1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #include "mozilla/dom/BrowsingContextGroup.h"
9 #include "mozilla/ClearOnShutdown.h"
10 #include "mozilla/InputTaskManager.h"
11 #include "mozilla/Preferences.h"
12 #include "mozilla/dom/BrowsingContextBinding.h"
13 #include "mozilla/dom/BindingUtils.h"
14 #include "mozilla/dom/ContentChild.h"
15 #include "mozilla/dom/ContentParent.h"
16 #include "mozilla/dom/DocGroup.h"
17 #include "mozilla/StaticPrefs_dom.h"
18 #include "mozilla/ThrottledEventQueue.h"
19 #include "nsFocusManager.h"
20 #include "nsTHashMap.h"
22 namespace mozilla::dom
{
24 // Maximum number of successive dialogs before we prompt users to disable
25 // dialogs for this window.
26 #define MAX_SUCCESSIVE_DIALOG_COUNT 5
28 static StaticRefPtr
<BrowsingContextGroup
> sChromeGroup
;
30 static StaticAutoPtr
<nsTHashMap
<uint64_t, RefPtr
<BrowsingContextGroup
>>>
31 sBrowsingContextGroups
;
33 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::GetOrCreate(
35 if (!sBrowsingContextGroups
) {
36 sBrowsingContextGroups
=
37 new nsTHashMap
<nsUint64HashKey
, RefPtr
<BrowsingContextGroup
>>();
38 ClearOnShutdown(&sBrowsingContextGroups
);
41 return do_AddRef(sBrowsingContextGroups
->LookupOrInsertWith(
42 aId
, [&aId
] { return do_AddRef(new BrowsingContextGroup(aId
)); }));
45 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::GetExisting(
47 if (sBrowsingContextGroups
) {
48 return do_AddRef(sBrowsingContextGroups
->Get(aId
));
53 // Only use 53 bits for the BrowsingContextGroup ID.
54 static constexpr uint64_t kBrowsingContextGroupIdTotalBits
= 53;
55 static constexpr uint64_t kBrowsingContextGroupIdProcessBits
= 22;
56 static constexpr uint64_t kBrowsingContextGroupIdFlagBits
= 1;
57 static constexpr uint64_t kBrowsingContextGroupIdBits
=
58 kBrowsingContextGroupIdTotalBits
- kBrowsingContextGroupIdProcessBits
-
59 kBrowsingContextGroupIdFlagBits
;
61 // IDs for the relevant flags
62 static constexpr uint64_t kPotentiallyCrossOriginIsolatedFlag
= 0x1;
64 // The next ID value which will be used.
65 static uint64_t sNextBrowsingContextGroupId
= 1;
67 // Generate the next ID with the given flags.
68 static uint64_t GenerateBrowsingContextGroupId(uint64_t aFlags
) {
69 MOZ_RELEASE_ASSERT(aFlags
< (uint64_t(1) << kBrowsingContextGroupIdFlagBits
));
70 uint64_t childId
= XRE_IsContentProcess()
71 ? ContentChild::GetSingleton()->GetID()
73 MOZ_RELEASE_ASSERT(childId
<
74 (uint64_t(1) << kBrowsingContextGroupIdProcessBits
));
75 uint64_t id
= sNextBrowsingContextGroupId
++;
76 MOZ_RELEASE_ASSERT(id
< (uint64_t(1) << kBrowsingContextGroupIdBits
));
78 return (childId
<< (kBrowsingContextGroupIdBits
+
79 kBrowsingContextGroupIdFlagBits
)) |
80 (id
<< kBrowsingContextGroupIdFlagBits
) | aFlags
;
83 // Extract flags from the given ID.
84 static uint64_t GetBrowsingContextGroupIdFlags(uint64_t aId
) {
85 return aId
& ((uint64_t(1) << kBrowsingContextGroupIdFlagBits
) - 1);
88 uint64_t BrowsingContextGroup::CreateId(bool aPotentiallyCrossOriginIsolated
) {
89 // We encode the potentially cross-origin isolated bit within the ID so that
90 // the information can be recovered whenever the group needs to be re-created
91 // due to e.g. being garbage-collected.
