Part 2 for <rdar://problem/8492788>
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-02-01  Sam Weinig  <sam@webkit.org>
2
3         Reviewed by Beth Dakin.
4
5         Part 2 for <rdar://problem/8492788>
6         Adopt WKScrollbarPainterController
7
8         Use header detection to define scrollbar painting controller #define.
9
10         * WebCore.exp.in:
11         * platform/mac/ScrollAnimatorMac.h:
12         * platform/mac/ScrollbarThemeMac.h:
13         * platform/mac/WebCoreSystemInterface.h:
14         * platform/mac/WebCoreSystemInterface.mm:
15
16 2011-02-01  David Hyatt  <hyatt@apple.com>
17
18         Reviewed by Oliver Hunt.
19
20         https://bugs.webkit.org/show_bug.cgi?id=53520
21         
22         Remove the physical terminology from IntRect and FloatRect.
23         
24         Now that we have flipped RenderBlocks for vertical-rl and horizontal-bt writing modes,
25         we need to update our terminology to be more accurate.
26
27         I'm borrowing a page from AppKit here (which also supports flipped NSViews) and
28         renaming right() and bottom() to maxX() and maxY().  These terms remain accurate
29         even for flipped rectangles.
30
31         * accessibility/AccessibilityRenderObject.cpp:
32         (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange):
33         * accessibility/mac/AccessibilityObjectWrapper.mm:
34         (-[AccessibilityObjectWrapper position]):
35         * dom/ClientRect.h:
36         (WebCore::ClientRect::right):
37         (WebCore::ClientRect::bottom):
38         * html/HTMLCanvasElement.cpp:
39         (WebCore::HTMLCanvasElement::convertLogicalToDevice):
40         * html/canvas/CanvasRenderingContext2D.cpp:
41         (WebCore::normalizeRect):
42         * inspector/InspectorAgent.cpp:
43         (WebCore::InspectorAgent::drawElementTitle):
44         * page/DOMWindow.cpp:
45         (WebCore::DOMWindow::adjustWindowRect):
46         * page/DragController.cpp:
47         (WebCore::dragLocForSelectionDrag):
48         * page/EventHandler.cpp:
49         (WebCore::EventHandler::sendContextMenuEventForKey):
50         * page/PrintContext.cpp:
51         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
52         (WebCore::PrintContext::pageNumberForElement):
53         * page/SpatialNavigation.cpp:
54         (WebCore::end):
55         (WebCore::areRectsFullyAligned):
56         (WebCore::areRectsMoreThanFullScreenApart):
57         (WebCore::below):
58         (WebCore::rightOf):
59         (WebCore::isRectInDirection):
60         (WebCore::entryAndExitPointsForDirection):
61         (WebCore::virtualRectForDirection):
62         * page/WindowFeatures.cpp:
63         (WebCore::WindowFeatures::WindowFeatures):
64         * platform/ScrollView.cpp:
65         (WebCore::ScrollView::wheelEvent):
66         * platform/Scrollbar.cpp:
67         (WebCore::Scrollbar::setFrameRect):
68         * platform/ScrollbarThemeComposite.cpp:
69         (WebCore::ScrollbarThemeComposite::splitTrack):
70         * platform/chromium/ScrollbarThemeChromium.cpp:
71         (WebCore::ScrollbarThemeChromium::paintTickmarks):
72         * platform/graphics/FloatQuad.h:
73         (WebCore::FloatQuad::FloatQuad):
74         * platform/graphics/FloatRect.cpp:
75         (WebCore::FloatRect::intersects):
76         (WebCore::FloatRect::contains):
77         (WebCore::FloatRect::intersect):
78         (WebCore::FloatRect::unite):
79         (WebCore::enclosingIntRect):
80         * platform/graphics/FloatRect.h:
81         (WebCore::FloatRect::maxX):
82         (WebCore::FloatRect::maxY):
83         (WebCore::FloatRect::contains):
84         * platform/graphics/IntRect.cpp:
85         (WebCore::IntRect::intersects):
86         (WebCore::IntRect::contains):
87         (WebCore::IntRect::intersect):
88         (WebCore::IntRect::unite):
89         * platform/graphics/IntRect.h:
90         (WebCore::IntRect::maxX):
91         (WebCore::IntRect::maxY):
92         (WebCore::IntRect::shiftXEdgeTo):
93         (WebCore::IntRect::shiftMaxXEdgeTo):
94         (WebCore::IntRect::shiftYEdgeTo):
95         (WebCore::IntRect::shiftMaxYEdgeTo):
96         (WebCore::IntRect::contains):
97         * platform/graphics/WidthIterator.cpp:
98         (WebCore::WidthIterator::advance):
99         * platform/graphics/cg/GraphicsContextCG.cpp:
100         (WebCore::GraphicsContext::drawRect):
101         (WebCore::GraphicsContext::fillPath):
102         (WebCore::GraphicsContext::fillRect):
103         * platform/graphics/cg/ImageBufferCG.cpp:
104         (WebCore::getImageData):
105         (WebCore::putImageData):
106         * platform/graphics/cg/ImageCG.cpp:
107         (WebCore::BitmapImage::draw):
108         * platform/graphics/filters/FilterEffect.cpp:
109         (WebCore::FilterEffect::copyImageBytes):
110         * platform/graphics/mac/ComplexTextController.cpp:
111         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
112         * platform/graphics/mac/SimpleFontDataMac.mm:
113         (WebCore::SimpleFontData::platformBoundsForGlyph):
114         * platform/graphics/transforms/AffineTransform.cpp:
115         (WebCore::AffineTransform::mapRect):
116         * platform/graphics/win/FontCGWin.cpp:
117         (WebCore::drawGDIGlyphs):
118         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
119         (WebCore::MediaPlayerPrivate::paint):
120         * platform/gtk/RenderThemeGtk.cpp:
121         (WebCore::centerRectVerticallyInParentInputElement):
122         * platform/mac/WidgetMac.mm:
123         (WebCore::Widget::paint):
124         * rendering/InlineFlowBox.cpp:
125         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
126         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
127         * rendering/InlineTextBox.cpp:
128         (WebCore::InlineTextBox::selectionRect):
129         (WebCore::InlineTextBox::paint):
130         (WebCore::InlineTextBox::positionForOffset):
131         * rendering/RenderBlock.cpp:
132         (WebCore::RenderBlock::addOverflowFromChildren):
133         (WebCore::RenderBlock::paintChildren):
134         (WebCore::RenderBlock::paintEllipsisBoxes):
135         (WebCore::RenderBlock::inlineSelectionGaps):
136         (WebCore::RenderBlock::adjustPointToColumnContents):
137         (WebCore::RenderBlock::flipForWritingModeIncludingColumns):
138         (WebCore::RenderBlock::adjustForColumns):
139         * rendering/RenderBlock.h:
140         (WebCore::RenderBlock::FloatingObject::right):
141         (WebCore::RenderBlock::FloatingObject::bottom):
142         * rendering/RenderBox.cpp:
143         (WebCore::RenderBox::reflectedRect):
144         (WebCore::RenderBox::localCaretRect):
145         (WebCore::RenderBox::addShadowOverflow):
146         (WebCore::RenderBox::addLayoutOverflow):
147         (WebCore::RenderBox::visualOverflowRectForPropagation):
148         (WebCore::RenderBox::layoutOverflowRectForPropagation):
149         (WebCore::RenderBox::flipForWritingMode):
150         * rendering/RenderFrameSet.cpp:
151         (WebCore::RenderFrameSet::paintColumnBorder):
152         (WebCore::RenderFrameSet::paintRowBorder):
153         * rendering/RenderInline.cpp:
154         (WebCore::RenderInline::paintOutlineForLine):
155         * rendering/RenderLayer.cpp:
156         (WebCore::RenderLayer::getRectToExpose):
157         (WebCore::cornerRect):
158         (WebCore::RenderLayer::positionOverflowControls):
159         (WebCore::RenderLayer::overflowBottom):
160         (WebCore::RenderLayer::overflowRight):
161         (WebCore::RenderLayer::paintResizer):
162         * rendering/RenderLineBoxList.cpp:
163         (WebCore::RenderLineBoxList::rangeIntersectsRect):
164         (WebCore::RenderLineBoxList::paint):
165         * rendering/RenderListItem.cpp:
166         (WebCore::RenderListItem::positionListMarker):
167         * rendering/RenderListMarker.cpp:
168         (WebCore::RenderListMarker::paint):
169         * rendering/RenderObject.cpp:
170         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
171         * rendering/RenderOverflow.h:
172         (WebCore::RenderOverflow::RenderOverflow):
173         (WebCore::RenderOverflow::addLayoutOverflow):
174         (WebCore::RenderOverflow::addVisualOverflow):
175         (WebCore::RenderOverflow::setLayoutOverflow):
176         (WebCore::RenderOverflow::setVisualOverflow):
177         (WebCore::RenderOverflow::resetLayoutOverflow):
178         * rendering/RenderReplaced.cpp:
179         (WebCore::RenderReplaced::shouldPaint):
180         * rendering/RenderScrollbarTheme.cpp:
181         (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
182         * rendering/RenderTable.cpp:
183         (WebCore::RenderTable::paint):
184         * rendering/RenderTableCell.cpp:
185         (WebCore::RenderTableCell::paint):
186         * rendering/RenderTableSection.cpp:
187         (WebCore::RenderTableSection::paintObject):
188         * rendering/RenderText.cpp:
189         (WebCore::RenderText::absoluteQuads):
190         * rendering/RenderTextControlSingleLine.cpp:
191         (WebCore::RenderTextControlSingleLine::forwardEvent):
192         * rendering/RenderThemeMac.mm:
193         (WebCore::RenderThemeMac::paintMenuListButtonGradients):
194         (WebCore::RenderThemeMac::paintMenuListButton):
195         (WebCore::RenderThemeMac::paintSliderTrack):
196         * rendering/RenderView.cpp:
197         (WebCore::RenderView::computeRectForRepaint):
198         (WebCore::RenderView::docBottom):
199         (WebCore::RenderView::docRight):
200         * rendering/RootInlineBox.cpp:
201         (WebCore::RootInlineBox::paddedLayoutOverflowRect):
202         * rendering/svg/RenderSVGInlineText.cpp:
203         (WebCore::RenderSVGInlineText::localCaretRect):
204
205 2011-02-01  Beth Dakin  <bdakin@apple.com>
206
207         Reviewed by Sam Weinig.
208
209         Fix for <rdar://problem/8492788> Adopt WKScrollbarPainterController
210
211         Lots of new WebCoreSystemInterface functions to export.
212         * WebCore.exp.in:
213         * platform/mac/WebCoreSystemInterface.h:
214         * platform/mac/WebCoreSystemInterface.mm:
215
216         Let the scrollAnimator know when the mouse has
217         moved anywhere inside the page, and when the mouse 
218         has moved in or out of the window. 
219         * page/EventHandler.cpp:
220         (WebCore::EventHandler::mouseMoved):
221         (WebCore::EventHandler::updateMouseEventTargetNode):
222
223         Let the scrollAnimator know when the window has become
224         active or inactive.
225         * page/FocusController.cpp:
226         (WebCore::FocusController::setActive):
227         
228         Let the scrollAnimator know when all of these things
229         are happening.
230         * page/FrameView.cpp:
231         (WebCore::FrameView::setContentsSize):
232         (WebCore::FrameView::didMoveOnscreen):
233         (WebCore::FrameView::willMoveOffscreen):
234         (WebCore::FrameView::currentMousePosition):
235         (WebCore::FrameView::contentsResized):
236         
237         New functions called through WebKit2 that allow the
238         scrollAnimator to know when a live resize starts and ends.
239         (WebCore::FrameView::willStartLiveResize):
240         (WebCore::FrameView::willEndLiveResize):
241         * page/FrameView.h:
242         
243         New functions on ScrollAnimator that pass information
244         to the WKPainterController when we're using one.
245         * platform/ScrollAnimator.h:
246         (WebCore::ScrollAnimator::scrollableArea):
247         (WebCore::ScrollAnimator::contentAreaWillPaint):
248         (WebCore::ScrollAnimator::mouseEnteredContentArea):
249         (WebCore::ScrollAnimator::mouseExitedContentArea):
250         (WebCore::ScrollAnimator::mouseMovedInContentArea):
251         (WebCore::ScrollAnimator::willStartLiveResize):
252         (WebCore::ScrollAnimator::contentsResized):
253         (WebCore::ScrollAnimator::willEndLiveResize):
254         (WebCore::ScrollAnimator::contentAreaDidShow):
255         (WebCore::ScrollAnimator::contentAreaDidHide):
256         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
257         (WebCore::ScrollAnimatorMac::scrollbarPainterDelegate):
258         (WebCore::ScrollAnimatorMac::setPainterForPainterController):
259         (WebCore::ScrollAnimatorMac::removePainterFromPainterController):
260         (WebCore::ScrollAnimatorMac::notityPositionChanged):
261         (WebCore::ScrollAnimatorMac::contentAreaWillPaint):
262         (WebCore::ScrollAnimatorMac::mouseEnteredContentArea):
263         (WebCore::ScrollAnimatorMac::mouseExitedContentArea):
264         (WebCore::ScrollAnimatorMac::mouseMovedInContentArea):
265         (WebCore::ScrollAnimatorMac::willStartLiveResize):
266         (WebCore::ScrollAnimatorMac::contentsResized):
267         (WebCore::ScrollAnimatorMac::willEndLiveResize):
268         (WebCore::ScrollAnimatorMac::contentAreaDidShow):
269         (WebCore::ScrollAnimatorMac::contentAreaDidHide):
270         
271         Let the scrollAnimator know when this is happening.
272         * platform/ScrollView.cpp:
273         (WebCore::ScrollView::paint):
274         
275         New function lets the scrollAnimator get the current 
276         mouse position.
