Add ENABLE_WEBASSEMBLY feature flag for WebAssembly
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2015-07-22  Sukolsak Sakshuwong  <sukolsak@gmail.com>
2
3         Add ENABLE_WEBASSEMBLY feature flag for WebAssembly
4         https://bugs.webkit.org/show_bug.cgi?id=147212
5
6         Reviewed by Filip Pizlo.
7
8         No new tests.
9
10         * Configurations/FeatureDefines.xcconfig:
11
12 2015-07-22  Tim Horton  <timothy_horton@apple.com>
13
14         Try to fix the build
15
16         * platform/spi/cocoa/QuartzCoreSPI.h:
17
18 2015-07-22  James Savage  <james.savage@apple.com>
19
20         Use updated CoreAnimation snapshot SPI.
21         https://bugs.webkit.org/show_bug.cgi?id=147197
22         <rdar://problem/21032083>
23
24         Reviewed by Tim Horton.
25         Patch by James Savage.
26
27         * platform/spi/cocoa/QuartzCoreSPI.h:
28
29 2015-07-22  Joseph Pecoraro  <pecoraro@apple.com>
30
31         Web Inspector: Timeline should immediately start moving play head when starting a new recording
32         https://bugs.webkit.org/show_bug.cgi?id=147210
33
34         Reviewed by Timothy Hatcher.
35
36         Test: inspector/timeline/recording-start-stop-timestamps.html
37
38         * inspector/InspectorTimelineAgent.cpp:
39         (WebCore::InspectorTimelineAgent::internalStart):
40         (WebCore::InspectorTimelineAgent::internalStop):
41         Include the current timestamp when starting / stopping a recording.
42
43 2015-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
44
45         Coordinates-based snap offsets don't update correctly when container is scrolled
46         https://bugs.webkit.org/show_bug.cgi?id=147215
47
48         Reviewed by Brent Fulgham.
49
50         Fixes the way we append the snap offsets of child elements with coordinates. We
51         now consider the scroll offset of the parent scroll snapping container, so snap
52         offset recomputations don't fail on scroll snapping containers.
53
54         Test: css3/scroll-snap/scroll-snap-coordinate-overflow-resize.html
55
56         * page/scrolling/AxisScrollSnapOffsets.cpp:
57         (WebCore::appendChildSnapOffsets): Fixed to consider the scroll offset of the
58             parent container.
59
60 2015-07-22  Matthew Daiter  <mdaiter@apple.com>
61
62         Needed to add methods to get PreviewCaptureLayers from Video
63         https://bugs.webkit.org/show_bug.cgi?id=147011
64         <rdar://problem/21861999>
65
66         Reviewed by Jer Noble.
67
68         * platform/mediastream/mac/AVVideoCaptureSource.h: Added in preview
69         layer to class
70         (WebCore::AVVideoCaptureSource::previewLayer):
71         * platform/mediastream/mac/AVVideoCaptureSource.mm: Instantiate
72         previewLayer on load
73         (WebCore::AVVideoCaptureSource::setupCaptureSession):
74
75 2015-07-22  Sungmann Cho  <sungmann.cho@navercorp.com>
76
77         [EFL] The "Missing Plug-in" buttons are not showing up on some flash contents
78         https://bugs.webkit.org/show_bug.cgi?id=147191
79
80         Reviewed by Gyuyoung Kim.
81
82         Currently, WebKitEFL doesn't show the "Missing Plug-in" buttons if the plugin-related tags
83         don't have a "type" attribute. In such a case, WebCore tries to guess the MIME type from
84         the extensions by using MIMETypeRegistry::getMIMETypeForExtension(). For WebKitEFL,
85         MIMETypeRegistry::getMIMETypeForExtension() goes through |extensionMap|, which is a simple
86         array of <extension, mime type>, looking for the mime type for the given extension.
87         But |extensionMap| in MIMETypeRegistryEfl.cpp doesn't have the information for ".swf",
88         so WebCore fails to guess the MIME type and regard the content type as ObjectContentFrame,
89         not ObjectContentNetscapePlugin.
90
91         * platform/efl/MIMETypeRegistryEfl.cpp:
92
93 2015-07-22  Matthew Daiter  <mdaiter@apple.com>
94
95         Rank sources for fitness for UIDs in bestSourcesForTypeAndConstraints
96         https://bugs.webkit.org/show_bug.cgi?id=147206
97         <rdar://problem/21950653>
98
99         Reviewed by Jer Noble.
100
101         * platform/mediastream/RealtimeMediaSource.cpp:
102         (WebCore::RealtimeMediaSource::RealtimeMediaSource):
103         * platform/mediastream/RealtimeMediaSource.h:
104         (WebCore::RealtimeMediaSource::fitnessScore):
105         (WebCore::RealtimeMediaSource::setFitnessScore):
106         * platform/mediastream/mac/AVCaptureDeviceManager.mm:
107         (WebCore::AVCaptureDeviceManager::bestSourcesForTypeAndConstraints):
108
109 2015-07-22  Dean Jackson  <dino@apple.com>
110
111         Video controls, though hidden, are still interactive when in PiP
112         https://bugs.webkit.org/show_bug.cgi?id=147216
113         <rdar://problem/21012688>
114
115         Reviewed by Simon Fraser.
116
117         Explicitly add the PiP class to the controls container so that
118         we can hang a pointer-events: none off it.
119
120         * Modules/mediacontrols/mediaControlsiOS.css:
121         (video::-webkit-media-controls-panel.picture-in-picture): Add a pointer-events: none.
122         * Modules/mediacontrols/mediaControlsiOS.js:
123         (ControllerIOS.prototype.handlePresentationModeChange): Add/remove a PiP class
124         to the controls panel when necessary.
125
126 2015-07-22  Commit Queue  <commit-queue@webkit.org>
127
128         Unreviewed, rolling out r187196.
129         https://bugs.webkit.org/show_bug.cgi?id=147213
130
131         broke all the iOS builds (Requested by thorton on #webkit).
132
133         Reverted changeset:
134
135         "Use updated CoreAnimation snapshot SPI."
136         https://bugs.webkit.org/show_bug.cgi?id=147197
137         http://trac.webkit.org/changeset/187196
138
139 2015-07-22  James Savage  <james.savage@apple.com>
140
141         Use updated CoreAnimation snapshot SPI.
142         https://bugs.webkit.org/show_bug.cgi?id=147197
143
144         Reviewed by Tim Horton.
145
146         * platform/spi/cocoa/QuartzCoreSPI.h:
147
148 2015-07-22  Dean Jackson  <dino@apple.com>
149
150         Out of bounds in WebGLRenderingContext::simulateVertexAttrib0
151         https://bugs.webkit.org/show_bug.cgi?id=147176
152         <rdar://problem/21567767>
153
154         Reviewed by Oliver Hunt.
155
156         Test: fast/canvas/webgl/out-of-bounds-simulated-vertexAttrib0-drawArrays.html
157
158         Add overflow checking for the drawing calls, specifically the way
159         they may simulate vertexAttrib0.
160
161         * html/canvas/WebGLRenderingContextBase.cpp:
162         (WebCore::WebGLRenderingContextBase::validateDrawArrays): Call new validation method.
163         (WebCore::WebGLRenderingContextBase::validateDrawElements): Ditto.
164         (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): New method that
165         validates the parameters used to create the simulated attribute.
166         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): No need to do overflow
167         checking here now that the validation method does it for us.
168         (WebCore::WebGLRenderingContextBase::validateVertexAttributes): Deleted.
169         * html/canvas/WebGLRenderingContextBase.h: Add new validation method.
170
171 2015-07-22  Joseph Pecoraro  <pecoraro@apple.com>
172
173         Web Inspector: AppCache manifest 404 doesn't produce errors in console, manifest resource request always loading indicator
174         https://bugs.webkit.org/show_bug.cgi?id=147135
175
176         Reviewed by Alexey Proskuryakov.
177
178         * loader/appcache/ApplicationCacheGroup.cpp:
179         (WebCore::ApplicationCacheGroup::didReceiveResponse):
180         Always pass a document loader instead of passing null for the manifest request.
181
182         (WebCore::ApplicationCacheGroup::didReceiveManifestResponse):
183         Since we will be cancelling the resource handle ourselves in didReceiveResponse
184         before receiving the didFail resource handle delegates, we should update the
185         inspector about this resource load failing due to a cancel.
186
187         (WebCore::ApplicationCacheGroup::didFinishLoadingManifest):
188         (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
189         Update the MessageSource from "Other" to "AppCache".
190
191 2015-07-22  Jeremy Jones  <jeremyj@apple.com>
192
193         Fix fullscreen and PiP video animation and sizing regressions.
194         https://bugs.webkit.org/show_bug.cgi?id=147189
195         <rdar://problem/21930899>
196
197         Reviewed by Jer Noble.
198
199         Fixes WK1 specific regressions introduced by r187044. Flicker when entering fullscreen,
200         wrong animation and missing initial animation rects.
201
202         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
203         (elementRectInWindow): Added.
204         (WebVideoFullscreenControllerContext::didSetupFullscreen): Clear background decreases flash.
205         (WebVideoFullscreenControllerContext::fullscreenMayReturnToInline): Use consistent inline rect.
206         (WebVideoFullscreenControllerContext::setVideoLayerFrame): 
207         Clear the transform on the web thread instead of on the UI thread.
208         (WebVideoFullscreenControllerContext::setUpFullscreen): Use consistent inline rect.
209         (WebVideoFullscreenControllerContext::exitFullscreen): Use consistent inline rect.
210         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
211         (-[WebAVPlayerLayer resolveBounds]): Clear transform after setting frame.
212
213 2015-07-22  Jeremy Jones  <jeremyj@apple.com>
214
215         Adopt AVKit's AVSimplePlayerLayerView change for PiP.
216         https://bugs.webkit.org/show_bug.cgi?id=147186
217         <rdar://problem/21928170>
218
219         Reviewed by Jer Noble.
220
221         Adopt AVKit changes by inheriting from UIView instead of from AVPictureInPicturePlayerLayerView.
222
223         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
224         (WebAVPlayerLayerView_layerClass): Style.
225         (WebAVPlayerLayerView_playerController): Style.
226         (WebAVPlayerLayerView_videoView): Style.
227         (getWebAVPictureInPicturePlayerLayerViewClass): Inherit from UIView.
228
229 2015-07-22  Beth Dakin  <bdakin@apple.com>
230
231         Animated images should animate in previews
232         https://bugs.webkit.org/show_bug.cgi?id=147173
233         -and corresponding-
234         rdar://problem/21637698
235
236         Reviewed by Dan Bernstein.
237
238         New virtual function to indicate whether or not the image is animated.
239         * platform/graphics/BitmapImage.h:
240         * platform/graphics/Image.h:
241         (WebCore::Image::isAnimated):
242
243 2015-07-22  Jinyoung Hur  <hur.ims@navercorp.com>
244
245         [WinCairo] SVG path not rendered with all-zero dasharray
246         https://bugs.webkit.org/show_bug.cgi?id=146997
247
248         Reviewed by Martin Robinson.
249
250         All-zero dash array should not be passed to cairo_set_dash() as an argument, because it will cause an internal Cairo error.
251         Rather call cairo_set_dash() with num_dashes=0 to disable dash line.
252
253         Tests: fast/canvas/canvas-lineDash.html
254                svg/custom/zero-dasharray.html
255
256         * platform/graphics/cairo/GraphicsContextCairo.cpp:
257         (WebCore::GraphicsContext::setLineDash):
258
259 2015-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
260
261         Search fields render placeholder text improperly.
262         https://bugs.webkit.org/show_bug.cgi?id=147192
263         <rdar://problem/21901076>
264
265         Reviewed by Alexey Proskuryakov.
266
267         Due to changes in the way AppKit renders search inputs, we must now explicitly
268         set the placeholder text of a search input rendered using the Mac theme to be
269         an empty string when rendering the search input box (not including the actual
270         placeholder text).
271
272         * rendering/RenderThemeMac.mm:
273         (WebCore::RenderThemeMac::setSearchCellState): Force the placeholder text of
274             the NSSearchFieldCell for the Mac theme to be an empty string.
275
276 2015-07-22  Matthew Daiter  <mdaiter@apple.com>
277
278         Need the ability to give only best source UIDs to UserMedia request
279         https://bugs.webkit.org/show_bug.cgi?id=147171
280         <rdar://problem/21931121>
281
282         Reviewed by Eric Carlson.
283
284         * Modules/mediastream/UserMediaRequest.cpp:
285         (WebCore::UserMediaRequest::constraintsValidated):
286         * Modules/mediastream/UserMediaRequest.h:
287         (WebCore::UserMediaRequest::videoDeviceUIDs):
288         (WebCore::UserMediaRequest::audioDeviceUIDs):
289         * platform/mediastream/MediaStreamCreationClient.h:
290         * platform/mediastream/mac/AVCaptureDeviceManager.h:
291         * platform/mediastream/mac/AVCaptureDeviceManager.mm:
292         (WebCore::AVCaptureDeviceManager::bestSourcesForTypeAndConstraints):
293         (WebCore::AVCaptureDeviceManager::bestSourceForTypeAndConstraints): Deleted.
294         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
295         (WebCore::RealtimeMediaSourceCenterMac::validateRequestConstraints):
296         (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
297         * platform/mock/MockRealtimeMediaSourceCenter.cpp:
298         (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints):
299
300 2015-07-22  Mark Dittmer  <mark.s.dittmer@gmail.com>
301
302         Fix toJSDOMWindow() in the case of an object that has the actual JS DOM window in its prototype chain.
303         https://bugs.webkit.org/show_bug.cgi?id=146785
304
305         Reviewed by Mark Lam.
306
307         * bindings/js/JSDOMWindowBase.cpp: toJSDOMWindow(): Walk the prototype chain of the given JSValue until a JSDOMWindow or JSDOMWindowShell is found.
308
309 2015-07-22  Matthew Daiter  <mdaiter@apple.com>
310
311         Remove revealing getVideoTracks() and getAudioTracks()
312         https://bugs.webkit.org/show_bug.cgi?id=147126
313         <rdar://problem/21908723>
314
315         Reviewed by Eric Carlson.
316
317         * Modules/mediastream/MediaStream.h:
318         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
319         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
320         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
321         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Modded to use
322         tracks() instead of getVideo/AudioTracks()
323         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Ditto
324         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::playInternal): Ditto
325         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::pauseInternal): Ditto
326         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setMuted): Ditto
327         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::naturalSize): Ditto
328         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::hasVideo): Ditto
329         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::hasAudio): Ditto
330         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentMediaTime):
331         Changed to a FIXME
332         * platform/mediastream/MediaStreamPrivate.h:
333
334 2015-07-22  Matthew Daiter  <mdaiter@apple.com>
335
336         Ensure MediaPlayerPrivateAVFoundation doesn't load MediaStreams
337         https://bugs.webkit.org/show_bug.cgi?id=147119
338         <rdar://problem/21904955>
339
340         Reviewed by Eric Carlson.
341
342         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: Set
343         networkstate to error when loading MediaStreams
344
345 2015-07-22  Alex Christensen  <achristensen@webkit.org>
346
347         Fix quirks in CMake build on Mac and Windows
348         https://bugs.webkit.org/show_bug.cgi?id=147174
349
350         Reviewed by Gyuyoung Kim.
351
352         * PlatformMac.cmake:
353         Removed files that don't exist any more.
354         * platform/win/WindowsTouch.h:
355         Only use definitions of touch structures when compiling with VS2012.
356
357 2015-07-22  Csaba Osztrogonác  <ossy@webkit.org>
358
359         Fix cast-align warning in NetworkStateNotifierEfl.cpp
360         https://bugs.webkit.org/show_bug.cgi?id=145915
361
362         Reviewed by Gyuyoung Kim.
363
364         * platform/network/efl/NetworkStateNotifierEfl.cpp:
365         (WebCore::NetworkStateNotifier::readSocketCallback):
366
367 2015-07-22  Ryuan Choi  <ryuan.choi@navercorp.com>
368
369         [GTK][EFL] Remove dead functions in LocalizedStrings
370         https://bugs.webkit.org/show_bug.cgi?id=147188
371
372         Reviewed by Csaba Osztrogonác.
373
374         * platform/efl/LocalizedStringsEfl.cpp:
375         (WebCore::contextMenuItemTagHideMediaControls):
376         (WebCore::contextMenuitemTagHideMediaControls): Fixed typo since r152117.
377         (WebCore::inactivePluginText): Deleted since r151530.
378         (WebCore::textTrackClosedCaptionsText): Deleted since r141864.
379         * platform/gtk/LocalizedStringsGtk.cpp:
380         (WebCore::inactivePluginText): Deleted since r151530.
381         (WebCore::textTrackClosedCaptionsText): Deleted since r141864.
382
383 2015-07-21  Benjamin Poulain  <bpoulain@apple.com>
384
385         [CSS Selectors Level 4] Add #ifdefs to the new '>>' descendant combinator
386         https://bugs.webkit.org/show_bug.cgi?id=147184
387
388         Reviewed by Anders Carlsson.
389
390         Now that '>>>' is dead, the combinator '>>' is at risk.
391
392         This patch #ifdef all that code with the other experimental
393         features from Level 4.
394
395         * css/CSSGrammar.y.in:
396         * css/CSSParserValues.cpp:
397         (WebCore::CSSParserSelector::appendTagHistory):
398         * css/CSSParserValues.h:
399         * css/CSSSelector.cpp:
400         (WebCore::CSSSelector::CSSSelector):
401         (WebCore::CSSSelector::selectorText):
402         * css/CSSSelector.h:
403         (WebCore::CSSSelector::CSSSelector):
404
405 2015-07-21  Joseph Pecoraro  <pecoraro@apple.com>
406
407         Web Inspector: Node highlights are wrong when the page is zoomed
408         https://bugs.webkit.org/show_bug.cgi?id=147177
409
410         Reviewed by Simon Fraser.
411
412         * inspector/InspectorOverlay.cpp:
413         (WebCore::InspectorOverlay::update):
414         Remove scaling that appears to no longer be needed, it was double
415         scaling the overlay content and misplacing it in the process.
416
417 2015-07-21  Dean Jackson  <dino@apple.com>
418
419         Default media controls use a serif font, which seems wrong
420         https://bugs.webkit.org/show_bug.cgi?id=147179
421         <rdar://problem/21931728>
422
423         Reviewed by Simon Fraser.
424
425         The captions menu (and other text) should use a system style,
426         -webkit-small-control.
427
428         * Modules/mediacontrols/mediaControlsApple.css:
429         (::-webkit-media-controls):
430
431 2015-07-21  Matthew Daiter  <mdaiter@apple.com>
432
433         Exposed method to query device by UID
434         https://bugs.webkit.org/show_bug.cgi?id=147117
435         <rdar://problem/21904678>
436
437         Reviewed by Eric Carlson.
438
439         * platform/mediastream/mac/AVCaptureDeviceManager.h: Added method to
440         query device by UID
441         * platform/mediastream/mac/AVCaptureDeviceManager.mm: Ditto
442         (WebCore::AVCaptureDeviceManager::sourceWithUID): Ditto
443
444 2015-07-21  Benjamin Poulain  <benjamin@webkit.org>
445
446         [Content Extensions] Use a jump table when consecutive transitions have different targets
447         https://bugs.webkit.org/show_bug.cgi?id=147099
448
449         Reviewed by Alex Christensen.
450
451         When handling consecutive single transitions, merge them into
452         a jump table instead of creating many individual CheckValue.
453
454         From local testing on x86_64, it reduces the bytecode size by about 5%
455         and improve the runtime by about 10%.
456
457         * contentextensions/DFABytecode.h:
458         (WebCore::ContentExtensions::instructionSizeWithArguments):
459         * contentextensions/DFABytecodeCompiler.cpp:
460         (WebCore::ContentExtensions::DFABytecodeCompiler::extractJumpTable):
461         (WebCore::ContentExtensions::DFABytecodeCompiler::transitions):
462         (WebCore::ContentExtensions::DFABytecodeCompiler::checkForJumpTableMaxBytecodeSize):
463         (WebCore::ContentExtensions::DFABytecodeCompiler::compileJumpTable):
464         (WebCore::ContentExtensions::DFABytecodeCompiler::nodeTransitionsMaxBytecodeSize):
465         (WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
466         (WebCore::ContentExtensions::DFABytecodeCompiler::ranges): Deleted.