93 // In the future if we end up needing more complex information stored within
94 // the ID, we can consider converting it to a more complex type, like a
97 aPotentiallyCrossOriginIsolated
? kPotentiallyCrossOriginIsolatedFlag
: 0;
98 uint64_t id
= GenerateBrowsingContextGroupId(flags
);
99 MOZ_ASSERT(GetBrowsingContextGroupIdFlags(id
) == flags
);
103 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::Create(
104 bool aPotentiallyCrossOriginIsolated
) {
105 return GetOrCreate(CreateId(aPotentiallyCrossOriginIsolated
));
108 BrowsingContextGroup::BrowsingContextGroup(uint64_t aId
) : mId(aId
) {
109 mTimerEventQueue
= ThrottledEventQueue::Create(
110 GetMainThreadSerialEventTarget(), "BrowsingContextGroup timer queue");
112 mWorkerEventQueue
= ThrottledEventQueue::Create(
113 GetMainThreadSerialEventTarget(), "BrowsingContextGroup worker queue");
116 void BrowsingContextGroup::Register(nsISupports
* aContext
) {
117 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
118 MOZ_DIAGNOSTIC_ASSERT(aContext
);
119 mContexts
.Insert(aContext
);
122 void BrowsingContextGroup::Unregister(nsISupports
* aContext
) {
123 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
124 MOZ_DIAGNOSTIC_ASSERT(aContext
);
125 mContexts
.Remove(aContext
);
130 void BrowsingContextGroup::EnsureHostProcess(ContentParent
* aProcess
) {
131 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
132 MOZ_DIAGNOSTIC_ASSERT(this != sChromeGroup
,
133 "cannot have content host for chrome group");
134 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
,
135 "cannot use preallocated process as host");
136 MOZ_DIAGNOSTIC_ASSERT(!aProcess
->GetRemoteType().IsEmpty(),
137 "host process must have remote type");
139 // XXX: The diagnostic crashes in bug 1816025 seemed to come through caller
140 // ContentParent::GetNewOrUsedLaunchingBrowserProcess where we already
141 // did AssertAlive, so IsDead should be irrelevant here. Still it reads
142 // wrong that we ever might do AddBrowsingContextGroup if aProcess->IsDead().
143 if (aProcess
->IsDead() ||
144 mHosts
.WithEntryHandle(aProcess
->GetRemoteType(), [&](auto&& entry
) {
146 // We know from bug 1816025 that this happens quite often and we have
147 // bug 1815480 on file that should harden the entire flow. But in the
148 // meantime we can just live with NOT replacing the found host
149 // process with a new one here if it is still alive.
151 entry
.Data() == aProcess
,
152 "There's already another host process for this remote type");
153 if (!entry
.Data()->IsShuttingDown()) {
158 // This process wasn't already marked as our host, so insert it (or
159 // update if the old process is shutting down), and begin subscribing,
160 // unless the process is still launching.
161 entry
.InsertOrUpdate(do_AddRef(aProcess
));
165 aProcess
->AddBrowsingContextGroup(this);
169 void BrowsingContextGroup::RemoveHostProcess(ContentParent
* aProcess
) {
170 MOZ_DIAGNOSTIC_ASSERT(aProcess
);
171 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
);
172 auto entry
= mHosts
.Lookup(aProcess
->GetRemoteType());
173 if (entry
&& entry
.Data() == aProcess
) {
178 static void CollectContextInitializers(
179 Span
<RefPtr
<BrowsingContext
>> aContexts
,
180 nsTArray
<SyncedContextInitializer
>& aInits
) {
181 // The order that we record these initializers is important, as it will keep
182 // the order that children are attached to their parent in the newly connected
183 // content process consistent.
184 for (auto& context
: aContexts
) {
185 aInits
.AppendElement(context
->GetIPCInitializer());
186 for (const auto& window
: context
->GetWindowContexts()) {
187 aInits
.AppendElement(window
->GetIPCInitializer());
188 CollectContextInitializers(window
->Children(), aInits
);
193 void BrowsingContextGroup::Subscribe(ContentParent
* aProcess
) {
194 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
195 MOZ_DIAGNOSTIC_ASSERT(aProcess
&& !aProcess
->IsLaunching());
196 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
);
198 // Check if we're already subscribed to this process.
199 if (!mSubscribers
.EnsureInserted(aProcess
)) {
203 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
204 // If the process is already marked as dead, we won't be the host, but may
205 // still need to subscribe to the process due to creating a popup while
207 if (!aProcess
->IsDead()) {
208 auto hostEntry
= mHosts
.Lookup(aProcess
->GetRemoteType());
209 MOZ_DIAGNOSTIC_ASSERT(hostEntry
&& hostEntry
.Data() == aProcess
,
210 "Cannot subscribe a non-host process");
214 // FIXME: This won't send non-discarded children of discarded BCs, but those
215 // BCs will be in the process of being destroyed anyway.
