0bfca57632ecc468314b1d42827c2f8d328c6c26
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-01-19  Wenson Hsieh  <wenson_hsieh@apple.com>
2
3         [macOS] [WK2] Drag location is computed incorrectly when dragging content from subframes
4         https://bugs.webkit.org/show_bug.cgi?id=181896
5         <rdar://problem/35479043>
6
7         Reviewed by Tim Horton.
8
9         In r218837, I packaged most of the information needed to start a drag into DragItem, which is propagated to the client layer
10         via the startDrag codepath. However, this introduced a bug in computing the event position and drag location in window
11         coordinates. Consider the case where we're determining the drag image offset for a dragged element in a subframe:
12
13         Before the patch, the drag location (which starts out in the subframe's content coordinates) would be converted to root view
14         coordinates, which would then be converted to mainframe content coordinates, which would then be converted to window coordinates
15         using the mainframe's view. After the patch, we carry out the same math until the last step, where we erroneously use the
16         _subframe's_ view to convert to window coordinates from content coordinates. This results in the position of the iframe relative
17         to the mainframe being accounted for twice.
18
19         To fix this, we simply use the main frame's view to convert from mainframe content coordinates to window coordinates while
20         computing the drag location. As for the event position in window coordinates, this is currently unused by any codepath in WebKit,
21         so we can just remove it altogether.
22
23         Since this bug only affects drag and drop in the macOS WebKit2 port, there's currently no way to test this. I'll be using
24         <https://bugs.webkit.org/show_bug.cgi?id=181898> to track adding test support for drag and drop on macOS WebKit2. Manually tested
25         dragging in both WebKit1 and WebKit2 on macOS. dragLocationInWindowCoordinates isn't used at all for iOS drag and drop.
26
27         * page/DragController.cpp:
28         (WebCore::DragController::doSystemDrag):
29         * platform/DragItem.h:
30         (WebCore::DragItem::encode const):
31         (WebCore::DragItem::decode):
32
33 2018-01-19  Ryan Haddad  <ryanhaddad@apple.com>
34
35         Unreviewed, rolling out r227235.
36
37         The test for this change consistently times out on High
38         Sierra.
39
40         Reverted changeset:
41
42         "Support for preconnect Link headers"
43         https://bugs.webkit.org/show_bug.cgi?id=181657
44         https://trac.webkit.org/changeset/227235
45
46 2018-01-19  Youenn Fablet  <youenn@apple.com>
47
48         Cache storage errors like Quota should trigger console messages
49         https://bugs.webkit.org/show_bug.cgi?id=181879
50         <rdar://problem/36669048>
51
52         Reviewed by Chris Dumez.
53
54         Covered by rebased test.
55
56         * Modules/cache/DOMCache.cpp:
57         (WebCore::DOMCache::retrieveRecords):
58         (WebCore::DOMCache::batchDeleteOperation):
59         (WebCore::DOMCache::batchPutOperation):
60         * Modules/cache/DOMCacheEngine.cpp:
61         (WebCore::DOMCacheEngine::errorToException):
62         (WebCore::DOMCacheEngine::logErrorAndConvertToException):
63         * Modules/cache/DOMCacheEngine.h:
64         * Modules/cache/DOMCacheStorage.cpp:
65         (WebCore::DOMCacheStorage::retrieveCaches):
66         (WebCore::DOMCacheStorage::doOpen):
67         (WebCore::DOMCacheStorage::doRemove):
68
69 2018-01-19  Youenn Fablet  <youenn@apple.com>
70
71         Do not go to the storage process when registering a service worker client if there is no service worker registered
72         https://bugs.webkit.org/show_bug.cgi?id=181740
73         <rdar://problem/36650400>
74
75         Reviewed by Chris Dumez.
76
77         Register a document as service worker client only if there is an existing service worker connection.
78         This allows not creating any connection if no service worker is registered.
79
80         Add internals API to test whether a service worker connection was created or not.
81         This is used by API tests that cover the changes.
82
83         * dom/Document.cpp:
84         (WebCore::Document::privateBrowsingStateDidChange): No need to create a service worker connection if client is not registered yet.
85         (WebCore::Document::setServiceWorkerConnection): No need to unregister/register if service worker connection is the same.
86         Similarly, if Document is to be destroyed or suspended, we should not register it.
87         * loader/DocumentLoader.cpp:
88         (WebCore::DocumentLoader::commitData):
89         * testing/Internals.cpp:
90         (WebCore::Internals::hasServiceWorkerConnection):
91         * testing/Internals.h:
92         * testing/Internals.idl:
93         * workers/service/ServiceWorkerProvider.cpp:
94         (WebCore::ServiceWorkerProvider::registerServiceWorkerClients):
95         * workers/service/ServiceWorkerProvider.h:
96
97 2018-01-19  Dean Jackson  <dino@apple.com>
98
99         REGRESSION (r221092): Swipe actions are hard to perform in FastMail app
100         https://bugs.webkit.org/show_bug.cgi?id=181817
101         <rdar://problem/35274055>
102
103         Add a setting for controlling whether touch listeners are passive
104         by default on document/window/body.
105
106         Updated existing test.
107
108         * dom/EventTarget.cpp:
109         (WebCore::EventTarget::addEventListener):
110         * page/Settings.yaml:
111
112 2018-01-19  Daniel Bates  <dabates@apple.com>
113
114         Update frame-ancestor directive to match Content Security Policy Level 3
115         https://bugs.webkit.org/show_bug.cgi?id=178891
116         <rdar://problem/35209458>
117
118         Reviewed by Alex Christensen.
119
120         Derived from Blink e667cc2e501fabab3605b838e4ee0d642a9c4a59:
121         <https://chromium.googlesource.com/chromium/src.git/+/e667cc2e501fabab3605b838e4ee0d642a9c4a59>
122
123         Update frame-ancestor directive to match against the origin of the ancestor document per the
124         Content Security Policy Level 3 spec.: <https://w3c.github.io/webappsec-csp/> (15 January 2018).
125         Specifically this change in behavior was made to CSP 3 in <https://github.com/w3c/webappsec/issues/311>.
126         In earlier versions of the spec, the frame-ancestor directive matched against the URL of the
127         ancestor document.
128
129         Disregarding allow-same-origin sandboxed iframes, a document with policy "frame-ancestor 'self'"
130         will be blocked from loading in a sandboxed iframe as a result of this change.
131
132         Tests: http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-allow-same-origin-sandboxed-cross-url-allow.html
133                http/tests/security/contentSecurityPolicy/1.1/frame-ancestors/frame-ancestors-nested-cross-in-sandboxed-cross-url-block.html
134
135         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
136         (WebCore::checkFrameAncestors):
137
138 2018-01-19  Basuke Suzuki  <Basuke.Suzuki@sony.com>
139
140         [Curl] Add timeout support to XMLHttpRequest
141         https://bugs.webkit.org/show_bug.cgi?id=181876
142
143         Reviewed by Alex Christensen 
144
145         * platform/network/ResourceRequestBase.cpp:
146         * platform/network/curl/CurlContext.cpp:
147         (WebCore::CurlHandle::setTimeout):
148         * platform/network/curl/CurlContext.h:
149         * platform/network/curl/CurlRequest.cpp:
150         (WebCore::CurlRequest::setupTransfer):
151         (WebCore::CurlRequest::didCompleteTransfer):
152         * platform/network/curl/ResourceError.h:
153         * platform/network/curl/ResourceErrorCurl.cpp:
154         (WebCore::ResourceError::httpError):
155
156 2018-01-19  Yoav Weiss  <yoav@yoav.ws>
157
158         Support for preconnect Link headers
159         https://bugs.webkit.org/show_bug.cgi?id=181657
160
161         Reviewed by Darin Adler.
162
163         Move the preconnect functionality into its own function, and
164         also call this function when Link headers are processed.
165
166         Test: http/tests/preconnect/link-header-rel-preconnect-http.php
167
168         * loader/LinkLoader.cpp:
169         (WebCore::LinkLoader::loadLinksFromHeader): Call preconnectIfNeeded.
170         (WebCore::LinkLoader::preconnectIfNeeded): Preconnect to a host functionality moved here.
171         (WebCore::LinkLoader::loadLink): Call preconnectIfNeeded.
172         * loader/LinkLoader.h:
173
174 2018-01-19  Joseph Pecoraro  <pecoraro@apple.com>
175
176         AppCache: Log a Deprecation warning to the Console when AppCache is used
177         https://bugs.webkit.org/show_bug.cgi?id=181778
178
179         Reviewed by Alex Christensen.
180
181         * html/HTMLHtmlElement.cpp:
182         (WebCore::HTMLHtmlElement::insertedByParser):
183
184 2018-01-19  Chris Dumez  <cdumez@apple.com>
185
186         ASSERT(registration || isTerminating()) hit in SWServerWorker::skipWaiting()
187         https://bugs.webkit.org/show_bug.cgi?id=181761
188         <rdar://problem/36594564>
189
190         Reviewed by Youenn Fablet.
191
192         There is a short period of time, early in the registration process where a
193         SWServerWorker object exists for a registration but is not in the registration's
194         installing/waiting/active slots yet. As a result, if a registration is cleared
195         during this period (for e.g. due to the user clearing all website data), that
196         SWServerWorker will not be terminated. We then hit assertion later on when this
197         worker is trying to do things (like call skipWaiting).
198
199         To address the issue, we now keep a reference this SWServerWorker on the
200         registration, via a new SWServerRegistration::m_preInstallationWorker data member.
201         When the registration is cleared, we now take care of terminating this worker.
202
203         No new tests, covered by existing tests that crash flakily in debug builds.
204
205         * workers/WorkerThread.cpp:
206         (WebCore::WorkerThread::stop):
207         if the mutex is locked, then the worker thread is still starting. We spin the
208         runloop and try to stop again later. This avoids the deadlock shown in
209         Bug 181763 as the worker thread may need to interact with the main thread
210         during startup.
211
212         * workers/service/server/SWServer.cpp:
213         (WebCore::SWServer::installContextData):
214         * workers/service/server/SWServerJobQueue.cpp:
215         (WebCore::SWServerJobQueue::scriptContextFailedToStart):
216         (WebCore::SWServerJobQueue::install):
217         * workers/service/server/SWServerRegistration.cpp:
218         (WebCore::SWServerRegistration::~SWServerRegistration):
219         (WebCore::SWServerRegistration::setPreInstallationWorker):
220         (WebCore::SWServerRegistration::clear):
221         * workers/service/server/SWServerRegistration.h:
222         (WebCore::SWServerRegistration::preInstallationWorker const):
223
224 2018-01-19  Chris Dumez  <cdumez@apple.com>
225
226         Service worker registrations restored from disk may not be reused when the JS calls register() again
227         https://bugs.webkit.org/show_bug.cgi?id=181810
228         <rdar://problem/36591711>
229
230         Reviewed by Youenn Fablet.
231
232         The issue was that when restoring a registration from disk, we would not set its active worker right
233         away. We only set it later in installContextData(). installContextData() is only called after we’ve
234         launched the service worker process and established a connection to it.
235
236         However, we would start processing jobs (such as registrations) before we’ve established the connection
237         to the service worker process. SWServerJobQueue::runRegisterJob(), in order to reuse an existing
238         registration checks the registration’s active worker has the right script URL. The issue was that when
239         this code would execute, we may not have set the registration’s active service worker yet, in which case,
240         we would update the existing registration instead of reusing it as-is.
241
242         To address the issue, we now delay the processing of jobs until the connection to the service worker
243         process has been established and we've installed all pending contexts via installContextData().
244
245         Changed is covered by new API test.
246
247         * workers/service/server/SWServer.cpp:
248         (WebCore::SWServer::Connection::scheduleJobInServer):
249         (WebCore::SWServer::scheduleJob):
250         (WebCore::SWServer::serverToContextConnectionCreated):
251         * workers/service/server/SWServer.h:
252
253 2018-01-19  James Craig  <jcraig@apple.com>
254
255         AX: when invert colors is on, double-invert image and picture elements in UserAgentStyleSheet
256         https://bugs.webkit.org/show_bug.cgi?id=181281
257         <rdar://problem/36291776>
258
259         Reviewed by Simon Fraser.
260
261         Updated "Smart Invert" to include img and picture element inversion and tests.
262
263         Tests: accessibility/smart-invert-reference.html
264                accessibility/smart-invert.html
265
266         * css/html.css:
267         (@media (inverted-colors)):
268         (img:not(picture>img), picture, video):
269
270 2018-01-19  Chris Dumez  <cdumez@apple.com>
271
272         The WebContent process should not process incoming IPC while waiting for a sync IPC reply
273         https://bugs.webkit.org/show_bug.cgi?id=181560
274
275         Reviewed by Ryosuke Niwa.
276
277         Add internals API for testing purposes.
278
279         Test: fast/misc/testIncomingSyncIPCMessageWhileWaitingForSyncReply.html
280
281         * page/ChromeClient.h:
282         * testing/Internals.cpp:
283         (WebCore::Internals::testIncomingSyncIPCMessageWhileWaitingForSyncReply):
284         * testing/Internals.h:
285         * testing/Internals.idl:
286
287 2018-01-19  Keith Miller  <keith_miller@apple.com>
288
289         HaveInternalSDK includes should be "#include?"
290         https://bugs.webkit.org/show_bug.cgi?id=179670
291
292         Reviewed by Dan Bernstein.
293
294         * Configurations/Base.xcconfig:
295
296 2018-01-19  Daniel Bates  <dabates@apple.com>
297
298         Fix misspelling; substitute willDetachRenderer for willDetatchRenderer.
299
300         * html/HTMLPlugInImageElement.cpp:
301         (WebCore::HTMLPlugInImageElement::willDetachRenderers):
302         * plugins/PluginViewBase.h:
303         (WebCore::PluginViewBase::willDetachRenderer):
304         (WebCore::PluginViewBase::willDetatchRenderer): Deleted.
305
306 2018-01-19  Jonathan Bedard  <jbedard@apple.com>
307
308         Unreviewed build fix, remove unused lambda captures.
309
310         * dom/messageports/MessagePortChannel.cpp:
311         (WebCore::MessagePortChannel::takeAllMessagesForPort):
312         * dom/messageports/MessagePortChannelRegistry.cpp:
313         (WebCore::MessagePortChannelRegistry::messagePortChannelCreated):
314
315 2018-01-19  Antoine Quint  <graouts@apple.com>
316
317         [Web Animations] Expose timing properties (delay, endDelay, fill, iterationStart, iterations, direction) and getComputedTiming()
318         https://bugs.webkit.org/show_bug.cgi?id=181857
319         <rdar://problem/36660081>
320
321         Reviewed by Dean Jackson.
322
323         We start the work to implement the rest of the Web Animations timing and animation model by exposing more properties on
324         AnimationEffectTiming to control delay (delay, endDelay), looping (iterationStart, iterations), fill and direction.
325         Additionally, we expose the getComputedTiming() method on AnimationEffect, although it currently lacks some computed
326         properties that will come in later patch as we implement various processes defined by the spec. We also update the
327         existing duration() method on AnimationEffectTiming to be called iterationDuration() to match the terms used in the
328         specification.
329
330         Finally, we make all new properties, and update existing ones, that expose a time value go through the new utility
331         function secondsToWebAnimationsAPITime() to guarantee rounded values with microseconds precision, as advised by
332         the Web Animations specification.
333
334         * CMakeLists.txt:
335         * DerivedSources.make:
336         * Sources.txt:
337         * WebCore.xcodeproj/project.pbxproj:
338         * animation/AnimationEffect.cpp:
339         (WebCore::AnimationEffect::localTime const):
340         (WebCore::AnimationEffect::getComputedTiming):
341         * animation/AnimationEffect.h:
342         * animation/AnimationEffect.idl:
343         * animation/AnimationEffectTiming.cpp:
344         (WebCore::AnimationEffectTiming::AnimationEffectTiming):
345         (WebCore::AnimationEffectTiming::setIterationStart):
346         (WebCore::AnimationEffectTiming::setIterations):
347         (WebCore::AnimationEffectTiming::bindingsDuration const):
348         (WebCore::AnimationEffectTiming::setBindingsDuration):
349         (WebCore::AnimationEffectTiming::endTime const):
350         (WebCore::AnimationEffectTiming::activeDuration const):
351         * animation/AnimationEffectTiming.h:
352         * animation/AnimationEffectTiming.idl:
353         * animation/AnimationPlaybackEvent.cpp:
354         (WebCore::AnimationPlaybackEvent::bindingsCurrentTime const):
355         (WebCore::AnimationPlaybackEvent::bindingsTimelineTime const):
356         * animation/AnimationTimeline.cpp:
357         (WebCore::AnimationTimeline::bindingsCurrentTime):
358         * animation/ComputedTimingProperties.h: Added.
359         * animation/ComputedTimingProperties.idl: Added. We set nullable double values to a default value of "null" since
360         otherwise setting those properties to a null value would not set the properties in the converted JS dictionary.
361         * animation/KeyframeEffect.cpp:
362         (WebCore::KeyframeEffect::create): Handle new timing properties passed in the KeyframeEffectOptions dictionary.
363         (WebCore::KeyframeEffect::applyAtLocalTime):
364         (WebCore::KeyframeEffect::getAnimatedStyle):
365         (WebCore::KeyframeEffect::startOrStopAccelerated):
366         * animation/WebAnimation.cpp:
367         (WebCore::WebAnimation::bindingsStartTime const):
368         (WebCore::WebAnimation::bindingsCurrentTime const):
369         (WebCore::WebAnimation::effectEndTime const):
370         (WebCore::WebAnimation::timeToNextRequiredTick const):
371         * animation/WebAnimationUtilities.h: Added.
372         (WebCore::secondsToWebAnimationsAPITime):
373
374 2018-01-19  Alex Christensen  <achristensen@webkit.org>
375
376         Remove dead networking code
377         https://bugs.webkit.org/show_bug.cgi?id=181813
378
379         Reviewed by Tim Horton.
380
381         CFURLConnection is only used on Windows.
382
383         * platform/network/cf/ResourceError.h:
384         * platform/network/cf/ResourceRequest.h:
385         (WebCore::ResourceRequest::encodingRequiresPlatformData const):
386         * platform/network/cf/ResourceRequestCFNet.cpp:
387         (WebCore::findCFURLRequestCopyContentDispositionEncodingFallbackArrayFunction):
388         (WebCore::ResourceRequest::doUpdatePlatformRequest):
389         (WebCore::ResourceRequest::doUpdatePlatformHTTPBody):
390         (WebCore::ResourceRequest::doUpdateResourceRequest):
391         (WebCore::ResourceRequest::setStorageSession):
392         * platform/network/cf/ResourceResponse.h:
393         (WebCore::ResourceResponse::ResourceResponse):
394
395 2018-01-19  Alex Christensen  <achristensen@webkit.org>
396
397         Remove unused WebViewPrivate _allowCookies
398         https://bugs.webkit.org/show_bug.cgi?id=181812
399
400         Reviewed by Tim Horton.
401
402         This SPI was in the original iOS upstreaming and has not been used in many years.
403
404         * platform/network/ResourceRequestBase.cpp:
405         (WebCore::ResourceRequestBase::setDefaultAllowCookies): Deleted.
406         (WebCore::ResourceRequestBase::defaultAllowCookies): Deleted.
407         * platform/network/ResourceRequestBase.h:
408         (WebCore::ResourceRequestBase::ResourceRequestBase):
409
410 2018-01-18  Brady Eidson  <beidson@apple.com>
411
412         Make in-process MessagePorts be (mostly) asynchronous
413         https://bugs.webkit.org/show_bug.cgi?id=181454
414
415         Reviewed by Alex Christensen.
416
417         No new tests (Covered *brutally* by existing tests)
418
419         Part of making MessagePorts be a thing we can pass across processes is making them work async.
420         
421         The existing "MessagePortChannel" method of abstraction was not cut out for this.
422         This patch gets rid of MessagePortChannel and adds a new MessagePortChannelProvider abstraction.
423         It then gets the new machinery working in-process (with some pieces of out-of-process in place)
424
425         One synchronous behavior this patch maintains is the hasPendingActivity() check used to support GC.
426         That will (creatively) be made async in the next followup.
427         
428         More generally from MessagePorts, this patch also adds a "MessageWithMessagePorts" object to be used
429         with all forms of postMessage(). Much better.
430         
431         * CMakeLists.txt:
432         * Sources.txt:
433         * WebCore.xcodeproj/project.pbxproj:
434
435         * dom/InProcessMessagePortChannel.cpp: Removed.
436         * dom/InProcessMessagePortChannel.h: Removed.
437         * dom/MessagePortChannel.cpp: Removed.
438         * dom/MessagePortChannel.h: Removed.
439
440         * dom/MessageChannel.cpp:
441         (WebCore::MessageChannel::create):
442         (WebCore::MessageChannel::MessageChannel):
443         (WebCore::m_port2): Deleted.
444         * dom/MessageChannel.h:
445         (WebCore::MessageChannel::create): Deleted.
446
447         * dom/MessagePort.cpp:
448         (WebCore::MessagePort::create):
449         (WebCore::MessagePort::MessagePort):
450         (WebCore::MessagePort::~MessagePort):
451         (WebCore::MessagePort::entangle):
452         (WebCore::MessagePort::postMessage):
453         (WebCore::MessagePort::disentangle):
454         (WebCore::MessagePort::messageAvailable):
455         (WebCore::MessagePort::start):
456         (WebCore::MessagePort::close):
457         (WebCore::MessagePort::contextDestroyed):
458         (WebCore::MessagePort::dispatchMessages):
459         (WebCore::MessagePort::hasPendingActivity const):
460         (WebCore::MessagePort::locallyEntangledPort const):
461         (WebCore::MessagePort::disentanglePorts):
462         (WebCore::MessagePort::entanglePorts):
463         (WebCore::MessagePort::entangleWithRemote): Deleted.
464         * dom/MessagePort.h:
465
466         * dom/MessagePortIdentifier.h:
467         (WebCore::MessagePortIdentifier::logString const):
468
469         * dom/ScriptExecutionContext.cpp:
470         (WebCore::ScriptExecutionContext::processMessageWithMessagePortsSoon):
471         (WebCore::ScriptExecutionContext::dispatchMessagePortEvents):
472         (WebCore::ScriptExecutionContext::processMessagePortMessagesSoon): Deleted.
473         * dom/ScriptExecutionContext.h:
474
475         Add a single object that represents two intertwined ports, tracks their pending
476         messages, tracks which process they're in, etc etc:
477         * dom/messageports/MessagePortChannel.cpp: Added.
478         (WebCore::MessagePortChannel::create):
479         (WebCore::MessagePortChannel::MessagePortChannel):
480         (WebCore::MessagePortChannel::~MessagePortChannel):
481         (WebCore::MessagePortChannel::includesPort):
482         (WebCore::MessagePortChannel::entanglePortWithProcess):
483         (WebCore::MessagePortChannel::disentanglePort):
484         (WebCore::MessagePortChannel::closePort):
485         (WebCore::MessagePortChannel::postMessageToRemote):
486         (WebCore::MessagePortChannel::takeAllMessagesForPort):
487         (WebCore::MessagePortChannel::hasAnyMessagesPendingOrInFlight const):
488         * dom/messageports/MessagePortChannel.h: Added.
489         (WebCore::MessagePortChannel::port1 const):
490         (WebCore::MessagePortChannel::port2 const):
491         (WebCore::MessagePortChannel::logString const):
492
493         Abstraction for creating and operating on MessagePorts in a potentially cross-process way:
494         * dom/messageports/MessagePortChannelProvider.cpp: Added.
495         (WebCore::MessagePortChannelProvider::singleton):
496         (WebCore::MessagePortChannelProvider::setSharedProvider):
497         * dom/messageports/MessagePortChannelProvider.h: Added.
498         (WebCore::MessagePortChannelProvider::~MessagePortChannelProvider):
499
500         Adds a concrete implementation of that provider to be used in-process (e.g. WK1):
501         * dom/messageports/MessagePortChannelProviderImpl.cpp: Added.
