It's the first step of implementing the security sandbox and its
filesystem/network separation policy.
Before that Ruffle assigned `localTrusted` sandbox type for
all movies except web, where `remote` was used.
The sandbox type also was assigned to the player,
and not SWFs as it should.
This patch does not introduce any sandbox policies based
on the sandbox type, just the proper sandbox type detection.
It is also not possible to specify trusted movies,
and AIR applications don't use the `application` type yet.
This patch changes the definition of KeyCode from an enum,
which was constraining the possible key codes, to a struct with
a u32 field, which covers all possible cases of a key code.
Key codes in Flash are not related to the physical buttons,
but rather to logical button values.
For instance, typing a non-ASCII key produces a key code related
to that character, and using a non-ANSI keyboard or a layout different
from US QWERTY also produces results matching that assumption.
Copying text creates a temporary textarea which is selected and focused.
In order to preserve the focus of Ruffle, we need to move the focus
into the container before removing the temporary textarea.
This patch integrates the virtual keyboard with the newly added focus
management and removes Android-specific code, instead using generic
logic which takes advantage of improved focus support in SWFs.
This patch changes how the player focus is managed.
Before this patch, `instance.has_focus` was unrelated
to the current focus managed by the browser.
When the user clicked anywhere on the window, it was set to `false`,
and when the user clicked on the player, it was set to `true`.
This had two major issues.
1. When the user clicked on the player, `has_focus` was set to `false`,
and then again to `true`. That was problematic when listening
to focus change events.
2. Not using browser's focus makes it harder to integrate with Ruffle,
i.e. tab out of Ruffle.
This patch uses browser's focus management to detect focus
and listen to focus events:
1. on `focusin` – FocusGained event is fired,
2. on `focusout` – FocusLost event is fired, and
3. on `pointerdown` – focus is manually set to the canvas.
The container has `tabindex` set to -1 in order to be focusable.
Virtual keyboard on web is represented as an input inside the container.
In order to preserve player focus when virtual keyboard is open,
this patch ensures that the container is focused and not the canvas.
This way, when the input is focused, the container does not lose its focus.
We use 'wasm-bindgen-futures' as our futures executor on web, which
in turn uses 'queueMicroTask'. This can result in the browser executing
one of our futures while we're still inside our `requestAnimationFrame`
callback (in particular, while we still have the `Player` mutex locked).
We now detect this condition by attempting the lock the Player mutex
inside of our `spawn_local` future. If this fails, we `await`
a `setTimeout`-based promise, which ensures that our code runs in
a new top-level `setTimeout` javascript 'task' (outside of our
`requestAnimationFrame` callback).
Turns out that an object isn't 'instanceof Object' in Firefox, if it was made from another window/process/tab/whatever. In this case, that meant that Ruffle always thought it was null because wasm-bindgen relies on 'instanceof Object'
This patch changes how the player focus is managed.
Before this patch, `instance.has_focus` was unrelated
to the current focus managed by the browser.
When the user clicked anywhere on the window, it was set to `false`,
and when the user clicked on the player, it was set to `true`.
This had two major issues.
1. When the user clicked on the player, `has_focus` was set to `false`,
and then again to `true`. That was problematic when listening
to focus change events.
2. Not using browser's focus makes it harder to integrate with Ruffle,
i.e. tab out of Ruffle.
This patch uses browser's focus management to detect focus
and listen to focus events:
1. on `focusin` – FocusGained event is fired,
2. on `focusout` – FocusLost event is fired, and
3. on `pointerdown` – focus is manually set to the canvas.
The canvas has `tabindex` set to -1 in order to be focusable.
If System#useCodepage has been set to true, the form loader now uses the
encoding specified in the HTTP response content type field, if existing,
to decode remote text files. chardetng is now (only) used if the HTTP
response doesn't specify any encoding or if the file is local.
Ruffle does not have direct clipboard access on web, so the current
paste implementation from the context menu does not work.
This patch intercepts the paste context menu callback,
and uses the Clipboard API to ask the browser for the clipboard
and update it before calling the callback.
When the Clipboard API is not available or the user denies
clipboard permission, a modal informing the user about
cut, copy, paste shortcuts is displayed.
This modal informs the user that they can use shortcuts
for copy, cut, and paste instead of using the context menu.
This modal is meant to be displayed when the browser
does not support reading the clipboard,
or the user denies permission to the clipboard.