauthn/winwebauthn/.gitignore vendored Normal file
View file

@ -0,0 +1,330 @@
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
# User-specific files
*.suo
*.user
*.userosscache
*.sln.docstates
# User-specific files (MonoDevelop/Xamarin Studio)
*.userprefs
# Build results
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
# Visual Studio 2015/2017 cache/options directory
.vs/
# Uncomment if you have tasks that create the project's static files in wwwroot
#wwwroot/
# Visual Studio 2017 auto generated files
Generated\ Files/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
# NUNIT
*.VisualState.xml
TestResult.xml
# Build Results of an ATL Project
[Dd]ebugPS/
[Rr]eleasePS/
dlldata.c
# Benchmark Results
BenchmarkDotNet.Artifacts/
# .NET Core
project.lock.json
project.fragment.lock.json
artifacts/
**/Properties/launchSettings.json
# StyleCop
StyleCopReport.xml
# Files built by Visual Studio
*_i.c
*_p.c
*_i.h
*.ilk
*.meta
*.obj
*.iobj
*.pch
*.pdb
*.ipdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.svclog
*.scc
# Chutzpah Test files
_Chutzpah*
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opendb
*.opensdf
*.sdf
*.cachefile
*.VC.db
*.VC.VC.opendb
# Visual Studio profiler
*.psess
*.vsp
*.vspx
*.sap
# Visual Studio Trace Files
*.e2e
# TFS 2012 Local Workspace
$tf/
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
*.DotSettings.user
# JustCode is a .NET coding add-in
.JustCode
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# AxoCover is a Code Coverage Tool
.axoCover/*
!.axoCover/settings.json
# Visual Studio code coverage results
*.coverage
*.coveragexml
# NCrunch
_NCrunch_*
.*crunch*.local.xml
nCrunchTemp_*
# MightyMoose
*.mm.*
AutoTest.Net/
# Web workbench (sass)
.sass-cache/
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# Note: Comment the next line if you want to checkin your web deploy settings,
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
# Microsoft Azure Web App publish settings. Comment the next line if you want to
# checkin your Azure Web App publish settings, but sensitive information contained
# in these scripts will be unencrypted
PublishScripts/
# NuGet Packages
*.nupkg
# The packages folder can be ignored because of Package Restore
**/[Pp]ackages/*
# except build/, which is used as an MSBuild target.
!**/[Pp]ackages/build/
# Uncomment if necessary however generally it will be regenerated when needed
#!**/[Pp]ackages/repositories.config
# NuGet v3's project.json files produces more ignorable files
*.nuget.props
*.nuget.targets
# Microsoft Azure Build Output
csx/
*.build.csdef
# Microsoft Azure Emulator
ecf/
rcf/
# Windows Store app package directories and files
AppPackages/
BundleArtifacts/
Package.StoreAssociation.xml
_pkginfo.txt
*.appx
# Visual Studio cache files
# files ending in .cache can be ignored
*.[Cc]ache
# but keep track of directories ending in .cache
!*.[Cc]ache/
# Others
ClientBin/
~$*
*~
*.dbmdl
*.dbproj.schemaview
*.jfm
*.pfx
*.publishsettings
orleans.codegen.cs
# Including strong name files can present a security risk
# (https://github.com/github/gitignore/pull/2483#issue-259490424)
#*.snk
# Since there are multiple workflows, uncomment next line to ignore bower_components
# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
#bower_components/
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file
# to a newer Visual Studio version. Backup files are not needed,
# because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
ServiceFabricBackup/
*.rptproj.bak
# SQL Server files
*.mdf
*.ldf
*.ndf
# Business Intelligence projects
*.rdl.data
*.bim.layout
*.bim_*.settings
*.rptproj.rsuser
# Microsoft Fakes
FakesAssemblies/
# GhostDoc plugin setting file
*.GhostDoc.xml
# Node.js Tools for Visual Studio
.ntvs_analysis.dat
node_modules/
# Visual Studio 6 build log
*.plg
# Visual Studio 6 workspace options file
*.opt
# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
*.vbw
# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
**/*.DesktopClient/ModelManifest.xml
**/*.Server/GeneratedArtifacts
**/*.Server/ModelManifest.xml
_Pvt_Extensions
# Paket dependency manager
.paket/paket.exe
paket-files/
# FAKE - F# Make
.fake/
# JetBrains Rider
.idea/
*.sln.iml
# CodeRush
.cr/
# Python Tools for Visual Studio (PTVS)
__pycache__/
*.pyc
# Cake - Uncomment if you are using it
# tools/**
# !tools/packages.config
# Tabs Studio
*.tss
# Telerik's JustMock configuration file
*.jmconfig
# BizTalk build output
*.btp.cs
*.btm.cs
*.odx.cs
*.xsd.cs
# OpenCover UI analysis results
OpenCover/
# Azure Stream Analytics local run output
ASALocalRun/
# MSBuild Binary and Structured Log
*.binlog
# NVidia Nsight GPU debugger configuration file
*.nvuser
# MFractors (Xamarin productivity tool) working folder
.mfractor/