502         (WebCore::MessagePortChannelProviderImpl::~MessagePortChannelProviderImpl):
503         (WebCore::MessagePortChannelProviderImpl::performActionOnAppropriateThread):
504         (WebCore::MessagePortChannelProviderImpl::createNewMessagePortChannel):
505         (WebCore::MessagePortChannelProviderImpl::entangleLocalPortInThisProcessToRemote):
506         (WebCore::MessagePortChannelProviderImpl::messagePortDisentangled):
507         (WebCore::MessagePortChannelProviderImpl::messagePortClosed):
508         (WebCore::MessagePortChannelProviderImpl::postMessageToRemote):
509         (WebCore::MessagePortChannelProviderImpl::takeAllMessagesForPort):
510         (WebCore::MessagePortChannelProviderImpl::hasMessagesForPorts_temporarySync):
511         * dom/messageports/MessagePortChannelProviderImpl.h: Added.
512
513         Adds a main thread object to handle the set of all MessagePortChannels that are open.
514         For now it lives in the WebProcess, but for out-of-process it will live in the UIProcess:
515         * dom/messageports/MessagePortChannelRegistry.cpp: Added.
516         (WebCore::MessagePortChannelRegistry::~MessagePortChannelRegistry):
517         (WebCore::MessagePortChannelRegistry::didCreateMessagePortChannel):
518         (WebCore::MessagePortChannelRegistry::messagePortChannelCreated):
519         (WebCore::MessagePortChannelRegistry::messagePortChannelDestroyed):
520         (WebCore::MessagePortChannelRegistry::didEntangleLocalToRemote):
521         (WebCore::MessagePortChannelRegistry::didDisentangleMessagePort):
522         (WebCore::MessagePortChannelRegistry::didCloseMessagePort):
523         (WebCore::MessagePortChannelRegistry::didPostMessageToRemote):
524         (WebCore::MessagePortChannelRegistry::takeAllMessagesForPort):
525         (WebCore::MessagePortChannelRegistry::hasMessagesForPorts_temporarySync): This is named against style
526           and weird on purpose - to call attention to how bad it is and how it's temporary.
527         (WebCore::MessagePortChannelRegistry::existingChannelContainingPort):
528         * dom/messageports/MessagePortChannelRegistry.h: Added.
529
530         Add an object that represents a "SerializedScriptValue for the message payload and the ports
531         that are being transferred along with that payload". This is used in all forms of postMessage():
532         * dom/messageports/MessageWithMessagePorts.cpp: Added.
533         * dom/messageports/MessageWithMessagePorts.h: Added.
534
535         * page/DOMWindow.cpp:
536         (WebCore::PostMessageTimer::PostMessageTimer):
537         (WebCore::PostMessageTimer::event):
538         (WebCore::DOMWindow::postMessage):
539
540         * platform/Logging.h:
541
542         * workers/DedicatedWorkerGlobalScope.cpp:
543         (WebCore::DedicatedWorkerGlobalScope::postMessage):
544
545         * workers/Worker.cpp:
546         (WebCore::Worker::postMessage):
547
548         * workers/WorkerGlobalScopeProxy.h:
549
550         * workers/WorkerMessagingProxy.cpp:
551         (WebCore::WorkerMessagingProxy::postMessageToWorkerObject):
552         (WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope):
553         * workers/WorkerMessagingProxy.h:
554
555         * workers/WorkerObjectProxy.h:
556
557         * workers/service/ServiceWorker.cpp:
558         (WebCore::ServiceWorker::postMessage):
559
560         * workers/service/ServiceWorkerClient.cpp:
561         (WebCore::ServiceWorkerClient::postMessage):
562
563         * workers/service/context/SWContextManager.cpp:
564         (WebCore::SWContextManager::postMessageToServiceWorker):
565
566         * workers/service/context/ServiceWorkerThread.cpp:
567         (WebCore::fireMessageEvent):
568         (WebCore::ServiceWorkerThread::postMessageToServiceWorker):
569         * workers/service/context/ServiceWorkerThread.h:
570
571 2018-01-18  Ryan Haddad  <ryanhaddad@apple.com>
572
573         Unreviewed build fix, removed unused lambda capture.
574
575         * workers/service/context/SWContextManager.cpp:
576         (WebCore::SWContextManager::ServiceWorkerTerminationRequest::ServiceWorkerTerminationRequest):
577
578 2018-01-18  Chris Dumez  <cdumez@apple.com>
579
580         We should be able to terminate service workers that are unresponsive
581         https://bugs.webkit.org/show_bug.cgi?id=181563
582         <rdar://problem/35280031>
583
584         Reviewed by Alex Christensen.
585
586         Test: http/tests/workers/service/postmessage-after-terminating-hung-worker.html
587
588         * workers/service/context/SWContextManager.cpp:
589         (WebCore::SWContextManager::terminateWorker):
590         Before calling WorkerThread::stop(), set a timer with the given timeout parameter.
591         If the worker thread has not stopped when the timer fires, forcefully exit the
592         service worker process. The StorageProcess will take care of relaunching the
593         service worker process if it exits abruptly.
594
595         (WebCore::SWContextManager::serviceWorkerFailedToTerminate):
596         Log error message if we failed to terminate a service worker and call exit().
597
598         (WebCore::SWContextManager::ServiceWorkerTerminationRequest::ServiceWorkerTerminationRequest):
599
600         * workers/service/context/SWContextManager.h:
601
602 2018-01-18  Youenn Fablet  <youenn@apple.com>
603
604         Do not go to the storage process when loading a main resource if there is no service worker registered
605         https://bugs.webkit.org/show_bug.cgi?id=181395
606
607         Reviewed by Chris Dumez.
608
609         No observable behavior change.
610         Instead of creating a connection to know whether there is a potential service worker,
611         Ask the service worker provider that will use the connection if needed.
612         Otherwise, it will use a default value provided by the UIProcess.
613
614         Tested by cleaning all service workers and checking the computed value of the default value,
615         then observing whether pages registering service workers work well.
616
617         * loader/DocumentLoader.cpp:
618         (WebCore::DocumentLoader::startLoadingMainResource):
619         * workers/service/ServiceWorkerProvider.cpp:
620         (WebCore::ServiceWorkerProvider::mayHaveServiceWorkerRegisteredForOrigin):
621         * workers/service/ServiceWorkerProvider.h:
622
623 2018-01-18  Dan Bernstein  <mitz@apple.com>
624
625         [Xcode] Streamline and future-proof target-macOS-version-dependent build setting definitions
626         https://bugs.webkit.org/show_bug.cgi?id=181803
627
628         Reviewed by Tim Horton.
629
630         * Configurations/Base.xcconfig: Updated.
631         * Configurations/DebugRelease.xcconfig: Ditto.
632         * Configurations/FeatureDefines.xcconfig: Adopted macOSTargetConditionals helpers.
633         * Configurations/Version.xcconfig: Updated.
634         * Configurations/macOSTargetConditionals.xcconfig: Added. Defines helper build settings
635           useful for defining settings that depend on the target macOS version.
636
637 2018-01-18  Chris Dumez  <cdumez@apple.com>
638
639         Service Workers restored from persistent storage have 'redundant' state
640         https://bugs.webkit.org/show_bug.cgi?id=181749
641         <rdar://problem/36556486>
642
643         Reviewed by Youenn Fablet.
644
645         Tested by new API test.
646
647         * workers/service/server/SWServer.cpp:
648         (WebCore::SWServer::installContextData):
649         Make sure the SWServerWorker's state is set to "activated" after it is assigned to
650         the registrations' active slot. Otherwise, it stays in its default state (redundant).
651
652 2018-01-18  Antti Koivisto  <antti@apple.com>
653
654         REGRESSION(r225650): The scores of MotionMark tests Multiply and Leaves dropped by 8%
655         https://bugs.webkit.org/show_bug.cgi?id=181460
656         <rdar://problem/36379776>
657
658         Reviewed by Ryosuke Niwa.
659
660         * css/parser/CSSParser.cpp:
661         (WebCore::CSSParserContext::CSSParserContext):
662
663         Don't do the expensive security origin test if the supplied sheet base URL is null. This
664         is true for rules coming from the same document.
665
666 2018-01-18  Antti Koivisto  <antti@apple.com>
667
668         REGRESSION (r223604): Setting :before/after pseudo element on <noscript> asserts
669         https://bugs.webkit.org/show_bug.cgi?id=181795
670         <rdar://problem/36334524>
671
672         Reviewed by David Kilzer.
673
674         <noscript> disallows renderer generation outside CSS mechanisms, however we would still construct
675         PseudoElements for them during style resolution. These were never removed properly because the
676         pseudo element removal was tied to render tree teardown. Without proper removal the associated
677         animations were also not canceled.
678
679         Test: fast/css-generated-content/noscript-pseudo-anim-crash.html
680
681         * dom/Element.cpp:
682         (WebCore::Element::removedFromAncestor):
683
684         Take care to get rid of PseudoElements when the element is removed from the tree.
685         This also cancels any associated animations.
686
687 2018-01-18  Chris Fleizach  <cfleizach@apple.com>
688
689         AX: Aria-activedescendant not supported
690         https://bugs.webkit.org/show_bug.cgi?id=161734
691         <rdar://problem/28202679>
692
693         Reviewed by Joanmarie Diggs.
694
695         When a combo-box owns/controls a list/listbox/grid/tree, the owned element needs to check the active-descendant of the combobox when
696         checking if it has selected children. 
697         The target of the selection change notification should also be the owned element in these cases.
698
699         Test: accessibility/aria-combobox-controlling-list.html
700
701         * accessibility/AccessibilityObject.cpp:
702         (WebCore::AccessibilityObject::selectedListItem):
703         * accessibility/AccessibilityObject.h:
704         * accessibility/AccessibilityRenderObject.cpp:
705         (WebCore::AccessibilityRenderObject::targetElementForActiveDescendant const):
706         (WebCore::AccessibilityRenderObject::handleActiveDescendantChanged):
707         (WebCore::AccessibilityRenderObject::canHaveSelectedChildren const):
708         (WebCore::AccessibilityRenderObject::selectedChildren):
709         * accessibility/AccessibilityRenderObject.h:
710         * accessibility/mac/AXObjectCacheMac.mm:
711         (WebCore::AXObjectCache::postPlatformNotification):
712
713 2018-01-17  Per Arne Vollan  <pvollan@apple.com>
714
715         REGRESSION (r224780): Text stroke not applied to video captions.
716         https://bugs.webkit.org/show_bug.cgi?id=181743
717         <rdar://problem/35874338>
718
719         Reviewed by Simon Fraser.
720
721         Tests: media/track/track-css-visible-stroke-expected.html
722                media/track/track-css-visible-stroke.html
723
724         After r224780, it is no longer possible to mix text stroke styles with webkit
725         legacy text stroke styles.
726
727         * css/StyleResolver.cpp:
728         (WebCore::isValidCueStyleProperty):
729         * page/CaptionUserPreferencesMediaAF.cpp:
730         (WebCore::CaptionUserPreferencesMediaAF::captionsTextEdgeCSS const):
731
732 2018-01-18  Andy Estes  <aestes@apple.com>
733
734         [Payment Request] Support a default shipping address for Apple Pay
735         https://bugs.webkit.org/show_bug.cgi?id=181754
736         <rdar://problem/36009733>
737
738         Reviewed by Brady Eidson.
739
740         Move shippingContact from ApplePayPaymentRequest to ApplePayRequestBase. This allows
741         merchants to specify a default shipping address when using Apple Pay with Payment Request.
742
743         This also fixes a bug found during testing where
744         +[NSPersonNameComponentsFormatter localizedStringFromPersonNameComponents:style:options:]
745         would throw an exception when passed a nil NSPersonNameComponents.
746
747         Test: http/tests/ssl/applepay/ApplePayRequestShippingContact.https.html
748
749         * Modules/applepay/ApplePayPaymentRequest.h:
750         * Modules/applepay/ApplePayPaymentRequest.idl:
751         * Modules/applepay/ApplePayRequestBase.cpp:
752         (WebCore::convertAndValidate):
753         * Modules/applepay/ApplePayRequestBase.h:
754         * Modules/applepay/ApplePayRequestBase.idl:
755         * Modules/applepay/ApplePaySession.cpp:
756         (WebCore::convertAndValidate):
757         * Modules/applepay/ApplePaySessionPaymentRequest.h:
758         (WebCore::ApplePaySessionPaymentRequest::version const):
759         (WebCore::ApplePaySessionPaymentRequest::setVersion):
760         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
761         (WebCore::convert):
762         * Modules/applepay/paymentrequest/ApplePayRequest.idl:
763         * testing/MockPaymentCoordinator.cpp:
764         (WebCore::MockPaymentCoordinator::showPaymentUI):
765         (WebCore::MockPaymentCoordinator::completeMerchantValidation):
766         * testing/MockPaymentCoordinator.h:
767
768 2018-01-18  Wenson Hsieh  <wenson_hsieh@apple.com>
769
770         [iOS] Specify -[NSURL _title] for the associated URL when copying an image element
771         https://bugs.webkit.org/show_bug.cgi?id=181783
772         <rdar://problem/35785445>
773
774         Reviewed by Ryosuke Niwa.
775
776         Always specify the -[NSURL _title] to be either the title specified in a PasteboardImage's inner PasteboardURL,
777         or if no title is specified, fall back to the user-visible URL string. This is because at least one internal
778         client always tries to use the -_title property to determine the title of a pasted URL, or if none is specified,
779         the -suggestedName. Since we need to set suggestedName to the preferred file name of the copied image and we
780         don't want the suggested name to become the title of the link, we need to explicitly set the link title.
781
782         In doing so, this patch also fixes a bug wherein we forget to set the _title of the NSURL we're registering to
783         an NSItemProvider.
784
785         Tests:  ActionSheetTests.CopyImageElementWithHREFAndTitle (new)
786                 ActionSheetTests.CopyImageElementWithHREF (modified)
787
788         * platform/ios/PlatformPasteboardIOS.mm:
789         (WebCore::PlatformPasteboard::write):
790
791 2018-01-17  Jer Noble  <jer.noble@apple.com>
792
793         WebVTT served via HLS never results in cues
794         https://bugs.webkit.org/show_bug.cgi?id=181773
795
796         Reviewed by Eric Carlson.
797
798         Test: http/tests/media/hls/hls-webvtt-tracks.html
799
800         Three independant errors conspired to keep in-band WebVTT samples from parsing:
801
802         - The definition of ISOWebVTTCue::boxTypeName() was incorrect.
803         - ISOWebVTTCue::parse() didn't call it's superclass's parse() method (leading to an incorrect size and offset).
804         - Use String::fromUTF8() rather than String.adopt(StringVector&&).
805
806         * platform/graphics/iso/ISOVTTCue.cpp:
807         (WebCore::ISOWebVTTCue::parse):
808         * platform/graphics/iso/ISOVTTCue.h:
809         (WebCore::ISOWebVTTCue::boxTypeName):
810
811 2018-01-17  John Wilander  <wilander@apple.com>
812
813         Resource Load Statistics: Block cookies for prevalent resources without user interaction
814         https://bugs.webkit.org/show_bug.cgi?id=177394
815         <rdar://problem/34613960>
816
817         Reviewed by Alex Christensen.
818
819         Tests: http/tests/resourceLoadStatistics/add-blocking-to-redirect.html
820                http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html
821                http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html
822                http/tests/resourceLoadStatistics/remove-partitioning-in-redirect.html
823
824         * platform/network/NetworkStorageSession.h:
825             Now exports NetworkStorageSession::nsCookieStorage().
826         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
827         (WebCore::NetworkStorageSession::setPrevalentDomainsToPartitionOrBlockCookies):
828             Fixes the FIXME.
829
830 2018-01-17  Dean Jackson  <dino@apple.com>
831
832         Remove linked-on test for Snow Leopard
833         https://bugs.webkit.org/show_bug.cgi?id=181770
834
835         Reviewed by Eric Carlson.
836
837         Remove a very old linked-on-or-after test.
838
839         * platform/graphics/ca/GraphicsLayerCA.cpp:
840
841 2018-01-17  Matt Lewis  <jlewis3@apple.com>
842
843         Unreviewed, rolling out r227098.
844
845         This broke the build.
846
847         Reverted changeset:
848
849         "Remove linked-on test for Snow Leopard"
850         https://bugs.webkit.org/show_bug.cgi?id=181770
851         https://trac.webkit.org/changeset/227098
852
853 2018-01-17  Dean Jackson  <dino@apple.com>
854
855         Remove linked-on test for Snow Leopard
856         https://bugs.webkit.org/show_bug.cgi?id=181770
857
858         Reviewed by Eric Carlson.
859
860         Remove a very old linked-on-or-after test.
861
862         * platform/graphics/ca/GraphicsLayerCA.cpp:
863
864 2018-01-17  Stephan Szabo  <stephan.szabo@sony.com>
865
866         [Curl] Use ResourceRequest::encodeWithPlatformData()
867         https://bugs.webkit.org/show_bug.cgi?id=181768
868
869         Reviewed by Alex Christensen.
870
871         No new tests, assertion hit in downstream port, should be covered by
872         existing tests.
873
874         * platform/network/curl/ResourceRequest.h:
875         (WebCore::ResourceRequest::encodeWithPlatformData const):
876         (WebCore::ResourceRequest::decodeWithPlatformData):
877
878 2018-01-17  Eric Carlson  <eric.carlson@apple.com>
879
880         Use existing RGB colorspace instead of creating a new one
881         https://bugs.webkit.org/show_bug.cgi?id=181765
882         <rdar://problem/36595753>
883
884         Reviewed by Dean Jackson.
885
886         * platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:
887         (WebCore::ScreenDisplayCaptureSourceMac::createDisplayStream): Use sRGBColorSpaceRef instead
888         of creating a new static colorspace.
889
890 2018-01-17  Matt Lewis  <jlewis3@apple.com>
891
892         Unreviewed, rolling out r227076.
893
894         This breaks internal builds
895
896         Reverted changeset:
897
898         "Resource Load Statistics: Block cookies for prevalent
899         resources without user interaction"
900         https://bugs.webkit.org/show_bug.cgi?id=177394
901         https://trac.webkit.org/changeset/227076
902
903 2018-01-17  Ryosuke Niwa  <rniwa@webkit.org>
904
905         input and textarea elements should reveal selection in setSelection when focused
906         https://bugs.webkit.org/show_bug.cgi?id=181715
907         <rdar://problem/36570546>
908
909         Reviewed by Zalan Bujtas.
910
911         Made input and textarea elements reveal selection in FrameSelection::setSelection instead of by directly
912         invoking FrameSelection::revealSelection in their respective updateFocusAppearance to unify code paths.
913
914         Also added options to reveal selection up to the main frame to SetSelectionOption to be used in iOS.
915
916         * editing/FrameSelection.cpp:
917         (WebCore::FrameSelection::FrameSelection):
918         (WebCore::FrameSelection::moveWithoutValidationTo): Takes SelectionRevealMode as an argument and converts
919         sets appropriate selection options.
920         (WebCore::FrameSelection::setSelection): Reconstruct SelectionRevealMode out of selection option sets.
921         (WebCore::FrameSelection::updateAndRevealSelection):
922         * editing/FrameSelection.h:
923         (WebCore::FrameSelection): Added RevealSelectionUpToMainFrame as a SelectionRevealMode and replaced
924         m_shouldRevealSelection by m_selectionRevealMode.
925         * html/HTMLInputElement.cpp:
926         (WebCore::HTMLInputElement::updateFocusAppearance): Pass SelectionRevealMode to HTMLTextFormControlElement's
927         select and restoreCachedSelection instead of directly invoking FrameSelection::revealSelection.
928         * html/HTMLTextAreaElement.cpp:
929         (WebCore::HTMLTextAreaElement::updateFocusAppearance): Ditto.
930         * html/HTMLTextFormControlElement.cpp:
931         (WebCore::HTMLTextFormControlElement::select):
932         (WebCore::HTMLTextFormControlElement::setSelectionRange):
933         (WebCore::HTMLTextFormControlElement::restoreCachedSelection):
934         * html/HTMLTextFormControlElement.h:
935
936 2018-01-17  Michael Catanzaro  <mcatanzaro@igalia.com>
937
938         WEBKIT_FRAMEWORK should not modify file-global include directories
939         https://bugs.webkit.org/show_bug.cgi?id=181656
940
941         Reviewed by Konstantin Tokarev.
942
943         * CMakeLists.txt:
944         * PlatformWPE.cmake:
945
946 2018-01-17  Michael Catanzaro  <mcatanzaro@igalia.com>
947
948         [GTK] Try even harder not to static link WTF into libwebkit2gtk
949         https://bugs.webkit.org/show_bug.cgi?id=181751
950
951         Reviewed by Alex Christensen.
952
953         We don't want two copies of WTF. It should only be in libjavascriptcoregtk.
954
955         * PlatformGTK.cmake:
956
957 2018-01-17  Zalan Bujtas  <zalan@apple.com>
958
959         Multicol: RenderMultiColumnFlow should not inherit the flow state
960         https://bugs.webkit.org/show_bug.cgi?id=181762
961         <rdar://problem/35448565>
962
963         Reviewed by Simon Fraser.
964
965         Do not compute the inherited flow state flag for RenderMultiColumnFlow.
966         It is (by definition) always inside a fragmented flow.
967
968         Test: fast/multicol/crash-when-out-of-flow-positioned-becomes-in-flow.html
969
970         * rendering/RenderObject.cpp:
971         (WebCore::RenderObject::computedFragmentedFlowState):
972
973 2018-01-17  Alex Christensen  <achristensen@webkit.org>
974
975         Deprecate Application Cache
976         https://bugs.webkit.org/show_bug.cgi?id=181764
977
978         Reviewed by Geoffrey Garen.
979
980         * features.json:
981
982 2018-01-17  Wenson Hsieh  <wenson_hsieh@apple.com>
983
984         [iOS simulator] API test WKAttachmentTests.InjectedBundleReplaceURLWhenPastingImage is failing
985         https://bugs.webkit.org/show_bug.cgi?id=181758
986
987         Reviewed by Tim Horton.
988
989         This test is failing because Editor::clientReplacementURLForResource expects a MIME type, but on iOS, the type
990         paramter passed into WebContentReader::readImage is a UTI; subsequently, the bundle editing delegate receives
991         a MIME type that's actually a UTI, which is incorrect. To address this, ensure that a MIME type is passed to
992         bundle SPI by converting the type in WebContentReader::readImage to a MIME type.
993
994         * editing/cocoa/WebContentReaderCocoa.mm:
995         (WebCore::WebContentReader::readImage):
996
997 2018-01-17  Antti Koivisto  <antti@apple.com>
998
999         REGRESSION (r226385?): Crash in com.apple.WebCore: WebCore::MediaQueryEvaluator::evaluate const + 32
1000         https://bugs.webkit.org/show_bug.cgi?id=181742
1001         <rdar://problem/36334726>
1002
1003         Reviewed by David Kilzer.
1004
1005         Test: fast/media/mediaqueryevaluator-crash.html
1006
1007         * css/MediaQueryEvaluator.cpp:
1008         (WebCore::MediaQueryEvaluator::MediaQueryEvaluator):
1009
1010         Use WeakPtr<Document> instead of a plain Frame pointer.
1011
1012         (WebCore::MediaQueryEvaluator::evaluate const):
1013
1014         Get the frame via document.
1015
1016         * css/MediaQueryEvaluator.h:
1017         * dom/Document.cpp:
1018         (WebCore::Document::prepareForDestruction):
1019
1020         Take care to clear style resolver.
1021
1022 2018-01-17  Youenn Fablet  <youenn@apple.com>
1023
1024         Put fetch request keepAlive behind a runtime flag
1025         https://bugs.webkit.org/show_bug.cgi?id=181592
1026
1027         Reviewed by Chris Dumez.
1028
1029         No change of behavior.
1030
1031         * Modules/fetch/FetchRequest.idl:
1032         * page/RuntimeEnabledFeatures.h:
1033         (WebCore::RuntimeEnabledFeatures::fetchAPIKeepAliveEnabled const):
1034         (WebCore::RuntimeEnabledFeatures::setFetchAPIKeepAliveEnabled):
1035
1036 2018-01-17  Per Arne Vollan  <pvollan@apple.com>
1037
1038         [Win] Use switch when converting from ResourceRequestCachePolicy to platform cache policy.
1039         https://bugs.webkit.org/show_bug.cgi?id=181686
1040
1041         Reviewed by Alex Christensen.
1042
1043         No new tests, covered by existing tests.
1044
1045         A switch will make the function easier on the eyes. Also, use the function in places where the ResourceRequestCachePolicy
1046         is just casted to a platform cache policy.