467         * contentextensions/DFABytecodeCompiler.h:
468         * contentextensions/DFABytecodeInterpreter.cpp:
469         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpetJumpTable):
470         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
471         * contentextensions/DFABytecodeInterpreter.h:
472
473 2015-07-21  Simon Fraser  <simon.fraser@apple.com>
474
475         Add a logging channel for Layout, remove the LiveConnect channel
476         https://bugs.webkit.org/show_bug.cgi?id=147170
477
478         Reviewed by Zalan Bujtas.
479
480         Add a layout logging channel to WebCore, and remove the LiveConnect channel.
481
482         * page/FrameView.cpp:
483         (WebCore::FrameView::adjustViewSize):
484         (WebCore::FrameView::forceLayoutParentViewIfNeeded):
485         (WebCore::FrameView::layout):
486         (WebCore::FrameView::performPostLayoutTasks):
487         (WebCore::FrameView::autoSizeIfEnabled):
488         * platform/Logging.h:
489
490 2015-07-21  Benjamin Poulain  <bpoulain@apple.com>
491
492         StyleSheetContents::wrapperInsertRule() can create rules that overflow RuleData's selector index
493         https://bugs.webkit.org/show_bug.cgi?id=147144
494
495         Reviewed by Alex Christensen.
496
497         RuleData identifies selectors by the index in a large array. The index only has 13 bits
498         so rules with more than 8192 selectors should be split.
499
500         One of the paths was not splitting the rule: StyleSheetContents::wrapperInsertRule().
501         When rules with too many selectors were added, the index would overflow and
502         some RuleData would point to selectors in the middle of selector chains. The resulting
503         behavior is random based on the selectors and the DOM.
504
505         We cannot easily fix that because the CSS OM API do not expect to create
506         several rules in response to calls to the API.
507         In this patch, I don't do anything fancy and just let the calls fail
508         if we cannot use the rules safely.
509
510
511         Content Extensions were also running into this problem. Large Selector lists are
512         pretty common, and ContentExtensionStyleSheet::addDisplayNoneSelector() was
513         overflowing the RuleData, creating broken page.
514
515         Unlike CSSOM, there is no problem with splitting rules coming from Content Extensions.
516         Instead of creating new APIs for that case, I rely on the parser to extend the StyleSheetContents.
517         That code already knows how to break rules correctly.
518
519         Tests: fast/css/insert-rule-overflow-rule-data.html
520                http/tests/contentextensions/css-display-none-overflows-rule-data-1.html
521                http/tests/contentextensions/css-display-none-overflows-rule-data-2.html
522
523         * contentextensions/ContentExtensionStyleSheet.cpp:
524         (WebCore::ContentExtensions::ContentExtensionStyleSheet::addDisplayNoneSelector):
525         * css/StyleSheetContents.cpp:
526         (WebCore::StyleSheetContents::wrapperInsertRule):
527
528 2015-07-21  Jon Honeycutt  <jhoneycutt@apple.com>
529
530         [iOS] Keyboard bold/italic/underline keys don't highlight after being
531         tapped to style a selection
532         https://bugs.webkit.org/show_bug.cgi?id=147164
533         <rdar://problem/21630806>
534
535         Reviewed by Ryosuke Niwa.
536
537         * editing/cocoa/EditorCocoa.mm:
538         (WebCore::Editor::styleForSelectionStart):
539         Use adjustedSelectionStartForStyleComputation(), which will ensure that
540         we're at the start of the selected node, not at the end of the node
541         before the selection.
542
543 2015-07-21  Tim Horton  <timothy_horton@apple.com>
544
545         Placing video in fullscreen caused WebKit crash at WebCore::Range::textQuads
546         https://bugs.webkit.org/show_bug.cgi?id=147166
547         <rdar://problem/21928558>
548
549         Reviewed by Simon Fraser.
550
551         * editing/FrameSelection.cpp:
552         (WebCore::FrameSelection::getClippedVisibleTextRectangles):
553         Check the Range, as always.
554
555 2015-07-21  Simon Fraser  <simon.fraser@apple.com>
556
557         Safari mis-applies "animation-fill-mode: forwards" when using fractional iteration count
558         https://bugs.webkit.org/show_bug.cgi?id=146996
559
560         Reviewed by Dean Jackson.
561
562         animation-fill-mode: forwards with fractional iteration counts always snapped to
563         1 or 0, depending on direction. Fix to compute the fill-forward state from the
564         correct keyframes.
565         
566         If filling forwards, AnimationBase::progress() sets the elapsed time to the duration,
567         then uses fractionalTime() to handle animation direction mapping. If the fractionalTime
568         is integral, we can return early, avoiding the cost of mapping through timing functions.
569
570         Tested by existing tests.
571
572         * page/animation/AnimationBase.cpp:
573         (WebCore::AnimationBase::progress):
574         (WebCore::AnimationBase::getElapsedTime):
575         * page/animation/KeyframeAnimation.cpp:
576         (WebCore::KeyframeAnimation::fetchIntervalEndpointsForProperty): It was possible
577         to end up with prevIndex == nextIndex with reverse animations, which resulted
578         in divide-by-zero when computing scale. Fix by picking a nextIndex that is different
579         from prevIndex.
580
581 2015-07-21  David Hyatt  <hyatt@apple.com>
582
583         Fix failing WK1 layout tests. Make sure to reset the text zoom scale
584         in Internals::resetToConsistentState.
585
586         Reviewed by Anders Carlsson
587
588         * testing/Internals.cpp:
589         (WebCore::Internals::resetToConsistentState):
590
591 2015-07-21  Said Abou-Hallawa  <sabouhallawa@apple.com>
592
593         REGRESSION (r172417, r184065): Multiple rendering issues with fixed attached background-image
594         https://bugs.webkit.org/show_bug.cgi?id=147049
595         <rdar://problem/21110936>
596
597         Reviewed by Simon Fraser.
598
599         The fixed-attached background-image rendering is special. In general, to
600         display it, the destinationSize should be set to visibleContentSize. The
601         destinationLocation should be set such that the background-image does
602         not move with scrolling. The topContentInset should be subtracted from
603         the destinationLocation such that background-image can be rendered blurred
604         in the topContentArea. However there are cases in which these rules have to
605         be changed.
606         
607         -- destinationSize: In the case of fixed layout size, the fixedLayoutSize
608         is bigger than the visibleContentSize. In this case, if the background-image
609         belongs to the root element, the destinationSize has to be set to fixedLayoutSize.
610         Otherwise it has to be set to the borderBoxSize unless the overflow is
611         hidden.
612         
613         -- destinationLocation: If the background-image belongs to the root element, no
614         scroll offset to added to destinationLocation. For non-root element case,
615         FrameView::documentScrollOffsetRelativeToViewOrigin() should be used if no page
616         scaling is applied. Otherwise FrameView::scrollOffsetForFixedPosition() should be
617         used instead.
618         
619         Tests: platform/mac-wk2/tiled-drawing/fixed-layout-size-fixed-attachment-cover.html
620                platform/mac-wk2/tiled-drawing/fixed-layout-size-fixed-attachment-local.html
621
622         * rendering/RenderBoxModelObject.cpp:
623         (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry): Ensure
624         the geometry for the fixed-attached background-image is calculated correctly.
625         
626         * rendering/RenderLayerBacking.cpp:
627         (WebCore::RenderLayerBacking::updateGeometry): Ensure the background layer
628         gets the correct size for the fixedLayoutSize mode.
629
630 2015-07-21  Csaba Osztrogonác  <ossy@webkit.org>
631
632         Fix the !ENABLE(DETAILS_ELEMENT) build after r186598
633         https://bugs.webkit.org/show_bug.cgi?id=147115
634
635         Reviewed by Chris Fleizach.
636
637         * accessibility/AccessibilityNodeObject.cpp:
638         (WebCore::AccessibilityNodeObject::setIsExpanded):
639
640 2015-07-21  David Hyatt  <hyatt@apple.com>
641
642         Need a way to ignore text-zoom in a Web page.
643         https://bugs.webkit.org/show_bug.cgi?id=27092
644         rdar://problem/7037987
645
646         Reviewed by Simon Fraser.
647
648         This patch adds a new property, -webkit-text-zoom, with values of normal and reset. The reset
649         keyword, just as with the zoom property, can be used to ignore any inherited zoom from the
650         document.
651
652         Added new test in fast/text.
653
654         * Modules/mediacontrols/mediaControlsApple.css:
655         (audio::-webkit-media-controls-panel):
656         (video::-webkit-media-controls-panel):
657         * css/CSSComputedStyleDeclaration.cpp:
658         (WebCore::ComputedStyleExtractor::propertyValue):
659         * css/CSSParser.cpp:
660         (WebCore::CSSParser::parseValue):
661         * css/CSSPrimitiveValueMappings.h:
662         (WebCore::CSSPrimitiveValue::operator ContentDistributionType):
663         (WebCore::CSSPrimitiveValue::operator TextZoom):
664         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
665         * css/CSSPropertyNames.in:
666         * css/StyleBuilderConverter.h:
667         (WebCore::StyleBuilderConverter::csstoLengthConversionDataWithTextZoomFactor):
668         * css/StyleBuilderCustom.h:
669         (WebCore::StyleBuilderCustom::applyValueWebkitTextSizeAdjust):
670         (WebCore::StyleBuilderCustom::applyValueWebkitTextZoom):
671         (WebCore::StyleBuilderCustom::applyTextOrBoxShadowValue):
672         * css/StyleResolver.cpp:
673         (WebCore::StyleResolver::checkForZoomChange):
674         * rendering/style/RenderStyle.cpp:
675         (WebCore::RenderStyle::changeRequiresLayout):
676         * rendering/style/RenderStyle.h:
677         * rendering/style/RenderStyleConstants.h:
678         * rendering/style/StyleRareInheritedData.cpp:
679         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
680         (WebCore::StyleRareInheritedData::operator==):
681         * rendering/style/StyleRareInheritedData.h:
682         * style/StyleFontSizeFunctions.cpp:
683         (WebCore::Style::computedFontSizeFromSpecifiedSize):
684         * testing/Internals.cpp:
685         (WebCore::Internals::setPageZoomFactor):
686         (WebCore::Internals::setTextZoomFactor):
687         (WebCore::Internals::setUseFixedLayout):
688         * testing/Internals.h:
689         * testing/Internals.idl:
690
691 2015-07-21  Per Arne Vollan  <peavo@outlook.com>
692
693         WinLauncher does not start on WinXP.
694         https://bugs.webkit.org/show_bug.cgi?id=147147
695
696         Reviewed by Alex Christensen.
697
698         Calling GetProcessMemoryInfo() on WinXP requires that PSAPI_VERSION is set to 1,
699         see https://msdn.microsoft.com/en-us/library/windows/desktop/ms683219(v=vs.85).aspx.
700
701         * WebCore.vcxproj/WebCoreCommon.props:
702
703 2015-07-20  Michael Catanzaro  <mcatanzaro@igalia.com>
704
705         REGRESSION(r184376): [SOUP] Multiple assertions when downloading files
706         https://bugs.webkit.org/show_bug.cgi?id=147039
707
708         Reviewed by Darin Adler.
709
710         No new tests; this will be covered once we enable the network process for API tests.
711
712         * platform/network/soup/ResourceHandleSoup.cpp:
713         (WebCore::ResourceHandle::releaseForDownload): Call RefPtrBase::relaxAdoptionRequirement so
714         that we don't assert when storing the non-adopted ResourceHandle in a RefPtr. The ref will
715         be dropped in ResourceHandle::cleanupSoupOperation, which as the comment says should always
716         run. HOPEFULLY.
717         (WebCore::ResourceHandle::continueWillSendRequest): Don't assert that client() is nonnull,
718         because the code clearly expects and handles the case where it is null.
719         (WebCore::ResourceHandle::continueDidReceiveResponse): Ditto; note that here client() will
720         always be null for a download.
721
722 2015-07-20  Ada Chan  <adachan@apple.com>
723
724         Follow-up to my earlier fix for r147085
725         https://bugs.webkit.org/show_bug.cgi?id=147085
726
727         Reviewed by Eric Carlson.
728
729         * Modules/webaudio/AudioContext.cpp:
730         (WebCore::AudioContext::isPlayingAudioDidChange):
731         Null-check document() before dereferencing it in case the audio context's document is destroyed
732         by the time the code block is called on the main thread.
733
734 2015-07-20  Carlos Garcia Campos  <cgarcia@igalia.com>
735
736         Remove RenderTheme::shouldShowPlaceholderWhenFocused()
737         https://bugs.webkit.org/show_bug.cgi?id=147104
738
739         Reviewed by Martin Robinson.
740
741         GTK+ is the only port that returns false in
742         shouldShowPlaceholderWhenFocused(). That's inconsistent with all
743         other browsers that show the placeholder text even for focused
744         entries in all platforms. We should change the GTK+ port
745         behaviour, but that would leave all implementations of
746         shouldShowPlaceholderWhenFocused returning true, so let's just
747         remove it.
748
749         * html/HTMLTextFormControlElement.cpp:
750         (WebCore::HTMLTextFormControlElement::placeholderShouldBeVisible):
751         Do not consider whether the entry is focused or not.
752         * platform/efl/RenderThemeEfl.h:
753         * rendering/RenderTheme.h:
754         (WebCore::RenderTheme::shouldShowPlaceholderWhenFocused): Deleted.
755         * rendering/RenderThemeIOS.h:
756         * rendering/RenderThemeIOS.mm:
757         (WebCore::RenderThemeIOS::shouldShowPlaceholderWhenFocused): Deleted.
758         * rendering/RenderThemeMac.h:
759         * rendering/RenderThemeMac.mm:
760         (WebCore::RenderThemeMac::shouldShowPlaceholderWhenFocused): Deleted.
761         * rendering/RenderThemeSafari.h:
762         (WebCore::RenderThemeSafari::shouldShowPlaceholderWhenFocused): Deleted.
763         * rendering/RenderThemeWin.h:
764
765 2015-07-20  Zan Dobersek  <zdobersek@igalia.com>
766
767         [CoordinatedGraphics] CoordinatedGraphicsLayer::setContentsToImage() should avoid scheduling unnecessary flushes
768         https://bugs.webkit.org/show_bug.cgi?id=147118
769
770         Reviewed by Martin Robinson.
771
772         Have CoordinatedGraphicsLayer::setContentsToImage() return early if the new
773         passed-in Image and the corresponding native image pointer are equal to the
774         currently set values.
775
776         This specifically avoids scheduling unnecessary flushes when setContentsToImage()
777         is repeatedly called with a null Image pointer, which in previous code would
778         unconditionally result in a scheduled flush even if there was no Image assigned
779         as the content of this layer before. Until now the layer flush scheduling was only
780         avoided if the two non-null native image pointers were equal.
781
782         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
783         (WebCore::CoordinatedGraphicsLayer::setContentsToImage):
784
785 2015-07-20  Nan Wang  <n_wang@apple.com>
786
787         AX: Selection change as a result of focusing an element may cause Safari to crash
788         https://bugs.webkit.org/show_bug.cgi?id=147052
789         <rdar://problem/21778212>
790
791         Reviewed by Chris Fleizach.
792
793         When focusing an element, it may trigger a deferred layout that invalidates the render 
794         element, which will cause axObjectCache() to be a nullptr, and lead to a crash. Fix that
795         by using a RefPtr to hold the object and also caching the axObjectCache().
796
797         Test: platform/mac/accessibility/focus-crash.html
798
799         * accessibility/AccessibilityRenderObject.cpp:
800         (WebCore::AccessibilityRenderObject::setFocused):
801         (WebCore::AccessibilityRenderObject::setSelectedRows):
802
803 2015-07-20  Alex Christensen  <achristensen@webkit.org>
804
805         Unreviewed build fix after r187049.
806
807         * contentextensions/ContentExtension.cpp:
808         (WebCore::ContentExtensions::ContentExtension::populateDomainCacheIfNeeded):
809         Can't shrinkToFit HashSets.
810
811 2015-07-20  Alex Christensen  <achristensen@webkit.org>
812
813         [Content Extensions] Cache actions with domains that match everything
814         https://bugs.webkit.org/show_bug.cgi?id=147050
815
816         Reviewed by Benjamin Poulain.
817
818         If you have lots of rules with triggers like {"url-filter":".*","if-domain":["*webkit.org"]}
819         we will spend a lot of time adding unnecessary actions to HashSets when you are not on webkit.org.
820         Caching all the rules and only adding them to a collection once when the domain changes saves a lot of URL interpreting time.
821
822         We already had an optimization for the css-display-none actions with triggers that matched everything using a special bytecode operation.
823         This removes the need for a special bytecode operation by caching the triggers that match everything with and without domains,
824         then from those cached actions we compile a stylesheet, and create cached actions for every new domain we visit.
825
826         All functionality is covered by existing API tests.
827
828         * contentextensions/CompiledContentExtension.cpp:
829         (WebCore::ContentExtensions::CompiledContentExtension::~CompiledContentExtension):
830         (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors): Deleted.
831         * contentextensions/CompiledContentExtension.h:
832         * contentextensions/ContentExtension.cpp:
833         (WebCore::ContentExtensions::ContentExtension::ContentExtension):
834         (WebCore::ContentExtensions::ContentExtension::findFirstIgnorePreviousRules):
835         (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):
836         (WebCore::ContentExtensions::ContentExtension::compileGlobalDisplayNoneStyleSheet):
837         (WebCore::ContentExtensions::ContentExtension::populateDomainCacheIfNeeded):
838         (WebCore::ContentExtensions::ContentExtension::cachedDomainActions):
839         (WebCore::ContentExtensions::ContentExtension::universalActionsWithDomains):
840         * contentextensions/ContentExtension.h:
841         (WebCore::ContentExtensions::ContentExtension::compiledExtension):
842         (WebCore::ContentExtensions::ContentExtension::universalActionsWithoutDomains):
843         * contentextensions/ContentExtensionCompiler.cpp:
844         (WebCore::ContentExtensions::compileRuleList):
845         * contentextensions/ContentExtensionRule.cpp:
846         (WebCore::ContentExtensions::ContentExtensionRule::ContentExtensionRule):
847         (WebCore::ContentExtensions::Action::deserialize):
848         (WebCore::ContentExtensions::Action::deserializeType):
849         (WebCore::ContentExtensions::Action::serializedLength):
850         * contentextensions/ContentExtensionRule.h:
851         (WebCore::ContentExtensions::Action::operator==):
852         (WebCore::ContentExtensions::Action::setExtensionIdentifier):
853         (WebCore::ContentExtensions::Action::extensionIdentifier):
854         * contentextensions/ContentExtensionsBackend.cpp:
855         (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
856         * contentextensions/DFABytecode.h:
857         (WebCore::ContentExtensions::instructionSizeWithArguments):
858         * contentextensions/DFABytecodeCompiler.cpp:
859         (WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendAction):
860         * contentextensions/DFABytecodeInterpreter.cpp:
861         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
862         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
863         (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsMatchingEverything):
864         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
865         (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsForDefaultStylesheetFromDFARoot): Deleted.
866         * contentextensions/DFABytecodeInterpreter.h:
867         * loader/ResourceLoadInfo.h:
868
869 2015-07-20  Jeremy Jones  <jeremyj@apple.com>
870
871         Adopt AVPlayerLayerView
872         https://bugs.webkit.org/show_bug.cgi?id=146862
873
874         Reviewed by Jer Noble.
875
876         The CALayerHost is replaced with WebLayerHostView to be compatible with UIView animations.
877         Some animation is improved in the conversion.
878
879         WebAVPlayerLayerView and WebAVPictureInPicturePlayerLayerView derive from AVKit and UIKit respectively.
880         Because these frameworks are loaded at runtime, these classes must be generate using objc/runtime.h to
881         register them from c functions at runtime. The most important part of these UIViews is that their
882         backing layer is a WebAVPlayerLayer.
883
884         WebCALayerHostWrapper and WebAVVideoLayer are combined into WebAVPlayerLayer to simplify the hierarchy.
885         WebAVPlayerLayer is a stand-in for an AVPlayerLayer.
886
887         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
888         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer): -removeFromSuperlayer is redundant.
889         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): syncTextTrackBounds on change.
890         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame):
891         We never want animation here, since all animation will happen in UIViews. 
892         This is just for going into the final size after a transform based animation.
893
894         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
895         (WebVideoFullscreenControllerContext::didSetupFullscreen): layer -> view
896         (WebVideoFullscreenControllerContext::didCleanupFullscreen): layer -> view
897         (WebVideoFullscreenControllerContext::setUpFullscreen): layer -> view
898
899         (WebVideoFullscreenControllerContext::setVideoLayerFrame): layer -> view
900         Use fence port to synchronize between the UIThread and the WebThread,
901         the same way WebKit2 uses a fence port to synchronize between processes.
