| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| |
|
|
|
|
|
| |
We no longer modify the file system inside the sandbox, so this
permission is simply not needed.
|
|
|
|
|
|
|
|
|
|
| |
* remove some properties we no longer use
* convert novalidate into a reflected attribute
* fix satClassList
* remove reference to root node in every Node
The last one is an obvious win when considering how often rootNode is
used vs the memory used by a pointless pointer on every single object.
|
|
|
|
| |
(Sadly some layout tests still fail.)
|
|
|
|
|
|
| |
* use rootProperties so the root fragment does not color its children
* assert if the root gets inline blocks; this can (hopefully) no longer
happen.
|
| |
|
|
|
|
| |
It consumes a value, so we must dup those that we pass.
|
|
|
|
| |
Some JS modules use this to check if they are running in a browser.
|
|
|
|
| |
why not
|
|
|
|
|
|
|
|
|
| |
Turns out std/base64's `decode' is broken: atob(" ") would panic. So we
no longer use that.
Basic testing indicates that the new version is closer to the standard-
mandated behavior than the old one was. OTOH I assume it's somewhat
slower, but that can be improved later if it proves to be a bottleneck.
|
| |
|
|
|
|
| |
Still far from perfect, but it's an improvement.
|
|
|
|
|
|
|
|
| |
sizes.space regulates content-box width, in which padding is not
included, so we must to subtract padding here.
(Neither is margin, but margin is applied by outer layout, in this case
flex itself, so it's not relevant here. Not to say it isn't broken...)
|
|
|
|
| |
needed for isEqualNode to work correctly
|
|
|
|
|
| |
The validator is used only if the decoder is nil, so it must be cleared
in switchCharset.
|
|
|
|
| |
TODO: isEqualNode is not quite correct yet, because we don't sort attrs.
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes setTimeout/setInterval causing crashes.
Note: timerfd_gettime is not actually used by Nim right now.
However, it seems like a good idea to add it to the set in case a
future Nim version needs it, as it does no harm.
We still do not allow signalfd, because it would let rogue buffers
override our SIGSYS handler. (Not sure if this really matters, but
we don't need it for now anyway.)
|
|
|
|
|
|
| |
If we are going to move out the child's offset, then we must also tell
the child where it starts so it can behave correctly when it encounters
exclusions.
|
|
|
|
|
|
|
|
|
|
|
| |
Turns out our shrink-to-fit emulation was inadequate: it assumed all
floats are positioned on a separate line, which is the *opposite* of
what we want, as that would be the behavior of min-content.
Now we instead sum together the width of all floats and the widest
non-floating child, and then clamp that to the target fitContent width.
This correctly gives us max-content width in the first pass, still
without having to actually position the floats.
|
|
|
|
|
|
|
|
|
| |
glibc apparently calls fstat from fread, and we didn't allow it in
seccomp. So:
* allow fstat in the sandbox; no reason not to, and it seems too big of
a footgun to assume we never call fread
* use read(2) in http; no need for buffered i/o here
|
| |
|
|
|
|
|
|
|
|
|
| |
* do not use std's parse*Int; they accept weird stuff that we do not
want to accept in any case
* fix bug in parseHost where a parseIpv4 failure would result in an
empty host
* do not use isDigit, isAlphaAscii
* improve parse*IntImpl error handling
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We use libseccomp, which is now a semi-mandatory dependency on Linux.
(You can still build without it, but only if you pass a scary long flag
to make.)
For this to work I had to disable getTimezoneOffset, which would
otherwise call localtime_r which in turn reads in some files from
/usr/share/zoneinfo. To allow this we would have to give unrestricted
openat(2) access to buffer processes, which is unacceptable.
(Giving websites access to the local timezone is a fingerprinting vector
so if this ever gets fixed then it should be an opt-in config setting.)
This patch also includes misc fixes to buffer cloning, and fixes the
LIBEXECDIR override in the makefile so that it is actually useful.
|
| |
|
| |
|
|
|
|
|
|
| |
* separate params with ; (semicolon) instead of , (colon)
* reduce screaming snake case use
* wrap long lines
|
|
|
|
|
|
|
|
|
| |
It is quite straightforward, because XTerm has a functionality to do
just this.
(In fact, it automatically restores the title when I use smcup/rmcup.
But when I don't, it will linger until I close the window or change the
title again.)
|
| |
|
|
|
|
| |
we also have to move the inner box offset to the parent
|
|
|
|
|
| |
* clean up formatting
* more efficient endsInNumber
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It's a bad idea for several reasons:
* it's inefficient; must allocate an environment for a closure in Nim,
even though we already have one in JS
* writing macros for automatically creating functions with variadic
arguments is suprisingly difficult (see the entire `js/javascript'
module)
* it never really worked properly, because we never freed the associated
function pointer.
We hardly used it anyway, so the easiest fix is to get rid of it
completely.
|
| |
|
|
|
|
|
| |
This allows us to unify BlockBox instantiation and block-level inner
layout calls.
|
|
|
|
| |
e.g. 0x0.a should return undefined, not SyntaxError.
|
|
|
|
|
|
|
|
|
|
| |
The "id" scheme had obvious problems when multiple documents existed.
Originally it was needed because the old hacky integration with QuickJS
would occasionally result in objects being moved to other addresses.
This has been fixed long ago when I decided to vendor in a fork, so we
can just use pointers as ids unique to the entire process.
|
|
|
|
|
| |
+ better align attribute-based event handler behavior with other
browsers
|
| |
|
|
|
|
|
|
|
| |
- detect and report invalid duplicate parameter names
- throw RangeError for too many function arguments
- throw RangeError for invalid string length
- prevent `-Wcast-function-type` warnings
|
|
|
|
|
|
|
|
| |
- changed error messages
- clarify `toJSON` method usage
- simplify boxed objects handling
- for ECMA conformity, BigInt objects need a toJSON method in the prototype chain
including boxed objects
|
| |
|
| |
|
|
|
|
|
| |
- disable BigDecimal convertion in `JS_ReadBigNum`
- fix some error messages
|
|
|
|
|
|
|
|
| |
- add `minimum_length` to enforce array length validation
- add `JS_NewDate()` API
- add `[Symbol.toStringTag]` property in the global object
- simplify `string_get_milliseconds`
- support more timezone abbrevs using `string_get_tzabbr` and array
|
|
|
|
|
|
|
| |
Importing patch from upstream instead.
This reverts commits ccf177cc125e120b338612bbf24966faf3fd87fa and
6776f4dba975137f4034b1295c0f1958b752a2cb.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I wish they didn't change this. unsafeAddr may be a confusing name,
but it's more powerful than addr. Merging them violates the principle
of least power.
e.g. say I get n thru a param, and shadow it
proc x(n: int) =
var n = n + 1
a screen or two later I call
mutates_variable_in_c(addr i)
then later I no longer need to add 1, so I remove the var line.
In Nim 1.6 the compiler refuses to compile, I can instantly find the
bug. In 2.0 it does... whatever?? Maybe for an int it "works", for an
object it likely doesn't. Certainly not something I'd enjoy debugging.
|
|
|
|
|
|
| |
* fix percHeight not being passed down properly
* simplify addTableCaption; get rid of hack that turned caption outer
height into inner height
|
| |
|
|
|
|
|
| |
it's needed for memcpy; it usually compiles without the include, but
that's not guaranteed.
|
| |
|
|
|
|
| |
it can happen when do_reshape is called before any parsing happens.
|