1047
1048         * platform/network/cf/ResourceRequestCFNet.cpp:
1049         (WebCore::toPlatformRequestCachePolicy):
1050
1051 2018-01-17  John Wilander  <wilander@apple.com>
1052
1053         Resource Load Statistics: Block cookies for prevalent resources without user interaction
1054         https://bugs.webkit.org/show_bug.cgi?id=177394
1055         <rdar://problem/34613960>
1056
1057         Reviewed by Alex Christensen.
1058
1059         Tests: http/tests/resourceLoadStatistics/add-blocking-to-redirect.html
1060                http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html
1061                http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html
1062                http/tests/resourceLoadStatistics/remove-partitioning-in-redirect.html
1063
1064         * platform/network/NetworkStorageSession.h:
1065             Now exports NetworkStorageSession::nsCookieStorage().
1066         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
1067         (WebCore::NetworkStorageSession::setPrevalentDomainsToPartitionOrBlockCookies):
1068             Fixes the FIXME.
1069
1070 2018-01-17  Daniel Bates  <dabates@apple.com>
1071
1072         REGRESSION (r222795): Cardiogram never signs in
1073         https://bugs.webkit.org/show_bug.cgi?id=181693
1074         <rdar://problem/36286293>
1075
1076         Reviewed by Ryosuke Niwa.
1077
1078         Exempt Cardiogram from the XHR header restrictions in r222795.
1079
1080         Following r222795 only Dashboard widgets are allowed to set arbitrary XHR headers.
1081         However Cardiogram also depends on such functionality.
1082
1083         Test: fast/xmlhttprequest/set-dangerous-headers-from-file-when-setting-enabled.html
1084
1085         * page/Settings.yaml:
1086         * platform/RuntimeApplicationChecks.h:
1087         * platform/cocoa/RuntimeApplicationChecksCocoa.mm:
1088         (WebCore::IOSApplication::isCardiogram):
1089         * xml/XMLHttpRequest.cpp:
1090         (WebCore::XMLHttpRequest::setRequestHeader):
1091
1092 2018-01-17  Daniel Bates  <dabates@apple.com>
1093
1094         ASSERTION FAILED: !m_completionHandler in PingHandle::~PingHandle()
1095         https://bugs.webkit.org/show_bug.cgi?id=181746
1096         <rdar://problem/36586248>
1097
1098         Reviewed by Chris Dumez.
1099
1100         Call PingHandle::pingLoadComplete() with an error when NSURLConnection queries
1101         whether the ping is able to respond to an authentication request. (Pings do not
1102         respond to authenticate requests.) It will call the completion handler, nullify
1103         the completion handler, and deallocate the PingHandle. Nullifying the completion
1104         handler is necessary to avoid the assertion failure in ~PingHandle().
1105
1106         Test: http/tests/misc/before-unload-load-image.html
1107
1108         * platform/network/PingHandle.h:
1109
1110 2018-01-17  Daniel Bates  <dabates@apple.com>
1111
1112         WebCoreResourceHandleAsOperationQueueDelegate/ResourceHandleCFURLConnectionDelegateWithOperationQueue may
1113         be deleted in main thread callback
1114         https://bugs.webkit.org/show_bug.cgi?id=181747
1115         <rdar://problem/36588120>
1116
1117         Reviewed by Alex Christensen.
1118
1119         Retain the delegate (e.g. WebCoreResourceHandleAsOperationQueueDelegate) before scheduling
1120         a main thread callback and blocking on a semaphore for its reply because the main thread
1121         callback can do anything, including deleting the delegate, before the non-main thread
1122         has a chance to execute. For instance, a PingHandle will delete itself (and hence delete
1123         its resource handle delegate) in most of the code paths invoked by the delegate.
1124
1125         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
1126         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):
1127         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
1128         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse):
1129         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):
1130         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
1131         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):
1132         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
1133         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
1134         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willCacheResponse:]):
1135
1136 2018-01-17  Chris Dumez  <cdumez@apple.com>
1137
1138         'fetch' event may be sent to a service worker before its state is set to 'activated'
1139         https://bugs.webkit.org/show_bug.cgi?id=181698
1140         <rdar://problem/36554856>
1141
1142         Reviewed by Youenn Fablet.
1143
1144         'fetch' event may be sent to a service worker before its state is set to 'activated'.
1145         When the registration's active worker needs to intercept a load, and its state is 'activating',
1146         we queue the request to send the fetch event in SWServerWorker::m_whenActivatedHandlers.
1147         Once the SWServerWorker::setState() is called with 'activated' state, we then call the
1148         handlers in m_whenActivatedHandlers to make send the fetch event now that the worker is
1149         activated. The issue is that even though the worker is activated and its state was set to
1150         'activated' on Storage process side, we had not yet notified the ServiceWorker process
1151         of the service worker's new state yet.
1152
1153         To address the issue, we now make sure that SWServerWorker::m_whenActivatedHandlers are
1154         called *after* we've sent the IPC to the ServiceWorker process to update the worker's
1155         state to 'activated'. Also, we now call ServiceWorkerFetch::dispatchFetchEvent()
1156         asynchronously in a postTask() as the service worker's state is also updated asynchronously
1157         in a postTask. This is as per specification [1], which says to "queue a task" to fire
1158         the fetch event.
1159
1160         [1] https://w3c.github.io/ServiceWorker/#on-fetch-request-algorithm (step 18)
1161
1162         No new tests, covered by imported/w3c/web-platform-tests/service-workers/service-worker/fetch-waits-for-activate.https.html
1163         which hits the new assertion without the fix.
1164
1165         * workers/service/context/ServiceWorkerFetch.cpp:
1166         (WebCore::ServiceWorkerFetch::dispatchFetchEvent):
1167         Add assertions to make sure that we dispatch the fetch event on the right worker and
1168         that the worker is in 'activated' state.
1169
1170         * workers/service/context/ServiceWorkerThread.cpp:
1171         (WebCore::ServiceWorkerThread::postFetchTask):
1172         Queue a task to fire the fetch event as per:
1173         - https://w3c.github.io/ServiceWorker/#on-fetch-request-algorithm (step 18)
1174         We need to match the specification exactly here or things will happen in the wrong
1175         order. In particular, things like "update registration state" and "update worker state"
1176         might happen *after* firing the fetch event, even though the IPC for "update registration/worker
1177         state" was sent before the "fire fetch event" one, because the code for updating a registration/
1178         worker state already queues a task, as per the specification.
1179
1180         * workers/service/server/SWServerRegistration.cpp:
1181         (WebCore::SWServerRegistration::updateWorkerState):
1182         * workers/service/server/SWServerRegistration.h:
1183         * workers/service/server/SWServerWorker.cpp:
1184         (WebCore::SWServerWorker::setState):
1185         Move code to send the IPC to the Service Worker process whenever the service worker's state
1186         needs to be updated from SWServerRegistration::updateWorkerState() to SWServerWorker::setState().
1187         This way, we can make sure the IPC is sent *before* we call the m_whenActivatedHandlers handlers,
1188         as they may also send IPC to the Service Worker process, and we need to make sure this IPC happens
1189         after so that the service worker is in the right state.
1190
1191 2018-01-17  Stephan Szabo  <stephan.szabo@sony.com>
1192
1193         Page.cpp only sees forward declaration of ApplicationStateChangeListener when ENABLE(VIDEO) is off
1194         https://bugs.webkit.org/show_bug.cgi?id=181713
1195
1196         Reviewed by Darin Adler.
1197
1198         No new tests (build fix).
1199
1200         * page/Page.cpp: Add include for ApplicationStateChangeListener
1201
1202 2018-01-17  Wenson Hsieh  <wenson_hsieh@apple.com>
1203
1204         Add injected bundle SPI to replace subresource URLs when dropping or pasting rich content
1205         https://bugs.webkit.org/show_bug.cgi?id=181637
1206         <rdar://problem/36508471>
1207
1208         Reviewed by Tim Horton.
1209
1210         Before carrying out blob URL conversion for pasted or dropped rich content, let the editor client replace
1211         subresource URLs in WebKit2 by calling out to new injected bundle SPI. See comments below for more detail.
1212
1213         Tests:  WKAttachmentTests.InjectedBundleReplaceURLsWhenPastingAttributedString
1214                 WKAttachmentTests.InjectedBundleReplaceURLWhenPastingImage
1215
1216         * editing/Editor.cpp:
1217         (WebCore::Editor::clientReplacementURLForResource):
1218         * editing/Editor.h:
1219
1220         Add a new helper to call out to the editor client for a URL string to replace a given ArchiveResource. In
1221         WebKit2, this calls out to the injected bundle's new `replacementURLForResource` SPI hook.
1222
1223         * editing/cocoa/WebContentReaderCocoa.mm:
1224         (WebCore::shouldReplaceSubresourceURL):
1225         (WebCore::replaceRichContentWithAttachments):
1226         (WebCore::replaceSubresourceURLsWithURLsFromClient):
1227
1228         Add a new static helper to replace subresource URLs in the given DocumentFragment with URLs supplied by the
1229         editor client. Additionally builds a list of ArchiveResources that have not been replaced, for use at call sites
1230         so that we don't unnecessarily create more Blobs for ArchiveResources that have already been replaced.
1231
1232         (WebCore::createFragmentAndAddResources):
1233         (WebCore::sanitizeMarkupWithArchive):
1234
1235         Tweak web content reading codepaths to first replace subresource URLs with editor-client-supplied URLs.
1236
1237         (WebCore::WebContentReader::readImage):
1238         (WebCore::shouldConvertToBlob): Deleted.
1239
1240         Rename this helper to shouldReplaceSubresourceURL, blob URL replacement is no longer the only scenario in which
1241         we replace resource URLs, but in both cases, we still want to ignore `http:`-family and `data:` URLs.
1242
1243         * loader/EmptyClients.cpp:
1244         * page/EditorClient.h:
1245
1246 2018-01-17  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1247         [EME][GStreamer] Add the full-sample encryption support in the GStreamer ClearKey decryptor
1248         https://bugs.webkit.org/show_bug.cgi?id=180080
1249
1250         Reviewed by Xabier Rodriguez-Calvar.
1251
1252         Currently the GStreamer clearKey decryptor doesn't support the full-sample encryption,
1253         where the buffer is entirely encrypted, it supports only the sub-sample encryption.
1254
1255         Test: media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
1256
1257         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1258         (webKitMediaClearKeyDecryptorDecrypt):
1259
1260 2018-01-17  Zan Dobersek  <zdobersek@igalia.com>
1261
1262         Unreviewed follow-up to r227051.
1263
1264         * platform/graphics/cairo/CairoOperations.h: Fix declaration of the
1265         fillRoundedRect() function by removing the bool parameter that's not
1266         used at all in the definition. This went unspotted due to the unified
1267         source build including the implementation file before fillRoundedRect()
1268         usage in GrapihcsContextCairo.cpp, leaving the declaration undefined
1269         and instead using the definition directly.
1270
1271 2018-01-17  Zan Dobersek  <zdobersek@igalia.com>
1272
1273         [Cairo] Don't mirror global alpha and image interpolation quality state values in PlatformContextCairo
1274         https://bugs.webkit.org/show_bug.cgi?id=181725
1275
1276         Reviewed by Carlos Garcia Campos.
1277
1278         Don't duplicate global alpha and image interpolation quality state
1279         values on the PlatformContextCairo. Instead, retrieve them from
1280         the managing GraphicsContextState when necessary.
1281
1282         For Cairo operations, the FillSource and StrokeSource containers now
1283         store the global alpha value, using it during the operation executions.
1284         For drawNativeImage(), the global alpha and interpolation quality values
1285         are passed through arguments.
1286
1287         In PlatformContextCairo, the two values are no longer stored on the
1288         internally-managed stack, and the getter-setter pairs for the two values
1289         are removed. In drawSurfaceToContext(), the two values are now expected
1290         to be passed through the method arguments.
1291
1292         No new tests -- no change in behavior.
1293
1294         * platform/graphics/cairo/CairoOperations.cpp:
1295         (WebCore::Cairo::prepareForFilling):
1296         (WebCore::Cairo::prepareForStroking):
1297         (WebCore::Cairo::drawPathShadow):
1298         (WebCore::Cairo::fillCurrentCairoPath):
1299         (WebCore::Cairo::FillSource::FillSource):
1300         (WebCore::Cairo::StrokeSource::StrokeSource):
1301         (WebCore::Cairo::strokeRect):
1302         (WebCore::Cairo::strokePath):
1303         (WebCore::Cairo::drawGlyphs):
1304         (WebCore::Cairo::drawNativeImage):
1305         (WebCore::Cairo::State::setGlobalAlpha): Deleted.
1306         (WebCore::Cairo::State::setImageInterpolationQuality): Deleted.
1307         * platform/graphics/cairo/CairoOperations.h:
1308         * platform/graphics/cairo/GraphicsContextCairo.cpp:
1309         (WebCore::GraphicsContext::drawNativeImage):
1310         (WebCore::GraphicsContext::setPlatformAlpha):
1311         (WebCore::GraphicsContext::setPlatformImageInterpolationQuality):
1312         * platform/graphics/cairo/PlatformContextCairo.cpp:
1313         (WebCore::PlatformContextCairo::save):
1314         (WebCore::PlatformContextCairo::drawSurfaceToContext):
1315         (WebCore::PlatformContextCairo::State::State): Deleted.
1316         (WebCore::PlatformContextCairo::setImageInterpolationQuality): Deleted.
1317         (WebCore::PlatformContextCairo::imageInterpolationQuality const): Deleted.
1318         (WebCore::PlatformContextCairo::globalAlpha const): Deleted.
1319         (WebCore::PlatformContextCairo::setGlobalAlpha): Deleted.
1320         * platform/graphics/cairo/PlatformContextCairo.h:
1321         * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
1322         (WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame):
1323
1324 2018-01-17  Philippe Normand  <pnormand@igalia.com>
1325
1326         REGRESSION(r226973/r226974): Four multimedia tests failing
1327         https://bugs.webkit.org/show_bug.cgi?id=181696
1328
1329         Reviewed by Carlos Garcia Campos.
1330
1331         This patch reverts some of the changes of the above revisions so as to fix layout test failures.
1332
1333         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1334         (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Properly
1335         prepare stalled event when an error was detected.
1336         (WebCore::MediaPlayerPrivateGStreamer::processBufferingStats): Revert to previous version.
1337         (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired): Ditto.
1338         (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const):
1339         Emit progress event also when streaming but not when an error was
1340         detected.
1341         (WebCore::MediaPlayerPrivateGStreamer::totalBytes const): use isLiveStream like everywhere else.
1342         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
1343         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1344         (webkit_web_src_init): Revert to keep-alive FALSE by default.
1345
1346 2018-01-17  Zan Dobersek  <zdobersek@igalia.com>
1347
1348         [Cairo] Move prepareForFilling(), prepareForStroking() code to CairoOperations
1349         https://bugs.webkit.org/show_bug.cgi?id=181721
1350
1351         Reviewed by Carlos Garcia Campos.
1352
1353         Move the prepareForFilling() and prepareForStroking() code off of the
1354         PlatformContextCairo class and into static functions inside the
1355         CairoOperations implementation files. The original methods weren't
1356         called from any place other than the Cairo operations, and they only
1357         operated with the cairo_t object that's stored in and retrievable from
1358         the PlatformContextCairo object.
1359
1360         No new tests -- no change in behavior.
1361
1362         * platform/graphics/cairo/CairoOperations.cpp:
1363         (WebCore::Cairo::reduceSourceByAlpha):
1364         (WebCore::Cairo::prepareCairoContextSource):
1365         (WebCore::Cairo::clipForPatternFilling):
1366         (WebCore::Cairo::prepareForFilling):
1367         (WebCore::Cairo::prepareForStroking):
1368         (WebCore::Cairo::drawPathShadow):
1369         (WebCore::Cairo::fillCurrentCairoPath):
1370         (WebCore::Cairo::strokeRect):
1371         (WebCore::Cairo::strokePath):
1372         (WebCore::Cairo::drawGlyphs):
1373         * platform/graphics/cairo/PlatformContextCairo.cpp:
1374         (WebCore::reduceSourceByAlpha): Deleted.
1375         (WebCore::prepareCairoContextSource): Deleted.
1376         (WebCore::PlatformContextCairo::prepareForFilling): Deleted.
1377         (WebCore::PlatformContextCairo::prepareForStroking): Deleted.
1378         (WebCore::PlatformContextCairo::clipForPatternFilling): Deleted.
1379         * platform/graphics/cairo/PlatformContextCairo.h:
1380
1381 2018-01-17  Zan Dobersek  <zdobersek@igalia.com>
1382
1383         [Cairo] Use one-time ShadowBlur objects when performing shadowing
1384         https://bugs.webkit.org/show_bug.cgi?id=181720
1385
1386         Reviewed by Carlos Garcia Campos.
1387
1388         Don't maintain a ShadowBlur object in the PlatformContextCairo class.
1389         Instead, use temporary ShadowBlur objects whenever shadowing is needed,
1390         providing all the shadow state information to it and drawing shadow into
1391         the given GraphicsContext object.
1392
1393         ShadowBlur constructors are cleaned up. The 'shadows ignored' argument
1394         can now also be provided to the variant that accepts explicit shadow
1395         attributes, but the argument is false by default.
1396
1397         In CairoOperations, the ShadowBlurUsage functionality is rolled into the
1398         new ShadowState class. ShadowState parameter is now used for operations
1399         that might need to perform shadow painting. Call sites are modified
1400         accordingly.
1401
1402         Cairo::State::setShadowValues() and Cairo::State::clearShadow() are
1403         removed, since the ShadowBlur object that was modified through those is
1404         being removed from the PlatformContextCairo class. We still have to flip
1405         the Y-axis of the shadow offset in GraphicsContext::setPlatformShadow()
1406         when shadows are ignoring transformations.
1407
1408         No new tests -- no change in behavior.
1409
1410         * platform/graphics/ShadowBlur.cpp:
1411         (WebCore::ShadowBlur::ShadowBlur):
1412         * platform/graphics/ShadowBlur.h:
1413         * platform/graphics/cairo/CairoOperations.cpp:
1414         (WebCore::Cairo::drawPathShadow):
1415         (WebCore::Cairo::drawGlyphsShadow):
1416         (WebCore::Cairo::ShadowState::ShadowState):
1417         (WebCore::Cairo::ShadowState::isVisible const):
1418         (WebCore::Cairo::ShadowState::isRequired const):
1419         (WebCore::Cairo::fillRect):
1420         (WebCore::Cairo::fillRoundedRect):
1421         (WebCore::Cairo::fillRectWithRoundedHole):
1422         (WebCore::Cairo::fillPath):
1423         (WebCore::Cairo::strokeRect):
1424         (WebCore::Cairo::strokePath):
1425         (WebCore::Cairo::drawGlyphs):
1426         (WebCore::Cairo::drawNativeImage):
1427         (WebCore::Cairo::State::setShadowValues): Deleted.
1428         (WebCore::Cairo::State::clearShadow): Deleted.
1429         (WebCore::Cairo::ShadowBlurUsage::ShadowBlurUsage): Deleted.
1430         (WebCore::Cairo::ShadowBlurUsage::required const): Deleted.
1431         * platform/graphics/cairo/CairoOperations.h:
1432         * platform/graphics/cairo/FontCairo.cpp:
1433         (WebCore::FontCascade::drawGlyphs):
1434         * platform/graphics/cairo/GraphicsContextCairo.cpp:
1435         (WebCore::GraphicsContext::restorePlatformState):
1436         (WebCore::GraphicsContext::drawNativeImage):
1437         (WebCore::GraphicsContext::fillPath):
1438         (WebCore::GraphicsContext::strokePath):
1439         (WebCore::GraphicsContext::fillRect):
1440         (WebCore::GraphicsContext::setPlatformShadow):
1441         (WebCore::GraphicsContext::clearPlatformShadow):
1442         (WebCore::GraphicsContext::strokeRect):
1443         (WebCore::GraphicsContext::platformFillRoundedRect):
1444         (WebCore::GraphicsContext::fillRectWithRoundedHole):
1445         * platform/graphics/cairo/PlatformContextCairo.cpp:
1446         (WebCore::PlatformContextCairo::drawSurfaceToContext):
1447         * platform/graphics/cairo/PlatformContextCairo.h:
1448         (WebCore::PlatformContextCairo::shadowBlur): Deleted.
1449         * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
1450         (WebCore::MediaPlayerPrivateMediaFoundation::Direct3DPresenter::paintCurrentFrame):
1451
1452 2018-01-17  Zan Dobersek  <zdobersek@igalia.com>
1453
1454         CanvasImageData: createImageData() parameter should not be nullable
1455         https://bugs.webkit.org/show_bug.cgi?id=181670
1456
1457         Reviewed by Sam Weinig.
1458
1459         createImageData() method on the CanvasImageData interface should not
1460         treat the ImageData parameter as nullable, but should instead reject any
1461         null values with a TypeError, as demanded by the specification.
1462
1463         No new tests -- current tests covering createImageData(null) are updated
1464         to properly cover new behavior of throwing a TypeError exception.
1465
1466         * html/canvas/CanvasImageData.idl:
1467         * html/canvas/CanvasRenderingContext2DBase.cpp:
1468         (WebCore::CanvasRenderingContext2DBase::createImageData const):
1469         * html/canvas/CanvasRenderingContext2DBase.h:
1470
1471 2018-01-16  Fujii Hironori  <Hironori.Fujii@sony.com>
1472
1473         [CMake] Remove WebCoreDerivedSources library target
1474         https://bugs.webkit.org/show_bug.cgi?id=181664
1475
1476         Reviewed by Carlos Garcia Campos.
1477
1478         After unified source build has been introduced, CMake Visual
1479         Studio build suffers complicated unnecessary recompilation issues
1480         because Visual Studio invokes scripts twice in both WebCore and
1481         WebCoreDerivedSources projects (Bug 181117).
1482
1483         WebCoreDerivedSources library has been introduced in r198766 to
1484         avoid command line length limit of CMake Ninja build on macOS.
1485         Fortunately, unified source build has reduced the number of source
1486         files to compile, WebCore doesn't need to be split anymore.
1487
1488         No new tests (No behavior change)
1489
1490         * CMakeLists.txt: Replaced WebCore_DERIVED_SOURCES with WebCore_SOURCES. Removed WebCoreDerivedSources library target.
1491         Do not compile each JavaScript Builtins.cpp files because the unified source WebCoreJSBuiltins.cpp is already included.
1492         * PlatformGTK.cmake: Replaced WebCore_DERIVED_SOURCES with WebCore_SOURCES.
1493         * PlatformWin.cmake: Ditto.
1494
1495 2018-01-16  Simon Fraser  <simon.fraser@apple.com>
1496
1497         Can't scroll iframe after toggling it to display:none and back
1498         https://bugs.webkit.org/show_bug.cgi?id=181708
1499         rdar://problem/13234778
1500
1501         Reviewed by Tim Horton.
1502
1503         Nothing updated the FrameView's set of scrollable areas when a subframe came back from display:none.
1504         Mirror the existing virtual removeChild() by making addChild() virtual, and using it to mark
1505         the FrameView's scrollable area set as dirty.
1506
1507         Test: tiled-drawing/scrolling/non-fast-region/non-fast-scrollable-region-hide-show-iframe.html
1508
1509         * page/FrameView.cpp:
1510         (WebCore::FrameView::addChild):
1511         * page/FrameView.h:
1512         * platform/ScrollView.h:
1513
1514 2018-01-16  Chris Dumez  <cdumez@apple.com>
1515
1516         SWServerWorker::m_contextConnectionIdentifier may get out of date
1517         https://bugs.webkit.org/show_bug.cgi?id=181687
1518         <rdar://problem/36548111>
1519
1520         Reviewed by Brady Eidson.
1521
1522         SWServerWorker::m_contextConnectionIdentifier may get out of date. This happens when the
1523         context process crashes and is relaunched.
