This repository contains the version of Chromium used by Bloomberg, along with all the modifications made by Bloomberg in order to use it in our environment.
This repository serves a couple of purposes for us:
-
Provide a trimmed snapshot of the Chromium tree A typical Chromium checkout is about 3GB and fetches code from several different repositories. Most of that code is not used by Bloomberg (we only use the
test_shellportion of Chromium).Our checkout is about 260MB, and this all comes from a single repo, which makes it much easier for us to use internally.
-
Provide a space for us to make/publish changes We have made a bunch of changes to different parts of Chromium in order to make it behave the way we need it to. Some of these changes are bugfixes that can be submitted upstream, and some of them are just changes that we specifically wanted for our product, but may not be useful or desirable upstream. Each change is made on a separate branch. This allows us, at release time, to pick and choose which bugfixes/features we want to include in the release.
Note that while most of our bugfixes are not submitted upstream, it is our intention to submit as many bugfixes upstream as we can.
The structure of this repository is somewhat unconventional, but it serves our
purpose well. The master branch is not really used (it is actually used by
an internal buildbot, but is otherwise not very useful).
Our real entry points are the snapshots we get from upstream. We tag each of
these snapshots using the format upstream/<channel>/<version>, for example:
upstream/stable/21.0.1180.60.
Each tag we snapshot is committed on top of the tag for the previous version. This essentially forms a linear branch of upstream versions.
All our bugfix/ and feature/ branches are based off one of these tags. The
version number of the base tag is appended to the name of the branch, for
example: bugfix/offsetleft/19.0.1084.52 is based off the tag
upstream/stable/19.0.1084.52.
When we make a release, we first decide which upstream tag to base the release
from. Our merge tool then selects the branches corresponding to that version,
and also includes the branches from any previous versions. For example, when
making a release based on 19.0.1084.52, we also include branches that were
based on 18.0.1025.162, but not branches that were based on 20.0.1132.47.
Sometimes, conflicts arise when we merge branches that were based on older
versions, due to other changes from upstream. For example,
bugfix/offsetleft/19.0.1084.52 does not apply cleanly over
upstream/stable/20.0.1132.47. To resolve this, a new branch is created
called bugfix/offsetleft/20.0.1132.47, based off
upstream/stable/20.0.1132.47, and the previous branch
bugfix/offsetleft/19.0.1084.52 is merged and the conflicts are resolved in
the new branch. This way, the merge tool we use during releases can work
autonomously to pickup our offsetleft changes.
- Checkout one of the upstream tags (you should pick the latest version).
- Open
chromium/src/webkit/webkit.sln. This is the generated solution file fortest_shellafter runninggclient syncon the original Chromium checkout. - Build the
test_shellproject - Now you can start merging branches that you're interested in (see branch descriptions below).
- Each branch introduces a specific fix, which you can test by running
test_shellagainst the URL provided in the branch description.
This section will describe each branch and what changes they introduce. Note that some of these changes have been contributed upstream. Our intention is to contribute as many changes upstream as possible so that we do not have to maintain these branches in our repository.
However, we realize that some of these changes are made in order to adjust the
behavior of our own product, and may not be desirable/applicable to the general
web. For example, the way the <delete>/<backspace> keys work inside table
cells, the way indenting/outdenting of list items work, etc. Therefore, we
will probably not be able to send everything upstream.
TODO
TODO
This bug can be reproduced in http://jsfiddle.net/t2wNK/
Open this link in Chrome, and put the cursor between 'T' and 'e' in "Testing", and hit backspace twice. The rest of the text will go into the last cell.
It is unclear whether this is a bug that can be upstreamed or not, because the comment in the code specifically mentions that this is the intended behavior, and has been since at least 2007. However, we changed this behavior in our product to match what Firefox does, which is to make the second backspace a no-op.
This bug can be reproduced in http://jsfiddle.net/FRu9k/
Open this link in Chrome, click the yellow div and hit <enter> a bunch of
times. Then <shift>+<up> a bunch of times. Each time you press <up>,
the result of queryCommandValue('bold') changes inconsistently.
TODO
This bug can be reproduced in TODO
Open this link in Chrome and keep resizing the window. You will see that the table cells get split when they reach column boundaries.
This is a rather complicated patch and requires a bunch of additional work before it can be sent upstream.
The purpose of this branch is simply to cleanup the ton of compiler warnings we get when building Chromium in Visual Studio. Most of these warnings are benign, so we simply just disable them.