902
903         (WebVideoFullscreenControllerContext::setVideoLayerGravity):
904         No longer necessary to cache videoGravity at this level.
905
906         * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
907         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
908
909         (-[WebAVPlayerLayer init]):
910         (-[WebAVPlayerLayer dealloc]):
911         (-[WebAVPlayerLayer playerController]):
912         (-[WebAVPlayerLayer setBounds:]):
913         (-[WebAVPlayerLayer resolveBounds]):
914         (-[WebAVPlayerLayer setVideoGravity:]):
915         (-[WebAVPlayerLayer videoGravity]):
916         (-[WebAVPlayerLayer videoRect]):
917         (+[WebAVPlayerLayer keyPathsForValuesAffectingVideoRect]):
918         Added class WebAVPlayerLayer, replacing WebAVVideoLayer and WebCALayerHostWrapper.
919
920         (WebAVPictureInPicturePlayerLayerView_layerClass):
921         (getWebAVPictureInPicturePlayerLayerViewClass):
922         Added runtime class WebAVPictureInPicturePlayerLayerView
923
924         (WebAVPlayerLayerView_layerClass):
925         (WebAVPlayerLayerView_playerController):
926         (WebAVPlayerLayerView_setPlayerController):
927         (WebAVPlayerLayerView_videoView):
928         (WebAVPlayerLayerView_setVideoView):
929         (WebAVPlayerLayerView_startRoutingVideoToPictureInPicturePlayerLayerView):
930         (WebAVPlayerLayerView_stopRoutingVideoToPictureInPicturePlayerLayerView):
931         (WebAVPlayerLayerView_pictureInPicturePlayerLayerView):
932         (getWebAVPlayerLayerViewClass):
933         Added runtime class WebAVPlayerLayerView
934
935         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
936         Dimensions are also stored in WebAVPlayerLayer so it can make decisions about
937         animating the video layer.
938
939         (WebVideoFullscreenInterfaceAVKit::setExternalPlayback):
940         (WebVideoFullscreenInterfaceAVKit::enterFullscreen): 
941         (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):
942         (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen):
943         Straightforward layer to view conversion.
944
945         (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline):
946         Set view frame using the view hierarchy instead of assuming it is directly in a window.
947
948         (WebVideoFullscreenInterfaceAVKit::exitFullscreen):
949         Set view frame using the view hierarchy instead of assuming it is directly in a window.
950         dispatch_async before calling didExitFullscreen() to allows CATransactions to complete.
951
952         (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
953         Set view frame using the view hierarchy instead of assuming it is directly in a window.
954         dispatch_async before calling didSetupFullscreen() to allows CATransactions to complete.
955
956         (-[WebCALayerHostWrapper dealloc]): Deleted.
957         (-[WebCALayerHostWrapper setVideoSublayer:]): Deleted.
958         (-[WebCALayerHostWrapper videoSublayer]): Deleted.
959         (-[WebCALayerHostWrapper setBounds:]): Deleted.
960         (-[WebCALayerHostWrapper resolveBounds]): Deleted.
961         Class WebCALayerHostWrapper deleted. Functionality rolled into WebAVPlayerLayer.
962
963         (+[WebAVVideoLayer videoLayer]): Deleted.
964         (-[WebAVVideoLayer init]): Deleted.
965         (-[WebAVVideoLayer setPlayerViewController:]): Deleted.
966         (-[WebAVVideoLayer setVideoSublayer:]): Deleted.
967         (-[WebAVVideoLayer setBounds:]): Deleted.
968         (-[WebAVVideoLayer setVideoLayerGravity:]): Deleted.
969         (-[WebAVVideoLayer videoLayerGravity]): Deleted.
970         (-[WebAVVideoLayer enterPIPModeRedirectingVideoToLayer:]): Deleted.
971         (-[WebAVVideoLayer leavePIPMode]): Deleted.
972         Class WebAVVideoLayer deleted. Functionality rolled into WebAVPlayerLayer.
973
974         * platform/ios/WebVideoFullscreenModel.h:
975         * platform/ios/WebVideoFullscreenModelVideoElement.h:
976         * platform/ios/WebVideoFullscreenModelVideoElement.mm:
977         No need to store frame and gravity in the model. It is stored in the UI where it is used.
978
979         (WebVideoFullscreenModelVideoElement::videoLayerFrame): Deleted.
980         (WebVideoFullscreenModelVideoElement::videoLayerGravity): Deleted.
981         * platform/spi/cocoa/AVKitSPI.h: Add AVPlayerLayerView.
982
983 2015-07-20  Anders Carlsson  <andersca@apple.com>
984
985         Add PLATFORM #ifdefs for Mac SPI headers
986         https://bugs.webkit.org/show_bug.cgi?id=147129
987
988         Reviewed by Tim Horton.
989
990         * Configurations/WebCore.xcconfig:
991         Skip NPAPI headers on iOS.
992
993         * platform/mac/WebVideoFullscreenController.h:
994         * platform/spi/mac/DataDetectorsSPI.h:
995         * platform/spi/mac/NSEventSPI.h:
996         * platform/spi/mac/NSFontSPI.h:
997         * platform/spi/mac/NSMenuSPI.h:
998
999 2015-07-20  Tim Horton  <timothy_horton@apple.com>
1000
1001         REGRESSION (r174287): Flash of black when opening a new web view or navigating to a new page
1002         https://bugs.webkit.org/show_bug.cgi?id=147127
1003         <rdar://problem/21474317>
1004
1005         Reviewed by Simon Fraser.
1006
1007         * rendering/RenderView.cpp:
1008         (WebCore::RenderView::paintBoxDecorations):
1009         Avoid using an invalid documentBackgroundColor, fall back to baseBackgroundColor
1010         like we did before r174287.
1011
1012 2015-07-20  Alex Christensen  <achristensen@webkit.org>
1013
1014         [Win] Unreviewed build fix after r187022.
1015
1016         * platform/win/WindowsTouch.h:
1017         Undid changes from r187022
1018
1019 2015-07-20  Jeremy Jones  <jeremyj@apple.com>
1020
1021         Allow video to rotate when app doesnt allow rotation.
1022         https://bugs.webkit.org/show_bug.cgi?id=147121
1023
1024         Reviewed by Jer Noble.
1025
1026         Set an SPI bool on the fullscreen video root view controller to allow it to override app rotation restrictions. 
1027         This allows video to be played in landscape in portrait only apps.
1028
1029         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1030         (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
1031
1032 2015-07-20  Andreas Kling  <akling@apple.com>
1033
1034         Unreviewed assertion fix following r187031.
1035
1036         Just have GenericEventQueue::resume() return early if the queue isn't suspended.
1037         Suspend/Resume calls are not always symmetrical in HTMLMediaElement.
1038
1039         * dom/GenericEventQueue.cpp:
1040         (WebCore::GenericEventQueue::resume):
1041
1042 2015-07-20  David Kilzer  <ddkilzer@apple.com>
1043
1044         Unexpected ABI diffference between armv7 and armv7s in WebCore::GraphicsLayerCA::~GraphicsLayerCA()
1045         <http://webkit.org/b/147101>
1046
1047         Reviewed by Michael Saboff.
1048
1049         * platform/graphics/transforms/TransformationMatrix.h: Align
1050         Matrix4 on both armv7 and armv7s.
1051
1052 2015-07-20  Anders Carlsson  <andersca@apple.com>
1053
1054         Add the necessary platform checks to iOS SPI headers
1055         https://bugs.webkit.org/show_bug.cgi?id=147120
1056
1057         Reviewed by Tim Horton.
1058
1059         * platform/spi/ios/GraphicsServicesSPI.h:
1060         * platform/spi/ios/MediaPlayerSPI.h:
1061         * platform/spi/ios/MobileGestaltSPI.h:
1062
1063 2015-07-20  Andreas Kling  <akling@apple.com>
1064
1065         Improve behavior of media elements in page cache.
1066         <https://webkit.org/b/147020>
1067         <rdar://problem/21712311>
1068
1069         Reviewed by Chris Dumez.
1070
1071         Make improvements for media elements when transitioning in/out of page cache:
1072
1073         - Events that were scheduled when going into cache will now be delivered
1074           when the page is restored from cache.
1075
1076         - Data buffering is turned off while in the cache. This reduces the memory
1077           cost of cached pages with media elements on iOS (where mediaserverd would
1078           keep upcoming video frames in memory for cached pages.)
1079
1080         Test: media/restore-from-page-cache.html (amended)
1081
1082         * dom/GenericEventQueue.h:
1083         * dom/GenericEventQueue.cpp:
1084         (WebCore::GenericEventQueue::enqueueEvent):
1085         (WebCore::GenericEventQueue::suspend):
1086         (WebCore::GenericEventQueue::resume):
1087
1088             Add a simple suspend/resume mechanism to GenericEventQueue that can
1089             be used to support page caching.
1090
1091         * html/HTMLMediaElement.cpp:
1092         (WebCore::HTMLMediaElement::stop):
1093         (WebCore::HTMLMediaElement::suspend):
1094         (WebCore::HTMLMediaElement::resume):
1095         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
1096
1097             Adapt to event queueing changes and add calls to setShouldBufferData().
1098
1099         * html/HTMLSourceElement.h:
1100         * html/HTMLSourceElement.cpp:
1101         (WebCore::HTMLSourceElement::HTMLSourceElement):
1102         (WebCore::HTMLSourceElement::create):
1103         (WebCore::HTMLSourceElement::activeDOMObjectName):
1104         (WebCore::HTMLSourceElement::canSuspendForPageCache):
1105         (WebCore::HTMLSourceElement::suspend):
1106         (WebCore::HTMLSourceElement::resume):
1107         (WebCore::HTMLSourceElement::stop):
1108
1109             Turn HTMLSourceElement into an ActiveDOMObject so it gets all the
1110             appropriate page cache notifications directly. Suspend the delayed
1111             error event delivery timer when cached.
1112
1113 2015-07-20  Mark Lam  <mark.lam@apple.com>
1114
1115         Rollout r187020 and r187021: breaks JSC API tests on debug builds.
1116         https://bugs.webkit.org/show_bug.cgi?id=147110
1117
1118         * bindings/js/JSDOMWindowBase.cpp:
1119         (WebCore::JSDOMWindowBase::commonVM):
1120
1121 2015-07-18  Ada Chan  <adachan@apple.com>
1122
1123         Fix deadlock between -[AVPlayerItem currentTime] and -[AVPlayer isExternalPlaybackActive]
1124         https://bugs.webkit.org/show_bug.cgi?id=147085
1125         <rdar://problem/21878275>
1126
1127         Reviewed by Jer Noble.
1128
1129         * Modules/webaudio/AudioContext.cpp:
1130         (WebCore::AudioContext::isPlayingAudioDidChange):
1131         Call Document::updateIsPlayingMedia() on the main thread, since we could be on the audio I/O
1132         thread here and the Document::updateIsPlayingMedia() call could block, causing a deadlock.
1133
1134 2015-07-20  Alex Christensen  <achristensen@webkit.org>
1135
1136         Resurrect CMake build on Windows.
1137         https://bugs.webkit.org/show_bug.cgi?id=147083
1138
1139         Reviewed by Gyuyoung Kim.
1140
1141         * CMakeLists.txt:
1142         * PlatformWin.cmake:
1143         * dom/Document.cpp:
1144         (WebCore::Document::~Document):
1145         * dom/Range.cpp:
1146         * dom/Text.cpp:
1147         * editing/CompositeEditCommand.cpp:
1148         * platform/graphics/texmap/BitmapTexturePool.cpp:
1149         (WebCore::BitmapTexturePool::createTexture):
1150         * platform/win/WindowsTouch.h:
1151         * rendering/RenderThemeWin.h:
1152         Fixed some including and compiling quirks needed for different configurations.
1153
1154 2015-07-20  Per Arne Vollan  <peavo@outlook.com>
1155
1156         JavaScriptCore performance is very bad on Windows
1157         https://bugs.webkit.org/show_bug.cgi?id=146448
1158
1159         Reviewed by Mark Lam.
1160
1161         * bindings/js/JSDOMWindowBase.cpp:
1162         (WebCore::JSDOMWindowBase::commonVM): Compile fix.
1163
1164 2015-07-19  Tim Horton  <timothy_horton@apple.com>
1165
1166         Make shrink-wrapping test a ref-test instead of pixel-test
1167         https://bugs.webkit.org/show_bug.cgi?id=147081
1168
1169         Reviewed by Sam Weinig.
1170
1171         Nobody runs pixel tests.
1172
1173         * svg/SVGPathUtilities.cpp:
1174         (WebCore::pathIteratorForBuildingString):
1175         (WebCore::buildStringFromPath):
1176         * svg/SVGPathUtilities.h:
1177         Add a helper that turns a Path into a SVG path string.
1178
1179         * testing/Internals.cpp:
1180         (WebCore::Internals::pathStringWithShrinkWrappedRects):
1181         * testing/Internals.h:
1182         * testing/Internals.idl:
1183         Have the internals shrink-wrap method return an SVG path instead of a DOMPath.
1184
1185 2015-07-19  David Kilzer  <ddkilzer@apple.com>
1186
1187         REGRESSION (r187008): CGPathCreateMutableCopyByTransformingPath() is not available on Windows
1188         <https://bugs.webkit.org/show_bug.cgi?id=147077>
1189
1190         * platform/graphics/cg/PathCG.cpp:
1191         (WebCore::Path::transform): Restore less efficient code path
1192         for Windows.
1193
1194 2015-07-18  Tim Horton  <timothy_horton@apple.com>
1195
1196         Simplify Path(CG)::transform/translate
1197         https://bugs.webkit.org/show_bug.cgi?id=147077
1198
1199         Reviewed by Simon Fraser.
1200
1201         No new tests; no behavior change.
1202
1203         * platform/graphics/cg/PathCG.cpp:
1204         (WebCore::Path::translate):
1205         (WebCore::Path::transform):
1206         Use CGPathCreateMutableCopyByTransformingPath to do the copy and transform
1207         in a single call instead of two.
1208
1209         Make use of transform() to implement translate() instead of duplicating the code.
1210         Move the two functions near each other.
1211
1212         (WebCore::Path::boundingRect):
1213         Remove irrelevant reference to Snow Leopard.
1214
1215 2015-07-17  Matt Rajca  <mrajca@apple.com>
1216
1217         Media Session: Add support for 'Content' interruption types
1218         https://bugs.webkit.org/show_bug.cgi?id=147042
1219
1220         Reviewed by Eric Carlson.
1221
1222         Tests: Added media/session/content-interruptions
1223
1224         * Modules/mediasession/MediaSession.cpp:
1225         (WebCore::MediaSession::handleIndefinitePauseInterruption): Indefinitely pause the session by pausing media
1226          elements and removing them from the set of active participating elements.
1227         * Modules/mediasession/MediaSession.h:
1228         * Modules/mediasession/MediaSessionManager.cpp:
1229         (WebCore::MediaSessionManager::didReceiveStartOfInterruptionNotification): Implemented support for 'Content'
1230          interruption types as described in 4.5.2.
1231
1232 2015-07-16  Matt Rajca  <mrajca@apple.com>
1233
1234         Media Session: add support for telephony interruptions
1235         https://bugs.webkit.org/show_bug.cgi?id=147016
1236
1237         Reviewed by Eric Carlson.
1238
1239         * platform/audio/mac/MediaSessionInterruptionProviderMac.mm:
1240         (WebCore::callDidBeginRinging): Forward this event to media sessions as a 'Transient' interruption.
1241         (WebCore::MediaSessionInterruptionProviderMac::beginListeningForInterruptions):
1242         (WebCore::MediaSessionInterruptionProviderMac::stopListeningForInterruptions):
1243
1244 2015-07-17  Matt Rajca  <mrajca@apple.com>
1245
1246         Media Session: add infrastructure for testing interruptions
1247         https://bugs.webkit.org/show_bug.cgi?id=147060
1248
1249         Reviewed by Eric Carlson.
1250
1251         * Modules/mediasession/MediaSession.h: Export methods to be used with tests.
1252         * Modules/mediasession/MediaSessionManager.h: Ditto.
1253         * bindings/scripts/CodeGeneratorJS.pm: JSMediaSession needs to be marked with WEBCORE_EXPORT so it works with JSInternals.
1254         * testing/Internals.cpp:
1255         (WebCore::Internals::sendMediaSessionStartOfInterruptionNotification): Let tests send interruptions to MediaSessionManager.
1256         (WebCore::Internals::sendMediaSessionEndOfInterruptionNotification): Ditto.
1257         (WebCore::Internals::mediaSessionCurrentState): Expose the current state of media sessions to tests.
1258         * testing/Internals.h:
1259         * testing/Internals.idl: Add interfaces for sending interruptions from JS tests.
1260
1261 2015-07-18  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1262
1263         Reduce PassRefPtr in WebKit2 - 3
1264         https://bugs.webkit.org/show_bug.cgi?id=146995
1265
1266         Reviewed by Daniel Bates.
1267
1268         To remove PassRefPtr, this patch reduces use of PassRefPtr in WebKit2.
1269         Because some uses depend on WebCore, WebCore, WK1 ports are modified as well.
1270
1271         * loader/EmptyClients.cpp:
1272         (WebCore::EmptyChromeClient::createPopupMenu):
1273         (WebCore::EmptyChromeClient::createSearchPopupMenu):
1274         (WebCore::EmptyFrameLoaderClient::createDocumentLoader):
1275         (WebCore::EmptyFrameLoaderClient::createFrame):
1276         (WebCore::EmptyFrameLoaderClient::createPlugin):
1277         * loader/EmptyClients.h:
1278         * loader/FrameLoader.cpp:
1279         (WebCore::FrameLoader::init):
1280         (WebCore::FrameLoader::load):
1281         (WebCore::FrameLoader::loadWithNavigationAction):
1282         (WebCore::FrameLoader::reloadWithOverrideEncoding):
1283         (WebCore::FrameLoader::reload):
1284         * loader/FrameLoaderClient.h:
1285         * loader/ResourceLoadScheduler.cpp:
1286         (WebCore::ResourceLoadScheduler::scheduleSubresourceLoad):
1287         (WebCore::ResourceLoadScheduler::schedulePluginStreamLoad):
1288         * loader/ResourceLoadScheduler.h:
1289         * loader/SubresourceLoader.cpp:
1290         (WebCore::SubresourceLoader::create):
1291         * loader/SubresourceLoader.h:
1292         * page/ChromeClient.h:
1293         * platform/graphics/texmap/TextureMapperBackingStore.h:
1294         * platform/graphics/texmap/TextureMapperLayer.h:
1295         (WebCore::TextureMapperLayer::texture):
1296         * platform/graphics/texmap/TextureMapperSurfaceBackingStore.cpp:
1297         (WebCore::TextureMapperSurfaceBackingStore::texture):
1298         * platform/graphics/texmap/TextureMapperSurfaceBackingStore.h:
1299         * platform/graphics/texmap/TextureMapperTile.h:
1300         (WebCore::TextureMapperTile::texture):
1301         * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
1302         (WebCore::TextureMapperTiledBackingStore::texture):
1303         * platform/graphics/texmap/TextureMapperTiledBackingStore.h:
1304         * storage/StorageNamespace.h:
1305
1306 2015-07-18  David Kilzer  <ddkilzer@apple.com>
1307
1308         REGRESSION (r186976): Use piFloat instead of M_PI
1309
1310         Attempt to fix the following build failure:
1311
1312             PathUtilities.cpp(183): error C2065: 'M_PI' : undeclared identifier [...\Source\WebCore\WebCore.vcxproj\WebCore.vcxproj]
1313
1314         * platform/graphics/PathUtilities.cpp:
1315         (WebCore::walkGraphAndExtractPolygon): Use piFloat since M_PI is
1316         not defined on Windows.
1317
1318 2015-07-18  David Kilzer  <ddkilzer@apple.com>
1319
1320         REGRESSION (r186976): Windows build broke due to missing definition of M_PI
1321
1322         Attempt to fix the following build failure:
1323
1324             PathUtilities.cpp(182): error C2065: 'M_PI' : undeclared identifier [...\Source\WebCore\WebCore.vcxproj\WebCore.vcxproj]
1325
1326         * platform/graphics/PathUtilities.cpp: Include <wtf/MathExtras.h>.
