[Web Animations] Tests using the new animation engine may crash under WebCore::FrameV...
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-05-14  Antoine Quint  <graouts@apple.com>
2
3         [Web Animations] Tests using the new animation engine may crash under WebCore::FrameView::didDestroyRenderTree when using internals methods
4         https://bugs.webkit.org/show_bug.cgi?id=185612
5         <rdar://problem/39579344>
6
7         Reviewed by Dean Jackson.
8
9         Add a new internals.pseudoElement() method to obtain a pseudo element matching a given pseudo-id. This is necessary to be able to move off
10         internals.pauseTransitionAtTimeOnPseudoElement() and internals.pauseAnimationAtTimeOnPseudoElement() for Web Animations testing.
11
12         * testing/Internals.cpp:
13         (WebCore::Internals::pseudoElement):
14         * testing/Internals.h:
15         * testing/Internals.idl:
16
17 2018-05-14  Antoine Quint  <graouts@apple.com>
18
19         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
20         https://bugs.webkit.org/show_bug.cgi?id=185299
21         <rdar://problem/39630230>
22
23         Reviewed by Simon Fraser.
24
25         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
26         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
27         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
28         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
29         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
30         newly-uncommitted animation.
31
32         Test: transitions/interrupted-transition-hardware.html
33
34         * platform/graphics/ca/GraphicsLayerCA.cpp:
35         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
36         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
37         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
38         * platform/graphics/ca/GraphicsLayerCA.h:
39         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
40
41 2018-05-14  Thibault Saunier  <tsaunier@igalia.com>
42
43         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamerBase
44         https://bugs.webkit.org/show_bug.cgi?id=185510
45
46         Reviewed by Philippe Normand.
47
48         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:629:  More than one command on the same line  [whitespace/newline] [4]
49         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:684:  More than one command on the same line  [whitespace/newline] [4]
50         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:807:  More than one command on the same line  [whitespace/newline] [4]
51
52         Indentation and style issue fixed only.
53
54         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
55         (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
56         (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
57         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
58
59 2018-05-14  Zalan Bujtas  <zalan@apple.com>
60
61         [LFC] Implement height computation for non-replaced out of flow elements.
62         https://bugs.webkit.org/show_bug.cgi?id=185585
63
64         Reviewed by Antti Koivisto.
65
66         * layout/FormattingContext.cpp:
67         (WebCore::Layout::FormattingContext::computeHeight const):
68         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
69         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
70         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
71         (WebCore::Layout::FormattingContext::computeHeightForBlockFormattingContextRootWithAutoHeight const):
72         * layout/FormattingContext.h:
73         * layout/blockformatting/BlockFormattingContext.h:
74         * layout/displaytree/DisplayBox.h:
75
76 2018-05-14  Manuel Rego Casasnovas  <rego@igalia.com>
77
78         Renaming of overrides in LayoutBox
79         https://bugs.webkit.org/show_bug.cgi?id=185609
80
81         Reviewed by Javier Fernandez.
82
83         The names of the methods for the overrides were not consistent,
84         this patch fixes it by using the same structure in all the cases.
85
86         No new tests, no change of behavior.
87
88         * rendering/GridLayoutFunctions.cpp:
89         (WebCore::GridLayoutFunctions::hasOverrideContainingBlockContentSizeForChild):
90         * rendering/GridTrackSizingAlgorithm.cpp:
91         (WebCore::GridTrackSizingAlgorithmStrategy::logicalHeightForChild const):
92         * rendering/RenderBlock.cpp:
93         (WebCore::RenderBlock::computeChildPreferredLogicalWidths const):
94         (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):
95         * rendering/RenderBlockFlow.cpp:
96         (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
97         * rendering/RenderBlockLineLayout.cpp:
98         (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
99         * rendering/RenderBox.cpp:
100         (WebCore::RenderBox::willBeDestroyed):
101         (WebCore::RenderBox::hasOverrideContentLogicalHeight const):
102         (WebCore::RenderBox::hasOverrideContentLogicalWidth const):
103         (WebCore::RenderBox::setOverrideContentLogicalHeight):
104         (WebCore::RenderBox::setOverrideContentLogicalWidth):
105         (WebCore::RenderBox::clearOverrideContentLogicalHeight):
106         (WebCore::RenderBox::clearOverrideContentLogicalWidth):
107         (WebCore::RenderBox::clearOverrideContentSize):
108         (WebCore::RenderBox::overrideContentLogicalWidth const):
109         (WebCore::RenderBox::overrideContentLogicalHeight const):
110         (WebCore::RenderBox::overrideContainingBlockContentLogicalWidth const):
111         (WebCore::RenderBox::overrideContainingBlockContentLogicalHeight const):
112         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalWidth const):
113         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalHeight const):
114         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalWidth):
115         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalHeight):
116         (WebCore::RenderBox::clearOverrideContainingBlockContentSize):
117         (WebCore::RenderBox::clearOverrideContainingBlockContentLogicalHeight):
118         (WebCore::RenderBox::containingBlockLogicalWidthForContent const):
119         (WebCore::RenderBox::containingBlockLogicalHeightForContent const):
120         (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight const):
121         (WebCore::RenderBox::computeLogicalWidthInFragment const):
122         (WebCore::RenderBox::computeLogicalHeight const):
123         (WebCore::RenderBox::computePercentageLogicalHeight const):
124         (WebCore::RenderBox::computeReplacedLogicalHeightUsing const):
125         (WebCore::RenderBox::availableLogicalHeightUsing const):
126         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned const):
127         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned const):
128         * rendering/RenderBox.h:
129         * rendering/RenderBoxModelObject.cpp:
130         (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight const):
131         * rendering/RenderDeprecatedFlexibleBox.cpp:
132         (WebCore::contentWidthForChild):
133         (WebCore::contentHeightForChild):
134         (WebCore::gatherFlexChildrenInfo):
135         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
136         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
137         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
138         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
139         * rendering/RenderFlexibleBox.cpp:
140         (WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild):
141         (WebCore::RenderFlexibleBox::crossSizeForPercentageResolution):
142         (WebCore::RenderFlexibleBox::mainSizeForPercentageResolution):
143         (WebCore::RenderFlexibleBox::constructFlexItem):
144         (WebCore::RenderFlexibleBox::setOverrideMainAxisContentSizeForChild):
145         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
146         * rendering/RenderFullScreen.cpp:
147         (WebCore::RenderFullScreen::unwrapRenderer):
148         * rendering/RenderGrid.cpp:
149         (WebCore::RenderGrid::layoutBlock):
150         (WebCore::RenderGrid::layoutGridItems):
151         (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
152         * rendering/RenderRubyBase.cpp:
153         (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds const):
154         * rendering/RenderTableCell.cpp:
155         (WebCore::RenderTableCell::setOverrideContentLogicalHeightFromRowHeight):
156         * rendering/RenderTableCell.h:
157         * rendering/RenderTableSection.cpp:
158         (WebCore::RenderTableSection::calcRowLogicalHeight):
159         (WebCore::RenderTableSection::relayoutCellIfFlexed):
160
161 2018-05-14  Zalan Bujtas  <zalan@apple.com>
162
163         [LFC] Implement width computation for non-replaced out of flow elements.
164         https://bugs.webkit.org/show_bug.cgi?id=185598
165
166         Reviewed by Antti Koivisto.
167
168         * layout/FormattingContext.cpp:
169         (WebCore::Layout::FormattingContext::computeWidth const):
170         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
171         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
172         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
173         (WebCore::Layout::FormattingContext::shrinkToFitWidth const):
174         * layout/FormattingContext.h:
175         * layout/blockformatting/BlockFormattingContext.cpp:
176         (WebCore::Layout::BlockFormattingContext::layout const):
177         * layout/displaytree/DisplayBox.h:
178
179 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
180
181         Drop the m_compositorTexture member variable in TextureMapperGC3DPlatformLayer.
182         It's not used at all inside the class or outside it.
183
184         Rubber-stamped by Michael Catanzaro.
185
186         * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
187
188 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
189
190         [GTK] REGRESSION(r231170) Build broken with Clang 5.0
191         https://bugs.webkit.org/show_bug.cgi?id=185198
192
193         Reviewed by Michael Catanzaro.
194
195         Avoid gperf files using the register keyword which has been made
196         reserved and as such unusable in C++17.
197
198         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
199         * css/makeSelectorPseudoElementsMap.py:
200         * css/makeprop.pl:
201         * css/makevalues.pl:
202         * platform/ColorData.gperf:
203         * platform/ReferrerPolicy.h: With std::optional forward declaration
204         gone, explicitly include the WTF Optional.h header.
205         * platform/Theme.h: Ditto.
206         * platform/network/create-http-header-name-table:
207
208 2018-05-14  Commit Queue  <commit-queue@webkit.org>
209
210         Unreviewed, rolling out r219515.
211         https://bugs.webkit.org/show_bug.cgi?id=185603
212
213         It sometimes makes AudioUnitInitialize call to fail in
214         CoreAudioCaptureSource (Requested by youenn on #webkit).
215
216         Reverted changeset:
217
218         "Remove CoreAudioCaptureSource speaker configuration"
219         https://bugs.webkit.org/show_bug.cgi?id=174512
220         https://trac.webkit.org/changeset/219515
221
222 2018-05-13  Dirk Schulze  <krit@webkit.org>
223
224         Implement SVGGeometryElement's isPointInFill and isPointInStroke
225         https://bugs.webkit.org/show_bug.cgi?id=185580
226
227         Reviewed by Antti Koivisto.
228
229         Implement isPointInFill and isPointInStroke methods for
230         SVGGeometryElement interface from SVG2.
231
232         https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement
233
234         Tests: svg/dom/SVGGeometry-isPointInFill.xhtml
235                svg/dom/SVGGeometry-isPointInStroke.xhtml
236
237         * rendering/svg/RenderSVGEllipse.cpp:
238         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains): Flag
239                 to switch between local and "global" coordinate space for hit testing.
240         * rendering/svg/RenderSVGEllipse.h:
241         * rendering/svg/RenderSVGPath.cpp:
242         (WebCore::RenderSVGPath::shapeDependentStrokeContains): Flag
243                 to switch between local and "global" coordinate space for hit testing.
244         * rendering/svg/RenderSVGPath.h:
245         * rendering/svg/RenderSVGRect.cpp:
246         (WebCore::RenderSVGRect::shapeDependentStrokeContains): Flag
247                 to switch between local and "global" coordinate space for hit testing.
248         * rendering/svg/RenderSVGRect.h:
249         * rendering/svg/RenderSVGShape.cpp:
250         (WebCore::RenderSVGShape::shapeDependentStrokeContains): Flag
251                 to switch between local and "global" coordinate space for hit testing.
252         (WebCore::RenderSVGShape::isPointInFill): Take the winding rule given by
253                 `fill-rule` to test if a given point is in the fill area of a path.
254         (WebCore::RenderSVGShape::isPointInStroke): Take stroke properties into
255                 account to check if a point is on top of the stroke area.
256         * rendering/svg/RenderSVGShape.h:
257         * svg/SVGGeometryElement.cpp:
258         (WebCore::SVGGeometryElement::isPointInFill):
259         (WebCore::SVGGeometryElement::isPointInStroke):
260         (WebCore::SVGGeometryElement::createElementRenderer): Deleted. This is getting implemented
261                 by inheriting classes. No need to create RenderSVGPath here.
262         * svg/SVGGeometryElement.h:
263         * svg/SVGGeometryElement.idl:
264
265 2018-05-12  Zalan Bujtas  <zalan@apple.com>
266
267         Use WeakPtr for m_enclosingPaginationLayer in RenderLayer
268         https://bugs.webkit.org/show_bug.cgi?id=185566
269         <rdar://problem/36486052>
270
271         Reviewed by Simon Fraser.
272
273         Since RenderLayer does not own the enclosing pagination layout, it should
274         construct a weak pointer instead of holding on to a raw pointer.
275
276         Unable to create a reliably reproducible test case.
277
278         * page/mac/EventHandlerMac.mm:
279         (WebCore::scrollableAreaForEventTarget):
280         (WebCore::scrollableAreaForContainerNode):
281         (WebCore::EventHandler::platformPrepareForWheelEvents):
282         * platform/ScrollableArea.h:
283         (WebCore::ScrollableArea::weakPtrFactory const):
284         (WebCore::ScrollableArea::createWeakPtr): Deleted.
285         * rendering/RenderLayer.cpp:
286         (WebCore::RenderLayer::RenderLayer):
287         (WebCore::RenderLayer::updatePagination):
288         * rendering/RenderLayer.h:
289
290 2018-05-11  Daniel Bates  <dabates@apple.com>
291
292         X-Frame-Options: SAMEORIGIN needs to check all ancestor frames
293         https://bugs.webkit.org/show_bug.cgi?id=185567
294         <rdar://problem/40175008>
295
296         Reviewed by Brent Fulgham.
297
298         Change the behavior of "X-Frame-Options: SAMEORIGIN" to ensure that all ancestors frames
299         are same-origin with the document that delivered this header. This prevents an intermediary
300         malicious frame from clickjacking a child frame whose document is same-origin with the top-
301         level frame. It also makes the behavior of X-Frame-Options in WebKit more closely match
302         the behavior of X-Frame-Options in other browsers, including Chrome and Firefox.
303         
304         Currently a document delivered with "X-Frame-Options: SAMEORIGIN" must only be same-origin
305         with the top-level frame's document in order to be displayed. This prevents clickjacking by
306         a malicious page that embeds a page delivered with "X-Frame-Options: SAMEORIGIN". However,
307         it does not protect against clickjacking of the "X-Frame-Options: SAMEORIGIN" page (victim)
308         if embedded by an intermediate malicious iframe, say a "rogue ad", that was embedded in a
309         document same origin with the victim page. We should protect against such attacks. 
310
311         Tests: http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html
312                http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html
313
314         * loader/FrameLoader.cpp:
315         (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
316
317 2018-05-11  Daniel Bates  <dabates@apple.com>
318
319         [iOS] Text decoration of dragged content does not paint with opacity
320         https://bugs.webkit.org/show_bug.cgi?id=185551
321         <rdar://problem/40166867>
322
323         Reviewed by Wenson Hsieh.
324
325         Respect alpha when painting the text decoration for dragged content.
326
327         * rendering/InlineTextBox.cpp:
328         (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual): Consider alpha when
329         comparing decoration styles for equality so that we do not coalesce styles with differing alpha.
330         (WebCore::InlineTextBox::paintMarkedTextDecoration): Respect alpha when painting dragged content.
331
332 2018-05-11  Nan Wang  <n_wang@apple.com>
333
334         AX: In role=dialog elements with aria-modal=true VoiceOver iOS/macOS can't manually focus or read dialog paragraph description text inside the modal.
335         https://bugs.webkit.org/show_bug.cgi?id=185219
336         <rdar://problem/39920009>
337
338         Reviewed by Chris Fleizach.
339
340         The text node descendants of a modal dialog are ignored. Fixed it by using AccessibilityObject's 
341         node() to determine if it's the descendant of the modal dialog node.
342
343         Test: accessibility/aria-modal-text-descendants.html
344
345         * accessibility/AccessibilityObject.cpp:
346         (WebCore::AccessibilityObject::isModalDescendant const):
347
348 2018-05-11  Ryosuke Niwa  <rniwa@webkit.org>
349
350         Tapping after CSS-based table casues an infinite loop in wordRangeFromPosition
351         https://bugs.webkit.org/show_bug.cgi?id=185465
352         <rdar://problem/35263057>
353
354         Reviewed by Antti Koivisto.
355
356         The bug was caused by TextIterator not emitting a line break when exiting a CSS-based table when an element
357         with `display: table-row` has an invisible text node. Specifically, TextIterator::exitNode is never called on
358         an element with `table-cell: row` when m_node is a text node with whitespaces which appears after an element
359         with `display: table-cell`.
360
361         For example, for a tree structure like:
362         table-row (R)
363           table-cell (C)
364             "text" (1)
365           " " (2)
366         Getting out of (C) would result in moving onto (2) without generating a line break for (R).
367
368         When this happens in nextBoundary as it tries to find the end of the last word in the table cell, we end up
369         finding the end of the document as the end of the word. As a result, nextWordBoundaryInDirection, the caller
370         of nextBoundary, ends up infinite looping between the positon at the end of the document and the position
371         immediately before the last word in the last table cell when it traverses words backwards.
372
373         This patch fixes the hang by addressing this root cause in TextIterator. Namely, TextIterator now generates
374         a line break when exiting a block while walking up ancestors in TextIterator::advance().
375
376         Tests: editing/selection/tapping-in-table-at-end-of-document.html
377                editing/text-iterator/table-at-end-of-document.html
378
379         * editing/TextIterator.cpp:
380         (WebCore::TextIterator::advance): Fixed the bug.
381         (WebCore::shouldEmitNewlineAfterNode): Do generate a new line at the end of a document when we're trying to
382         generate every visible poitions even there are no renderers beyond this point. e.g. a position inside the
383         last cell of a table at the end of a document hits this condition.
384         (WebCore::shouldEmitExtraNewlineForNode): Don't emit a line break when the render box's height is 0px
385         to avoid generating many empty lines for empty paragraph and header elements (this function is used to generate
386         a blank line between p's and h1/h2/...'s).
387         (WebCore::TextIterator::exitNode):
388
389 2018-05-11  Dean Jackson  <dino@apple.com>
390
391         System preview badge doesn't show on <picture> elements
392         https://bugs.webkit.org/show_bug.cgi?id=185559
393         <rdar://problem/40150066>
394
395         Reviewed by Tim Horton.
396
397         We should also identify <img>s that are the child of a <picture>
398         contained inside the appropriate <a> element.
399
400         Tested internally, since the badge is platform specific.
401
402         * html/HTMLImageElement.cpp:
403         (WebCore::HTMLImageElement::isSystemPreviewImage const): Add logic
404         to look for <picture> parents.
405
406 2018-05-11  Chris Dumez  <cdumez@apple.com>
407
408         REGRESSION (async policy delegate): Revoking an object URL immediately after triggering download breaks file download
409         https://bugs.webkit.org/show_bug.cgi?id=185531
410         <rdar://problem/39909589>
411
412         Reviewed by Geoffrey Garen.
413
414         Whenever we start an asynchronous navigation policy decision for a blob URL, create a temporary
415         blob URL pointing to the same data, and update the request's URL. This way, if the page's JS revokes
416         the URL during the policy decision, the load will still succeed.
417
418         Test: fast/dom/HTMLAnchorElement/anchor-file-blob-download-then-revoke.html
419
420         * loader/DocumentLoader.cpp:
421         (WebCore::DocumentLoader::willSendRequest):
422         * loader/FrameLoader.cpp:
423         (WebCore::FrameLoader::loadURL):
424         (WebCore::FrameLoader::load):
425         (WebCore::FrameLoader::loadPostRequest):
426         * loader/PolicyChecker.cpp:
427         (WebCore::PolicyChecker::extendBlobURLLifetimeIfNecessary const):
428         (WebCore::PolicyChecker::checkNavigationPolicy):
429         (WebCore::PolicyChecker::checkNewWindowPolicy):
430         * loader/PolicyChecker.h:
431
432 2018-05-11  Antti Koivisto  <antti@apple.com>
433
434         LinkLoader fails to remove CachedResourceClient in some cases
435         https://bugs.webkit.org/show_bug.cgi?id=185553
436         <rdar://problem/36879656>
437
438         Reviewed by Geoffrey Garen.
439
440         Test: http/tests/preload/link-preload-client-remove.html
441
442         * loader/LinkLoader.cpp:
443         (WebCore::LinkLoader::loadLink):
444
445         If there is a link preload already in progress, we fail to clear the client for the ongoing load.
446         This may leave the CachedResource client map in a bad state.
447
448 2018-05-11  Charles Vazac  <cvazac@gmail.com>
449
450         Runtime feature flag for Server-Timing
451         https://bugs.webkit.org/show_bug.cgi?id=184758
452
453         Reviewed by Youenn Fablet.
454
455         * Source/WebCore/CMakeLists.txt: Added reference to PerformanceServerTiming.idl.
