1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #include "mozilla/dom/BrowsingContextGroup.h"
9 #include "mozilla/ClearOnShutdown.h"
10 #include "mozilla/InputTaskManager.h"
11 #include "mozilla/Preferences.h"
12 #include "mozilla/dom/BrowsingContextBinding.h"
13 #include "mozilla/dom/BindingUtils.h"
14 #include "mozilla/dom/ContentChild.h"
15 #include "mozilla/dom/ContentParent.h"
16 #include "mozilla/dom/DocGroup.h"
17 #include "mozilla/StaticPrefs_dom.h"
18 #include "mozilla/ThrottledEventQueue.h"
19 #include "nsFocusManager.h"
20 #include "nsTHashMap.h"
25 // Maximum number of successive dialogs before we prompt users to disable
26 // dialogs for this window.
27 #define MAX_SUCCESSIVE_DIALOG_COUNT 5
29 static StaticRefPtr
<BrowsingContextGroup
> sChromeGroup
;
31 static StaticAutoPtr
<nsTHashMap
<uint64_t, RefPtr
<BrowsingContextGroup
>>>
32 sBrowsingContextGroups
;
34 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::GetOrCreate(
36 if (!sBrowsingContextGroups
) {
37 sBrowsingContextGroups
=
38 new nsTHashMap
<nsUint64HashKey
, RefPtr
<BrowsingContextGroup
>>();
39 ClearOnShutdown(&sBrowsingContextGroups
);
42 return do_AddRef(sBrowsingContextGroups
->LookupOrInsertWith(
43 aId
, [&aId
] { return do_AddRef(new BrowsingContextGroup(aId
)); }));
46 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::GetExisting(
48 if (sBrowsingContextGroups
) {
49 return do_AddRef(sBrowsingContextGroups
->Get(aId
));
54 // Only use 53 bits for the BrowsingContextGroup ID.
55 static constexpr uint64_t kBrowsingContextGroupIdTotalBits
= 53;
56 static constexpr uint64_t kBrowsingContextGroupIdProcessBits
= 22;
57 static constexpr uint64_t kBrowsingContextGroupIdFlagBits
= 1;
58 static constexpr uint64_t kBrowsingContextGroupIdBits
=
59 kBrowsingContextGroupIdTotalBits
- kBrowsingContextGroupIdProcessBits
-
60 kBrowsingContextGroupIdFlagBits
;
62 // IDs for the relevant flags
63 static constexpr uint64_t kPotentiallyCrossOriginIsolatedFlag
= 0x1;
65 // The next ID value which will be used.
66 static uint64_t sNextBrowsingContextGroupId
= 1;
68 // Generate the next ID with the given flags.
69 static uint64_t GenerateBrowsingContextGroupId(uint64_t aFlags
) {
70 MOZ_RELEASE_ASSERT(aFlags
< (uint64_t(1) << kBrowsingContextGroupIdFlagBits
));
71 uint64_t childId
= XRE_IsContentProcess()
72 ? ContentChild::GetSingleton()->GetID()
74 MOZ_RELEASE_ASSERT(childId
<
75 (uint64_t(1) << kBrowsingContextGroupIdProcessBits
));
76 uint64_t id
= sNextBrowsingContextGroupId
++;
77 MOZ_RELEASE_ASSERT(id
< (uint64_t(1) << kBrowsingContextGroupIdBits
));
79 return (childId
<< (kBrowsingContextGroupIdBits
+
80 kBrowsingContextGroupIdFlagBits
)) |
81 (id
<< kBrowsingContextGroupIdFlagBits
) | aFlags
;
84 // Extract flags from the given ID.
85 static uint64_t GetBrowsingContextGroupIdFlags(uint64_t aId
) {
86 return aId
& ((uint64_t(1) << kBrowsingContextGroupIdFlagBits
) - 1);
89 uint64_t BrowsingContextGroup::CreateId(bool aPotentiallyCrossOriginIsolated
) {
90 // We encode the potentially cross-origin isolated bit within the ID so that
91 // the information can be recovered whenever the group needs to be re-created
92 // due to e.g. being garbage-collected.