1327
1328 2015-07-17  Zalan Bujtas  <zalan@apple.com>
1329
1330         REGRESSION (r169105): Do not assign a renderer to multiple selection subtrees.
1331         https://bugs.webkit.org/show_bug.cgi?id=147038
1332         rdar://problem/21819351
1333
1334         Reviewed by David Kilzer.
1335
1336         A renderer should never be assigned to multiple selection subtrees. (Currently RenderObject maintains the last selection state.)
1337         RenderView::applySubtreeSelection() loops from the start to the end of the selection to find renderers that are inside the selection.
1338         However, in case of regions (when multiple selection roots are present) traversing the renderer tree by calling RenderObject::nextInPreOrder() could
1339         end up going across selection roots.
1340         This patch ensures that we assign renderers to a specific selection only when the current selection root and the renderer's selection root match.
1341
1342         Test: fast/regions/crash-when-renderer-is-in-multiple-selection-subtrees2.html
1343
1344         * rendering/RenderView.cpp:
1345         (WebCore::SelectionIterator::SelectionIterator):
1346         (WebCore::SelectionIterator::current):
1347         (WebCore::SelectionIterator::checkForSpanner):
1348         (WebCore::RenderView::applySubtreeSelection):
1349
1350 2015-07-17  Andy Estes  <aestes@apple.com>
1351
1352         [iOS] Further tighten the sandbox around pages fetched with Content-Disposition: attachment
1353         https://bugs.webkit.org/show_bug.cgi?id=147044
1354         rdar://problem/21567820
1355
1356         Reviewed by Brady Eidson.
1357
1358         In addition to placing resources fetched with 'Content-Disposition: attachment' in a unique origin,
1359         this change does the following:
1360
1361         - Switches the sandbox type from SandboxOrigin to SandboxAll, which enforces the same restrictions as <iframe sandbox>.
1362         - Disables processing of <meta http-equiv> elements.
1363         - Disables loading of cross-origin subframes.
1364
1365         Tests: http/tests/contentdispositionattachmentsandbox/cross-origin-frames-disabled.html
1366                http/tests/contentdispositionattachmentsandbox/form-submission-disabled.html
1367                http/tests/contentdispositionattachmentsandbox/http-equiv-disabled.html
1368                http/tests/contentdispositionattachmentsandbox/plugins-disabled.html
1369                http/tests/contentdispositionattachmentsandbox/scripts-disabled.html
1370
1371         * dom/Document.cpp:
1372         (WebCore::Document::processHttpEquiv): Switched to calling Document::httpEquivPolicy(). Logged an error to the console for policies other than Enabled.
1373         (WebCore::Document::initSecurityContext): Switched sandbox enforcement from SandboxOrigin to SandboxAll.
1374         (WebCore::Document::httpEquivPolicy): Returned a HttpEquivPolicy based on shouldEnforceContentDispositionAttachmentSandbox() and Settings::httpEquivEnabled().
1375         (WebCore::Document::shouldEnforceContentDispositionAttachmentSandbox): Returned true if Settings::contentDispositionAttachmentSandboxEnabled()
1376         and the document was fetched as an attachment.
1377         * dom/Document.h:
1378         * loader/cache/CachedResourceLoader.cpp: 
1379         (WebCore::CachedResourceLoader::canRequest): When requesting a subframe main resource when the parent frame enforces an attachment sandbox,
1380         only continue if the parent frame's SecurityOrigin allows the request.
1381         * page/Settings.in: Added contentDispositionAttachmentSandboxEnabled with an initial value of false.
1382
1383 2015-07-17  Zalan Bujtas  <zalan@apple.com>
1384
1385         (display: block)input range's thumb disappears when moved.
1386         https://bugs.webkit.org/show_bug.cgi?id=146896
1387         <rdar://problem/21787807>
1388
1389         Reviewed by Simon Fraser.
1390
1391         Since the thumb is positioned after the layout for the input (shadow) subtree is finished, the repaint rects
1392         issued during the layout will not cover the re-positioned thumb.
1393         We need to issue a repaint soon after the thumb is re-positioned.
1394
1395         Test: fast/repaint/block-inputrange-repaint.html
1396
1397         * html/shadow/SliderThumbElement.cpp:
1398         (WebCore::RenderSliderContainer::layout):
1399
1400 2015-07-17  Simon Fraser  <simon.fraser@apple.com>
1401
1402         Attempt to fix the build.
1403
1404         * html/HTMLMediaElement.cpp:
1405         (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsWireless):
1406         * html/HTMLMediaElement.h:
1407
1408 2015-07-17  Dean Jackson  <dino@apple.com>
1409
1410         Picture in Picture interacts poorly with AirPlay/HDMI
1411         https://bugs.webkit.org/show_bug.cgi?id=147061
1412         <rdar://problem/19192076>
1413
1414         Reviewed by Tim Horton.
1415
1416         When we are actively playing to an external target, the
1417         picture in picture button should be hidden.
1418
1419         Also, the availability of picture in picture is also
1420         dependent on AirPlay, so that we don't auto-pip when
1421         we're displaying on a TV.
1422
1423         * Modules/mediacontrols/mediaControlsiOS.js:
1424         (ControllerIOS.prototype.configureInlineControls): Call the update function.
1425         (ControllerIOS.prototype.updatePictureInPictureButton): Add or remove a hidden class.
1426         * html/MediaElementSession.cpp:
1427         (WebCore::MediaElementSession::allowsPictureInPicture): Check Airplay status.
1428
1429 2015-07-17  Tim Horton  <timothy_horton@apple.com>
1430
1431         [iOS] TextIndicator has a large forehead when line-height > 1
1432         https://bugs.webkit.org/show_bug.cgi?id=147058
1433         <rdar://problem/21643094>
1434
1435         Reviewed by Dean Jackson.
1436
1437         * editing/FrameSelection.cpp:
1438         (WebCore::FrameSelection::getClippedVisibleTextRectangles):
1439         * editing/FrameSelection.h:
1440         Add a parameter controlling whether getClippedVisibleTextRectangles
1441         returns selection-height rects (including extra line-height) or text-height
1442         rects (including only the text height). Plumb it down.
1443
1444         * page/TextIndicator.cpp:
1445         (WebCore::TextIndicator::createWithRange):
1446         (WebCore::TextIndicator::createWithSelectionInFrame):
1447         Use the tighter text-height rects on iOS, where there's no selection highlight to cover up.
1448         Remove an assertion that is no longer always true, and which is mostly obsoleted by the
1449         fact that we don't let FrameSnapshotting code arbitrarily decide the rect to snapshot anymore.
1450
1451 2015-07-17  Tim Horton  <timothy_horton@apple.com>
1452
1453         Improve rect shrink-wrapping algorithm
1454         https://bugs.webkit.org/show_bug.cgi?id=147037
1455         <rdar://problem/21643094>
1456
1457         Reviewed by Simon Fraser.
1458
1459         * platform/graphics/FloatPoint.h:
1460         (WebCore::areEssentiallyEqual):
1461         Added; implementation is the same as FloatSize's.
1462
1463         * platform/graphics/PathUtilities.cpp:
1464         (WebCore::FloatPointGraph::FloatPointGraph):
1465         (WebCore::FloatPointGraph::~FloatPointGraph):
1466         (WebCore::FloatPointGraph::Node::Node):
1467         (WebCore::FloatPointGraph::Node::nextPoints):
1468         (WebCore::FloatPointGraph::Node::addNextPoint):
1469         (WebCore::FloatPointGraph::Node::isVisited):
1470         (WebCore::FloatPointGraph::Node::visit):
1471         (WebCore::FloatPointGraph::Node::reset):
1472         (WebCore::FloatPointGraph::reset):
1473         (WebCore::FloatPointGraph::findOrCreateNode):
1474         (WebCore::findLineSegmentIntersection):
1475         (WebCore::addIntersectionPoints):
1476         (WebCore::walkGraphAndExtractPolygon):
1477         (WebCore::findUnvisitedPolygonStartPoint):
1478         (WebCore::unitePolygons):
1479         (WebCore::edgesForRect):
1480         (WebCore::PathUtilities::pathWithShrinkWrappedRects):
1481         (WebCore::addShrinkWrapRightCorner): Deleted.
1482         (WebCore::addShrinkWrapLeftCorner): Deleted.
1483         (WebCore::addShrinkWrappedPathForRects): Deleted.
1484         (WebCore::rectsIntersectOrTouch): Deleted.
1485         (WebCore::findSetContainingRect): Deleted.
1486         Add a new implementation of shrink-wrap, which is significantly more
1487         generic than the old one, which assumed a top-down progression of rects.
1488
1489         This version uses polygon intersection to find the path around the
1490         set of rects, and then follows said path and adds appropriately-sized
1491         arcs for the corners.
1492
1493         The polygon intersection algorithm first finds all the intersection points
1494         between all of the rects, then builds a graph of edges outward from one point.
1495         It then traverses the graph, choosing at each point the next edge which
1496         has not been visited and has the greatest interior angle, recording the polygon as it goes.
1497
1498         If at the end of the traversal we have not returned to the initial node,
1499         we give up on shrink-wrapping and just use a bounding box around the rects.
1500
1501         If any of the original rects have not been visited at all, we repeat the traversal
1502         starting with that rect, making an additional polygon (since we removed completely contained
1503         rects before we started, having not visited the rect at all means that it's not connected
1504         to the others).
1505
1506         Once we have a set of united polygons, we follow each one, determining the ideal (always
1507         equal in width and height, never more than half the length of either edge, so that we always
1508         have a smooth curve) arc radius and projecting it onto the edge, and then
1509         adding an arc between the end of the previous path and beginning of the next.
1510
1511         Because the shrink-wrap algorithm is fairly expensive, if there are more than 20 rects,
1512         we fall back to a bounding box. Given the current use cases, this is more than enough
1513         rects, but can certainly be adjusted in the future if needed.
1514
1515         * testing/Internals.cpp:
1516         (WebCore::Internals::pathWithShrinkWrappedRects):
1517         * testing/Internals.h:
1518         * testing/Internals.idl:
1519         Add a radius parameter.
1520
1521 2015-07-17  Nan Wang  <n_wang@apple.com>
1522
1523         AX: iframe within table cell is inaccessible to VoiceOver
1524         https://bugs.webkit.org/show_bug.cgi?id=147001
1525         <rdar://problem/21106945>
1526
1527         Reviewed by Chris Fleizach.
1528
1529         When a table cell is created before its parent table determines if it should be ignored or not,
1530         the table cell may cache the wrong role. Fix that by allowing each table cell to update its role
1531         after the table makes this determination.
1532
1533         Test: accessibility/iframe-within-cell.html
1534
1535         * accessibility/AccessibilityTable.cpp:
1536         (WebCore::AccessibilityTable::addChildren):
1537         (WebCore::AccessibilityTable::addChildrenFromSection):
1538
1539 2015-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
1540
1541         style.fontFamily accessor crashes on unstyled node created from DOMParser().parseFromString()
1542         https://bugs.webkit.org/show_bug.cgi?id=147026
1543         <rdar://problem/21864487>
1544
1545         Reviewed by Andreas Kling.
1546
1547         Font CSS properties are a little special because they are used as indices into caches.
1548         Normally, StyleResolver gives all nodes a default font family, so our cache works correctly.
1549         However, if the document doesn't have a Settings object, StyleResolver wasn't doing this.
1550         Documents created from DOMParser().parseFromString() don't have a Settings object.
1551
1552         Test: fast/text/crash-font-family-parsed.html
1553
1554         * css/StyleResolver.cpp:
1555         (WebCore::StyleResolver::defaultStyleForElement):
1556         (WebCore::StyleResolver::initializeFontStyle): Set a font family even if we don't have a
1557         Settings object.
1558
1559 2015-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
1560
1561         Video posters disappear once media has loaded
1562         https://bugs.webkit.org/show_bug.cgi?id=147045
1563
1564         Reviewed by Simon Fraser.
1565
1566         After r184932, all video elements are composited. However, there is logic in
1567         RenderLayerBacking::updateConfiguration() which adds the video layer to the page
1568         if the video is composited, without checking first to see if it should actually
1569         do so.
1570
1571         Test: compositing/video/poster.html
1572
1573         * rendering/RenderLayerBacking.cpp:
1574         (WebCore::RenderLayerBacking::updateConfiguration):
1575
1576 2015-07-17  Benjamin Poulain  <bpoulain@apple.com>
1577
1578         [Content Extensions] Term::isUniversalTransition() incorrectly expects the end-of-line assertion in character sets
1579         https://bugs.webkit.org/show_bug.cgi?id=147032
1580
1581         Reviewed by Alex Christensen.
1582
1583         * contentextensions/Term.h:
1584         (WebCore::ContentExtensions::Term::isUniversalTransition):
1585         The universal transition is not supposed to account for the end-of-line assertion,
1586         it should be a transition matching any character.
1587
1588         Here, we were counting 128 transitions, the 127 characters plus the
1589         transition on zero we are using for EOL.
1590
1591         The end result is Term::isUniversalTransition() was completely useless.
1592         The only code using it is the pattern simplificaton phase. That part
1593         was not working correclty and was allowing useless ".*" in the patterns.
1594
1595 2015-07-17  Dan Bernstein  <mitz@apple.com>
1596
1597         WebCore part of <rdar://problem/21803781> The external URL policy is not reported correctly in navigation actions that create new windows
1598         https://bugs.webkit.org/show_bug.cgi?id=147040
1599
1600         Reviewed by Dean Jackson.
1601
1602         Test: TestWebKitAPI/Tests/WebKit2Cocoa/ShouldOpenExternalURLsInNewWindowActions.mm
1603
1604         * loader/FrameLoader.cpp:
1605         (WebCore::shouldOpenExternalURLsPolicyToApply): Pulled the logic out of
1606         applyShouldOpenExternalURLsPolicyToNewDocumentLoader into this new helper.
1607         (WebCore::FrameLoader::loadURL): When targeting a new frame, apply the external URLs policy
1608         to the action passed to checkNewWindowPolicy.
1609         (WebCore::FrameLoader::applyShouldOpenExternalURLsPolicyToNewDocumentLoader): Call the new
1610         helper function.
1611         (WebCore::createWindow): Include the external URL policy in the action passed to
1612         createWindow.
1613
1614 2015-07-17  Anders Carlsson  <andersca@apple.com>
1615
1616         ScrollView.h should be self-contained
1617         https://bugs.webkit.org/show_bug.cgi?id=147004
1618
1619         Reviewed by Sam Weinig.
1620
1621         * platform/ScrollView.h:
1622
1623 2015-07-17  Brady Eidson  <beidson@apple.com>
1624
1625         Rolling r186895 back in, in its entirety.
1626         https://bugs.webkit.org/show_bug.cgi?id=146976
1627
1628         Rubberstamped by Tim Horton.
1629
1630         * platform/network/cf/CookieJarCFNet.cpp:
1631         (WebCore::createCookies): Use new CFNetwork SPI.
1632
1633 2015-07-17  Benjamin Poulain  <bpoulain@apple.com>
1634
1635         [Content Extensions] CSS-display-none rules are not working properly
1636         https://bugs.webkit.org/show_bug.cgi?id=147024
1637
1638         Reviewed by Sam Weinig.
1639
1640         There were 2 bugs prevening rules with css-display-none and a url-filter from working
1641         correctly.
1642
1643         First, ContentExtensions::serializeActions() was merging selectors regardless of their
1644         trigger. All the CSS Selectors would be grouped together and applied regardless of which
1645         rule apply.
1646
1647         That problem was fixed by grouping CSS rules by trigger. We want all the undistinguishable
1648         CSS rules to be merged. The trigger makes 2 rules dinstinguishable as one rule can apply
1649         on a page while the next rule does not. The simplest approach is to group by trigger.
1650
1651         The second problem had to do with rules added before the document is created.
1652         When accumulating those rules, we were only keeping the last one. The reason was that
1653         DocumentLoader::addPendingContentExtensionDisplayNoneSelector() would only keep a single
1654         selector list by extension.
1655
1656         This is fixed by keeping a vector of all the rules that apply.
1657
1658         Tests: http/tests/contentextensions/css-display-none-with-different-case-sensitivity-are-not-merged.html
1659                http/tests/contentextensions/css-display-none-with-different-triggers-are-not-merged.html
1660                http/tests/contentextensions/two-distinguishable-css-display-none-rules-on-main-resource.html
1661
1662         * contentextensions/ContentExtensionCompiler.cpp:
1663         (WebCore::ContentExtensions::serializeActions):
1664         * contentextensions/ContentExtensionRule.h:
1665         (WebCore::ContentExtensions::Trigger::isEmpty):
1666         (WebCore::ContentExtensions::TriggerHash::hash):
1667         (WebCore::ContentExtensions::TriggerHash::equal):
1668         (WebCore::ContentExtensions::TriggerHashTraits::constructDeletedValue):
1669         (WebCore::ContentExtensions::TriggerHashTraits::isDeletedValue):
1670         (WebCore::ContentExtensions::TriggerHashTraits::emptyValue):
1671         (WebCore::ContentExtensions::TriggerHashTraits::isEmptyValue):
1672         * contentextensions/ContentExtensionsBackend.cpp:
1673         (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad): Deleted.
1674         * loader/DocumentLoader.cpp:
1675         (WebCore::DocumentLoader::commitData):
1676         (WebCore::DocumentLoader::addPendingContentExtensionDisplayNoneSelector):
1677         * loader/DocumentLoader.h:
1678
1679 2015-07-17  Tim Horton  <timothy_horton@apple.com>
1680
1681         iOS TextIndicators include text that is not supposed to be indicated
1682         https://bugs.webkit.org/show_bug.cgi?id=147028
1683         <rdar://problem/21643094>
1684
1685         Reviewed by Sam Weinig.
1686
1687         Paint the selection and background, but not other foregrounds, for iOS TextIndicators.
1688
1689         * page/FrameSnapshotting.cpp:
1690         (WebCore::snapshotFrameRect):
1691         * page/FrameSnapshotting.h:
1692         Add a new snapshot option where we'll paint backgrounds and the selected
1693         foreground and nothing else.
1694         Pass the new snapshot option through as a paint behavior.
1695
1696         * page/TextIndicator.cpp:
1697         (WebCore::TextIndicator::createWithRange):
1698         Implement the incantations necessary to make a temporary selection
1699         change not get sent to the UI process and actually have WebCore know about it
1700         and accurately respond to questions about it.
1701
1702         (WebCore::TextIndicator::createWithSelectionInFrame):
1703         Paint selection and backgrounds on iOS.
1704
1705         * rendering/PaintPhase.h:
1706         * rendering/RenderLayer.cpp:
1707         (WebCore::RenderLayer::paintLayerContents):
1708         * rendering/RenderElement.cpp:
1709         (WebCore::RenderElement::selectionColor):
1710         Add a new paint behavior, SelectionAndBackgroundsOnly, which behaves
1711         the same as selection only except it allows backgrounds to paint.
1712
1713 2015-07-17  Mark Lam  <mark.lam@apple.com>
1714
1715         Remove leak of objects between isolated worlds on custom events, message events, and pop state events.
1716         https://bugs.webkit.org/show_bug.cgi?id=118884
1717
1718         Reviewed by Filip Pizlo and Mark Lam.
1719         Patch by Keith Miller  <keith_miller@apple.com>.
1720
1721         Tests: fast/events/event-leak-objects.html
1722                fast/events/event-properties-gc.html
1723
1724         Fixes an issue where objects passed as certain properties of events could cross isolated worlds. This
1725         was fixed by checking that any object passed by an event must be serializable or originate from the same
1726         isolated world as the one it is currently being accessed in. In the case of MessageEvents and PopStateEvents we
1727         cache the values of the data and state properties, respectively, as they may be a deserialized object. In case
1728         an object was deserialized in a world with elevated privileges we also check the cached value is from the same
1729         world, if it is from a different world we recompute it. For testing purposes, I added a new function to Internals
1730         that determines whether a JSObject originated in the current world.
1731
1732         * CMakeLists.txt:
1733         * WebCore.xcodeproj/project.pbxproj:
1734         * bindings/js/DOMWrapperWorld.h:
1735         (WebCore::worldForDOMObject):
1736         * bindings/js/JSBindingsAllInOne.cpp:
1737         * bindings/js/JSCustomEventCustom.cpp: Copied from Source/WebCore/dom/CustomEvent.cpp.