216 // FIXME: Prevent that situation from occuring.
217 nsTArray
<SyncedContextInitializer
> inits(mContexts
.Count());
218 CollectContextInitializers(mToplevels
, inits
);
220 // Send all of our contexts to the target content process.
221 Unused
<< aProcess
->SendRegisterBrowsingContextGroup(Id(), inits
);
223 // If the focused or active BrowsingContexts belong in this group, tell the
224 // newly subscribed process.
225 if (nsFocusManager
* fm
= nsFocusManager::GetFocusManager()) {
226 BrowsingContext
* focused
= fm
->GetFocusedBrowsingContextInChrome();
227 if (focused
&& focused
->Group() != this) {
230 BrowsingContext
* active
= fm
->GetActiveBrowsingContextInChrome();
231 if (active
&& active
->Group() != this) {
235 if (focused
|| active
) {
236 Unused
<< aProcess
->SendSetupFocusedAndActive(
237 focused
, fm
->GetActionIdForFocusedBrowsingContextInChrome(), active
,
238 fm
->GetActionIdForActiveBrowsingContextInChrome());
243 void BrowsingContextGroup::Unsubscribe(ContentParent
* aProcess
) {
244 MOZ_DIAGNOSTIC_ASSERT(aProcess
);
245 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
);
246 mSubscribers
.Remove(aProcess
);
247 aProcess
->RemoveBrowsingContextGroup(this);
249 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
250 auto hostEntry
= mHosts
.Lookup(aProcess
->GetRemoteType());
251 MOZ_DIAGNOSTIC_ASSERT(!hostEntry
|| hostEntry
.Data() != aProcess
,
252 "Unsubscribing existing host entry");
256 ContentParent
* BrowsingContextGroup::GetHostProcess(
257 const nsACString
& aRemoteType
) {
258 return mHosts
.GetWeak(aRemoteType
);
261 void BrowsingContextGroup::UpdateToplevelsSuspendedIfNeeded() {
262 if (!StaticPrefs::dom_suspend_inactive_enabled()) {
266 mToplevelsSuspended
= ShouldSuspendAllTopLevelContexts();
267 for (const auto& context
: mToplevels
) {
268 nsPIDOMWindowOuter
* outer
= context
->GetDOMWindow();
272 nsCOMPtr
<nsPIDOMWindowInner
> inner
= outer
->GetCurrentInnerWindow();
276 if (mToplevelsSuspended
&& !inner
->GetWasSuspendedByGroup()) {
278 inner
->SetWasSuspendedByGroup(true);
279 } else if (!mToplevelsSuspended
&& inner
->GetWasSuspendedByGroup()) {
281 inner
->SetWasSuspendedByGroup(false);
286 bool BrowsingContextGroup::ShouldSuspendAllTopLevelContexts() const {
287 for (const auto& context
: mToplevels
) {
288 if (!context
->InactiveForSuspend()) {
295 BrowsingContextGroup::~BrowsingContextGroup() { Destroy(); }
297 void BrowsingContextGroup::Destroy() {
298 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
300 MOZ_DIAGNOSTIC_ASSERT(mHosts
.Count() == 0);
301 MOZ_DIAGNOSTIC_ASSERT(mSubscribers
.Count() == 0);
302 MOZ_DIAGNOSTIC_ASSERT_IF(sBrowsingContextGroups
,
303 !sBrowsingContextGroups
->Contains(Id()) ||
304 *sBrowsingContextGroups
->Lookup(Id()) != this);
309 // Make sure to call `RemoveBrowsingContextGroup` for every entry in both
310 // `mHosts` and `mSubscribers`. This will visit most entries twice, but
311 // `RemoveBrowsingContextGroup` is safe to call multiple times.
312 for (const auto& entry
: mHosts
.Values()) {
313 entry
->RemoveBrowsingContextGroup(this);
315 for (const auto& key
: mSubscribers
) {
316 key
->RemoveBrowsingContextGroup(this);
319 mSubscribers
.Clear();
321 if (sBrowsingContextGroups
) {
322 sBrowsingContextGroups
->Remove(Id());
326 void BrowsingContextGroup::AddKeepAlive() {
327 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
328 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess());
332 void BrowsingContextGroup::RemoveKeepAlive() {
333 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
334 MOZ_DIAGNOSTIC_ASSERT(mKeepAliveCount
> 0);
335 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess());
341 auto BrowsingContextGroup::MakeKeepAlivePtr() -> KeepAlivePtr
{
343 return KeepAlivePtr
{do_AddRef(this).take()};
346 void BrowsingContextGroup::MaybeDestroy() {
347 // Once there are no synced contexts referencing a `BrowsingContextGroup`, we
348 // can clear subscribers and destroy this group. We only do this in the parent
349 // process, as it will orchestrate destruction of BCGs in content processes.