14
icecat/dom/webauthn/winwebauthn/README.md
View file

@ -1,20 +1,16 @@
# Description
## WebAuthn Specification APIs
This project includes Win32 headers for communicating to Windows Hello and external secruity keys as part of WebAuthn and CTAP specification.
Win32 APIs for performing operations corresponding to WebAuthn (https://w3c.github.io/webauthn) specification are present in following files.
- webauthn.h
For more details about the standards, please follow these links:
* WebAuthn: https://w3c.github.io/webauthn/
* CTAP: https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html
## Plugin Passkey Authenticators Implementation APIs/Interfaces
APIs, interfaces and helper functions for passkey plugin authenticator implementators are present in following files
- pluginauthenticator.idl
- pluginauthenticator.h
- webauthnplugin.h
# Having Issues?
If you have any issues in adopting these APIs or need some clarification, please contact fido-dev@microsoft.com.
# Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a

26
icecat/dom/webauthn/winwebauthn/moz.yaml
View file

@ -1,26 +0,0 @@
schema: 1
bugzilla:
product: Core
component: "DOM: Web Authentication"
origin:
name: Microsoft WebAuthn
description: Win32 APIs for WebAuthn
url: https://github.com/microsoft/webauthn
release: 9108981ca80b3c6788fa598708dcf3cb10220ad7
revision: 9108981ca80b3c6788fa598708dcf3cb10220ad7
license: MIT
vendoring:
url: https://github.com/microsoft/webauthn
source-hosting: github
vendor-directory: dom/webauthn/winwebauthn
exclude:
- "**"
include:
- LICENSE
- README.md
- webauthn.h