1524
1525         No new tests, added assertion in terminateWorkerInternal() that hits without this fix.
1526
1527         * workers/service/server/SWServer.cpp:
1528         (WebCore::SWServer::runServiceWorker):
1529         (WebCore::SWServer::terminateWorkerInternal):
1530         (WebCore::SWServer::unregisterServiceWorkerClient):
1531         * workers/service/server/SWServerWorker.h:
1532         (WebCore::SWServerWorker::setContextConnectionIdentifier):
1533
1534 2018-01-16  Jer Noble  <jer.noble@apple.com>
1535
1536         Reset MediaSourcePrivateAVFObjC's m_sourceBufferWithSelectedVideo when the underlying SourceBufferPrivate is removed.
1537         https://bugs.webkit.org/show_bug.cgi?id=181707
1538         <rdar://problem/34809474>
1539
1540         Reviewed by Eric Carlson.
1541
1542         Test: media/media-source/media-source-remove-unload-crash.html
1543
1544         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
1545         (WebCore::MediaSourcePrivateAVFObjC::removeSourceBuffer):
1546
1547 2018-01-12  Jiewen Tan  <jiewen_tan@apple.com>
1548
1549         [WebAuthN] Implement dummy WebAuthN IDLs
1550         https://bugs.webkit.org/show_bug.cgi?id=181627
1551         <rdar://problem/36459864>
1552
1553         Reviewed by Alex Christensen.
1554
1555         This patch implements dummy WebAuthN IDLs and connect them with Credential Management as well.
1556         All implementations in this patch are subject to change when real implementations land. The
1557         purpose here on the other hand is to have IDLs, bindings and implementations connected. This
1558         patch should handle all IDLs that we need.
1559
1560         No tests.
1561
1562         * CMakeLists.txt:
1563         * DerivedSources.make:
1564         * Modules/credentialmanagement/CredentialCreationOptions.h:
1565         * Modules/credentialmanagement/CredentialCreationOptions.idl:
1566         * Modules/credentialmanagement/CredentialRequestOptions.h:
1567         * Modules/credentialmanagement/CredentialRequestOptions.idl:
1568         * Modules/webauthn/AuthenticatorAssertionResponse.cpp: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.cpp.
1569         (WebCore::AuthenticatorAssertionResponse::AuthenticatorAssertionResponse):
1570         (WebCore::AuthenticatorAssertionResponse::~AuthenticatorAssertionResponse):
1571         (WebCore::AuthenticatorAssertionResponse::authenticatorData):
1572         (WebCore::AuthenticatorAssertionResponse::signature):
1573         (WebCore::AuthenticatorAssertionResponse::userHandle):
1574         * Modules/webauthn/AuthenticatorAssertionResponse.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
1575         * Modules/webauthn/AuthenticatorAssertionResponse.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
1576         * Modules/webauthn/AuthenticatorAttestationResponse.cpp: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
1577         (WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse):
1578         (WebCore::AuthenticatorAttestationResponse::~AuthenticatorAttestationResponse):
1579         (WebCore::AuthenticatorAttestationResponse::attestationObject):
1580         * Modules/webauthn/AuthenticatorAttestationResponse.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
1581         * Modules/webauthn/AuthenticatorAttestationResponse.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
1582         * Modules/webauthn/AuthenticatorResponse.cpp: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
1583         (WebCore::AuthenticatorResponse::AuthenticatorResponse):
1584         (WebCore::AuthenticatorResponse::~AuthenticatorResponse):
1585         (WebCore::AuthenticatorResponse::clientDataJSON):
1586         * Modules/webauthn/AuthenticatorResponse.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
1587         * Modules/webauthn/AuthenticatorResponse.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
1588         * Modules/webauthn/PublicKeyCredential.cpp:
1589         (WebCore::PublicKeyCredential::rawId):
1590         (WebCore::PublicKeyCredential::response):
1591         (WebCore::PublicKeyCredential::getClientExtensionResults):
1592         (WebCore::PublicKeyCredential::isUserVerifyingPlatformAuthenticatorAvailable):
1593         * Modules/webauthn/PublicKeyCredential.h:
1594         * Modules/webauthn/PublicKeyCredential.idl:
1595         * Modules/webauthn/PublicKeyCredentialCreationOptions.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
1596         * Modules/webauthn/PublicKeyCredentialCreationOptions.idl: Added.
1597         * Modules/webauthn/PublicKeyCredentialDescriptor.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
1598         * Modules/webauthn/PublicKeyCredentialDescriptor.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
1599         * Modules/webauthn/PublicKeyCredentialRequestOptions.h: Copied from Source/WebCore/Modules/credentialmanagement/CredentialCreationOptions.h.
1600         * Modules/webauthn/PublicKeyCredentialRequestOptions.idl: Copied from Source/WebCore/Modules/credentialmanagement/CredentialRequestOptions.h.
1601         * Modules/webauthn/PublicKeyCredentialType.h: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
1602         * Modules/webauthn/PublicKeyCredentialType.idl: Copied from Source/WebCore/Modules/webauthn/PublicKeyCredential.idl.
1603         * Sources.txt:
1604         * WebCore.xcodeproj/project.pbxproj:
1605         * bindings/js/WebCoreBuiltinNames.h:
1606
1607 2018-01-16  Zalan Bujtas  <zalan@apple.com>
1608
1609         AX: Do not trigger layout in updateBackingStore() unless it is safe to do so
1610         https://bugs.webkit.org/show_bug.cgi?id=181703
1611         <rdar://problem/36365706>
1612
1613         Reviewed by Ryosuke Niwa.
1614
1615         Document::isSafeToUpdateStyleOrLayout() can tell whether it is safe to run layout.
1616
1617         Unable to create test with WebInspector involved. 
1618
1619         * accessibility/AccessibilityObject.cpp:
1620         (WebCore::AccessibilityObject::updateBackingStore):
1621         * dom/Document.cpp:
1622         (WebCore::Document::isSafeToUpdateStyleOrLayout const):
1623         (WebCore::Document::updateStyleIfNeeded):
1624         (WebCore::Document::updateLayout):
1625         (WebCore::isSafeToUpdateStyleOrLayout): Deleted.
1626         * dom/Document.h:
1627
1628 2018-01-16  Ryan Haddad  <ryanhaddad@apple.com>
1629
1630         Unreviewed, rolling out r226962.
1631
1632         The LayoutTest added with this change is a flaky timeout.
1633
1634         Reverted changeset:
1635
1636         "Support for preconnect Link headers"
1637         https://bugs.webkit.org/show_bug.cgi?id=181657
1638         https://trac.webkit.org/changeset/226962
1639
1640 2018-01-16  Simon Fraser  <simon.fraser@apple.com>
1641
1642         Text looks bad on some CSS spec pages
1643         https://bugs.webkit.org/show_bug.cgi?id=181700
1644         rdar://problem/36552107
1645
1646         Reviewed by Tim Horton.
1647
1648         When making new tiles in a TileController, we failed to set their "supports antialiased layer text"
1649         setting, so tile caches could end up with a mixture of layers that do and do not support
1650         antialiased layer text.
1651
1652         No tests because the tiled drawing tests don't dump out tiles inside of tile caches.
1653
1654         * platform/graphics/ca/TileController.cpp:
1655         (WebCore::TileController::createTileLayer):
1656
1657 2018-01-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1658
1659         REGRESSION(r221292): svg/animations/animateTransform-pattern-transform.html crashes with security assertion
1660         https://bugs.webkit.org/show_bug.cgi?id=179986
1661
1662         Reviewed by Simon Fraser.
1663
1664         This patch reverts all or parts of the following changes-sets
1665             <http://trac.webkit.org/changeset/221292>
1666             <http://trac.webkit.org/changeset/197967>
1667             <http://trac.webkit.org/changeset/196670>
1668
1669         A JS statement like this:
1670             var item = text.x.animVal.getItem(0);
1671
1672         Creates the following C++ objects:
1673             SVGAnimatedListPropertyTearOff<SVGLengthListValues> for 'text.x'
1674             SVGListPropertyTearOff<SVGLengthListValues> for 'text.x.animVal'
1675             SVGPropertyTearOff<SVGLengthValue> for 'text.x.animVal.getItem(0)'
1676
1677         If 'item' changes, the attribute 'x' of the element '<text>' will change
1678         as well. But this binding works only in one direction. If the attribute
1679         'x' of the element '<text>' changes, e.g.:
1680
1681             text.setAttribute('x', '10,20,30');
1682
1683         This will detach 'item' from the element <text> and any further changes 
1684         in 'item' won't affect the attribute 'x' of element <text>.
1685
1686         The one direction binding can only work if this chain of tear-off objects
1687         is kept connected. This is implemented by RefCounted back pointers from
1688         SVGPropertyTearOff and SVGListPropertyTearOff to SVGAnimatedListPropertyTearOff.
1689
1690         The security crashes and the memory leaks are happening because of the
1691         raw forward pointers:
1692             -- SVGAnimatedListPropertyTearOff maintains raw pointers of type
1693                SVGListPropertyTearOff for m_baseVal and m_animVal
1694             -- The m_wrappers and m_animatedWrappers of SVGAnimatedListPropertyTearOff
1695                are vectors of raw pointer Vector<SVGLength*>
1696
1697         To control the life cycle of the raw pointers, SVGListPropertyTearOff and
1698         SVGPropertyTearOff call SVGAnimatedListPropertyTearOff::propertyWillBeDeleted()
1699         to notify it they are going to be deleted. In propertyWillBeDeleted(), we
1700         clear the pointers so they are not used after being freed. This mechanism
1701         has been error-prone and we've never got it 100% right.
1702
1703         The solution we need to adopt with SVG tear-off objects is the following:
1704             -- All the forward pointers should be weak pointers.
1705             -- All the back pointers should be ref pointers.
1706
1707         This solution may not look intuitive but it solves the bugs and keeps the
1708         one direction binding. The forward weak pointers allows the tear-off
1709         objects to go aways if no reference from JS exists. The back ref pointers
1710         maintains the chain of objects and guarantees the correct binding.
1711
1712         * svg/SVGPathSegList.h:
1713         * svg/SVGTransformList.h:
1714         * svg/properties/SVGAnimatedListPropertyTearOff.h:
1715         (WebCore::SVGAnimatedListPropertyTearOff::baseVal):
1716         (WebCore::SVGAnimatedListPropertyTearOff::animVal):
1717         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
1718         * svg/properties/SVGAnimatedProperty.h:
1719         (WebCore::SVGAnimatedProperty::isAnimatedListTearOff const):
1720         (WebCore::SVGAnimatedProperty::propertyWillBeDeleted): Deleted.
1721         * svg/properties/SVGAnimatedPropertyTearOff.h:
1722         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
1723         * svg/properties/SVGListProperty.h:
1724         (WebCore::SVGListProperty::initializeValuesAndWrappers):
1725         (WebCore::SVGListProperty::getItemValuesAndWrappers):
1726         (WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
1727         (WebCore::SVGListProperty::replaceItemValuesAndWrappers):
1728         (WebCore::SVGListProperty::removeItemValuesAndWrappers):
1729         (WebCore::SVGListProperty::appendItemValuesAndWrappers):
1730         (WebCore::SVGListProperty::createWeakPtr const):
1731         * svg/properties/SVGListPropertyTearOff.h:
1732         (WebCore::SVGListPropertyTearOff::removeItemFromList):
1733         (WebCore::SVGListPropertyTearOff::~SVGListPropertyTearOff): Deleted.
1734         * svg/properties/SVGPropertyTearOff.h:
1735         (WebCore::SVGPropertyTearOff::createWeakPtr const):
1736         (WebCore::SVGPropertyTearOff::~SVGPropertyTearOff):
1737
1738 2018-01-16  Eric Carlson  <eric.carlson@apple.com>
1739
1740         AVSampleBufferDisplayLayer should be flushed when application activates
1741         https://bugs.webkit.org/show_bug.cgi?id=181623
1742         <rdar://problem/36487738>
1743
1744         Reviewed by Darin Adler.
1745
1746         No new tests, I wasn't able to reproduce it in a test.
1747
1748         * WebCore.xcodeproj/project.pbxproj:
1749         * dom/Document.cpp:
1750         (WebCore::Document::addApplicationStateChangeListener): New.
1751         (WebCore::Document::removeApplicationStateChangeListener): Ditto.
1752         (WebCore::Document::forEachApplicationStateChangeListener): Ditto.
1753         * dom/Document.h:
1754
1755         * html/HTMLMediaElement.cpp:
1756         (WebCore::HTMLMediaElement::registerWithDocument): Register for application state changes.
1757         (WebCore::HTMLMediaElement::unregisterWithDocument): Unregister.
1758         (WebCore::HTMLMediaElement::applicationWillResignActive): Pass through to the player.
1759         (WebCore::HTMLMediaElement::applicationDidBecomeActive): Ditto.
1760         * html/HTMLMediaElement.h:
1761
1762         * page/ApplicationStateChangeListener.h: Added.
1763         (WebCore::ApplicationStateChangeListener::applicationWillResignActive):
1764         (WebCore::ApplicationStateChangeListener::applicationDidBecomeActive):
1765         * page/Page.cpp:
1766         (WebCore::Page::forEachDocument):
1767         (WebCore::Page::applicationWillResignActive):
1768         (WebCore::Page::applicationDidEnterBackground):
1769         (WebCore::Page::applicationWillEnterForeground):
1770         (WebCore::Page::applicationDidBecomeActive):
1771         * page/Page.h:
1772         * platform/graphics/MediaPlayer.cpp:
1773         (WebCore::MediaPlayer::applicationWillResignActive):
1774         (WebCore::MediaPlayer::applicationDidBecomeActive):
1775         * platform/graphics/MediaPlayer.h:
1776         * platform/graphics/MediaPlayerPrivate.h:
1777         (WebCore::MediaPlayerPrivateInterface::applicationWillResignActive):
1778         (WebCore::MediaPlayerPrivateInterface::applicationDidBecomeActive):
1779
1780         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
1781         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
1782         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): Switch
1783         to release logging.
1784         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Ditto.
1785         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueCorrectedVideoSample): Split out of enqueueVideoSample.
1786         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample): Move code that updates
1787         the display later to enqueueCorrectedVideoSample. Rearrange logic to the image painter sample
1788         buffer has the correct timestamp.
1789         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::layerErrorDidChange): Switch to release logging.
1790         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::layerStatusDidChange): Ditto.
1791         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::applicationDidBecomeActive): f the display
1792         layer is in the "failed" state, flush the renderer and update the display mode.
1793         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers): Switch to release logging.
1794         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Ditto.
1795         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::cancelLoad): Ditto.
1796         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::prepareToPlay): Ditto.
1797         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Ditto.
1798         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::play): Ditto.
1799         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::pause): Ditto.
1800         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVolume): Ditto.
1801         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setMuted): Ditto.
1802         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateReadyState) Ditto.:
1803         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::logChannel const): Ditto.
1804         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateSampleTimes): Deleted.
1805
1806 2018-01-16  Michael Catanzaro  <mcatanzaro@igalia.com>
1807
1808         PAL should link to JavaScriptCore rather than WTF
1809         https://bugs.webkit.org/show_bug.cgi?id=181683
1810
1811         Reviewed by Konstantin Tokarev.
1812
1813         Do not link directly to JavaScriptCore. Get it via PAL.
1814
1815         * CMakeLists.txt:
1816
1817 2018-01-16  Zach Li  <zachli@apple.com>
1818
1819         Add pop-up policy support in website policies.
1820         https://bugs.webkit.org/show_bug.cgi?id=181544.
1821         rdar://problem/30521400.
1822
1823         Reviewed by Alex Christensen.
1824
1825         * loader/DocumentLoader.h:
1826         Introduce pop-up policy getter and setter. Initialize
1827         the policy as Default.
1828         (WebCore::DocumentLoader::popUpPolicy const):
1829         (WebCore::DocumentLoader::setPopUpPolicy):
1830         * page/DOMWindow.cpp:
1831         (WebCore::DOMWindow::allowPopUp):
1832         Pop-up policy specified on a per-page basis holds
1833         precedence over the global policy. If no pop-up policy
1834         is specified during navigation, global policy is used.
1835
1836 2018-01-16  Jer Noble  <jer.noble@apple.com>
1837
1838         Crash playing audio-only HLS stream via hls.js (MSE)
1839         https://bugs.webkit.org/show_bug.cgi?id=181691
1840         <rdar://problem/32967295>
1841
1842         Reviewed by Eric Carlson.
1843
1844         Add a weak-link check to the block called by -[AVSampleBufferDisplayLayer requestMediaDataWhenReadyOnQueue:usingBlock:].
1845
1846         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1847         (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
1848         (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples):
1849         (WebCore::SourceBufferPrivateAVFObjC::setVideoLayer):
1850
1851 2018-01-16  Simon Fraser  <simon.fraser@apple.com>
1852
1853         Rename applyHorizontalScale/applyVerticalScale in SVG filters, and related cleanup
1854         https://bugs.webkit.org/show_bug.cgi?id=181684
1855
1856         Reviewed by Alex Christensen.
1857
1858         Rename the confusing applyHorizontalScale/applyVerticalScale to scaledByFilterResolution(),
1859         and have it take and return a FloatSize. Change callers to do math in terms of FloatSizes.
1860
1861         Add inflate(size) to each of the rect classes.
1862
1863         * platform/graphics/FloatRect.h:
1864         (WebCore::FloatRect::inflate):
1865         * platform/graphics/IntRect.h:
1866         (WebCore::IntRect::inflate):
1867         * platform/graphics/LayoutRect.h:
1868         (WebCore::LayoutRect::inflate):
1869         * platform/graphics/filters/FEDisplacementMap.cpp:
1870         (WebCore::FEDisplacementMap::platformApplySoftware):
1871         * platform/graphics/filters/FEDropShadow.cpp:
1872         (WebCore::FEDropShadow::determineAbsolutePaintRect):
1873         (WebCore::FEDropShadow::platformApplySoftware):
1874         * platform/graphics/filters/FEGaussianBlur.cpp:
1875         (WebCore::FEGaussianBlur::calculateUnscaledKernelSize):
1876         (WebCore::FEGaussianBlur::calculateKernelSize):
1877         (WebCore::FEGaussianBlur::determineAbsolutePaintRect):
1878         (WebCore::FEGaussianBlur::platformApplySoftware):
1879         * platform/graphics/filters/FEGaussianBlur.h:
1880         * platform/graphics/filters/FEMorphology.cpp:
1881         (WebCore::FEMorphology::determineAbsolutePaintRect):
1882         (WebCore::FEMorphology::platformApplySoftware):
1883         * platform/graphics/filters/FEOffset.cpp:
1884         (WebCore::FEOffset::determineAbsolutePaintRect):
1885         (WebCore::FEOffset::platformApplySoftware):
1886         * platform/graphics/filters/Filter.h:
1887         (WebCore::Filter::setSourceImage):
1888         (WebCore::Filter::scaledByFilterResolution const):
1889         (WebCore::Filter::applyHorizontalScale const): Deleted.
1890         (WebCore::Filter::applyVerticalScale const): Deleted.
1891         * platform/graphics/filters/FilterOperations.cpp:
1892         (WebCore::outsetSizeForBlur):
1893         * rendering/FilterEffectRenderer.h:
1894         * svg/graphics/filters/SVGFilter.cpp:
1895         (WebCore::SVGFilter::scaledByFilterResolution const):
1896         (WebCore::SVGFilter::applyHorizontalScale const): Deleted.
1897         (WebCore::SVGFilter::applyVerticalScale const): Deleted.
1898         * svg/graphics/filters/SVGFilter.h:
1899
1900 2018-01-16  Fujii Hironori  <Hironori.Fujii@sony.com>
1901
1902         [CMake][Mac] Fix the build errors
1903         https://bugs.webkit.org/show_bug.cgi?id=181665
1904
1905         Reviewed by Alex Christensen.
1906
1907         No new tests (No behavior change)
1908
1909         * CMakeLists.txt: Added Modules/paymentrequest/MerchantValidationEvent.idl to compile.
1910         * PlatformMac.cmake: Added Modules/paymentrequest/MerchantValidationEvent.cpp to compile.
1911         Added workers/service/context and Modules/applicationmanifest as forwarding header paths.
1912
1913 2018-01-16  Wenson Hsieh  <wenson_hsieh@apple.com>
1914
1915         [Attachment Support] Provide the `src` of an attachment to the UI delegate when an attachment is inserted
1916         https://bugs.webkit.org/show_bug.cgi?id=181638
1917         <rdar://problem/36508702>
1918
1919         Reviewed by Dan Bernstein.
1920
1921         Adjust the `didInsertAttachment` codepath to additionally propagate the attachment element's `src`.
1922         Additionally, fix an issue with insertion and removal client notifications wherein the client can receive
1923         insertion calls without corresponding removal calls, or vice versa. This is an existing issue, but matters more
1924         now because we actually need to access the attachment element for its `src` when propagating changes to the
1925         client. See below for details.
1926
1927         Test: WKAttachmentTests.AttachmentUpdatesWhenInsertingRichMarkup
1928
1929         * dom/Document.h:
1930         (WebCore::Document::attachmentElementsByIdentifier const):
1931         * editing/Editor.cpp:
1932         (WebCore::Editor::notifyClientOfAttachmentUpdates):
1933         * page/EditorClient.h:
1934         (WebCore::EditorClient::didInsertAttachment):
1935         * page/Frame.cpp:
1936         (WebCore::Frame::setDocument):
1937
1938         When a Frame's document changes, inform the client that the attachments in the previous document are going away.
1939         For each attachment currently connected to the document, we have either (1) already informed the client that it
1940         was inserted, or (2) the attachment is pending an insertion call to the client. If (1) is the case, then we'll
1941         tell the client that the attachment is removed, which will balance out the earlier insertion call. If (2) is the
1942         case, then we'll remove the previously inserted attachment identifier from the set of attachment identifiers
1943         pending insertion, and the client won't be informed of insertions or removals.
1944
1945 2018-01-16  Antoine Quint  <graouts@apple.com>
1946
1947         Use traits for animation timing functions
1948         https://bugs.webkit.org/show_bug.cgi?id=181651
1949
1950         Reviewed by Dean Jackson.
1951
1952         Cleaning up Dean's previous patch as suggested by Darin's post-commit review comments. The
1953         downcast function can match const automatically and it's a better style to put the * inside
1954         the downcast call rather than outside.
1955
1956         * css/CSSComputedStyleDeclaration.cpp:
1957         (WebCore::createTimingFunctionValue):
1958         * platform/animation/TimingFunction.cpp:
1959         (WebCore::operator<<):
1960         (WebCore::TimingFunction::transformTime const):
1961         * platform/animation/TimingFunction.h:
1962         * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
1963         (WebCore::toCAMediaTimingFunction):
1964
1965 2018-01-16  Philippe Normand  <pnormand@igalia.com>
1966
1967         [GStreamer] Live streaming cleanups
1968         https://bugs.webkit.org/show_bug.cgi?id=181672
1969
1970         Reviewed by Michael Catanzaro.
1971
1972         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1973         (WebCore::MediaPlayerPrivateGStreamer::handleMessage): Switch to
1974         streaming code path when no content-length was reported by the
1975         http source element.
1976         (WebCore::MediaPlayerPrivateGStreamer::totalBytes const): Return early when streaming.
1977         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1978         (CachedResourceStreamingClient::responseReceived): Emit headers as
1979         an element message, like souphttpsrc.
1980
1981 2018-01-15  Philippe Normand  <pnormand@igalia.com>
1982
1983         [GStreamer] misc fixes and cleanups
1984         https://bugs.webkit.org/show_bug.cgi?id=181647
1985
1986         Reviewed by Michael Catanzaro.
1987
1988         * platform/graphics/MediaPlayer.cpp:
1989         (WebCore::convertEnumerationToString): New utility function to convert preload enum to string.
1990         * platform/graphics/MediaPlayerEnums.h: Ditto.
1991         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1992         (WebCore::MediaPlayerPrivateGStreamer::load): Debug tweak
1993         (WebCore::MediaPlayerPrivateGStreamer::prepareToPlay): Ditto
1994         (WebCore::MediaPlayerPrivateGStreamer::play): Ditto
1995         (WebCore::MediaPlayerPrivateGStreamer::paused const): Ditto
1996         (WebCore::MediaPlayerPrivateGStreamer::processBufferingStats): Prevent useless state update.
1997         (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired): Ditto.
1998         (WebCore::MediaPlayerPrivateGStreamer::updateStates): Debug tweak.
