SerenityOS
LibWeb: Browser hangs on https://infinitybots.gg
URL: https://infinitybots.gg [this is my website
Ladybird currently runs out of memory and hangs without rendering fonts correctly (nextjs fonts). Also layout seems broken
- certificate expired (expiry date 2023-09-30 04:20:49) Certificate for by is invalid, things may or may not work!
seems like ladybird isnt getting certificates correctly
- htmlscriptelement is a bit too strict:
HTMLScriptElement: Refusing to run script because the type '04f963fb78cc8af4e291c809-text/javascript' is not recognized.
Perhaps it should just look for/match for a text/javascript extension
Funding
Unfortunately cant provide funding but it would be nice if my site could work on ladybird in some capacity one day...
also htmlscriptelement is a bit too strict:
HTMLScriptElement: Refusing to run script because the type '04f963fb78cc8af4e291c809-text/javascript' is not recognized.
Perhaps it should just look for/match for a text/javascript extension
That doesn't seem to be valid according to the spec but other browsers do accept it for some reason. :thinking:
also htmlscriptelement is a bit too strict: HTMLScriptElement: Refusing to run script because the type '04f963fb78cc8af4e291c809-text/javascript' is not recognized. Perhaps it should just look for/match for a text/javascript extension
That doesn't seem to be valid according to the spec but other browsers do accept it for some reason. 🤔
Yeah...
Unfortunately, it seems like legit everyone does stuff like this. From NextJS to even SvelteKit apparently
Tho sveltekit has other issues
Do you know where in SvelteKit or NextJS they configure the mime type to this <hash>-text/javascript type? I feel like this needs at least an issue on https://github.com/whatwg/mimesniff . It's possible the spec folks don't even know that popular frameworks are doing this. That being said, the best way to make your website work in ladybird is to submit your own patch to our MIME sniffing code rather than posting on the issue asking for updates :)
there must be something else going on here, because in this test page, accepted is only printed once in firefox and chrome.
<script type="25d5d741675afcfa4e70635a-text/javascript">
console.log("accepted");
</script>
<script type="text/javascript">
console.log("accepted");
</script>
Your page is definitely loading script elements with a type attribute of <hash>-text/javascript in ladybird. Are you sure they're being loaded like that on other browsers? Or are there other hooks that your framework is using that manipulates the script elements before inserting them into the document? It's very likely we're missing some other web platform feature that you're relying on.
Looking at Blink, Chromium very clearly doers not accept type attributes that don't match this list:
Looking at the DOM inspector in Firefox,
<script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js" type="34d045ac436c8420f5068724-text/javascript"></script>
in the source is becoming
<script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js" type="text/javascript"></script>
in the actual DOM. So yeah, something is modifying it.
Looking at the DOM inspector in Firefox,
<script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js" type="34d045ac436c8420f5068724-text/javascript"></script>in the source is becoming<script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js" type="text/javascript"></script>in the actual DOM. So yeah, something is modifying it.
I've seen something similar before.. it was a cookie consent mechanism that fixed all the broken <script type> values only after you had consented to cookies. Could that be what's going on here?
Looking at the DOM inspector in Firefox,
<script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js" type="34d045ac436c8420f5068724-text/javascript"></script>in the source is becoming<script defer="" crossorigin="" nomodule="" src="/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js" type="text/javascript"></script>in the actual DOM. So yeah, something is modifying it.I've seen something similar before.. it was a cookie consent mechanism that fixed all the broken
<script type>values only after you had consented to cookies. Could that be what's going on here?
Unlikely but possible. I use a custom cookie consent that saves to localStorage so it shouldn't be. Also, I don't control the polyfills-*.js as thats generated by Next.js/next-pwa/next-themes
Wait, I think frameworks like sveltekit/nextjs are using hash-text/javascript as a way to do deferred script execution:
<script type="15e147b0779322a2e626afdd-text/javascript">
{
__sveltekit_20dso = {
base: new URL(".", location).pathname.slice(0, -1),
env: {}
};
const element = document.currentScript.parentElement;
const data = [null,null,null];
Promise.all([
import("./_app/immutable/entry/start.c020c916.js"),
import("./_app/immutable/entry/app.185f448f.js")
]).then(([kit, app]) => {
kit.start(app, element, {
node_ids: [0, 2, 4],
data,
form: null,
error: null
});
});
}
</script>
This is the SvelteKit javascript that it injects into the JS. I bet theres more JS to change the type or something to text/javascript to then execute this javascript but this JS isnt running for SvelteKit
Also for nextJS, checked the console logs and it turns out the site actually works perfectly fine on ladybird other than fonts (hurray!), just very slowly so i thought it was a ladybird error
Should I close this issue though, given the original site actually does work (just really really slowly)
Nevermind, I updated serenity to latest commit and got a nice crash:
VERIFICATION FAILED: has<T>() at /Users/frostpaw/serenity/Meta/Lagom/../../AK/Variant.h:394
0 liblagom-core.0.0.0.dylib 0x0000000105218b44 ak_verification_failed + 216
1 liblagom-tls.0.0.0.dylib 0x00000001050964c4 TLS::TLSv12::flush() + 456
2 liblagom-tls.0.0.0.dylib 0x00000001050962a8 TLS::TLSv12::write_into_socket() + 68
3 liblagom-tls.0.0.0.dylib 0x00000001050926ec TLS::TLSv12::write_packet(AK::Detail::ByteBuffer<32ul>&) + 180
4 liblagom-tls.0.0.0.dylib 0x00000001050951a4 TLS::TLSv12::write_some(AK::Span<unsigned char const>) + 404
5 liblagom-core.0.0.0.dylib 0x000000010523a9a8 AK::Stream::write_until_depleted(AK::Span<unsigned char const>) + 116
6 liblagom-http.0.0.0.dylib 0x0000000104e62aac HTTP::Job::on_socket_connected() + 164
7 liblagom-core.0.0.0.dylib 0x00000001051f444c AK::Function<void ()>::operator()() const + 84
8 liblagom-core.0.0.0.dylib 0x00000001051f444c AK::Function<void ()>::operator()() const + 84
9 liblagom-core.0.0.0.dylib 0x000000010520e604 Core::ThreadEventQueue::process() + 364
10 liblagom-core.0.0.0.dylib 0x00000001051edd28 Core::EventLoopImplementationUnix::exec() + 44
11 liblagom-core.0.0.0.dylib 0x00000001051ecaf8 Core::EventLoop::exec() + 80
12 RequestServer 0x0000000104933518 serenity_main(Main::Arguments) + 392
13 RequestServer 0x000000010495543c main + 216
14 dyld 0x0000000185a49058 start + 2224
ResourceLoader: Finished load of: "https://spider.infinitybots.gg/platform/user/606279329844035594?platform=discord", Duration: 12088ms
Time to try reproducing it
That bug is fixed by https://github.com/SerenityOS/serenity/pull/21697. (I think, anyway). Does the script error still happen with it applied?
It got worse now: ResourceLoader: Failed load of: "https://spider.infinitybots.gg/bots/@index", Error: Load failed: 200, Duration: 697ms SIGPIPE