252
icecat/dom/webauthn/winwebauthn/webauthn.h
View file

@ -95,7 +95,6 @@ extern "C" {
// - WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS : 5
// - WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS : 6
// - WEBAUTHN_ASSERTION : 3
// - WEBAUTHN_GET_CREDENTIALS_OPTIONS : 1
// - WEBAUTHN_CREDENTIAL_DETAILS : 1
// APIs:
// - WebAuthNGetPlatformCredentialList
@ -128,30 +127,7 @@ extern "C" {
// - WEBAUTHN_CREDENTIAL_ATTESTATION : 6
// - WEBAUTHN_ASSERTION : 5
#define WEBAUTHN_API_VERSION_8 8
// WEBAUTHN_API_VERSION_8 : Delta From WEBAUTHN_API_VERSION_7
// Data Structures and their sub versions:
// - WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS : 8
// - WEBAUTHN_CREDENTIAL_DETAILS : 3
// - WEBAUTHN_CREDENTIAL_ATTESTATION : 7
// - WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS : 8
//
#define WEBAUTHN_API_VERSION_9 9
// WEBAUTHN_API_VERSION_9 : Delta From WEBAUTHN_API_VERSION_8
// Data Structures and their sub versions:
// - WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS : 9
// - WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS : 9
// - WEBAUTHN_ASSERTION : 6
// - WEBAUTHN_CREDENTIAL_DETAILS : 4
// - WEBAUTHN_CREDENTIAL_ATTESTATION : 8
// - WEBAUTHN_AUTHENTICATOR_DETAILS : 1
// - WEBAUTHN_AUTHENTICATOR_DETAILS_LIST : Not Applicable
// APIs:
// - WebAuthNGetAuthenticatorList
// - WebAuthNFreeAuthenticatorList
#define WEBAUTHN_API_CURRENT_VERSION WEBAUTHN_API_VERSION_9
#define WEBAUTHN_API_CURRENT_VERSION WEBAUTHN_API_VERSION_7
//+------------------------------------------------------------------------------------------
// Information about an RP Entity
@ -171,7 +147,7 @@ typedef struct _WEBAUTHN_RP_ENTITY_INFORMATION {
// This field is required.
PCWSTR pwszName;
// Optional URL pointing to RP's logo.
// Optional URL pointing to RP's logo.
PCWSTR pwszIcon;
} WEBAUTHN_RP_ENTITY_INFORMATION, *PWEBAUTHN_RP_ENTITY_INFORMATION;
typedef const WEBAUTHN_RP_ENTITY_INFORMATION *PCWEBAUTHN_RP_ENTITY_INFORMATION;
@ -307,15 +283,7 @@ typedef const WEBAUTHN_CREDENTIALS *PCWEBAUTHN_CREDENTIALS;
#define WEBAUTHN_CTAP_TRANSPORT_TEST 0x00000008
#define WEBAUTHN_CTAP_TRANSPORT_INTERNAL 0x00000010
#define WEBAUTHN_CTAP_TRANSPORT_HYBRID 0x00000020
#define WEBAUTHN_CTAP_TRANSPORT_SMART_CARD 0x00000040
#define WEBAUTHN_CTAP_TRANSPORT_FLAGS_MASK 0x0000007F
#define WEBAUTHN_CTAP_TRANSPORT_USB_STRING "usb"
#define WEBAUTHN_CTAP_TRANSPORT_NFC_STRING "nfc"
#define WEBAUTHN_CTAP_TRANSPORT_BLE_STRING "ble"
#define WEBAUTHN_CTAP_TRANSPORT_SMART_CARD_STRING "smart-card"
#define WEBAUTHN_CTAP_TRANSPORT_HYBRID_STRING "hybrid"
#define WEBAUTHN_CTAP_TRANSPORT_INTERNAL_STRING "internal"
#define WEBAUTHN_CTAP_TRANSPORT_FLAGS_MASK 0x0000003F
#define WEBAUTHN_CREDENTIAL_EX_CURRENT_VERSION 1
@ -355,7 +323,6 @@ typedef const WEBAUTHN_CREDENTIAL_LIST *PCWEBAUTHN_CREDENTIAL_LIST;
#define CTAPCBOR_HYBRID_STORAGE_LINKED_DATA_VERSION_1 1
#define CTAPCBOR_HYBRID_STORAGE_LINKED_DATA_CURRENT_VERSION CTAPCBOR_HYBRID_STORAGE_LINKED_DATA_VERSION_1
// Deprecated
typedef struct _CTAPCBOR_HYBRID_STORAGE_LINKED_DATA
{
// Version
@ -389,65 +356,13 @@ typedef struct _CTAPCBOR_HYBRID_STORAGE_LINKED_DATA
} CTAPCBOR_HYBRID_STORAGE_LINKED_DATA, *PCTAPCBOR_HYBRID_STORAGE_LINKED_DATA;
typedef const CTAPCBOR_HYBRID_STORAGE_LINKED_DATA *PCCTAPCBOR_HYBRID_STORAGE_LINKED_DATA;
//+------------------------------------------------------------------------------------------
// Authenticator Information for WebAuthNGetAuthenticatorList API
//-------------------------------------------------------------------------------------------
#define WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS_VERSION_1 1
#define WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS_VERSION_1
typedef struct _WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS {
// Version of this structure, to allow for modifications in the future.
DWORD dwVersion;
} WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS, *PWEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS;
typedef const WEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS *PCWEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS;
#define WEBAUTHN_AUTHENTICATOR_DETAILS_VERSION_1 1
#define WEBAUTHN_AUTHENTICATOR_DETAILS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_DETAILS_VERSION_1
typedef struct _WEBAUTHN_AUTHENTICATOR_DETAILS {
// Version of this structure, to allow for modifications in the future.
DWORD dwVersion;
// Authenticator ID
DWORD cbAuthenticatorId;
_Field_size_bytes_(cbAuthenticatorId)
PBYTE pbAuthenticatorId;
// Authenticator Name
PCWSTR pwszAuthenticatorName;
// Authenticator logo (expected to be in SVG format)
DWORD cbAuthenticatorLogo;
_Field_size_bytes_(cbAuthenticatorLogo)
PBYTE pbAuthenticatorLogo;
// Is the authenticator currently locked? When locked, this authenticator's credentials
// might not be present or updated in WebAuthNGetPlatformCredentialList.
BOOL bLocked;
} WEBAUTHN_AUTHENTICATOR_DETAILS, *PWEBAUTHN_AUTHENTICATOR_DETAILS;
typedef const WEBAUTHN_AUTHENTICATOR_DETAILS *PCWEBAUTHN_AUTHENTICATOR_DETAILS;
typedef struct _WEBAUTHN_AUTHENTICATOR_DETAILS_LIST {
// Authenticator Details
DWORD cAuthenticatorDetails;
_Field_size_(cAuthenticatorDetails)
PWEBAUTHN_AUTHENTICATOR_DETAILS *ppAuthenticatorDetails;
} WEBAUTHN_AUTHENTICATOR_DETAILS_LIST, *PWEBAUTHN_AUTHENTICATOR_DETAILS_LIST;
typedef const WEBAUTHN_AUTHENTICATOR_DETAILS_LIST *PCWEBAUTHN_AUTHENTICATOR_DETAILS_LIST;
//+------------------------------------------------------------------------------------------
// Credential Information for WebAuthNGetPlatformCredentialList API
//-------------------------------------------------------------------------------------------
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_1 1
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_2 2
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_3 3
#define WEBAUTHN_CREDENTIAL_DETAILS_VERSION_4 4
#define WEBAUTHN_CREDENTIAL_DETAILS_CURRENT_VERSION WEBAUTHN_CREDENTIAL_DETAILS_VERSION_4
#define WEBAUTHN_CREDENTIAL_DETAILS_CURRENT_VERSION WEBAUTHN_CREDENTIAL_DETAILS_VERSION_2
typedef struct _WEBAUTHN_CREDENTIAL_DETAILS {
// Version of this structure, to allow for modifications in the future.
@ -473,27 +388,6 @@ typedef struct _WEBAUTHN_CREDENTIAL_DETAILS {
// Backed Up or not.
BOOL bBackedUp;
//
// The following fields have been added in WEBAUTHN_CREDENTIAL_DETAILS_VERSION_3
//
PCWSTR pwszAuthenticatorName;
// The logo is expected to be in the svg format
DWORD cbAuthenticatorLogo;
_Field_size_bytes_(cbAuthenticatorLogo)
PBYTE pbAuthenticatorLogo;
// ThirdPartyPayment Credential or not.
BOOL bThirdPartyPayment;
//
// The following fields have been added in WEBAUTHN_CREDENTIAL_DETAILS_VERSION_4
//
// Applicable Transports
DWORD dwTransports;
} WEBAUTHN_CREDENTIAL_DETAILS, *PWEBAUTHN_CREDENTIAL_DETAILS;
typedef const WEBAUTHN_CREDENTIAL_DETAILS *PCWEBAUTHN_CREDENTIAL_DETAILS;
@ -699,10 +593,6 @@ typedef const WEBAUTHN_EXTENSIONS *PCWEBAUTHN_EXTENSIONS;
#define WEBAUTHN_LARGE_BLOB_SUPPORT_REQUIRED 1
#define WEBAUTHN_LARGE_BLOB_SUPPORT_PREFERRED 2
#define WEBAUTHN_CREDENTIAL_HINT_SECURITY_KEY L"security-key"
#define WEBAUTHN_CREDENTIAL_HINT_CLIENT_DEVICE L"client-device"
#define WEBAUTHN_CREDENTIAL_HINT_HYBRID L"hybrid"
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_1 1
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_2 2
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_3 3
@ -710,9 +600,7 @@ typedef const WEBAUTHN_EXTENSIONS *PCWEBAUTHN_EXTENSIONS;
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_5 5
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_6 6
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7 7
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_8 8