456         * Source/WebCore/DerivedSources.make: Added reference to PerformanceServerTiming.idl.
457         * Source/WebCore/Sources.txt: Added reference to PerformanceServerTiming.cpp and JSPerformanceServerTiming.cpp.
458         * Source/WebCore/WebCore.xcodeproj/project.pbxproj: Added references to PerformanceServerTiming.cpp, PerformanceServerTiming.h, and PerformanceServerTiming.idl.
459         * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Added PerformanceServerTiming.
460         * Source/WebCore/page/PerformanceResourceTiming.h: Added serverTiming member.
461         * Source/WebCore/page/PerformanceResourceTiming.idl: Added serverTiming attribute.
462         * Source/WebCore/page/PerformanceServerTiming.cpp: Added.
463         * Source/WebCore/page/PerformanceServerTiming.h: Added.
464         * Source/WebCore/page/PerformanceServerTiming.idl: Added.
465
466 2018-05-11  Brady Eidson  <beidson@apple.com>
467
468         Make sure history navigations reuse the existing process when necessary.
469         <rdar://problem/39746516> and https://bugs.webkit.org/show_bug.cgi?id=185532
470
471         Reviewed by Ryosuke Niwa.
472
473         Covered by new API tests.
474
475         In WebCore-land, make sure *all* NavigationActions to a back/forward item are tagged with
476         the item identifier.
477
478         * history/HistoryItem.cpp:
479         (WebCore::HistoryItem::HistoryItem):
480         (WebCore::HistoryItem::logString const):
481         * history/HistoryItem.h:
482
483         * loader/FrameLoader.cpp:
484         (WebCore::FrameLoader::loadDifferentDocumentItem):
485
486         * loader/NavigationAction.cpp:
487         (WebCore::NavigationAction::setTargetBackForwardItem):
488
489         * loader/NavigationAction.h:
490         (WebCore::NavigationAction::targetBackForwardItemIdentifier const):
491
492 2018-05-11  Yacine Bandou  <yacine.bandou_ext@softathome.com>
493
494         [EME][GStreamer] Handle the protection event in MediaPlayerPrivate
495         https://bugs.webkit.org/show_bug.cgi?id=185535
496
497         Reviewed by Xabier Rodriguez-Calvar.
498
499         This patch is based on this calvaris's commit
500         https://github.com/WebPlatformForEmbedded/WPEWebKit/commit/d966168b0d2b65f9ca9415426e26d3752c78b03e
501
502         It adds a handler for the protection event in MediaPalyerPrivateGStreamerBase, it extracts the InitData from the event
503         and sends the encrypted event to JS via HTMLMediaElement.
504         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
505         (WebCore::MediaPlayerPrivateGStreamerBase::initializationDataEncountered):
506         (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
507         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
508         * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h: Add a new type InitData.
509
510 2018-05-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
511
512         [Curl] Make the cipher suites, the signing algorithms and the curve lists configurable.
513         https://bugs.webkit.org/show_bug.cgi?id=185139
514
515         Add interface to configure the cipher suites, the signing algorithms and the curve lists 
516         used by OpenSSL and libcurl to exchange, to sign or to verify keys.
517
518         Reviewed by Youenn Fablet.
519
520         No new tests in public. Have tested internally.
521
522         * platform/network/curl/CurlContext.cpp:
523         (WebCore::CurlHandle::setSslCipherList):
524         * platform/network/curl/CurlContext.h:
525         * platform/network/curl/CurlRequest.cpp:
526         (WebCore::CurlRequest::setupTransfer):
527         (WebCore::CurlRequest::willSetupSslCtx):
528         * platform/network/curl/CurlSSLHandle.cpp:
529         (WebCore::CurlSSLHandle::getCACertPathEnv):
530         * platform/network/curl/CurlSSLHandle.h:
531         (WebCore::CurlSSLHandle::getCipherList const):
532         (WebCore::CurlSSLHandle::getSignatureAlgorithmsList const):
533         (WebCore::CurlSSLHandle::getCurvesList const):
534         (WebCore::CurlSSLHandle::setCipherList):
535         (WebCore::CurlSSLHandle::setSignatureAlgorithmsList):
536         (WebCore::CurlSSLHandle::setCurvesList):
537         (WebCore::CurlSSLHandle::getCACertPath const):
538         (WebCore::CurlSSLHandle::setCACertPath):
539         * platform/network/curl/CurlSSLVerifier.cpp:
540         (WebCore::CurlSSLVerifier::CurlSSLVerifier):
541
542 2018-05-10  Daniel Bates  <dabates@apple.com>
543
544         Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
545         https://bugs.webkit.org/show_bug.cgi?id=185412
546
547         Reviewed by Ryosuke Niwa.
548
549         Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
550         into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
551         to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
552
553         Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
554         for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
555         question of whether the loader strategy is responsible for performing security checks when building up
556         a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
557         is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
558
559         * inspector/agents/InspectorNetworkAgent.cpp:
560         (WebCore::InspectorNetworkAgent::didReceiveResponse):
561         (WebCore::InspectorNetworkAgent::didFinishLoading):
562         (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
563         * loader/DocumentLoader.cpp:
564         (WebCore::DocumentLoader::responseReceived):
565         * loader/DocumentThreadableLoader.cpp:
566         (WebCore::shouldPerformSecurityChecks):
567         (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
568         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
569         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
570         (WebCore::DocumentThreadableLoader::redirectReceived):
571         (WebCore::DocumentThreadableLoader::didFail):
572         (WebCore::DocumentThreadableLoader::loadRequest):
573         (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
574         (WebCore::isResponseComingFromNetworkProcess): Deleted.
575         * loader/LoaderStrategy.cpp:
576         * loader/LoaderStrategy.h:
577         * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
578         use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
579         checking in DocumentLoader.
580         * platform/network/ResourceResponseBase.h:
581         (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
582         source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
583
584 2018-05-10  Tim Horton  <timothy_horton@apple.com>
585
586         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
587         https://bugs.webkit.org/show_bug.cgi?id=185538
588         <rdar://problem/38817825>
589
590         Reviewed by Sam Weinig.
591
592         * editing/mac/DictionaryLookup.mm:
593         (WebCore::showPopupOrCreateAnimationController):
594         Options can be nil, in which case we can't mutableCopy it and add
595         LUTermOptionDisableSearchTermIndicator. Instead, create a new dictionary,
596         and add the items from options, if it's not nil.
597
598 2018-05-10  Matt Baker  <mattbaker@apple.com>
599
600         Web Inspector: ASSERT_NOT_REACHED in PageDebuggerAgent::didAddEventListener when page adds attribute event listener
601         https://bugs.webkit.org/show_bug.cgi?id=181580
602         <rdar://problem/36461309>
603
604         Reviewed by Brian Burg.
605
606         EventTarget should pass newly added EventListeners to InspectorInstrumentation,
607         instead of PageDebuggerAgent assuming the last item in the EventListenerVector
608         is the most recently added listener. This assumption does not hold when
609         the new listener replaces an existing listener.
610
611         * dom/EventTarget.cpp:
612         (WebCore::EventTarget::addEventListener):
613         (WebCore::EventTarget::setAttributeEventListener):
614
615         * inspector/InspectorInstrumentation.cpp:
616         (WebCore::InspectorInstrumentation::didAddEventListenerImpl):
617
618         * inspector/InspectorInstrumentation.h:
619         (WebCore::InspectorInstrumentation::didAddEventListener):
620
621         * inspector/agents/page/PageDebuggerAgent.cpp:
622         (WebCore::PageDebuggerAgent::didAddEventListener):
623         * inspector/agents/page/PageDebuggerAgent.h:
624
625 2018-05-10  Chris Dumez  <cdumez@apple.com>
626
627         'Cross-Origin-Options header implementation follow-up
628         https://bugs.webkit.org/show_bug.cgi?id=185520
629
630         Reviewed by Ryosuke Niwa.
631
632         * dom/Document.cpp:
633         * dom/Document.h:
634         * loader/FrameLoader.cpp:
635         (WebCore::FrameLoader::didBeginDocument):
636         Using isNull() check is sufficient here as the header parsing
637         function will do the right thing when passed the empty string.
638         Also set the options directly on the window instead of the
639         document. The window is guaranteed to have been constructed
640         by then because didBeginDocument() is called DocumentWriter::begin()
641         which calls Document::createDOMWindow() or Document::takeDOMWindowFrom().
642
643         * page/AbstractDOMWindow.cpp:
644         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
645         * page/AbstractDOMWindow.h:
646         * page/DOMWindow.cpp:
647         (WebCore::DOMWindow::DOMWindow):
648         (WebCore::DOMWindow::didSecureTransitionTo):
649         * page/RemoteDOMWindow.cpp:
650         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
651         * page/RemoteDOMWindow.h:
652         CrossOriginOptions are now stored only on the Window, not the Document.
653
654         * platform/network/HTTPParsers.cpp:
655         (WebCore::parseCrossOriginOptionsHeader):
656         Drop strippedHeader local variable as it is not strictly needed.
657
658 2018-05-10  Tim Horton  <timothy_horton@apple.com>
659
660         Fix the build after r231393
661         https://bugs.webkit.org/show_bug.cgi?id=185519
662         <rdar://problem/40131741>
663
664         Reviewed by Simon Fraser.
665
666         * Configurations/WebCore.xcconfig:
667
668 2018-05-10  Eric Carlson  <eric.carlson@apple.com>
669
670         Log missing cues correctly
671         https://bugs.webkit.org/show_bug.cgi?id=185499
672         <rdar://problem/40113821>
673
674         Reviewed by Daniel Bates.
675
676         No new tests, tested manually.
677
678         * html/track/InbandGenericTextTrack.cpp:
679         (WebCore::InbandGenericTextTrack::removeGenericCue): Log the cue we searched for, not
680         the NULL cue.
681
682 2018-05-10  Zalan Bujtas  <zalan@apple.com>
683
684         [LFC] Implement height computation for non-replaced inflow elements.
685         https://bugs.webkit.org/show_bug.cgi?id=185474
686
687         Reviewed by Antti Koivisto.
688
689         Initial implementation. Does not cover all the cases.
690
691         * layout/FormattingContext.cpp:
692         (WebCore::Layout::FormattingContext::computeHeight const):
693         * layout/FormattingContext.h:
694         * layout/blockformatting/BlockFormattingContext.cpp:
695         (WebCore::Layout::BlockFormattingContext::layout const):
696         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
697         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
698         * layout/blockformatting/BlockFormattingContext.h:
699         * layout/blockformatting/BlockMarginCollapse.cpp:
700         (WebCore::Layout::collapsedMarginBottomFromLastChild):
701         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent):
702         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParentMarginBottom):
703         (WebCore::Layout::isMarginBottomCollapsedWithParent): Deleted.
704         * layout/blockformatting/BlockMarginCollapse.h:
705         * layout/inlineformatting/InlineFormattingContext.cpp:
706         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
707         * layout/inlineformatting/InlineFormattingContext.h:
708         * layout/layouttree/LayoutBox.cpp:
709         (WebCore::Layout::Box::isReplaced const):
710         * layout/layouttree/LayoutBox.h:
711
712 2018-05-10  Thibault Saunier  <tsaunier@igalia.com>
713
714         [GTK] Implement ImageBuffer::toBGRAData
715         https://bugs.webkit.org/show_bug.cgi?id=185511
716
717         Reviewed by Michael Catanzaro.
718
719         This was never implemented but will be required for the MediaStream API
720         tests.
721
722         * platform/graphics/ImageBuffer.cpp:
723         (WebCore::ImageBuffer::toBGRAData const):
724         * platform/graphics/cg/ImageBufferCG.cpp:
725         (WebCore::ImageBuffer::toBGRAData const):
726         * platform/graphics/gtk/ImageBufferGtk.cpp:
727         (WebCore::ImageBuffer::toBGRAData const):
728
729 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
730
731         [EME][GStreamer] Add a handler for GStreamer protection event
732         https://bugs.webkit.org/show_bug.cgi?id=185245
733
734         Reviewed by Xabier Rodriguez-Calvar.
735
736         Qtdemux sends the protection event when encountered a new PSSH box (encrypted content).
737
738         The Decryptor is moved from AppendPipeline to PlaybackPipeline (see https://bugs.webkit.org/show_bug.cgi?id=181855),
739         thus the protection event is no longer handled because the Decryptor is not in the same pipeline as qtdemux.
740
741         AppendPipeline: httpsrc-->qtdemux-->appsink
742         PlaybackPipeline: appsrc-->parser--> decryptor-->decoder-->sink
743
744         This patch attaches a probe to the sink pad of the appsink in the appendPipeline in order to
745         catch and manage the protection event.
746
747         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
748         (WebCore::AppendPipeline::AppendPipeline):
749         (WebCore::AppendPipeline::~AppendPipeline):
750         (WebCore::appendPipelineAppsinkPadEventProbe):
751         * platform/graphics/gstreamer/mse/AppendPipeline.h:
752         (WebCore::AppendPipeline::playerPrivate):
753
754 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
755
756         [EME][GStreamer] Move the decryptor from AppendPipeline to PlaybackPipeline.
757         https://bugs.webkit.org/show_bug.cgi?id=181855
758
759         Reviewed by Xabier Rodriguez-Calvar.
760
761         The goal of this move is to handle the limitation of SVP (Secure Video Path) memory size.
762
763         When the decryptor is in the AppendPipeline and we use SVP, we buffer in MediaSource queue
764         the decrypted GstBuffers that are in SVP memory.
765         This behavior cause an out-of-memory error, because we are limited in SVP memory size.
766
767         By moving the decryptor in PlaybackPipeline, we avoid to buffer the decrypted GstBuffers
768         which use the SVP memory and we buffer the encrypted GstBuffers that are in system memory.
769
770         This new architecture also allows to start the buffering before obtaining the DRM license
771         and it makes easier to manage dynamic change of the license or Key.
772
773         The decryptor is auto plugged by GStreamer playbin in PlaybackPipeline.
774
775         SVP: Secure Video Path also named trusted or protected video path, it is a memory which is
776         protected by a hardware access control engine, it is not accessible to other unauthorised
777         software or hardware components.
778
779         Tests:
780             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
781             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
782
783         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
784         (webkitMediaCommonEncryptionDecryptSinkEventHandler):
785         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
786         (WebCore::dumpAppendState):
787         (WebCore::AppendPipeline::AppendPipeline):
788         (WebCore::AppendPipeline::handleNeedContextSyncMessage):
789         (WebCore::AppendPipeline::handleAppsrcNeedDataReceived):
790         (WebCore::AppendPipeline::setAppendState):
791         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
792         (WebCore::AppendPipeline::appsinkNewSample):
793         (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
794         (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
795         (WebCore::appendPipelineElementMessageCallback): Deleted.
796         (WebCore::AppendPipeline::handleElementMessage): Deleted.
797         (WebCore::AppendPipeline::dispatchPendingDecryptionStructure): Deleted.
798         (WebCore::AppendPipeline::dispatchDecryptionStructure): Deleted.
799         * platform/graphics/gstreamer/mse/AppendPipeline.h:
800         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
801         (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance):
802         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
803
804 2018-05-09  Nan Wang  <n_wang@apple.com>
805
806         AX: VoiceOver iframe scrolling focus jumping bug
807         https://bugs.webkit.org/show_bug.cgi?id=176615
808         <rdar://problem/34333067>
809
810         Reviewed by Chris Fleizach.
811
812         Scrolling to make elements visible is not working correctly for elements inside an
813         offscreen iframe. Fixed it by using RenderLayer::scrollRectToVisible() to handle
814         scrolling more properly.
815
816         Test: accessibility/scroll-to-make-visible-iframe-offscreen.html
817
818         * accessibility/AccessibilityObject.cpp:
819         (WebCore::AccessibilityObject::scrollToMakeVisible const):
820
821 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
822
823         AX: accessibleNameForNode should simplify whitespace when using innerText
824         https://bugs.webkit.org/show_bug.cgi?id=185498
825
826         Reviewed by Chris Fleizach.
827
828         Test: accessibility/text-alternative-calculation-from-unrendered-table.html
829
830         Call simplifyWhiteSpace() before returning the innerText value.
831
832         * accessibility/AccessibilityNodeObject.cpp:
833         (WebCore::accessibleNameForNode):
834
835 2018-05-09  Chris Dumez  <cdumez@apple.com>
836
837         Add initial support for 'Cross-Origin-Options' HTTP response header
838         https://bugs.webkit.org/show_bug.cgi?id=184996
839         <rdar://problem/39664620>
840
841         Reviewed by Geoff Garen.
842
843         Add initial support for 'Cross-Origin-Options' HTTP response header behind an experimental
844         feature flag, on by default. When the HTTP server services this HTTP response header for a
845         main resource, we'll set these options on the corresponding Document. This will impact the
846         behavior of the Document's associated Window API when cross-origin.
847
848         The HTTP header has 3 possible values:
849         - allow: This is the default. Regular cross-origin Window API is available.
850         - allow-postmessage: Only postMessage() is available on a cross-origin window, trying to
851           access anything else will throw a SecurityError.
852         - deny: Trying to do anything with a cross-origin window will throw a SecurityError.
853
854         The header has no effect when accessing same origin windows.
855
856         Note that on cross-origin access from Window A to Window B, we check the cross-origin
857         options for both Window A and Window B and use the lowest common denominator as effective
858         cross-origin options for the access. So if Window A has 'Cross-Origin-Options: deny' and
859         tries to call postMessage() on Window B which has 'Cross-Origin-Options: allow-postmessage',
860         we will throw a SecurityError. This is because Window A's more restrictive options (deny)
861         apply.
