Eliminate duplicate Layout DOM wrappers

There are duplicate sets of Layout DOM wrappers: one for Layout 2013 and
one for Layout 2020. As part of cleaning up and simplifying the
wrappers, this change parameterizes them on the specific layout data
they contain. This allows them to be shared again. In addition, various
small cleanups are included.

Fixes #29691.

1 files changed, 32 insertions, 0 deletions

diff --git a/components/script/layout_dom/mod.rs b/components/script/layout_dom/mod.rs
new file mode 100644
index 00000000000..0a7c951c7d2
--- /dev/null
+++ b/components/script/layout_dom/mod.rs
@@ -0,0 +1,32 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/. */
+
+//! A safe wrapper for DOM nodes that prevents layout from mutating the DOM, from letting DOM nodes
+//! escape, and from generally doing anything that it isn't supposed to. This is accomplished via
+//! a simple whitelist of allowed operations, along with some lifetime magic to prevent nodes from
+//! escaping.
+//!
+//! As a security wrapper is only as good as its whitelist, be careful when adding operations to
+//! this list. The cardinal rules are:
+//!
+//! 1. Layout is not allowed to mutate the DOM.
+//!
+//! 2. Layout is not allowed to see anything with `LayoutDom` in the name, because it could hang
+//!    onto these objects and cause use-after-free.
+//!
+//! When implementing wrapper functions, be careful that you do not touch the borrow flags, or you
+//! will race and cause spurious thread failure. (Note that I do not believe these races are
+//! exploitable, but they'll result in brokenness nonetheless.)
+
+#![allow(unsafe_code)]
+
+mod document;
+mod element;
+mod node;
+mod shadow_root;
+
+pub use document::*;
+pub use element::*;
+pub use node::*;
+pub use shadow_root::*;