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_9 9
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_9
#define WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7
typedef struct _WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS {
// Version of this structure, to allow for modifications in the future.
@ -792,7 +680,6 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS {
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_7
//
// Deprecated
// Optional. Linked Device Connection Info.
PCTAPCBOR_HYBRID_STORAGE_LINKED_DATA pLinkedDevice;
@ -800,41 +687,6 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS {
DWORD cbJsonExt;
_Field_size_bytes_(cbJsonExt)
PBYTE pbJsonExt;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_8
//
// PRF extension "eval" values which will be converted into HMAC-SECRET values according to WebAuthn Spec.
// Set WEBAUTHN_AUTHENTICATOR_HMAC_SECRET_VALUES_FLAG in dwFlags above, if caller wants to provide RAW Hmac-Secret SALT values directly.
// In that case, values provided MUST be of WEBAUTHN_CTAP_ONE_HMAC_SECRET_LENGTH size.
PWEBAUTHN_HMAC_SECRET_SALT pPRFGlobalEval;
// PublicKeyCredentialHints (https://w3c.github.io/webauthn/#enum-hints)
DWORD cCredentialHints;
_Field_size_(cCredentialHints)
LPCWSTR *ppwszCredentialHints;
// Enable ThirdPartyPayment
BOOL bThirdPartyPayment;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS_VERSION_9
//
// Web Origin. For Remote Web App scenario.
PCWSTR pwszRemoteWebOrigin;
// UTF-8 encoded JSON serialization of the PublicKeyCredentialCreationOptions.
DWORD cbPublicKeyCredentialCreationOptionsJSON;
_Field_size_bytes_(cbPublicKeyCredentialCreationOptionsJSON)
PBYTE pbPublicKeyCredentialCreationOptionsJSON;
// Authenticator ID got from WebAuthNGetAuthenticatorList API.
DWORD cbAuthenticatorId;
_Field_size_bytes_(cbAuthenticatorId)
PBYTE pbAuthenticatorId;
} WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS, *PWEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS;
typedef const WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS *PCWEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS;
@ -850,9 +702,7 @@ typedef const WEBAUTHN_AUTHENTICATOR_MAKE_CREDENTIAL_OPTIONS *PCWEBAUTHN_AUTHENT
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_5 5
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_6 6
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7 7
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_8 8
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_9 9
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_9
#define WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_CURRENT_VERSION WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7
/*
Information about flags.
@ -933,7 +783,6 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS {
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_7
//
// Deprecated
// Optional. Linked Device Connection Info.
PCTAPCBOR_HYBRID_STORAGE_LINKED_DATA pLinkedDevice;
@ -944,33 +793,6 @@ typedef struct _WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS {
DWORD cbJsonExt;
_Field_size_bytes_(cbJsonExt)
PBYTE pbJsonExt;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_8
//
// PublicKeyCredentialHints (https://w3c.github.io/webauthn/#enum-hints)
DWORD cCredentialHints;
_Field_size_(cCredentialHints)
LPCWSTR *ppwszCredentialHints;
//
// The following fields have been added in WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS_VERSION_9
//
// Web Origin. For Remote Web App scenario.
PCWSTR pwszRemoteWebOrigin;
// UTF-8 encoded JSON serialization of the PublicKeyCredentialRequestOptions.
DWORD cbPublicKeyCredentialRequestOptionsJSON;
_Field_size_bytes_(cbPublicKeyCredentialRequestOptionsJSON)
PBYTE pbPublicKeyCredentialRequestOptionsJSON;
// Authenticator ID got from WebAuthNGetAuthenticatorList API.
DWORD cbAuthenticatorId;
_Field_size_bytes_(cbAuthenticatorId)