862
863         Tests: http/wpt/cross-origin-options/allow-postmessage-from-deny.html
864                http/wpt/cross-origin-options/allow-postmessage.html
865                http/wpt/cross-origin-options/cross-origin-options-header.html
866
867         * bindings/js/JSDOMBindingSecurity.cpp:
868         (WebCore::BindingSecurity::shouldAllowAccessToDOMWindowGivenMinimumCrossOriginOptions):
869         * bindings/js/JSDOMBindingSecurity.h:
870         * bindings/js/JSDOMWindowCustom.cpp:
871         (WebCore::effectiveCrossOriginOptionsForAccess):
872         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
873         (WebCore::JSDOMWindow::getOwnPropertySlot):
874         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
875         (WebCore::addCrossOriginWindowPropertyNames):
876         (WebCore::addScopedChildrenIndexes):
877         (WebCore::addCrossOriginWindowOwnPropertyNames):
878         (WebCore::JSDOMWindow::getOwnPropertyNames):
879         * bindings/js/JSDOMWindowCustom.h:
880         * bindings/js/JSRemoteDOMWindowCustom.cpp:
881         (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
882         (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
883         (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
884         * bindings/scripts/CodeGeneratorJS.pm:
885         (GenerateAttributeGetterBodyDefinition):
886         (GetCrossOriginsOptionsFromExtendedAttributeValue):
887         (GenerateAttributeSetterBodyDefinition):
888         (GenerateOperationBodyDefinition):
889         * bindings/scripts/IDLAttributes.json:
890         * dom/Document.cpp:
891         (WebCore::Document::setCrossOriginOptions):
892         * dom/Document.h:
893         (WebCore::Document::crossOriginOptions const):
894         * loader/FrameLoader.cpp:
895         (WebCore::FrameLoader::didBeginDocument):
896         * page/AbstractDOMWindow.cpp:
897         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
898         * page/AbstractDOMWindow.h:
899         (WebCore::AbstractDOMWindow::crossOriginOptions):
900         (WebCore::AbstractDOMWindow::setCrossOriginOptions):
901         * page/DOMWindow.cpp:
902         (WebCore::DOMWindow::DOMWindow):
903         (WebCore::DOMWindow::didSecureTransitionTo):
904         * page/DOMWindow.idl:
905         * page/Frame.h:
906         * page/RemoteDOMWindow.cpp:
907         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
908         * page/RemoteDOMWindow.h:
909         * page/Settings.yaml:
910         * platform/network/HTTPHeaderNames.in:
911         * platform/network/HTTPParsers.cpp:
912         (WebCore::parseCrossOriginOptionsHeader):
913         * platform/network/HTTPParsers.h:
914
915 2018-05-09  Ryosuke Niwa  <rniwa@webkit.org>
916
917         Release assert in TreeScopeOrderedMap::remove via HTMLImageElement::removedFromAncestor
918         https://bugs.webkit.org/show_bug.cgi?id=185493
919
920         Reviewed by Brent Fulgham.
921
922         Fixed the bug that HTMLImageElement::removedFromAncestor and HTMLMapElement::removedFromAncestor
923         were calling removeImageElementByUsemap on the document instead of the shadow tree from which it was removed.
924
925         Test: fast/images/imagemap-in-shadow-tree-removed.html
926
927         * html/HTMLImageElement.cpp:
928         (WebCore::HTMLImageElement::removedFromAncestor):
929         * html/HTMLMapElement.cpp:
930         (WebCore::HTMLMapElement::removedFromAncestor):
931
932 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
933
934         AX: Hidden nodes which are not directly referenced should not participate name/description from content
935         https://bugs.webkit.org/show_bug.cgi?id=185478
936
937         Reviewed by Chris Fleizach.
938
939         Add a check to AccessibilityNodeObject::textUnderElement() and return early
940         if the node is hidden, not referenced by aria-labelledby or aria-describedby,
941         not an HTMLLabelElement, and not fallback content for an HTMLCanvasElement.
942
943         Test: accessibility/text-alternative-calculation-hidden-nodes.html
944
945         * accessibility/AccessibilityNodeObject.cpp:
946         (WebCore::AccessibilityNodeObject::textUnderElement const):
947
948 2018-05-09  Eric Carlson  <eric.carlson@apple.com>
949
950         Update MediaSession to use release logging
951         https://bugs.webkit.org/show_bug.cgi?id=185376
952         <rdar://problem/40022203>
953
954         Reviewed by Youenn Fablet.
955
956         No new tests, tested manually.
957
958         * Modules/mediastream/MediaStream.h: hostingDocument() doesn't need to return a const Document.
959         * Modules/webaudio/AudioContext.cpp:
960         (WebCore::AudioContext::hostingDocument const): Ditto.
961         * Modules/webaudio/AudioContext.h:
962
963         * html/HTMLMediaElement.h: Ditto.
964
965         * html/MediaElementSession.cpp:
966         (WebCore::MediaElementSession::MediaElementSession):
967         (WebCore::MediaElementSession::addBehaviorRestriction):
968         (WebCore::MediaElementSession::removeBehaviorRestriction):
969         (WebCore::MediaElementSession::dataLoadingPermitted const):
970         (WebCore::MediaElementSession::fullscreenPermitted const):
971         (WebCore::MediaElementSession::pageAllowsDataLoading const):
972         (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming const):
973         (WebCore::MediaElementSession::canShowControlsManager const):
974         (WebCore::MediaElementSession::showPlaybackTargetPicker):
975         (WebCore::MediaElementSession::hasWirelessPlaybackTargets const):
976         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled const):
977         (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
978         (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
979         (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
980         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
981         (WebCore::MediaElementSession::mediaEngineUpdated):
982         (WebCore::MediaElementSession::willLog const): Deleted.
983         (WebCore::MediaElementSession::logger const): Deleted.
984         (WebCore::MediaElementSession::logIdentifier const): Deleted.
985         (WebCore::MediaElementSession::logChannel const): Deleted.
986         * html/MediaElementSession.h:
987
988         * platform/audio/PlatformMediaSession.cpp:
989         (WebCore::nextLogIdentifier):
990         (WebCore::convertEnumerationToString):
991         (WebCore::PlatformMediaSession::PlatformMediaSession):
992         (WebCore::PlatformMediaSession::setState):
993         (WebCore::PlatformMediaSession::beginInterruption):
994         (WebCore::PlatformMediaSession::endInterruption):
995         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
996         (WebCore::PlatformMediaSession::clientWillPausePlayback):
997         (WebCore::PlatformMediaSession::pauseSession):
998         (WebCore::PlatformMediaSession::stopSession):
999         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
1000         (WebCore::PlatformMediaSession::logChannel const):
1001         (WebCore::stateName): Deleted.
1002         (WebCore::interruptionName): Deleted.
1003         * platform/audio/PlatformMediaSession.h:
1004         (WTF::LogArgument<WebCore::PlatformMediaSession::State>::toString):
1005         (WTF::LogArgument<WebCore::PlatformMediaSession::InterruptionType>::toString):
1006
1007 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1008
1009         [GStreamer] Never call updateTracks if running on legacy pipeline
1010         https://bugs.webkit.org/show_bug.cgi?id=184581
1011
1012         This makes sure failling code path is never reached in the conditions where it should not have been reached.
1013
1014         Reviewed by Philippe Normand.
1015
1016         Re enables all tests that were disabled after fixing.
1017
1018         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1019         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1020
1021 2018-05-09  Daniel Bates  <dabates@apple.com>
1022
1023         REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
1024         https://bugs.webkit.org/show_bug.cgi?id=185443
1025         <rdar://problem/40100660>
1026
1027         Reviewed by Andy Estes.
1028
1029         Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in
1030         WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in
1031         NetworkProcess. We need to check these security requirements in WebContent process whenever
1032         we are performing a substitute data load, such as for app cache, as these loads do not go
1033         through NetworkProcess.
1034
1035         * loader/DocumentLoader.cpp:
1036         (WebCore::DocumentLoader::responseReceived):
1037
1038 2018-05-09  Justin Fan  <justin_fan@apple.com>
1039
1040         Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. 
1041         https://bugs.webkit.org/show_bug.cgi?id=185272
1042         <rdar://problem/15745737>
1043
1044         Reviewed by Dean Jackson.
1045
1046         Also added in Khronos' ASTC test from version 1.0.4 beta of their conformance test suite,
1047         although again, this requires OpenGL ES 3 context for WebKit to detect proper support.
1048
1049         Test: fast/canvas/webgl/webgl-compressed-texture-astc.html
1050
1051         * DerivedSources.make:
1052         * Sources.txt:
1053         * WebCore.xcodeproj/project.pbxproj:
1054         * bindings/js/JSDOMConvertWebGL.cpp:
1055         (WebCore::convertToJSValue):
1056         * html/canvas/WebGL2RenderingContext.cpp:
1057         (WebCore::WebGL2RenderingContext::getExtension):
1058         (WebCore::WebGL2RenderingContext::getSupportedExtensions):
1059         * html/canvas/WebGLCompressedTextureASTC.cpp: Added.
1060         (WebCore::WebGLCompressedTextureASTC::WebGLCompressedTextureASTC):
1061         (WebCore::WebGLCompressedTextureASTC::getName const):
1062         (WebCore::WebGLCompressedTextureASTC::supported):
1063         (WebCore::WebGLCompressedTextureASTC::getSupportedProfiles):
1064         * html/canvas/WebGLCompressedTextureASTC.h: Added.
1065         * html/canvas/WebGLCompressedTextureASTC.idl: Added.
1066         * html/canvas/WebGLExtension.h:
1067         * html/canvas/WebGLRenderingContext.cpp:
1068         (WebCore::WebGLRenderingContext::getExtension):
1069         (WebCore::WebGLRenderingContext::getSupportedExtensions):
1070         * html/canvas/WebGLRenderingContextBase.cpp:
1071         (WebCore::WebGLRenderingContextBase::validateCompressedTexFuncData):
1072         (WebCore::WebGLRenderingContextBase::validateCompressedTexDimensions):
1073         * html/canvas/WebGLRenderingContextBase.h:
1074         * platform/graphics/Extensions3D.h:
1075
1076 2018-05-09  Youenn Fablet  <youenn@apple.com>
1077
1078         Allow WebResourceLoader to cancel a load served from a service worker
1079         https://bugs.webkit.org/show_bug.cgi?id=185274
1080
1081         Reviewed by Chris Dumez.
1082
1083         Add support for cancelling a fetch from WebProcess to service worker process.
1084         Use FetchIdentifier instead of uint64_t.
1085
1086         * Modules/fetch/FetchIdentifier.h: Added.
1087         * WebCore.xcodeproj/project.pbxproj:
1088         * workers/service/context/ServiceWorkerFetch.h:
1089         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1090         (WebCore::ServiceWorkerThreadProxy::startFetch):
1091         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1092         * workers/service/context/ServiceWorkerThreadProxy.h:
1093
1094 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1095
1096         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamer
1097         https://bugs.webkit.org/show_bug.cgi?id=185479
1098
1099         Reviewed by Philippe Normand.
1100
1101         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:114:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1102         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:194:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1103         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:398:  One line control clauses should not use braces.  [whitespace/braces] [4]
1104         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:440:  One line control clauses should not use braces.  [whitespace/braces] [4]
1105         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:806:  More than one command on the same line  [whitespace/newline] [4]
1106         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:869:  More than one command on the same line  [whitespace/newline] [4]
1107         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:880:  More than one command on the same line  [whitespace/newline] [4]
1108         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:940:  More than one command on the same line  [whitespace/newline] [4]
1109         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1102:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1110         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1109:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1111
1112         Indentation and style issue fixed only.
1113
1114         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1115         (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
1116         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
1117         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
1118         (WebCore::MediaPlayerPrivateGStreamer::play):
1119         (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
1120         (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
1121         (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
1122         (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
1123         (WebCore::MediaPlayerPrivateGStreamer::buffered const):
1124         (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
1125
1126 2018-05-09  Daniel Bates  <dabates@apple.com>
1127
1128         REGRESSION (r231479): com.apple.WebCore crash in WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied()
1129         https://bugs.webkit.org/show_bug.cgi?id=185475
1130         <rdar://problem/40093853>
1131
1132         Reviewed by Andy Estes.
1133
1134         DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() must extends its lifetime
1135         until completion as dispatching a DOM load event at the associated frame can cause JavaScript execution
1136         that can do anything, including destroying the loader that dispatched the event.
1137
1138         Following r231479 DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() is now
1139         invoked by both DocumentLoader::responseReceived() and WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1140         The latter only can happen when using WebKit2 and the experimental feature Restricted HTTP Response Access
1141         is enabled (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()). Unlike DocumentLoader::responseReceived()
1142         WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() does not take out a ref
1143         on the DocumentLoader before invoking DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1144         Therefore, DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() can cause its
1145         own destruction as a result of dispatching a DOM load event at the frame. We should take out a ref on
1146         the DocumentLoader when executing DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1147
1148         * loader/DocumentLoader.cpp:
1149         (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied):
1150
1151 2018-05-09  Tim Horton  <timothy_horton@apple.com>
1152
1153         Fix the build by ignoring some deprecation warnings
1154
1155         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1156         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):
1157
1158 2018-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1159
1160         [WPE] Build cleanly with GCC 8 and ICU 60
1161         https://bugs.webkit.org/show_bug.cgi?id=185462
1162
1163         Reviewed by Carlos Alberto Lopez Perez.
1164
1165         * PlatformGTK.cmake: Include directories are in the wrong place.
1166         * accessibility/AXObjectCache.cpp: Silence -Wclass-memaccess problems and leave warnings.
1167         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
1168         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
1169         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1170         (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
1171         * css/CSSFontFace.cpp: Silence -Wfallthrough
1172         (WebCore::CSSFontFace::fontLoadTiming const):
1173         * css/CSSSelectorList.cpp: Silence -Wclass-memaccess, this one is intentional.
1174         (WebCore::CSSSelectorList::adoptSelectorVector):
1175         * editing/TextIterator.cpp: Silence ICU deprecation warnings.
1176         * platform/Length.h:
1177         (WebCore::Length::operator=): More -Wclass-memaccess, looks benign.
1178         * platform/graphics/Gradient.cpp:
1179         (WebCore::Gradient::hash const): -Wclass-memaccess again. Leave a warning.
1180         * platform/graphics/SurrogatePairAwareTextIterator.cpp: Silence ICU deprecation warnings.
1181         * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
1182         (WebCore::FontCascade::fontForCombiningCharacterSequence const): Silence ICU deprecation.
1183         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1184         (WebCore::FontCustomPlatformData::FontCustomPlatformData): Silence -Wcast-function-type.
1185         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
1186         (WebCore::Font::canRenderCombiningCharacterSequence const): Silence ICU deprecation.
1187         * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp:
1188         (gstAllocatorFastMallocMemUnmap): Fix -Wcast-function-type.
1189         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1190         (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix bad printf.
1191         (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Another bad printf.
1192         (WebCore::findHLSQueue): Fix -Wcast-function-type.
1193         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1194         (webKitMediaClearKeyDecryptorDecrypt): Fix another bad printf.
1195         * platform/network/soup/SocketStreamHandleImplSoup.cpp: Silence -Wcast-function-type.
1196         (WebCore::SocketStreamHandleImpl::beginWaitingForSocketWritability):
1197         * platform/text/TextEncoding.cpp: Silence ICU deprecration.
1198
1199 2018-05-08  Simon Fraser  <simon.fraser@apple.com>
1200
1201         SVG lighting colors need to be converted into linearSRGB
1202         https://bugs.webkit.org/show_bug.cgi?id=181196
1203
1204         Reviewed by Darin Adler.
1205
1206         Address post-commit comments. Don't make a Color that contains linearRGB components,
1207         but use FloatComponents instead. Since these FloatComponents are in the 0-1 range,
1208         FELighting::setPixelInternal() needs to multiply by 255 since the output pixels are
1209         8-bit 0-255.
1210         
1211         Change linearToSRGBColorComponent() and sRGBToLinearColorComponent() to do math in
1212         floats without promoting to doubles.
1213
1214         * platform/graphics/ColorUtilities.cpp:
1215         (WebCore::FloatComponents::FloatComponents):
1216         (WebCore::linearToSRGBColorComponent):
1217         (WebCore::sRGBToLinearColorComponent):
1218         (WebCore::sRGBColorToLinearComponents):
1219         (WebCore::linearToSRGBColor): Deleted.
1220         (WebCore::sRGBToLinearColor): Deleted.
1221         * platform/graphics/ColorUtilities.h:
1222         * platform/graphics/filters/FELighting.cpp:
1223         (WebCore::FELighting::setPixelInternal):
1224         (WebCore::FELighting::drawLighting):
1225
1226 2018-05-09  Timothy Hatcher  <timothy@apple.com>
1227
1228         Use StyleColor::Options in more places.
1229
1230         https://bugs.webkit.org/show_bug.cgi?id=185458
1231         rdar://problem/39853798
1232
1233         Add UseDefaultAppearance to StyleColor::Options, to avoid passing yet another
1234         boolean on some of these functions.
1235
1236         Reviewed by Tim Horton.
1237
1238         * css/MediaQueryEvaluator.cpp:
1239         * css/StyleColor.h:
1240         * dom/Document.cpp:
1241         (WebCore::Document::useDefaultAppearance const):
1242         (WebCore::Document::styleColorOptions const):
1243         * dom/Document.h:
1244         * platform/Theme.cpp:
1245         (WebCore::Theme::paint):
1246         * platform/Theme.h:
1247         * platform/mac/LocalDefaultSystemAppearance.h:
1248         * platform/mac/LocalDefaultSystemAppearance.mm:
1249         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1250         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
1251         * platform/mac/ThemeMac.h:
1252         * platform/mac/ThemeMac.mm:
1253         (WebCore::paintToggleButton):
1254         (WebCore::paintButton):
1255         (WebCore::ThemeMac::ensuredView):
1256         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
1257         (WebCore::ThemeMac::paint):
1258         (-[WebCoreThemeView initWithUseSystemAppearance:]): Deleted.
1259         * platform/wpe/ThemeWPE.cpp:
1260         (WebCore::ThemeWPE::paint):
1261         * platform/wpe/ThemeWPE.h:
1262         * rendering/RenderListBox.cpp:
1263         (WebCore::RenderListBox::paintItemBackground):
1264         * rendering/RenderTheme.cpp:
1265         (WebCore::RenderTheme::paint):
1266         (WebCore::RenderTheme::inactiveListBoxSelectionBackgroundColor const):
1267         (WebCore::RenderTheme::platformInactiveListBoxSelectionBackgroundColor const):
1268         * rendering/RenderTheme.h:
1269         * rendering/RenderThemeGtk.cpp:
1270         (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor const):
1271         * rendering/RenderThemeGtk.h:
1272         * rendering/RenderThemeMac.h:
1273         * rendering/RenderThemeMac.mm:
1274         (WebCore::RenderThemeMac::documentViewFor const):
1275         (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
1276         (WebCore::RenderThemeMac::systemColor const):
1277         (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
1278         (WebCore::RenderThemeMac::paintSliderThumb):
1279
1280 2018-05-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1281
1282         [EME][GStreamer] Crash when the mediaKeys are created before loading the media in debug conf
1283         https://bugs.webkit.org/show_bug.cgi?id=185244
1284
1285         Reviewed by Xabier Rodriguez-Calvar.
1286
1287         The function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" is expected to be called once,
1288         so there is an ASSERT(!m_cdmInstance).
1289         But when the MediaKeys are created before loading the media, the cdminstance is created and attached
1290         to the MediaPlayerPrivate via "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" before loading
1291         the media, then when the media is loading, the function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached"
1292         will be called several times via the function "mediaEngineWasUpdated" wich is called for each change
1293         in the MediaElement state, thus the WebProcess crashes in the ASSERT(!m_cdmInstance).
1294
1295         This commit avoid the crash by replacing the assert with a simple check.
1296
1297         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1298         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
1299         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
1300
1301 2018-05-09  Antti Koivisto  <antti@apple.com>
1302
1303         Add OptionSet::operator& and operator bool
1304         https://bugs.webkit.org/show_bug.cgi?id=185306
1305
1306         Reviewed by Anders Carlsson.
1307
1308         Use it in a few places.
1309
1310         * loader/FrameLoader.cpp:
1311         (WebCore::FrameLoader::reload):
1312         * rendering/RenderLayerCompositor.cpp:
1313         (WebCore::RenderLayerCompositor::logReasonsForCompositing):
1314         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
1315
1316 2018-05-08  Dean Jackson  <dino@apple.com>
1317
1318         Disable system preview link fetching
1319         https://bugs.webkit.org/show_bug.cgi?id=185463
1320
1321         Reviewed by Jon Lee.
1322
1323         Temporarily disable system preview detection when a link
1324         is clicked.