1738         (WebCore::JSCustomEvent::detail):
1739         * bindings/js/JSMessageEventCustom.cpp:
1740         (WebCore::JSMessageEvent::data):
1741         * bindings/js/JSPopStateEventCustom.cpp:
1742         (WebCore::JSPopStateEvent::state):
1743         * dom/CustomEvent.cpp:
1744         (WebCore::CustomEvent::initCustomEvent):
1745         (WebCore::CustomEvent::trySerializeDetail):
1746         * dom/CustomEvent.h:
1747         * dom/CustomEvent.idl:
1748         * dom/MessageEvent.cpp:
1749         (WebCore::MessageEvent::initMessageEvent):
1750         (WebCore::MessageEvent::trySerializeData):
1751         * dom/MessageEvent.h:
1752         * dom/PopStateEvent.cpp:
1753         (WebCore::PopStateEvent::trySerializeState):
1754         * dom/PopStateEvent.h:
1755         * testing/Internals.cpp:
1756         (WebCore::Internals::isFromCurrentWorld):
1757         * testing/Internals.h:
1758         * testing/Internals.idl:
1759
1760 2015-07-17  Carlos Garcia Campos  <cgarcia@igalia.com>
1761
1762         [GTK] Cleanup PasteboardHelper
1763         https://bugs.webkit.org/show_bug.cgi?id=147035
1764
1765         Reviewed by Žan Doberšek.
1766
1767         It's actually a singleton, but the API suggests you can create
1768         your own or use the default one, but the default one should be the
1769         only one. Rename PasteboardHelper::defaultPasteboardHelper() as
1770         PasteboardHelper::singleton() and make it non-copyable and never
1771         destroyed.
1772
1773         * platform/gtk/PasteboardGtk.cpp:
1774         (WebCore::Pasteboard::writePlainText): Use PasteboardHelper::singleton().
1775         (WebCore::Pasteboard::write): Ditto.
1776         (WebCore::Pasteboard::writePasteboard): Ditto.
1777         (WebCore::Pasteboard::clear): Ditto.
1778         (WebCore::Pasteboard::canSmartReplace): Ditto.
1779         (WebCore::Pasteboard::read): Ditto.
1780         (WebCore::Pasteboard::hasData): Ditto.
1781         (WebCore::Pasteboard::types): Ditto.
1782         (WebCore::Pasteboard::readString): Ditto.
1783         (WebCore::Pasteboard::readFilenames): Ditto.
1784         * platform/gtk/PasteboardHelper.cpp:
1785         (WebCore::PasteboardHelper::singleton): Renamed as singleton, also
1786         use NeverDestroyed and return a reference instead of a pointer.
1787         (WebCore::PasteboardHelper::PasteboardHelper): Do all
1788         initializations here and remove the initialization static flag,
1789         since this is a real singleton now. Also use
1790         gdk_atom_intern_static_string() to initialize the atoms instead of
1791         gdk_atom_intern().
1792         (WebCore::PasteboardHelper::targetList):
1793         (WebCore::PasteboardHelper::targetListForDataObject):
1794         (WebCore::getClipboardContentsCallback):
1795         * platform/gtk/PasteboardHelper.h:
1796
1797 2015-07-16  Matt Rajca  <mrajca@apple.com>
1798
1799         Media Session: handle 'Transient' and 'Transient Solo' interruption events
1800         https://bugs.webkit.org/show_bug.cgi?id=146840
1801
1802         Reviewed by Eric Carlson.
1803
1804         * Modules/mediasession/MediaSession.cpp:
1805         (WebCore::MediaSession::handleDuckInterruption): Added stub.
1806         (WebCore::MediaSession::handleUnduckInterruption): Added stub.
1807         (WebCore::MediaSession::handlePauseInterruption): Pause active media elements. We use our helper method to do this
1808           "safely" since pausing a media element can change the collection we're iterating.
1809         (WebCore::MediaSession::handleUnpauseInterruption): Unpause active media elements. We use our helper method to do this
1810           "safely" since unpausing a media element can change the collection we're iterating.
1811         (WebCore::MediaSession::togglePlayback): Factored out "safe" iteration into a helper method elsewhere.
1812         (WebCore::MediaSession::safelyIterateActiveMediaElements): Safely iterate through the collection of active media
1813           elements.
1814         * Modules/mediasession/MediaSession.h:
1815         * Modules/mediasession/MediaSessionManager.cpp:
1816         (WebCore::MediaSessionManager::MediaSessionManager): On Mac, register for platform-specific interruptions.
1817         (WebCore::MediaSessionManager::didReceiveStartOfInterruptionNotification): Implemented section 4.5.2 of Media Session spec.
1818         (WebCore::MediaSessionManager::didReceiveEndOfInterruptionNotification): Ditto.
1819         * Modules/mediasession/MediaSessionManager.h:
1820
1821 2015-07-16  Matt Rajca  <mrajca@apple.com>
1822
1823         Media Session: add support for platform-specific interruption providers
1824         https://bugs.webkit.org/show_bug.cgi?id=147008
1825
1826         Reviewed by Eric Carlson.
1827
1828         * WebCore.xcodeproj/project.pbxproj: Include new source files.
1829         * platform/mediasession/MediaSessionInterruptionProvider.cpp: Added base class to be used by MediaSessionManager
1830           to listen for interruption notifications.
1831         (WebCore::MediaSessionInterruptionProvider::MediaSessionInterruptionProvider): Begin listening for interruptions
1832           upon construction.
1833         (WebCore::MediaSessionInterruptionProvider::~MediaSessionInterruptionProvider): Stop listening for interruptions
1834           before destruction.
1835         (WebCore::MediaSessionInterruptionProvider::beginListeningForInterruptions): To be overridden by subclasses.
1836         (WebCore::MediaSessionInterruptionProvider::stopListeningForInterruptions): To be overridden by subclasses.
1837         * platform/mediasession/MediaSessionInterruptionProvider.h: Added.
1838         (WebCore::MediaSessionInterruptionProviderClient::~MediaSessionInterruptionProviderClient):
1839         (WebCore::MediaSessionInterruptionProvider::client):
1840         * platform/mediasession/mac/MediaSessionInterruptionProviderMac.h: Added for providing Mac-specific interruptions.
1841         (WebCore::MediaSessionInterruptionProviderMac::~MediaSessionInterruptionProviderMac):
1842         * platform/mediasession/mac/MediaSessionInterruptionProviderMac.mm: Added stubs.
1843         (WebCore::MediaSessionInterruptionProviderMac::beginListeningForInterruptions):
1844         (WebCore::MediaSessionInterruptionProviderMac::stopListeningForInterruptions):
1845
1846 2015-07-16  Tim Horton  <timothy_horton@apple.com>
1847
1848         Add shrink-wrapped link highlights
1849         https://bugs.webkit.org/show_bug.cgi?id=147021
1850         <rdar://problem/21643094>
1851
1852         Reviewed by Enrica Casucci.
1853
1854         * WebCore.xcodeproj/project.pbxproj:
1855         * page/TextIndicator.cpp:
1856         (WebCore::TextIndicator::createWithRange):
1857         (WebCore::TextIndicator::createWithSelectionInFrame):
1858         * page/TextIndicator.h:
1859         Add a margin parameter to TextIndicator; this inflates each text rect
1860         by the given amount.
1861
1862         Use snapshotFrameRect instead of snapshotSelection because we really
1863         want an image that exactly fits textBoundingRectInDocumentCoordinates,
1864         and snapshotSelection comes up with selection rects in different ways,
1865         especially on iOS (where it comes up with nothing!).
1866
1867         For now, avoid forcing black text or painting only the selection on iOS.
1868         Eventually, we should have TextIndicator options for these things that
1869         are then respected at the presentation layer.
1870
1871 2015-07-16  Matt Rajca  <mrajca@apple.com>
1872
1873         Media Session: remove plumbing for delivering start/end-of-interruption events
1874         https://bugs.webkit.org/show_bug.cgi?id=147005
1875
1876         Reviewed by Eric Carlson.
1877
1878         Instead of receiving interruptions through WebKit, we will provide platform-specific implementations in WebCore
1879         so the same behavior is available to all clients.
1880
1881         * Modules/mediasession/MediaSessionEvents.h:
1882         * page/Page.cpp:
1883         * page/Page.h:
1884
1885 2015-07-16  Alex Christensen  <achristensen@webkit.org>
1886
1887         [Content Extensions] Cache domain actions
1888         https://bugs.webkit.org/show_bug.cgi?id=146817
1889
1890         Reviewed by Benjamin Poulain.
1891
1892         Right now we run regular expressions on the domain every time we have any rules that match with if-domain or unless-domain.  
1893         This caches the results of running regular expressions on the domain of the main document's url so we only need to 
1894         run those regular expressions when the main document changes domain.  We also spend less time adding unused actions into HashSets.
1895
1896         All behavior is covered by existing api tests, but I added some to explicitly test if-domain and unless-domain with multiple load types.
1897
1898         * contentextensions/ContentExtension.cpp:
1899         (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):
1900         (WebCore::ContentExtensions::ContentExtension::cachedDomainActions):
1901         * contentextensions/ContentExtension.h:
1902         (WebCore::ContentExtensions::ContentExtension::identifier):
1903         (WebCore::ContentExtensions::ContentExtension::compiledExtension):
1904         * contentextensions/ContentExtensionsBackend.cpp:
1905         (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
1906         * contentextensions/DFABytecodeInterpreter.cpp:
1907         (WebCore::ContentExtensions::getJumpDistance):
1908         (WebCore::ContentExtensions::matchesDomain):
1909         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
1910         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
1911         (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsForDefaultStylesheetFromDFARoot):
1912         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretWithDomains):
1913         (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
1914         * contentextensions/DFABytecodeInterpreter.h:
1915
1916 2015-07-16  Simon Fraser  <simon.fraser@apple.com>
1917
1918         Fix disappearing position:fixed elements in fixed layout mode
1919         https://bugs.webkit.org/show_bug.cgi?id=147019
1920
1921         Reviewed by Tim Horton.
1922
1923         Test: compositing/fixed-with-fixed-layout.html
1924         
1925         When in fixed layout mode, and being scaled down, viewportConstrainedVisibleContentRect() is
1926         the wrong thing to use to determine if position:fixed elements are clipped out. In this case,
1927         use the simpler document bounds (before scaling).
1928         
1929         In the long term,  there needs to be an equivalent of viewportConstrainedVisibleContentRect()
1930         that gives an appropriate rect that can be used here.
1931
1932         * rendering/RenderLayerCompositor.cpp:
1933         (WebCore::RenderLayerCompositor::requiresCompositingForPosition):
1934
1935 2015-07-16  Benjamin Poulain  <bpoulain@apple.com>
1936
1937         [Content extensions] Combine suffixes when generating NFAs
1938         https://bugs.webkit.org/show_bug.cgi?id=146961
1939
1940         Reviewed by Alex Christensen.
1941
1942         In this patch, I add a mechanism very similar to the prefix tree
1943         but for the suffix (called a reverse suffix tree here).
1944
1945         The idea is here is to reuse the existing NFA nodes when generating
1946         a chain of suffix Term that were already generated previously.
1947         When generating a disjunction ending with the same suffix, we now
1948         have the same trailing NFA nodes for both sides of the disjunction.
1949
1950         Mixing the prefix and suffix generation can be tricky, we do not want
1951         transitions from a pattern to creep into the suffix of an other.
1952
1953         To avoid any conflict, the rules here are very simple:
1954         -Only use the reverse suffix tree for terms without actions
1955          up to a leaf term with actions.
1956
1957          This rule ensure that no action will accidentally make its way
1958          to an other rule by resuing a vertex of the reverse suffix tree.
1959
1960         -Only use the reverse suffix tree for chains of terms in which
1961          each term only has zero or one following term.
1962
1963          With this condition, when taking any vertex of the reverse suffix
1964          tree, there is only one edge that move out of that vertex when reading
1965          from left to right.
1966          For any vertex, there is only one possible string generated
1967          left-to-right, a single suffix.
1968
1969         This is overly restrictive but it is fast, easier to verify, and it works
1970         well in practice.
1971         For all the more complicated cases, we can count on the Minimizer to
1972         find a better solution.
1973
1974
1975         With all the simple suffixes merged, our NFAs are smaller, which
1976         let us combine more patterns.
1977         The DFAs are also smaller and faster to produce since their size
1978         is relative to the NFA sizes.
1979
1980         Overall, I get the following gains:
1981         -Chris's test case:
1982             compile time -40%.
1983             bytecode size -14%.
1984         -Armand's test case:
1985             compile time -53%.
1986             bytecode size -13%.
1987
1988         * WebCore.xcodeproj/project.pbxproj:
1989         * contentextensions/CombinedURLFilters.cpp:
1990         (WebCore::ContentExtensions::ActiveSubtree::ActiveSubtree):
1991         (WebCore::ContentExtensions::generateInfixUnsuitableForReverseSuffixTree):
1992         (WebCore::ContentExtensions::generateSuffixWithReverseSuffixTree):
1993         (WebCore::ContentExtensions::clearReverseSuffixTree):
1994         (WebCore::ContentExtensions::generateNFAForSubtree):
1995         * contentextensions/DFA.cpp:
1996         (WebCore::ContentExtensions::DFA::debugPrintDot):
1997         Forgot to close a tag, dot was not happy.
1998
1999         * contentextensions/HashableActionList.h: Added.
2000         (WebCore::ContentExtensions::HashableActionList::HashableActionList):
2001         (WebCore::ContentExtensions::HashableActionList::isEmptyValue):
2002         (WebCore::ContentExtensions::HashableActionList::isDeletedValue):
2003         (WebCore::ContentExtensions::HashableActionList::operator==):
2004         (WebCore::ContentExtensions::HashableActionList::operator!=):
2005         (WebCore::ContentExtensions::HashableActionListHash::hash):
2006         (WebCore::ContentExtensions::HashableActionListHash::equal):
2007         We need a way to group reverse suffix tree by their terminal actions.
2008         This new hash structure lets us find unique vertex for a list of actions
2009         in any order.
2010
2011         * contentextensions/ImmutableNFANodeBuilder.h:
2012         (WebCore::ContentExtensions::ImmutableNFANodeBuilder::isValid):
2013         (WebCore::ContentExtensions::ImmutableNFANodeBuilder::nodeId):
2014         (WebCore::ContentExtensions::ImmutableNFANodeBuilder::addTransition):
2015         (WebCore::ContentExtensions::ImmutableNFANodeBuilder::addEpsilonTransition):
2016         (WebCore::ContentExtensions::ImmutableNFANodeBuilder::ImmutableNFANodeBuilder): Deleted.
2017         (WebCore::ContentExtensions::ImmutableNFANodeBuilder::~ImmutableNFANodeBuilder): Deleted.
2018         (WebCore::ContentExtensions::ImmutableNFANodeBuilder::operator=): Deleted.
2019         * contentextensions/Term.h:
2020         (WebCore::ContentExtensions::Term::generateGraph):
2021         (WebCore::ContentExtensions::Term::generateSubgraphForAtom):
2022         Node building changes a bit.
2023
2024         Previously, it was assumed nodes are always built from left to right.
2025         Getting the node on the right was done by providing the left node and the term
2026         doing the transition.
2027
2028         Now we have both left to right and right to left generation.
2029
2030         The right-to-left has a specific property: no edge can be added after
2031         it's initial term (rule 2 of our reverse suffix tree). This simplifies
2032         things a bit since we can finalize all the nodes in the suffix tree.
2033         All we need is to keep their ID to be able to link new nodes
2034         to the reverse suffix tree.
2035
2036 2015-07-16  Brady Eidson  <beidson@apple.com>
2037
2038         Rolling out part of r186895 until rdar://problem/21861167 is resolved.
2039         https://bugs.webkit.org/show_bug.cgi?id=146976
2040
2041         * platform/network/cf/CookieJarCFNet.cpp:
2042         (WebCore::createCookies): Don’t use this new SPI quite yet.
2043
2044 2015-07-16  Filip Pizlo  <fpizlo@apple.com>
2045
2046         Unreviewed, roll out http://trac.webkit.org/changeset/186903. It broke the build.
2047
2048         * CMakeLists.txt:
2049         * WebCore.xcodeproj/project.pbxproj:
2050         * bindings/js/DOMWrapperWorld.h:
2051         (WebCore::currentWorld):
2052         (WebCore::worldForDOMObject): Deleted.
2053         * bindings/js/JSBindingsAllInOne.cpp:
2054         * bindings/js/JSCustomEventCustom.cpp:
2055         (WebCore::JSCustomEvent::detail): Deleted.
2056         * bindings/js/JSMessageEventCustom.cpp:
2057         (WebCore::JSMessageEvent::data):
2058         * bindings/js/JSPopStateEventCustom.cpp:
2059         (WebCore::JSPopStateEvent::state):
2060         * dom/CustomEvent.cpp:
2061         (WebCore::CustomEvent::initCustomEvent):
2062         (WebCore::CustomEvent::eventInterface):
2063         (WebCore::CustomEvent::trySerializeDetail): Deleted.
2064         * dom/CustomEvent.h:
2065         * dom/CustomEvent.idl:
2066         * dom/MessageEvent.cpp:
2067         (WebCore::MessageEvent::initMessageEvent):
2068         (WebCore::MessageEvent::data):
2069         (WebCore::MessageEvent::trySerializeData): Deleted.
2070         * dom/MessageEvent.h:
2071         * dom/PopStateEvent.cpp:
2072         (WebCore::PopStateEvent::create):
2073         (WebCore::PopStateEvent::eventInterface):
2074         (WebCore::PopStateEvent::trySerializeState): Deleted.
2075         * dom/PopStateEvent.h:
2076         * testing/Internals.cpp:
2077         (WebCore::Internals::deserializeBuffer):
2078         (WebCore::Internals::setUsesOverlayScrollbars):
2079         (WebCore::Internals::isFromCurrentWorld): Deleted.
2080         * testing/Internals.h:
2081         * testing/Internals.idl:
2082
2083 2015-07-16  Keith Miller  <keith_miller@apple.com>
2084
2085         Remove leak of objects between isolated worlds on custom events, message events, and pop state events.
2086         https://bugs.webkit.org/show_bug.cgi?id=118884
2087
2088         Reviewed by Filip Pizlo.
2089
2090         Tests: fast/events/event-leak-objects.html
2091                fast/events/event-properties-gc.html
2092
2093         Fixes an issue where objects passed as certain properties of events could cross isolated worlds. This
2094         was fixed by checking that any object passed by an event must be serializable or originate from the same
2095         isolated world as the one it is currently being accessed in. In the case of MessageEvents and PopStateEvents we
2096         cache the values of the data and state properties, respectively, as they may be a deserialized object. In case
2097         an object was deserialized in a world with elevated privileges we also check the cached value is from the same
2098         world, if it is from a different world we recompute it. For testing purposes, I added a new function to Internals
2099         that determines whether a JSObject originated in the current world.
2100
2101         * CMakeLists.txt:
2102         * WebCore.xcodeproj/project.pbxproj:
2103         * bindings/js/DOMWrapperWorld.h:
2104         (WebCore::worldForDOMObject):
2105         * bindings/js/JSBindingsAllInOne.cpp:
2106         * bindings/js/JSCustomEventCustom.cpp: Copied from Source/WebCore/dom/CustomEvent.cpp.
2107         (WebCore::JSCustomEvent::detail):
2108         * bindings/js/JSMessageEventCustom.cpp:
2109         (WebCore::JSMessageEvent::data):
2110         * bindings/js/JSPopStateEventCustom.cpp:
2111         (WebCore::JSPopStateEvent::state):
2112         * dom/CustomEvent.cpp:
2113         (WebCore::CustomEvent::initCustomEvent):
2114         (WebCore::CustomEvent::trySerializeDetail):
2115         * dom/CustomEvent.h:
2116         * dom/CustomEvent.idl:
2117         * dom/MessageEvent.cpp:
2118         (WebCore::MessageEvent::initMessageEvent):
2119         (WebCore::MessageEvent::trySerializeData):
2120         * dom/MessageEvent.h:
2121         * dom/PopStateEvent.cpp:
2122         (WebCore::PopStateEvent::trySerializeState):
2123         * dom/PopStateEvent.h:
2124         * testing/Internals.cpp:
2125         (WebCore::Internals::isFromCurrentWorld):
2126         * testing/Internals.h:
2127         * testing/Internals.idl:
2128
2129 2015-07-16  Brady Eidson  <beidson@apple.com>
2130
2131         WebKit document.cookie mis-parsing.
2132         rdar://problem/21715050 and https://bugs.webkit.org/show_bug.cgi?id=146976
2133
2134         Reviewed by Sam Weinig.
2135
2136         * platform/network/cf/CookieJarCFNet.cpp:
2137         (WebCore::createCookies): Use new SPI if available.