94 // In the future if we end up needing more complex information stored within
95 // the ID, we can consider converting it to a more complex type, like a
98 aPotentiallyCrossOriginIsolated
? kPotentiallyCrossOriginIsolatedFlag
: 0;
99 uint64_t id
= GenerateBrowsingContextGroupId(flags
);
100 MOZ_ASSERT(GetBrowsingContextGroupIdFlags(id
) == flags
);
104 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::Create(
105 bool aPotentiallyCrossOriginIsolated
) {
106 return GetOrCreate(CreateId(aPotentiallyCrossOriginIsolated
));
109 BrowsingContextGroup::BrowsingContextGroup(uint64_t aId
) : mId(aId
) {
110 mTimerEventQueue
= ThrottledEventQueue::Create(
111 GetMainThreadSerialEventTarget(), "BrowsingContextGroup timer queue");
113 mWorkerEventQueue
= ThrottledEventQueue::Create(
114 GetMainThreadSerialEventTarget(), "BrowsingContextGroup worker queue");
117 void BrowsingContextGroup::Register(nsISupports
* aContext
) {
118 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
119 MOZ_DIAGNOSTIC_ASSERT(aContext
);
120 mContexts
.Insert(aContext
);
123 void BrowsingContextGroup::Unregister(nsISupports
* aContext
) {
124 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
125 MOZ_DIAGNOSTIC_ASSERT(aContext
);
126 mContexts
.Remove(aContext
);
131 void BrowsingContextGroup::EnsureHostProcess(ContentParent
* aProcess
) {
132 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
133 MOZ_DIAGNOSTIC_ASSERT(this != sChromeGroup
,
134 "cannot have content host for chrome group");
135 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
,
136 "cannot use preallocated process as host");
137 MOZ_DIAGNOSTIC_ASSERT(!aProcess
->GetRemoteType().IsEmpty(),
138 "host process must have remote type");
140 // XXX: The diagnostic crashes in bug 1816025 seemed to come through caller
141 // ContentParent::GetNewOrUsedLaunchingBrowserProcess where we already
142 // did AssertAlive, so IsDead should be irrelevant here. Still it reads
143 // wrong that we ever might do AddBrowsingContextGroup if aProcess->IsDead().
144 if (aProcess
->IsDead() ||
145 mHosts
.WithEntryHandle(aProcess
->GetRemoteType(), [&](auto&& entry
) {
147 // We know from bug 1816025 that this happens quite often and we have
148 // bug 1815480 on file that should harden the entire flow. But in the
149 // meantime we can just live with NOT replacing the found host
150 // process with a new one here if it is still alive.
152 entry
.Data() == aProcess
,
153 "There's already another host process for this remote type");
154 if (!entry
.Data()->IsShuttingDown()) {
159 // This process wasn't already marked as our host, so insert it (or
160 // update if the old process is shutting down), and begin subscribing,
161 // unless the process is still launching.
162 entry
.InsertOrUpdate(do_AddRef(aProcess
));
166 aProcess
->AddBrowsingContextGroup(this);
170 void BrowsingContextGroup::RemoveHostProcess(ContentParent
* aProcess
) {
171 MOZ_DIAGNOSTIC_ASSERT(aProcess
);
172 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
);
173 auto entry
= mHosts
.Lookup(aProcess
->GetRemoteType());
174 if (entry
&& entry
.Data() == aProcess
) {
179 static void CollectContextInitializers(
180 Span
<RefPtr
<BrowsingContext
>> aContexts
,
181 nsTArray
<SyncedContextInitializer
>& aInits
) {
182 // The order that we record these initializers is important, as it will keep
183 // the order that children are attached to their parent in the newly connected
184 // content process consistent.
185 for (auto& context
: aContexts
) {
186 aInits
.AppendElement(context
->GetIPCInitializer());
187 for (const auto& window
: context
->GetWindowContexts()) {
188 aInits
.AppendElement(window
->GetIPCInitializer());
189 CollectContextInitializers(window
->Children(), aInits
);
194 void BrowsingContextGroup::Subscribe(ContentParent
* aProcess
) {
195 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
196 MOZ_DIAGNOSTIC_ASSERT(aProcess
&& !aProcess
->IsLaunching());
197 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
);
199 // Check if we're already subscribed to this process.
200 if (!mSubscribers
.EnsureInserted(aProcess
)) {
204 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
205 // If the process is already marked as dead, we won't be the host, but may
206 // still need to subscribe to the process due to creating a popup while
208 if (!aProcess
->IsDead()) {
209 auto hostEntry
= mHosts
.Lookup(aProcess
->GetRemoteType());
210 MOZ_DIAGNOSTIC_ASSERT(hostEntry
&& hostEntry
.Data() == aProcess
,
211 "Cannot subscribe a non-host process");
215 // FIXME: This won't send non-discarded children of discarded BCs, but those
216 // BCs will be in the process of being destroyed anyway.
217 // FIXME: Prevent that situation from occuring.