1325
1326         * html/HTMLAnchorElement.cpp:
1327         (WebCore::HTMLAnchorElement::handleClick):
1328
1329 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1330
1331         Unreviewed, fix the internal iOS build
1332
1333         Add a missing import statement in an implementation file.
1334
1335         * editing/cocoa/WebContentReaderCocoa.mm:
1336
1337 2018-05-08  Ryan Haddad  <ryanhaddad@apple.com>
1338
1339         Unreviewed, rolling out r231486.
1340
1341         Caused service worker LayoutTest failures on macOS Debug WK2.
1342
1343         Reverted changeset:
1344
1345         "Allow WebResourceLoader to cancel a load served from a
1346         service worker"
1347         https://bugs.webkit.org/show_bug.cgi?id=185274
1348         https://trac.webkit.org/changeset/231486
1349
1350 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
1351
1352         Consolidate WebContentReaderIOS and WebContentReaderMac into WebContentReaderCocoa
1353         https://bugs.webkit.org/show_bug.cgi?id=185340
1354
1355         Reviewed by Tim Horton.
1356
1357         WebContentReader::readURL is currently the only method implemented separately in iOS and macOS platform
1358         WebContentReader files. The implementation across macOS and iOS is nearly identical (with some exceptions with
1359         the way iOS handles file URLs and plain text editing), so we can merge these into a single method
1360         WebContentReaderCocoa and delete WebContentReaderIOS and WebContentReaderMac.
1361
1362         This also has the added bonus of fixing a latent bug in WebContentReaderMac, wherein URLs written to the
1363         pasteboard using -[NSPasteboard writeObjects:] are currently pasted as empty anchor elements. In this case, the
1364         link title isn't made explicit, so the `title` passed in to WebContentReader::readURL is empty. On iOS, we have
1365         code to fall back to pasting the absolute string of the URL if the title is empty, but on macOS, we'll just use
1366         this empty string as the title of the anchor.
1367
1368         Test: PasteMixedContent.PasteURLWrittenToPasteboardUsingWriteObjects
1369
1370         * SourcesCocoa.txt:
1371         * WebCore.xcodeproj/project.pbxproj:
1372         * editing/cocoa/WebContentReaderCocoa.mm:
1373         (WebCore::WebContentReader::readURL):
1374         * editing/ios/WebContentReaderIOS.mm: Removed.
1375         * editing/mac/WebContentReaderMac.mm: Removed.
1376
1377 2018-05-08  Zalan Bujtas  <zalan@apple.com>
1378
1379         [Simple line layout] Cache run resolver.
1380         https://bugs.webkit.org/show_bug.cgi?id=185411
1381
1382         Reviewed by Antti Koivisto.
1383
1384         This patch caches the run resolver on the [SimpleLine]Layout object. 
1385         In certain cases, when the block container has thousands of elements (foobar1<br>foobar2<br>.....foobar9999<br>),
1386         constructing the resolver (and its dependencies) in a repeating fashion could hang the WebProcess.
1387
1388         Covered by existing tests.
1389
1390         * rendering/SimpleLineLayout.cpp:
1391         (WebCore::SimpleLineLayout::create):
1392         (WebCore::SimpleLineLayout::Layout::create):
1393         (WebCore::SimpleLineLayout::Layout::Layout):
1394         * rendering/SimpleLineLayout.h:
1395         (WebCore::SimpleLineLayout::Layout::runResolver const):
1396         * rendering/SimpleLineLayoutFunctions.cpp:
1397         (WebCore::SimpleLineLayout::paintFlow):
1398         (WebCore::SimpleLineLayout::hitTestFlow):
1399         (WebCore::SimpleLineLayout::collectFlowOverflow):
1400         (WebCore::SimpleLineLayout::computeBoundingBox):
1401         (WebCore::SimpleLineLayout::computeFirstRunLocation):
1402         (WebCore::SimpleLineLayout::collectAbsoluteRects):
1403         (WebCore::SimpleLineLayout::collectAbsoluteQuads):
1404         (WebCore::SimpleLineLayout::textOffsetForPoint):
1405         (WebCore::SimpleLineLayout::collectAbsoluteQuadsForRange):
1406         (WebCore::SimpleLineLayout::generateLineBoxTree):
1407         * rendering/SimpleLineLayoutResolver.cpp:
1408         (WebCore::SimpleLineLayout::LineResolver::LineResolver):
1409         * rendering/SimpleLineLayoutResolver.h:
1410         (WebCore::SimpleLineLayout::lineResolver):
1411
1412 2018-05-08  Brent Fulgham  <bfulgham@apple.com>
1413
1414         Switch some RELEASE_ASSERTS to plain debug ASSERTS in PlatformScreenMac.mm
1415         https://bugs.webkit.org/show_bug.cgi?id=185451
1416         <rdar://problem/39620348>
1417
1418         Reviewed by Zalan Bujtas.
1419
1420         Change a set of RELEASE_ASSERTS used to prevent accessing NSScreen related functions in the
1421         PlatformScreenMac implementation to less expensive Debug ASSERTS.
1422
1423         No change in behavior.
1424
1425         * platform/mac/PlatformScreenMac.mm:
1426         (WebCore::screenHasInvertedColors):
1427         (WebCore::screenDepth):
1428         (WebCore::screenDepthPerComponent):
1429         (WebCore::screenRectForDisplay):
1430         (WebCore::screenRect):
1431         (WebCore::screenAvailableRect):
1432         (WebCore::screenColorSpace):
1433         (WebCore::screenSupportsExtendedColor):
1434
1435 2018-05-08  Daniel Bates  <dabates@apple.com>
1436
1437         Resign Strong Password appearance when text field value changes
1438         https://bugs.webkit.org/show_bug.cgi?id=185433
1439         <rdar://problem/39958508>
1440
1441         Reviewed by Ryosuke Niwa.
1442
1443         Remove the Strong Password decoration when the text field's value changes to avoid interfering
1444         with web sites that allow a person to clear the password field.
1445
1446         Tests: fast/forms/auto-fill-button/auto-fill-strong-password-button-when-maxlength-changes.html
1447                fast/forms/auto-fill-button/auto-fill-strong-password-button-when-minlength-changes.html
1448                fast/forms/auto-fill-button/hide-auto-fill-strong-password-button-when-value-changes.html
1449
1450         * html/HTMLInputElement.cpp:
1451         (WebCore::HTMLInputElement::resignStrongPasswordAppearance): Extracted from HTMLInputElement::updateType().
1452         (WebCore::HTMLInputElement::updateType): Extract out logic to resign the Strong Password appearance
1453         into a function that can be shared by this function and HTMLInputElement::setValue().
1454         (WebCore::HTMLInputElement::setValue): Resign the Strong Password appearance if this field was
1455         changed programmatically (i.e. no DOM change event was dispatched).
1456         * html/HTMLInputElement.h:
1457
1458 2018-05-08  Jer Noble  <jer.noble@apple.com>
1459
1460         Unreviewed build fix; add missing function definition.
1461
1462         * html/HTMLMediaElement.h:
1463         (WebCore::HTMLMediaElement::didPassCORSAccessCheck const):
1464
1465 2018-05-08  Jer Noble  <jer.noble@apple.com>
1466
1467         Mute MediaElementSourceNode when tainted.
1468         https://bugs.webkit.org/show_bug.cgi?id=184866
1469
1470         Reviewed by Eric Carlson.
1471
1472         Test: http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html
1473
1474         * Modules/webaudio/AudioContext.cpp:
1475         (WebCore::AudioContext::wouldTaintOrigin const):
1476         * Modules/webaudio/AudioContext.h:
1477         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
1478         (WebCore::MediaElementAudioSourceNode::setFormat):
1479         (WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
1480         (WebCore::MediaElementAudioSourceNode::process):
1481         * Modules/webaudio/MediaElementAudioSourceNode.h:
1482
1483 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
1484
1485         Log rtcstats as JSON
1486         https://bugs.webkit.org/show_bug.cgi?id=185437
1487         <rdar://problem/40065332>
1488
1489         Reviewed by Youenn Fablet.
1490
1491         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
1492         (WebCore::RTCStatsLogger::RTCStatsLogger): Create a wrapper class so we don't have to add a
1493         toJSONString method to libwebrtc.
1494         (WebCore::RTCStatsLogger::toJSONString const): Log stats as JSON.
1495         (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered): Don't use the LOGIDENTIFIER macro because
1496         it doesn't work well inside of a lambda.
1497         (WTF::LogArgument<WebCore::RTCStatsLogger>::toString): Move into .cpp file because it is only
1498         used here.
1499         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
1500         (WTF::LogArgument<webrtc::RTCStats>::toString): Deleted. Move to .cpp file.
1501
1502 2018-05-08  Dean Jackson  <dino@apple.com>
1503
1504         System Preview links should trigger a download
1505         https://bugs.webkit.org/show_bug.cgi?id=185439
1506         <rdar://problem/40065545>
1507
1508         Reviewed by Jon Lee.
1509
1510         Add a new field to FrameLoadRequest, which then is copied
1511         into ResourceRequest, identifying if the link clicked
1512         is a system preview.
1513
1514         * html/HTMLAnchorElement.cpp:
1515         (WebCore::HTMLAnchorElement::handleClick): Look for isSystemPreviewLink().
1516         * loader/FrameLoadRequest.cpp:
1517         (WebCore::FrameLoadRequest::FrameLoadRequest):
1518         * loader/FrameLoadRequest.h: New property.
1519         (WebCore::FrameLoadRequest::FrameLoadRequest):
1520         (WebCore::FrameLoadRequest::isSystemPreview const):
1521         * loader/FrameLoader.cpp:
1522         (WebCore::FrameLoader::urlSelected):
1523         (WebCore::FrameLoader::loadURL):
1524         * loader/FrameLoader.h:
1525         * platform/network/ResourceRequestBase.cpp:
1526         (WebCore::ResourceRequestBase::isSystemPreview const):
1527         (WebCore::ResourceRequestBase::setSystemPreview):
1528         * platform/network/ResourceRequestBase.h:
1529
1530 2018-05-08  Commit Queue  <commit-queue@webkit.org>
1531
1532         Unreviewed, rolling out r231491.
1533         https://bugs.webkit.org/show_bug.cgi?id=185434
1534
1535         Setting the Created key on a cookie does not work yet, due a
1536         bug in CFNetwork (Requested by ggaren on #webkit).
1537
1538         Reverted changeset:
1539
1540         "[WKHTTPCookieStore getAllCookies] returns inconsistent
1541         creation time"
1542         https://bugs.webkit.org/show_bug.cgi?id=185041
1543         https://trac.webkit.org/changeset/231491
1544
1545 2018-05-08  Sihui Liu  <sihui_liu@apple.com>
1546
1547         [WKHTTPCookieStore getAllCookies] returns inconsistent creation time
1548         https://bugs.webkit.org/show_bug.cgi?id=185041
1549         <rdar://problem/34684214>
1550
1551         Reviewed by Geoffrey Garen.
1552
1553         Set creationtime property when creating Cookie object to keep consistency after conversion.
1554
1555         New API test: WebKit.WKHTTPCookieStoreCreationTime.
1556
1557         * platform/network/cocoa/CookieCocoa.mm:
1558         (WebCore::Cookie::operator NSHTTPCookie * const):
1559
1560 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
1561
1562         Text track cue logging should include cue text
1563         https://bugs.webkit.org/show_bug.cgi?id=185353
1564         <rdar://problem/40003565>
1565
1566         Reviewed by Brent Fulgham.
1567
1568         No new tests, tested manually.
1569
1570         * html/track/VTTCue.cpp:
1571         (WebCore::VTTCue::toJSON const):
1572         * platform/graphics/InbandTextTrackPrivateClient.h:
1573         (WebCore::GenericCueData::toJSONString const):
1574         * platform/graphics/iso/ISOVTTCue.cpp:
1575         (WebCore::ISOWebVTTCue::toJSONString const):
1576
1577 2018-05-08  Sam Weinig  <sam@webkit.org>
1578
1579         More cleanup of XMLHttpRequestUpload
1580         https://bugs.webkit.org/show_bug.cgi?id=185409
1581
1582         Reviewed by Alex Christensen.
1583
1584         - Remove unneeded #includes
1585         - Rename m_xmlHttpRequest to m_request
1586         - Make some overloaded some methods private, and mark them as final rather
1587           than override.
1588
1589         * xml/XMLHttpRequestUpload.cpp:
1590         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
1591         * xml/XMLHttpRequestUpload.h:
1592
1593 2018-05-08  Zalan Bujtas  <zalan@apple.com>
1594
1595         [LFC] Start using BlockMarginCollapse
1596         https://bugs.webkit.org/show_bug.cgi?id=185424
1597
1598         Reviewed by Antti Koivisto.
1599
1600         BlockMarginCollapse could be all static.
1601
1602         * layout/blockformatting/BlockFormattingContext.cpp:
1603         (WebCore::Layout::BlockFormattingContext::marginTop const):
1604         (WebCore::Layout::BlockFormattingContext::marginBottom const):
1605         * layout/blockformatting/BlockMarginCollapse.cpp:
1606         (WebCore::Layout::isMarginTopCollapsedWithSibling):
1607         (WebCore::Layout::isMarginBottomCollapsedWithSibling):
1608         (WebCore::Layout::isMarginTopCollapsedWithParent):
1609         (WebCore::Layout::isMarginBottomCollapsedWithParent):
1610         (WebCore::Layout::collapsedMarginTopFromFirstChild):
1611         (WebCore::Layout::collapsedMarginBottomFromLastChild):
1612         (WebCore::Layout::nonCollapsedMarginTop):
1613         (WebCore::Layout::nonCollapsedMarginBottom):
1614         (WebCore::Layout::BlockMarginCollapse::marginTop):
1615         (WebCore::Layout::BlockMarginCollapse::marginBottom):
1616         (WebCore::Layout::BlockMarginCollapse::BlockMarginCollapse): Deleted.
1617         (WebCore::Layout::BlockMarginCollapse::marginTop const): Deleted.
1618         (WebCore::Layout::BlockMarginCollapse::marginBottom const): Deleted.
1619         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithSibling const): Deleted.
1620         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithSibling const): Deleted.
1621         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParent const): Deleted.
1622         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent const): Deleted.
1623         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginTop const): Deleted.
1624         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginBottom const): Deleted.
1625         (WebCore::Layout::BlockMarginCollapse::collapsedMarginTopFromFirstChild const): Deleted.
1626         (WebCore::Layout::BlockMarginCollapse::collapsedMarginBottomFromLastChild const): Deleted.
1627         (WebCore::Layout::BlockMarginCollapse::hasAdjoiningMarginTopAndBottom const): Deleted.
1628         * layout/blockformatting/BlockMarginCollapse.h:
1629
1630 2018-05-08  Youenn Fablet  <youenn@apple.com>
1631
1632         Allow WebResourceLoader to cancel a load served from a service worker
1633         https://bugs.webkit.org/show_bug.cgi?id=185274
1634
1635         Reviewed by Chris Dumez.
1636
1637         Add support for cancelling a fetch from WebProcess to service worker process.
1638         Use FetchIdentifier instead of uint64_t.
1639
1640         * Modules/fetch/FetchIdentifier.h: Added.
1641         * WebCore.xcodeproj/project.pbxproj:
1642         * workers/service/context/ServiceWorkerFetch.h:
1643         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1644         (WebCore::ServiceWorkerThreadProxy::startFetch):
1645         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1646         * workers/service/context/ServiceWorkerThreadProxy.h:
1647
1648 2018-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
1649
1650         feTurbulence is not rendered correctly on Retina display
1651         https://bugs.webkit.org/show_bug.cgi?id=183798
1652
1653         Reviewed by Simon Fraser.
1654
1655         On 2x display the feTurbulence filter creates a scaled ImageBuffer but
1656         processes only the unscaled size. This is a remaining work of r168577 and
1657         is very similar to what was done for the feMorphology filter in r188271.
1658
1659         Test: fast/hidpi/filters-turbulence.html
1660
1661         * platform/graphics/filters/FETurbulence.cpp:
1662         (WebCore::FETurbulence::fillRegion const):
1663         (WebCore::FETurbulence::platformApplySoftware):
1664
1665 2018-05-07  Zalan Bujtas  <zalan@apple.com>
1666
1667         [LFC] Add FormattingContext::layoutOutOfFlowDescendants implementation
1668         https://bugs.webkit.org/show_bug.cgi?id=185377
1669
1670         Reviewed by Antti Koivisto.
1671
1672         Also, remove FormattingContext's m_layoutContext member and pass it in to ::layout() instead.
1673         In theory LayoutContext is needed only during ::layout() call. 
1674
1675         * layout/FormattingContext.cpp:
1676         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
1677         * layout/FormattingContext.h:
1678         (WebCore::Layout::FormattingContext::layoutContext const):
1679         * layout/LayoutContext.cpp:
1680         (WebCore::Layout::LayoutContext::updateLayout):
1681         * layout/blockformatting/BlockFormattingContext.cpp:
1682         (WebCore::Layout::BlockFormattingContext::layout const):
1683         * layout/blockformatting/BlockFormattingContext.h:
1684         * layout/inlineformatting/InlineFormattingContext.cpp:
1685         (WebCore::Layout::InlineFormattingContext::layout const):
1686         * layout/inlineformatting/InlineFormattingContext.h:
1687
1688 2018-05-07  Daniel Bates  <dabates@apple.com>
1689
1690         Check X-Frame-Options and CSP frame-ancestors in network process
1691         https://bugs.webkit.org/show_bug.cgi?id=185410
1692         <rdar://problem/37733934>
1693
1694         Reviewed by Ryosuke Niwa.
1695
1696         * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit.
1697         * loader/DocumentLoader.cpp:
1698         (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if
1699         we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept
1700         unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this
1701         in subsequent bugs.
1702         * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from
1703         private to public and export it so that we can call it from the WebKit.
1704         * loader/PingLoader.h:
1705         * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false)
1706         and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess.
1707         Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
1708         However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy
1709         at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
1710         is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled,
1711         to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess
1712         and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
1713         will also need to be enabled.
1714         * page/csp/ContentSecurityPolicy.cpp:
1715         (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins.
1716         * page/csp/ContentSecurityPolicy.h:
1717         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
1718         (WebCore::checkFrameAncestors): Ditto.
1719         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto.
1720         * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions().
1721         * page/csp/ContentSecurityPolicyResponseHeaders.h:
1722         * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit.
1723
1724 2018-05-07  Daniel Bates  <dabates@apple.com>
1725
1726         Abstract logic to log console messages and send CSP violation reports into a client
1727         https://bugs.webkit.org/show_bug.cgi?id=185393
1728         <rdar://problem/40036053>
1729
1730         Reviewed by Brent Fulgham.
1731
1732         First pass at adding infrastructure to supporting CSP reporting from NetworkProcess and workers.
1733         Replaces the existing ContentSecurityPolicy constructor that takes a Frame with one that
1734         takes a ContentSecurityPolicyClient to delegate to for logging and sending reports. We will look
1735         to remove ContentSecurityPolicy constructor that takes a ScriptExecutionContext in a follow up.