277         * platform/ScrollView.h:
278         (WebCore::ScrollView::currentMousePosition):
279         
280         New function that returns the scrollAnimator when needed.
281         * platform/ScrollableArea.h:
282         (WebCore::ScrollableArea::scrollAnimator):
283         
284         Keep track of if we're in a live resize using a new memeber
285         variable.
286         * platform/mac/ScrollAnimatorMac.h:
287         (WebCore::ScrollAnimatorMac::inLiveResize):
288         * platform/mac/ScrollAnimatorMac.mm:
289         (WebCore::view):
290         
291         New delegates for the WKPainter and WKPainterController
292         (-[ScrollbarPainterControllerDelegate initWithScrollAnimator:WebCore::]):
293         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
294         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
295         (-[ScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
296         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
297         (-[ScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
298         (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
299         (-[ScrollKnobAnimation initWithScrollbarPainter:forScrollAnimator:WebCore::animateKnobAlphaTo:duration:]):
300         (-[ScrollKnobAnimation setCurrentProgress:]):
301         (-[ScrollbarPainterDelegate initWithScrollAnimator:WebCore::]):
302         (-[ScrollbarPainterDelegate convertRectToBacking:]):
303         (-[ScrollbarPainterDelegate convertRectFromBacking:]):
304         (-[ScrollbarPainterDelegate layer]):
305         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:animateKnobAlphaTo:duration:]):
306         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
307         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
308         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
309
310         Get the WKScrollbarPainterRefs to synch up with the 
311         WKScrollbarPainterControllerRefs when appropriate
312         * platform/mac/ScrollbarThemeMac.h:
313         * platform/mac/ScrollbarThemeMac.mm:
314         (WebCore::ScrollbarThemeMac::registerScrollbar):
315         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
316         (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
317         (WebCore::ScrollbarThemeMac::usesOverlayScrollbars):
318
319         Implement ScrollableArea's virtual function contentsSize() for access
320         through the scrollAnimator.
321         * rendering/RenderLayer.h:
322         (WebCore::RenderLayer::contentsSize):
323
324 2011-02-01  Carol Szabo  <carol.szabo@nokia.com>
325
326         Reviewed by David Hyatt.
327
328         layoutTestController.counterValueForElementById does not return the correct value
329         https://bugs.webkit.org/show_bug.cgi?id=53037
330
331         Test: fast/css/counters/deep-before.html
332
333         * rendering/RenderTreeAsText.cpp:
334         (WebCore::counterValueForElement):
335         Modified to use the newly available RenderObject::beforePseudoElement()
336         and RenderObject::afterPseudoElement() instead of the old imperfect
337         algorithm to find the before and after pseudo elements.
338
339 2011-02-01  Anton Muhin  <antonm@chromium.org>
340
341         Reviewed by Adam Barth.
342
343         Allow access for security origin same as this.
344         https://bugs.webkit.org/show_bug.cgi?id=53440
345
346         Hard to test as newly added path currently is never hit.
347
348         * page/SecurityOrigin.cpp:
349         (WebCore::SecurityOrigin::canAccess): allow access if this == other
350
351 2011-01-31  Oliver Hunt  <oliver@apple.com>
352
353         Reviewed by Geoffrey Garen.
354
355         Update JSObject storage for new marking API
356         https://bugs.webkit.org/show_bug.cgi?id=53467
357
358         Update WebCore to handle new anonymous slot behaviour.
359
360         * bindings/js/JSDOMWindowShell.cpp:
361         (WebCore::JSDOMWindowShell::setWindow):
362         * bindings/js/WorkerScriptController.cpp:
363         (WebCore::WorkerScriptController::initScript):
364         * bindings/scripts/CodeGeneratorJS.pm:
365
366 2011-02-01  Xiaomei Ji  <xji@chromium.org>
367
368         Reviewed by David Hyatt.
369
370         Fix a text rendering problem when enclosing block is RTL and text runs
371         are in different directionality.
372         https://bugs.webkit.org/show_bug.cgi?id=34176
373
374         The problem happens in the following example scenario (ABC represents 
375         Hebrew characters):
376         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
377
378         The line consists of 3 text runs -- TextRun1 TextRun2 TextRun3. In which
379         TextRun1 and TextRun2's bidi level are 2, and TextRun3's bidi level is 1.
380         TextRun2 and TextRun3's least common ancestor is not a sibling of TextRun1.
381
382         The visual bidi run order of the text runs is TextRun3 TextRun1 TextRun2.
383
384         Inside RenderBlock::constructLine(), when RenderBlock::createLineBoxes()
385         creates InlineFlowBox for TextRun2, it should check an InlineFlowBox for
386         the run's render object's ancestor (not only its parent) has already 
387         been constructed or has something following it on the line, in which 
388         case, create a new box for TextRun2 instead of sharing the same box with
389         TextRun3.
390
391         In other words, the following 2 div should render the same results
392         (ABC represents Hebrew characters).
393         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
394         <div dir=rtl>this is a <span>Test <span>ABC</span></span></div>
395
396         Test: fast/dom/34176.html
397
398         * rendering/RenderBlockLineLayout.cpp:
399         (WebCore::parentIsConstructedOrHaveNext):
400         (WebCore::RenderBlock::createLineBoxes):
401
402 2011-02-01  Abhishek Arya  <inferno@chromium.org>
403
404         Reviewed by Dan Bernstein.
405
406         Do not add a node in the document's stylesheet candidate node list if the
407         node is already removed from document.
408         https://bugs.webkit.org/show_bug.cgi?id=53441
409
410         Test: fast/css/stylesheet-candidate-nodes-crash.xhtml
411
412         * dom/Document.cpp:
413         (WebCore::Document::addStyleSheetCandidateNode):
414
415 2011-02-01  Dave Hyatt  <hyatt@apple.com>
416
417         Reviewed by Darin Adler.
418
419         https://bugs.webkit.org/show_bug.cgi?id=46422, make printing and pagination work
420         with vertical text.
421
422         Change printing functions to check writing-mode and properly swap width and height
423         as needed.
424         
425         Fix the setScrollOrigin function so that the origin doesn't cause
426         scroll spasming during printing (this is only partially successful, but it's better
427         than it was).
428
429         Rewrite computePageRects to handle both RTL documents properly as well as vertical
430         text documents properly.
431
432         * WebCore.exp.in:
433         * page/FrameView.cpp:
434         (WebCore::FrameView::adjustViewSize):
435         (WebCore::FrameView::forceLayoutForPagination):
436         * page/PrintContext.cpp:
437         (WebCore::PrintContext::computePageRects):
438         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
439         (WebCore::PrintContext::computeAutomaticScaleFactor):
440         (WebCore::PrintContext::spoolPage):
441         (WebCore::PrintContext::spoolRect):
442         * page/PrintContext.h:
443         * page/mac/WebCoreFrameView.h:
444         * platform/ScrollView.cpp:
445         (WebCore::ScrollView::wheelEvent):
446         * platform/ScrollView.h:
447         * platform/mac/ScrollViewMac.mm:
448         (WebCore::ScrollView::platformSetScrollOrigin):
449         * rendering/RenderView.cpp:
450         (WebCore::RenderView::layout):
451
452 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
453
454         Reviewed by Pavel Feldman.
455
456         Web Inspector: Fix profiles reset to avoid clearing heap profiles in Chromium.
457
458         https://bugs.webkit.org/show_bug.cgi?id=53500
459
460         * inspector/InspectorProfilerAgent.cpp:
461         (WebCore::InspectorProfilerAgent::resetFrontendProfiles):
462
463 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
464
465         Reviewed by Pavel Feldman.
466
467         Web Inspector: [Chromium] Landing detailed heap snapshots, part 1.
468
469         https://bugs.webkit.org/show_bug.cgi?id=53173
470
471         Adding code for accessing heap snapshot data and
472         performing graph calculations.
473
474         * English.lproj/localizedStrings.js:
475         * inspector/front-end/HeapSnapshot.js:
476         (WebInspector.HeapSnapshotArraySlice): Helper class to avoid array contents copying.
477         (WebInspector.HeapSnapshotEdge): Wrapper for accessing graph edge properties.
478         (WebInspector.HeapSnapshotEdgeIterator):
479         (WebInspector.HeapSnapshotNode): Wrapper for accessing graph node properties.
480         (WebInspector.HeapSnapshotNodeIterator):
481         (WebInspector.HeapSnapshot): Wrapper for the heap snapshot.
482         (WebInspector.HeapSnapshotFilteredOrderedIterator):
483         (WebInspector.HeapSnapshotEdgesProvider):
484         (WebInspector.HeapSnapshotNodesProvider):
485         (WebInspector.HeapSnapshotPathFinder):
486         * inspector/front-end/HeapSnapshotView.js:
487         (WebInspector.HeapSnapshotView.prototype._convertSnapshot):
488
489 2011-02-01  Adam Roben  <aroben@apple.com>
490
491         Fix linker warnings in Release_LTCG builds
492
493         * WebCore.vcproj/WebCore.vcproj: Exclude EventNames.cpp and EventTarget.cpp from all
494         configurations, since they get pulled in via DOMAllInOne.cpp.
495
496 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
497
498         Reviewed by Yury Semikhatsky.
499
500         Web Inspector: [Chromium] Wrongly labelled context-menu item for links in Web Inspector's side-pane
501         https://bugs.webkit.org/show_bug.cgi?id=53482
502
503         * English.lproj/localizedStrings.js:
504         * inspector/front-end/ElementsPanel.js:
505         (WebInspector.ElementsPanel.prototype.populateHrefContextMenu):
506         * inspector/front-end/inspector.js:
507         (WebInspector.resourceForURL):
508         (WebInspector.openLinkExternallyLabel):
509
510 2011-02-01  Anton Muhin  <antonm@chromium.org>
511
512         Reviewed by Adam Barth.
513
514         Propagate parent document security origin to newly create Document XML response
515         https://bugs.webkit.org/show_bug.cgi?id=53444
516
517         Covered by the existing tests.
518
519         * xml/XMLHttpRequest.cpp:
520         (WebCore::XMLHttpRequest::responseXML):
521
522 2011-02-01  Yury Semikhatsky  <yurys@chromium.org>
523
524         Unreviewed. Rollout r77230 which caused many layout tests
525         crashes on Chromium Debug bots.
526
527         Async event handlers should not fire within a modal dialog
528         https://bugs.webkit.org/show_bug.cgi?id=53202
529
530         * dom/Document.cpp:
531         (WebCore::Document::Document):
532         * dom/EventQueue.cpp:
533         (WebCore::EventQueue::EventQueue):
534         (WebCore::EventQueue::enqueueEvent):
535         (WebCore::EventQueue::pendingEventTimerFired):
536         * dom/EventQueue.h:
537
538 2011-02-01  Zoltan Herczeg  <zherczeg@webkit.org>
539
540         Reviewed by Dirk Schulze.
541
542         LightElement changes does not require relayout.
543         https://bugs.webkit.org/show_bug.cgi?id=53232
544
545         When an attribute of a LightElement changes, it
546         send an update message to the lighting filters
547         to update its corresponding LightSource objects,
548         and repaint the filters.
549
550         Duplicated 'id' attributes removed from svg-filter-animation.svg.
551
552         Existing dynamic-update tests covers this feature.
553
554         5x speedup on manual-tests/svg-filter-animation.svg
555
556         * manual-tests/svg-filter-animation.svg:
557         * platform/graphics/filters/DistantLightSource.h:
558         * platform/graphics/filters/FEDiffuseLighting.cpp:
559         (WebCore::FEDiffuseLighting::setLightingColor):
560         (WebCore::FEDiffuseLighting::setSurfaceScale):
561         (WebCore::FEDiffuseLighting::setDiffuseConstant):
562         (WebCore::FEDiffuseLighting::setKernelUnitLengthX):
563         (WebCore::FEDiffuseLighting::setKernelUnitLengthY):
564         * platform/graphics/filters/FEDiffuseLighting.h:
565         * platform/graphics/filters/LightSource.cpp:
566         (WebCore::PointLightSource::setX):
567         (WebCore::PointLightSource::setY):
568         (WebCore::PointLightSource::setZ):
569         (WebCore::SpotLightSource::setX):
570         (WebCore::SpotLightSource::setY):
571         (WebCore::SpotLightSource::setZ):
572         (WebCore::SpotLightSource::setPointsAtX):
573         (WebCore::SpotLightSource::setPointsAtY):
574         (WebCore::SpotLightSource::setPointsAtZ):
575         (WebCore::SpotLightSource::setSpecularExponent):
576         (WebCore::SpotLightSource::setLimitingConeAngle):
577         (WebCore::DistantLightSource::setAzimuth):
578         (WebCore::DistantLightSource::setElevation):
579         (WebCore::LightSource::setAzimuth):
580         (WebCore::LightSource::setElevation):
581         (WebCore::LightSource::setX):
582         (WebCore::LightSource::setY):
583         (WebCore::LightSource::setZ):
584         (WebCore::LightSource::setPointsAtX):
585         (WebCore::LightSource::setPointsAtY):
586         (WebCore::LightSource::setPointsAtZ):
587         (WebCore::LightSource::setSpecularExponent):
588         (WebCore::LightSource::setLimitingConeAngle):
589         * platform/graphics/filters/LightSource.h:
590         * platform/graphics/filters/PointLightSource.h:
591         * platform/graphics/filters/SpotLightSource.h:
592         * rendering/svg/RenderSVGResourceFilter.cpp:
593         (WebCore::RenderSVGResourceFilter::primitiveAttributeChanged):
594         * svg/SVGFEDiffuseLightingElement.cpp:
595         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
596         (WebCore::SVGFEDiffuseLightingElement::lightElementAttributeChanged):
597         (WebCore::SVGFEDiffuseLightingElement::build):
598         (WebCore::SVGFEDiffuseLightingElement::findLightElement):
599         (WebCore::SVGFEDiffuseLightingElement::findLight):
600         * svg/SVGFEDiffuseLightingElement.h:
601         * svg/SVGFELightElement.cpp:
602         (WebCore::SVGFELightElement::svgAttributeChanged):
603         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
604         (WebCore::SVGFilterPrimitiveStandardAttributes::setFilterEffectAttribute):
605         * svg/SVGFilterPrimitiveStandardAttributes.h:
606
607 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
608
609         Reviewed by Dimitri Glazkov.
610
611         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
612         https://bugs.webkit.org/show_bug.cgi?id=53289
613
614         Moving the nested class DocumentOrderedMap from Document into separate files,
615         updating code where necessary.