218 nsTArray
<SyncedContextInitializer
> inits(mContexts
.Count());
219 CollectContextInitializers(mToplevels
, inits
);
221 // Send all of our contexts to the target content process.
222 Unused
<< aProcess
->SendRegisterBrowsingContextGroup(Id(), inits
);
224 // If the focused or active BrowsingContexts belong in this group, tell the
225 // newly subscribed process.
226 if (nsFocusManager
* fm
= nsFocusManager::GetFocusManager()) {
227 BrowsingContext
* focused
= fm
->GetFocusedBrowsingContextInChrome();
228 if (focused
&& focused
->Group() != this) {
231 BrowsingContext
* active
= fm
->GetActiveBrowsingContextInChrome();
232 if (active
&& active
->Group() != this) {
236 if (focused
|| active
) {
237 Unused
<< aProcess
->SendSetupFocusedAndActive(
238 focused
, fm
->GetActionIdForFocusedBrowsingContextInChrome(), active
,
239 fm
->GetActionIdForActiveBrowsingContextInChrome());
244 void BrowsingContextGroup::Unsubscribe(ContentParent
* aProcess
) {
245 MOZ_DIAGNOSTIC_ASSERT(aProcess
);
246 MOZ_DIAGNOSTIC_ASSERT(aProcess
->GetRemoteType() != PREALLOC_REMOTE_TYPE
);
247 mSubscribers
.Remove(aProcess
);
248 aProcess
->RemoveBrowsingContextGroup(this);
250 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
251 auto hostEntry
= mHosts
.Lookup(aProcess
->GetRemoteType());
252 MOZ_DIAGNOSTIC_ASSERT(!hostEntry
|| hostEntry
.Data() != aProcess
,
253 "Unsubscribing existing host entry");
257 ContentParent
* BrowsingContextGroup::GetHostProcess(
258 const nsACString
& aRemoteType
) {
259 return mHosts
.GetWeak(aRemoteType
);
262 void BrowsingContextGroup::UpdateToplevelsSuspendedIfNeeded() {
263 if (!StaticPrefs::dom_suspend_inactive_enabled()) {
267 mToplevelsSuspended
= ShouldSuspendAllTopLevelContexts();
268 for (const auto& context
: mToplevels
) {
269 nsPIDOMWindowOuter
* outer
= context
->GetDOMWindow();
273 nsCOMPtr
<nsPIDOMWindowInner
> inner
= outer
->GetCurrentInnerWindow();
277 if (mToplevelsSuspended
&& !inner
->GetWasSuspendedByGroup()) {
279 inner
->SetWasSuspendedByGroup(true);
280 } else if (!mToplevelsSuspended
&& inner
->GetWasSuspendedByGroup()) {
282 inner
->SetWasSuspendedByGroup(false);
287 bool BrowsingContextGroup::ShouldSuspendAllTopLevelContexts() const {
288 for (const auto& context
: mToplevels
) {
289 if (!context
->InactiveForSuspend()) {
296 BrowsingContextGroup::~BrowsingContextGroup() { Destroy(); }
298 void BrowsingContextGroup::Destroy() {
299 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
301 MOZ_DIAGNOSTIC_ASSERT(mHosts
.Count() == 0);
302 MOZ_DIAGNOSTIC_ASSERT(mSubscribers
.Count() == 0);
303 MOZ_DIAGNOSTIC_ASSERT_IF(sBrowsingContextGroups
,
304 !sBrowsingContextGroups
->Contains(Id()) ||
305 *sBrowsingContextGroups
->Lookup(Id()) != this);
310 // Make sure to call `RemoveBrowsingContextGroup` for every entry in both
311 // `mHosts` and `mSubscribers`. This will visit most entries twice, but
312 // `RemoveBrowsingContextGroup` is safe to call multiple times.
313 for (const auto& entry
: mHosts
.Values()) {
314 entry
->RemoveBrowsingContextGroup(this);
316 for (const auto& key
: mSubscribers
) {
317 key
->RemoveBrowsingContextGroup(this);
320 mSubscribers
.Clear();
322 if (sBrowsingContextGroups
) {
323 sBrowsingContextGroups
->Remove(Id());
327 void BrowsingContextGroup::AddKeepAlive() {
328 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
329 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess());
333 void BrowsingContextGroup::RemoveKeepAlive() {
334 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
335 MOZ_DIAGNOSTIC_ASSERT(mKeepAliveCount
> 0);
336 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess());
342 auto BrowsingContextGroup::MakeKeepAlivePtr() -> KeepAlivePtr
{
344 return KeepAlivePtr
{do_AddRef(this).take()};
347 void BrowsingContextGroup::MaybeDestroy() {
348 // Once there are no synced contexts referencing a `BrowsingContextGroup`, we
349 // can clear subscribers and destroy this group. We only do this in the parent
350 // process, as it will orchestrate destruction of BCGs in content processes.