This bug can be reproduced in http://jsfiddle.net/dQtQv/
Open this link in Chrome, then select some text from another tab, and try to
drag it into the editable div. Before you drop, you will see a caret at the
place where the text should go. When you drop however,
event.preventDefault() is called, so the text does not get inserted.
However, the drag caret remains visible.
bugfix/cleartypecanvas (Shezan Baig; D32281407; upstream: 86776)
This bug can be reproduced in TODO (canvas_text.html)
Open this link in Chrome, and notice that the canvas element does not use
ClearType fonts even though subpixel-antialiased is used.
Note that when painting to an ImageBuffer, Chromium disables ClearType even
if it is the default on the system. However, in our case, we are explicitly
requesting it in the document, so this change makes Chromium honor the
-webkit-font-smoothing setting if it is requested explicitly.
Note that there are two distinct changes introduced by this branch:
-
The
-webkit-font-smoothingsetting has no effect in Windows for Skia. This is the change that is being tracked upstream by WebKit bug 86776. -
Don't disable ClearType on
ImageBufferif it was explicitly requested. This is not yet being tracked upstream.
TODO
This bug can be reproduced in TODO
It is somewhat hard to reproduce, the window height needs to be just about right.
Open this link in Chrome, and hit Enter until the cursor is at the last possible line where the scrollbar does not appear. Make sure there is just enough space for about half a line more.
Now keep typing on this line, letting it word-wrap which causes the scrollbar to appear. Keep doing this for a few lines. You will notice that on some lines (usually the second or the third, then every alternating line after that), the scrollbar does not scroll down completely.
In our product, there is an overlay around the RTE of about a couple of pixels.
The purpose of the padding on the contenteditable was to prevent this overlay
from covering the text. However, since the bottom of the text was right
against the border of the content-editable, this was causing the descent of
some characters to be obscured.
We "fixed" this in this branch by inflating the reveal rect by about half the cursor height, showing more "context" when moving up and down in a scrollable contenteditable. However, a proper fix would be to make the last line scroll completely, taking the padding into account. We haven't gotten around to this yet.
TODO
This bug can be reproduced in TODO
Open this link in Chrome, and position the cursor before the logo. Indent the image twice, then outdent the image twice. There will be one level of indentation still left.
bugfix/emptycellcaret (Shezan Baig; upstream: 85385)
This bug can be reproduced in http://jsfiddle.net/wceLA/
Open this link in Chrome, and put the caret inside an empty table cell. The
caret's y-position is outside the table-cell.
TODO
bugfix/fixFlexRounding (Shezan Baig; upstream: 92163)
The purpose of this branch is to pull an upstream bugfix into our version of Chromium, which lags behind the latest upstream version by quite a bit.
bugfix/flexReplaced (Shezan Baig; D34372405; upstream: 94237)
This branch fixes an issue where replaced elements were not stretching properly inside flexboxes. It has been submitted upstream, so it cannot be reproduced in Chrome anymore.
This bug can be reproduced in TODO
Open the link in Chrome, and zoom the page in and out. The content outside the
iframe zooms, but the content inside the iframe does not zoom.
This bug can be reproduced in TODO
Open the link in Chrome. The IMG element does not scale properly.
The issue is that the logic that determines the image resampling mode (no resampling vs linear resampling) doesn't take into account the transformed rectangle when a CSS scale has been applied.
Note: When testing this branch with an SVG gile, you may also need the changes
in the bugfix/svgscale branch in order for the fix to work correctly.
This bug can be reproduced in TODO
Open the link in Chrome. The "Hello" text will be selected on load. Each time you indent the text, the "Hello" will get duplicated.
bugfix/justifyprewrap (Shezan Baig; D31916947; upstream: 84448)
This bug can be reproduced in TODO
Open the link in Chrome. The second paragraph will not be justified, even
though text-align: justify is specified.
There is an upstream ticket for this issue, but it calls for a much more
comprehensive fix than what was done in this branch. In this branch, we just
enable the existing justification logic in elements that have
whitespace:pre-wrap specified, but the upstream ticket calls for modification
to the justification logic itself to match how Microsoft Word software works.
bugfix/listMarkerAlignment (Shezan Baig; D37088493; upstream: 21709)
This bug can be reproduced in TODO
Open the link in Chrome. The list markers are all left-aligned, even though
the second and third li elements are not.
Note: This branch has been miscategorized as a bugfix, it is actually a feature that we wanted specifically for our product, so it is unlikely that we will send this upstream.
This branch makes it so that the font used for the list marker will be the same as the first character in the list item.
Note: This branch has been miscategorized as a bugfix, it is actually a feature that we wanted specifically for our product, so it is unlikely that we will send this upstream.