2138         (WebCore::setCookiesFromDOM):
2139         * platform/spi/cf/CFNetworkSPI.h:
2140
2141 2015-07-15  Anders Carlsson  <andersca@apple.com>
2142
2143         Headers that use WEBCORE_EXPORT should include PlatformExportMacros.h
2144         https://bugs.webkit.org/show_bug.cgi?id=146984
2145
2146         Reviewed by Daniel Bates.
2147
2148         * contentextensions/DFA.h:
2149         * dom/ContextDestructionObserver.h:
2150         * dom/DeviceOrientationData.h:
2151         * dom/ExceptionCodePlaceholder.h:
2152         * editing/cocoa/HTMLConverter.h:
2153         * html/track/AudioTrack.h:
2154         * loader/FrameLoaderStateMachine.h:
2155         * loader/appcache/ApplicationCacheHost.h:
2156         * loader/cache/CachedResourceHandle.h:
2157         * platform/URL.h:
2158         * platform/animation/Animation.h:
2159         * platform/audio/AudioHardwareListener.h:
2160         * platform/audio/AudioSession.h:
2161         * platform/graphics/transforms/AffineTransform.h:
2162         * platform/network/Credential.h:
2163         * platform/network/CredentialBase.h:
2164         * platform/network/ResourceHandleClient.h:
2165         * platform/network/mac/AuthenticationMac.h:
2166
2167 2015-07-16  Joseph Pecoraro  <pecoraro@apple.com>
2168
2169         Web Inspector: update $$() to return an Array
2170         https://bugs.webkit.org/show_bug.cgi?id=146964
2171
2172         Reviewed by Brian Burg.
2173
2174         Test: inspector/console/command-line-api.html
2175
2176         * inspector/CommandLineAPIModuleSource.js:
2177         Update $$(...) to return an array.
2178         Also InjectedScriptHost.type was renamed to subtype
2179         a while ago.
2180
2181 2015-07-15  Tim Horton  <timothy_horton@apple.com>
2182
2183         Move indicator rect uniting code to TextIndicatorWindow instead of TextIndicator
2184         https://bugs.webkit.org/show_bug.cgi?id=146992
2185         <rdar://problem/21643094>
2186
2187         Reviewed by Daniel Bates.
2188
2189         Having to unite all the rects if any overlap is an implementation
2190         detail of the Mac TextIndicatorWindow presentation, not a fundamental
2191         property of TextIndicator.
2192
2193         Other TextIndicator presentations might be able to handle overlapping
2194         rects more effectively, so we shouldn't lose information unless we need to.
2195
2196         This also avoids having a second copy of some constants!
2197
2198         * page/TextIndicator.cpp:
2199         (WebCore::outsetIndicatorRectIncludingShadow): Deleted.
2200         (WebCore::textIndicatorsForTextRectsOverlap): Deleted.
2201         (WebCore::TextIndicator::TextIndicator): Deleted.
2202         * page/mac/TextIndicatorWindow.mm:
2203         (outsetIndicatorRectIncludingShadow):
2204         (textIndicatorsForTextRectsOverlap):
2205         (-[WebTextIndicatorView initWithFrame:textIndicator:margin:offset:]):
2206
2207 2015-07-15  Ryuan Choi  <ryuan.choi@navercorp.com>
2208
2209         [CoordinatedGraphics] Remove setContentsScale from TiledBackingStore
2210         https://bugs.webkit.org/show_bug.cgi?id=146921
2211
2212         Reviewed by Gyuyoung Kim.
2213
2214         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
2215         (WebCore::CoordinatedGraphicsLayer::createBackingStore):
2216         (WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
2217         * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
2218         (WebCore::TiledBackingStore::TiledBackingStore):
2219         (WebCore::TiledBackingStore::setContentsScale): Deleted.
2220         * platform/graphics/texmap/coordinated/TiledBackingStore.h:
2221
2222 2015-07-15  Sam Weinig  <sam@webkit.org>
2223
2224         Color match plug-ins
2225         <rdar://problem/21758722>
2226         https://bugs.webkit.org/show_bug.cgi?id=146987
2227
2228         Reviewed by Dean Jackson.
2229
2230         * platform/spi/cocoa/QuartzCoreSPI.h:
2231         Add colorMatchUntaggedContent property.
2232
2233 2015-07-15  Brent Fulgham  <bfulgham@apple.com>
2234
2235         [Win] Another build fix after r186858.
2236
2237         * html/canvas/DOMPath.h: Don't use WEBCORE_EXPORT on the
2238         overall class and the destructor declaration.
2239
2240 2015-07-15  Dean Jackson  <dino@apple.com>
2241
2242         Tag WebGL layers with sRGB colorspace
2243         https://bugs.webkit.org/show_bug.cgi?id=146986
2244         <rdar://problem/21758704>
2245
2246         Fix the build on older El Capitan releases.
2247
2248         * platform/graphics/mac/WebGLLayer.mm:
2249         (-[WebGLLayer initWithGraphicsContext3D:]):
2250         * platform/spi/cocoa/QuartzCoreSPI.h:
2251
2252 2015-07-15  Dean Jackson  <dino@apple.com>
2253
2254         Tag WebGL layers with sRGB colorspace
2255         https://bugs.webkit.org/show_bug.cgi?id=146986
2256         <rdar://problem/21758704>
2257
2258         Reviewed by Simon Fraser.
2259
2260         Label a CAOpenGLLayer as using the sRGB colorspace,
2261         like the rest of our page content.
2262
2263         Test: fast/canvas/webgl/match-page-color-space.html
2264
2265         * platform/graphics/mac/WebGLLayer.mm:
2266         (-[WebGLLayer initWithGraphicsContext3D:]): Set the colorspace property on the layer.
2267         (-[WebGLLayer copyCGLPixelFormatForDisplayMask:]):
2268         (-[WebGLLayer drawInCGLContext:pixelFormat:forLayerTime:displayTime:]):
2269         (-[WebGLLayer copyImageSnapshotWithColorSpace:]):
2270
2271 2015-07-15  Brent Fulgham  <bfulgham@apple.com>
2272
2273         [Win] Unreviewed build fix after r186858.
2274
2275         Add missing DOMPath and PathUtilities files to project.
2276
2277         * WebCore.vcxproj/WebCore.vcxproj:
2278         * WebCore.vcxproj/WebCore.vcxproj.filters:
2279
2280 2015-07-15  Anders Carlsson  <andersca@apple.com>
2281
2282         Headers that look for NSGEOMETRY_TYPES_SAME_AS_CGGEOMETRY_TYPES should import NSGeometry.h
2283         https://bugs.webkit.org/show_bug.cgi?id=146982
2284
2285         Reviewed by Tim Horton.
2286
2287         * platform/graphics/FloatPoint.h:
2288         * platform/graphics/IntPoint.h:
2289         * platform/graphics/IntSize.h:
2290
2291 2015-07-15  Wenson Hsieh  <wenson_hsieh@apple.com>
2292
2293         Scroll snapping to elements is broken for main frame scrolling
2294         https://bugs.webkit.org/show_bug.cgi?id=146957
2295
2296         Reviewed by Brent Fulgham.
2297
2298         Fixes the case of elements with scroll snap coordinates in a scroll snapping mainframe by changing
2299         RenderBox::findEnclosingScrollableContainer to return the body's RenderBox when all enclosing elements
2300         are not overflow scrollable but the mainframe can scroll.
2301
2302         Test: css3/scroll-snap/scroll-snap-coordinate-mainframe.html
2303
2304         * page/FrameView.h: Export isScrollable so that the Internals API can use it.
2305         * rendering/RenderBox.cpp: Include MainFrame.h.
2306         (WebCore::RenderBox::findEnclosingScrollableContainer): Changed to return the body's RenderBox if
2307             none of its parent elements are overflow scrolling.
2308         * testing/Internals.cpp:
2309         (WebCore::Internals::scrollSnapOffsets): Updated to return snap offsets for the body element,
2310             allowing us to call window.internals.scrollSnapOffsets(document.body).
2311
2312 2015-07-15  Brady Eidson  <beidson@apple.com>
2313
2314         WebKit document.cookie mis-parsing.
2315         rdar://problem/21715050 and https://bugs.webkit.org/show_bug.cgi?id=146976
2316
2317         Reviewed by Sam Weinig.
2318
2319         * platform/network/mac/CookieJarMac.mm:
2320         (WebCore::setCookiesFromDOM): Use new CFNetwork SPI when available.
2321
2322 2015-07-15  Jinyoung Hur  <hur.ims@navercorp.com>
2323
2324         [WinCairo] font fallback not working
2325         https://bugs.webkit.org/show_bug.cgi?id=146595
2326
2327         Reviewed by Myles C. Maxfield.
2328
2329         A Win32 API, GetGlyphIndices(), is not used properly, so any glyphs are considered existing in a font and it prevents the font fall back mechanism from working.
2330
2331         I think a specific font should be newly installed on the test machine to test this case but I have no idea how can it be done.
2332
2333         * platform/graphics/win/GlyphPageTreeNodeCairoWin.cpp:
2334         (WebCore::GlyphPage::fill):
2335
2336 2015-07-15  Tim Horton  <timothy_horton@apple.com>
2337
2338         Factor rect shrink-wrapping code out of RenderThemeMac for future reuse
2339         https://bugs.webkit.org/show_bug.cgi?id=146973
2340         <rdar://problem/21643094>
2341
2342         Reviewed by Anders Carlsson.
2343
2344         Test: fast/shrink-wrap/rect-shrink-wrap.html
2345
2346         * WebCore.xcodeproj/project.pbxproj:
2347         Add DOMPath.cpp and PathUtilities.{h, cpp}.
2348
2349         * bindings/js/JSDOMBinding.h:
2350         (WebCore::NativeValueTraits<double>::nativeValue):
2351         Make it possible to use sequence<double> in IDL files.
2352
2353         * bindings/scripts/CodeGeneratorJS.pm:
2354         Export JSDOMPath for use in Internals.
2355
2356         * html/canvas/DOMPath.cpp: Added.
2357         (WebCore::DOMPath::~DOMPath):
2358         * html/canvas/DOMPath.h:
2359         Out-of-line the DOMPath destructor so as not to anger the bindings
2360         integrity checker (otherwise, the address of the DOMPath destructor
2361         is different in WebCoreTestSupport and WebCore, causing us to fail
2362         the vtable equality test).
2363
2364         * platform/graphics/Path.h:
2365         Forward declare FloatRect instead of including it unnecessarily.
2366         Export ensurePlatformPath().
2367
2368         * platform/graphics/PathUtilities.cpp: Added.
2369         (WebCore::addShrinkWrapRightCorner):
2370         (WebCore::addShrinkWrapLeftCorner):
2371         (WebCore::addShrinkWrappedPathForRects):
2372         These parts are extracted from RenderThemeMac, with two changes:
2373             + support for arbitrarily-aligned rects
2374               (the other version assumed they were horizontally center-aligned)
2375             + support for overlapping rects
2376               (the other version assumed they touched but did not overlap)
2377
2378         There are still things missing:
2379             + support for a fallback when the shape is too hard to shrink-wrap
2380
2381         And things broken:
2382             + if the distance between two edges is smaller than the corner radius,
2383               we'll end up with a sharp edge in the path
2384
2385         Both of these cases are covered in the layout test and can be improved.
2386
2387         (WebCore::rectsIntersectOrTouch):
2388         Rect intersection with <= instead of <.
2389
2390         (WebCore::contiguousRectGroupsFromRects):
2391         Given a set of rects, find all of the contiguous regions. We'll
2392         shrink-wrap each region independently.
2393
2394         (WebCore::PathUtilities::pathWithShrinkWrappedRects):
2395         * platform/graphics/PathUtilities.h: Added.
2396         Add PathUtilities, where the shrink-wrapping code lives.
2397
2398         * rendering/RenderThemeMac.mm:
2399         (WebCore::paintAttachmentTitleBackground):
2400         (WebCore::addAttachmentTitleBackgroundRightCorner): Deleted.
2401         (WebCore::addAttachmentTitleBackgroundLeftCorner): Deleted.
2402         Remove shrink-wrapping implementation and make use of the one in PathUtilities.
2403
2404         * testing/Internals.cpp:
2405         (WebCore::Internals::pathWithShrinkWrappedRects):
2406         * testing/Internals.h:
2407         * testing/Internals.idl:
2408         Expose pathWithShrinkWrappedRects to tests via Internals.
2409         It takes a sequence<double> where every four values are the x, y, w, h
2410         of a rect, and returns a DOMPath which can be used with Canvas.
2411
2412 2015-07-15  Enrica Casucci  <enrica@apple.com>
2413
2414         [iOS] Should look for RTF and RTFD pasteboard types before plain text.
2415         https://bugs.webkit.org/show_bug.cgi?id=146971
2416         rdar://problem/21840845
2417
2418         Reviewed by Sam Weinig.
2419
2420         The list of pasteboard types returned by supportedPasteboardTypes
2421         determines the order in which WebKit looks for data in the pasteboard
2422         to create a fragment. The incorrect order could make plain text to
2423         be preferred over rich format.
2424
2425         * platform/ios/PasteboardIOS.mm:
2426         (WebCore::Pasteboard::supportedPasteboardTypes):
2427
2428 2015-07-15  Anders Carlsson  <andersca@apple.com>
2429
2430         Private headers that include project headers should also be project headers
2431         https://bugs.webkit.org/show_bug.cgi?id=146974
2432
2433         Reviewed by Dan Bernstein.
2434
2435         Since these headers can't be included by WebKit anyway they shouldn't be installed.
2436
2437         * WebCore.xcodeproj/project.pbxproj:
2438
2439 2015-07-15  Eric Carlson  <eric.carlson@apple.com>
2440
2441         [Mac] AirPlay route is not always set automatically
2442         https://bugs.webkit.org/show_bug.cgi?id=146969
2443
2444         Reviewed by Jer Noble.
2445
2446         * Modules/mediasession/WebMediaSessionManager.cpp:
2447         (WebCore::WebMediaSessionManager::configurePlaybackTargetClients): Return early if there are
2448           no clients. Make the first client in the vector automatically play to the target if there
2449           is no other match and there is an active route.
2450         (WebCore::WebMediaSessionManager::watchdogTimerFired): Call picker.invalidatePlaybackTargets,
2451           not stopMonitoringPlaybackTargets.
2452
2453         * platform/graphics/MediaPlaybackTargetPicker.cpp:
2454         (WebCore::MediaPlaybackTargetPicker::invalidatePlaybackTargets): New.
2455         * platform/graphics/MediaPlaybackTargetPicker.h:
2456
2457         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
2458         * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
2459         (WebCore::MediaPlaybackTargetPickerMac::stopMonitoringPlaybackTargets): Do nothing, AirPlay
2460           automatically stops monitoring when appropriate and release the picker also releases
2461           the output context, which drops the route.
2462         (WebCore::MediaPlaybackTargetPickerMac::invalidatePlaybackTargets): New.
2463
2464 2015-07-15  Anders Carlsson  <andersca@apple.com>
2465
2466         Remove forwarding headers that no longer point to valid headers
2467         https://bugs.webkit.org/show_bug.cgi?id=146972
2468
2469         Reviewed by Tim Horton.
2470
2471         * ForwardingHeaders/heap/AllocationSpace.h: Removed.
2472         * ForwardingHeaders/runtime/IntegralTypedArrayBase.h: Removed.
2473         * ForwardingHeaders/runtime/PrototypeFunction.h: Removed.
2474         * ForwardingHeaders/runtime/StorageBarrier.h: Removed.
2475         * ForwardingHeaders/runtime/TypedArrayBase.h: Removed.
2476
2477 2015-07-15  Wenson Hsieh  <wenson_hsieh@apple.com>
2478
2479         Negative scroll snap repeat values cause web process to hang indefinitely
2480         https://bugs.webkit.org/show_bug.cgi?id=146953
2481         <rdar://problem/21823681>
2482
2483         Reviewed by Simon Fraser.
2484
2485         Fixed dangerous behavior caused by setting -scroll-snap-points-x or -y to negative or very small
2486         positive values. In the case of negative or 0 repeats, the web process would hang indefinitely. In
2487         the case of very small positive values, a massive amount of memory could potentially be allocated
2488         just to store snap offsets.
2489
2490         Tests: css3/scroll-snap/scroll-snap-negative-repeat.html
2491                css3/scroll-snap/scroll-snap-subpixel-repeat.html
2492
2493         * css/CSSParser.cpp:
2494         (WebCore::CSSParser::parseNonElementSnapPoints): Changed to consider negative snap repeat values as invalid CSS.
2495         * page/scrolling/AxisScrollSnapOffsets.cpp:
2496         (WebCore::updateFromStyle): Changed to threshold non-negative snap repeat values to 1px.
2497
2498 2015-07-14  Dean Jackson  <dino@apple.com>
2499
2500         Placeholder colors should be system grays
2501         https://bugs.webkit.org/show_bug.cgi?id=146955
2502         <rdar://problem/21774358>
2503
2504         Reviewed by Sam Weinig.
2505
2506         Update the PiP and Airplay placards to use the correct shades
2507         of gray.
2508
2509         * Modules/mediacontrols/mediaControlsApple.css: No need to specify the
2510         font here, nor have rules for Picture in Picture, which isn't available
2511         on OS X.
2512         (audio::-webkit-media-controls-time-remaining-display): We should specify
2513         font style here.
2514         (video:-webkit-full-screen::-webkit-media-controls-panel): Drive-by cleanup.
2515         (audio::-webkit-media-controls-wireless-playback-status): Use a gray background
2516         and system gray for text and artwork.
2517         (audio::-webkit-media-controls-wireless-playback-status.small): Ditto.
2518         (audio::-webkit-media-controls-picture-in-picture-button): Deleted (not on OS X).
2519         (audio::-webkit-media-controls-wireless-playback-text-top): Deleted use of background color.
2520         (audio::-webkit-media-controls-wireless-playback-text-bottom): Ditto..
2521
2522         * Modules/mediacontrols/mediaControlsiOS.css: Use a gray background
2523         and system gray for text and artwork.
2524         (audio::-webkit-media-controls-wireless-playback-status):
2525         (audio::-webkit-media-controls-wireless-playback-text-top):
2526         (audio::-webkit-media-controls-wireless-playback-status.picture-in-picture):
2527
2528 2015-07-14  Hunseop Jeong  <hs85.jeong@samsung.com>
2529
2530         [EFL] Scrollbar is not drawn on MiniBrowser.
2531         https://bugs.webkit.org/show_bug.cgi?id=143566
2532
2533         Reviewed by Gyuyoung Kim.
2534
2535         Implement the ScrollbarThemeEfl to draw the scrollbar on EFL port.
2536
2537         * PlatformEfl.cmake: Removed the ScrollbarEfl.cpp.
2538
2539         * platform/Scrollbar.cpp: Removed the !PLATFORM(EFL) guard to use the createNativeScrollbar().
2540
2541         * platform/efl/DefaultTheme/CMakeLists.txt: Replaced the image files with new ones.
2542
2543         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar.edc:
2544         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_bg_horizontal.png: Added.
2545         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_bg_vertical.png: Added.
2546         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_h.png: Removed.
2547         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_knob_h.png: Removed.
2548         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_knob_v.png: Removed.
2549         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_thumb_horizontal.png: Added.
2550         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_thumb_vertical.png: Added.
2551         * platform/efl/DefaultTheme/widget/scrollbar/scrollbar_v.png: Removed.
2552         * platform/efl/RenderThemeEfl.cpp:
2553         (WebCore::toEdjeGroup):
2554         (WebCore::RenderThemeEfl::paintThemePart): Added the new function to draw the scrollbar
2555           using the RenderThemeEfl.
2556
2557         * platform/efl/RenderThemeEfl.h:
2558         * platform/efl/ScrollbarEfl.cpp: Removed.
2559         * platform/efl/ScrollbarEfl.h: Removed.
2560         * platform/efl/ScrollbarThemeEfl.cpp: Implemented the default functions to draw the
2561           scrollbar.