616
617         No new tests. (refactoring)
618
619         * Android.mk:
620         * CMakeLists.txt:
621         * GNUMakefile.am:
622         * WebCore.gypi:
623         * WebCore.pro:
624         * WebCore.vcproj/WebCore.vcproj:
625         * WebCore.xcodeproj/project.pbxproj:
626         * dom/Document.cpp:
627         (WebCore::Document::getElementById):
628         (WebCore::Document::getImageMap):
629         * dom/Document.h:
630         * dom/DocumentOrderedMap.cpp: Added.
631         (WebCore::keyMatchesId):
632         (WebCore::keyMatchesMapName):
633         (WebCore::keyMatchesLowercasedMapName):
634         (WebCore::DocumentOrderedMap::clear):
635         (WebCore::DocumentOrderedMap::add):
636         (WebCore::DocumentOrderedMap::remove):
637         (WebCore::DocumentOrderedMap::get):
638         (WebCore::DocumentOrderedMap::getElementById):
639         (WebCore::DocumentOrderedMap::getElementByMapName):
640         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
641         * dom/DocumentOrderedMap.h: Added.
642         (WebCore::DocumentOrderedMap::contains):
643         (WebCore::DocumentOrderedMap::containsMultiple):
644         * dom/DOMAllInOne.cpp:
645
646 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
647
648         Reviewed by Martin Robinson.
649
650         [Gtk] atk_text_set_caret_offset fails for list items
651         https://bugs.webkit.org/show_bug.cgi?id=53388
652
653         Allow using text ranges across list items.
654
655         * accessibility/gtk/AccessibilityObjectAtk.cpp:
656         (WebCore::AccessibilityObject::allowsTextRanges): Add list items
657         to the list of accessibility objects supporting text ranges.
658
659 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
660
661         Reviewed by Martin Robinson.
662
663         [GTK] character range extents is off when the end of a wrapped line is included
664         https://bugs.webkit.org/show_bug.cgi?id=53323
665
666         Fixed wrong calculation getting the range extents.
667
668         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
669         (webkit_accessible_text_get_range_extents): Removed '+1' since the
670         requested interval shouldn't include the last character.
671
672 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
673
674         Reviewed by Martin Robinson.
675
676         [GTK] Caret Offset is one off at the end of wrapped lines
677         https://bugs.webkit.org/show_bug.cgi?id=53300
678
679         Consider linebreaks as special cases.
680
681         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
682         (objectAndOffsetUnignored): In order to avoid getting wrong values
683         when around linebreaks, we need to workaround this by explicitly
684         avoiding those '\n' text nodes from affecting the result of
685         calling to TextIterator:rangeLength().
686
687 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
688
689         Unreviewed, rolling out r77229.
690         http://trac.webkit.org/changeset/77229
691         https://bugs.webkit.org/show_bug.cgi?id=53289
692
693         revert mysterious build breakage
694
695         * Android.mk:
696         * CMakeLists.txt:
697         * GNUmakefile.am:
698         * WebCore.gypi:
699         * WebCore.pro:
700         * WebCore.vcproj/WebCore.vcproj:
701         * WebCore.xcodeproj/project.pbxproj:
702         * dom/DOMAllInOne.cpp:
703         * dom/Document.cpp:
704         (WebCore::Document::DocumentOrderedMap::clear):
705         (WebCore::Document::DocumentOrderedMap::add):
706         (WebCore::Document::DocumentOrderedMap::remove):
707         (WebCore::Document::DocumentOrderedMap::get):
708         (WebCore::keyMatchesId):
709         (WebCore::Document::getElementById):
710         (WebCore::keyMatchesMapName):
711         (WebCore::keyMatchesLowercasedMapName):
712         (WebCore::Document::getImageMap):
713         * dom/Document.h:
714         (WebCore::Document::DocumentOrderedMap::contains):
715         (WebCore::Document::DocumentOrderedMap::containsMultiple):
716         * dom/DocumentOrderedMap.cpp: Removed.
717         * dom/DocumentOrderedMap.h: Removed.
718
719 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
720
721         Reviewed by James Robinson.
722
723         Async event handlers should not fire within a modal dialog
724         https://bugs.webkit.org/show_bug.cgi?id=53202
725
726         Asychronous events that use EventQueue would currently fire while a
727         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
728         SuspendableTimer (which automatically gets suspended while dialogs are
729         up and in other cases where JS execution is not allowed).
730         
731         Test: fast/events/scroll-event-during-modal-dialog.html
732
733         * dom/Document.cpp:
734         (WebCore::Document::Document):
735         * dom/EventQueue.cpp:
736         (WebCore::EventQueueTimer::EventQueueTimer):
737         (WebCore::EventQueueTimer::fired):
738         (WebCore::EventQueue::EventQueue):
739         (WebCore::EventQueue::enqueueEvent):
740         (WebCore::EventQueue::pendingEventTimerFired):
741         * dom/EventQueue.h:
742         (WebCore::EventQueue::create):
743
744 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
745
746         Reviewed by Dimitri Glazkov.
747
748         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
749         https://bugs.webkit.org/show_bug.cgi?id=53289
750
751         Moving the nested class DocumentOrderedMap from Document into separate files,
752         updating code where necessary.
753
754         No new tests. (refactoring)
755
756         * Android.mk:
757         * CMakeLists.txt:
758         * GNUMakefile.am:
759         * WebCore.gypi:
760         * WebCore.pro:
761         * WebCore.vcproj/WebCore.vcproj:
762         * WebCore.xcodeproj/project.pbxproj:
763         * dom/Document.cpp:
764         (WebCore::Document::getElementById):
765         (WebCore::Document::getImageMap):
766         * dom/Document.h:
767         * dom/DocumentOrderedMap.cpp: Added.
768         (WebCore::keyMatchesId):
769         (WebCore::keyMatchesMapName):
770         (WebCore::keyMatchesLowercasedMapName):
771         (WebCore::DocumentOrderedMap::clear):
772         (WebCore::DocumentOrderedMap::add):
773         (WebCore::DocumentOrderedMap::remove):
774         (WebCore::DocumentOrderedMap::get):
775         (WebCore::DocumentOrderedMap::getElementById):
776         (WebCore::DocumentOrderedMap::getElementByMapName):
777         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
778         * dom/DocumentOrderedMap.h: Added.
779         (WebCore::DocumentOrderedMap::contains):
780         (WebCore::DocumentOrderedMap::containsMultiple):
781         * dom/DOMAllInOne.cpp:
782
783 2011-02-01  Naoki Takano  <takano.naoki@gmail.com>
784
785         Reviewed by Darin Fisher.
786
787         [Chromium] Autofill should work with HTML5 form elements
788         https://bugs.webkit.org/show_bug.cgi?id=51809
789         http://crbug.com/65654
790
791         No new tests, because this fix is for Chromium project and hard to test only in WebKit project.
792
793         * html/InputType.h: Insert comment for canSetSuggestedValue().
794         * html/TextFieldInputType.cpp:
795         (WebCore::TextFieldInputType::canSetSuggestedValue): Implemented to return always true for that all text filed inputs can be completed.
796         * html/TextFieldInputType.h: Declare canSetSuggestedValue().
797         * html/TextInputType.cpp: Delete canSetSuggestedValue() not to return true anymore.
798         * html/TextInputType.h: Delete canSetSuggestedValue() not to return true anymore.
799
800 2011-02-01  Kent Tamura  <tkent@chromium.org>
801
802         Reviewed by Dan Bernstein.
803
804         REGRESSION (r65062): Safari loops forever under WebCore::plainTextToMallocAllocatedBuffer()
805         https://bugs.webkit.org/show_bug.cgi?id=53272
806
807         * editing/TextIterator.cpp:
808         (WebCore::TextIterator::handleTextBox): Pass the appropriate renderer to emitText().
809
810 2011-01-31  Alexey Proskuryakov  <ap@apple.com>
811
812         Reviewed by Maciej Stachowiak.
813
814         https://bugs.webkit.org/show_bug.cgi?id=53466
815         Move WebKit2 to printing via API methods
816
817         * WebCore.exp.in: Export IntRect::scale().
818
819 2011-01-31  Patrick Gansterer  <paroga@webkit.org>
820
821         Reviewed by Adam Barth.
822
823         Remove obsolete comment after r41871
824         https://bugs.webkit.org/show_bug.cgi?id=53406
825
826         * dom/Document.h:
827
828 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
829
830         Fix according to reviewer comments: can just use Color::black now.
831
832         * platform/graphics/ShadowBlur.cpp:
833         (WebCore::ShadowBlur::drawInsetShadow):
834         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
835
836 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
837
838         Reviewed by Sam Weinig.
839
840         Clean up ShadowBlur
841         https://bugs.webkit.org/show_bug.cgi?id=53472
842
843         Some minor ShadowBlur cleanup.
844
845         * platform/graphics/ShadowBlur.h:
846         * platform/graphics/ShadowBlur.cpp:
847         (WebCore::ShadowBlur::ShadowBlur): Use m_blurRadius rather than the radius
848         paramter.
849         (WebCore::ShadowBlur::adjustBlurRadius): Renamed from adjustBlurDistance.
850         (WebCore::ShadowBlur::calculateLayerBoundingRect): Rename layerFloatRect to
851         layerRect. Make frameSize a float.
852         (WebCore::ShadowBlur::beginShadowLayer): This now takes a precomputed
853         layerRect rather than calling calculateLayerBoundingRect() to compute
854         it itself, since we were calling calculateLayerBoundingRect() twice.
855         (WebCore::ShadowBlur::drawRectShadow): Optimize to call calculateLayerBoundingRect()
856         only once. The shadowRect variable was unused, so two return paths could be
857         collapsed into one.
858         (WebCore::ShadowBlur::drawInsetShadow): Call calculateLayerBoundingRect() before
859         beginShadowLayer() now.
860         (WebCore::ShadowBlur::drawRectShadowWithoutTiling): The layerRect gets passed in.
861         We always used alpha=1, so no need to pass that in.
862         (WebCore::ShadowBlur::drawRectShadowWithTiling): We always used alpha=1, so no need to
863         pass that in. Move shadowRect down to first use.
864         ShadowBlur::clipBounds() was unused.
865
866 2011-01-31  No'am Rosenthal  <noam.rosenthal@nokia.com>
867
868         Reviewed by Kenneth Rohde Christiansen.
869
870         [Qt] QWebElements example from QtWebKit Bridge documentation does not work at all
871         https://bugs.webkit.org/show_bug.cgi?id=46748
872
873         This problem disappears when we register QWebElement using qRegisterMetaType, which we now do in QtInstance.
874         Added a regression test to tst_QWebFrame.
875
876         * bridge/qt/qt_instance.cpp:
877         (JSC::Bindings::QtInstance::QtInstance):
878
879 2011-01-27  MORITA Hajime  <morrita@google.com>
880
881         Reviewed by Dimitri Glazkov.
882         
883         Convert <progress> shadow DOM to a DOM-based shadow.
884         https://bugs.webkit.org/show_bug.cgi?id=50660
885
886         * Removed RenderProgress::m_valuePart, moved the shadow node
887           to the shadow root of HTMLProgressElement.
888         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
889           ProgressBarValueElement is defined only for overriding
890           shadowPseudoId().