351 if (XRE_IsParentProcess() && mContexts
.IsEmpty() && mKeepAliveCount
== 0 &&
352 this != sChromeGroup
) {
355 // We may have been deleted here, as `Destroy()` will clear references. Do
356 // not access any members at this point.
360 void BrowsingContextGroup::ChildDestroy() {
361 MOZ_DIAGNOSTIC_ASSERT(XRE_IsContentProcess());
362 MOZ_DIAGNOSTIC_ASSERT(!mDestroyed
);
363 MOZ_DIAGNOSTIC_ASSERT(mContexts
.IsEmpty());
367 nsISupports
* BrowsingContextGroup::GetParentObject() const {
368 return xpc::NativeGlobal(xpc::PrivilegedJunkScope());
371 JSObject
* BrowsingContextGroup::WrapObject(JSContext
* aCx
,
372 JS::Handle
<JSObject
*> aGivenProto
) {
373 return BrowsingContextGroup_Binding::Wrap(aCx
, this, aGivenProto
);
376 nsresult
BrowsingContextGroup::QueuePostMessageEvent(
377 already_AddRefed
<nsIRunnable
>&& aRunnable
) {
378 if (!StaticPrefs::dom_separate_event_queue_for_post_message_enabled()) {
379 return NS_ERROR_FAILURE
;
382 if (!mPostMessageEventQueue
) {
383 nsCOMPtr
<nsISerialEventTarget
> target
= GetMainThreadSerialEventTarget();
384 mPostMessageEventQueue
= ThrottledEventQueue::Create(
385 target
, "PostMessage Queue",
386 nsIRunnablePriority::PRIORITY_DEFERRED_TIMERS
);
387 nsresult rv
= mPostMessageEventQueue
->SetIsPaused(false);
388 MOZ_ALWAYS_SUCCEEDS(rv
);
391 // Ensure the queue is enabled
392 if (mPostMessageEventQueue
->IsPaused()) {
393 nsresult rv
= mPostMessageEventQueue
->SetIsPaused(false);
394 MOZ_ALWAYS_SUCCEEDS(rv
);
397 mPostMessageEventQueue
->Dispatch(std::move(aRunnable
), NS_DISPATCH_NORMAL
);
401 void BrowsingContextGroup::FlushPostMessageEvents() {
402 if (!mPostMessageEventQueue
) {
405 nsresult rv
= mPostMessageEventQueue
->SetIsPaused(true);
406 MOZ_ALWAYS_SUCCEEDS(rv
);
407 nsCOMPtr
<nsIRunnable
> event
;
408 while ((event
= mPostMessageEventQueue
->GetEvent())) {
409 NS_DispatchToMainThread(event
.forget());
413 bool BrowsingContextGroup::HasActiveBC() {
414 for (auto& topLevelBC
: Toplevels()) {
415 if (topLevelBC
->IsActive()) {
422 void BrowsingContextGroup::IncInputEventSuspensionLevel() {
423 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
424 if (!mHasIncreasedInputTaskManagerSuspensionLevel
&& HasActiveBC()) {
425 IncInputTaskManagerSuspensionLevel();
427 ++mInputEventSuspensionLevel
;
430 void BrowsingContextGroup::DecInputEventSuspensionLevel() {
431 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
432 --mInputEventSuspensionLevel
;
433 if (!mInputEventSuspensionLevel
&&
434 mHasIncreasedInputTaskManagerSuspensionLevel
) {
435 DecInputTaskManagerSuspensionLevel();
439 void BrowsingContextGroup::DecInputTaskManagerSuspensionLevel() {
440 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
441 MOZ_ASSERT(mHasIncreasedInputTaskManagerSuspensionLevel
);
443 InputTaskManager::Get()->DecSuspensionLevel();
444 mHasIncreasedInputTaskManagerSuspensionLevel
= false;
447 void BrowsingContextGroup::IncInputTaskManagerSuspensionLevel() {
448 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
449 MOZ_ASSERT(!mHasIncreasedInputTaskManagerSuspensionLevel
);
450 MOZ_ASSERT(HasActiveBC());
452 InputTaskManager::Get()->IncSuspensionLevel();
453 mHasIncreasedInputTaskManagerSuspensionLevel
= true;