2562         (WebCore::scrollbarMap):
2563         (WebCore::ScrollbarThemeEfl::~ScrollbarThemeEfl):
2564         (WebCore::ScrollbarThemeEfl::scrollbarThickness):
2565         (WebCore::ScrollbarThemeEfl::hasThumb):
2566         (WebCore::ScrollbarThemeEfl::backButtonRect):
2567         (WebCore::ScrollbarThemeEfl::forwardButtonRect):
2568         (WebCore::ScrollbarThemeEfl::trackRect):
2569         (WebCore::ScrollbarThemeEfl::minimumThumbLength):
2570         (WebCore::ScrollbarThemeEfl::paintTrackBackground):
2571         (WebCore::ScrollbarThemeEfl::paintThumb):
2572         (WebCore::ScrollbarThemeEfl::registerScrollbar):
2573         (WebCore::ScrollbarThemeEfl::unregisterScrollbar):
2574         (WebCore::ScrollbarThemeEfl::loadThemeIfNeeded):
2575         * platform/efl/ScrollbarThemeEfl.h:
2576         (WebCore::ScrollbarThemeEfl::usesOverlayScrollbars):
2577
2578 2015-07-14  Andreas Kling  <akling@apple.com>
2579
2580         Don't persist history item tree for subframes across reloads.
2581         <https://webkit.org/b/146937>
2582         <rdar://problem/19925709>
2583
2584         Reviewed by Brady Eidson.
2585
2586         Throw away the subframe history items when reloading a page. This ensures that we
2587         don't accumulate outdated frame metadata when subframes change name across page loads.
2588         Since the history item tree is encoded in the UA session state and gets serialized to
2589         disk, it's important that we don't let it grow unbounded.
2590
2591         * loader/HistoryController.cpp:
2592         (WebCore::HistoryController::updateForReload):
2593
2594 2015-07-14  Antti Koivisto  <antti@apple.com>
2595
2596         REGRESSION (r177876): store.apple.com profile and cart icons are missing
2597         https://bugs.webkit.org/show_bug.cgi?id=146894
2598
2599         Reviewed by Myles C. Maxfield.
2600
2601         If we had several @font-face rules for the same face covering overlapping ranges we
2602         would only try to get glyphs from the first one. If it didn't have the glyph we wouldn't
2603         try the other ones.
2604
2605         Test: fast/css/font-face-multiple-missing-glyphs.html
2606
2607         * platform/graphics/FontCascadeFonts.cpp:
2608         (WebCore::FontCascadeFonts::glyphDataForVariant):
2609         (WebCore::FontCascadeFonts::glyphDataForNormalVariant):
2610
2611             Get GlyphData with one call.
2612
2613         * platform/graphics/FontRanges.cpp:
2614         (WebCore::FontRanges::~FontRanges):
2615         (WebCore::FontRanges::glyphDataForCharacter):
2616
2617             Check that we actually have a glyph in the font for the character before returning it.
2618
2619         (WebCore::FontRanges::fontForCharacter):
2620         (WebCore::FontRanges::fontForFirstRange):
2621         * platform/graphics/FontRanges.h:
2622         (WebCore::FontRanges::size):
2623         (WebCore::FontRanges::rangeAt):
2624
2625 2015-07-14  Wenson Hsieh  <wenson_hsieh@apple.com>
2626
2627         Fix the 32 bit build after r186817
2628         https://bugs.webkit.org/show_bug.cgi?id=146947
2629
2630         Changed CGRect to NSRect.
2631
2632         Reviewed by Simon Fraser.
2633
2634         * platform/mac/ThemeMac.mm:
2635         (WebCore::paintButton):
2636
2637 2015-07-14  Anders Carlsson  <andersca@apple.com>
2638
2639         Remove wkPopupMenu from WebCoreSystemInterface; it's not called from WebCore
2640         https://bugs.webkit.org/show_bug.cgi?id=146945
2641
2642         Reviewed by Tim Horton.
2643
2644         * platform/mac/WebCoreSystemInterface.h:
2645
2646 2015-07-14  Wenson Hsieh  <wenson_hsieh@apple.com>
2647
2648         Input buttons rendered at the wrong size when pinching-to-zoom
2649         https://bugs.webkit.org/show_bug.cgi?id=146916
2650
2651         Reviewed by Dean Jackson.
2652
2653         Scales buttons and their focus rects up when pinching to zoom by painting to an offscreen ImageBuffer which is
2654         then scaled and painted onto the display.
2655
2656         * platform/Theme.h: Modified signature of Theme::paint.
2657         (WebCore::Theme::paint): Added plumbing necessary to send the device and page scale factors to paintButton.
2658         * platform/mac/ThemeMac.h: Modified signature of paintButton.
2659         * platform/mac/ThemeMac.mm: Added ImageBuffer.h header.
2660         (WebCore::buttonFocusRectOutlineWidth): Represents the width of the focus rect of a button. Used by paintButton
2661             to determine the size of the ImageBuffer required to draw a focus rect.
2662         (WebCore::paintButton): Changed to paint button cells and the focus rect, if applicable, to a temporary ImageBuffer
2663             before painting the ImageBuffer onto the view. Refactored to receive a deviceScaleFactor and page scale factor,
2664             used when painting to the ImageBuffer.
2665         (WebCore::ThemeMac::paint): Added plumbing necessary to send the device and page scale factors to paintButton.
2666         * rendering/RenderTheme.cpp: Modified signature of RenderTheme::paint.
2667         (WebCore::RenderTheme::paint): Added plumbing necessary to send the device and page scale factors to paintButton.
2668
2669 2015-07-14  Commit Queue  <commit-queue@webkit.org>
2670
2671         Unreviewed, rolling out r186809.
2672         https://bugs.webkit.org/show_bug.cgi?id=146943
2673
2674         Caused about 190 layout test failures. (Requested by mlam_ on
2675         #webkit).
2676
2677         Reverted changeset:
2678
2679         "REGRESSION (r177876): store.apple.com profile and cart icons
2680         are missing"
2681         https://bugs.webkit.org/show_bug.cgi?id=146894
2682         http://trac.webkit.org/changeset/186809
2683
2684 2015-07-14  Antti Koivisto  <antti@apple.com>
2685
2686         REGRESSION (r177876): store.apple.com profile and cart icons are missing
2687         https://bugs.webkit.org/show_bug.cgi?id=146894
2688
2689         Reviewed by Myles C. Maxfield.
2690
2691         If we had several @font-face rules for the same face covering overlapping ranges we
2692         would only try to get glyphs from the first one. If it didn't have the glyph we wouldn't
2693         try the other ones.
2694
2695         Test: fast/css/font-face-multiple-missing-glyphs.html
2696
2697         * platform/graphics/FontCascadeFonts.cpp:
2698         (WebCore::FontCascadeFonts::glyphDataForVariant):
2699         (WebCore::FontCascadeFonts::glyphDataForNormalVariant):
2700
2701             Get GlyphData with one call.
2702
2703         * platform/graphics/FontRanges.cpp:
2704         (WebCore::FontRanges::~FontRanges):
2705         (WebCore::FontRanges::glyphDataForCharacter):
2706
2707             Check that we actually have a glyph in the font for the character before returning it.
2708
2709         (WebCore::FontRanges::fontForCharacter):
2710         (WebCore::FontRanges::fontForFirstRange):
2711         * platform/graphics/FontRanges.h:
2712         (WebCore::FontRanges::size):
2713         (WebCore::FontRanges::rangeAt):
2714
2715 2015-07-14  Alex Christensen  <achristensen@webkit.org>
2716
2717         [Content Extensions] Fix if-domain and unless-domain when loading main documents.
2718         https://bugs.webkit.org/show_bug.cgi?id=146868
2719
2720         Reviewed by Benjamin Poulain.
2721
2722         Tests: http/tests/contentextensions/block-everything-if-domain.html
2723                http/tests/contentextensions/block-everything-unless-domain-iframe.html
2724                http/tests/contentextensions/block-everything-unless-domain-redirect.php
2725                http/tests/contentextensions/block-everything-unless-domain.html
2726
2727         * contentextensions/ContentExtensionsBackend.cpp:
2728         (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
2729         If we are loading a new main document, use that main document url as the main document url for domain comparison.
2730
2731 2015-07-05  Sam Weinig  <sam@webkit.org>
2732
2733         DOM4: prepend, append, before, after & replace
2734         https://bugs.webkit.org/show_bug.cgi?id=74648
2735
2736         Reviewed by Darin Adler.
2737
2738         - Adds support for ChildNode.before/after/replaceWith and ParentNode.prepend/append
2739           which are new functions in https://dom.spec.whatwg.org
2740         - Uses custom bindings rather than implementing support for union types in the code
2741           generator as their uses seems isolated to just this spec at the moment. If more
2742           uses come along, we should implement proper support for them in the generator and
2743           remove the custom bindings added here.
2744
2745         Tests: fast/dom/ChildNode-after.html
2746                fast/dom/ChildNode-before.html
2747                fast/dom/ChildNode-replaceWith.html
2748                fast/dom/ParentNode-append.html
2749                fast/dom/ParentNode-prepend.html
2750
2751         * CMakeLists.txt:
2752         * WebCore.vcxproj/WebCore.vcxproj:
2753         * WebCore.xcodeproj/project.pbxproj:
2754         * bindings/js/JSBindingsAllInOne.cpp:
2755         Add new files.
2756
2757         * bindings/js/JSCharacterDataCustom.cpp: Added.
2758         (WebCore::JSCharacterData::before):
2759         (WebCore::JSCharacterData::after):
2760         (WebCore::JSCharacterData::replaceWith):
2761         * bindings/js/JSDocumentCustom.cpp:
2762         (WebCore::JSDocument::prepend):
2763         (WebCore::JSDocument::append):
2764         (WebCore::JSDocument::createTouchList):
2765         * bindings/js/JSDocumentFragmentCustom.cpp: Added.
2766         (WebCore::JSDocumentFragment::prepend):
2767         (WebCore::JSDocumentFragment::append):
2768         * bindings/js/JSDocumentTypeCustom.cpp: Added.
2769         (WebCore::JSDocumentType::before):
2770         (WebCore::JSDocumentType::after):
2771         (WebCore::JSDocumentType::replaceWith):
2772         * bindings/js/JSElementCustom.cpp:
2773         (WebCore::toJSNewlyCreated):
2774         (WebCore::JSElement::before):
2775         (WebCore::JSElement::after):
2776         (WebCore::JSElement::replaceWith):
2777         (WebCore::JSElement::prepend):
2778         (WebCore::JSElement::append):
2779         Add custom bindings to implement the use of variadic union types.
2780
2781         * bindings/js/JSNodeOrString.cpp: Added.
2782         (WebCore::toNodeOrStringVector):
2783         * bindings/js/JSNodeOrString.h: Added.
2784         Adds a help function for converting an JS argument list into a Vector
2785         of NodeOrString objects.
2786
2787         * dom/ChildNode.idl:
2788         Expose before/after/replaceWith to JavaScript.
2789
2790         * dom/ContainerNode.cpp:
2791         (WebCore::ContainerNode::append):
2792         (WebCore::ContainerNode::prepend):
2793         * dom/ContainerNode.h:
2794         Add implementations of append and prepend.
2795
2796         * dom/Node.h:
2797         * dom/Node.cpp:
2798         (WebCore::nodeSetPreTransformedFromNodeOrStringVector):
2799         (WebCore::firstPrecedingSiblingNotInNodeSet):
2800         (WebCore::firstFollowingSiblingNotInNodeSet):
2801         Helper functions for before, after and removeWith.
2802
2803         (WebCore::Node::before):
2804         (WebCore::Node::after):
2805         (WebCore::Node::replaceWith):
2806         Add implementations of before, after and removeWith.
2807
2808         * dom/NodeOrString.cpp: Added.
2809         (WebCore::convertNodesOrStringsIntoNode):
2810         * dom/NodeOrString.h: Added.
2811         (WebCore::NodeOrString::NodeOrString):
2812         (WebCore::NodeOrString::~NodeOrString):
2813         (WebCore::NodeOrString::type):
2814         (WebCore::NodeOrString::node):
2815         (WebCore::NodeOrString::string):
2816         Custom union type representing the (Node or DOMString) IDL type.
2817
2818         * dom/ParentNode.idl:
2819         Expose append/prepend to JavaScript.
2820
2821 2015-07-13  Brent Fulgham  <bfulgham@apple.com>
2822
2823         [Win] Unreviewed build fix.
2824
2825         * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.cpp:
2826         (WebCore::InbandTextTrackPrivateAVCF::readNativeSampleBuffer): Don't try to build
2827         the new Legible Output API features if they aren't available in the build
2828         environment.
2829
2830 2015-07-13  Brent Fulgham  <bfulgham@apple.com>
2831
2832         [Win] Update Media Player logic for new Legible Output API
2833         https://bugs.webkit.org/show_bug.cgi?id=146922
2834         <rdar://problem/20542574>
2835
2836         Reviewed by Eric Carlson.
2837
2838         * AVFoundationSupport.py: Check for updated AVFCF feature.
2839         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2840         (WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Update to call the
2841         new 'readNativeSampleBuffer' method.
2842         (WebCore::InbandTextTrackPrivateAVF::readNativeSampleBuffer): Added. This is a no-op
2843         on Windows if it has the new AVCF API. Otherwise, it contains the same implementation
2844         that has always been used in 'processNativeSamples'.
2845         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.h:
2846         * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.cpp:
2847         (WebCore::InbandTextTrackPrivateAVCF::readNativeSampleBuffer): Added. Use the new
2848         Legible Output API instead of the old CoreMedia solution if it is available.
2849         * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.h:
2850         (WebCore::InbandTextTrackPrivateAVCF::mediaSelectionOption):
2851         * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.cpp:
2852         (WebCore::InbandTextTrackPrivateLegacyAVCF::readNativeSampleBuffer): Add a stub implementation.
2853         * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.h:
2854         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
2855         (WebCore::AVFWrapper::createPlayerItem): Use the new Legible Output API if it is available.
2856
2857 2015-07-13  Matt Rajca  <mrajca@apple.com>
2858
2859         Media Session: add plumbing for delivering start/end-of-interruption events
2860         https://bugs.webkit.org/show_bug.cgi?id=146837
2861
2862         Reviewed by Tim Horton.
2863
2864         * Modules/mediasession/MediaSessionEvents.h: Renamed from MediaEventTypes.h and added new constants for
2865           interruption events.
2866         * WebCore.xcodeproj/project.pbxproj: Renamed MediaEventTypes.h.
2867         * page/Page.h: Added stub.
2868         * page/Page.cpp: Added stub.
2869
2870 2015-07-13  Simon Fraser  <simon.fraser@apple.com>
2871
2872         [iOS WK2] When choosing an initial viewport scale, take overflow on the <body> into account
2873         https://bugs.webkit.org/show_bug.cgi?id=146918
2874         rdar://problem/9222837
2875
2876         Reviewed by Tim Horton.
2877
2878         Use as input to the viewport scaling algorithm a contents size from the FrameView
2879         that takes overflow on the viewport renderer into account. This prevents unexpected
2880         viewports scaling on pages that have content that overflows their expressed contents size,
2881         but apply overflow to the <body>.
2882
2883         * page/FrameView.cpp:
2884         (WebCore::FrameView::contentsSizeRespectingOverflow): Look for overflow:hidden on each axis of
2885         the m_viewportRenderer, which is computed post-layout by calculateScrollbarModesForLayout()
2886         and is used for scrollbar logic on OS X. Clip unscaledDocumentRect on each axis, and then
2887         apply page scale.
2888         * page/FrameView.h:
2889
2890 2015-07-13  Brent Fulgham  <bfulgham@apple.com>
2891
2892         Update WebCore Features.json
2893         https://bugs.webkit.org/show_bug.cgi?id=146914
2894
2895         Reviewed by Benjamin Poulain.
2896
2897         * features.json: Update with notes for CSS Scroll Snap Points, Filter Effects,
2898         backdrop-filters, and initial-letter.
2899
2900 2015-07-13  Matthew Daiter  <mdaiter@apple.com>
2901
2902         Change MediaPlayer Media Stream method signatures to use references
2903         https://bugs.webkit.org/show_bug.cgi?id=146839
2904         <rdar://problem/21769035>
2905
2906         Reviewed by Darin Adler.
2907
2908         * platform/graphics/MediaPlayer.cpp:
2909         (WebCore::MediaPlayer::loadWithNextMediaEngine):
2910         * platform/graphics/MediaPlayerPrivate.h: Changed to references
2911         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
2912         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
2913         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
2914         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load): Ditto
2915         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2916         (WebCore::MediaPlayerPrivateGStreamer::load): Ditto
2917         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
2918         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
2919         * platform/mock/mediasource/MockMediaPlayerMediaSource.h:
2920
2921 2015-07-13  Carlos Alberto Lopez Perez  <clopez@igalia.com>
2922
2923         GTK] Build race with -DENABLE_WAYLAND_TARGET=ON
2924         https://bugs.webkit.org/show_bug.cgi?id=146740
2925
2926         Reviewed by Martin Robinson.
2927
2928         No new tests, no behavior changes.
2929
2930         * PlatformGTK.cmake: platform/graphics/wayland sources should be
2931         included into WebCore source list instead of WebCorePlatformGTK.
2932         Also move the add_custom_command() block into if(ENABLE_WAYLAND_TARGET),
2933         this is not strictly needed to fix this bug, but it seems cleaner.
2934
2935 2015-07-13  Matthew Daiter  <mdaiter@apple.com>
2936
2937         Adding MediaStream Engine building blocks to the code repo
2938         https://bugs.webkit.org/show_bug.cgi?id=146789
2939         <rdar://problem/21747025>
2940
2941         Reviewed by Brent Fulgham.
2942
2943         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Added.
2944         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setLoadingProgresssed):
2945         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setHasAvailableVideoFrame):
2946         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createWeakPtr):
2947         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Added.
2948         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
2949         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC):
2950         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::registerMediaEngine):
2951         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable):
2952         (WebCore::mimeTypeCache):
2953         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::getSupportedTypes):
2954         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::supportsType):
2955         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load):
2956         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::cancelLoad):
2957         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::prepareToPlay):
2958         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformMedia):
2959         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer):
2960         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::play):
2961         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::playInternal):
2962         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::pause):
2963         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::pauseInternal):
2964         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::paused):
2965         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVolume):
2966         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::supportsScanning):
2967         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setMuted):
2968         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::naturalSize):
2969         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::hasVideo):
2970         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::hasAudio):
2971         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVisible):
2972         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::durationMediaTime):
2973         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::seeking):
2974         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setRateDouble):
2975         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setPreservesPitch):
2976         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::networkState):
2977         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::readyState):
2978         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::seekable):
2979         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::maxMediaTimeSeekable):
2980         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::minMediaTimeSeekable):
2981         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::buffered):
2982         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::didLoadingProgress):
2983         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setSize):
2984         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::hasAvailableVideoFrame):
2985         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::supportsAcceleratedRendering):
2986         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::movieLoadType):
2987         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::prepareForRendering):
2988         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::engineDescription):
2989         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::languageOfPrimaryAudioTrack):
2990         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::shouldBePlaying):
2991         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::addDisplayLayer):
2992         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::removeDisplayLayer):
2993         * platform/graphics/avfoundation/objc/MediaStreamPrivateAVFObjC.h: Added.
2994         * platform/graphics/avfoundation/objc/MediaStreamPrivateAVFObjC.mm: Added.
2995         (WebCore::MediaStreamPrivateAVFObjC::create):
2996         (WebCore::MediaStreamPrivateAVFObjC::MediaStreamPrivateAVFObjC):
2997         (WebCore::MediaStreamPrivateAVFObjC::~MediaStreamPrivateAVFObjC):
2998         (WebCore::MediaStreamPrivateAVFObjC::duration):
2999         (WebCore::MediaStreamPrivateAVFObjC::buffered):
3000         (WebCore::MediaStreamPrivateAVFObjC::readyState):
3001         (WebCore::MediaStreamPrivateAVFObjC::hasAudio):
3002         (WebCore::MediaStreamPrivateAVFObjC::hasVideo):
3003         (WebCore::MediaStreamPrivateAVFObjC::naturalSize):
3004         * platform/mediastream/MediaStreamPrivate.h: 
3005         (WebCore::MediaStreamPrivate::MediaStreamPrivate): Added constructor.
3006
3007 2015-07-13  Eric Carlson  <eric.carlson@apple.com>
3008
3009         [iOS] Cancel AirPlay explicitly when exiting from full screen
3010         https://bugs.webkit.org/show_bug.cgi?id=146902
3011         <rdar://problem/20923632>
3012
3013         Reviewed by Brent Fulgham.
3014
3015         * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
3016         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
3017         (WebVideoFullscreenInterfaceAVKit::~WebVideoFullscreenInterfaceAVKit): Call setExternalPlayback(false)
3018           if playing to an external screen.