891         
892         No new tests. No behavioral change.
893
894         * css/CSSSelector.cpp:
895         (WebCore::CSSSelector::pseudoId):
896         (WebCore::nameToPseudoTypeMap):
897         (WebCore::CSSSelector::extractPseudoType):
898         * css/CSSSelector.h:
899         * html/HTMLProgressElement.cpp:
900         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
901         (WebCore::ProgressBarValueElement::shadowPseudoId):
902         (WebCore::ProgressBarValueElement::create):
903         (WebCore::ProgressBarValueElement::detach):
904         (WebCore::HTMLProgressElement::parseMappedAttribute):
905         (WebCore::HTMLProgressElement::attach):
906         (WebCore::HTMLProgressElement::valuePart):
907         (WebCore::HTMLProgressElement::didElementStateChange):
908         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
909         * html/HTMLProgressElement.h:
910         * rendering/RenderProgress.cpp:
911         (WebCore::RenderProgress::~RenderProgress):
912         (WebCore::RenderProgress::updateFromElement):
913         (WebCore::RenderProgress::layoutParts):
914         (WebCore::RenderProgress::shouldHaveParts):
915         (WebCore::RenderProgress::valuePart):
916         * rendering/RenderProgress.h:
917         * rendering/style/RenderStyleConstants.h:
918
919 2011-01-31  Charlie Reis  <creis@chromium.org>
920
921         Reviewed by Mihai Parparita.
922
923         Add sanity check to help diagnose bug 52819
924         https://bugs.webkit.org/show_bug.cgi?id=53402
925
926         Crash early if the children of fromItem look invalid.
927
928         * loader/HistoryController.cpp:
929
930 2011-01-31  Kalle Vahlman  <kalle.vahlman@movial.com>
931
932         Reviewed by Andreas Kling.
933
934         [Qt] canvas.drawImage(HTMLVideoElement) doesn't work with Qt Multimedia backend
935         https://bugs.webkit.org/show_bug.cgi?id=53325
936
937         Reimplement paintCurrentFrameInContext() rather than delegate the
938         rendering to paint() to make sure we really do get the video frame
939         content into the GraphicsContext, regardless of accelerated
940         compositing and the video scene state.
941
942         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
943         (WebCore::MediaPlayerPrivateQt::paintCurrentFrameInContext):
944         * platform/graphics/qt/MediaPlayerPrivateQt.h:
945
946 2011-01-31  Emil A Eklund  <eae@chromium.org>
947
948         Reviewed by Darin Adler.
949
950         Setting "selected" attribute to false should have no effect in single line <select>
951         https://bugs.webkit.org/show_bug.cgi?id=52436
952
953         Change SelectElement::setSelectedIndex to select the first selectable
954         option when the select state of all options is set to false as required
955         by the HTML5 specification.
956
957         Test: fast/dom/HTMLSelectElement/selected-false.html
958
959         * dom/SelectElement.cpp:
960         (WebCore::SelectElement::setSelectedIndex):
961
962 2011-01-31  Alexander Pavlov  <apavlov@chromium.org>
963
964         Reviewed by Yury Semikhatsky.
965
966         Web Inspector: Console source references need a left-margin
967         https://bugs.webkit.org/show_bug.cgi?id=53308
968
969         * inspector/front-end/inspector.css:
970         (.console-message-url): Added a 4px margin on the left.
971
972 2011-01-31  Carol Szabo  <carol.szabo@nokia.com>
973
974         Reviewed by David Hyatt.
975
976         Code Changes only.
977
978         It is needlessly expensive to find the generating node from an anonymous renderer of a pseudoelement.
979         https://bugs.webkit.org/show_bug.cgi?id=53024
980
981         No new tests. No change in functionality
982
983         * rendering/RenderObject.h:
984         (WebCore::RenderObject::before):
985         (WebCore::RenderObject::after):
986         (WebCore::RenderObject::generatingNode):
987         Added new accessors for the use of the CSS 2.1 counters code
988         (mainlyly)
989         * rendering/RenderObjectChildList.cpp:
990         (WebCore::beforeAfterContainer):
991         (WebCore::RenderObjectChildList::invalidateCounters):
992         (WebCore::RenderObjectChildList::before):
993         (WebCore::RenderObjectChildList::after):
994         Refactored the code to take advantage of the new accessors.
995         (WebCore::RenderObjectChildList::updateBeforeAfterContent):
996         Changed to store the generating node in the :before and :after
997         renderers.
998         * rendering/RenderObjectChildList.h:
999
1000 2011-01-31  Krithigassree Sambamurthy  <krithigassree.sambamurthy@nokia.com>
1001
1002         Reviewed by David Hyatt.
1003
1004         Add background-clip to background shorthand
1005         https://bugs.webkit.org/show_bug.cgi?id=52080
1006
1007         Added background-clip to background-shorthand. Also made changes to
1008         include webkitMaskClip to the mask shorthand to keep both in sync.
1009
1010         * css/CSSParser.cpp:
1011         (WebCore::CSSParser::parseValue):
1012         (WebCore::CSSParser::parseFillShorthand):
1013
1014 2011-01-31  Darin Adler  <darin@apple.com>
1015
1016         Reviewed by Adele Peterson.
1017
1018         WKView should support scrollPageDown:, scrollPageUp:, scrollToBeg and other similar selectors
1019         https://bugs.webkit.org/show_bug.cgi?id=53460
1020
1021         * editing/EditorCommand.cpp:
1022         (WebCore::executeScrollPageBackward): Added.
1023         (WebCore::executeScrollPageForward): Added.
1024         (WebCore::executeScrollToBeginningOfDocument): Added.
1025         (WebCore::executeScrollToEndOfDocument): Added.
1026         (WebCore::createCommandMap): Added the four commands above to the map.
1027
1028 2011-01-31  Dan Bernstein  <mitz@apple.com>
1029
1030         Reviewed by Adele Peterson.
1031
1032         Inter-ideograph justification should apply to hiragana and katakana as well
1033         https://bugs.webkit.org/show_bug.cgi?id=53464
1034
1035         Changed the test for expansion opportunities from isCJKIdeograph() to isCJKIdeographOrSymbol().
1036
1037         * platform/graphics/Font.cpp:
1038         (WebCore::Font::expansionOpportunityCount):
1039         * platform/graphics/WidthIterator.cpp:
1040         (WebCore::WidthIterator::advance):
1041         * platform/graphics/mac/ComplexTextController.cpp:
1042         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
1043
1044 2011-01-31  Dimitri Glazkov  <dglazkov@chromium.org>
1045
1046         Reviewed by James Robinson.
1047
1048         REGRESSION(r76951): Appearance of media controls changed slightly on Qt/Chromium ports
1049         https://bugs.webkit.org/show_bug.cgi?id=53314
1050
1051         Fixes media/controls-strict.html on Chromium.
1052
1053         * css/mediaControlsChromium.css:
1054         (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
1055             Added proper box-sizing to avoid differences between strict/quirks mode.
1056
1057 2011-01-31  Kent Tamura  <tkent@chromium.org>
1058
1059         Reviewed by Dimitri Glazkov.
1060
1061         Validation message bubble shouldn't inherit text-security style
1062         https://bugs.webkit.org/show_bug.cgi?id=53457
1063
1064         No new tests because the validation message feature depends on timers
1065         and is enabled only in Chromium port.
1066
1067         * css/html.css:
1068         (::-webkit-validation-bubble): Reset -webkit-text-security.
1069
1070 2011-01-31  Michael Saboff  <msaboff@apple.com>
1071
1072         Reviewed by Geoffrey Garen.
1073
1074         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1075         https://bugs.webkit.org/show_bug.cgi?id=53271
1076
1077         Reapplying this patch again. 
1078         The removal of this patch in <http://trac.webkit.org/changeset/77125>
1079         as part of https://bugs.webkit.org/show_bug.cgi?id=53418,
1080         removed the both the first (failing) patch (r76893) and this fixed 
1081         patch (r76969).  This patch includes slight changes necessitated by
1082         r77151.
1083
1084         Reapplying this patch with the change that the second ASSERT in 
1085         RootObject::removeRuntimeObject was changed to use
1086         .uncheckedGet() instead of the failing .get().  The object in question
1087         could be in the process of being GC'ed.  The get() call will not return
1088         such an object while the uncheckedGet() call will return the (unsafe) 
1089         object.  This is the behavior we want.
1090
1091         Precautionary change.
1092         Changed RootObject to use WeakGCMap instead of HashSet.
1093         Found will looking for another issue, but can't produce a test case
1094         that is problematic.  THerefore there aren't any new tests.
1095
1096         * bridge/runtime_root.cpp:
1097         (JSC::Bindings::RootObject::invalidate):
1098         (JSC::Bindings::RootObject::addRuntimeObject):
1099         (JSC::Bindings::RootObject::removeRuntimeObject):
1100         * bridge/runtime_root.h:
1101
1102 2011-01-31  Andreas Kling  <kling@webkit.org>
1103
1104         Unbreak Qt build after r77151.
1105
1106         * bridge/qt/qt_instance.cpp:
1107         (JSC::Bindings::QtInstance::removeCachedMethod):
1108         (JSC::Bindings::QtInstance::markAggregate):
1109
1110 2011-01-31  takano takumi  <takano@apple.com>
1111
1112         Reviewed by Dave Hyatt.
1113
1114         Implement text-combine rendering code
1115         https://bugs.webkit.org/show_bug.cgi?id=50621
1116
1117         Test: fast/text/international/text-combine-image-test.html
1118
1119         * Android.mk: Added RenderCombineText.cpp/h
1120         * CMakeLists.txt: Added RenderCombineText.cpp/h
1121         * GNUmakefile.am: Added RenderCombineText.cpp/h
1122         * WebCore.exp.in:
1123         * WebCore.gypi: Added RenderCombineText.cpp/h
1124         * WebCore.pro: Added RenderCombineText.cpp/h
1125         * WebCore.vcproj/WebCore.vcproj: Added RenderCombineText.cpp/h
1126         * WebCore.xcodeproj/project.pbxproj: Added RenderCombineText.cpp/h
1127         * css/CSSFontFaceSource.cpp:
1128         (WebCore::CSSFontFaceSource::getFontData):
1129         - Added fontDescription.widthVariant to SimpleFontData creation.
1130         * css/CSSStyleSelector.cpp:
1131         (WebCore::CSSStyleSelector::applyProperty):
1132         - Changed to set "Unique" flag to RenderStyle in case of TextCombine.
1133         * dom/Text.cpp:
1134         (WebCore::Text::createRenderer):
1135         - Changed to create RenderCombineText in case of TextCombine.
1136         * loader/cache/CachedFont.cpp:
1137         (WebCore::CachedFont::platformDataFromCustomData):
1138         - Added FontWidthVariant as an argument for FontPlatformData creation.
1139         * loader/cache/CachedFont.h:
1140         - Ditto.
1141         * platform/graphics/Font.h:
1142         (WebCore::Font::widthVariant):
1143         - The accessor to FontWidthVariant member variable.
1144         * platform/graphics/FontCache.cpp:
1145         - Made cache to incorporate FontWidthVariant value.
1146         (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
1147         (WebCore::FontPlatformDataCacheKey::operator==):
1148         (WebCore::computeHash):
1149         (WebCore::FontCache::getCachedFontPlatformData):
1150         * platform/graphics/FontDescription.h:
1151         - Add a member variable that holds a width variant - none, half-width, third-width, and quarter-width.
1152         (WebCore::FontDescription::FontDescription):
1153         (WebCore::FontDescription::widthVariant):
1154         (WebCore::FontDescription::setWidthVariant):
1155         (WebCore::FontDescription::operator==):
1156         * platform/graphics/FontWidthVariant.h: Added.
1157         * platform/graphics/cairo/FontCustomPlatformData.h:
1158         - Changed to carry FontWidthVariant value.
1159         * platform/graphics/cocoa/FontPlatformData.h:
1160         - Changed to carry FontWidthVariant value.
1161         (WebCore::FontPlatformData::FontPlatformData):
1162         (WebCore::FontPlatformData::widthVariant):
1163         (WebCore::FontPlatformData::hash):
1164         (WebCore::FontPlatformData::operator==):
1165         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
1166         (WebCore::FontPlatformData::FontPlatformData):
1167         - Changed to carry FontWidthVariant value.
1168         (WebCore::FontPlatformData::operator=):
1169         - Ditto.
1170         (WebCore::mapFontWidthVariantToCTFeatureSelector):
1171         - A function to map a FontWidthVariant value to a CoreText's text spacing feature selector.
1172         (WebCore::FontPlatformData::ctFont):
1173         - Changed to create CTFont with text spacing variant based on FontWidthVariant.
1174         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1175         (WebCore::FontCustomPlatformData::fontPlatformData):
1176         - Changed to carry FontWidthVariant value.
1177         * platform/graphics/haiku/FontCustomPlatformData.cpp:
1178         (WebCore::FontCustomPlatformData::fontPlatformData):
1179         - Changed to carry FontWidthVariant value.
1180         * platform/graphics/haiku/FontCustomPlatformData.h:
1181         * platform/graphics/mac/FontCacheMac.mm:
1182         (WebCore::FontCache::createFontPlatformData):
1183         - Changed to carry FontWidthVariant value.
1184         * platform/graphics/mac/FontCustomPlatformData.cpp:
1185         (WebCore::FontCustomPlatformData::fontPlatformData):
1186         - Changed to carry FontWidthVariant value.
1187         * platform/graphics/mac/FontCustomPlatformData.h:
1188         - Ditto.
1189         * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
1190         (WebCore::shouldUseCoreText):
1191         - Changed to skip CT path when width variant is specified.
1192         * platform/graphics/pango/FontCustomPlatformDataPango.cpp:
1193         (WebCore::FontCustomPlatformData::fontPlatformData):
1194         - Ditto.
1195         * platform/graphics/qt/FontCustomPlatformData.h:
1196         - Ditto.
1197         * platform/graphics/qt/FontCustomPlatformDataQt.cpp:
1198         (WebCore::FontCustomPlatformData::fontPlatformData):
1199         - Ditto.
1200         * platform/graphics/skia/FontCustomPlatformData.cpp:
1201         (WebCore::FontCustomPlatformData::fontPlatformData):
1202         - Ditto.