PBYTE pbAuthenticatorId;
} WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS, *PWEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS;
typedef const WEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS *PCWEBAUTHN_AUTHENTICATOR_GET_ASSERTION_OPTIONS;
@ -1049,9 +871,7 @@ typedef const WEBAUTHN_COMMON_ATTESTATION *PCWEBAUTHN_COMMON_ATTESTATION;
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_4 4
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_5 5
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_6 6
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_7 7
#define WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_8 8
#define WEBAUTHN_CREDENTIAL_ATTESTATION_CURRENT_VERSION WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_8
#define WEBAUTHN_CREDENTIAL_ATTESTATION_CURRENT_VERSION WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_6
typedef struct _WEBAUTHN_CREDENTIAL_ATTESTATION {
// Version of this structure, to allow for modifications in the future.
@ -1127,34 +947,6 @@ typedef struct _WEBAUTHN_CREDENTIAL_ATTESTATION {
DWORD cbUnsignedExtensionOutputs;
_Field_size_bytes_(cbUnsignedExtensionOutputs)
PBYTE pbUnsignedExtensionOutputs;
//
// Following fields have been added in WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_7
//
PWEBAUTHN_HMAC_SECRET_SALT pHmacSecret;
// ThirdPartyPayment Credential or not.
BOOL bThirdPartyPayment;
//
// Following fields have been added in WEBAUTHN_CREDENTIAL_ATTESTATION_VERSION_8
//
// Multiple WEBAUTHN_CTAP_TRANSPORT_* bits will be set corresponding to
// the transports that are supported.
DWORD dwTransports;
// UTF-8 encoded JSON serialization of the client data.
DWORD cbClientDataJSON;
_Field_size_bytes_(cbClientDataJSON)
PBYTE pbClientDataJSON;
// UTF-8 encoded JSON serialization of the RegistrationResponse.
DWORD cbRegistrationResponseJSON;
_Field_size_bytes_(cbRegistrationResponseJSON)
PBYTE pbRegistrationResponseJSON;
} WEBAUTHN_CREDENTIAL_ATTESTATION, *PWEBAUTHN_CREDENTIAL_ATTESTATION;
typedef const WEBAUTHN_CREDENTIAL_ATTESTATION *PCWEBAUTHN_CREDENTIAL_ATTESTATION;
@ -1179,8 +971,7 @@ typedef const WEBAUTHN_CREDENTIAL_ATTESTATION *PCWEBAUTHN_CREDENTIAL_ATTESTATION
#define WEBAUTHN_ASSERTION_VERSION_3 3
#define WEBAUTHN_ASSERTION_VERSION_4 4
#define WEBAUTHN_ASSERTION_VERSION_5 5
#define WEBAUTHN_ASSERTION_VERSION_6 6
#define WEBAUTHN_ASSERTION_CURRENT_VERSION WEBAUTHN_ASSERTION_VERSION_6
#define WEBAUTHN_ASSERTION_CURRENT_VERSION WEBAUTHN_ASSERTION_VERSION_5
typedef struct _WEBAUTHN_ASSERTION {
// Version of this structure, to allow for modifications in the future.
@ -1241,21 +1032,6 @@ typedef struct _WEBAUTHN_ASSERTION {
DWORD cbUnsignedExtensionOutputs;
_Field_size_bytes_(cbUnsignedExtensionOutputs)
PBYTE pbUnsignedExtensionOutputs;
//
// Following fields have been added in WEBAUTHN_ASSERTION_VERSION_6
//
// UTF-8 encoded JSON serialization of the client data.
DWORD cbClientDataJSON;
_Field_size_bytes_(cbClientDataJSON)
PBYTE pbClientDataJSON;
// UTF-8 encoded JSON serialization of the AuthenticationResponse.
DWORD cbAuthenticationResponseJSON;
_Field_size_bytes_(cbAuthenticationResponseJSON)
PBYTE pbAuthenticationResponseJSON;
} WEBAUTHN_ASSERTION, *PWEBAUTHN_ASSERTION;
typedef const WEBAUTHN_ASSERTION *PCWEBAUTHN_ASSERTION;
@ -1333,18 +1109,6 @@ WebAuthNDeletePlatformCredential(
_In_reads_bytes_(cbCredentialId) const BYTE *pbCredentialId
);
// Returns NTE_NOT_FOUND when authenticator details are not found.
HRESULT
WINAPI
WebAuthNGetAuthenticatorList(
_In_opt_ PCWEBAUTHN_AUTHENTICATOR_DETAILS_OPTIONS pWebAuthNGetAuthenticatorListOptions,
_Outptr_result_maybenull_ PWEBAUTHN_AUTHENTICATOR_DETAILS_LIST* ppAuthenticatorDetailsList);
void
WINAPI
WebAuthNFreeAuthenticatorList(
_In_ PWEBAUTHN_AUTHENTICATOR_DETAILS_LIST pAuthenticatorDetailsList);
//
// Returns the following Error Names:
// L"Success" - S_OK