350 if (XRE_IsParentProcess() && mContexts
.IsEmpty() && mKeepAliveCount
== 0 &&
351 this != sChromeGroup
) {
354 // We may have been deleted here, as `Destroy()` will clear references. Do
355 // not access any members at this point.
359 void BrowsingContextGroup::ChildDestroy() {
360 MOZ_DIAGNOSTIC_ASSERT(XRE_IsContentProcess());
361 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
362 MOZ_DIAGNOSTIC_ASSERT(mContexts
.IsEmpty());
366 nsISupports
* BrowsingContextGroup::GetParentObject() const {
367 return xpc::NativeGlobal(xpc::PrivilegedJunkScope());
370 JSObject
* BrowsingContextGroup::WrapObject(JSContext
* aCx
,
371 JS::Handle
<JSObject
*> aGivenProto
) {
372 return BrowsingContextGroup_Binding::Wrap(aCx
, this, aGivenProto
);
375 nsresult
BrowsingContextGroup::QueuePostMessageEvent(nsIRunnable
* aRunnable
) {
376 MOZ_ASSERT(StaticPrefs::dom_separate_event_queue_for_post_message_enabled());
378 if (!mPostMessageEventQueue
) {
379 nsCOMPtr
<nsISerialEventTarget
> target
= GetMainThreadSerialEventTarget();
380 mPostMessageEventQueue
= ThrottledEventQueue::Create(
381 target
, "PostMessage Queue",
382 nsIRunnablePriority::PRIORITY_DEFERRED_TIMERS
);
383 nsresult rv
= mPostMessageEventQueue
->SetIsPaused(false);
384 MOZ_ALWAYS_SUCCEEDS(rv
);
387 // Ensure the queue is enabled
388 if (mPostMessageEventQueue
->IsPaused()) {
389 nsresult rv
= mPostMessageEventQueue
->SetIsPaused(false);
390 MOZ_ALWAYS_SUCCEEDS(rv
);
393 return mPostMessageEventQueue
->Dispatch(aRunnable
, NS_DISPATCH_NORMAL
);
396 void BrowsingContextGroup::FlushPostMessageEvents() {
397 if (!mPostMessageEventQueue
) {
400 nsresult rv
= mPostMessageEventQueue
->SetIsPaused(true);
401 MOZ_ALWAYS_SUCCEEDS(rv
);
402 nsCOMPtr
<nsIRunnable
> event
;
403 while ((event
= mPostMessageEventQueue
->GetEvent())) {
404 NS_DispatchToMainThread(event
.forget());
408 bool BrowsingContextGroup::HasActiveBC() {
409 for (auto& topLevelBC
: Toplevels()) {
410 if (topLevelBC
->IsActive()) {
417 void BrowsingContextGroup::IncInputEventSuspensionLevel() {
418 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
419 if (!mHasIncreasedInputTaskManagerSuspensionLevel
&& HasActiveBC()) {
420 IncInputTaskManagerSuspensionLevel();
422 ++mInputEventSuspensionLevel
;
425 void BrowsingContextGroup::DecInputEventSuspensionLevel() {
426 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
427 --mInputEventSuspensionLevel
;
428 if (!mInputEventSuspensionLevel
&&
429 mHasIncreasedInputTaskManagerSuspensionLevel
) {
430 DecInputTaskManagerSuspensionLevel();
434 void BrowsingContextGroup::DecInputTaskManagerSuspensionLevel() {
435 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
436 MOZ_ASSERT(mHasIncreasedInputTaskManagerSuspensionLevel
);
438 InputTaskManager::Get()->DecSuspensionLevel();
439 mHasIncreasedInputTaskManagerSuspensionLevel
= false;
442 void BrowsingContextGroup::IncInputTaskManagerSuspensionLevel() {
443 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
444 MOZ_ASSERT(!mHasIncreasedInputTaskManagerSuspensionLevel
);
445 MOZ_ASSERT(HasActiveBC());
447 InputTaskManager::Get()->IncSuspensionLevel();
448 mHasIncreasedInputTaskManagerSuspensionLevel
= true;