1736
1737         Standardize on instantiating a ContentSecurityPolicy with the full URL to resource that it protects
1738         instead of taking only the SecurityOrigin of this URL. By taking the full URL the ContentSecurityPolicy
1739         object is now capable of resolving a relative report URL without needing a Document/ScriptExecutionContext.
1740
1741         We are underutilizing the CSPInfo struct and ContentSecurityPolicyClient::willSendCSPViolationReport()
1742         delegate callback in this patch. We will make use of this functionality in a subsequent patch to
1743         support collecting script state (e.g. source line number) when reporting CSP violations in worker
1744         threads. We also no longer go through the unnecessary motions to try to collect script state for a
1745         frame-ancestors violation (since DocumentLoader extends ContentSecurityPolicyClient and does not
1746         implement ContentSecurityPolicyClient::willSendCSPViolationReport()). The frame-ancestors directive
1747         is checked before a document is parsed and executes script; => there will never be any script state
1748         to collect; => it is not necessary to try to collect it as we currently do.
1749
1750         * Sources.txt: Add file ContentSecurityPolicyClient.cpp. See the remarks for ContentSecurityPolicyClient.cpp
1751         below on why we have this file.
1752         * WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyClient.{h, cpp}.
1753         * dom/Document.cpp:
1754         (WebCore::Document::initSecurityContext): Pass the URL of the protected document.
1755         * loader/DocumentLoader.cpp:
1756         (WebCore::DocumentLoader::responseReceived): Ditto.
1757         (WebCore::DocumentLoader::addConsoleMessage): Added.
1758         (WebCore::DocumentLoader::sendCSPViolationReport): Added.
1759         (WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Added.
1760         * loader/DocumentLoader.h:
1761         * loader/FrameLoaderClient.h: Fix typo in comment.
1762         * loader/WorkerThreadableLoader.cpp:
1763         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass the URL of the worker script.
1764         * page/csp/ContentSecurityPolicy.cpp:
1765         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Added overload that takes a URL&& and an optional
1766         ContentSecurityPolicyClient*.
1767         (WebCore::ContentSecurityPolicy::deprecatedURLForReporting const): Extracted and simplified stripURLForUseInReport()
1768         into this member function.
1769         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to make use of the client, if we have
1770         one and removed code for handling a ContentSecurityPolicy that was instantiated with a Frame.
1771         (WebCore::ContentSecurityPolicy::logToConsole const): Ditto.
1772         (WebCore::stripURLForUseInReport): Deleted; incorporated into ContentSecurityPolicy::deprecatedURLForReporting().
1773         * page/csp/ContentSecurityPolicy.h:
1774         * page/csp/ContentSecurityPolicyClient.cpp: Added. This file exists so that we can define the virtual
1775         destructor out-of-line and export this abstract class so as to avoid the need for the vtable to be
1776         defined in the translation unit of each derived class.
1777         * page/csp/ContentSecurityPolicyClient.h: Added.
1778         * page/csp/ContentSecurityPolicySource.cpp:
1779         (WebCore::ContentSecurityPolicySource::operator SecurityOriginData const): Added.
1780         * page/csp/ContentSecurityPolicySource.h:
1781         * workers/WorkerGlobalScope.cpp:
1782         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate the ContentSecurityPolicy object with the
1783         URL of the worker script.
1784
1785 2018-05-07  Simon Fraser  <simon.fraser@apple.com>
1786
1787         CSS filters which reference SVG filters fail to respect the "color-interpolation-filters" of the filter
1788         https://bugs.webkit.org/show_bug.cgi?id=185343
1789
1790         Reviewed by Dean Jackson.
1791
1792         Test: css3/filters/color-interpolation-filters.html
1793         
1794         When applying CSS reference filters, apply the value of "color-interpolation-filters" for the
1795         referenced filter effect element, just as we do for SVG filters.
1796
1797         * rendering/FilterEffectRenderer.cpp:
1798         (WebCore::FilterEffectRenderer::buildReferenceFilter):
1799
1800 2018-05-07  Daniel Bates  <dabates@apple.com>
1801
1802         CSP status-code incorrect for document blocked due to violation of its frame-ancestors directive
1803         https://bugs.webkit.org/show_bug.cgi?id=185366
1804         <rdar://problem/40035116>
1805
1806         Reviewed by Brent Fulgham.
1807
1808         Fixes an issue where the status-code in the sent CSP report for an HTTP document blocked because
1809         its frame-ancestors directive was violated would be the status code of the previously loaded
1810         document in the frame. If the previously loaded document was about:blank then this would be 0.
1811
1812         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for the
1813         HTTP status code for the last response. Document::loader() returns the loader for the last committed
1814         document its frame. For a frame-ancestors violation, a CSP report is sent before the document
1815         that had the frame-ancestors directive has been committed and after it has been associate with a frame.
1816         As a result we are in are in a transient transition state for the frame and hence the last response
1817         for new document's loader (Document::loader()) is actually the last response of the previously loaded
1818         document in the frame. Instead we need to take care to tell CSP about the HTTP status code for the
1819         response associated with the document the CSP came from.
1820
1821         * dom/Document.cpp:
1822         (WebCore::Document::processHttpEquiv):
1823         (WebCore::Document::initSecurityContext):
1824         Pass the HTTP status code to CSP.
1825
1826         * page/csp/ContentSecurityPolicy.cpp:
1827         (WebCore::ContentSecurityPolicy::copyStateFrom):
1828         (WebCore::ContentSecurityPolicy::responseHeaders const):
1829         (WebCore::ContentSecurityPolicy::didReceiveHeaders):
1830         (WebCore::ContentSecurityPolicy::didReceiveHeader):
1831         (WebCore::ContentSecurityPolicy::reportViolation const):
1832         * page/csp/ContentSecurityPolicy.h:
1833         Modify existing functions to take the HTTP status code, store it in a instance variable,
1834         and reference this variable when reporting a violation.
1835
1836         * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
1837         (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
1838         (WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
1839         * page/csp/ContentSecurityPolicyResponseHeaders.h:
1840         (WebCore::ContentSecurityPolicyResponseHeaders::encode const):
1841         (WebCore::ContentSecurityPolicyResponseHeaders::decode):
1842         Store the HTTP status code along with the response headers.
1843
1844 2018-05-07  Daniel Bates  <dabates@apple.com>
1845
1846         CSP referrer incorrect for document blocked due to violation of its frame-ancestors directive
1847         https://bugs.webkit.org/show_bug.cgi?id=185380
1848
1849         Reviewed by Brent Fulgham.
1850
1851         Similar to <https://bugs.webkit.org/show_bug.cgi?id=185366>, fixes an issue where the referrer
1852         in the sent CSP report for an HTTP document blocked because its frame-ancestors directive was
1853         violated would be the referrer of the previously loaded document in the frame.
1854
1855         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for
1856         the referrer for the last request. Document::loader() returns the loader for the last committed
1857         document in its frame. For a frame-ancestors violation, a CSP report is sent before the document
1858         that had the frame-ancestors directive has been committed and after it has been associate with a
1859         frame. As a result we are in a transient transition state for the frame and hence the last request
1860         for the new document's loader (Document::loader()) is actually the last request of the previously
1861         loaded document in the frame. Instead we need to take care to tell CSP about the referrer for the
1862         request associated with the document the CSP came from.
1863
1864         * loader/DocumentLoader.cpp:
1865         (WebCore::DocumentLoader::responseReceived):
1866
1867 2018-05-07  Brent Fulgham  <bfulgham@apple.com>
1868
1869         Add experimental feature to prompt for Storage Access API use
1870         https://bugs.webkit.org/show_bug.cgi?id=185335
1871         <rdar://problem/39994649>
1872
1873         Reviewed by Alex Christensen and Youenn Fablet.
1874
1875         Create a new experimental feature that gates the ability of WebKit clients to prompt the user when
1876         Storage Access API is invoked.
1877
1878         Currently this feature doesn't have any user-visible impact.
1879
1880         * page/RuntimeEnabledFeatures.h:
1881         (WebCore::RuntimeEnabledFeatures::setStorageAccessPromptsEnabled):
1882         (WebCore::RuntimeEnabledFeatures::storageAccessPromptsEnabled const):
1883         * testing/InternalSettings.cpp:
1884         (WebCore::InternalSettings::Backup::Backup):
1885         (WebCore::InternalSettings::Backup::restoreTo):
1886         (WebCore::InternalSettings::setStorageAccessPromptsEnabled):
1887         * testing/InternalSettings.h:
1888         * testing/InternalSettings.idl:
1889
1890 2018-05-07  Chris Dumez  <cdumez@apple.com>
1891
1892         Stop using an iframe's id as fallback if its name attribute is not set
1893         https://bugs.webkit.org/show_bug.cgi?id=11388
1894
1895         Reviewed by Geoff Garen.
1896
1897         WebKit had logic to use an iframe's id as fallback name when its name
1898         content attribute is not set. This behavior was not standard and did not
1899         match other browsers:
1900         - https://html.spec.whatwg.org/#attr-iframe-name
1901
1902         Gecko / Trident never behaved this way. Blink was aligned with us until
1903         they started to match the specification in:
1904         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
1905
1906         This WebKit quirk was causing some Web-compatibility issues because it
1907         would affect the behavior of Window's name property getter when trying
1908         to look up an iframe by id. Because of Window's named property getter
1909         behavior [1], we would return the frame's contentWindow instead of the
1910         iframe element itself.
1911
1912         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
1913
1914         Test: fast/dom/Window/named-getter-frame-id.html
1915
1916         * html/HTMLFrameElementBase.cpp:
1917         (WebCore::HTMLFrameElementBase::openURL):
1918         (WebCore::HTMLFrameElementBase::parseAttribute):
1919         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
1920         * html/HTMLFrameElementBase.h:
1921
1922 2018-05-07  Chris Dumez  <cdumez@apple.com>
1923
1924         ASSERT(!childItemWithTarget(child->target())) is hit in HistoryItem::addChildItem()
1925         https://bugs.webkit.org/show_bug.cgi?id=185322
1926
1927         Reviewed by Geoff Garen.
1928
1929         We generate unique names for Frame to be used in HistoryItem. Those names not only
1930         need to be unique, they also need to be repeatable to avoid layout tests flakiness
1931         and for things like restoring form state from a HistoryItem.
1932
1933         The previously generated frame names were relying on the Frame's index among a
1934         parent Frame's children. The issue was that we could end up with duplicate names
1935         because one could insert a Frame *before* an existing one. This is because the code
1936         would not take care of updating existing Frames' unique name on frame tree mutation.
1937
1938         Updating frame tree names on mutation would be inefficient and is also not necessary.
1939         The approach chosen in this patch is to stop using the Frame's index and instead rely
1940         on an increasing counter stored on the top-frame's FrameTree. To make the names
1941         repeatable, we reset the counter on page navigation.
1942
1943         * page/Frame.cpp:
1944         (WebCore::Frame::setDocument):
1945         * page/FrameTree.cpp:
1946         (WebCore::FrameTree::uniqueChildName const):
1947         (WebCore::FrameTree::generateUniqueName const):
1948         * page/FrameTree.h:
1949         (WebCore::FrameTree::resetFrameIdentifiers):
1950
1951 2018-05-07  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1952
1953         [EME][GStreamer] Fix wrong subsample parsing on r227067
1954         https://bugs.webkit.org/show_bug.cgi?id=185382
1955
1956         Reviewed by Philippe Normand.
1957
1958         The initialization of sampleIndex should be moved outside of the loop.
1959         Without this patch we will have a bad log and the check of the subsample
1960         count will be useless.
1961
1962         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1963         (webKitMediaClearKeyDecryptorDecrypt):
1964
1965 2018-05-07  Daniel Bates  <dabates@apple.com>
1966
1967         CSP should be passed the referrer
1968         https://bugs.webkit.org/show_bug.cgi?id=185367
1969
1970         Reviewed by Per Arne Vollan.
1971
1972         As a step towards formalizing a CSP delegate object and removing the dependencies
1973         on ScriptExecutionContext and Frame, we should pass the document's referrer directly
1974         instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
1975         to instantiate the ContentSecurityPolicy object.
1976
1977         * dom/Document.cpp:
1978         (WebCore::Document::processHttpEquiv): Pass the document's referrer.
1979         (WebCore::Document::initSecurityContext): Ditto.
1980         (WebCore::Document::applyQuickLookSandbox): Ditto.
1981         * loader/DocumentLoader.cpp:
1982         (WebCore::DocumentLoader::responseReceived): Ditto.
1983         * loader/FrameLoader.cpp:
1984         (WebCore::FrameLoader::didBeginDocument): Ditto.
1985         * page/csp/ContentSecurityPolicy.cpp:
1986         (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
1987         to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
1988         fix up the referrer (m_referrer) after copying all the policy headers.
1989         (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
1990         (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
1991         it into an instance variable (m_referrer).
1992         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
1993         * page/csp/ContentSecurityPolicy.h:
1994         * workers/WorkerGlobalScope.cpp:
1995         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
1996         for the referrer as a worker does not have a referrer.
1997
1998 2018-05-07  Daniel Bates  <dabates@apple.com>
1999
2000         CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
2001         https://bugs.webkit.org/show_bug.cgi?id=185364
2002
2003         Reviewed by Brent Fulgham.
2004
2005         Notify Web Inspector that a script was blocked on the first enforced CSP policy that it
2006         violates.
2007
2008         A page can have more than one enforced Content Security Policy. Currently for inline
2009         scripts, inline event handlers, JavaScript URLs, and eval() that are blocked by CSP
2010         we notify Web Inspector that it was blocked for each CSP policy that blocked it. When
2011         Web Inspector is notified it pauses script execution. It does not seem very meaningful
2012         to pause script execution on the same script for each CSP policy that blocked it.
2013         Therefore, only tell Web Inspector that a script was blocked for the first enforced CSP
2014         policy that blocked it.
2015
2016         * page/csp/ContentSecurityPolicy.cpp:
2017         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
2018         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
2019         (WebCore::ContentSecurityPolicy::allowInlineScript const):
2020         (WebCore::ContentSecurityPolicy::allowEval const):
2021
2022 2018-05-07  Daniel Bates  <dabates@apple.com>
2023
2024         Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
2025         https://bugs.webkit.org/show_bug.cgi?id=185170
2026
2027         Reviewed by Per Arne Vollan.
2028
2029         Rename CrossOriginPreflightResultCache::empty() to CrossOriginPreflightResultCache::clear() make
2030         it consistent with the terminology we use in WebKit to signify a function that clears a collection.
2031         A member function named "empty" is expected to return an instance of a class in its "empty state".
2032         For example, StringImpl::empty() returns a StringImpl instance that represents the empty string.
2033         However CrossOriginPreflightResultCache::empty() clears out the cache in-place. We should rename
2034         this function to better describe its purpose.
2035
2036         * loader/CrossOriginPreflightResultCache.cpp:
2037         (WebCore::CrossOriginPreflightResultCache::clear):
2038         (WebCore::CrossOriginPreflightResultCache::empty): Deleted.
2039         * loader/CrossOriginPreflightResultCache.h:
2040
2041 2018-05-06  Dean Jackson  <dino@apple.com>
2042
2043         WebGL: Reset simulated values after validation fails
2044         https://bugs.webkit.org/show_bug.cgi?id=185363
2045         <rdar://problem/39733417>
2046
2047         Reviewed by Anders Carlsson.
2048
2049         While fixing a previous bug, I forgot to reset some values
2050         when validation fails. This caused a bug where a subsequent
2051         invalid call might use those values and escape detection.
2052
2053         Test: fast/canvas/webgl/index-validation-with-subsequent-draws.html
2054
2055         * html/canvas/WebGLRenderingContextBase.cpp:
2056         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Reset the
2057         sizes when validation fails.
2058         * html/canvas/WebGLRenderingContextBase.h:
2059
2060 2018-05-07  Ms2ger  <Ms2ger@igalia.com>
2061
2062         Support negative sw/sh values in createImageBitmap().
2063         https://bugs.webkit.org/show_bug.cgi?id=184449
2064
2065         Reviewed by Dean Jackson.
2066
2067         Tests: LayoutTests/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
2068                LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap.html
2069
2070         * html/ImageBitmap.cpp:
2071         (WebCore::ImageBitmap::createPromise): handle negative values per spec.
2072
2073 2018-05-07  Brian Burg  <bburg@apple.com>
2074
2075         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
2076         https://bugs.webkit.org/show_bug.cgi?id=184861
2077         <rdar://problem/39153768>
2078
2079         Reviewed by Timothy Hatcher.
2080
2081         Notify the client of the current connection count whenever a frontend connects or disconnects.
2082
2083         Covered by new API test.
2084
2085         * inspector/InspectorClient.h:
2086         (WebCore::InspectorClient::frontendCountChanged):
2087         * inspector/InspectorController.cpp:
2088         (WebCore::InspectorController::connectFrontend):
2089         (WebCore::InspectorController::disconnectFrontend):
2090         (WebCore::InspectorController::disconnectAllFrontends):
2091         * inspector/InspectorController.h:
2092
2093 2018-05-07  Eric Carlson  <eric.carlson@apple.com>
2094
2095         Text track cue logging should include cue text
2096         https://bugs.webkit.org/show_bug.cgi?id=185353
2097         <rdar://problem/40003565>
2098
2099         Reviewed by Youenn Fablet.
2100
2101         No new tests, tested manually.
2102
2103         * html/track/VTTCue.cpp:
2104         (WebCore::VTTCue::toJSONString const): Use toJSON.
2105         (WebCore::VTTCue::toJSON const): New.
2106         * html/track/VTTCue.h:
2107
2108         * platform/graphics/InbandTextTrackPrivateClient.h:
2109         (WebCore::GenericCueData::toJSONString const): Log m_content.
2110
2111         * platform/graphics/iso/ISOVTTCue.cpp:
2112         (WebCore::ISOWebVTTCue::toJSONString const): Log m_cueText.