1
icecat/dom/webidl/CredentialManagement.webidl
View file

@ -50,7 +50,6 @@ enum CredentialMediationRequirement {
};
dictionary CredentialCreationOptions {
CredentialMediationRequirement mediation = "optional";
// This is taken from the partial definition in
// https://w3c.github.io/webauthn/#sctn-credentialcreationoptions-extension
[Pref="security.webauth.webauthn"]

2
icecat/dom/webidl/WebAuthentication.webidl
View file

@ -177,7 +177,6 @@ dictionary PublicKeyCredentialCreationOptions {
sequence<PublicKeyCredentialDescriptor> excludeCredentials = [];
// FIXME: bug 1493860: should this "= {}" be here?
AuthenticatorSelectionCriteria authenticatorSelection = {};
sequence<DOMString> hints = [];
DOMString attestation = "none";
// FIXME: bug 1493860: should this "= {}" be here?
AuthenticationExtensionsClientInputs extensions = {};
@ -209,7 +208,6 @@ dictionary PublicKeyCredentialRequestOptions {
USVString rpId;
sequence<PublicKeyCredentialDescriptor> allowCredentials = [];
DOMString userVerification = "preferred";
sequence<DOMString> hints = [];
// FIXME: bug 1493860: should this "= {}" be here?
AuthenticationExtensionsClientInputs extensions = {};
};

6
icecat/dom/webtransport/parent/WebTransportParent.h
View file

@ -103,11 +103,9 @@ class WebTransportParent : public PWebTransportParent,
OnResetOrStopSendingCallback mCallback;
nsCOMPtr<T> mStream;
};
nsTHashMap<NoMemMoveKey<nsUint64HashKey>,
StreamHash<nsIWebTransportBidirectionalStream>>
nsTHashMap<nsUint64HashKey, StreamHash<nsIWebTransportBidirectionalStream>>
mBidiStreamCallbackMap;
nsTHashMap<NoMemMoveKey<nsUint64HashKey>,
StreamHash<nsIWebTransportSendStream>>
nsTHashMap<nsUint64HashKey, StreamHash<nsIWebTransportSendStream>>
mUniStreamCallbackMap;
};

Some files were not shown because too many files have changed in this diff Show more