1203         * platform/graphics/skia/FontCustomPlatformData.h:
1204         - Ditto.
1205         * platform/graphics/win/FontCustomPlatformData.cpp:
1206         (WebCore::FontCustomPlatformData::fontPlatformData):
1207         - Ditto.
1208         * platform/graphics/win/FontCustomPlatformData.h:
1209         - Ditto.
1210         * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
1211         - Ditto.
1212         (WebCore::FontCustomPlatformData::fontPlatformData):
1213         - Ditto.
1214         * platform/graphics/win/FontCustomPlatformDataCairo.h:
1215         - Ditto.
1216         * platform/graphics/wince/FontCustomPlatformData.cpp:
1217         (WebCore::FontCustomPlatformData::fontPlatformData):
1218         - Ditto.
1219         * platform/graphics/wince/FontCustomPlatformData.h:
1220         - Ditto.
1221         * platform/graphics/wx/FontCustomPlatformData.cpp:
1222         (WebCore::FontCustomPlatformData::fontPlatformData):
1223         - Ditto.
1224         * platform/graphics/wx/FontCustomPlatformData.h:
1225         - Ditto.
1226         * rendering/InlineTextBox.cpp:
1227         (WebCore::InlineTextBox::paint):
1228         - In case of RenderCombineText, we don't rotate text even in vertical writing. Also, we render original text
1229         instead of text returned from text().
1230         * rendering/RenderBlock.cpp:
1231         (WebCore::RenderBlock::computeInlinePreferredLogicalWidths):
1232         - Made to call RenderCombinedText's prepareTextCombine() here.
1233         * rendering/RenderBlockLineLayout.cpp:
1234         (WebCore::textWidth):
1235         - Made to always use the render object's width() in case of TextCombine.
1236         (WebCore::RenderBlock::findNextLineBreak):
1237         - Made to call RenderCombinedText's prepareTextCombine() here.
1238         * rendering/RenderCombineText.cpp: Added. A subclass of RenderText.
1239         (WebCore::RenderCombineText::RenderCombineText):
1240         (WebCore::RenderCombineText::styleDidChange):
1241         - Clear the flag that indicated the font has been prepared for combining. The font will be reinitialized in
1242         the next call of RenderBlock::findNextLineBreak().
1243         (WebCore::RenderCombineText::setTextInternal):
1244         - Ditto.
1245         (WebCore::RenderCombineText::width):
1246         - Returns 1-em width in case of font combine.
1247         (WebCore::RenderCombineText::adjustTextOrigin):
1248         - Adjust drawing origin point in case of font combine.
1249         (WebCore::RenderCombineText::charactersToRender):
1250         - Return original text instead of current text in case of font combine.
1251         (WebCore::RenderCombineText::combineText):
1252         - This function tries to pack passed text with; 1) the current font as is, 2) the font created
1253         from the descriptor with half-width variant specified, 3) the font with third-width variant, 4) the font
1254         with quarter-width variant.
1255         - If a suitable font successfully found, replace the current font with the new font. If no appropriate font found,
1256         we give up text-combine as the CSS spec describes.
1257         - If a new font found, we replace the text with 0xFFFC. This is needed for a combined text block to be able to
1258         behave like a single character against text decorations.
1259         * rendering/RenderCombineText.h: Added.
1260         (WebCore::RenderCombineText::isCombined):
1261         (WebCore::RenderCombineText::combinedTextWidth):
1262         - Returns 1-em width in case of font combine.
1263         (WebCore::RenderCombineText::renderName):
1264         (WebCore::toRenderCombineText):
1265         * rendering/RenderText.cpp:
1266         (WebCore::RenderText::widthFromCache):
1267         - Made to call RenderCombineText's combinedTextWidth when the text is combined.
1268         * rendering/RenderingAllInOne.cpp: Added RenderCombineText.cpp
1269         * rendering/style/RenderStyle.h:
1270         (WebCore::InheritedFlags::hasTextCombine):
1271         - Added for a quick test of TextCombine.
1272
1273 2011-01-31  Oliver Hunt  <oliver@apple.com>
1274
1275         Convert markstack to a slot visitor API
1276         https://bugs.webkit.org/show_bug.cgi?id=53219
1277
1278         rolling r77098, r77099, r77100, r77109, and
1279         r77111 back in, along with a few more Qt fix attempts.
1280
1281         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
1282         * WebCore.exp.in:
1283         * bindings/js/DOMWrapperWorld.h:
1284         (WebCore::DOMWrapperWorld::globalData):
1285         * bindings/js/JSAudioConstructor.cpp:
1286         (WebCore::JSAudioConstructor::JSAudioConstructor):
1287         * bindings/js/JSDOMBinding.cpp:
1288         (WebCore::markDOMNodesForDocument):
1289         (WebCore::markDOMObjectWrapper):
1290         (WebCore::markDOMNodeWrapper):
1291         * bindings/js/JSDOMGlobalObject.cpp:
1292         (WebCore::JSDOMGlobalObject::markChildren):
1293         (WebCore::JSDOMGlobalObject::setInjectedScript):
1294         (WebCore::JSDOMGlobalObject::injectedScript):
1295         * bindings/js/JSDOMGlobalObject.h:
1296         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1297         (WebCore::getDOMConstructor):
1298         * bindings/js/JSDOMWindowCustom.cpp:
1299         (WebCore::JSDOMWindow::setLocation):
1300         (WebCore::DialogHandler::dialogCreated):
1301         * bindings/js/JSDOMWindowShell.cpp:
1302         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1303         (WebCore::JSDOMWindowShell::setWindow):
1304         (WebCore::JSDOMWindowShell::markChildren):
1305         (WebCore::JSDOMWindowShell::unwrappedObject):
1306         * bindings/js/JSDOMWindowShell.h:
1307         (WebCore::JSDOMWindowShell::window):
1308         (WebCore::JSDOMWindowShell::setWindow):
1309         * bindings/js/JSDeviceMotionEventCustom.cpp:
1310         (WebCore::createAccelerationObject):
1311         (WebCore::createRotationRateObject):
1312         * bindings/js/JSEventListener.cpp:
1313         (WebCore::JSEventListener::JSEventListener):
1314         (WebCore::JSEventListener::markJSFunction):
1315         * bindings/js/JSEventListener.h:
1316         (WebCore::JSEventListener::jsFunction):
1317         * bindings/js/JSHTMLDocumentCustom.cpp:
1318         (WebCore::JSHTMLDocument::setAll):
1319         * bindings/js/JSImageConstructor.cpp:
1320         (WebCore::JSImageConstructor::JSImageConstructor):
1321         * bindings/js/JSImageDataCustom.cpp:
1322         (WebCore::toJS):
1323         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1324         (WebCore::JSJavaScriptCallFrame::scopeChain):
1325         (WebCore::JSJavaScriptCallFrame::scopeType):
1326         * bindings/js/JSNodeFilterCondition.cpp:
1327         (WebCore::JSNodeFilterCondition::markAggregate):
1328         (WebCore::JSNodeFilterCondition::acceptNode):
1329         * bindings/js/JSNodeFilterCondition.h:
1330         * bindings/js/JSNodeFilterCustom.cpp:
1331         * bindings/js/JSOptionConstructor.cpp:
1332         (WebCore::JSOptionConstructor::JSOptionConstructor):
1333         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1334         (WebCore::JSSQLResultSetRowList::item):
1335         * bindings/js/ScriptCachedFrameData.cpp:
1336         (WebCore::ScriptCachedFrameData::restore):
1337         * bindings/js/ScriptObject.cpp:
1338         (WebCore::ScriptGlobalObject::set):
1339         * bindings/js/SerializedScriptValue.cpp:
1340         (WebCore::CloneDeserializer::putProperty):
1341         * bindings/scripts/CodeGeneratorJS.pm:
1342         * bridge/qt/qt_class.cpp:
1343         (JSC::Bindings::QtClass::fallbackObject):
1344         * bridge/qt/qt_instance.cpp:
1345         (JSC::Bindings::QtInstance::QtInstance):
1346         (JSC::Bindings::QtInstance::removeCachedMethod):
1347         (JSC::Bindings::QtInstance::markAggregate):
1348         * bridge/qt/qt_instance.h:
1349         * bridge/qt/qt_runtime.cpp:
1350         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1351         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1352         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1353         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1354         * bridge/qt/qt_runtime.h:
1355         * dom/Document.h:
1356
1357 2011-01-31  Dan Winship  <danw@gnome.org>
1358
1359         Reviewed by Gustavo Noronha Silva.
1360
1361         wss (websockets ssl) support for gtk via new gio TLS support
1362         https://bugs.webkit.org/show_bug.cgi?id=50344
1363
1364         Update to use GPollableOutputStream and GTlsConnection to
1365         implement wss URLs
1366
1367         * platform/network/soup/SocketStreamHandle.h:
1368         * platform/network/soup/SocketStreamHandleSoup.cpp:
1369         (WebCore::SocketStreamHandle::SocketStreamHandle):
1370         (WebCore::SocketStreamHandle::connected):
1371         (WebCore::SocketStreamHandle::platformSend):
1372         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
1373         (WebCore::writeReadyCallback):
1374
1375 2011-01-31  Abhishek Arya  <inferno@chromium.org>
1376
1377         Reviewed by Dimitri Glazkov.
1378
1379         Check the textarea node still exists in document before casting
1380         it to HTMLTextAreaElement.
1381         https://bugs.webkit.org/show_bug.cgi?id=53429
1382
1383         Test: fast/forms/textarea-node-removed-from-document-crash.html
1384
1385         * rendering/RenderTextControlMultiLine.cpp:
1386         (WebCore::RenderTextControlMultiLine::~RenderTextControlMultiLine):
1387
1388 2011-01-27  Abhishek Arya  <inferno@chromium.org>
1389
1390         Reviewed by Dave Hyatt.
1391
1392         If beforeChild is wrapped in an anonymous table section, we need to
1393         go the parent to find it and use it before adding childs to table.
1394         https://bugs.webkit.org/show_bug.cgi?id=53276
1395
1396         We need to make sure that beforeChild's parent is "this" before calling
1397         RenderBox::addChild. The previous condition in while is too restrictive
1398         and fails to calculate the right beforeChild value when its display
1399         style is table caption.
1400         Test: fast/table/before-child-non-table-section-add-table-crash.html
1401
1402         * rendering/RenderTable.cpp:
1403         (WebCore::RenderTable::addChild):
1404
1405 2011-01-31  Shane Stephens  <shanestephens@google.com>
1406
1407         Reviewed by Simon Fraser.
1408
1409         AffineTransform::translateRight incorrectly computes a translateLeft.
1410         https://bugs.webkit.org/show_bug.cgi?id=52551
1411
1412         Removed translateRight and converted all uses to perform standard
1413         matrix multiplication.
1414
1415         No new tests because patch doesn't modify functionality.
1416
1417         * platform/graphics/transforms/AffineTransform.cpp:
1418         * platform/graphics/transforms/AffineTransform.h:
1419         (WebCore::AffineTransform::translation):
1420         * rendering/svg/RenderSVGResourceMarker.cpp:
1421         (WebCore::RenderSVGResourceMarker::localToParentTransform):
1422         * rendering/svg/RenderSVGRoot.cpp:
1423         (WebCore::RenderSVGRoot::localToRepaintContainerTransform):
1424         (WebCore::RenderSVGRoot::localToParentTransform):
1425         * rendering/svg/RenderSVGViewportContainer.cpp:
1426         (WebCore::RenderSVGViewportContainer::localToParentTransform):
1427         * rendering/svg/SVGTextLayoutEngine.cpp:
1428         (WebCore::SVGTextLayoutEngine::finalizeTransformMatrices):
1429
1430 2011-01-31  Mario Sanchez Prada  <msanchez@igalia.com>
1431
1432         Reviewed by Martin Robinson.
1433
1434         [Gtk] atk_text_set_caret_offset returns True even when it is unsuccessful
1435         https://bugs.webkit.org/show_bug.cgi?id=53389
1436
1437         Return FALSE when not able to set the caret at the specified offset.
1438
1439         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
1440         (webkit_accessible_text_set_caret_offset): Return FALSE when the
1441         range created is NULL and adjust offset to account for list markers.
1442
1443 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
1444
1445         Reviewed by Yury Semikhatsky.
1446
1447         Web Inspector: copy HAR to clipboard instead of saving blob on export.
1448         https://bugs.webkit.org/show_bug.cgi?id=53328
1449
1450         * inspector/front-end/NetworkPanel.js:
1451         (WebInspector.NetworkPanel.prototype._exportAll):
1452         (WebInspector.NetworkPanel.prototype._exportResource):
1453
1454 2011-01-30  Pavel Feldman  <pfeldman@chromium.org>
1455
1456         Reviewed by Timothy Hatcher.
1457
1458         Web Inspector: speed up network panel rendering.
1459         https://bugs.webkit.org/show_bug.cgi?id=53397
1460
1461         * inspector/front-end/DataGrid.js:
1462         (WebInspector.DataGrid.prototype.get scrollContainer):
1463         * inspector/front-end/NetworkPanel.js:
1464         (WebInspector.NetworkPanel.prototype.elementsToRestoreScrollPositionsFor):
1465         (WebInspector.NetworkPanel.prototype._positionSummaryBar):
1466         (WebInspector.NetworkPanel.prototype._createTable):
1467         (WebInspector.NetworkPanel.prototype._exportResource):
1468         (WebInspector.NetworkPanel.prototype._onScroll):
1469         * inspector/front-end/networkPanel.css:
1470         (.network-sidebar .data-grid.small tr.offscreen):
1471         (.network-sidebar .data-grid tr.offscreen):
1472         (.network-sidebar .data-grid tr.offscreen td):
1473
1474 2011-01-31  Peter Varga  <pvarga@webkit.org>
1475
1476         Reviewed by Andreas Kling.
1477
1478         Remove wrec from WebCore
1479         https://bugs.webkit.org/show_bug.cgi?id=53298
1480
1481         No new tests needed.
1482
1483         * Android.jscbindings.mk:
1484         * ForwardingHeaders/wrec/WREC.h: Removed.