This branch makes it so that list markers are not highlighted when the list item is selected. This matches the behavior in Firefox and Microsoft Word software.
TODO
This bug can be reproduced in TODO
Open the link in Chrome. The contents of the table will be selected on load.
Hit the "List" button multiple times. Each click executes the
insertOrderedList command.
On every second click, the table will move down.
Note: This branch has been miscategorized as a bugfix, it is actually a feature that we wanted specifically for our product, so it is unlikely that we will send this upstream.
This branch removes the assumption that every V8 context has a DOMWindow
associated with it. This is necessary for our product because we have multiple
V8 contexts living in the same process that need to share data with each other.
Note: This branch has been miscategorized as a bugfix, it is actually a feature that we wanted specifically for our product, so it is unlikely that we will send this upstream.
This branch makes it so that hitting <backspace> when the cursor is at the
beginning of a table cell will be a no-op. The default behavior in WebKit is
to move into the previous cell and start deleting from there.
Note: This branch has been miscategorized as a bugfix, it is actually a feature that we wanted specifically for our product, so it is unlikely that we will send this upstream.
This branch makes it so that hitting <delete> when the cursor is at the end
of a table cell will be a no-op. The default behavior in WebKit is to move
into the next cell and start deleting from there.
TODO
bugfix/outdentWithBR (Shezan Baig; upstream: 92130)
This bug can be reproduced in https://bug-92130-attachments.webkit.org/attachment.cgi?id=154080
Open the link in Chrome. The block will be outdented on load. However, there are now a bunch of empty lines added in between.
TODO
TODO
TODO
TODO
TODO
bugfix/rowOutlines (Shezan Baig; D34115441; upstream: 94007)
The purpose of this branch is to pull an upstream bugfix into our version of Chromium, which lags behind the latest upstream version by quite a bit.
This bug can be reproduced in TODO
It is somewhat hard to reproduce, the window size needs to be just about right.
Open the link in Chrome, and resize the window so that new outer scrollbars appear over the existing scrollbars of the iframe. Then resize it just a little smaller. Then use the mouse wheel to scroll the contents of the iframe.
If the window is sized just right, you will see that only a portion of the iframe scrolls. This is because the clipRect is not being calculated correctly due to the scale transform being applied.
TODO
bugfix/selrectantialias (Shezan Baig; D32113976; upstream: 87157)
This bug can be reproduced in TODO
Open the link in Chrome. You will see "gaps" between the lines and the spans on the first line.
The issue is that the selection highlight is drawn for each text run with anti-aliasing on. This causes "gaps" to appear around the edges where the filled rects got blended. The solution was to simply turn off anti-aliasing when filling selection rects.
Note: This branch has been miscategorized as a bugfix, it is actually a feature that we wanted specifically for our product, so it is unlikely that we will send this upstream.
This branch makes it so that spell-checking is performed when the document is loaded. WebKit's original behavior was to perform spell-check when the user makes a change to the document.
bugfix/svgscale (Shezan Baig; D32353761; upstream: 85335)
This bug can be reproduced in TODO
Open the link in Chrome. When a SVG file is used as a css background, or in
an img element, it does not scale properly. It only scales properly when
used in an embed element.
bugfix/tablecellpaste (Shezan Baig; upstream: 53933)
This bug has been fixed upstream, so is no longer reproducable in Chrome. The issue was that pasting text into a table cell would paste the text into the next cell instead.
TODO: The upstream fix was actually made in WebKit bug 75004. We should be using that fix instead of our own.
bugfix/tooltip_refresh (Shezan Baig; upstream: 84375)
This bug can be reproduced in http://jsbin.com/omahe3
Open the link in Chrome. Each line has a tooltip set. However, when the first tooltip shows up, and you move the mouse away from it, it doesn't move the tooltip to the element where the mouse is.
TODO
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
This branch fires two new events aftercut and aftercopy which have
read/write access to the clipboard representation. This allows us to intercept
the state of the clipboard after WebKit has populated it and make any tweaks.
This is useful for selectively overriding some copy/paste behaviour with
minimal JS code.
TODO
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
We needed extra control over the proxy server configuration that's used by
the SimpleResourceLoaderBridge. This branch makes it possible to supply a
custom net::ProxyConfigService so we can provide our own settings
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
We needed extra control of the color of the document markers (i.e. the squiggly lines for spelling errors etc). WebKit hardcodes spelling errors to red, grammar errors to green. This branch makes it possible for us to specify the color from the document.
