This relieves some headaches with on connect callback and spawning of the
sending async task, since some SWFs like to send data before the connect event
is called.
All NavigatorBackend implementations have been refactored, resulting in
improved code quality, less duplicated code, more consistent and easier
to understand procedures, additional error handling and better error
messages.
A resolve_url method has been added to the NavigatorBackend trait. It
takes a URL and and resolves it to the actual URL from which a file can
be fetched (including handling of relative links and pre-processing). It
has been implemented in each NavigatorBackend implementation.
Duplicated code has been put into new public functions in
core/src/backend/navigator.rs which are called by all NavigatorBackend
implementations.
ExternalNavigatorBackend:
- The navigate_to_url and fetch methods have been adapted to use
resolve_url, removing redundant code.
- Error handling has been added in case that the URL can't be converted
to a PathBuf.
- A TODO about differences between the flash player fetch and the
Ruffle fetch implementation has been added.
WebNavigatorBackend:
- The previous resolve_url method exclusively to the WebNavigatorBackend
has been replaced by the new resolve_url method. It is used by
navigate_to_url and fetch.
- resolve_url now always pre-processes the URL if it's valid (even if no
base_url exists) and explicitly returns whether the URL can be parsed.
- navigate_to_url now traces an explanatory error each if the URL can't
be parsed or is local.
- fetch now returns an explanatory error each if the URL can't be parsed
or is local (previously, a vague "Got JS error" has been returned).
TestNavigatorBackend & NullNavigatorBackend:
- fetch pre-processes the URL now (using the resolve_url implementation).
- If the URL isn't local, an explanatory error is returned (previously,
it was just an "Invalid URL" error).
- If the URL can't be parsed, an explanatory error with the reason is
returned (previously, it was just an "Invalid URL" error).
Additionally, error messages in all NavigatorBackend implementations
have been improved and made more consistent, e.g. if a local file can't
be read.
Previously, the MovieClip error state contained one TODO in order to be
completely implemented: The HeaderExt variable uncompressed_len needs to
be -1 in the error state, but its type has been u32.
The type has now been changed to i32, and the variable is set to -1 in
the default_error_header function. Therefore, the MovieClip error state
is now fully implemented.
Other connected functions and variables like SwfMovie::uncompressed_len
or MovieClip::total_bytes have been adjusted to this type change. Code
has been adjusted if needed where this value is used.
A load_error_swf function has been added to the Loader. It makes the
MovieClip enter the error state in which some attributes have certain
error values to signal that no valid file could be loaded. This happens
if no file could be loaded or if the loaded content is no valid
supported content.
The function creates an error state movie stub using the new
SwfMovie::error_movie function (which uses a new default_error_header
function) and configures remaining variables with the
movie_not_available method.
One TODO in order for the error state to be completely implemented has
been added.
Since the error state of the MovieClip includes the final URL of the SWF
file obtained after any redirects, the load_error_swf and
movie_loader_error functions (now) take an swf_url attribute.
To get this URL in case no file could be loaded, the
NavigatorBackend::fetch method has been changed to return an
ErrorResponse struct (including the url and the actual error) in the
error case. The Response struct returned in the success case has been
renamed to SuccessResponse.
All fetch implementations have been adapted accordingly. Code has been
adjusted to return the actual error where that's needed.
Documentation has been added and improved.
When using a 'Loader', properties on the 'contentLoaderInfo' become
set during specific events in the load sequence. In particular,
'LoaderInfo.bytesTotal' becomes available during the first 'progress'
event.
Also, 'LoaderInfo.parameters' is now properly set from the URL query
parameters. In Flash player, this work even with filesystem urls
(e.g. 'file:///some/path/to/file.txt?paramOne=valOne' will load
a file named 'file.txt', setting and expose the parameter 'paramOne'
with value 'valOne' in `LoaderInfo.parameters`). This required some
cleanup to the desktop and test NavigatorBackend impls to strip
out query parameters when loading a parameter from disk.
Previously, we would set `SwfMovie.parameters` manually from the url.
Now, the various `SwfMovie` constructors automatically extract
query parameters from the provided url. Outside of `SwfMovie`,
we only append *extra* parameters (e.g. those set from `flashvars`).
This makes CPMStar ads work, since the loaded SWF needs to access
`LoaderInfo.parameters`
These are directly set on the underlying navigator's HTTP
request type, and get printed out in our test navigator backend.
No validation of the header names is performed - on web, this will be
enforced by the browser.