1485         * WebCore.vcproj/WebCore.vcproj:
1486         * WebCore.vcproj/copyForwardingHeaders.cmd:
1487
1488 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1489
1490         Unreviewed, rolling out r76969.
1491         http://trac.webkit.org/changeset/76969
1492         https://bugs.webkit.org/show_bug.cgi?id=53418
1493
1494         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1495         alexg__ on #webkit).
1496
1497         * bridge/runtime_root.cpp:
1498         (JSC::Bindings::RootObject::invalidate):
1499         (JSC::Bindings::RootObject::addRuntimeObject):
1500         (JSC::Bindings::RootObject::removeRuntimeObject):
1501         * bridge/runtime_root.h:
1502
1503 2011-01-31  Antti Koivisto  <antti@apple.com>
1504
1505         Not reviewed.
1506
1507         Spelling.
1508
1509         * css/CSSSelectorList.h:
1510         (WebCore::CSSSelectorList::next):
1511
1512 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
1513
1514         Unreviewed. Fix Chromium compilation on Linux.
1515
1516         * platform/graphics/ShadowBlur.cpp: added PLATFORM(CHROMIUM) guard
1517         * platform/graphics/ShadowBlur.h: added missing ColorSpace.h header include
1518
1519 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
1520
1521         Unreviewed. Fix Chromium compilation on Mac broken by r77101.
1522
1523         * WebCore.gypi: add ShadowBlur.{h,cpp} to the gypi file.
1524
1525 2011-01-31  Mikhail Naganov  <mnaganov@chromium.org>
1526
1527         Reviewed by Yury Semikhatsky.
1528
1529         WebInspector: Change button title from "Clear CPU profiles" to "Clear all profiles".
1530
1531         https://bugs.webkit.org/show_bug.cgi?id=53309
1532
1533         * English.lproj/localizedStrings.js:
1534         * inspector/front-end/ProfilesPanel.js:
1535         (WebInspector.ProfilesPanel):
1536
1537 2011-01-31  Carlos Garcia Campos  <cgarcia@igalia.com>
1538
1539         Unreviewed, fix the build with current GTK+ 3.x.
1540
1541         * plugins/gtk/gtk2xtbin.c:
1542         * plugins/gtk/gtk2xtbin.h:
1543
1544 2011-01-30  Kenichi Ishibashi  <bashi@google.com>
1545
1546         Reviewed by Kent Tamura.
1547
1548         Dangling form associated elements should not be registered on the document
1549         https://bugs.webkit.org/show_bug.cgi?id=53223
1550
1551         Adds insertedIntoDocument() and remvoedFromDocument() to
1552         FormAssociatedElement class to register the element on the document
1553         if and only if it actually inserted into (removed from) the document.
1554
1555         Test: fast/forms/dangling-form-element-crash.html
1556
1557         * html/FormAssociatedElement.cpp:
1558         (WebCore::FormAssociatedElement::insertedIntoDocument): Added.
1559         (WebCore::FormAssociatedElement::removedFromDocument): Ditto.
1560         (WebCore::FormAssociatedElement::insertedIntoTree): Don't register
1561         the element to a document.
1562         (WebCore::FormAssociatedElement::removedFromTree): Don't unregister
1563         the element from a document.
1564         * html/FormAssociatedElement.h:
1565         * html/HTMLFormControlElement.cpp:
1566         (WebCore::HTMLFormControlElement::insertedIntoDocument): Added.
1567         (WebCore::HTMLFormControlElement::removedFromDocument): Ditto.
1568         * html/HTMLFormControlElement.h:
1569         * html/HTMLObjectElement.cpp:
1570         (WebCore::HTMLObjectElement::insertedIntoDocument): Calls
1571         FormAssociatedElement::insertedIntoDocument().
1572         (WebCore::HTMLObjectElement::removedFromDocument): Calls
1573         FormAssociatedElement::removedFromDocument().
1574
1575 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1576
1577         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1578         r77111.
1579         http://trac.webkit.org/changeset/77098
1580         http://trac.webkit.org/changeset/77099
1581         http://trac.webkit.org/changeset/77100
1582         http://trac.webkit.org/changeset/77109
1583         http://trac.webkit.org/changeset/77111
1584         https://bugs.webkit.org/show_bug.cgi?id=53219
1585
1586         Qt build is broken
1587
1588         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
1589         * WebCore.exp.in:
1590         * bindings/js/DOMWrapperWorld.h:
1591         * bindings/js/JSAudioConstructor.cpp:
1592         (WebCore::JSAudioConstructor::JSAudioConstructor):
1593         * bindings/js/JSDOMBinding.cpp:
1594         (WebCore::markDOMNodesForDocument):
1595         (WebCore::markDOMObjectWrapper):
1596         (WebCore::markDOMNodeWrapper):
1597         * bindings/js/JSDOMGlobalObject.cpp:
1598         (WebCore::JSDOMGlobalObject::markChildren):
1599         (WebCore::JSDOMGlobalObject::setInjectedScript):
1600         (WebCore::JSDOMGlobalObject::injectedScript):
1601         * bindings/js/JSDOMGlobalObject.h:
1602         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1603         (WebCore::getDOMConstructor):
1604         * bindings/js/JSDOMWindowCustom.cpp:
1605         (WebCore::JSDOMWindow::setLocation):
1606         (WebCore::DialogHandler::dialogCreated):
1607         * bindings/js/JSDOMWindowShell.cpp:
1608         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1609         (WebCore::JSDOMWindowShell::setWindow):
1610         (WebCore::JSDOMWindowShell::markChildren):
1611         (WebCore::JSDOMWindowShell::unwrappedObject):
1612         * bindings/js/JSDOMWindowShell.h:
1613         (WebCore::JSDOMWindowShell::window):
1614         (WebCore::JSDOMWindowShell::setWindow):
1615         * bindings/js/JSDeviceMotionEventCustom.cpp:
1616         (WebCore::createAccelerationObject):
1617         (WebCore::createRotationRateObject):
1618         * bindings/js/JSEventListener.cpp:
1619         (WebCore::JSEventListener::JSEventListener):
1620         (WebCore::JSEventListener::markJSFunction):
1621         * bindings/js/JSEventListener.h:
1622         (WebCore::JSEventListener::jsFunction):
1623         * bindings/js/JSHTMLDocumentCustom.cpp:
1624         (WebCore::JSHTMLDocument::setAll):
1625         * bindings/js/JSImageConstructor.cpp:
1626         (WebCore::JSImageConstructor::JSImageConstructor):
1627         * bindings/js/JSImageDataCustom.cpp:
1628         (WebCore::toJS):
1629         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1630         (WebCore::JSJavaScriptCallFrame::scopeChain):
1631         (WebCore::JSJavaScriptCallFrame::scopeType):
1632         * bindings/js/JSNodeFilterCondition.cpp:
1633         (WebCore::JSNodeFilterCondition::markAggregate):
1634         (WebCore::JSNodeFilterCondition::acceptNode):
1635         * bindings/js/JSNodeFilterCondition.h:
1636         * bindings/js/JSNodeFilterCustom.cpp:
1637         * bindings/js/JSOptionConstructor.cpp:
1638         (WebCore::JSOptionConstructor::JSOptionConstructor):
1639         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1640         (WebCore::JSSQLResultSetRowList::item):
1641         * bindings/js/ScriptCachedFrameData.cpp:
1642         (WebCore::ScriptCachedFrameData::restore):
1643         * bindings/js/ScriptObject.cpp:
1644         (WebCore::ScriptGlobalObject::set):
1645         * bindings/js/SerializedScriptValue.cpp:
1646         (WebCore::CloneDeserializer::putProperty):
1647         * bindings/scripts/CodeGeneratorJS.pm:
1648         * bridge/qt/qt_instance.cpp:
1649         (JSC::Bindings::QtInstance::QtInstance):
1650         (JSC::Bindings::QtInstance::removeCachedMethod):
1651         (JSC::Bindings::QtInstance::markAggregate):
1652         * bridge/qt/qt_instance.h:
1653         * bridge/qt/qt_runtime.cpp:
1654         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1655         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1656         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1657         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1658         * bridge/qt/qt_runtime.h:
1659         * bridge/runtime_root.cpp:
1660         (JSC::Bindings::RootObject::invalidate):
1661         * bridge/runtime_root.h:
1662         * dom/Document.h:
1663
1664 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1665
1666         Unreviewed, rolling out r77107.
1667         http://trac.webkit.org/changeset/77107
1668         https://bugs.webkit.org/show_bug.cgi?id=53412
1669
1670         Caused 5 new form-related test crashes (Requested by smfr on
1671         #webkit).
1672
1673         * css/CSSSelector.cpp:
1674         (WebCore::CSSSelector::pseudoId):
1675         (WebCore::nameToPseudoTypeMap):
1676         (WebCore::CSSSelector::extractPseudoType):
1677         * css/CSSSelector.h:
1678         * html/HTMLProgressElement.cpp:
1679         (WebCore::HTMLProgressElement::parseMappedAttribute):
1680         (WebCore::HTMLProgressElement::attach):
1681         * html/HTMLProgressElement.h:
1682         * rendering/RenderProgress.cpp:
1683         (WebCore::RenderProgress::~RenderProgress):
1684         (WebCore::RenderProgress::updateFromElement):
1685         (WebCore::RenderProgress::layoutParts):
1686         (WebCore::RenderProgress::shouldHaveParts):
1687         * rendering/RenderProgress.h:
1688         * rendering/style/RenderStyleConstants.h:
1689
1690 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1691
1692         Reviewed by Sam Weinig.
1693
1694         Enhance ShadowBlur to render inset box shadows
1695         https://bugs.webkit.org/show_bug.cgi?id=51567
1696         
1697         Use ShadowBlur for inset box-shadows with CG. It 
1698         currently lacks a tiled version, but is still much
1699         faster than CG shadows.
1700
1701         Test: fast/box-shadow/inset-box-shadow-radius.html
1702
1703         * platform/graphics/ShadowBlur.cpp:
1704         * platform/graphics/ShadowBlur.h: New method for inset
1705         shadows.
1706         (WebCore::ShadowBlur::drawInsetShadow): 
1707
1708         * platform/graphics/GraphicsContext.cpp: #ifdef out
1709         fillRectWithRoundedHole() for CG.
1710
1711         * platform/graphics/cg/GraphicsContextCG.cpp:
1712         (WebCore::GraphicsContext::fillRectWithRoundedHole): If there's
1713         a shadow with a radius > 0, use ShadowBlur.
1714
1715 2011-01-28  Kenneth Russell  <kbr@google.com>
1716
1717         Reviewed by Chris Marrin.
1718
1719         WebGL shows PNG Textures with indexed colors too dark
1720         https://bugs.webkit.org/show_bug.cgi?id=47477
1721
1722         Properly handle indexed PNG images by re-rendering them as RGBA
1723         images before upload. Verified with this layout test and the test
1724         cases from bugs 47477 and 53269.
1725
1726         * platform/graphics/cg/GraphicsContext3DCG.cpp:
1727         (WebCore::GraphicsContext3D::getImageData):
1728
1729 2011-01-27  MORITA Hajime  <morrita@google.com>
1730
1731         Reviewed by Dimitri Glazkov.
1732         
1733         Convert <progress> shadow DOM to a DOM-based shadow.
1734         https://bugs.webkit.org/show_bug.cgi?id=50660
1735
1736         * Removed RenderProgress::m_valuePart, moved the shadow node
1737           to the shadow root of HTMLProgressElement.
1738         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
1739           ProgressBarValueElement is defined only for overriding
1740           shadowPseudoId().
1741         
1742         No new tests. No behavioral change.
1743
1744         * css/CSSSelector.cpp:
1745         (WebCore::CSSSelector::pseudoId):
1746         (WebCore::nameToPseudoTypeMap):
1747         (WebCore::CSSSelector::extractPseudoType):
1748         * css/CSSSelector.h:
1749         * html/HTMLProgressElement.cpp:
1750         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
1751         (WebCore::ProgressBarValueElement::shadowPseudoId):
1752         (WebCore::ProgressBarValueElement::create):
1753         (WebCore::HTMLProgressElement::parseMappedAttribute):
1754         (WebCore::HTMLProgressElement::attach):
1755         (WebCore::HTMLProgressElement::valuePart):
1756         (WebCore::HTMLProgressElement::didElementStateChange):
1757         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
1758         * html/HTMLProgressElement.h:
1759         * rendering/RenderProgress.cpp:
1760         (WebCore::RenderProgress::~RenderProgress):
1761         (WebCore::RenderProgress::updateFromElement):
1762         (WebCore::RenderProgress::layoutParts):
1763         (WebCore::RenderProgress::shouldHaveParts):
1764         (WebCore::RenderProgress::valuePart):
1765         * rendering/RenderProgress.h:
1766         * rendering/style/RenderStyleConstants.h:
1767
1768 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1769
1770         Reviewed by Ariya Hidayat.
1771
1772         Enhance ShadowBlur to render inset box shadows; Part 1.
1773         https://bugs.webkit.org/show_bug.cgi?id=51567
1774         
1775         Add a new method to GraphicsContext to render a rect with a rounded hole,
1776         for use by inset box-shadow code. Knowledge that we're rendering a rounded
1777         hole will enable ShadowBlur to be used here in future.