1999         (WebCore::MediaPlayerPrivateGStreamer::setDownloadBuffering): Ditto.
2000         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
2001         Remove useless handlesSyncMessage method.
2002         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2003         (WebCore::MediaPlayerPrivateGStreamerBase::setMuted): Prevent useless state update.
2004         (WebCore::MediaPlayerPrivateGStreamerBase::muted const): Debug tweak.
2005         (WebCore::MediaPlayerPrivateGStreamerBase::setStreamVolumeElement): Ditto.
2006         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2007         (webkit_web_src_init): Enable keepAlive by default like in souphttpsrc.
2008         (webKitWebSrcStart): Debug tweak.
2009         (webKitWebSrcQueryWithParent): Ditto.
2010         (webKitWebSrcNeedData): Ditto.
2011         (CachedResourceStreamingClient::responseReceived): Change appsrc
2012         stream-type when we wan't seek. Also update caps like souphttpsrc
2013         does.
2014         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.h: Add forward declaration of MediaPlayer.
2015         * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
2016         (WebCore::MediaSourceClientGStreamerMSE::append): Fix compilation warning.
2017
2018 2018-01-16  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2019
2020         [WPE] Two clearkey tests failing since r226621
2021         https://bugs.webkit.org/show_bug.cgi?id=181532
2022
2023         Reviewed by Xabier Rodriguez-Calvar.
2024
2025         Whith a fake initData, we can have a pssh size nul, thus we should check it.
2026         We saw this issue in the subtest "initData longer than 64Kb characters" in
2027         the clearkey-generate-request-disallowed-input layout test.
2028
2029         * platform/encryptedmedia/clearkey/CDMClearKey.cpp:
2030         (WebCore::extractKeyidsLocationFromCencInitData):
2031
2032 2018-01-15  Yoav Weiss  <yoav@yoav.ws>
2033
2034         Support for preconnect Link headers
2035         https://bugs.webkit.org/show_bug.cgi?id=181657
2036
2037         Reviewed by Darin Adler.
2038
2039         Move the preconnect functionality into its own function, and
2040         also call this function when Link headers are processed.
2041
2042         Test: http/tests/preconnect/link-header-rel-preconnect-http.php
2043
2044         * loader/LinkLoader.cpp:
2045         (WebCore::LinkLoader::loadLinksFromHeader): Call preconnect.
2046         (WebCore::LinkLoader::preconnect): Preconnect to a host functionality moved here.
2047         (WebCore::LinkLoader::preload): Renamed `preloadIfNeeded` to `preload`.
2048         (WebCore::LinkLoader::loadLink): Call preconnect.
2049         * loader/LinkLoader.h:
2050
2051 2018-01-15  Michael Catanzaro  <mcatanzaro@igalia.com>
2052
2053         Improve use of ExportMacros
2054         https://bugs.webkit.org/show_bug.cgi?id=181652
2055
2056         Reviewed by Konstantin Tokarev.
2057
2058         Remove a comment.
2059
2060         * platform/PlatformExportMacros.h:
2061
2062 2018-01-15  Konstantin Tokarev  <annulen@yandex.ru>
2063
2064         image-rendering should affect scaling of border-image
2065         https://bugs.webkit.org/show_bug.cgi?id=169440
2066
2067         Reviewed by Michael Catanzaro.
2068
2069         Test: fast/borders/border-image-pixelated.html
2070
2071         * rendering/style/NinePieceImage.cpp:
2072         (WebCore::NinePieceImage::paint):
2073
2074 2018-01-15  Tomas Popela  <tpopela@redhat.com>
2075
2076         2.19.3 ACCELERATED_2D_CANVAS support is broken
2077         https://bugs.webkit.org/show_bug.cgi?id=180799
2078
2079         Reviewed by Michael Catanzaro.
2080
2081         * html/canvas/CanvasRenderingContext2DBase.cpp:
2082         (WebCore::CanvasRenderingContext2DBase::didDraw):
2083
2084 2018-01-15  Basuke Suzuki  <Basuke.Suzuki@sony.com>
2085
2086         [Curl] Enable HTTP/2
2087         https://bugs.webkit.org/show_bug.cgi?id=181551
2088
2089         Reviewed by Michael Catanzaro.
2090
2091         Start supporting HTTP/2 protocol. The first step is just enabling the HTTP/2 on Curl backend.
2092         Next step will be to enable multiplexing feature.
2093
2094         No new tests because we don't have HTTP/2 test backend yet.
2095
2096         * platform/network/curl/CurlContext.cpp:
2097         (WebCore::CurlContext::isHttp2Enabled const):
2098         (WebCore::CurlHandle::enableHttp):
2099         (WebCore::CurlHandle::enableHttpGetRequest):
2100         (WebCore::CurlHandle::enableHttpHeadRequest):
2101         (WebCore::CurlHandle::enableHttpPostRequest):
2102         (WebCore::CurlHandle::enableHttpPutRequest):
2103         (WebCore::CurlHandle::setHttpCustomRequest):
2104         * platform/network/curl/CurlContext.h:
2105
2106 2018-01-15  Dean Jackson  <dino@apple.com>
2107
2108         Use a helper function for checked arithmetic in WebGL validation
2109         https://bugs.webkit.org/show_bug.cgi?id=181620
2110         <rdar://problem/36485879>
2111
2112         Reviewed by Eric Carlson.
2113
2114         Eric recommended using a templated helper function to do
2115         a common arithmetic check in WebGL validation.
2116
2117         * html/canvas/WebGL2RenderingContext.cpp:
2118         (WebCore::WebGL2RenderingContext::validateIndexArrayConservative):
2119         * html/canvas/WebGLRenderingContext.cpp:
2120         (WebCore::WebGLRenderingContext::validateIndexArrayConservative):
2121         * html/canvas/WebGLRenderingContextBase.cpp:
2122         (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
2123         (WebCore::WebGLRenderingContextBase::validateDrawArrays):
2124         (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0):
2125         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0):
2126         * html/canvas/WebGLRenderingContextBase.h:
2127         (WebCore::WebGLRenderingContextBase::checkedAddAndMultiply): New helper.
2128
2129 2018-01-15  Dean Jackson  <dino@apple.com>
2130
2131         Use traits for animation timing functions
2132         https://bugs.webkit.org/show_bug.cgi?id=181651
2133         <rdar://problem/36525328>
2134
2135         Reviewed by Antoine Quint.
2136
2137         Use the type traits for TimingFunction classes, so
2138         we can is<> and downcast<>.
2139
2140         * css/CSSComputedStyleDeclaration.cpp:
2141         (WebCore::createTimingFunctionValue):
2142         * platform/animation/TimingFunction.cpp:
2143         (WebCore::TimingFunction::transformTime const):
2144         * platform/animation/TimingFunction.h:
2145         * platform/graphics/ca/GraphicsLayerCA.cpp:
2146         (WebCore::animationHasStepsTimingFunction):
2147         (WebCore::animationHasFramesTimingFunction):
2148         * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
2149         (WebCore::toCAMediaTimingFunction):
2150
2151 2018-01-15  Youenn Fablet  <youenn@apple.com>
2152
2153         RealtimeMediaSource should be ThreadSafeRefCounted
2154         https://bugs.webkit.org/show_bug.cgi?id=181649
2155
2156         Reviewed by Eric Carlson.
2157
2158         Difficult to write a test as this is really racy.
2159         RealtimeIncomingVideoSourceCocoa::OnFrame is taking a reference on a background thread
2160         to send a task to the main thread.
2161         This requires it to be thread safe ref counted.
2162
2163         * platform/mediastream/RealtimeMediaSource.h:
2164
2165 2018-01-15  Philippe Normand  <pnormand@igalia.com>
2166
2167         Prevent useless MediaPlayer mute state notifications
2168         https://bugs.webkit.org/show_bug.cgi?id=181646
2169
2170         Reviewed by Carlos Garcia Campos.
2171
2172         On GTK port the mute change notification was triggering the test
2173         runner to think the whole page mute state had changed and that
2174         media elements were muted. The simplest solution is to propagate
2175         the notification only if the state actually changed.
2176
2177         * platform/graphics/MediaPlayer.cpp:
2178         (WebCore::MediaPlayer::muteChanged): Propagate mute notification
2179         only if the mute state actually changed.
2180
2181 2018-01-15  Sebastian Dröge  <sebastian@centricular.com>
2182
2183         [GStreamer] Don't wait for draw condition variable when shutting down.
2184         https://bugs.webkit.org/show_bug.cgi?id=180978
2185
2186         Reviewed by Carlos Garcia Campos.
2187
2188         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2189         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
2190         (WebCore::MediaPlayerPrivateGStreamerBase::cancelRepaint):
2191         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
2192         By also waiting for the draw condition variable while shutting down,
2193         it is possible that the GStreamer video sink is waiting for the main
2194         thread to actually render the current frame, while at the same time
2195         the main thread is waiting for the GStreamer video sink to shut down,
2196         resulting in a deadlock.
2197
2198 2018-01-13  Minsheng Liu  <lambda@liu.ms>
2199
2200         MathML Lengths should take zoom level into account
2201         https://bugs.webkit.org/show_bug.cgi?id=180029
2202
2203         Reviewed by Frédéric Wang.
2204
2205         The patch applies the effective zoom factor to physical units in toUserUnits().
2206
2207         Test: mathml/presentation/mspace-units-with-zoom.html
2208
2209         * rendering/mathml/RenderMathMLBlock.cpp:
2210         (WebCore::toUserUnits):
2211
2212 2018-01-12  Chris Dumez  <cdumez@apple.com>
2213
2214         ASSERTION FAILED: registration || isTerminating() in WebCore::SWServerWorker::skipWaiting()
2215         https://bugs.webkit.org/show_bug.cgi?id=181603
2216         <rdar://problem/36476050>
2217
2218         Reviewed by Youenn Fablet.
2219
2220         No new tests, covered by existing tests that crash flakily.
2221
2222         * workers/service/server/SWServer.cpp:
2223         (WebCore::SWServer::terminateWorkerInternal):
2224         If the connection to the context process is gone, make sure we make the worker as terminated
2225         so that it does not stay in Running state and in SWServer::m_runningOrTerminatingWorkers.
2226
2227         * workers/service/server/SWServerRegistration.cpp:
2228         (WebCore::SWServerRegistration::~SWServerRegistration):
2229         Add assertions to make sure none of the registration's workers are still running when
2230         the registration is destroyed.
2231
2232         (WebCore::SWServerRegistration::updateRegistrationState):
2233         Make sure registration workers that are overwritten are not still running.
2234
2235         * workers/service/server/SWServerWorker.cpp:
2236         (WebCore::SWServerWorker::setState):
2237         If a worker's state is set to redundant, make sure we also terminate it.
2238
2239 2018-01-12  Commit Queue  <commit-queue@webkit.org>
2240
2241         Unreviewed, rolling out r226927.
2242         https://bugs.webkit.org/show_bug.cgi?id=181621
2243
2244         Breaks 32-bit and iOS release for some reason that i don't
2245         understand yet (Requested by dino on #webkit).
2246
2247         Reverted changeset:
2248
2249         "Use a helper function for checked arithmetic in WebGL
2250         validation"
2251         https://bugs.webkit.org/show_bug.cgi?id=181620
2252         https://trac.webkit.org/changeset/226927
2253
2254 2018-01-12  Myles C. Maxfield  <mmaxfield@apple.com>
2255
2256         Data URL fonts split in the middle of an alphabet cause random letters to disappear
2257         https://bugs.webkit.org/show_bug.cgi?id=175845
2258         <rdar://problem/33996578>
2259
2260         Reviewed by Brent Fulgham.
2261
2262         It is fairly common practice for a font foundry to split a font up into two files such that a semi-random
2263         half of the alphabet is present in one of the files, and the other half is present in the other file. This
2264         practice involves representing the files as data URLs, so as to minimize the time it takes to load them.
2265
2266         Because resource loading is asynchronous (even for data URLs), it is possible today to get a paint after
2267         the first file is loaded but before the second file is loaded. Indeed, because of the way font fallback
2268         works, we will never start loading the second file until a layout has occurred with the first font.
2269
2270         Because a site usually only uses this pattern for a handful of fonts, and I've never seen this pattern
2271         being used for CJK fonts, it isn't very expensive to opportunistically decode these data URLs eagerly.
2272         Using this method doesn't actually guarantee that the two fonts will load in between successive paints,
2273         but it at least makes this much more likely. This patch implements this strategy, along with a size
2274         threshold to make sure that we won't decode any super large data URLs when it isn't necessary.
2275
2276         Test: fast/text/font-load-data-partitioned-alphabet.html
2277
2278         * css/CSSFontFace.cpp:
2279         (WebCore::CSSFontFace::opportunisticallyStartFontDataURLLoading):
2280         * css/CSSFontFace.h:
2281         * css/CSSFontFaceSource.cpp:
2282         (WebCore::CSSFontFaceSource::opportunisticallyStartFontDataURLLoading):
2283         * css/CSSFontFaceSource.h:
2284         * css/CSSFontSelector.cpp:
2285         (WebCore::CSSFontSelector::opportunisticallyStartFontDataURLLoading):
2286         * css/CSSFontSelector.h:
2287         * platform/graphics/FontCascadeFonts.cpp:
2288         (WebCore::opportunisticallyStartFontDataURLLoading):
2289         (WebCore::FontCascadeFonts::glyphDataForVariant):
2290         * platform/graphics/FontSelector.h:
2291
2292 2018-01-12  Alex Christensen  <achristensen@webkit.org>
2293
2294         History state should be updated during client redirects with asynchronous policy decisions
2295         https://bugs.webkit.org/show_bug.cgi?id=181358
2296         <rdar://problem/35547689>
2297
2298         Reviewed by Andy Estes.
2299
2300         When decidePolicyForNavigationAction is responded to asynchronously during a client redirect, 
2301         HistoryController::updateForRedirectWithLockedBackForwardList does not update the history because
2302         the document loader has not been marked as a client redirect because the FrameLoader only looks
2303         at its provisional document loader to mark it as a client redirect.  When decidePolicyForNavigationAction
2304         is responded to asynchronously, though, the FrameLoader's provisional document loader has moved to 
2305         its policy document loader.  To get both asynchronous and synchronous cases, let's just mark the document
2306         loader as a client redirect whether it's the provisional or policy document loader.
2307
2308         Covered by a new API test.
2309
2310         * loader/FrameLoader.cpp:
2311         (WebCore::FrameLoader::loadURL):
2312         (WebCore::FrameLoader::loadPostRequest):
2313
2314 2018-01-12  Dean Jackson  <dino@apple.com>
2315
2316         Use a helper function for checked arithmetic in WebGL validation
2317         https://bugs.webkit.org/show_bug.cgi?id=181620
2318         <rdar://problem/36485879>
2319
2320         Reviewed by Eric Carlson.
2321
2322         Eric recommended using a templated helper function to do
2323         a common arithmetic check in WebGL validation.
2324
2325         * html/canvas/WebGL2RenderingContext.cpp:
2326         (WebCore::WebGL2RenderingContext::validateIndexArrayConservative):
2327         * html/canvas/WebGLRenderingContext.cpp:
2328         (WebCore::WebGLRenderingContext::validateIndexArrayConservative):
2329         * html/canvas/WebGLRenderingContextBase.cpp:
2330         (WebCore::WebGLRenderingContextBase::checkedAddAndMultiply): New helper.
2331         (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
2332         (WebCore::WebGLRenderingContextBase::validateDrawArrays):
2333         (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0):
2334         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0):
2335         * html/canvas/WebGLRenderingContextBase.h:
2336
2337 2018-01-12  Myles C. Maxfield  <mmaxfield@apple.com>
2338
2339         [Cocoa] CTFontCopyDefaultCascadeListForLanguages() can return nullptr
2340         https://bugs.webkit.org/show_bug.cgi?id=181615
2341         <rdar://problem/36334637>
2342
2343         Reviewed by Jon Lee.
2344
2345         Speculative fix. We are getting crash reports saying that this call can return nullptr, and we
2346         don't check for it.
2347
2348         No new tests because I couldn't find the specific input that causes it to return nullptr. (I
2349         tried running this code with every 0, 1, and 2 length locale string, every weight value, and
2350         every italic value, and couldn't get it to crash. I also inspected the code to figure out what
2351         values would cause it to return nullptr, and I couldn't find anything other than if the system
2352         has a totally busted font setup.)
2353
2354         * platform/graphics/cocoa/FontDescriptionCocoa.cpp:
2355         (WebCore::SystemFontDatabase::computeCascadeList):
2356
2357 2018-01-11  Dean Jackson  <dino@apple.com>
2358
2359         [WebGL] Simulated vertexAttrib0 can sometimes cause OUT_OF_MEMORY errors
2360         https://bugs.webkit.org/show_bug.cgi?id=181558
2361         <rdar://problem/36189833>
2362
2363         Reviewed by Eric Carlson.
2364
2365         Very large element indices in the ELEMENT_ARRAY_BUFFER meant that
2366         our simulated vertexAttrib0 buffer might be too large. We need
2367         to check for out-of-memory, but we can also detect some of the issues
2368         earlier in our validation code. Additionally, make sure that we don't
2369         accidentally cast an unsigned to a signed.
2370
2371         Test: fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html
2372
2373         * html/canvas/WebGL2RenderingContext.cpp:
2374         (WebCore::WebGL2RenderingContext::validateIndexArrayConservative): Update validation
2375         code to look for overflow, rather than relying on looking for sign changes.
2376         * html/canvas/WebGLRenderingContext.cpp:
2377         (WebCore::WebGLRenderingContext::validateIndexArrayConservative): Ditto.
2378         * html/canvas/WebGLRenderingContextBase.cpp:
2379         (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
2380         (WebCore::WebGLRenderingContextBase::drawArrays): Check that we were able to simulate.
2381         (WebCore::WebGLRenderingContextBase::drawElements):
2382         (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): Update validation code, and
2383         use GC3Duint, since that's what the indicies are.
2384         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Ditto.
2385         (WebCore::WebGLRenderingContextBase::drawArraysInstanced): Check that we were able to simulate.
2386         (WebCore::WebGLRenderingContextBase::drawElementsInstanced):
2387         * html/canvas/WebGLRenderingContextBase.h:
2388
2389 2018-01-12  Wenson Hsieh  <wenson_hsieh@apple.com>
2390
2391         Large in-place attachment elements cause the document width to expand when inserted
2392         https://bugs.webkit.org/show_bug.cgi?id=181614
2393
2394         Reviewed by Dan Bernstein.
2395
2396         Make in-place images and videos have a max-width of 100%, so that large attachments aren't inserted with full
2397         display size, causing the document and viewport width to expand.
2398
2399         * html/HTMLAttachmentElement.cpp:
2400         (WebCore::HTMLAttachmentElement::populateShadowRootIfNecessary):
2401
2402 2018-01-12  Keith Rollin  <krollin@apple.com>
2403
2404         Logged JSON should escape "'s and \'s in strings.
2405         https://bugs.webkit.org/show_bug.cgi?id=181608
2406
2407         Reviewed by Brent Fulgham.
2408
2409         No new tests -- no new functionality, just changed logging. The
2410         efficacy of the logging was verified by inspecting its output.
2411
2412         * loader/ResourceLoadObserver.cpp:
2413         (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
2414
2415 2018-01-12  Dean Jackson  <dino@apple.com>
2416
2417         drawElements should be invalid if vertexAttrib0 doesn't have data
2418         https://bugs.webkit.org/show_bug.cgi?id=181609
2419         <rdar://problem/36392883>
2420
2421         Reviewed by Antoine Quint.
2422
2423         If a vertex attribute has been enabled, but no data provided, then
2424         draw validation should fail.
2425
2426         Test: fast/canvas/webgl/drawElements-empty-vertex-data.html
2427
2428         * html/canvas/WebGLRenderingContextBase.cpp:
2429         (WebCore::WebGLRenderingContextBase::validateVertexAttributes): If there were
2430         never any data in the vertex buffer, then we incorrectly compared with 0.
2431
2432 2018-01-12  Youenn Fablet  <youenn@apple.com>
2433
2434         FormDataElement::lengthInBytes should use ThreadableBlobRegistry
2435         https://bugs.webkit.org/show_bug.cgi?id=181554
2436
2437         Reviewed by Chris Dumez.
2438
2439         Covered by updated test.
2440
2441         Fix blobRegistry() use and add support for creating a response that may trigger the issue.
2442
2443
2444         * platform/network/FormData.cpp:
2445         (WebCore::FormDataElement::lengthInBytes const): Was using directly blobRegistry() while ThreadableBlobRegistry is more appropriate
2446         in case this is called from workers.
2447         * Modules/fetch/FetchBody.h:
2448         * Modules/fetch/FetchResponse.h:
2449         * fileapi/Blob.h:
2450         * testing/ServiceWorkerInternals.cpp:
2451         (WebCore::ServiceWorkerInternals::createOpaqueWithBlobBodyResponse):
2452         * testing/ServiceWorkerInternals.h:
2453         * testing/ServiceWorkerInternals.idl:
2454
2455 2018-01-12  Jer Noble  <jer.noble@apple.com>
2456
2457         Wrap CDMFairPlayStreaming and related classes in ENABLE(ENCRYPTED_MEDIA) checks
2458         https://bugs.webkit.org/show_bug.cgi?id=181602
2459
2460         Reviewed by Maciej Stachowiak.
2461
2462         * platform/graphics/avfoundation/CDMFairPlayStreaming.h:
2463         * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
2464         * platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
2465
2466 2018-01-12  Youenn Fablet  <youenn@apple.com>
2467
2468         WebProcess should pass the registration identifier and not the worker identifier for fetch events
2469         https://bugs.webkit.org/show_bug.cgi?id=181591
2470
2471         Reviewed by Chris Dumez.
2472
2473         Test: http/wpt/service-workers/update-service-worker.https.html
2474
2475         Store service worker registration identifier in ResourceLoaderOptions instead of service worker identifier.
2476
2477         * loader/DocumentThreadableLoader.cpp:
2478         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader):
2479         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
2480         * loader/ResourceLoaderOptions.h:
2481         * loader/WorkerThreadableLoader.cpp:
2482         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
2483         * loader/cache/CachedResourceLoader.cpp:
2484         (WebCore::CachedResourceLoader::prepareFetch):
2485         (WebCore::CachedResourceLoader::determineRevalidationPolicy const):
2486         * loader/cache/CachedResourceRequest.cpp:
2487         (WebCore::CachedResourceRequest::setSelectedServiceWorkerRegistrationIdentifierIfNeeded):
2488         (WebCore::CachedResourceRequest::setNavigationServiceWorkerRegistrationData):
2489         (WebCore::CachedResourceRequest::setSelectedServiceWorkerIdentifierIfNeeded): Deleted.
2490         * loader/cache/CachedResourceRequest.h:
2491         * workers/WorkerScriptLoader.cpp:
2492         (WebCore::WorkerScriptLoader::loadSynchronously):
2493         (WebCore::WorkerScriptLoader::loadAsynchronously):
2494         * workers/service/server/SWServer.cpp:
2495         (WebCore::SWServer::activeWorkerFromRegistrationID):
2496         * workers/service/server/SWServer.h:
2497
2498 2018-01-12  Fujii Hironori  <Hironori.Fujii@sony.com>
2499
2500         [Win][CMake] Remove all-in-one file for WebCore DerivedSources
2501         https://bugs.webkit.org/show_bug.cgi?id=181582
2502
2503         Reviewed by Alex Christensen.
2504
2505         Those source files are compiled in unified source build nowadays.
2506
2507         No new tests (No behavior change)
2508
2509         * CMakeLists.txt: Removed calling PROCESS_ALLINONE_FILE.
2510         * DerivedSources.cpp: Removed.
2511         * WebCoreMacros.cmake: Removed a macro PROCESS_ALLINONE_FILE.
2512
2513 2018-01-12  Fujii Hironori  <Hironori.Fujii@sony.com>
2514
2515         [WinCairo][CMake] Use ${CURL_LIBRARY} instead of specifying the library name libcurl_imp explicitly
2516         https://bugs.webkit.org/show_bug.cgi?id=181578
2517
2518         Reviewed by Alex Christensen.
2519
2520         vcpkg has libcurl.lib, not libcurl_imp.lib.
2521
2522         No new tests because no behavior change.
2523
2524         * PlatformWinCairo.cmake: Link ${CURL_LIBRARY} instead of libcurl_imp.