Upon panic, `Ruffle::destroy()` attempts to mutably borrow the
thread-local `instances`. However, when a panic occurs, `instances`
is already immutably borrowed by `Ruffle::with_core_mut()`. This
causes the cleanup logic in `Ruffle::destroy()` to be skipped
altogether, and as a consequence the animation handler continues
to be fired, ultimately failing to borrow `instances` repeatedly.
Each time a borrow fails, a console error is logged.
Fortunately the fix is extremely easy - `Ruffle::with_core{,_mut}`
used to `drop(instance)` before running any potentially-panicking
logic, exactly for the reason explained above. But those functions
don't `drop(instances)`, which is subject to the same double-borrow
risk. So as a fix simply add `drop(instances)` in both functions.
With this fix, "Unable to lock Ruffle core" is logged on panic only
twice. These logs require further research, and will be avoided in
a future PR.
The suggested changes to the navigate_to_url handling in the feedback to
the pull request have been implemented.
Therefore, this commit consists of multiple smaller changes:
1. The allow_javascript_calls variable has been removed (as a CLI
argument and in the navigator). Javascript calls are now always denied
on desktop. This is because setting the argument was useless; no
javascript was executed in any case, at most, just a browser tab opened.
Therefore, it makes no sense to include this option.
2. The NavigateWebsiteHandlingMode default value has been provisionally
changed from Confirm to Allow. In the future (after a GUI toolkit has
been added), the default confirmation windows should include a "Save
this preference" checkbox.
3. The NetworkingRestrictionMode enum has been renamed to
NetworkingAccessMode since the previous naming was counter-intuitive.
4. The NavigateWebsiteHandlingMode enum (and variables related to it)
have been renamed to OpenURLMode to simplify the name.
5. The documentation has been improved.
The networking API restrictions imposed by the allowNetworking parameter
& attribute have been added and partially implemented.
A new NetworkingRestrictionMode enum has been added to Ruffle (in Rust
and Typescript). It contains the values "All", "Internal" and "None" and
models the possible values of the allowNetworking parameter / attribute.
All means that all networking APIs are permitted in the SWF file,
Internal means that the SWF file may not call browser navigation or
browser interaction APIs and None means the same and that the SWF file
cannot use any SWF-to-SWF communication APIs either.
A respective allowNetworking variable has been added to the JS config.
Its default value is All.
Ruffle now recognises the allowNetworking parameter and attribute in the
SWF HTML object and parses it and sets the config variable
correspondingly if it's recognised.
Only if the variable is set to All, the external interface (responsible
for javascript calls in AS3) is created. Additionally, the variable is
given to the WebNavigatorBackend and saved in it. The navigator denies
all navigate_to_url calls if the variable hasn't been set to All.
Therefore, the API restrictions imposed by setting allowNetworking to
internal or none have been partially implemented.
Formatting has been improved.
New configuration options (changing the navigate_to_url call handling)
have been added. The default behaviour has been changed as well.
A NavigateWebsiteHandlingMode enum has been added to Ruffle (in Rust and
Typescript). It contains the values "Allow", "Confirm" and "Deny" and
describes how navigate_to_url website calls should be handled. Allow
means that all website calls are allowed, Confirm means that a
confirmation window opens with each website call and Deny means that all
website calls are denied.
A respective navigate_website_handling_mode variable has been added to
the desktop CLI and to the JS config. The default value is "Confirm" in
each. The variable is given to the navigator (ExternalNavigatorBackend
or WebNavigatorBackend, depending on the platform) and is saved in it.
On each navigate_to_url website call, the respective navigator is now
checking navigate_website_handling_mode and acts correspondingly (allows
it, opens a confirmation window or denies it).
This changes the default behaviour of Ruffle from allowing all website
calls to opening a confirmation window with each website call.
On Safari, the confirm window can cause the background music to stop,
but this seems to be an issue with Safari.
Closes#838.
Additionally, an allow_javascript_calls variable (which defaults to
false) has been added to the desktop CLI. The variable is given to the
desktop navigator and is saved in it.
If a navigate_to_url javascript call is executed on desktop, the
navigator is now checking allow_javascript_calls and acts
correspondingly (allows it or denies it).
This changes the default behaviour of Ruffle on desktop to not allowing
javascript calls.
Closes#9316.
The option 'max_execution_duration' previously only supported
the type '{secs: number, nanos: number}'. Now it also supports
using floating point numbers (and integers).
Default values have been changed to use floating point numbers.
Nathan Adams