1778
1779         * platform/graphics/GraphicsContext.cpp:
1780         (WebCore::GraphicsContext::fillRectWithRoundedHole):
1781         * platform/graphics/GraphicsContext.h:
1782         * rendering/RenderBoxModelObject.cpp:
1783         (WebCore::RenderBoxModelObject::paintBoxShadow):
1784
1785 2011-01-23  MORITA Hajime  <morrita@google.com>
1786
1787         Reviewed by Eric Seidel.
1788
1789         REGRESSION: Inset shadow with too large border radius misses rounded corner.
1790         https://bugs.webkit.org/show_bug.cgi?id=52800
1791
1792         The refactoring on r76083 broke the invariant between border
1793         IntRect and its radii because RoundedIntRect::setRect() is called
1794         after getRoundedInnerBorderWithBorderWidths(), which enforces the
1795         invariant. Th rounded-rect clipping code verifies the invariant,
1796         and discard the invalid radii, that results broken paintings.
1797         
1798         This change moved setRect() before
1799         getRoundedInnerBorderWithBorderWidths() not to modify the valid
1800         RoundedIntRect value.
1801         
1802         Test: fast/box-shadow/inset-with-extraordinary-radii-and-border.html
1803
1804         * rendering/RenderBoxModelObject.cpp:
1805         (WebCore::RenderBoxModelObject::paintBoxShadow):
1806
1807 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1808
1809         Attempt to fix Windows build by adding ShadowBlur.cpp/h to the
1810         vcproj.
1811
1812         * WebCore.vcproj/WebCore.vcproj:
1813
1814 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1815
1816         Reviewed by Dan Bernstein.
1817
1818         -webkit-box-shadow causes awful scroll/resize/redraw performance
1819         https://bugs.webkit.org/show_bug.cgi?id=22102
1820         
1821         Use ShadowBlur for CG, whe rendering shadows on rects and
1822         rounded rects outside of canvas.
1823         
1824         CG shadows with a radius of more than 8px do not render
1825         correctly. We preserve this incorrect rendering by compensating
1826         for it when rending -webkit-box-shadow. Calls that should use
1827         this deprecated radius behavior now use setLegacyShadow().
1828
1829         Test: fast/box-shadow/box-shadow-transformed.html
1830         
1831         * html/canvas/CanvasRenderingContext2D.cpp: Use setLegacyShadow()
1832         for canvas, to indicate that it should use the deprecated radius
1833         behavior.
1834         (WebCore::CanvasRenderingContext2D::setAllAttributesToDefault): Ditto.
1835         (WebCore::CanvasRenderingContext2D::setShadow): Ditto.
1836         (WebCore::CanvasRenderingContext2D::applyShadow): Ditto.
1837         
1838         * platform/graphics/GraphicsContext.cpp:
1839         (WebCore::GraphicsContext::setLegacyShadow): Set the m_state.shadowsUseLegacyRadius bit.
1840         
1841         * platform/graphics/GraphicsContext.h:
1842         (WebCore::GraphicsContextState::GraphicsContextState): Add a 
1843         shadowsUseLegacyRadius bit to the state.
1844         
1845         * platform/graphics/cg/GraphicsContextCG.cpp:
1846         (WebCore::radiusToLegacyRadius): Map from the actual radius to one
1847         that approximates CG behavior.
1848         (WebCore::hasBlurredShadow): Helper that returns true if we have a shadow
1849         with a non-zero blur radius.
1850         (WebCore::GraphicsContext::fillRect): Use ShadowBlur if not canvas.
1851         (WebCore::GraphicsContext::fillRoundedRect): Ditto.
1852         (WebCore::GraphicsContext::setPlatformShadow): Comment.
1853
1854         * rendering/RenderBoxModelObject.cpp:
1855         (WebCore::RenderBoxModelObject::paintBoxShadow): Call setLegacyShadow()
1856         for -webkit-box-shadow.
1857
1858         * platform/graphics/ShadowBlur.cpp: 
1859         (WebCore::ShadowBlur::calculateLayerBoundingRect): Fix some pixel crack issues
1860         by rounding up the blur radius.
1861         (WebCore::ShadowBlur::drawRectShadow): Ditto
1862         (WebCore::ShadowBlur::drawRectShadowWithTiling): Ditto.
1863
1864 2011-01-30  Oliver Hunt  <oliver@apple.com>
1865
1866         Try to fix Qt build (again).
1867
1868         * bridge/qt/qt_runtime.cpp:
1869         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1870         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1871
1872 2011-01-30  Oliver Hunt  <oliver@apple.com>
1873
1874         Try to fix Qt build.
1875
1876         * bridge/qt/qt_instance.cpp:
1877         (JSC::Bindings::QtInstance::QtInstance):
1878         (JSC::Bindings::QtInstance::removeCachedMethod):
1879         (JSC::Bindings::QtInstance::markAggregate):
1880         * bridge/qt/qt_instance.h:
1881
1882 2011-01-30  Oliver Hunt  <oliver@apple.com>
1883
1884         Convert markstack to a slot visitor API
1885         https://bugs.webkit.org/show_bug.cgi?id=53219
1886
1887         rolling r77006 and r77020 back in.
1888
1889         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
1890         * WebCore.exp.in:
1891         * bindings/js/DOMWrapperWorld.h:
1892         (WebCore::DOMWrapperWorld::globalData):
1893         * bindings/js/JSAudioConstructor.cpp:
1894         (WebCore::JSAudioConstructor::JSAudioConstructor):
1895         * bindings/js/JSDOMBinding.cpp:
1896         (WebCore::markDOMNodesForDocument):
1897         (WebCore::markDOMObjectWrapper):
1898         (WebCore::markDOMNodeWrapper):
1899         * bindings/js/JSDOMGlobalObject.cpp:
1900         (WebCore::JSDOMGlobalObject::markChildren):
1901         (WebCore::JSDOMGlobalObject::setInjectedScript):
1902         (WebCore::JSDOMGlobalObject::injectedScript):
1903         * bindings/js/JSDOMGlobalObject.h:
1904         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1905         (WebCore::getDOMConstructor):
1906         * bindings/js/JSDOMWindowCustom.cpp:
1907         (WebCore::JSDOMWindow::setLocation):
1908         (WebCore::DialogHandler::dialogCreated):
1909         * bindings/js/JSDOMWindowShell.cpp:
1910         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1911         (WebCore::JSDOMWindowShell::setWindow):
1912         (WebCore::JSDOMWindowShell::markChildren):
1913         (WebCore::JSDOMWindowShell::unwrappedObject):
1914         * bindings/js/JSDOMWindowShell.h:
1915         (WebCore::JSDOMWindowShell::window):
1916         (WebCore::JSDOMWindowShell::setWindow):
1917         * bindings/js/JSDeviceMotionEventCustom.cpp:
1918         (WebCore::createAccelerationObject):
1919         (WebCore::createRotationRateObject):
1920         * bindings/js/JSEventListener.cpp:
1921         (WebCore::JSEventListener::JSEventListener):
1922         (WebCore::JSEventListener::markJSFunction):
1923         * bindings/js/JSEventListener.h:
1924         (WebCore::JSEventListener::jsFunction):
1925         * bindings/js/JSHTMLDocumentCustom.cpp:
1926         (WebCore::JSHTMLDocument::setAll):
1927         * bindings/js/JSImageConstructor.cpp:
1928         (WebCore::JSImageConstructor::JSImageConstructor):
1929         * bindings/js/JSImageDataCustom.cpp:
1930         (WebCore::toJS):
1931         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1932         (WebCore::JSJavaScriptCallFrame::scopeChain):
1933         (WebCore::JSJavaScriptCallFrame::scopeType):
1934         * bindings/js/JSNodeFilterCondition.cpp:
1935         (WebCore::JSNodeFilterCondition::markAggregate):
1936         (WebCore::JSNodeFilterCondition::acceptNode):
1937         * bindings/js/JSNodeFilterCondition.h:
1938         * bindings/js/JSNodeFilterCustom.cpp:
1939         * bindings/js/JSOptionConstructor.cpp:
1940         (WebCore::JSOptionConstructor::JSOptionConstructor):
1941         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1942         (WebCore::JSSQLResultSetRowList::item):
1943         * bindings/js/ScriptCachedFrameData.cpp:
1944         (WebCore::ScriptCachedFrameData::restore):
1945         * bindings/js/ScriptObject.cpp:
1946         (WebCore::ScriptGlobalObject::set):
1947         * bindings/js/SerializedScriptValue.cpp:
1948         (WebCore::CloneDeserializer::putProperty):
1949         * bindings/scripts/CodeGeneratorJS.pm:
1950         * bridge/qt/qt_runtime.cpp:
1951         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1952         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1953         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1954         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1955         * bridge/qt/qt_runtime.h:
1956         * bridge/runtime_root.cpp:
1957         (JSC::Bindings::RootObject::invalidate):
1958         * bridge/runtime_root.h:
1959         * dom/Document.h:
1960
1961 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1962
1963         Reviewed by Sam Weinig.
1964
1965         Make ContextShadow code cross-platform
1966         https://bugs.webkit.org/show_bug.cgi?id=51312
1967
1968         Add a new class, ShadowBlur, that contains most of the
1969         code from ContextShadow, but is fully cross-platform.
1970         It depends on one new method, GraphicsContext::clipBounds(),
1971         which platforms will have to implement.
1972         
1973         Add ShadowBlur to the Mac Xcode project, but don't use it
1974         anywhere yet.
1975
1976         * WebCore.xcodeproj/project.pbxproj:
1977         * platform/graphics/GraphicsContext.cpp:
1978         (WebCore::GraphicsContext::clipBounds):
1979         * platform/graphics/GraphicsContext.h:
1980         * platform/graphics/ShadowBlur.cpp: Added.
1981         (WebCore::roundUpToMultipleOf32):
1982         (WebCore::ScratchBuffer::ScratchBuffer):
1983         (WebCore::ScratchBuffer::getScratchBuffer):
1984         (WebCore::ScratchBuffer::scheduleScratchBufferPurge):
1985         (WebCore::ScratchBuffer::timerFired):
1986         (WebCore::ScratchBuffer::clearScratchBuffer):
1987         (WebCore::ScratchBuffer::shared):
1988         (WebCore::ShadowBlur::ShadowBlur):
1989         (WebCore::ShadowBlur::blurLayerImage):
1990         (WebCore::ShadowBlur::adjustBlurDistance):
1991         (WebCore::ShadowBlur::calculateLayerBoundingRect):
1992         (WebCore::ShadowBlur::beginShadowLayer):
1993         (WebCore::ShadowBlur::endShadowLayer):
1994         (WebCore::ShadowBlur::drawRectShadow):
1995         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
1996         (WebCore::ShadowBlur::drawRectShadowWithTiling):
1997         (WebCore::ShadowBlur::clipBounds):
1998         * platform/graphics/ShadowBlur.h: Added.
1999         (WebCore::ShadowBlur::setShadowsIgnoreTransforms):
2000         (WebCore::ShadowBlur::shadowsIgnoreTransforms):
2001         * platform/graphics/cg/GraphicsContextCG.cpp:
2002         (WebCore::GraphicsContext::clipBounds):
2003
2004 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
2005
2006         Reviewed by Dan Bernstein.
2007
2008         CSS3 gradients with em-based stops fail to repaint when font size changes
2009         https://bugs.webkit.org/show_bug.cgi?id=51845
2010         
2011         Mark as uncacheable gradidients whose color stops depend on font size,
2012         and don't attempt to put these into CSSImageGeneratorValue's image cache.
2013         This means we return a new gradient each time, which is fairly cheap, and
2014         fixes repaint issues under changing font size.
2015
2016         Test: fast/repaint/gradients-em-stops-repaint.html
2017
2018         * css/CSSGradientValue.cpp:
2019         (WebCore::CSSGradientValue::image):
2020         (WebCore::CSSGradientValue::isCacheable):
2021         * css/CSSGradientValue.h:
2022
2023 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2024
2025         Undo try to fix the Qt build.
2026         
2027         My guess didn't work.
2028
2029         * WebCore.pro:
2030
2031 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2032
2033         Try to fix the Qt build.
2034
2035         * WebCore.pro: Added platform/text/CharacterNames.h.
2036
2037 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2038
2039         Reviewed by Maciej Stachowiak.
2040
2041         Some more Heap cleanup.
2042         https://bugs.webkit.org/show_bug.cgi?id=53357
2043         
2044         Updated for JavaScriptCore changes.
2045
2046         * bindings/js/ScriptGCEvent.cpp:
2047         (WebCore::ScriptGCEvent::getHeapSize):
2048
2049 2011-01-29  Adam Barth  <abarth@webkit.org>
2050
2051         Reviewed by Daniel Bates.
2052
2053         Fix XSSFilter crash when extracting the source for a token twice
2054         https://bugs.webkit.org/show_bug.cgi?id=53368
2055
2056         Previously, it was unsafe to extract the source for the same token
2057         twice because the HTMLSourceTracker would advance its internal
2058         representation of the SegmentedString.  This patch introduces a cache
2059         to make calling HTMLSourceTracker::sourceForToken multiple times safe.