2525
2526 2018-01-12  Jer Noble  <jer.noble@apple.com>
2527
2528         WebGL video texture black in Safari 11.0.2 and wrong colored in Safari Preview 11.1
2529         https://bugs.webkit.org/show_bug.cgi?id=181445
2530         <rdar://problem/36383183>
2531
2532         Reviewed by Dean Jackson.
2533
2534         Tests: added compile-time correctness tests for YCbCrMatrix values.
2535
2536         Perform the derivation from YCbCr coefficients into matrices in constexpr expressions
2537         at compile-time. This allows us to also perform compile-time correctness checks to catch
2538         regressions which may cause incorrect color conversions.
2539
2540         Since we now have general-purpose derivation of matrix values from coefficients,
2541         adding missing specificed matrices is trivial, so add support for SMPTE 240M and BT.2020
2542         matrices.
2543
2544         * platform/graphics/cv/VideoTextureCopierCV.cpp:
2545         (WebCore::GLfloatColor::GLfloatColor):
2546         (WebCore::GLfloatColor::abs):
2547         (WebCore::GLfloatColor::isApproximatelyEqualTo const):
2548         (WebCore::YCbCrMatrix::operator Vector<GLfloat> const):
2549         (WebCore::YCbCrMatrix::YCbCrMatrix):
2550         (WebCore::YCbCrMatrix::operator* const):
2551         (WebCore::YCbCrToRGBMatrixForRangeAndTransferFunction):
2552
2553 2018-01-12  Antoine Quint  <graouts@apple.com>
2554
2555         Add support for the frames() timing function
2556         https://bugs.webkit.org/show_bug.cgi?id=181585
2557         <rdar://problem/36463317>
2558
2559         Reviewed by Dean.
2560
2561         Implement the frames() timing function as specified in the CSS Timing Functions Level 1
2562         specification, specifically https://www.w3.org/TR/css-timing-1/#frames-timing-functions.
2563         A frames timing function is a type of timing function that divides the input time into a
2564         specified number of intervals of equal length.
2565
2566         Test: transitions/frames-timing-function.html
2567
2568         * css/CSSComputedStyleDeclaration.cpp:
2569         (WebCore::createTimingFunctionValue):
2570         * css/CSSTimingFunctionValue.cpp:
2571         (WebCore::CSSFramesTimingFunctionValue::customCSSText const):
2572         (WebCore::CSSFramesTimingFunctionValue::equals const):
2573         * css/CSSTimingFunctionValue.h:
2574         * css/CSSToStyleMap.cpp:
2575         (WebCore::CSSToStyleMap::mapAnimationTimingFunction):
2576         * css/CSSValue.cpp:
2577         (WebCore::CSSValue::equals const):
2578         (WebCore::CSSValue::cssText const):
2579         (WebCore::CSSValue::destroy):
2580         * css/CSSValue.h:
2581         (WebCore::CSSValue::isFramesTimingFunctionValue const):
2582         * css/CSSValueKeywords.in:
2583         * css/parser/CSSPropertyParser.cpp:
2584         (WebCore::consumeSteps):
2585         (WebCore::consumeFrames):
2586         (WebCore::consumeAnimationTimingFunction):
2587         * platform/animation/TimingFunction.cpp:
2588         (WebCore::operator<<):
2589         (WebCore::TimingFunction::transformTime const):
2590         * platform/animation/TimingFunction.h:
2591         (WebCore::TimingFunction::isFramesTimingFunction const):
2592         * platform/graphics/ca/GraphicsLayerCA.cpp:
2593         (WebCore::animationHasFramesTimingFunction):
2594         (WebCore::GraphicsLayerCA::animationCanBeAccelerated const):
2595
2596 2018-01-12  Commit Queue  <commit-queue@webkit.org>
2597
2598         Unreviewed, rolling out r226721.
2599         https://bugs.webkit.org/show_bug.cgi?id=181583
2600
2601         Lets do a slightly different fix (Requested by anttik on
2602         #webkit).
2603
2604         Reverted changeset:
2605
2606         "REGRESSION(r225650): The scores of MotionMark tests Multiply
2607         and Leaves dropped by 8%"
2608         https://bugs.webkit.org/show_bug.cgi?id=181460
2609         https://trac.webkit.org/changeset/226721
2610
2611 2018-01-11  Keith Miller  <keith_miller@apple.com>
2612
2613         Rename ENABLE_ASYNC_ITERATION to ENABLE_JS_ASYNC_ITERATION
2614         https://bugs.webkit.org/show_bug.cgi?id=181573
2615
2616         Reviewed by Simon Fraser.
2617
2618         * Configurations/FeatureDefines.xcconfig:
2619
2620 2018-01-11  Jiewen Tan  <jiewen_tan@apple.com>
2621
2622         [WebAuthN] Import a CBOR coder from Chromium
2623         https://bugs.webkit.org/show_bug.cgi?id=181522
2624         <rdar://problem/36055729>
2625
2626         Reviewed by Brent Fulgham.
2627
2628         This patch imports a CBOR coder including encoder and decoder from Chromium. CBOR encoder
2629         is needed for WebAuthN to encode attestation object into binaries. When supporting extensions
2630         in the future, CBOR encoder/decoder will be needed as well. Implementating and maintaining
2631         a fully-fledged CBOR coder doesn't seem to align with WebKit's best interests. Therefore,
2632         importing a most suitable third party implementation will be wise.
2633
2634         In this patch, it fully integrate the whole coder into our codebase. Those changes includes:
2635             1. Substitute data structures that enjoy a better WTF version.
2636             2. Replacing marcos.
2637             3. Implementating workarounds for some functionalities that we lack fundamental types' support.
2638             4. Changing the coding style to match ours.
2639
2640         This patch doesn't intend to improve the logic of the original codebase. Hence some of the
2641         coding logic might not match what WebKit ususally has.
2642
2643         Here is a full list of Chromium changes that constructed this CBOR coder in chronological order:
2644         6efcf495521d18d060027762f48bb292d6979136,
2645         9eb43fd347890b4c6cf54c4bd7ec1bbb88e381e1,
2646         31c85e74fd567772f18e0a41be468d04af721f21,
2647         68672fdcad280a8ff69b91927d38d0eabf2c87f2,
2648         0ca8667c0584fb21c0748ebd7468d32889759a07,
2649         df763d790d7e45d70116bdefacbfd4f9faa8995e,
2650         6d30c4a621c65314db63eb56e87c19ab75627b26,
2651         50fe92953f4739f17a62303fedbf8db9234317c8,
2652         47be22c3603424d1832d046a348ff3f982500288,
2653         98a59e46948b2c71608926004fac8192b0ff2208,
2654         07540c6d850ed6e0fa508d63c20a8ce96d751de6,
2655         06ae32d640c8e4b86ea8914a80ee419ea16e56d8.
2656
2657         Covered by API tests.
2658
2659         * Modules/webauthn/cbor/CBORBinary.h: Added.
2660         * Modules/webauthn/cbor/CBORReader.cpp: Added.
2661         (cbor::CBORReader::CBORReader):
2662         (cbor::CBORReader::~CBORReader):
2663         (cbor::CBORReader::read):
2664         (cbor::CBORReader::decodeCBOR):
2665         (cbor::CBORReader::readVariadicLengthInteger):
2666         (cbor::CBORReader::decodeValueToNegative):
2667         (cbor::CBORReader::decodeValueToUnsigned):
2668         (cbor::CBORReader::readSimpleValue):
2669         (cbor::CBORReader::readString):
2670         Workarounds applied.
2671         (cbor::CBORReader::readBytes):
2672         (cbor::CBORReader::readCBORArray):
2673         (cbor::CBORReader::readCBORMap):
2674         (cbor::CBORReader::canConsume):
2675         (cbor::CBORReader::checkMinimalEncoding):
2676         (cbor::CBORReader::checkExtraneousData):
2677         (cbor::CBORReader::checkDuplicateKey):
2678         (cbor::CBORReader::hasValidUTF8Format):
2679         Workarounds applied.
2680         (cbor::CBORReader::checkOutOfOrderKey):
2681         (cbor::CBORReader::getErrorCode):
2682         (cbor::CBORReader::errorCodeToString):
2683         * Modules/webauthn/cbor/CBORReader.h: Added.
2684         * Modules/webauthn/cbor/CBORValue.cpp: Added.
2685         (cbor::CBORValue::CBORValue):
2686         (cbor::CBORValue::operator=):
2687         (cbor::CBORValue::~CBORValue):
2688         (cbor::CBORValue::clone const):
2689         (cbor::CBORValue::getInteger const):
2690         (cbor::CBORValue::getUnsigned const):
2691         (cbor::CBORValue::getNegative const):
2692         (cbor::CBORValue::getString const):
2693         (cbor::CBORValue::getByteString const):
2694         (cbor::CBORValue::getArray const):
2695         (cbor::CBORValue::getMap const):
2696         (cbor::CBORValue::getSimpleValue const):
2697         (cbor::CBORValue::internalMoveConstructFrom):
2698         (cbor::CBORValue::internalCleanup):
2699         * Modules/webauthn/cbor/CBORValue.h: Added.
2700         * Modules/webauthn/cbor/CBORWriter.cpp: Added.
2701         (cbor::CBORWriter::~CBORWriter):
2702         (cbor::CBORWriter::write):
2703         (cbor::CBORWriter::CBORWriter):
2704         (cbor::CBORWriter::encodeCBOR):
2705         Workarounds applied.
2706         (cbor::CBORWriter::startItem):
2707         (cbor::CBORWriter::setAdditionalInformation):
2708         (cbor::CBORWriter::setUint):
2709         (cbor::CBORWriter::getNumUintBytes):
2710         * Modules/webauthn/cbor/CBORWriter.h: Added.
2711         * Sources.txt:
2712         * WebCore.xcodeproj/project.pbxproj:
2713
2714 2018-01-11  Chris Dumez  <cdumez@apple.com>
2715
2716         Setting Window.opener to null should disown its opener
2717         https://bugs.webkit.org/show_bug.cgi?id=181505
2718         <rdar://problem/36443151>
2719
2720         Reviewed by Ryosuke Niwa.
2721
2722         Setting Window.opener to null should disown its opener as per:
2723         - https://html.spec.whatwg.org/#dom-opener
2724
2725         With this change, tabs opened by clicking link inside Gmail no
2726         longer have the Gmail window as opener.
2727
2728         Tests: fast/dom/Window/window-opener-set-to-null.html
2729                fast/dom/Window/window-opener-shadowing.html
2730
2731         * bindings/js/JSDOMWindowCustom.cpp:
2732         (WebCore::JSDOMWindow::setOpener):
2733         * page/DOMWindow.cpp:
2734         (WebCore::DOMWindow::disownOpener):
2735         * page/DOMWindow.h:
2736         * page/DOMWindow.idl:
2737
2738 2018-01-11  Myles C. Maxfield  <mmaxfield@apple.com>
2739
2740         [Cocoa] Star character disappears when bolded
2741         https://bugs.webkit.org/show_bug.cgi?id=181568
2742         <rdar://problem/18755569>
2743
2744         Reviewed by Simon Fraser.
2745
2746         We had some code in ComplexTextController to ask the FontCache for a font, given the name
2747         of a particular font CoreText used inside a CTRun. This is wrong for two reasons: fonts
2748         are not identifiable by PostScript name (in the general case), and because the lookup
2749         procedure requires a FontDescription, the result may yield a font that is not the one
2750         looked up. The goal of this code was simply to preserve the rendering mode of the font,
2751         but we removed support for these rendering modes years ago. So the solution is to skip
2752         that lookup and use the CoreText font directly.
2753
2754         Test: fast/text/unknown-font.html
2755
2756         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
2757         (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
2758
2759 2018-01-11  Keith Rollin  <krollin@apple.com>
2760
2761         Add optional logging of ITP-related user interaction information
2762         https://bugs.webkit.org/show_bug.cgi?id=181556
2763
2764         Reviewed by Brent Fulgham.
2765
2766         In order to support the tracking of the efficacy of Intelligent
2767         Tracking Protection, add some logging indicating when the user
2768         interacts with a page in a way that affects cookie partitioning. This
2769         logging is off by default, and is enabled with `defaults write -g
2770         WebKitLogCookieInformation -bool true`.
2771
2772         No new tests -- no changed functionality.
2773
2774         * loader/ResourceLoadObserver.cpp:
2775         (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
2776         * loader/ResourceLoadObserver.h:
2777         (WebCore::ResourceLoadObserver::shouldLogUserInteraction const):
2778         (WebCore::ResourceLoadObserver::setShouldLogUserInteraction):
2779
2780 2018-01-11  James Craig  <jcraig@apple.com>
2781
2782         AX: when invert colors is on, double-invert video elements in UserAgentStyleSheet
2783         https://bugs.webkit.org/show_bug.cgi?id=168447
2784         <rdar://problem/30559874>
2785
2786         Reviewed by Simon Fraser.
2787
2788         Double-invert video when platform "invert colors" setting is enabled. Behavior matches 
2789         current "Smart Invert" feature of Safari Reader on macOS/iOS and other iOS native apps.
2790
2791         Tests: accessibility/smart-invert-reference.html
2792                accessibility/smart-invert.html
2793
2794         * Modules/modern-media-controls/controls/media-controls.css:
2795         (@media (inverted-colors)):
2796         (:host):
2797         (picture):
2798         * css/html.css:
2799         (@media (inverted-colors)):
2800         (video):
2801
2802 2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>
2803
2804         Don't load inline data when requesting info for an attachment element backed by a file path
2805         https://bugs.webkit.org/show_bug.cgi?id=181550
2806
2807         Reviewed by Tim Horton.
2808
2809         When requesting data for an attachment element that is backed by a file path, we currently trigger a load in the
2810         web process to fetch contents of the attachment data as inline data in the AttachmentInfo. This is unnecessary,
2811         since the file path of the attachment element must have come from the UI process anyways, so it is sufficient to
2812         simply send the file path to the UI process and have the UI process read the contents of the path as a memory-
2813         mapped NSData.
2814
2815         This patch lets HTMLAttachmentElement skip over resource loading codepaths when creating an AttachmentInfo for
2816         the client, and also teaches _WKAttachment to read a AttachmentInfo's filepath as memory-mapped data if a file
2817         path is present, and no inline data was specified.
2818
2819         Covered by existing API tests.
2820
2821         * html/HTMLAttachmentElement.cpp:
2822         (WebCore::HTMLAttachmentElement::requestInfo):
2823
2824 2018-01-10  Ryosuke Niwa  <rniwa@webkit.org>
2825
2826         Make elements of zero width or height focusable
2827         https://bugs.webkit.org/show_bug.cgi?id=181516
2828
2829         Reviewed by Chris Dumez.
2830
2831         Don't check render box's size or bounding rect when deciding whether an element is focusable.
2832         New behavior matches that of Firefox and Chrome.
2833
2834         Test: fast/events/focus-zero-size-element.html
2835
2836         * dom/Element.cpp:
2837         (WebCore::Element::isFocusable): Only update the style.
2838         * html/HTMLFormControlElement.cpp:
2839         (WebCore::HTMLFormControlElement::isFocusable const): Deleted.
2840         * html/HTMLFormControlElement.h:
2841         * mathml/MathMLElement.cpp:
2842         (WebCore::MathMLElement::isFocusable const): Deleted. As far as I can tell, no math ml element is focusable.
2843         * mathml/MathMLElement.h:
2844         * svg/SVGAElement.cpp:
2845         (WebCore::SVGAElement::isFocusable const): Deleted.
2846         * svg/SVGAElement.h:
2847
2848 2018-01-11  Filip Pizlo  <fpizlo@apple.com>
2849
2850         Rename MarkedAllocator to BlockDirectory and AllocatorAttributes to CellAttributes
2851         https://bugs.webkit.org/show_bug.cgi?id=181543
2852
2853         Rubber stamped by Michael Saboff.
2854
2855         No new tests because I'm just renaming things.
2856
2857         * ForwardingHeaders/heap/BlockDirectoryInlines.h: Copied from Source/WebCore/ForwardingHeaders/heap/MarkedAllocatorInlines.h.
2858         * ForwardingHeaders/heap/MarkedAllocatorInlines.h: Removed.
2859         * bindings/js/DOMGCOutputConstraint.cpp:
2860
2861 2018-01-11  Alex Christensen  <achristensen@webkit.org>
2862
2863         REGRESSION(r225003): Loading hangs in environments where dispatch_async does not work
2864         https://bugs.webkit.org/show_bug.cgi?id=181553
2865         <rdar://problem/35733938>
2866
2867         Reviewed by Eric Carlson.
2868
2869         There is an environment where dispatch_async does not work, but performSelectorOnMainThread works.
2870         r225003 broke loading in this environment.  This fixes it and updates the test that r225003 fixed.
2871         It failed sometimes because loading was happening in a different order than html parsing, so I made
2872         the test not depend on html parsing timing by updating media/video-src-remove.html.
2873
2874         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
2875         (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
2876
2877 2018-01-11  Dean Jackson  <dino@apple.com>
2878
2879         Rolling out 226814. It crashes on some bots.
2880
2881 2018-01-11  Dean Jackson  <dino@apple.com>
2882
2883         [WebGL] Simulated vertexAttrib0 can sometimes cause OUT_OF_MEMORY errors
2884         https://bugs.webkit.org/show_bug.cgi?id=181558
2885         <rdar://problem/36189833>
2886
2887         Reviewed by Eric Carlson.
2888
2889         Very large element indices in the ELEMENT_ARRAY_BUFFER meant that
2890         our simulated vertexAttrib0 buffer might be too large. We need
2891         to check for out-of-memory, but we can also detect some of the issues
2892         earlier in our validation code. Additionally, make sure that we don't
2893         accidentally cast an unsigned to a signed.
2894
2895         Test: fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html
2896
2897         * html/canvas/WebGL2RenderingContext.cpp:
2898         (WebCore::WebGL2RenderingContext::validateIndexArrayConservative): Update validation
2899         code to look for overflow, rather than relying on looking for sign changes.
2900         * html/canvas/WebGLRenderingContext.cpp:
2901         (WebCore::WebGLRenderingContext::validateIndexArrayConservative): Ditto.
2902         * html/canvas/WebGLRenderingContextBase.cpp:
2903         (WebCore::WebGLRenderingContextBase::validateIndexArrayPrecise):
2904         (WebCore::WebGLRenderingContextBase::drawArrays): Check that we were able to simulate.
2905         (WebCore::WebGLRenderingContextBase::drawElements):
2906         (WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): Update validation code, and
2907         use GC3Duint, since that's what the indicies are.
2908         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Ditto.
2909         (WebCore::WebGLRenderingContextBase::drawArraysInstanced): Check that we were able to simulate.
2910         (WebCore::WebGLRenderingContextBase::drawElementsInstanced):
2911         * html/canvas/WebGLRenderingContextBase.h:
2912
2913 2018-01-11  Chris Dumez  <cdumez@apple.com>
2914
2915         ASSERTION FAILED: registration in WebCore::SWServerWorker::skipWaiting()
2916         https://bugs.webkit.org/show_bug.cgi?id=181222
2917         <rdar://problem/36332686>
2918
2919         Reviewed by Youenn Fablet.
2920
2921         Replace assertion in SWServerWorker::skipWaiting() that assumes the worker
2922         has a registration. Nowadays, a SWServerWorker can stay alive for a short
2923         period without having a registration, while it is terminating.
2924
2925         No new tests, unskipped existing test.
2926
2927         * workers/service/server/SWServerWorker.cpp:
2928         (WebCore::SWServerWorker::skipWaiting):
2929
2930 2018-01-11  Antti Koivisto  <antti@apple.com>
2931
2932         Don't call RenderElement::setStyle when nothing changes
2933         https://bugs.webkit.org/show_bug.cgi?id=181530
2934
2935         Reviewed by Zalan Bujtas.
2936
2937         * style/StyleChange.h:
2938
2939         Remove 'Force' value. This essentially meant 'compute style for all descendants and call setStyle unconditionally'.
2940         Using this value lost information about whether anything actually changed in a particular style as it was automatically
2941         inherited by all descendants. The 'compute all descendants' part of the behavior is what is actually needed.
2942
2943         Instead add separate DescendantsToResolve enum for communicating what else to compute.
2944
2945         * style/StyleTreeResolver.cpp:
2946         (WebCore::Style::TreeResolver::Parent::Parent):
2947         (WebCore::Style::computeDescendantsToResolve):
2948
2949             Figure out which descendants will need resolving based on how the current elements style changed.
2950
2951         (WebCore::Style::TreeResolver::resolveElement):
2952         (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
2953         (WebCore::Style::TreeResolver::pushParent):
2954         (WebCore::Style::shouldResolveElement):
2955
2956             Use DescendantsToResolve as input.
2957
2958         (WebCore::Style::TreeResolver::resolveComposedTree):
2959         * style/StyleTreeResolver.h:
2960         * style/StyleUpdate.h:
2961         (WebCore::Style::ElementUpdates::ElementUpdates):
2962
2963             Add DescendantsToResolve.
2964
2965 2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>
2966
2967         Send PromisedBlobInfo to the client through DragItem instead of DragClient::prepareToDragPromisedBlob
2968         https://bugs.webkit.org/show_bug.cgi?id=181497
2969
2970         Reviewed by Tim Horton.
2971
2972         Refactor drag initiation with DOMFile-backed attachment elements. See WebKit ChangeLog for more information. No
2973         change in behavior; promised blob dragging covered by WKAttachment API tests.
2974
2975         * loader/EmptyClients.cpp:
2976         * page/DragClient.h:
2977         (WebCore::DragClient::prepareToDragPromisedBlob): Deleted.
2978         * page/DragController.cpp:
2979         (WebCore::DragController::startDrag):
2980         (WebCore::DragController::doImageDrag):
2981         (WebCore::DragController::doSystemDrag):
2982         (WebCore::DragController::promisedBlobInfo):
2983         (WebCore::DragController::dragAttachmentElement): Deleted.
2984         * page/DragController.h:
2985         * platform/DragItem.h:
2986         (WebCore::DragItem::encode const):
2987         (WebCore::DragItem::decode):
2988
2989 2018-01-11  Youenn Fablet  <youenn@apple.com>
2990
2991         RTCController should disable ICE candidate filtering in case of getUserMedia based on the RTCPerrConnection origin
2992         https://bugs.webkit.org/show_bug.cgi?id=180851
2993
2994         Reviewed by Eric Carlson.
2995
2996         Test: http/wpt/webrtc/third-party-frame-ice-candidate-filtering.html
2997
2998         RTCController now stores all the client origins (top+frame origins) of frames that got access to camera/microphone access.
2999         For any such client origin, PeerConnection objects ICE candidate filtering is disabled.
3000         ICE candidate filtering is reset whenever navigating/reloading the page.
3001
3002         * Modules/mediastream/RTCController.cpp:
3003         (WebCore::RTCController::reset):
3004         (WebCore::matchDocumentOrigin):
3005         (WebCore::RTCController::shouldDisableICECandidateFiltering):
3006         (WebCore::RTCController::add):
3007         (WebCore::RTCController::disableICECandidateFilteringForAllOrigins):
3008         (WebCore::RTCController::disableICECandidateFiltering):
3009         (WebCore::RTCController::enableICECandidateFiltering):
3010         * Modules/mediastream/RTCController.h:
3011         * Modules/mediastream/RTCPeerConnection.cpp:
3012         (WebCore::RTCPeerConnection::create):
3013         * Modules/mediastream/UserMediaRequest.cpp:
3014         (WebCore::UserMediaRequest::allow):
3015         * page/Page.cpp:
3016         (WebCore::Page::disableICECandidateFiltering):
3017         * testing/Internals.cpp:
3018         (WebCore::Internals::setICECandidateFiltering):
3019
3020 2018-01-11  Ali Juma  <ajuma@chromium.org>
3021
3022         window.visualViewport should behave as [SameObject]
3023         https://bugs.webkit.org/show_bug.cgi?id=181548
3024
3025         Reviewed by Chris Dumez.
3026
3027         Add 'GenerateIsReachable' to VisualViewport so that window.visualViewport's
3028         JS wrapper object doesn't get garbage collected too soon.
3029
3030         Test: fast/visual-viewport/visual-viewport-same-object.html
3031
3032         * page/VisualViewport.idl:
3033
3034 2018-01-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
3035
3036         [Curl] Extract multipart handling from ResourceHandle to CurlRequest.