2113
2114 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2115
2116         [LFC] Add assertions for stale Display::Box geometry
2117         https://bugs.webkit.org/show_bug.cgi?id=185357
2118
2119         Reviewed by Antti Koivisto.
2120
2121         Ensure that we don't access stale geometry of other boxes during layout.
2122         For example, in order to layout a block child we need the containing block's content box top/left and width (but not the height)
2123
2124         * layout/displaytree/DisplayBox.h:
2125         (WebCore::Display::Box::invalidateTop):
2126         (WebCore::Display::Box::invalidateLeft):
2127         (WebCore::Display::Box::invalidateWidth):
2128         (WebCore::Display::Box::invalidateHeight):
2129         (WebCore::Display::Box::hasValidPosition const):
2130         (WebCore::Display::Box::hasValidSize const):
2131         (WebCore::Display::Box::hasValidGeometry const):
2132         (WebCore::Display::Box::invalidatePosition):
2133         (WebCore::Display::Box::invalidateSize):
2134         (WebCore::Display::Box::setHasValidPosition):
2135         (WebCore::Display::Box::setHasValidSize):
2136         (WebCore::Display::Box::setHasValidGeometry):
2137         (WebCore::Display::Box::rect const):
2138         (WebCore::Display::Box::top const):
2139         (WebCore::Display::Box::left const):
2140         (WebCore::Display::Box::bottom const):
2141         (WebCore::Display::Box::right const):
2142         (WebCore::Display::Box::topLeft const):
2143         (WebCore::Display::Box::bottomRight const):
2144         (WebCore::Display::Box::size const):
2145         (WebCore::Display::Box::width const):
2146         (WebCore::Display::Box::height const):
2147         (WebCore::Display::Box::setRect):
2148         (WebCore::Display::Box::setTopLeft):
2149         (WebCore::Display::Box::setTop):
2150         (WebCore::Display::Box::setLeft):
2151         (WebCore::Display::Box::setSize):
2152         (WebCore::Display::Box::setWidth):
2153         (WebCore::Display::Box::setHeight):
2154
2155 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2156
2157         [LFC] Add BlockFormattingContext::computeStaticPosition
2158         https://bugs.webkit.org/show_bug.cgi?id=185352
2159
2160         Reviewed by Antti Koivisto.
2161
2162         This is the core logic for positioning inflow boxes in a block formatting context (very naive though).
2163
2164         * layout/blockformatting/BlockFormattingContext.cpp:
2165         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
2166         * layout/displaytree/DisplayBox.h:
2167
2168 2018-05-05  Sam Weinig  <sam@webkit.org>
2169
2170         Cleanup XMLHttpRequestUpload a little
2171         https://bugs.webkit.org/show_bug.cgi?id=185344
2172
2173         Reviewed by Yusuke Suzuki.
2174
2175         * bindings/js/JSXMLHttpRequestCustom.cpp:
2176         (WebCore::JSXMLHttpRequest::visitAdditionalChildren):
2177         Use auto to reduce redundancy.
2178
2179         * xml/XMLHttpRequest.cpp:
2180         (WebCore::XMLHttpRequest::upload):
2181         * xml/XMLHttpRequest.h:
2182         Switch upload() to return a reference.
2183         
2184         * xml/XMLHttpRequestUpload.cpp:
2185         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2186         (WebCore::XMLHttpRequestUpload::dispatchProgressEvent):
2187         * xml/XMLHttpRequestUpload.h:
2188         Cleanup formatting, modernize and switch XMLHttpRequest member from a pointer
2189         to a reference.
2190
2191 2018-05-05  Dean Jackson  <dino@apple.com>
2192
2193         Draw a drop-shadow behind the system preview badge
2194         https://bugs.webkit.org/show_bug.cgi?id=185356
2195         <rdar://problem/40004936>
2196
2197         Reviewed by Wenson Hsieh.
2198
2199         Draw a very subtle drop-shadow under the system
2200         preview badge so that it is more visible on a pure
2201         white background.
2202
2203         I also moved some code around to make it more clear
2204         and improved comments.
2205
2206         * rendering/RenderThemeIOS.mm:
2207         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2208
2209 2018-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2210
2211         [iOS] Multiple links in Mail are dropped in a single line, and are difficult to tell apart
2212         https://bugs.webkit.org/show_bug.cgi?id=185289
2213         <rdar://problem/35756912>
2214
2215         Reviewed by Tim Horton and Darin Adler.
2216
2217         When inserting multiple URLs as individual items in a single drop, we currently separate each item with a space
2218         (see r217284). However, it still seems difficult to tell dropped links apart. This patch makes some slight
2219         tweaks to WebContentReader::readURL so that it inserts line breaks before dropped URLs, if the dropped URL isn't
2220         the first item to be inserted in the resulting document fragment.
2221
2222         Augments existing API tests in DataInteractionTests.
2223
2224         * editing/ios/WebContentReaderIOS.mm:
2225
2226         Additionally remove some extraneous header imports from this implementation file.
2227
2228         (WebCore::WebContentReader::readURL):
2229
2230 2018-05-02  Dean Jackson  <dino@apple.com>
2231
2232         Use IOSurfaces for CoreImage operations where possible
2233         https://bugs.webkit.org/show_bug.cgi?id=185230
2234         <rdar://problem/39926929>
2235
2236         Reviewed by Jon Lee.
2237
2238         On iOS hardware, we can use IOSurfaces as a rendering destination
2239         for CoreImage, which means we're keeping data on the GPU
2240         for rendering.
2241
2242         As a drive-by fix, I used a convenience method for Gaussian blurs.
2243
2244         * rendering/RenderThemeIOS.mm:
2245         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2246
2247 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2248
2249         Shift to a lower-level framework for simplifying URLs
2250         https://bugs.webkit.org/show_bug.cgi?id=185334
2251
2252         Reviewed by Dan Bernstein.
2253
2254         * Configurations/WebCore.xcconfig:
2255         * platform/mac/DragImageMac.mm:
2256         (WebCore::LinkImageLayout::LinkImageLayout):
2257
2258 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2259
2260         Release assert in ScriptController::canExecuteScripts via HTMLMediaElement::~HTMLMediaElement()
2261         https://bugs.webkit.org/show_bug.cgi?id=185288
2262
2263         Reviewed by Jer Noble.
2264
2265         The crash is caused by HTMLMediaElement::~HTMLMediaElement canceling the resource load via CachedResource
2266         which ends up calling FrameLoader::checkCompleted() and fire load event on the document synchronously.
2267         Speculatively fix the crash by scheduling the check instead.
2268
2269         In long term, ResourceLoader::cancel should never fire load event synchronously: webkit.org/b/185284.
2270
2271         Unfortunately, no new tests since I can't get MediaResource to get destructed at the right time.
2272
2273         * html/HTMLMediaElement.cpp:
2274         (WebCore::HTMLMediaElement::isRunningDestructor): Added to detect this specific case.
2275         (WebCore::HTMLMediaElementDestructorScope): Added.
2276         (WebCore::HTMLMediaElementDestructorScope::HTMLMediaElementDestructorScope): Added.
2277         (WebCore::HTMLMediaElementDestructorScope::~HTMLMediaElementDestructorScope): Added.
2278         (WebCore::HTMLMediaElement::~HTMLMediaElement): Instantiate HTMLMediaElement.
2279         * html/HTMLMediaElement.h:
2280         * loader/FrameLoader.cpp:
2281         (WebCore::FrameLoader::checkCompleted): Call scheduleCheckCompleted instead of synchronously calling
2282         checkCompleted if we're in the middle of destructing a HTMLMediaElement.
2283
2284 2018-05-04  Ryosuke Niwa  <rniwa@webkit.org>
2285
2286         Rename DocumentOrderedMap to TreeScopeOrderedMap
2287         https://bugs.webkit.org/show_bug.cgi?id=185290
2288
2289         Reviewed by Zalan Bujtas.
2290
2291         Renamed the class since it's almost always a mistake to use this class as a member variable of Document.
2292
2293         * Sources.txt:
2294         * WebCore.xcodeproj/project.pbxproj:
2295         * dom/MouseRelatedEvent.cpp: Include the forgotten DOMWindow.h. Unified build files bit us here.
2296         * dom/TreeScope.cpp:
2297         (WebCore::TreeScope::addElementById):
2298         (WebCore::TreeScope::addElementByName):
2299         (WebCore::TreeScope::addImageMap):
2300         (WebCore::TreeScope::addImageElementByUsemap):
2301         (WebCore::TreeScope::labelElementForId):
2302         * dom/TreeScope.h:
2303         * dom/TreeScopeOrderedMap.cpp: Renamed from DocumentOrderedMap.cpp
2304         * dom/TreeScopeOrderedMap.h: Renamed from DocumentOrderedMap.h
2305         * html/HTMLDocument.h:
2306
2307 2018-05-04  Don Olmstead  <don.olmstead@sony.com>
2308
2309         [Win][WebKit] Fix forwarding headers for Windows build
2310         https://bugs.webkit.org/show_bug.cgi?id=184412
2311
2312         Reviewed by Alex Christensen.
2313
2314         No new tests. No change in behavior.
2315
2316         * PlatformWin.cmake:
2317
2318 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2319
2320         [Simple line layout] Add support for line layout box generation with multiple text renderers.
2321         https://bugs.webkit.org/show_bug.cgi?id=185276
2322
2323         Reviewed by Antti Koivisto.
2324
2325         Covered by existing tests.
2326
2327         * rendering/SimpleLineLayoutFunctions.cpp:
2328         (WebCore::SimpleLineLayout::canUseForLineBoxTree):
2329         (WebCore::SimpleLineLayout::generateLineBoxTree):
2330         * rendering/SimpleLineLayoutResolver.cpp:
2331         (WebCore::SimpleLineLayout::RunResolver::Run::renderer const):
2332         (WebCore::SimpleLineLayout::RunResolver::Run::localStart const):
2333         (WebCore::SimpleLineLayout::RunResolver::Run::localEnd const):
2334         * rendering/SimpleLineLayoutResolver.h:
2335
2336 2018-05-04  Timothy Hatcher  <timothy@apple.com>
2337
2338         Deprecate legacy WebView and friends
2339         https://bugs.webkit.org/show_bug.cgi?id=185279
2340         rdar://problem/33268700
2341
2342         Reviewed by Tim Horton.
2343
2344         * Configurations/WebCore.xcconfig:
2345         Added BUILDING_WEBKIT define to disable the deprecation macros.
2346         * bridge/objc/WebScriptObject.h:
2347         Added deprecation macros to WebScriptObject and WebUndefined.
2348         * platform/cocoa/WebKitAvailability.h:
2349         Added more macros and a way to disable deprecation warnings for
2350         WebKit build and in clients like Safari.
2351
2352 2018-05-04  Eric Carlson  <eric.carlson@apple.com>
2353
2354         Log media time range as JSON
2355         https://bugs.webkit.org/show_bug.cgi?id=185321
2356         <rdar://problem/39986746>
2357
2358         Reviewed by Youenn Fablet.
2359
2360         No new tests, tested manually.
2361
2362         * html/HTMLMediaElement.cpp:
2363         (WebCore::HTMLMediaElement::addPlayedRange): Log as time range.
2364         (WebCore::HTMLMediaElement::visibilityStateChanged): Cleanup.
2365
2366         * platform/graphics/MediaPlayer.h:
2367         (WTF::LogArgument<MediaTime>::toString):
2368         (WTF::LogArgument<MediaTimeRange>::toString):
2369
2370         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2371         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Log error as time range.
2372
2373 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2374
2375         Use the containing block to compute the pagination gap when the container is inline.
2376         https://bugs.webkit.org/show_bug.cgi?id=184724
2377         <rdar://problem/39521800>
2378
2379         Reviewed by Simon Fraser.
2380
2381         Test: fast/overflow/page-overflow-with-inline-body-crash.html
2382
2383         * page/FrameView.cpp:
2384         (WebCore::FrameView::applyPaginationToViewport):
2385
2386 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2387
2388         Don't use GSFont* in minimal simulator mode
2389         https://bugs.webkit.org/show_bug.cgi?id=185320
2390         <rdar://problem/39734478>
2391
2392         Reviewed by Beth Dakin.
2393
2394         * page/cocoa/MemoryReleaseCocoa.mm:
2395         (WebCore::platformReleaseMemory):
2396
2397 2018-05-04  Chris Dumez  <cdumez@apple.com>
2398
2399         Unreviewed, rolling out r231331.
2400
2401         Caused a few tests to assert
2402
2403         Reverted changeset:
2404
2405         "Stop using an iframe's id as fallback if its name attribute
2406         is not set"
2407         https://bugs.webkit.org/show_bug.cgi?id=11388
2408         https://trac.webkit.org/changeset/231331
2409
2410 2018-05-04  Youenn Fablet  <youenn@apple.com>
2411
2412         Use more references in updateTracksOfType
2413         https://bugs.webkit.org/show_bug.cgi?id=185305
2414
2415         Reviewed by Eric Carlson.
2416
2417         No change of behavior.
2418
2419         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2420         (WebCore::updateTracksOfType):
2421         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
2422
2423 2018-05-04  Myles C. Maxfield  <mmaxfield@apple.com>
2424
2425         Text shaping in the simple path is flipped in the y direction
2426         https://bugs.webkit.org/show_bug.cgi?id=185062
2427         <rdar://problem/39778678>
2428
2429         Reviewed by Simon Fraser.
2430
2431         Shaping in our simple codepath occurs in an "increasing-y-goes-up" coordinate system, but our painting
2432         code uses an "increasing-y-goes-down" coordinate system. We weren't fixing up the coordinate systems
2433         because we never noticed. This is because the simple codepath is only designed for kerning and ligatures,
2434         neither of which move glyphs vertically in the common case.
2435
2436         Test: fast/text/vertical-displacement-simple-codepath.html
2437
2438         * platform/graphics/Font.cpp:
2439         (WebCore::Font::applyTransforms const):
2440         * platform/graphics/WidthIterator.cpp:
2441         (WebCore::WidthIterator::applyFontTransforms):
2442
2443 2018-05-04  Chris Nardi  <cnardi@chromium.org>
2444
2445         Serialize all URLs with double-quotes per CSSOM spec
2446         https://bugs.webkit.org/show_bug.cgi?id=184935
2447
2448         Reviewed by Antti Koivisto.
2449
2450         According to https://drafts.csswg.org/cssom/#serialize-a-url, all URLs should be serialized as strings,
2451         which means they should have double quotes around the text of the URL. Update our implementation to match
2452         this (and Firefox/Chrome). Also remove isCSSTokenizerURL() as this method is no longer needed.
2453
2454         Tests: Many LayoutTests updated to use double quotes.
2455
2456         * css/CSSMarkup.cpp:
2457         (WebCore::serializeString): Remove FIXME as this was already fixed in a previous patch.
2458         (WebCore::serializeURL): Remove FIXME and update implementation.
2459
2460 2018-05-04  Youenn Fablet  <youenn@apple.com>
2461
2462         LayoutTests/fast/mediastream/change-tracks-media-stream-being-played.html is crashing after r231304
2463         https://bugs.webkit.org/show_bug.cgi?id=185303
2464
2465         Reviewed by Eric Carlson.
2466
2467         We need to stop observing the audio track like we do for video track once we are no longer interested in it.
2468         Covered by test no longer crashing.
2469
2470         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2471         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
2472
2473 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2474
2475         [LFC] Set the invalidation root as the result of style change.
2476         https://bugs.webkit.org/show_bug.cgi?id=185301
2477
2478         Reviewed by Antti Koivisto.
2479
2480         Compute/propagate the update type on the ancestor chain and return the invalidation root
2481         so that LayoutContext could use it as the entry point for the next layout frame.
2482
2483         * layout/LayoutContext.cpp:
2484         (WebCore::Layout::LayoutContext::updateLayout):
2485         (WebCore::Layout::LayoutContext::styleChanged):
2486         * layout/LayoutContext.h: order is not important.
2487         * layout/blockformatting/BlockInvalidation.cpp:
2488         (WebCore::Layout::invalidationStopsAtFormattingContextBoundary):
2489         (WebCore::Layout::computeUpdateType):
2490         (WebCore::Layout::computeUpdateTypeForAncestor):
2491         (WebCore::Layout::BlockInvalidation::invalidate):
2492         * layout/blockformatting/BlockInvalidation.h:
2493         * layout/inlineformatting/InlineInvalidation.cpp:
2494         (WebCore::Layout::InlineInvalidation::invalidate):
2495         * layout/inlineformatting/InlineInvalidation.h:
2496
2497 2018-05-04  Youenn Fablet  <youenn@apple.com>
2498
2499         PeerConnection should have its connectionState closed even if doing gathering
2500         https://bugs.webkit.org/show_bug.cgi?id=185267
2501
2502         Reviewed by Darin Adler.
2503
2504         Test: webrtc/addICECandidate-closed.html
2505
2506         In case m_iceConnectionState is closed, m_connectionState should also be set to closed
2507         and RTCPeerConnection should be closed so as to reject any other call.
2508
2509         * Modules/mediastream/RTCPeerConnection.cpp:
2510         (WebCore::RTCPeerConnection::close):
2511         (WebCore::RTCPeerConnection::updateConnectionState):
2512
2513 2018-05-04  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2514
2515         [MSE][GStreamer] Delete properly the stream from the WebKitMediaSource
2516         https://bugs.webkit.org/show_bug.cgi?id=185242
2517
2518         Reviewed by Xabier Rodriguez-Calvar.
2519
2520         When the sourceBuffer is removed from mediasource, the appropriate stream is not
2521         properly deleted from WebKitMediaSource, because the appsrc and parser elements
2522         of the stream are not removed from the WebKitMediaSource bin.
2523
2524         This patch avoids the regression of r231089, see https://bugs.webkit.org/show_bug.cgi?id=185071
2525
2526         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
2527         (webKitMediaSrcFreeStream):
2528
2529 2018-05-04  Carlos Garcia Campos  <cgarcia@igalia.com>
2530
2531         [GTK] Epiphany (GNOME Web) says "Error downloading: Service Unavailable." when trying to download an image from discogs.com
2532         https://bugs.webkit.org/show_bug.cgi?id=174730
2533
2534         Reviewed by Michael Catanzaro.
2535
2536         Export ResourceRequestBase::hasHTTPHeaderField().
2537
2538         * platform/network/ResourceRequestBase.h:
2539
2540 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2541
2542         Use subprocess.call instead of os.system to handle path with spaces
2543         https://bugs.webkit.org/show_bug.cgi?id=185291
2544
2545         Reviewed by Darin Adler.
2546
2547         If gperf path includes spaces, these python scripts fail to execute gperf.
2548         We use subprocess module instead of os.system to invoke gperf.
2549
2550         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
2551         * css/makeSelectorPseudoElementsMap.py:
2552         * platform/network/create-http-header-name-table:
2553
2554 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2555
2556         Unreviewed, attempt to fix WinCairo build failure
2557         https://bugs.webkit.org/show_bug.cgi?id=185218
2558
2559         * platform/text/win/LocaleWin.cpp:
2560         (WebCore::LocaleWin::getLocaleInfoString):
2561
2562 2018-05-03  Filip Pizlo  <fpizlo@apple.com>
2563
2564         Strings should not be allocated in a gigacage
2565         https://bugs.webkit.org/show_bug.cgi?id=185218
2566
2567         Reviewed by Saam Barati.
2568
2569         No new tests because no new behavior.
2570
2571         * Modules/indexeddb/server/IDBSerialization.cpp:
2572         (WebCore::decodeKey):
2573         * bindings/js/SerializedScriptValue.cpp:
2574         (WebCore::CloneDeserializer::readString):
2575         * html/canvas/CanvasRenderingContext2D.cpp:
2576         (WebCore::normalizeSpaces):
2577         * html/parser/HTMLTreeBuilder.cpp:
2578         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
2579         * platform/URLParser.cpp:
2580         (WebCore::percentEncodeByte):
2581         (WebCore::serializeURLEncodedForm):
2582         (WebCore::URLParser::serialize):
2583         * platform/URLParser.h:
2584         * platform/graphics/FourCC.cpp:
2585         (WebCore::FourCC::toString const):
2586         * platform/graphics/ca/GraphicsLayerCA.cpp:
2587         (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
2588         * platform/text/LocaleICU.cpp:
2589         (WebCore::LocaleICU::decimalSymbol):
2590         (WebCore::LocaleICU::decimalTextAttribute):
2591         (WebCore::getDateFormatPattern):
2592         (WebCore::LocaleICU::createLabelVector):
2593         (WebCore::getFormatForSkeleton):
2594         * platform/win/FileSystemWin.cpp:
2595         (WebCore::FileSystem::getFinalPathName):
2596         (WebCore::FileSystem::pathByAppendingComponent):
2597         (WebCore::FileSystem::storageDirectory):
2598
2599 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
2600
2601         Widgets should hold a WeakPtr to their parents
2602         https://bugs.webkit.org/show_bug.cgi?id=185239
2603         <rdar://problem/39741250>
2604
2605         Reviewed by Zalan Bujtas.
2606
2607         * platform/ScrollView.h:
2608         (WebCore::ScrollView::weakPtrFactory): Added.