456 void BrowsingContextGroup::UpdateInputTaskManagerIfNeeded(bool aIsActive
) {
457 MOZ_ASSERT(StaticPrefs::dom_input_events_canSuspendInBCG_enabled());
459 if (mHasIncreasedInputTaskManagerSuspensionLevel
) {
460 MOZ_ASSERT(mInputEventSuspensionLevel
> 0);
461 if (!HasActiveBC()) {
462 DecInputTaskManagerSuspensionLevel();
466 if (mInputEventSuspensionLevel
&&
467 !mHasIncreasedInputTaskManagerSuspensionLevel
) {
468 IncInputTaskManagerSuspensionLevel();
474 BrowsingContextGroup
* BrowsingContextGroup::GetChromeGroup() {
475 MOZ_DIAGNOSTIC_ASSERT(XRE_IsParentProcess());
476 if (!sChromeGroup
&& XRE_IsParentProcess()) {
477 sChromeGroup
= BrowsingContextGroup::Create();
478 ClearOnShutdown(&sChromeGroup
);
484 void BrowsingContextGroup::GetDocGroups(nsTArray
<DocGroup
*>& aDocGroups
) {
485 MOZ_ASSERT(NS_IsMainThread());
486 AppendToArray(aDocGroups
, mDocGroups
.Values());
489 already_AddRefed
<DocGroup
> BrowsingContextGroup::AddDocument(
490 const nsACString
& aKey
, Document
* aDocument
) {
491 MOZ_ASSERT(NS_IsMainThread());
493 RefPtr
<DocGroup
>& docGroup
= mDocGroups
.LookupOrInsertWith(
494 aKey
, [&] { return DocGroup::Create(this, aKey
); });
496 docGroup
->AddDocument(aDocument
);
497 return do_AddRef(docGroup
);
500 void BrowsingContextGroup::RemoveDocument(Document
* aDocument
,
501 DocGroup
* aDocGroup
) {
502 MOZ_ASSERT(NS_IsMainThread());
503 RefPtr
<DocGroup
> docGroup
= aDocGroup
;
504 // Removing the last document in DocGroup might decrement the
505 // DocGroup BrowsingContextGroup's refcount to 0.
506 RefPtr
<BrowsingContextGroup
> kungFuDeathGrip(this);
507 docGroup
->RemoveDocument(aDocument
);
509 if (docGroup
->IsEmpty()) {
510 mDocGroups
.Remove(docGroup
->GetKey());
514 already_AddRefed
<BrowsingContextGroup
> BrowsingContextGroup::Select(
515 WindowContext
* aParent
, BrowsingContext
* aOpener
) {
517 return do_AddRef(aParent
->Group());
520 return do_AddRef(aOpener
->Group());
525 void BrowsingContextGroup::GetAllGroups(
526 nsTArray
<RefPtr
<BrowsingContextGroup
>>& aGroups
) {
528 if (!sBrowsingContextGroups
) {
532 aGroups
= ToArray(sBrowsingContextGroups
->Values());
536 void BrowsingContextGroup::ResetDialogAbuseState() {
537 mDialogAbuseCount
= 0;
539 mLastDialogQuitTime
=
541 TimeDuration::FromSeconds(DEFAULT_SUCCESSIVE_DIALOG_TIME_LIMIT
);
544 bool BrowsingContextGroup::DialogsAreBeingAbused() {
545 if (mLastDialogQuitTime
.IsNull() || nsContentUtils::IsCallerChrome()) {
549 TimeDuration
dialogInterval(TimeStamp::Now() - mLastDialogQuitTime
);
550 if (dialogInterval
.ToSeconds() <
551 Preferences::GetInt("dom.successive_dialog_time_limit",
552 DEFAULT_SUCCESSIVE_DIALOG_TIME_LIMIT
)) {
555 return PopupBlocker::GetPopupControlState() > PopupBlocker::openAllowed
||
556 mDialogAbuseCount
> MAX_SUCCESSIVE_DIALOG_COUNT
;
559 // Reset the abuse counter
560 mDialogAbuseCount
= 0;
565 bool BrowsingContextGroup::IsPotentiallyCrossOriginIsolated() {
566 return GetBrowsingContextGroupIdFlags(mId
) &
567 kPotentiallyCrossOriginIsolatedFlag
;
570 NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(BrowsingContextGroup
, mContexts
,
571 mToplevels
, mHosts
, mSubscribers
,
572 mTimerEventQueue
, mWorkerEventQueue
,
576 } // namespace mozilla