451 void BrowsingContextGroup::UpdateInputTaskManagerIfNeeded(bool aIsActive
) {
452 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
454 if (mHasIncreasedInputTaskManagerSuspensionLevel
) {
455 MOZ_ASSERT(mInputEventSuspensionLevel
> 0);
456 if (!HasActiveBC()) {
457 DecInputTaskManagerSuspensionLevel();
461 if (mInputEventSuspensionLevel
&&
462 !mHasIncreasedInputTaskManagerSuspensionLevel
) {
463 IncInputTaskManagerSuspensionLevel();
469 BrowsingContextGroup
* BrowsingContextGroup::GetChromeGroup() {
470 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess());
471 if (!sChromeGroup
&& XRE_IsParentProcess()) {
472 sChromeGroup
= BrowsingContextGroup::Create();
473 ClearOnShutdown(&sChromeGroup
);
479 void BrowsingContextGroup::GetDocGroups(nsTArray
<DocGroup
*>& aDocGroups
) {
480 MOZ_ASSERT(NS_IsMainThread());
481 AppendToArray(aDocGroups
, mDocGroups
.Values());
484 already_AddRefed
<DocGroup
> BrowsingContextGroup::AddDocument(
485 const nsACString
& aKey
, Document
* aDocument
) {
486 MOZ_ASSERT(NS_IsMainThread());
488 RefPtr
<DocGroup
>& docGroup
= mDocGroups
.LookupOrInsertWith(
489 aKey
, [&] { return DocGroup::Create(this, aKey
); });
491 docGroup
->AddDocument(aDocument
);
492 return do_AddRef(docGroup
);
495 void BrowsingContextGroup::RemoveDocument(Document
* aDocument
,
496 DocGroup
* aDocGroup
) {
497 MOZ_ASSERT(NS_IsMainThread());
498 RefPtr
<DocGroup
> docGroup
= aDocGroup
;
499 // Removing the last document in DocGroup might decrement the
500 // DocGroup BrowsingContextGroup's refcount to 0.
501 RefPtr
<BrowsingContextGroup
> kungFuDeathGrip(this);
502 docGroup
->RemoveDocument(aDocument
);
504 if (docGroup
->IsEmpty()) {
505 mDocGroups
.Remove(docGroup
->GetKey());
509 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::Select(
510 WindowContext
* aParent
, BrowsingContext
* aOpener
) {
512 return do_AddRef(aParent
->Group());
515 return do_AddRef(aOpener
->Group());
520 void BrowsingContextGroup::GetAllGroups(
521 nsTArray
<RefPtr
<BrowsingContextGroup
>>& aGroups
) {
523 if (!sBrowsingContextGroups
) {
527 aGroups
= ToArray(sBrowsingContextGroups
->Values());
531 void BrowsingContextGroup::ResetDialogAbuseState() {
532 mDialogAbuseCount
= 0;
534 mLastDialogQuitTime
=
536 TimeDuration::FromSeconds(DEFAULT_SUCCESSIVE_DIALOG_TIME_LIMIT
);
539 bool BrowsingContextGroup::DialogsAreBeingAbused() {
540 if (mLastDialogQuitTime
.IsNull() || nsContentUtils::IsCallerChrome()) {
544 TimeDuration
dialogInterval(TimeStamp::Now() - mLastDialogQuitTime
);
545 if (dialogInterval
.ToSeconds() <
546 Preferences::GetInt("dom.successive_dialog_time_limit",
547 DEFAULT_SUCCESSIVE_DIALOG_TIME_LIMIT
)) {
550 return PopupBlocker::GetPopupControlState() > PopupBlocker::openAllowed
||
551 mDialogAbuseCount
> MAX_SUCCESSIVE_DIALOG_COUNT
;
554 // Reset the abuse counter
555 mDialogAbuseCount
= 0;
560 bool BrowsingContextGroup::IsPotentiallyCrossOriginIsolated() {
561 return GetBrowsingContextGroupIdFlags(mId
) &
562 kPotentiallyCrossOriginIsolatedFlag
;
565 NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(BrowsingContextGroup
, mContexts
,
566 mToplevels
, mHosts
, mSubscribers
,
567 mTimerEventQueue
, mWorkerEventQueue
,
570 } // namespace mozilla::dom