2609         * platform/Widget.cpp:
2610         (WebCore::Widget::init): Don't perform an unnecessary assignment.
2611         (WebCore::Widget::setParent): Grab a WeakPtr to the parent ScrollView.
2612         * platform/Widget.h:
2613         (WebCore::Widget::parent const): Change type to a WeakPtr.
2614
2615 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
2616
2617         Use pointer instead of std::optional<T&>
2618         https://bugs.webkit.org/show_bug.cgi?id=185186
2619
2620         Reviewed by Alex Christensen.
2621
2622         std::optional<T&> is not accepted in C++17 spec.
2623         In this patch, we replace it with T*, which is well-aligned to
2624         WebKit's convention.
2625
2626         * Modules/mediastream/RTCPeerConnection.cpp:
2627         (WebCore::iceServersFromConfiguration):
2628         (WebCore::RTCPeerConnection::initializeConfiguration):
2629         (WebCore::RTCPeerConnection::setConfiguration):
2630         * css/parser/CSSParser.cpp:
2631         (WebCore::CSSParser::parseSystemColor):
2632         * css/parser/CSSParser.h:
2633         * dom/DatasetDOMStringMap.cpp:
2634         (WebCore::DatasetDOMStringMap::item const):
2635         (WebCore::DatasetDOMStringMap::namedItem const):
2636         (WebCore:: const): Deleted.
2637         * dom/DatasetDOMStringMap.h:
2638         * dom/Element.cpp:
2639         (WebCore::Element::insertAdjacentHTML):
2640         * dom/Element.h:
2641         * html/canvas/CanvasStyle.cpp:
2642         (WebCore::parseColor):
2643         * inspector/DOMEditor.cpp:
2644         * platform/network/curl/CurlFormDataStream.cpp:
2645         (WebCore::CurlFormDataStream::getPostData):
2646         (): Deleted.
2647         * platform/network/curl/CurlFormDataStream.h:
2648         * platform/network/curl/CurlRequest.cpp:
2649         (WebCore::CurlRequest::setupPOST):
2650         * testing/MockCDMFactory.cpp:
2651         (WebCore::MockCDMFactory::keysForSessionWithID const):
2652         (WebCore::MockCDMInstance::updateLicense):
2653         (WebCore:: const): Deleted.
2654         * testing/MockCDMFactory.h:
2655
2656 2018-05-03  Chris Dumez  <cdumez@apple.com>
2657
2658         Stop using an iframe's id as fallback if its name attribute is not set
2659         https://bugs.webkit.org/show_bug.cgi?id=11388
2660
2661         Reviewed by Geoff Garen.
2662
2663         WebKit had logic to use an iframe's id as fallback name when its name
2664         content attribute is not set. This behavior was not standard and did not
2665         match other browsers:
2666         - https://html.spec.whatwg.org/#attr-iframe-name
2667
2668         Gecko / Trident never behaved this way. Blink was aligned with us until
2669         they started to match the specification in:
2670         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2671
2672         This WebKit quirk was causing some Web-compatibility issues because it
2673         would affect the behavior of Window's name property getter when trying
2674         to look up an iframe by id. Because of Window's named property getter
2675         behavior [1], we would return the frame's contentWindow instead of the
2676         iframe element itself.
2677
2678         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2679
2680         Test: fast/dom/Window/named-getter-frame-id.html
2681
2682         * html/HTMLFrameElementBase.cpp:
2683         (WebCore::HTMLFrameElementBase::openURL):
2684         (WebCore::HTMLFrameElementBase::parseAttribute):
2685         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2686         * html/HTMLFrameElementBase.h:
2687
2688 2018-05-03  Eric Carlson  <eric.carlson@apple.com>
2689
2690         [iOS] Internal text and audio tracks not in fullscreen menu
2691         https://bugs.webkit.org/show_bug.cgi?id=185268
2692         <rdar://problem/38673440>
2693
2694         Reviewed by Jer Noble.
2695
2696         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
2697         (WebCore::PlaybackSessionModelMediaElement::setMediaElement): 'addtrack' and 'removetrack'
2698         events are fired at the track lists, not the media element.
2699
2700 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2701
2702         Using image map inside a shadow tree results hits a release assert in DocumentOrderedMap::add
2703         https://bugs.webkit.org/show_bug.cgi?id=185238
2704
2705         Reviewed by Antti Koivisto.
2706
2707         The bug was caused by DocumentOrderedMap for the image elements with usemap being stored in Document
2708         even if those image elements were in a shadow tree. Fixed the bug by moving the map to TreeScope.
2709
2710         Test: fast/images/imagemap-in-nested-shadow-tree.html
2711               fast/images/imagemap-in-shadow-tree.html
2712
2713         * dom/Document.cpp:
2714         (WebCore::Document::addImageElementByUsemap): Moved to TreeScope.
2715         (WebCore::Document::removeImageElementByUsemap): Ditto.
2716         (WebCore::Document::imageElementByUsemap const): Ditto.
2717         * dom/Document.h:
2718         * dom/TreeScope.cpp:
2719         (WebCore::TreeScope::destroyTreeScopeData): Clear m_imagesByUsemap as well as m_elementsByName.
2720         (WebCore::TreeScope::getImageMap const): Removed the code to parse usemap. RenderImage::imageMap()
2721         which used to call this function with the raw value of the usemap content attribute now calls it
2722         via HTMLImageElement::associatedMapElement(), which uses the parsed usemap.
2723         (WebCore::TreeScope::addImageElementByUsemap): Moved from Document.
2724         (WebCore::TreeScope::removeImageElementByUsemap): Ditto.
2725         (WebCore::TreeScope::imageElementByUsemap const): Ditto.
2726         * dom/TreeScope.h:
2727         * html/HTMLImageElement.cpp:
2728         (WebCore::HTMLImageElement::parseAttribute):
2729         (WebCore::HTMLImageElement::insertedIntoAncestor): This image element can be associated with a map element
2730         if it's connected to a document.
2731         (WebCore::HTMLImageElement::removedFromAncestor):
2732         (WebCore::HTMLImageElement::associatedMapElement const):
2733         * html/HTMLImageElement.h:
2734         * html/HTMLMapElement.cpp:
2735         (WebCore::HTMLMapElement::imageElement):
2736         * rendering/RenderImage.cpp:
2737         (WebCore::RenderImage::imageMap const):
2738
2739 2018-05-03  Justin Fan  <justin_fan@apple.com>
2740
2741         [WebGL] Add runtime flag for enabling ASTC support in WebGL
2742         https://bugs.webkit.org/show_bug.cgi?id=184840
2743
2744         Reviewed by Myles C. Maxfield.
2745
2746         Added runtime flag for ASTC support in WebGL, to turn on/off when extension is implemented.
2747
2748         * page/RuntimeEnabledFeatures.h:
2749         (WebCore::RuntimeEnabledFeatures::setWebGLCompressedTextureASTCSupportEnabled):
2750         (WebCore::RuntimeEnabledFeatures::webGLCompressedTextureASTCSupportEnabled const):
2751
2752 2018-05-03  Chris Nardi  <cnardi@chromium.org>
2753
2754         Remove [NoInterfaceObject] from DOMRectList
2755         https://bugs.webkit.org/show_bug.cgi?id=185255
2756
2757         Reviewed by Chris Dumez.
2758
2759         In https://github.com/w3c/fxtf-drafts/issues/233, [NoInterfaceObject] was removed
2760         from DOMRectList. Remove it from our implementation to match the spec, as well as
2761         Chrome and Firefox.
2762
2763         Updated web platform tests IDL test for the Geometry spec.
2764
2765         * dom/DOMRectList.idl:
2766
2767 2018-05-03  Chris Dumez  <cdumez@apple.com>
2768
2769         REGRESSION(iOS 11.3): Crashes in TimerBase::~TimerBase() in Tencent x5gamehelper
2770         https://bugs.webkit.org/show_bug.cgi?id=185073
2771         <rdar://problem/39821223>
2772
2773         Reviewed by Alexey Proskuryakov.
2774
2775         The following changes were made:
2776         - Make sure SocketStream callbacks are always scheduled on the right runloop:
2777           WebThreadRunLoop() on WebKitLegacy iOS, loaderRunLoop() on Windows and
2778           main runloop otherwise.
2779         - When the SocketStream callbacks are called, unconditionally call callOnMainThreadAndWait()
2780           before calling methods on the SocketStream client. Previously, this code path
2781           was specific to Windows but there is no reason to have platform-specific code here.
2782           callOnMainThreadAndWait() calls the function right away if we're already on the main
2783           thread, which will be the case on other platform than Windows.
2784
2785         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
2786         (WebCore::callbacksRunLoop):
2787         (WebCore::callbacksRunLoopMode):
2788         (WebCore::SocketStreamHandleImpl::scheduleStreams):
2789         (WebCore::SocketStreamHandleImpl::pacExecutionCallback):
2790         (WebCore::SocketStreamHandleImpl::executePACFileURL):
2791         (WebCore::SocketStreamHandleImpl::removePACRunLoopSource):
2792         (WebCore::SocketStreamHandleImpl::readStreamCallback):
2793         (WebCore::SocketStreamHandleImpl::writeStreamCallback):
2794         (WebCore::SocketStreamHandleImpl::platformClose):
2795
2796 2018-05-03  Zalan Bujtas  <zalan@apple.com>
2797
2798         [LFC] Enable multiple layout roots for incremental layout.
2799         https://bugs.webkit.org/show_bug.cgi?id=185185
2800
2801         Reviewed by Antti Koivisto.
2802
2803         With certain type of style changes, we can stop the box invalidation at the formatting context boundary.
2804         When multiple boxes need updating in different formatting contexts, instead of marking the parent containing block chain all
2805         the way up to a common ancestor, we could just work with a list of layout entry points per layout frame.
2806
2807         * layout/FormattingState.h:
2808         * layout/LayoutContext.cpp:
2809         (WebCore::Layout::LayoutContext::updateLayout):
2810         (WebCore::Layout::LayoutContext::addLayoutEntryPoint):
2811         * layout/LayoutContext.h:
2812
2813 2018-05-03  Zalan Bujtas  <zalan@apple.com>
2814
2815         [LFC] Box invalidation logic should go to dedicated classes.
2816         https://bugs.webkit.org/show_bug.cgi?id=185249
2817
2818         Reviewed by Antti Koivisto.
2819
2820         Each formatting context can initiate a different type of invalidation when
2821         style attribute changes in a box.
2822
2823         * Sources.txt:
2824         * WebCore.xcodeproj/project.pbxproj:
2825         * layout/FormattingState.cpp:
2826         (WebCore::Layout::FormattingState::FormattingState):
2827         * layout/FormattingState.h:
2828         (WebCore::Layout::FormattingState::isBlockFormattingState const):
2829         (WebCore::Layout::FormattingState::isInlineFormattingState const):
2830         * layout/LayoutContext.cpp:
2831         (WebCore::Layout::LayoutContext::styleChanged):
2832         (WebCore::Layout::LayoutContext::markNeedsUpdate):
2833         * layout/LayoutContext.h:
2834         * layout/blockformatting/BlockFormattingState.cpp:
2835         (WebCore::Layout::BlockFormattingState::BlockFormattingState):
2836         * layout/blockformatting/BlockFormattingState.h:
2837         * layout/blockformatting/BlockInvalidation.cpp: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.cpp.
2838         (WebCore::Layout::BlockInvalidation::invalidate):
2839         * layout/blockformatting/BlockInvalidation.h: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.h.
2840         * layout/inlineformatting/InlineFormattingState.cpp:
2841         (WebCore::Layout::InlineFormattingState::InlineFormattingState):
2842         * layout/inlineformatting/InlineFormattingState.h:
2843         * layout/inlineformatting/InlineInvalidation.cpp: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.cpp.
2844         (WebCore::Layout::InlineInvalidation::invalidate):
2845         * layout/inlineformatting/InlineInvalidation.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.h.
2846
2847 2018-05-03  Michael Catanzaro  <mcatanzaro@igalia.com>
2848
2849         WebKit should send fake macOS user agent to docs.google.com
2850         https://bugs.webkit.org/show_bug.cgi?id=185165
2851
2852         Reviewed by Carlos Garcia Campos.
2853
2854         * platform/UserAgentQuirks.cpp:
2855         (WebCore::urlRequiresMacintoshPlatform):
2856         (WebCore::urlRequiresLinuxDesktopPlatform):
2857
2858 2018-05-03  Commit Queue  <commit-queue@webkit.org>
2859
2860         Unreviewed, rolling out r231223 and r231288.
2861         https://bugs.webkit.org/show_bug.cgi?id=185256
2862
2863         The change in r231223 breaks internal builds, and r231288 is a
2864         dependent change. (Requested by ryanhaddad on #webkit).
2865
2866         Reverted changesets:
2867
2868         "Use default std::optional if it is provided"
2869         https://bugs.webkit.org/show_bug.cgi?id=185159
2870         https://trac.webkit.org/changeset/231223
2871
2872         "Use pointer instead of
2873         std::optional<std::reference_wrapper<>>"
2874         https://bugs.webkit.org/show_bug.cgi?id=185186
2875         https://trac.webkit.org/changeset/231288
2876
2877 2018-05-03  Ryan Haddad  <ryanhaddad@apple.com>
2878
2879         Unreviewed, rolling out r231253.
2880
2881         The API test added with this change is crashing on the bots.
2882
2883         Reverted changeset:
2884
2885         "Web Inspector: opt out of process swap on navigation if a Web
2886         Inspector frontend is connected"
2887         https://bugs.webkit.org/show_bug.cgi?id=184861
2888         https://trac.webkit.org/changeset/231253
2889
2890 2018-05-03  Youenn Fablet  <youenn@apple.com>
2891
2892         A MediaStream being played should allow removing some of its tracks
2893         https://bugs.webkit.org/show_bug.cgi?id=185233
2894
2895         Reviewed by Eric Carlson.
2896
2897         Update the tracks out of the for loop.
2898         Test: fast/mediastream/change-tracks-media-stream-being-played.html
2899
2900         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2901         (WebCore::updateTracksOfType):
2902
2903 2018-05-03  Miguel Gomez  <magomez@igalia.com>
2904
2905         WebCore::TextureMapperLayer object used after freed
2906         https://bugs.webkit.org/show_bug.cgi?id=184729
2907
2908         Reviewed by Michael Catanzaro.
2909
2910         Replace the raw pointers with WeakPtr for effectTarget, maskLayer and replicaLayer
2911         inside TextureMapperLayer.
2912
2913         * platform/graphics/texmap/TextureMapperLayer.cpp:
2914         (WebCore::TextureMapperLayer::~TextureMapperLayer):
2915         (WebCore::TextureMapperLayer::setMaskLayer):
2916         (WebCore::TextureMapperLayer::setReplicaLayer):
2917         * platform/graphics/texmap/TextureMapperLayer.h:
2918
2919 2018-05-03  Basuke Suzuki  <Basuke.Suzuki@sony.com>
2920
2921         [Curl] Add OpenSSL/LibreSSL multi-threading support
2922         https://bugs.webkit.org/show_bug.cgi?id=185138
2923
2924         The older OpenSSL manual says the locking_function and threadid_function should
2925         be set when use it in multi-threading environment. This applies to LibreSSL also.
2926         https://www.openssl.org/docs/man1.0.2/crypto/threads.html
2927
2928         For unix and other similar os, the default threadId_function implementation is
2929         good enough. We'll set custom callback only for Windows OS.
2930
2931         Note it's not required for OpenSSL 1.1.0 and after.
2932         https://www.openssl.org/blog/blog/2017/02/21/threads/
2933
2934         Reviewed by Per Arne Vollan.
2935
2936         * platform/network/curl/CurlSSLHandle.cpp:
2937         (WebCore::CurlSSLHandle::CurlSSLHandle):
2938         (WebCore::CurlSSLHandle::ThreadSupport::ThreadSupport):
2939         (WebCore::CurlSSLHandle::ThreadSupport::lockingCallback):
2940         (WebCore::CurlSSLHandle::ThreadSupport::threadIdCallback):
2941         * platform/network/curl/CurlSSLHandle.h:
2942         (WebCore::CurlSSLHandle::ThreadSupport::setup):
2943         (WebCore::CurlSSLHandle::ThreadSupport::singleton):
2944         (WebCore::CurlSSLHandle::ThreadSupport::lock):
2945         (WebCore::CurlSSLHandle::ThreadSupport::unlock):
2946
2947 2018-05-02  Ryosuke Niwa  <rniwa@webkit.org>
2948
2949         Remove superfluous check for a null attribute value check in Element::removeAttributeInternal
2950         https://bugs.webkit.org/show_bug.cgi?id=185227
2951
2952         Reviewed by Chris Dumez.
2953
2954         Removed the check. The attribute value string can never be null.
2955
2956         * dom/Element.cpp:
2957         (WebCore::Element::removeAttributeInternal):
2958
2959 2018-05-02  Zalan Bujtas  <zalan@apple.com>
2960
2961         [LFC] Implement LayoutContext::createDisplayBox
2962         https://bugs.webkit.org/show_bug.cgi?id=185158
2963
2964         Reviewed by Antti Koivisto.
2965
2966         Now compute*() functions take both the const layout and the corresponding non-const display boxes.
2967         Display boxes are owned by the LayoutContext and they don't form a tree structure (only implicitly through the layout tree).
2968         (This might need to change in the future if we decide to arrange them in some sort of painting order)
2969
2970         * layout/FloatingContext.cpp:
2971         (WebCore::Layout::FloatingContext::computePosition):
2972         * layout/FloatingContext.h:
2973         * layout/FormattingContext.cpp:
2974         (WebCore::Layout::FormattingContext::computeStaticPosition const):
2975         (WebCore::Layout::FormattingContext::computeInFlowPositionedPosition const):
2976         (WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
2977         (WebCore::Layout::FormattingContext::computeWidth const):
2978         (WebCore::Layout::FormattingContext::computeHeight const):
2979         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
2980         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
2981         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
2982         (WebCore::Layout::FormattingContext::computeFloatingHeight const):
2983         * layout/FormattingContext.h:
2984         * layout/LayoutContext.cpp:
2985         (WebCore::Layout::LayoutContext::createDisplayBox):
2986         * layout/LayoutContext.h:
2987         (WebCore::Layout::LayoutContext::displayBoxForLayoutBox const):
2988         * layout/blockformatting/BlockFormattingContext.cpp:
2989         (WebCore::Layout::BlockFormattingContext::layout const):
2990         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
2991         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
2992         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
2993         * layout/blockformatting/BlockFormattingContext.h:
2994         * layout/displaytree/DisplayBox.h:
2995         (WebCore::Display::Box::parent const): Deleted.
2996         (WebCore::Display::Box::nextSibling const): Deleted.