TODO: make this a CSS property instead of a DOM attribute.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
We needed support for listing/reading/writing on the local filesystem. For the
local filesystem writer, we need a reference to the blob storage controller so
that we can get the blob data. A reference to the blob storage controller can
be retrieved from the TestShellRequestContext. This commit makes it possible
for us to get a reference to the TestShellRequestContext from the
SimpleResourceLoaderBridge.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
This branch adds an API to control the font smoothing selection because the product relies on its own custom setting and not the OS default.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
This branch adds IndentBB and OutdentBB commands that make indenting and
outdenting of list items behave closer to how it works in MS Word.
TODO: The code for this is very messy, it needs to be cleaned up.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
We needed to modify the behavior of the InsertHTML command. The WebKit
behavior is to prevent the inserted HTML from being nested inside style spans.
This branch adds InsertHTMLNested command that allows the HTML to be nested
inside style spans.
TODO
TODO
This bugfix addresses an issue when rendering:
<div contenteditable="true">aaaa<div>bbcc</div></div>
when the width of the browser is such that the "aaaa" takes up the whole line. Selecting and copying "aaaa" inbetween "bb" and "cc" will cause the "cc" to disappear.
The disappearance of "cc" is caused by a invalid memory access and may possibly lead to memory corruption. The root cause of the problem is that the new-line character after the source content is assumed to take some space (4 pixels) when it in fact doesn't take any space since it's at the end of the line. This miscalculation causes the final midpoint to not be placed and so makes it impossible to compute the trailing whitespace string.
The missing trailing whitespace string causes the midpoint to not be placed
between the pasted content and the new-line character. Since the new-line
character is part of the paragraph instead of being a separate node, the
new-line is never removed by removeUnrenderedTextNodesAtEnds(). This
causes the endOfParagraph() to return a reference to the new-line character
instead of the actual end of the pasted content. At a later point,
ReplaceSelectionCommand::mergeEndIfNeeded makes an assuption that there is
a character after the end of paragraph, which is an invalid assumption now.
This leads to an invalid memory access and sometimes causes some nodes to
disappear.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
When using the multicolumn feature, there is a way to make an element span
across all columns (-webkit-column-span: all).
However, we needed a way to span across a specified number of columns, (e.g.
-webkit-column-span: 2). Once CSS Regions have matured (WebKit bug
57312), we should be able to
use Regions to achieve this effect, then we can get rid of this branch.
However, we needed this one specific feature immediately, so this branch just
hacks it in.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
This branch makes it so that we don't need to use the MicrotaskSuppression
guard whenever our product invokes Javascript. Our product uses V8 for
non-WebKit related code. Having to use the MicrotaskSuppression guard would
introduce WebKit dependency on our non-WebKit related code.
This bugfix addresses a misinterpretation of the 4th byte of a 32-bit uncompressed BMP image with a v1 header. As per the specification, "The high byte in each DWORD is not used". Prior to this change, this byte was assumed to be unused if its value remained unchanged but interprets it as the alpha channel if its value changes throughout the image data. This fallback behavior may cause problem for some users if the BMP image was created by an encoder that copied uninitialize values into the 4th byte of every pixel.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
This branch makes it so that when text is selected inside a contenteditable, and then a style is applied on that text, the original selection direction would be preserved.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
This branch just adds a print menu item to test_shell.
feature/resetCachedGDISettings (Shezan Baig; D31921707, upstream: 86891)
Skia caches GDI settings like ClearType, so when these settings change (for example, after remoting to a different machine, or manually changing it in the system settings), the app does not pick up the new setting.
This branch adds a way to reset this cache. There is also an upstream ticket, however, this is not so much of an issue for Chrome because Chrome just creates new processes for each tab, so it picks up the new setting that way.
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
This is just a small change to use V8 in a separate DLL.
TODO
This is a feature we needed in our product, so it is unlikely that we will send this upstream.
We needed a way to start up the inspector and the timeline before loading the
main document. This change allows us to get a notification when the
devtools.js has completed processing a batch of messages. The first
notification tells us that the inspector has processed all of the
initialization messages and so we can continue to inject JS to kick start the
timeline and to start loading the main document.
The following branches exist in our repository, but have been retired (either because the changes are available in our latest upstream snapshot, or because we simply no longer need the changes for our product).
TODO
bugfix/indentLink (Shezan Baig; D32418391; upstream: 87428)
TODO
bugfix/offsetleft (Shezan Baig; upstream: 34875)
TODO
TODO
bugfix/typingStyleAfterDelete (Shezan Baig; D32879084; upstream: 82401)
TODO
TODO
Retired in favor of feature/virtualAllocHooks.
Retired in favor of bugfix/nonWindowContexts.