3019
3020 2015-07-12  Chris Fleizach  <cfleizach@apple.com>
3021
3022         AX: WEB: VoiceOver for iOS does not read <iframe> elements during linear (swipe) navigation.
3023         https://bugs.webkit.org/show_bug.cgi?id=146861
3024
3025         Reviewed by Darin Adler.
3026
3027         AttachmentViews exist only on WK1 so we need account for both platforms.
3028
3029         Test: platform/ios-simulator/accessibility/iframe-access.html
3030
3031         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
3032         (-[WebAccessibilityObjectWrapper accessibilityElementAtIndex:]):
3033
3034 2015-07-12  Youenn Fablet  <youenn.fablet@crf.canon.fr>
3035
3036         [Streams API] Templating ReadableJSStream
3037         https://bugs.webkit.org/show_bug.cgi?id=146802
3038
3039         Reviewed by Darin Adler.
3040
3041         Introducing ReadableStream::clearValues to clear queued values when cancelling and going into error state.
3042
3043         Introducing ReadableEnqueuingStream to handle the stream queue, as a class template.
3044         Specialized ReadableEnqueuingStream for the purpose of ReadableJSStream (storage of JSValue with variable size).
3045
3046         Updated some static functions to accept a ReadableStream in lieu of the more specialized ReadableJSStream.
3047
3048         Covered by existing tests.
3049
3050         * Modules/streams/ReadableStream.cpp:
3051         (WebCore::ReadableStream::changeStateToErrored):
3052         (WebCore::ReadableStream::cancelNoCheck):
3053         * Modules/streams/ReadableStream.h:
3054         (WebCore::ReadableEnqueuingStream::ReadableEnqueuingStream):
3055         (WebCore::ReadableEnqueuingStream::enqueueChunk):
3056         (WebCore::ReadableEnqueuingStream<ChunkType>::read):
3057         * bindings/js/ReadableJSStream.cpp:
3058         (WebCore::ReadableEnqueuingStream<ReadableJSStreamValue>::read):
3059         (WebCore::ReadableEnqueuingStream<ReadableJSStreamValue>::enqueueChunk):
3060         (WebCore::createPullResultFulfilledFunction):
3061         (WebCore::createCancelResultFulfilledFunction):
3062         (WebCore::ReadableJSStream::ReadableJSStream):
3063         (WebCore::ReadableJSStream::enqueue):
3064         * bindings/js/ReadableJSStream.h:
3065         (WebCore::ReadableJSStreamValue::create):
3066         (WebCore::ReadableEnqueuingStream<ReadableJSStreamValue>::desiredSize):
3067         (WebCore::ReadableEnqueuingStream<ReadableJSStreamValue>::ReadableEnqueuingStream):
3068
3069 2015-07-11  Babak Shafiei  <bshafiei@apple.com>
3070
3071         Unreviewed build fix.
3072
3073         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
3074         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load):
3075         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::cancelLoad):
3076
3077 2015-07-11  Nikita Vasilyev  <nvasilyev@apple.com>
3078
3079         Web Inspector: Inspector should be able to be docked to the bottom of a narrow window
3080         https://bugs.webkit.org/show_bug.cgi?id=146871
3081
3082         Reviewed by Timothy Hatcher.
3083
3084         * inspector/InspectorFrontendClientLocal.cpp:
3085
3086 2015-07-11  Joseph Pecoraro  <pecoraro@apple.com>
3087
3088         Update default link action sheets for app links
3089         https://bugs.webkit.org/show_bug.cgi?id=146658
3090         <rdar://problem/21221902>
3091
3092         Reviewed by Dan Bernstein.
3093
3094         * English.lproj/Localizable.strings:
3095         * platform/spi/ios/LaunchServicesSPI.h:
3096
3097 2015-07-11  Benjamin Poulain  <benjamin@webkit.org>
3098
3099         Fix CONTENT_EXTENSIONS_STATE_MACHINE_DEBUGGING
3100         https://bugs.webkit.org/show_bug.cgi?id=146879
3101
3102         Reviewed by Andreas Kling.
3103
3104         Some of my recent changes broke CONTENT_EXTENSIONS_STATE_MACHINE_DEBUGGING :(
3105
3106         * contentextensions/CombinedURLFilters.cpp:
3107         (WebCore::ContentExtensions::prefixTreeVertexToString):
3108         (WebCore::ContentExtensions::recursivePrint):
3109         (WebCore::ContentExtensions::CombinedURLFilters::print):
3110         * contentextensions/ContentExtensionsDebugging.h:
3111         * contentextensions/DFA.cpp:
3112         (WebCore::ContentExtensions::DFA::debugPrintDot):
3113
3114 2015-07-10  Simon Fraser  <simon.fraser@apple.com>
3115
3116         [iOS WK2] Scrolling issues on horizontally scrollable RTL pages
3117         https://bugs.webkit.org/show_bug.cgi?id=146872
3118         rdar://problem/7569416
3119
3120         Reviewed by Sam Weinig.
3121
3122         Horizontally scrollable RTL pages in WebKit2 had a variety of issues: they had
3123         a gap down the right edge, and unreachable content on the left side, focussing
3124         form fields scrolled to the wrong location, and programmatic scrolls scrolled
3125         to the wrong place.
3126         
3127         Fix by plumbing the WebCore notion of scrollOrigin through to the UI process,
3128         and using it in various places. There are three main aspects to the patch:
3129         
3130         1. scroll origin is included in RemoteLayerTreeTransaction, and plumbed through
3131            to -[WKWebView _scrollToContentOffset:] for correct programmatic scrolling,
3132            including zooming to focussed form elements.
3133         2. WebPageProxy::computeCustomFixedPositionRect() uses the actual documentRect()
3134            rather than just conjuring up a rect with a zero origin, which makes position:fixed
3135            work correctly.
3136         3. _interactionViewsContainerView (which hosts tap highlights) is positioned to 
3137            coincide with the origin of the documentRect (i.e. at the scroll origin, which
3138            may not be top-left). This allows tap highlights to show in the correct location.
3139         4. ScrollView::unobscuredContentRect() is fixed to take scroll origin into account;
3140            if the returned rect is wrong, RenderLayer::hitTest() incorrectly clips the hit
3141            testing area.
3142
3143         * platform/ios/ScrollViewIOS.mm:
3144         (WebCore::ScrollView::unobscuredContentRect):
3145
3146 2015-07-10  Chris Dumez  <cdumez@apple.com>
3147
3148         [WK2] Diagnostic logging messages are causing too much IPC
3149         https://bugs.webkit.org/show_bug.cgi?id=146873
3150         <rdar://problem/21779205>
3151
3152         Reviewed by Ryosuke Niwa.
3153
3154         Move shouldLogAfterSampling() utility function to DiagnosticLoggingClient
3155         so it can be easily reused.
3156
3157         * page/DiagnosticLoggingClient.h:
3158         (WebCore::DiagnosticLoggingClient::shouldLogAfterSampling):
3159
3160 2015-07-10  Daniel Bates  <dabates@apple.com>
3161
3162         Cleanup: Remove default constructor for WebCore::Pair()
3163         https://bugs.webkit.org/show_bug.cgi?id=146856
3164         <rdar://problem/21773212>
3165
3166         Reviewed by Darin Adler.
3167
3168         Remove default constructor for WebCore::Pair() and the setters Pair::set{First, Second}()
3169         since they are not used and it seems weird to keep the latter after the removal of the former.
3170         Should it turn out that we find a use for having a default constructor and/or setters then
3171         we can revert this change.
3172
3173         * css/Pair.h:
3174         (WebCore::Pair::create): Deleted.
3175         (WebCore::Pair::setFirst): Deleted.
3176         (WebCore::Pair::setSecond): Deleted.
3177         (WebCore::Pair::Pair): Deleted.
3178
3179 2015-07-10  Ryuan Choi  <ryuan.choi@navercorp.com>
3180
3181         [CoordinatedGraphics] Override primaryLayerID in CoordinatedGraphicsLayer
3182         https://bugs.webkit.org/show_bug.cgi?id=146826
3183
3184         Reviewed by Gyuyoung Kim.
3185
3186         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
3187         (WebCore::CoordinatedGraphicsLayer::id): Moved id as inline function.
3188         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
3189         (WebCore::CoordinatedGraphicsLayer::id):
3190
3191 2015-07-10  Matthew Daiter  <mdaiter@apple.com>
3192
3193         Exposing webkitMediaStream as MediaStream
3194         https://bugs.webkit.org/show_bug.cgi?id=146813
3195         <rdar://problem/21754383>
3196
3197         Reviewed by Eric Carlson.
3198
3199         * Modules/mediastream/MediaStream.idl: Changed interface
3200         name from webkitMediaStream to MediaStream
3201
3202 2015-07-10  Nan Wang  <n_wang@apple.com>
3203
3204         Added ARIA 1.1 "cell" and "table" roles.
3205         https://bugs.webkit.org/show_bug.cgi?id=146011
3206         <rdar://problem/21398946>
3207
3208         Reviewed by Chris Fleizach.
3209
3210         Created a new role called GridCellRole to match the gridcell role, 
3211         so the previous CellRole and TableRole will match to cell and table role.
3212         Made the changes to make sure that both GridRole and TableRole have same
3213         behavior, as well as the circumstance for GridCellRole and CellRole.
3214
3215         Test: accessibility/roles-table-and-cell.html
3216
3217         * accessibility/AXObjectCache.cpp:
3218         (WebCore::createFromRenderer):
3219         * accessibility/AccessibilityNodeObject.cpp:
3220         (WebCore::AccessibilityNodeObject::supportsRequiredAttribute):
3221         (WebCore::AccessibilityNodeObject::canSetSelectedAttribute):
3222         * accessibility/AccessibilityObject.cpp:
3223         (WebCore::initializeRoleMap):
3224         * accessibility/AccessibilityObject.h:
3225         * accessibility/AccessibilityRenderObject.cpp:
3226         (WebCore::AccessibilityRenderObject::setSelectedRows):
3227         (WebCore::AccessibilityRenderObject::inheritsPresentationalRole):
3228         (WebCore::AccessibilityRenderObject::selectedChildren):
3229         * accessibility/AccessibilityTable.cpp:
3230         (WebCore::AccessibilityTable::roleValue):
3231         * accessibility/AccessibilityTableCell.cpp:
3232         (WebCore::AccessibilityTableCell::determineAccessibilityRole):
3233         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
3234         (-[WebAccessibilityObjectWrapper _accessibilityTableAncestor]):
3235         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
3236         (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
3237         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3238         (createAccessibilityRoleMap):
3239
3240 2015-07-10  Daniel Bates  <dabates@apple.com>
3241
3242         Serialized declaration for background-size/-webkit-mask-size should preserve identical
3243         values instead of coalescing them
3244         https://bugs.webkit.org/show_bug.cgi?id=143191
3245         <rdar://problem/21759393>
3246
3247         Reviewed by Darin Adler.
3248
3249         Inspired by Blink r157745:
3250         <http://src.chromium.org/viewvc/blink?view=revision&revision=157745>
3251         And Blink r172548:
3252         <http://src.chromium.org/viewvc/blink?view=revision&revision=172548>
3253
3254         Fixes an issue where identical values in a CSS declaration for properties background-size
3255         and -webkit-mask-size would be coalesced when serialized.
3256
3257         * css/CSSParser.cpp:
3258         (WebCore::CSSParser::parseFillSize): Modified to create a Pair object with the appropriate
3259         identical value encoding strategy. We only coalesce identical values when serializing the
3260         declaration of property -webkit-background-size.
3261         * css/Pair.h:
3262         (WebCore::Pair::create): Added variant that takes an encoding.
3263         (WebCore::Pair::cssText): Moved implementation of Pair::generateCSSString() to here and
3264         modified to conditionally coalesce identical values during serialization.
3265         (WebCore::Pair::Pair): Added variant that takes an encoding.
3266         (WebCore::Pair::generateCSSString): Deleted; moved implementation into Pair::cssText().
3267
3268 2015-07-10  Myles C. Maxfield  <mmaxfield@apple.com>
3269
3270         Bidi-Isolate inlines break layout with collapsed whitespace
3271         https://bugs.webkit.org/show_bug.cgi?id=109624
3272         <rdar://problem/21752834>
3273
3274         Reviewed by David Hyatt.
3275
3276         This patch changes the logic in constructBidiRunsForSegment() when it encounters an
3277         isolate. It already has logic to create a BidiResolver for the isolated text;
3278         however, that logic doesn't handle setting up the MidpointState at all.
3279         Specifically, we can set the MidpointState's cursor to point to the context which
3280         we can remember from addPlaceholderRunForIsolatedInline(). This information is
3281         remembered in a HashMap in BidiResolver.
3282
3283         This patch is a partial port of Blink patch
3284         https://src.chromium.org/viewvc/blink?view=rev&revision=159203
3285
3286         Here is some explanatory text regarding how we collapse spaces:
3287
3288         Collapsing whitespace happens in a series of phases. The first phase occurs when
3289         we perform line breaking. Here, we keep track of sequences of whitespace which
3290         should be collapsed, in the form of a vector of pairs of InlineIterators. We put
3291         this knowledge into a MidpointState object.
3292
3293         Then, once we have a line, we run the bidi algorithm on the line (including the
3294         whitespace). As output, the bidi algorithm calls the BidiResolver::appendRun()
3295         callback with two InlineIterators each time it wants to create a run. Because
3296         each renderer that we create has to be owned by exactly one DOM node,
3297         BidiResolver::appendRun() iterates between its two InlineIterator arguments,
3298         calling RenderBlockFlow::appendRunsForObject() on each interstitial DOM node.
3299
3300         This is the function where whitespace collapsing happens. The MidpointState object
3301         keeps a cursor into its remembered whitespace sequences. Here, we simply make a
3302         bidi run for each region in between adjacent whitespace pairs in the MidpointState
3303         object. These bidi runs eventually get turned into leaf InlineBoxes.
3304
3305         The problem is that the BidiResolver::appendRun() callbacks don't occur in
3306         string-order, but the Midpoint InlineIterator pairs are in string-order. In
3307         particular, within a particular isolate, appendRun() gets called in string
3308         order, but callbacks that occur for inner isolates are deferred. This means that
3309         RenderBlockFlow::appendRunsForObject() gets confused when it looks for relevant
3310         whitespace to skip.
3311
3312         Test: fast/text/bidi-isolate-whitespace-collapse.html
3313
3314         * platform/text/BidiResolver.h:
3315         (WebCore::MidpointState::numMidpoints): Returning a const unsigned& is silly.
3316         (WebCore::MidpointState::currentMidpoint): Ditto.
3317         (WebCore::MidpointState::setCurrentMidpoint): The isolated MidpointState object
3318         needs to be able to set its current midpoint to point to the first one inside
3319         the isolate.
3320         (WebCore::MidpointState::decrementNumMidpoints): Renamed from "decrease"
3321         (WebCore::MidpointState::betweenMidpoints): This function is true iff
3322         currentMidpoint() % 2. Instead of keeping a member variable, we can just compute
3323         that.
3324         (WebCore::MidpointState::reset): Deleted.
3325         (WebCore::MidpointState::decreaseNumMidpoints): Deleted.
3326         (WebCore::MidpointState::setBetweenMidpoints): Deleted.
3327         * rendering/InlineIterator.h:
3328         (WebCore::IsolateTracker::addFakeRunIfNecessary): Call
3329         RenderBlockFlow::appendRunsForObject() to keep our MidpointState object in sync
3330         when we pop out of the isolated object. However, we pass in a null run list,
3331         because we don't want to append just yet (that happens when we process the
3332         isolate).
3333         (WebCore::InlineBidiResolver::appendRun): Update for new signature of
3334         appendRunsForObject().
3335         * rendering/RenderBlock.h:
3336         (WebCore::RenderBlock::shouldSkipCreatingRunsForObject): Take a reference instead
3337         of a pointer.
3338         * rendering/RenderBlockFlow.h:
3339         * rendering/RenderBlockLineLayout.cpp:
3340         (WebCore::createRun): Ditto.
3341         (WebCore::RenderBlockFlow::appendRunsForObject): Allow someone passing us a null
3342         BidiRunList. In this case, we will keep the resolver's midpointState() up to date,
3343         but won't actually emit any runs.
3344         (WebCore::notifyResolverToResumeInIsolate): Renamed from setUp.
3345         (WebCore::isolatedResolversMidpointState): Calculate the midpoint state for the
3346         isolated resolver.
3347         (WebCore::setUpResolverToResumeInIsolate): Call isolatedResolversMidpointState().
3348         (WebCore::constructBidiRunsForSegment): Pass in the topResolver, which is
3349         necessary for isolatedResolversMidpointState().
3350         * rendering/line/BreakingContext.h:
3351         (WebCore::checkMidpoints):
3352
3353 2015-07-10  Daniel Bates  <dabates@apple.com>
3354
3355         Cleanup: WebCore::Pair class should use RefPtr&& instead of PassRefPtr
3356         https://bugs.webkit.org/show_bug.cgi?id=146852
3357
3358         Reviewed by Anders Carlsson.
3359
3360         * css/CSSParser.cpp:
3361         (WebCore::createPrimitiveValuePair): Write using a variadic template that forwards its
3362         arguments to the appropriate Pair::create constructor.
3363         (WebCore::CSSParser::parse4ValuesFillPosition): Use RefPtr&& instead of PassRefPtr. 
3364         (WebCore::CSSParser::parse3ValuesFillPosition): Ditto.
3365         (WebCore::CSSParser::parseFillPosition): Use WTF::move() instead of RefPtr::release()
3366         so that we pass a rvalue reference to RefPtr.
3367         (WebCore::CSSParser::parseFillSize): Ditto.
3368         (WebCore::CSSParser::parseBorderImageRepeat): Ditto.
3369         * css/CSSParser.h:
3370         * css/Pair.h:
3371         (WebCore::Pair::create): Use RefPtr&& instead of PassRefPtr. 
3372         (WebCore::Pair::setFirst): Ditto.
3373         (WebCore::Pair::setSecond): Ditto.
3374         (WebCore::Pair::Pair): Ditto. Also substitute nullptr for 0 in the member initialization
3375         list of the default constructor.
3376
3377 2015-07-10  Zalan Bujtas  <zalan@apple.com>
3378
3379         Crash at WebCore::WebPage::innerFrameQuad.
3380         https://bugs.webkit.org/show_bug.cgi?id=146843
3381         rdar://problem/21501819
3382
3383         Reviewed by Andreas Kling.
3384
3385         We may end up with a null rootEditableElement() after calling Document::updateLayout().
3386
3387         Speculative fix. Not reproducible.
3388
3389         * page/Frame.cpp: Some const cleanup.
3390         (WebCore::Frame::visiblePositionForPoint):
3391         * page/Frame.h:
3392
3393 2015-07-10  Brady Eidson  <beidson@apple.com>
3394
3395         Crash in HistoryController::updateForCommit dereferencing a null HistoryItem.
3396         <rdar://problem/21371589> and https://bugs.webkit.org/show_bug.cgi?id=146842
3397
3398         Reviewed by Chris Dumez.
3399
3400         No new tests (Unknown how to reproduce).
3401         
3402         This patch basically rolls back part of http://trac.webkit.org/changeset/179472.
3403         
3404         r179472 changed HistoryController::setCurrentItem() to take a reference instead of a pointer.
3405         Unfortunately, we sometimes call setCurrentItem(nullptr).
3406         
3407         We'd like to *not* do that, and there are assertions in place to try to catch when we do,
3408         but in the meantime it is not valid to dereference nullptr.
3409
3410         * loader/FrameLoader.cpp:
3411         (WebCore::FrameLoader::loadSameDocumentItem):
3412         
3413         * loader/HistoryController.cpp:
3414         (WebCore::HistoryController::updateForCommit):
3415         (WebCore::HistoryController::recursiveUpdateForCommit):
3416         (WebCore::HistoryController::recursiveUpdateForSameDocumentNavigation):
3417         (WebCore::HistoryController::setCurrentItem): Take a ptr instead of a ref.
3418         (WebCore::HistoryController::createItem):
3419         * loader/HistoryController.h:
3420
3421 2015-07-10  Javier Fernandez  <jfernandez@igalia.com>
3422
3423         [CSS Grid Layout] Grid item's auto-margins are not applied correctly
3424         https://bugs.webkit.org/show_bug.cgi?id=146581
3425
3426         Reviewed by Darin Adler.
3427
3428         Grid Layout specification states that auto-margins must prevent to apply
3429         any Box Alignment property in that dimension. Instead, auto-margin is
3430         applied as described in the spec.