3037         https://bugs.webkit.org/show_bug.cgi?id=181506
3038
3039         Reviewed by Alex Christensen.
3040
3041         Rename old MultipartHandle class to CurlMultipartHandle and modernize it. Also move the responsibility 
3042         of handling multi part from ResourceHandle to CurlRequest. This is required for upcoming NetworkLoadTask.
3043
3044         No new tests because no new behavior.
3045
3046         * platform/Curl.cmake:
3047         * platform/network/curl/CurlMultipartHandle.cpp: Renamed from Source/WebCore/platform/network/curl/MultipartHandle.cpp.
3048         (WebCore::CurlMultipartHandle::createIfNeeded):
3049         (WebCore::CurlMultipartHandle::extractBoundary):
3050         (WebCore::CurlMultipartHandle::extractBoundaryFromContentType):
3051         (WebCore::CurlMultipartHandle::CurlMultipartHandle):
3052         (WebCore::CurlMultipartHandle::didReceiveData):
3053         (WebCore::CurlMultipartHandle::didComplete):
3054         (WebCore::CurlMultipartHandle::processContent):
3055         (WebCore::CurlMultipartHandle::checkForBoundary):
3056         (WebCore::CurlMultipartHandle::matchedLength):
3057         (WebCore::CurlMultipartHandle::parseHeadersIfPossible):
3058         * platform/network/curl/CurlMultipartHandle.h: Renamed from Source/WebCore/platform/network/curl/MultipartHandle.h.
3059         (WebCore::CurlMultipartHandle::~CurlMultipartHandle):
3060         * platform/network/curl/CurlMultipartHandleClient.h: Added.
3061         (WebCore::CurlMultipartHandleClient::~CurlMultipartHandleClient):
3062         * platform/network/curl/CurlRequest.cpp:
3063         (WebCore::CurlRequest::CurlRequest):
3064         (WebCore::CurlRequest::didReceiveHeader):
3065         (WebCore::CurlRequest::didReceiveData):
3066         (WebCore::CurlRequest::didReceiveHeaderFromMultipart):
3067         (WebCore::CurlRequest::didReceiveDataFromMultipart):
3068         (WebCore::CurlRequest::didCompleteTransfer):
3069         (WebCore::CurlRequest::finalizeTransfer):
3070         (WebCore::CurlRequest::invokeDidReceiveResponseForFile):
3071         (WebCore::CurlRequest::invokeDidReceiveResponse):
3072         (WebCore::CurlRequest::completeDidReceiveResponse):
3073         * platform/network/curl/CurlRequest.h:
3074         (WebCore::CurlRequest::create):
3075         * platform/network/curl/ResourceHandleCurlDelegate.cpp:
3076         (WebCore::ResourceHandleCurlDelegate::createCurlRequest):
3077         (WebCore::ResourceHandleCurlDelegate::curlDidReceiveResponse):
3078         (WebCore::ResourceHandleCurlDelegate::curlDidReceiveBuffer):
3079         (WebCore::ResourceHandleCurlDelegate::curlDidComplete):
3080         * platform/network/curl/ResourceHandleCurlDelegate.h:
3081
3082 2018-01-11  Zalan Bujtas  <zalan@apple.com>
3083
3084         RenderTreeUpdater::current() returns null_ptr when mutation is done through Document::resolveStyle.
3085         https://bugs.webkit.org/show_bug.cgi?id=181513
3086         <rdar://problem/36367085>
3087
3088         Reviewed by Antti Koivisto.
3089
3090         This patch ensures that we use a valid RenderTreeBuilder even when
3091         Document::resolveStyle (incorrectly) triggers tree mutation.
3092         It can be reverted soon after the incorrect mutations are taken care of.
3093
3094         Test: fast/forms/button-set-text-crash.html
3095
3096         * rendering/RenderButton.cpp:
3097         (WebCore::RenderButton::setText):
3098         * rendering/RenderMenuList.cpp:
3099         (RenderMenuList::setText):
3100
3101 2018-01-11  Antoine Quint  <graouts@apple.com>
3102
3103         Only listen to webkitplaybacktargetavailabilitychanged when media controls are visible to the user
3104         https://bugs.webkit.org/show_bug.cgi?id=181547
3105         <rdar://problem/35947650>
3106
3107         Reviewed by Eric Carlson.
3108
3109         Because listening to "webkitplaybacktargetavailabilitychanged" events incurs some higher power usage on iOS,
3110         we only listen to such events when controls are visible to the user. In other words, the MediaControls need to
3111         have both "visible" set to "true" and "faded" set to "false". To support this, we add a delegate method on
3112         MediaControls such that it can tell the MediaController that the "visible" property changed. With this message,
3113         MediaController can inform its MediaControllerSupport objects that user visibility of the controls changed, which
3114         lets AirplaySupport disable itself when controls are no longer visible.
3115
3116         Test: media/modern-media-controls/airplay-support/airplay-support-disable-event-listeners-with-hidden-controls.html
3117
3118         * Modules/modern-media-controls/controls/media-controls.js:
3119         (MediaControls.prototype.set visible):
3120         * Modules/modern-media-controls/media/airplay-support.js:
3121         (AirplaySupport.prototype.controlsUserVisibilityDidChange):
3122         * Modules/modern-media-controls/media/media-controller-support.js:
3123         (MediaControllerSupport.prototype.controlsUserVisibilityDidChange):
3124         * Modules/modern-media-controls/media/media-controller.js:
3125         (MediaController.prototype.mediaControlsVisibilityDidChange):
3126         (MediaController.prototype.mediaControlsFadedStateDidChange):
3127         (MediaController.prototype._controlsUserVisibilityDidChange):
3128
3129 2018-01-11  Antoine Quint  <graouts@apple.com>
3130
3131         [iOS] There should be no controls markup generated in fullscreen
3132         https://bugs.webkit.org/show_bug.cgi?id=181540
3133         <rdar://problem/35060379>
3134
3135         Reviewed by Eric Carlson.
3136
3137         We completely forgo the display of any content when fullscreen on iOS by setting the
3138         "visible" flag to "false" on the MediaControls, which will prevent any DOM content from
3139         being added.
3140
3141         * Modules/modern-media-controls/media/media-controller.js:
3142         (MediaController.prototype.handleEvent):
3143         (MediaController.prototype._updateiOSFullscreenProperties):
3144         (MediaController):
3145         (MediaController.prototype._updateSupportingObjectsEnabledState): Deleted.
3146
3147 2018-01-11  Alex Christensen  <achristensen@webkit.org>
3148
3149         Revert changes accidentally committed with r226789.
3150         https://bugs.webkit.org/show_bug.cgi?id=181423
3151
3152         I had some local changes I did not mean to commit.
3153
3154         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
3155         (scheduledWithCustomRunLoopMode):
3156         (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
3157         (WebCore::if): Deleted.
3158         (WebCore::>::fromCallable): Deleted.
3159
3160 2018-01-10  Simon Fraser  <simon.fraser@apple.com>
3161
3162         On macOS, getBoundingClientRect gives incorrect values when pinch-zoomed
3163         https://bugs.webkit.org/show_bug.cgi?id=181511
3164         rdar://problem/33741427
3165
3166         Reviewed by Zalan Bujtas.
3167         
3168         When reverting "client coordinates are relative to layout viewport" in r219829
3169         I broke documentToClientOffset() on macOS by failing to take pinch zoom scale into
3170         account (frameScaleFactor() is always 1 on iOs, so this bug doesn't manifest there).
3171
3172         Covered by existing tests.
3173
3174         * page/FrameView.cpp:
3175         (WebCore::FrameView::documentToClientOffset const):
3176
3177 2018-01-11  Youenn Fablet  <youenn@apple.com>
3178
3179         Replace WebRTCLegacyAPIDisabled by WebRTCLegacyAPIEnabled and switch off WebRTC legacy flag by default
3180         https://bugs.webkit.org/show_bug.cgi?id=181480
3181
3182         Reviewed by Eric Carlson.
3183
3184         No change of behavior.
3185
3186         * page/RuntimeEnabledFeatures.h: Set default value to false.
3187
3188 2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>
3189
3190         [Attachment Support] Support moving attachment elements in editable areas using drag and drop
3191         https://bugs.webkit.org/show_bug.cgi?id=181337
3192         <rdar://problem/36324813>
3193
3194         Reviewed by Tim Horton.
3195
3196         Makes slight adjustments to attachment-specific drag and drop logic to ensure that moving attachments via drag
3197         and drop behaves correctly. See per-change comments for more detail.
3198
3199         Tests:  WKAttachmentTests.DragInPlaceVideoAttachmentElement
3200                 WKAttachmentTests.MoveAttachmentElementAsIconByDragging
3201                 WKAttachmentTests.MoveInPlaceAttachmentElementByDragging
3202
3203         * editing/cocoa/EditorCocoa.mm:
3204         (WebCore::Editor::getPasteboardTypesAndDataForAttachment):
3205
3206         Stop vending the private web archive pasteboard type for attachments, for now. This works around issues where an
3207         attachment element that is dragged and dropped within the same page may lose its blob backing data if we try to
3208         remove and insert it as a fragment from the archive. Providing a web archive would allow us to avoid destroying
3209         and recreating an attachment element when dragging within the same page, but this is a nice-to-have optimization
3210         we can re-enable after investigation in a subsequent patch.
3211
3212         * html/HTMLAttachmentElement.cpp:
3213         (WebCore::HTMLAttachmentElement::populateShadowRootIfNecessary):
3214
3215         Add `draggable=false` to the image element of an in-place attachment element.
3216
3217         * page/DragController.cpp:
3218         (WebCore::enclosingAttachmentElement):
3219         (WebCore::DragController::draggableElement const):
3220
3221         Tweak single-selected-attachment handling to account for in-place attachments. Since the hit-tested node is
3222         inside the shadow subtree of the attachment element, the condition needs to check for the startElement as well
3223         as the startElement's shadow host.
3224
3225         (WebCore::DragController::startDrag):
3226
3227         Make two tweaks here. First, don't require a RenderAttachment to drag an attachment element (this is required
3228         for dragging in-place attachments). This was added in r217083 to address <rdar://problem/32282831>, but is no
3229         longer correct, since attachments may now be displayed in-place.
3230
3231         Secondly, only restore the previous selection if the attachment is in a richly contenteditable area. This was
3232         added to prevent the selection highlight from appearing in when dragging non-editable attachment elements in the
3233         Mail viewer. However, to allow drag moves to occur, we need the selection to persist after drag start.
3234
3235 2018-01-04  Filip Pizlo  <fpizlo@apple.com>
3236
3237         CodeBlocks should be in IsoSubspaces
3238         https://bugs.webkit.org/show_bug.cgi?id=180884
3239
3240         Reviewed by Saam Barati.
3241
3242         No new tests because no new behavior.
3243         
3244         Adopting new parallel constraint API, so that more of the logic of doing parallel
3245         constraint solving is shared between the DOM's output constraints and JSC's output
3246         constraints.
3247
3248         * bindings/js/DOMGCOutputConstraint.cpp:
3249         (WebCore::DOMGCOutputConstraint::executeImpl):
3250         (WebCore::DOMGCOutputConstraint::doParallelWorkImpl): Deleted.
3251         (WebCore::DOMGCOutputConstraint::finishParallelWorkImpl): Deleted.
3252         * bindings/js/DOMGCOutputConstraint.h:
3253
3254 2018-01-11  Wenson Hsieh  <wenson_hsieh@apple.com>
3255
3256         [Attachment Support] Support dragging attachment elements out as files on iOS
3257         https://bugs.webkit.org/show_bug.cgi?id=181199
3258         <rdar://problem/36299316>
3259
3260         Reviewed by Tim Horton, Andy Estes and Joseph Pecoraro.
3261
3262         Adds support for dragging "files" (i.e. creating item providers with preferred attachment presentation styles)
3263         from attachment elements on iOS for Mail. See below for more detail.
3264
3265         Tests:  WKAttachmentTestsIOS.DragAttachmentInsertedAsData
3266                 WKAttachmentTestsIOS.DragAttachmentInsertedAsFile
3267
3268         * page/DragController.cpp:
3269         (WebCore::DragController::platformContentTypeForBlobType const):
3270         (WebCore::DragController::dragAttachmentElement):
3271         * page/DragController.h:
3272         * page/mac/DragControllerMac.mm:
3273         (WebCore::DragController::platformContentTypeForBlobType const):
3274
3275         Add a private method to convert the type of a promised blob to a platform type. For Cocoa platforms, this
3276         converts the blob type (either a UTI or a MIME type) to a UTI for the platform to consume.
3277
3278         * platform/ios/WebItemProviderPasteboard.h:
3279         * platform/ios/WebItemProviderPasteboard.mm:
3280
3281         Refactor WebItemProviderRegistrationInfo. WebItemProviderRegistrationInfo currently encapsulates a single item
3282         provider registration call, and contains either a type identifier and data buffer, or an NSItemProviderWriting-
3283         conformant object. To register an item provider using a WebItemProviderRegistrationInfo, the item provider
3284         pasteboard currently checks to see whether the info contains an object or a type and data.
3285
3286         This patch removes WebItemProviderRegistrationInfo and replaces it with WebItemProviderDataRegistrar. Objects
3287         that implement this protocol know how to take an NSItemProvider and register data to it. So far, there are
3288         three implementations below.
3289
3290         (-[WebItemProviderDataRegistrar initWithData:type:]):
3291         (-[WebItemProviderDataRegistrar typeIdentifier]):
3292         (-[WebItemProviderDataRegistrar data]):
3293         (-[WebItemProviderDataRegistrar typeIdentifierForClient]):
3294         (-[WebItemProviderDataRegistrar dataForClient]):
3295         (-[WebItemProviderDataRegistrar registerItemProvider:]):
3296         (-[WebItemProviderDataRegistrar description]):
3297
3298         A data registrar takes a UTI and data buffer, and registers the UTI to the data. This replaces a
3299         WebItemProviderRegistrationInfo with both a type and data, but no representing object.
3300
3301         (-[WebItemProviderWritableObjectRegistrar initWithObject:]):
3302         (-[WebItemProviderWritableObjectRegistrar representingObjectForClient]):
3303         (-[WebItemProviderWritableObjectRegistrar registerItemProvider:]):
3304         (-[WebItemProviderWritableObjectRegistrar description]):
3305
3306         The writable object registrar writes an NSItemProviderWriting-conformant object to an item provider. This
3307         replaces a WebItemProviderRegistrationInfo with only a representing object.
3308
3309         (-[WebItemProviderPromisedFileRegistrar initWithType:callback:]):
3310         (-[WebItemProviderPromisedFileRegistrar registerItemProvider:]):
3311         (-[WebItemProviderPromisedFileRegistrar description]):
3312         (-[WebItemProviderRegistrationInfoList addData:forType:]):
3313         (-[WebItemProviderRegistrationInfoList addRepresentingObject:]):
3314         (-[WebItemProviderRegistrationInfoList addPromisedType:fileCallback:]):
3315
3316         Helper methods to add new registrars to a registration info list.
3317
3318         (-[WebItemProviderRegistrationInfoList itemAtIndex:]):
3319         (-[WebItemProviderRegistrationInfoList enumerateItems:]):
3320         (-[WebItemProviderRegistrationInfoList itemProvider]):
3321         (-[WebItemProviderRegistrationInfoList description]):
3322         (-[WebItemProviderRegistrationInfo initWithRepresentingObject:typeIdentifier:data:]): Deleted.
3323         (-[WebItemProviderRegistrationInfo representingObject]): Deleted.
3324         (-[WebItemProviderRegistrationInfo typeIdentifier]): Deleted.
3325
3326 2018-01-11  Michael Saboff  <msaboff@apple.com>
3327
3328         Add a DOM gadget for Spectre testing
3329         https://bugs.webkit.org/show_bug.cgi?id=181351
3330
3331         Reviewed by Ryosuke Niwa.
3332
3333         This change is used to test Spectre mitigations.
3334
3335         Added a new DOM class to test for Spectre issues in the DOM layer.
3336         This additional functionality is disabled by default and must be enabled
3337         through the JSC option "enableSpectreGadgets".
3338
3339         * CMakeLists.txt:
3340         * DerivedSources.make:
3341         * Sources.txt:
3342         * WebCore.xcodeproj/project.pbxproj:
3343         * bindings/js/WebCoreBuiltinNames.h:
3344         * dom/SpectreGadget.cpp: Added.
3345         (WebCore::SpectreGadget::SpectreGadget):
3346         (WebCore::SpectreGadget::create):
3347         (WebCore::SpectreGadget::setReadLength):
3348         (WebCore::SpectreGadget::charCodeAt):
3349         (WebCore::SpectreGadget::clflushReadLength):
3350         * dom/SpectreGadget.h: Added.
3351         * dom/SpectreGadget.idl: Added.
3352         * page/RuntimeEnabledFeatures.cpp:
3353         (WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):
3354         * page/RuntimeEnabledFeatures.h:
3355
3356 2018-01-11  Philippe Normand  <pnormand@igalia.com>
3357
3358         [GTK] media/muted-video-is-playing-audio.html is timing out
3359         https://bugs.webkit.org/show_bug.cgi?id=163781
3360
3361         Reviewed by Carlos Garcia Campos.
3362
3363         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3364         (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo): Sprinkle some debugging.
3365         (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.
3366         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3367         (WebCore::MediaPlayerPrivateGStreamerBase::setMuted): Ditto.
3368
3369 2018-01-10  Andy Estes  <aestes@apple.com>
3370
3371         [Payment Request] Rename ApplePayMerchantValidationEvent to MerchantValidationEvent
3372         https://bugs.webkit.org/show_bug.cgi?id=181437
3373         <rdar://problem/36376481>
3374
3375         Reviewed by Tim Horton.
3376         
3377         Renamed ApplePayMerchantValidationEvent to MerchantValidationEvent and changed complete() to accept a Promise.
3378
3379         Test: http/tests/paymentrequest/payment-request-merchant-validation.https.html
3380
3381         * DerivedSources.make:
3382         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
3383         (WebCore::ApplePayPaymentHandler::merchantValidationCompleted):
3384         (WebCore::ApplePayPaymentHandler::validateMerchant):
3385         * Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
3386         * Modules/paymentrequest/MerchantValidationEvent.cpp: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.cpp.
3387         (WebCore::MerchantValidationEvent::create):
3388         (WebCore::MerchantValidationEvent::MerchantValidationEvent):
3389         (WebCore::MerchantValidationEvent::eventInterface const):
3390         (WebCore::MerchantValidationEvent::complete):
3391         * Modules/paymentrequest/MerchantValidationEvent.h: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.h.
3392         * Modules/paymentrequest/MerchantValidationEvent.idl: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.idl.
3393         * Modules/paymentrequest/PaymentHandler.h:
3394         * Modules/paymentrequest/PaymentRequest.cpp:
3395         (WebCore::PaymentRequest::completeMerchantValidation):
3396         * Modules/paymentrequest/PaymentRequest.h:
3397         * Modules/paymentrequest/PaymentRequest.idl:
3398         * WebCore.xcodeproj/project.pbxproj:
3399         * dom/EventNames.h:
3400         * dom/EventNames.in:
3401
3402 2018-01-10  Basuke Suzuki  <Basuke.Suzuki@sony.com>
3403
3404         [Curl] Cross-protocol, cross-site scripting (XPXSS) using HTML forms
3405         Nhttps://bugs.webkit.org/show_bug.cgi?id=153088
3406
3407         Reviewed by Alex Christensen.
3408
3409         No new tests because it's covered by existing tests.
3410
3411         * platform/network/curl/CurlContext.cpp:
3412         (WebCore::CurlHandle::getHttpVersion):
3413         * platform/network/curl/CurlContext.h:
3414         * platform/network/curl/CurlRequest.cpp:
3415         (WebCore::CurlRequest::didReceiveHeader):
3416         * platform/network/curl/CurlResponse.h:
3417         (WebCore::CurlResponse::isolatedCopy const):
3418         * platform/network/curl/ResourceResponseCurl.cpp:
3419         (WebCore::ResourceResponse::ResourceResponse):
3420         (WebCore::ResourceResponse::setStatusLine):
3421
3422 2018-01-10  Wenson Hsieh  <wenson_hsieh@apple.com>
3423
3424         REGRESSION(r222507): Composition highlight doesn't render when using IME
3425         https://bugs.webkit.org/show_bug.cgi?id=181485
3426         <rdar://problem/35896516>
3427
3428         Reviewed by Ryosuke Niwa.
3429
3430         Fixes the order of arguments passed to paintTextSubrangeBackground from paintCompositionBackground.
3431
3432         Test: editing/marked-text-appearance.html
3433
3434         * rendering/InlineTextBox.cpp:
3435         (WebCore::InlineTextBox::paintCompositionBackground):
3436
3437 2018-01-10  Youenn Fablet  <youenn@apple.com>
3438
3439         Use no-cache fetch mode when loading main documents with location.reload()
3440         https://bugs.webkit.org/show_bug.cgi?id=181285
3441
3442         Reviewed by Alex Christensen.
3443
3444         Covered by rebased tests.
3445
3446         Start to translate cache policy used for navigation as FetchOptions::Cache.
3447         This allows ensuring service workers receive the right cache mode when intercepting navigation loads.
3448         To not change current navigation behavior, ReturnCacheDataElseLoad and ReturnCacheDataDontLoad still trigger default fetch cache mode.
3449
3450         For Reload and ReloadExpiredOnly frame load types, using no-cache mode is more efficient than reload mode,
3451         as a conditional request will be sent if possible. This applies to location.reload which is consistent with other browsers.
3452         Keep reload mode for ReloadFromOrigin.
3453
3454         * loader/DocumentLoader.cpp:
3455         (WebCore::toFetchOptionsCache):
3456         (WebCore::DocumentLoader::loadMainResource):
3457         * loader/FrameLoader.cpp:
3458         (WebCore::FrameLoader::loadFrameRequest):
3459         (WebCore::FrameLoader::loadURL):
3460         (WebCore::FrameLoader::load):
3461         (WebCore::FrameLoader::reload):
3462         (WebCore::FrameLoader::defaultRequestCachingPolicy):
3463         (WebCore::FrameLoader::loadDifferentDocumentItem):
3464         * loader/NavigationScheduler.cpp:
3465
3466 2018-01-10  Commit Queue  <commit-queue@webkit.org>
3467
3468         Unreviewed, rolling out r226667 and r226673.
3469         https://bugs.webkit.org/show_bug.cgi?id=181488
3470
3471         This caused a flaky crash. (Requested by mlewis13 on #webkit).
3472
3473         Reverted changesets:
3474
3475         "CodeBlocks should be in IsoSubspaces"
3476         https://bugs.webkit.org/show_bug.cgi?id=180884
3477         https://trac.webkit.org/changeset/226667
3478
3479         "REGRESSION (r226667): CodeBlocks should be in IsoSubspaces"
3480         https://bugs.webkit.org/show_bug.cgi?id=180884
3481         https://trac.webkit.org/changeset/226673
3482
3483 2018-01-10  Antti Koivisto  <antti@apple.com>
3484
3485         REGRESSION(r225650): The scores of MotionMark tests Multiply and Leaves dropped by 8%
3486         https://bugs.webkit.org/show_bug.cgi?id=181460
3487         <rdar://problem/36379776>
3488
3489         Reviewed by Ryosuke Niwa.
3490
3491         * css/parser/CSSParser.cpp:
3492         (WebCore::CSSParserContext::CSSParserContext):
3493
3494         Don't do the expensive security origin test if the sheet base URL and document URL are identical.
3495         This is true for inline style and inline stylesheets.
3496
3497 2018-01-10  Antti Koivisto  <antti@apple.com>
3498
3499         Try to fix windows build.
3500
3501         * css/RuleFeature.cpp:
3502         (WebCore::RuleFeatureSet::computeNextMatchElement):
3503
3504 2018-01-10  Zalan Bujtas  <zalan@apple.com>
3505
3506         [RenderTreeBuilder] Move RenderRuby's moveChildren logic to RenderTreeBuilder
3507         https://bugs.webkit.org/show_bug.cgi?id=181470
3508         <rdar://problem/36397683>
3509
3510         Reviewed by Antti Koivisto.
3511
3512         This is about moving code, no cleanup and/or normalization (unfortunately it also means
3513         some temporary changes).  