2997         (WebCore::Display::Box::previousSibling const): Deleted.
2998         (WebCore::Display::Box::firstChild const): Deleted.
2999         (WebCore::Display::Box::lastChild const): Deleted.
3000         (WebCore::Display::Box::setParent): Deleted.
3001         (WebCore::Display::Box::setNextSibling): Deleted.
3002         (WebCore::Display::Box::setPreviousSibling): Deleted.
3003         (WebCore::Display::Box::setFirstChild): Deleted.
3004         (WebCore::Display::Box::setLastChild): Deleted.
3005         (): Deleted.
3006         * layout/inlineformatting/InlineFormattingContext.cpp:
3007         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
3008         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
3009         * layout/inlineformatting/InlineFormattingContext.h:
3010
3011 2018-05-02  Said Abou-Hallawa  <sabouhallawa@apple.com>
3012
3013         Hiding then showing an <object> of type image makes the underlaying image disappear
3014         https://bugs.webkit.org/show_bug.cgi?id=185216
3015         <rdar://problem/39055630>
3016
3017         Reviewed by Youenn Fablet.
3018
3019         Ensure the HTMLPlugInImageElement updates the RenderImageResource of its
3020         RenderImage with the CachedImage of its ImageLoader when the RenderImage
3021         is recreated.
3022
3023         Test: fast/images/object-image-hide-show.html
3024
3025         * html/HTMLPlugInImageElement.cpp:
3026         (WebCore::HTMLPlugInImageElement::didAttachRenderers):
3027         This is very similar to what we do in HTMLImageElement::didAttachRenderers().
3028
3029
3030 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3031
3032         Use RetainPtr for form input type
3033         https://bugs.webkit.org/show_bug.cgi?id=185210
3034         <rdar://problem/39734040>
3035
3036         Reviewed by Ryosuke Niwa.
3037
3038         Refactor our HTMLInputElement class to store its InputType member as a RefPtr.
3039
3040         Test: fast/forms/access-key-mutation-2.html.
3041
3042         * html/HTMLInputElement.cpp:
3043         (WebCore::HTMLInputElement::HTMLInputElement):
3044         (WebCore::HTMLInputElement::didAddUserAgentShadowRoot):
3045         (WebCore::HTMLInputElement::accessKeyAction):
3046         (WebCore::HTMLInputElement::parseAttribute):
3047         (WebCore::HTMLInputElement::appendFormData):
3048         * html/HTMLInputElement.h:
3049         * html/InputType.cpp:
3050         (WebCore::createInputType):
3051         (WebCore::InputType::create):
3052         (WebCore::InputType::createText):
3053         * html/InputType.h:
3054
3055 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3056
3057         Use pointer instead of std::optional<std::reference_wrapper<>>
3058         https://bugs.webkit.org/show_bug.cgi?id=185186
3059
3060         Reviewed by Alex Christensen.
3061
3062         std::optional<T&> is not accepted in C++17 spec. So we replaced it
3063         with std::optional<std::reference_wrapper<T>>.
3064
3065         In this patch, we replace it with T*, which is well-aligned to
3066         WebKit's convention.
3067
3068         * Modules/mediastream/RTCPeerConnection.cpp:
3069         (WebCore::iceServersFromConfiguration):
3070         (WebCore::RTCPeerConnection::initializeConfiguration):
3071         (WebCore::RTCPeerConnection::setConfiguration):
3072         * css/parser/CSSParser.cpp:
3073         (WebCore::CSSParser::parseSystemColor):
3074         * css/parser/CSSParser.h:
3075         * dom/DatasetDOMStringMap.cpp:
3076         (WebCore::DatasetDOMStringMap::item const):
3077         (WebCore::DatasetDOMStringMap::namedItem const):
3078         * dom/DatasetDOMStringMap.h:
3079         * dom/Element.cpp:
3080         (WebCore::Element::insertAdjacentHTML):
3081         * dom/Element.h:
3082         * html/canvas/CanvasStyle.cpp:
3083         (WebCore::parseColor):
3084         * inspector/DOMEditor.cpp:
3085         * platform/network/curl/CurlFormDataStream.cpp:
3086         (WebCore::CurlFormDataStream::getPostData):
3087         * platform/network/curl/CurlFormDataStream.h:
3088         * platform/network/curl/CurlRequest.cpp:
3089         (WebCore::CurlRequest::setupPOST):
3090         * testing/MockCDMFactory.cpp:
3091         (WebCore::MockCDMFactory::keysForSessionWithID const):
3092         (WebCore::MockCDMInstance::updateLicense):
3093         * testing/MockCDMFactory.h:
3094
3095 2018-05-02  Keith Rollin  <krollin@apple.com>
3096
3097         Add facility for tracking times and results of page and resource loading
3098         https://bugs.webkit.org/show_bug.cgi?id=184838
3099         <rdar://problem/36548974>
3100
3101         Reviewed by Brent Fulgham.
3102
3103         Update FrameProgressTracker to send the necessary page load start/stop
3104         signals so that we can track the entire page load at a network level.
3105         Add an empty override of the pure virtual
3106         LoaderStrategy::pageLoadCompleted method.
3107
3108         No new tests. There is no testable effect from these changes. On
3109         Cocoa, measurable changes take place in another (non-WebKit) process.
3110         On non-Cocoa systems, this facility is currently disabled.
3111
3112         * loader/FrameLoader.cpp:
3113         (WebCore::FrameLoader::FrameProgressTracker::progressCompleted):
3114         * loader/LoaderStrategy.h:
3115
3116 2018-05-02  Aditya Keerthi  <akeerthi@apple.com>
3117
3118         Can't copy and paste URLs that have no title into Mail (macOS)
3119         https://bugs.webkit.org/show_bug.cgi?id=185205
3120         <rdar://problem/36352406>
3121
3122         Reviewed by Tim Horton.
3123
3124         The pasteboardURL generated has an empty title for URLs without titles. Currently, the pasteboardURL.title is being saved to the pasteboard.
3125
3126         To fix the error, we check whether the title is empty and instead save the lastPathComponent to the pasteboard. This matches current behavior as the fallback title.
3127
3128         Augmented WebKitLegacy.ContextMenuCanCopyURL test
3129
3130         * platform/mac/PasteboardMac.mm:
3131         (WebCore::writeURLForTypes):
3132
3133 2018-05-01  Ryosuke Niwa  <rniwa@webkit.org>
3134
3135         REGRESSION(r225868): Release assert when removing an SVGUseElement from Document::m_svgUseElements
3136         https://bugs.webkit.org/show_bug.cgi?id=182188
3137         <rdar://problem/36689240>
3138
3139         Reviewed by Antti Koivisto.
3140
3141         Fixed the crash by removing up the release assert.
3142
3143         The crash is likely caused by re-entrancy to Document::resolveStyle during SVGUseElement::updateShadowTree.
3144         Because Document::resolveStyle invokes updateShadowTree on SVG use elements in Document::m_svgUseElements
3145         without clearing the map, the nested call to resolveStyle ends up calling updateShadowTree() for all elements
3146         in m_svgUseElements and removing them all from the map. When the stack frame eventually comes back to the outer
3147         invocation of Document::resolveStyle, updateShadowTree gets invoked for the second time on SVG use elements
3148         whose shadow tree had already been updated within the inner invocation to updateShadowTree, and release-asserts.
3149
3150         There is an alternative fix: avoid calling updateShadowTree on a svg element when shadowTreeNeedsUpdate returns
3151         true on the element in resolveStyle. However, removing the release assert is a sure way to fix the crash so
3152         this patch opts for that fix instead especially since we don't have any reproducible test case for this crash.
3153
3154         This release assertion was added in r225868 as a cautious measure to catch any use-after-frees of SVGUseElement's
3155         since m_svgUseElements stored raw pointes to SVG use elements but this crash is not an indicative of any UAF,
3156         and there is no evidence that r225868 has led to new UAFs even after five months.
3157
3158         No new tests. I couldn't find a way to trigger a nested style update inside SVGUseElement::updateShadowTree.
3159
3160         * dom/Document.cpp:
3161         (WebCore::Document::removeSVGUseElement):
3162
3163 2018-05-02  Dirk Schulze  <dschulze@chromium.org>
3164
3165         getCharNumAtPosition should take DOMPointInit as argument
3166         https://bugs.webkit.org/show_bug.cgi?id=184695
3167
3168         Reviewed by Antti Koivisto.
3169
3170         Extend existing tests for getCharNumAtPosition.
3171
3172         * svg/SVGTextContentElement.cpp:
3173         (WebCore::SVGTextContentElement::getCharNumAtPosition):
3174         * svg/SVGTextContentElement.h:
3175         * svg/SVGTextContentElement.idl: Use DOMPointInit argument.
3176
3177 2018-05-02  Youenn Fablet  <youenn@apple.com>
3178
3179         Use NetworkLoadChecker for navigation loads
3180         https://bugs.webkit.org/show_bug.cgi?id=184892
3181         <rdar://problem/39652686>
3182
3183         Reviewed by Chris Dumez.
3184
3185         Sanitize headers according response tainting.
3186         If tainting is basic, it means same origin load in which case we only filter Cookie related headers.
3187         If tainting is Opaque, we filter all uncommon headers.
3188         If tainting is CORS, we filter all uncommon headers except the one explicitely allowed by CORS headers.
3189         Covered by updated test.
3190
3191         * platform/network/ResourceResponseBase.cpp:
3192         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
3193         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields):
3194         * platform/network/ResourceResponseBase.h:
3195
3196 2018-05-02  Myles C. Maxfield  <mmaxfield@apple.com>
3197
3198         Collection fragment identifiers don't use PostScript names
3199         https://bugs.webkit.org/show_bug.cgi?id=184624
3200         <rdar://problem/39432089>
3201
3202         Reviewed by Simon Fraser.
3203
3204         In a previous version of the CSS Fonts spec, there was text saying that items in font collections
3205         should be 1-indexed (so the first item would be MyFonts.ttc#1). However, this is unfortunate because
3206         inserting an item into the middle of a collection would throw off all content that uses the file.
3207         Instead, the spec has since changed to use PostScript names (so the content instead would say
3208         MyFonts.ttc#MyFont-Regular).
3209
3210         Test: fast/text/font-collection.html
3211
3212         * css/CSSFontFaceSource.cpp:
3213         (WebCore::CSSFontFaceSource::load):
3214         * loader/cache/CachedFont.cpp:
3215         (WebCore::CachedFont::calculateItemInCollection const):
3216         (WebCore::CachedFont::ensureCustomFontData):
3217         (WebCore::CachedFont::createCustomFontData):
3218         (WebCore::CachedFont::calculateIndex const): Deleted.
3219         * loader/cache/CachedFont.h:
3220         * platform/graphics/mac/FontCustomPlatformData.cpp:
3221         (WebCore::createFontCustomPlatformData):
3222         * platform/graphics/mac/FontCustomPlatformData.h:
3223
3224 2018-05-02  Brian Burg  <bburg@apple.com>
3225
3226         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
3227         https://bugs.webkit.org/show_bug.cgi?id=184861
3228         <rdar://problem/39153768>
3229
3230         Reviewed by Ryosuke Niwa.
3231
3232         Notify the client of the current connection count whenever a frontend connects or disconnects.
3233
3234         Covered by new API test.
3235
3236         * inspector/InspectorClient.h:
3237         (WebCore::InspectorClient::frontendCountChanged):
3238         * inspector/InspectorController.cpp:
3239         (WebCore::InspectorController::connectFrontend):
3240         (WebCore::InspectorController::disconnectFrontend):
3241         (WebCore::InspectorController::disconnectAllFrontends):
3242         * inspector/InspectorController.h:
3243
3244 2018-05-02  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3245
3246         [GStreamer] Remove unneeded include of gstgldisplay_wayland.h after r228866 and r229022
3247         https://bugs.webkit.org/show_bug.cgi?id=185207
3248
3249         Reviewed by Michael Catanzaro.
3250
3251         Remove unneeded include of gstgldisplay_wayland.h
3252
3253         No new tests, no change in behaviour.
3254
3255         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3256
3257 2018-05-02  Chris Dumez  <cdumez@apple.com>
3258
3259         document.open() event listener removal is not immediate
3260         https://bugs.webkit.org/show_bug.cgi?id=185191
3261
3262         Reviewed by Darin Adler.
3263
3264         We need to make sure we set the 'wasremoved' flag on RegisteredEventListeners
3265         whenever they get removed from the EventListenerMap. We were doing so correctly
3266         in EventListenerMap:remove() but not EventListenerMap::clear(). This patch
3267         updates clear() accordingly.
3268
3269         The reason we need to set this flag is that RegisteredEventListeners is RefCounted
3270         and EventTarget::fireEventListeners() may be currently running and calling
3271         each listener one by one, holding a reference to all listener of a given event.
3272
3273         Test: fast/dom/Document/document-open-removes-all-listeners.html
3274
3275         * dom/EventListenerMap.cpp:
3276         (WebCore::EventListenerMap::clear):
3277
3278 2018-05-02  Zalan Bujtas <zalan@apple.com>
3279
3280         Use WeakPtr in GridCell
3281         https://bugs.webkit.org/show_bug.cgi?id=185180
3282         <rdar://problem/39432165>
3283
3284         Reviewed by Antti Koivisto.
3285
3286         Since GridCell does not own the renderers, it should
3287         construct weak pointers.
3288
3289         Unable to create a reliably reproducible test case.
3290
3291         * rendering/Grid.cpp:
3292         (WebCore::Grid::insert):
3293         (WebCore::GridIterator::nextGridItem):
3294         * rendering/Grid.h:
3295         * rendering/RenderGrid.cpp:
3296         (WebCore::RenderGrid::firstLineBaseline const):
3297
3298 2018-05-02  Eric Carlson  <eric.carlson@apple.com>
3299
3300         [iOS] Provide audio route information when invoking AirPlay picker
3301         https://bugs.webkit.org/show_bug.cgi?id=185199
3302         <rdar://problem/39853103>
3303
3304         Reviewed by Jer Noble.
3305
3306         No new tests, this requires a specific hardware setup.
3307
3308         * dom/Document.cpp:
3309         (WebCore::Document::showPlaybackTargetPicker): Pass route sharing policy and routing context UID.
3310         * dom/Document.h:
3311
3312         * html/MediaElementSession.cpp:
3313         (WebCore::MediaElementSession::showPlaybackTargetPicker): Ditto.
3314
3315         * loader/EmptyClients.h:
3316         * page/ChromeClient.h:
3317
3318         * page/Page.cpp:
3319         (WebCore::Page::showPlaybackTargetPicker): Ditto.
3320         * page/Page.h:
3321
3322         * platform/audio/AudioSession.cpp:
3323         (WebCore::AudioSession::routeSharingPolicy const): Empty implementation for non-iOS ports.
3324         (WebCore::routingContextUID const): Ditto.
3325         * platform/audio/AudioSession.h:
3326
3327         * platform/audio/ios/AudioSessionIOS.mm:
3328         (WebCore::AudioSession::routeSharingPolicy const): Return the route sharing policy.
3329         (WebCore::AudioSession::routingContextUID const): Return the route context UID.
3330
3331 2018-05-02  Dean Jackson  <dino@apple.com>
3332
3333         Draw SystemPreview badge to specification on iOS
3334         https://bugs.webkit.org/show_bug.cgi?id=185203
3335         <rdar://problem/39908855>
3336
3337         Reviewed by Tim Horton.
3338
3339         Use CoreImage to render a badge with a blurred background,
3340         at particular sizes.
3341
3342         This will be tested internally while we're getting artwork
3343         from WebKitAdditions.
3344
3345         * Configurations/WebCore.xcconfig: Link against CoreImage.
3346         * rendering/RenderThemeIOS.h:
3347         * rendering/RenderThemeIOS.mm:
3348         (WebCore::RenderThemeIOS::paintSystemPreviewBadge): New function
3349         in the iOS platform RenderTheme that draws the system preview.
3350
3351 2018-05-01  Brent Fulgham  <bfulgham@apple.com>
3352
3353         Prevent Debug ASSERT when changing forms
3354         https://bugs.webkit.org/show_bug.cgi?id=185173
3355         <rdar://problem/39738669>
3356
3357         Reviewed by Ryosuke Niwa.
3358
3359         Form submission could trigger a debug assertion during validation when
3360         a form is changed during an input submission. Fix this by cleaning up
3361         the event handling logic and make it more consistent with modern WebKit
3362         coding style.
3363
3364         Test: fast/forms/form-submission-crash-3.html
3365
3366         * html/HTMLButtonElement.cpp:
3367         (WebCore::HTMLButtonElement::defaultEventHandler): Make sure layout runs before
3368         attempting to perform event handling.
3369         * html/HTMLFormElement.cpp:
3370         (WebCore::HTMLFormElement::reportValidity): Ditto.
3371         (WebCore::HTMLFormElement::validateInteractively): Remove call to perform layout here,
3372         since we expect this to happen earlier in the layout pass. Add an assertion that the
3373         tree is not dirty.
3374         * html/ImageInputType.cpp:
3375         (WebCore::ImageInputType::handleDOMActivateEvent): Make sure layout runs before
3376         attempting to perform event handling.
3377         * html/SubmitInputType.cpp:
3378         (WebCore::SubmitInputType::handleDOMActivateEvent): Ditto.
3379
3380 2018-05-02  Jer Noble  <jer.noble@apple.com>
3381
3382         Unreviewed; address review comments made before landing r231231.
3383
3384         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3385         (VideoFullscreenControllerContext::volume const):
3386
3387 2018-05-02  Jer Noble  <jer.noble@apple.com>
3388
3389         Pipe volume through PlaybackSessionManager/Proxy.
3390         https://bugs.webkit.org/show_bug.cgi?id=185182
3391
3392         Reviewed by Eric Carlson.
3393
3394         Add support for the volume property to PlaybackSessionModel, and all its clients.
3395
3396         * platform/cocoa/PlaybackSessionModel.h:
3397         (WebCore::PlaybackSessionModelClient::volumeChanged):
3398         * platform/cocoa/PlaybackSessionModelMediaElement.h:
3399         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
3400         (WebCore::PlaybackSessionModelMediaElement::updateForEventName):
3401         (WebCore::PlaybackSessionModelMediaElement::setVolume):
3402         (WebCore::PlaybackSessionModelMediaElement::volume const):
3403         * platform/ios/PlaybackSessionInterfaceAVKit.h:
3404         * platform/ios/PlaybackSessionInterfaceAVKit.mm:
3405         (WebCore::PlaybackSessionInterfaceAVKit::volumeChanged):
3406         * platform/ios/WebAVPlayerController.h:
3407         * platform/ios/WebAVPlayerController.mm:
3408         (-[WebAVPlayerController volume]):
3409         (-[WebAVPlayerController setVolume:]):
3410         (-[WebAVPlayerController volumeChanged:]):
3411         (-[WebAVPlayerController resetMediaState]):
3412         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
3413         (VideoFullscreenControllerContext::volumeChanged):
3414         (VideoFullscreenControllerContext::volume const):
3415         (VideoFullscreenControllerContext::setVolume):
3416
3417 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3418
3419         Unreviewed, fix build in WinCairo
3420         https://bugs.webkit.org/show_bug.cgi?id=185169
3421
3422         * bindings/js/JSDOMWindowBase.cpp:
3423         (WebCore::JSDOMWindowBase::instantiateStreaming):