3514
3515         No change in functionality.
3516
3517         * rendering/RenderBlockFlow.h:
3518         * rendering/RenderRubyBase.cpp:
3519         (WebCore::RenderRubyBase::moveChildren): Deleted.
3520         (WebCore::RenderRubyBase::mergeChildrenWithBase): Deleted.
3521         (WebCore::RenderRubyBase::moveInlineChildren): Deleted.
3522         (WebCore::RenderRubyBase::moveBlockChildren): Deleted.
3523         * rendering/RenderRubyBase.h:
3524         * rendering/RenderRubyRun.cpp:
3525         (WebCore::RenderRubyRun::takeChild):
3526         * rendering/updating/RenderTreeBuilder.cpp:
3527         (WebCore::RenderTreeBuilder::moveRubyChildren):
3528         * rendering/updating/RenderTreeBuilder.h:
3529         * rendering/updating/RenderTreeBuilderRuby.cpp:
3530         (WebCore::RenderTreeBuilder::Ruby::moveInlineChildren):
3531         (WebCore::RenderTreeBuilder::Ruby::moveBlockChildren):
3532         (WebCore::RenderTreeBuilder::Ruby::moveChildren):
3533         (WebCore::RenderTreeBuilder::Ruby::moveChildrenInternal):
3534         (WebCore::RenderTreeBuilder::Ruby::insertChild):
3535         * rendering/updating/RenderTreeBuilderRuby.h:
3536
3537 2018-01-10  Philippe Normand  <pnormand@igalia.com>
3538
3539         [GStreamer] fix critical GObject warning
3540
3541         Rubber-stamped by Carlos Garcia Campos.
3542
3543         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3544         (WebCore::MediaPlayerPrivateGStreamer::handleMessage): No need to
3545         resort to complicated things to get the element name...
3546
3547 2018-01-10  Philippe Normand  <pnormand@igalia.com>
3548
3549         [GStreamer] REGRESSION(r226629): broke media/video-interruption-with-resume-allowing-play.html
3550         https://bugs.webkit.org/show_bug.cgi?id=181471
3551         <rdar://problem/36402323>
3552
3553         Reviewed by Carlos Garcia Campos.
3554
3555         This patch mainly reduces the amount of playback state changes
3556         emitted by the GStreamer player to its client. Emitting those
3557         notifications too often has bad side effects.
3558
3559         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3560         (WebCore::MediaPlayerPrivateGStreamer::paused const): Add debug messages.
3561         (WebCore::MediaPlayerPrivateGStreamer::handleMessage): This debug message appears too much. Demote.
3562         (WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded const): Ditto.
3563         (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const): Ditto.
3564         (WebCore::MediaPlayerPrivateGStreamer::updateStates): Try to emit
3565         playback state change notification only when going to PLAYING.
3566         (WebCore::MediaPlayerPrivateGStreamer::loadingFailed): Add warning message.
3567
3568 2018-01-10  Youenn Fablet  <youenn@apple.com>
3569
3570         Add Service Worker CSP persistency
3571         https://bugs.webkit.org/show_bug.cgi?id=181434
3572
3573         Reviewed by Alex Christensen.
3574
3575         Covered by manual testing.
3576         Future work on service worker test infrastructure should allow automating such tests.
3577
3578         Add support for service worker CSP data persistency.
3579         Add a version parameter to increment each time the schema is changing.
3580         This allows the same store to be used by multiple WebKits.
3581
3582         * workers/service/server/RegistrationDatabase.cpp:
3583         (WebCore::v1RecordsTableSchema):
3584         (WebCore::RegistrationDatabase::openSQLiteDatabase):
3585         (WebCore::RegistrationDatabase::doPushChanges):
3586         (WebCore::RegistrationDatabase::importRecords):
3587
3588 2018-01-10  Antti Koivisto  <antti@apple.com>
3589
3590         Invalidate current element style on class change accurately
3591         https://bugs.webkit.org/show_bug.cgi?id=181210
3592
3593         Reviewed by Zalan Bujtas.
3594
3595         * css/DocumentRuleSets.cpp:
3596         (WebCore::DocumentRuleSets::collectFeatures const):
3597         (WebCore::DocumentRuleSets::subjectClassRules const):
3598
3599             New rule set containing class rules affecting the subject element.
3600
3601         (WebCore::DocumentRuleSets::ancestorClassRules const):
3602         * css/DocumentRuleSets.h:
3603         * css/RuleFeature.cpp:
3604         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
3605
3606             Classify selector components into various buckets based on the elements they match relative to
3607             the subject element. There are more categories than this patch strictly needs, for future use.
3608
3609         (WebCore::RuleFeatureSet::collectFeatures):
3610         (WebCore::RuleFeatureSet::add):
3611         (WebCore::RuleFeatureSet::clear):
3612         (WebCore::RuleFeatureSet::shrinkToFit):
3613         * css/RuleFeature.h:
3614         * css/StyleResolver.h:
3615         (WebCore::StyleResolver::hasSelectorForClass const): Deleted.
3616         * style/ClassChangeInvalidation.cpp:
3617         (WebCore::Style::elementNeedsInvalidation):
3618         (WebCore::Style::ClassChangeInvalidation::computeInvalidation):
3619
3620             Don't invalidate current element unconditionally on class change. Instead find the subject rulesets
3621             that might affect it use them to perform invalidation.
3622
3623         (WebCore::Style::ClassChangeInvalidation::invalidateStyleWithRuleSets):
3624         (WebCore::Style::ClassChangeInvalidation::invalidateStyle): Deleted.
3625         (WebCore::Style::ClassChangeInvalidation::invalidateDescendantStyle): Deleted.
3626         * style/ClassChangeInvalidation.h:
3627         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
3628         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
3629         * style/StyleSharingResolver.cpp:
3630         (WebCore::Style::SharingResolver::classNamesAffectedByRules const):
3631
3632 2018-01-09  Antoine Quint  <graouts@apple.com>
3633
3634         [Web Animations] Expose the id property on Animation
3635         https://bugs.webkit.org/show_bug.cgi?id=181450
3636         <rdar://problem/36383600>
3637
3638         Reviewed by Dean Jackson.
3639
3640         Expose the "id" property on Animation and handle the "id" property on the optional KeyframeAnimationOptions object
3641         passed to Element.animate(). All of the WPT tests related to this property are now passing.
3642
3643         * animation/WebAnimation.h:
3644         * animation/WebAnimation.idl:
3645         * dom/Element.cpp:
3646         (WebCore::Element::animate):
3647
3648 2018-01-09  Chris Dumez  <cdumez@apple.com>
3649
3650         Make service workers behave correctly with regards to Page Cache
3651         https://bugs.webkit.org/show_bug.cgi?id=181446
3652         <rdar://problem/36164291>
3653
3654         Reviewed by Youenn Fablet.
3655
3656         Make service workers behave correctly with regards to Page Cache:
3657         1. If a document has an active service worker, do not let it go into PageCache
3658         2. When a document goes into page cache, unregister it from the list of service worker clients
3659         3. When a document is restored from page cache, add it nack to the list of service worker clients
3660
3661         Tests: http/tests/workers/service/client-added-to-clients-when-restored-from-page-cache.html
3662                http/tests/workers/service/client-removed-from-clients-while-in-page-cache.html
3663                http/tests/workers/service/no-page-cache-when-controlled.html
3664                http/tests/workers/service/other_resources/test.html
3665
3666         * dom/Document.cpp:
3667         (WebCore::Document::suspend):
3668         (WebCore::Document::resume):
3669         * history/PageCache.cpp:
3670         (WebCore::canCacheFrame):
3671         * page/DiagnosticLoggingKeys.cpp:
3672         (WebCore::DiagnosticLoggingKeys::serviceWorkerKey):
3673         * page/DiagnosticLoggingKeys.h:
3674
3675 2018-01-09  Chris Dumez  <cdumez@apple.com>
3676
3677         We should not return undefined for most properties of a detached Window
3678         https://bugs.webkit.org/show_bug.cgi?id=181416
3679         <rdar://problem/36162489>
3680
3681         Reviewed by Ryosuke Niwa.
3682
3683         We should not return undefined for most properties on a detached Window. WebKit previously only exposed "closed"
3684         and "close" properties on detached / frameless windows. However, this does not match the HTML specification [1]
3685         or the behavior of Firefox and Chrome.
3686
3687         Note that Chrome does not seem to fully follow the HTML specification either, it seems to treat detached windows
3688         the same way as cross-origin ones. As a result, it only exposed properties that are visible cross-origin when
3689         a window is detached / frameless.
3690
3691         [1] https://html.spec.whatwg.org/#windowproxy-get
3692
3693         No new tests, updated existingt tests.
3694
3695         * bindings/js/JSDOMWindowCustom.cpp:
3696         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
3697         (WebCore::JSDOMWindow::getOwnPropertySlot):
3698         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
3699
3700 2018-01-09  Darin Adler  <darin@apple.com>
3701
3702         Further refinement to list item and counter code after "list-item" counter fix
3703         https://bugs.webkit.org/show_bug.cgi?id=181426
3704
3705         Reviewed by Zalan Bujtas.
3706
3707         * css/StyleBuilderCustom.h:
3708         (WebCore::StyleBuilderCustom::applyInheritCounter): Use auto.
3709         (WebCore::StyleBuilderCustom::applyValueCounter): Use auto, removed unneeded
3710         null checks for things that can never be null, moved the saturated addition
3711         here and got rid of the addIncrementValue function from CounterDirectives.
3712         Use the saturatedAddition function from SaturatedArithmetic.h instead of the
3713         much less efficient one that did the same thing, CounterDirectives::addClamped.
3714
3715         * rendering/RenderCounter.cpp:
3716         (WebCore::listItemCounterDirectives): Use aggregate syntax for the return
3717         statements.
3718         (WebCore::planCounter): Changed to use a struct return value instead of two
3719         out arguments. Use the saturatedAddition function from SaturatedArithmetic.h
3720         instead of the much less efficient one that did the same thing,
3721         CounterDirectives::addClamped.
3722         (WebCore::findPlaceForCounter): Changed to use a struct return value instead
3723         of two out arguments.
3724         (WebCore::makeCounterNode): Updated for the above changes. Changed code to
3725         use add instead of both get and set. Updated to keep the counter maps inside
3726         the values of the "map of maps" instead of using a unique_ptr and allocating
3727         each one on the heap.
3728         (WebCore::destroyCounterNodeWithoutMapRemoval): Changed argument to a reference
3729         instead of a pointer. Updated for changes to the map. Use RefPtr more
3730         consistently.
3731         (WebCore::RenderCounter::destroyCounterNodes): Use iterators less.
3732         (WebCore::RenderCounter::destroyCounterNode): Ditto.
3733         (WebCore::RenderCounter::rendererRemovedFromTree): Add a check of
3734         hasCounterNodeMap here before calling destroyCounterNodes, so that function
3735         can assume the flag is true (both other callers already check it).
3736         (WebCore::updateCounters): Use auto and update for changes above.
3737         (WebCore::RenderCounter::rendererStyleChanged): Use modern for loops instead
3738         of iterators.
3739         (showCounterRendererTree): Use auto and udpate for changes above.
3740
3741         * rendering/RenderListItem.cpp:
3742         (WebCore::enclosingList): Stop referring to elements as "nodes". Changed
3743         the local variable names for clarity.
3744         (WebCore::nextListItemHelper): Renamed from nextListItem since it's not
3745         intended to be called directly and we want to use a function pointer to
3746         nextListItem. Fixed the algorithm to correctly handle ad hoc "lists" that
3747         are not actually HTML list elements, using the definition in the enclosingList
3748         function as the previousListItem function already did.
3749         (WebCore::nextListItem): Updated for name changes.
3750         (WebCore::firstListItem): Renamed from nextListItem for clarity.
3751         (WebCore::previousListItem): Rewrote loop so it doesn't have to do things
3752         so strangely when we find another list.
3753         (WebCore::RenderListItem::updateItemValuesForOrderedList): Use auto and
3754         update local variable names.
3755         (WebCore::RenderListItem::itemCountForOrderedList): Ditto.
3756         (WebCore::RenderListItem::updateValueNow const): Rewrote to use an iterative
3757         algorithm instead of a recursive one. Fixes the FIXME here.
3758         (WebCore::RenderListItem::updateValue): Use m_valueWasSetExplicitly
3759         instead of m_explicitValue.
3760         (WebCore::RenderListItem::explicitValueChanged): Use auto and simplified
3761         the loop a bit.
3762         (WebCore::RenderListItem::setExplicitValue): Set m_valueWasSetExplicitly
3763         instead of m_explicitValue.
3764         (WebCore::previousOrNextItem): Deleted.
3765         (WebCore::RenderListItem::updateListMarkerNumbers): Streamlined the loop
3766         a bit and used a fucntion pointer to handle the two different directions.
3767         (WebCore::RenderListItem::isInReversedOrderedList const): Simplified by
3768         getting rid of an unneeded use of pointers and local variables.
3769
3770         * rendering/RenderListItem.h: Use a boolean, m_valueWasSetExplicitly,
3771         instead of a separate optional m_explicitValue.
3772
3773         * rendering/style/CounterDirectives.h: Since all the code in this file was
3774         rewritten, removed old copyrights. Deleted the addIncrementValue function,
3775         since it is clear enough in the one call site in the style builder.
3776         Deleted the addClamped function because it was just a much slower
3777         version of the saturatedAddition function. Made == and != into constexpr
3778         functions since they are simple enough to be.
3779
3780         * rendering/style/RenderStyle.cpp:
3781         (WebCore::RenderStyle::getCounterDirectives const): Deleted. Caller can
3782         handle this just fine without a helper function.
3783         * rendering/style/RenderStyle.h: Ditto.
3784
3785 2018-01-09  Myles C. Maxfield  <mmaxfield@apple.com>
3786
3787         font-display:fallback can cause a visual flash (which is supposed to be impossible)
3788         https://bugs.webkit.org/show_bug.cgi?id=181374
3789
3790         Reviewed by Simon Fraser.
3791
3792         A FontCascade represents an entire font-family fallback list, but sometimes we need to pull out a single
3793         representative font from the list to calculate things like line height. Previously, if the first item in
3794         the font-family list was in the middle of being downloaded, this representative font was hardcoded to be
3795         Times. However, when actually laying out and drawing the glyphs, we have logic to skip the interstitial
3796         Times if there are any installed fonts present in the font-family list (so you wouldn't ever actually
3797         see Times). This means that line height (among other things) was being calculated as if Times was used,
3798         but in reality, some other font from the font-family list was being used.
3799
3800         Alone, this isn't a huge problem, but font-display:fallback makes a font transition between "timed out"
3801         and "failed," and when the font hits the failed state, the representative font skips over the cancelled
3802         item and hits the next item in the fallback list. This means that line heights will change, which causes
3803         a visual flash, even when font-display:fallback is specified.
3804
3805         The solution is simply to educate the logic which identifies this representative font so that it
3806         understands what to do for currently-loading fonts.
3807
3808         Tests: fast/text/font-display/swap-flash.html
3809
3810         * platform/graphics/FontCascadeFonts.h:
3811         (WebCore::FontCascadeFonts::primaryFont):
3812         * rendering/line/BreakingContext.h:
3813         (WebCore::textWidth):
3814
3815 2018-01-04  Filip Pizlo  <fpizlo@apple.com>
3816
3817         CodeBlocks should be in IsoSubspaces
3818         https://bugs.webkit.org/show_bug.cgi?id=180884
3819
3820         Reviewed by Saam Barati.
3821
3822         No new tests because no new behavior.
3823         
3824         Adopting new parallel constraint API, so that more of the logic of doing parallel
3825         constraint solving is shared between the DOM's output constraints and JSC's output
3826         constraints.
3827
3828         * bindings/js/DOMGCOutputConstraint.cpp:
3829         (WebCore::DOMGCOutputConstraint::executeImpl):
3830         (WebCore::DOMGCOutputConstraint::doParallelWorkImpl): Deleted.
3831         (WebCore::DOMGCOutputConstraint::finishParallelWorkImpl): Deleted.
3832         * bindings/js/DOMGCOutputConstraint.h:
3833
3834 2018-01-08  Simon Fraser  <simon.fraser@apple.com>
3835
3836         Clean up Marquee-related enums
3837         https://bugs.webkit.org/show_bug.cgi?id=181347
3838
3839         Reviewed by Anders Carlsson.
3840
3841         Modernize EMarqueeBehavior and EMarqueeDirection enums. Stop using the weird negative
3842         values in the MarqueeDirection and do manual reverse direction mapping.
3843
3844         Make some member functions of RenderMarquee private.
3845
3846         Stop using bitfields in RenderMarquee because the memory saving is not worth it, and doing so
3847         allows us to use modern initialization.
3848
3849         No behavior change.
3850
3851         * css/CSSPrimitiveValueMappings.h:
3852         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
3853         (WebCore::CSSPrimitiveValue::operator MarqueeBehavior const):
3854         (WebCore::CSSPrimitiveValue::operator MarqueeDirection const):
3855         (WebCore::CSSPrimitiveValue::operator EMarqueeBehavior const): Deleted.
3856         (WebCore::CSSPrimitiveValue::operator EMarqueeDirection const): Deleted.
3857         * css/StyleResolver.cpp:
3858         (WebCore::StyleResolver::adjustRenderStyle):
3859         * rendering/RenderBox.cpp:
3860         (WebCore::RenderBox::sizesLogicalWidthToFitContent const):
3861         * rendering/RenderLayer.cpp:
3862         (WebCore::RenderLayer::calculateClipRects const):
3863         * rendering/RenderMarquee.cpp:
3864         (WebCore::RenderMarquee::RenderMarquee):
3865         (WebCore::reverseDirection):
3866         (WebCore::RenderMarquee::direction const):
3867         (WebCore::RenderMarquee::isHorizontal const):
3868         (WebCore::RenderMarquee::computePosition):
3869         (WebCore::RenderMarquee::start):
3870         (WebCore::RenderMarquee::updateMarqueePosition):
3871         (WebCore::RenderMarquee::updateMarqueeStyle):
3872         (WebCore::RenderMarquee::timerFired):
3873         * rendering/RenderMarquee.h:
3874         * rendering/style/RenderStyle.h:
3875         (WebCore::RenderStyle::marqueeBehavior const):
3876         (WebCore::RenderStyle::marqueeDirection const):
3877         (WebCore::RenderStyle::setMarqueeDirection):
3878         (WebCore::RenderStyle::setMarqueeBehavior):
3879         (WebCore::RenderStyle::initialMarqueeBehavior):
3880         (WebCore::RenderStyle::initialMarqueeDirection):
3881         * rendering/style/RenderStyleConstants.h:
3882         * rendering/style/StyleMarqueeData.cpp:
3883         (WebCore::StyleMarqueeData::StyleMarqueeData):
3884         * rendering/style/StyleMarqueeData.h:
3885
3886 2018-01-09  Jer Noble  <jer.noble@apple.com>
3887
3888         Many CVDisplayLink threads created and destroyed while watching a YouTube video
3889         https://bugs.webkit.org/show_bug.cgi?id=181396
3890
3891         Reviewed by Simon Fraser.
3892
3893         When watching some YouTube videos (or any video with default controls), event handlers for
3894         the "timeupdate" event which use rAF will cause the underlying platform objects to be
3895         destroyed in between "timeupdate" events being fired, since they occur every 250ms, and rAF
3896         objects are destroyed every 166ms (or 10/60hz). Update this constant to destroy the
3897         underlying objects every 333ms (or 20/60hz) so that this common pattern doesn't lead to
3898         excessive rAF platform object turnover.
3899
3900         * platform/Logging.h:
3901         * platform/graphics/DisplayRefreshMonitor.h:
3902         (WebCore::DisplayRefreshMonitor::shouldBeTerminated const):
3903         * platform/graphics/DisplayRefreshMonitor.cpp:
3904         (WebCore::DisplayRefreshMonitor::displayDidRefresh):
3905         * platform/graphics/DisplayRefreshMonitorManager.cpp:
3906         (WebCore::DisplayRefreshMonitorManager::createMonitorForClient):
3907         (WebCore::DisplayRefreshMonitorManager::displayDidRefresh):
3908
3909 2018-01-09  Zalan Bujtas  <zalan@apple.com>
3910
3911         [RenderTreeBuilder] Move RenderElement addChild mutation logic to RenderTreeBuilder
3912         https://bugs.webkit.org/show_bug.cgi?id=181451
3913         <rdar://problem/36385562>
3914
3915         Reviewed by Antti Koivisto.
3916
3917         This is about moving code, no cleanup and/or normalization (unfortunately it also means
3918         some temporary changes).  
3919
3920         No change in functionality.
3921
3922         * rendering/RenderElement.cpp:
3923         (WebCore::RenderElement::addChild):
3924         (WebCore::RenderElement::childRequiresTable const): Deleted.
3925         * rendering/RenderElement.h:
3926         * rendering/updating/RenderTreeBuilder.cpp:
3927         (WebCore::RenderTreeBuilder::insertChildToRenderElement):
3928         (WebCore::RenderTreeBuilder::childRequiresTable):
3929         * rendering/updating/RenderTreeBuilder.h:
3930         * rendering/updating/RenderTreeBuilderInline.cpp:
3931         (WebCore::RenderTreeBuilder::Inline::insertChildToContinuation):
3932         (WebCore::RenderTreeBuilder::Inline::insertChildIgnoringContinuation):
3933         (WebCore::RenderTreeBuilder::Inline::newChildIsInline):
3934         (WebCore::newChildIsInline): Deleted.
3935         * rendering/updating/RenderTreeBuilderInline.h:
3936
3937 2018-01-09  Matt Lewis  <jlewis3@apple.com>
3938
3939         Unreviewed, rolling out r226531.
3940
3941         This caused test failures on macOS WK2.
3942
3943         Reverted changeset:
3944
3945         "Use no-cache fetch mode when loading main documents with
3946         location.reload()"
3947         https://bugs.webkit.org/show_bug.cgi?id=181285
3948         https://trac.webkit.org/changeset/226531
3949
3950 2018-01-09  Michael Saboff  <msaboff@apple.com>
3951
3952         Unreviewed, rolling out r226600 and r226603
3953         https://bugs.webkit.org/show_bug.cgi?id=181351
3954
3955         Add a DOM gadget for Spectre testing
3956
3957         * dom/Comment.cpp:
3958         (WebCore::Comment::Comment):
3959         (WebCore::Comment::setReadLength): Deleted.
3960         (WebCore::Comment::charCodeAt): Deleted.
3961         (WebCore::Comment::clflushReadLength): Deleted.
3962         * dom/Comment.h:
3963         * dom/Comment.idl:
3964         * page/RuntimeEnabledFeatures.cpp:
3965         (WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const): Deleted.
3966         * page/RuntimeEnabledFeatures.h:
3967
3968 2018-01-09  Don Olmstead  <don.olmstead@sony.com>
3969
3970         Add additional WEBCORE_EXPORTs
3971         https://bugs.webkit.org/show_bug.cgi?id=181414
3972
3973         Reviewed by Alex Christensen.
3974
3975         No new tests. No change in behavior.
3976
3977         * dom/Document.h:
3978         * dom/ViewportArguments.h:
3979         * page/DOMWindow.h:
3980         * page/FrameView.h:
3981         * page/PageOverlayController.h:
3982         * platform/ContextMenuItem.h:
3983         * platform/Pasteboard.h:
3984         * platform/SharedBuffer.h:
3985         * platform/UserAgent.h:
3986         * platform/graphics/GLContext.h:
3987         * platform/graphics/GraphicsContext.h:
3988         * platform/graphics/GraphicsLayerTransform.h:
3989         * platform/graphics/PlatformDisplay.h:
3990         * platform/graphics/cairo/BackingStoreBackendCairoImpl.h:
3991         * platform/graphics/cairo/PlatformContextCairo.h:
3992         * platform/graphics/cairo/RefPtrCairo.h:
3993         * platform/graphics/nicosia/NicosiaBuffer.h:
3994         * platform/graphics/nicosia/NicosiaPaintingEngine.h:
3995         * platform/graphics/texmap/TextureMapper.h:
3996         * platform/gra