2060
2061         * html/parser/HTMLSourceTracker.cpp:
2062         (WebCore::HTMLSourceTracker::end):
2063         (WebCore::HTMLSourceTracker::sourceForToken):
2064         * html/parser/HTMLSourceTracker.h:
2065
2066 2011-01-29  Maciej Stachowiak  <mjs@apple.com>
2067
2068         Reviewed by Dan Bernstein.
2069
2070         Fix fat build for both 32-bit and 64-bit under llvm-gcc 4.2
2071         https://bugs.webkit.org/show_bug.cgi?id=53386
2072
2073         * platform/mac/ScrollAnimatorMac.mm:
2074         (WebCore::elasticDeltaForReboundDelta):
2075         (WebCore::scrollWheelMultiplier):
2076         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
2077         (WebCore::ScrollAnimatorMac::beginScrollGesture):
2078         (WebCore::roundTowardZero):
2079         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
2080
2081 2011-01-29  Daniel Bates  <dbates@rim.com>
2082
2083         Reviewed by Maciej Stachowiak.
2084
2085         Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
2086         https://bugs.webkit.org/show_bug.cgi?id=53382
2087
2088         Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
2089         So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
2090         Therefore, we should remove such references.
2091
2092         * CMakeLists.txt:
2093
2094 2011-01-29  Sam Weinig  <sam@webkit.org>
2095
2096         Reviewed by Jon Honeycutt.
2097
2098         Fix 32-bit build on the Mac.
2099
2100         * platform/mac/ScrollAnimatorMac.mm:
2101         (WebCore::roundTowardZero):
2102         (WebCore::roundToDevicePixelTowardZero):
2103         Use floats instead of doubles to avoid double-to-float conversion
2104         issues.
2105
2106 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
2107
2108         Reviewed by Adam Barth.
2109
2110         Use clampToInteger() functions in a few places
2111         https://bugs.webkit.org/show_bug.cgi?id=53363
2112         
2113         * css/CSSStyleSelector.cpp:
2114         (WebCore::CSSStyleSelector::applyProperty): Use clampToInteger() for z-index.
2115         (WebCore::CSSStyleSelector::createTransformOperations): Use clampToPositiveInteger().
2116         * platform/graphics/transforms/PerspectiveTransformOperation.cpp: Ditto.
2117         (WebCore::PerspectiveTransformOperation::blend): Ditto.
2118
2119 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
2120
2121         Reviewed by David Kilzer.
2122
2123         Move CharacterNames.h into WTF directory
2124         https://bugs.webkit.org/show_bug.cgi?id=49618
2125
2126         * ForwardingHeaders/wtf/unicode/CharacterNames.h: Added.
2127         * GNUmakefile.am:
2128         * WebCore.gypi:
2129         * WebCore.vcproj/WebCore.vcproj:
2130         * WebCore.xcodeproj/project.pbxproj:
2131         * accessibility/AccessibilityObject.cpp:
2132         * accessibility/AccessibilityRenderObject.cpp:
2133         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
2134         * bindings/js/JSHTMLDocumentCustom.cpp:
2135         * dom/Position.cpp:
2136         * dom/SelectElement.cpp:
2137         * editing/CompositeEditCommand.cpp:
2138         * editing/Editor.cpp:
2139         * editing/HTMLInterchange.cpp:
2140         * editing/InsertTextCommand.cpp:
2141         * editing/MarkupAccumulator.cpp:
2142         * editing/TextIterator.cpp:
2143         * editing/VisibleSelection.cpp:
2144         * editing/htmlediting.cpp:
2145         * editing/htmlediting.h:
2146         * editing/markup.cpp:
2147         * html/FTPDirectoryDocument.cpp:
2148         * html/HTMLFormControlElement.cpp:
2149         * html/parser/HTMLTreeBuilder.cpp:
2150         * loader/appcache/ManifestParser.cpp:
2151         * platform/chromium/PopupMenuChromium.cpp:
2152         * platform/graphics/Font.h:
2153         * platform/graphics/FontFastPath.cpp:
2154         * platform/graphics/GlyphPageTreeNode.cpp:
2155         * platform/graphics/StringTruncator.cpp:
2156         * platform/graphics/mac/ComplexTextController.cpp:
2157         * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
2158         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2159         * platform/mac/PasteboardMac.mm:
2160         * platform/text/TextCodecICU.cpp:
2161         * platform/text/mac/TextCodecMac.cpp:
2162         * platform/text/transcoder/FontTranscoder.cpp:
2163         * rendering/RenderBlockLineLayout.cpp:
2164         * rendering/RenderFlexibleBox.cpp:
2165         * rendering/RenderListMarker.cpp:
2166         * rendering/RenderText.cpp:
2167         * rendering/RenderTextControl.cpp:
2168         * rendering/RenderTreeAsText.cpp:
2169         * rendering/break_lines.cpp:
2170         * rendering/mathml/RenderMathMLOperator.h:
2171         * websockets/WebSocketHandshake.cpp:
2172         * wml/WMLTableElement.cpp:
2173
2174 2011-01-29  Dan Winship  <danw@gnome.org>
2175
2176         Reviewed by Xan Lopez.
2177
2178         [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
2179         libsoup 2.33.1 now.
2180         https://bugs.webkit.org/show_bug.cgi?id=50675
2181
2182         * platform/network/soup/CookieJarSoup.cpp:
2183         (WebCore::defaultCookieJar):
2184         (WebCore::setCookies):
2185         * platform/network/soup/ResourceHandleSoup.cpp:
2186         (WebCore::ResourceHandle::prepareForURL):
2187         (WebCore::restartedCallback):
2188         (WebCore::startHttp):
2189         * platform/network/soup/ResourceRequestSoup.cpp:
2190         (WebCore::ResourceRequest::updateSoupMessage):
2191         (WebCore::ResourceRequest::toSoupMessage):
2192         (WebCore::ResourceRequest::updateFromSoupMessage):
2193
2194 2011-01-29  Adam Barth  <abarth@webkit.org>
2195
2196         Reviewed by Daniel Bates.
2197
2198         XSSFilter should replace URLs with about:blank instead of the empty string
2199         https://bugs.webkit.org/show_bug.cgi?id=53370
2200
2201         Using the empty string will make the URL complete to the current
2202         document's URL, which isn't really what we want.  Instead, we want to
2203         use about:blank, which is safe.
2204
2205         * html/parser/XSSFilter.cpp:
2206         (WebCore::XSSFilter::filterObjectToken):
2207         (WebCore::XSSFilter::filterEmbedToken):
2208
2209 2011-01-29  Adam Barth  <abarth@webkit.org>
2210
2211         Reviewed by Daniel Bates.
2212
2213         XSSFilter should pass xssAuditor/script-tag-addslashes*
2214         https://bugs.webkit.org/show_bug.cgi?id=53365
2215
2216         We need to canonicalize strings to avoid being tricked by addslashes.
2217
2218         * html/parser/XSSFilter.cpp:
2219         (WebCore::HTMLNames::isNonCanonicalCharacter):
2220             - This function is copied from the XSSAuditor (with some tweaks).
2221               We'll eventually remove the XSSAuditor once we've got XSSFilter
2222               working properly.
2223         (WebCore::HTMLNames::canonicalize):
2224         (WebCore::HTMLNames::decodeURL):
2225         (WebCore::XSSFilter::isContainedInRequest):
2226
2227 2011-01-29  Adam Barth  <abarth@webkit.org>
2228
2229         Reviewed by Daniel Bates.
2230
2231         XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
2232         and xssAuditor/script-tag-post-*
2233         https://bugs.webkit.org/show_bug.cgi?id=53364
2234
2235         We're supposed to allow loading same-origin resources even if they
2236         appear as part of the request.
2237
2238         Also, we're supposed to look at the POST data too.  :)
2239
2240         * html/parser/XSSFilter.cpp:
2241         (WebCore::XSSFilter::eraseAttributeIfInjected):
2242         (WebCore::XSSFilter::isSameOriginResource):
2243             - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
2244               eventually remove the XSSAuditor version when XSSFilter is done.
2245         * html/parser/XSSFilter.h:
2246
2247 2011-01-29  Adam Barth  <abarth@webkit.org>
2248
2249         Reviewed by Daniel Bates.
2250
2251         XSSFilter should pass 16 of the xssAuditor/script-tag* tests
2252         https://bugs.webkit.org/show_bug.cgi?id=53362
2253
2254         Turns out we need to replace the src attribute of script tags with
2255         about:blank to avoid loading the main document URL as a script.  Also,
2256         move misplaced return statement that was triggering the console message
2257         too often.
2258
2259         * html/parser/HTMLToken.h:
2260         (WebCore::HTMLToken::appendToAttributeValue):
2261         * html/parser/XSSFilter.cpp:
2262         (WebCore::XSSFilter::filterScriptToken):
2263         (WebCore::XSSFilter::eraseAttributeIfInjected):
2264         * html/parser/XSSFilter.h:
2265
2266 2011-01-28  Jon Honeycutt  <jhoneycutt@apple.com>
2267
2268         Downloads in WK2 on Windows should write resume data to bundle
2269         https://bugs.webkit.org/show_bug.cgi?id=53282
2270         <rdar://problem/8753077>
2271
2272         Reviewed by Alice Liu.
2273
2274         * WebCore.vcproj/WebCore.vcproj:
2275         Added new files to project.
2276
2277         * platform/network/cf/DownloadBundle.h: Added.
2278         * platform/network/win/DownloadBundleWin.cpp: Added.
2279         (WebCore::DownloadBundle::magicNumber):
2280         Moved from WebKit's WebDownload so that WebKit and WebKit2 can share
2281         it.
2282         (WebCore::DownloadBundle::fileExtension):
2283         Ditto.
2284         (WebCore::DownloadBundle::appendResumeData):
2285         Ditto - but modified to return bool rather than HRESULT and to clean up
2286         whitespace.
2287         (WebCore::DownloadBundle::extractResumeData):
2288         Ditto - modified to clean up whitespace.
2289
2290 2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>
2291
2292         Unreviewed, rolling out r77050.
2293         http://trac.webkit.org/changeset/77050
2294         https://bugs.webkit.org/show_bug.cgi?id=53371
2295
2296         Caused a crash in Chromium's test_shell_tests (Requested by
2297         rniwa on #webkit).
2298
2299         * html/parser/HTMLTreeBuilder.cpp:
2300         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
2301         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
2302         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
2303         * html/parser/HTMLTreeBuilder.h:
2304
2305 2011-01-28  Eric Seidel  <eric@webkit.org>
2306
2307         Reviewed by Darin Adler.
2308
2309         HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
2310         https://bugs.webkit.org/show_bug.cgi?id=48719
2311
2312         It's unclear exactly what the Peacekeeper benchmark is testing,
2313         because I haven't found a way to run it myself.
2314
2315         However, I constructed a benchmark which shows at least one possible slow point.
2316         The HTML5 spec talks about creating a new document for every time we use
2317         the fragment parsing algorithm.  Document() it turns out, it a huge bloated
2318         mess, and the constructor and destructor do a huge amount of work.
2319         To avoid constructing (or destructing) documents for each innerHTML call,
2320         this patch adds a shared dummy document used by all innerHTML calls.
2321
2322         This patch brings us from 7x slower than Safari 5 on tiny-innerHTML
2323         to only 1.5x slower than Safari 5.  I'm sure there is more work to do here.
2324
2325         Saving a shared Document like this is error prone.  Currently
2326         DummyDocumentFactory::releaseDocument() calls removeAllChildren()
2327         in an attempt to clear the Document's state. However it's possible
2328         that that call is not sufficient and we'll have future bugs here.
2329
2330         * html/parser/HTMLTreeBuilder.cpp:
2331         (WebCore::DummyDocumentFactory::createDummyDocument):
2332         (WebCore::DummyDocumentFactory::releaseDocument):
2333         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
2334         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
2335         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
2336         * html/parser/HTMLTreeBuilder.h:
2337
2338 2011-01-28  Johnny Ding  <jnd@chromium.org>
2339
2340         Reviewed by Adam Barth.
2341
2342         Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
2343         The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
2344         https://bugs.webkit.org/show_bug.cgi?id=53244
2345
2346         Test: fast/events/popup-blocked-from-iframe-src.html
2347
2348         * bindings/ScriptControllerBase.cpp:
2349         (WebCore::ScriptController::executeIfJavaScriptURL):
2350
2351 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
2352
2353         Reviewed by Gavin Barraclough.
2354
2355         Add various clampToInt() methods to MathExtras.h
2356         https://bugs.webkit.org/show_bug.cgi?id=52910
2357
2358         Use clampToInteger() from MathExtras.h
2359
2360         * css/CSSParser.cpp:
2361         (WebCore::CSSParser::parseCounter):
2362
2363 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2364
2365         Unreviewed, rolling out r77006 and r77020.
2366         http://trac.webkit.org/changeset/77006
2367         http://trac.webkit.org/changeset/77020
2368         https://bugs.webkit.org/show_bug.cgi?id=53360
2369
2370         "Broke Windows tests" (Requested by rniwa on #webkit).
2371
2372         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
2373         * WebCore.exp.in:
2374         * bindings/js/DOMWrapperWorld.h:
2375         * bindings/js/JSAudioConstructor.cpp:
2376         (WebCore::JSAudioConstructor::JSAudioConstructor):
2377         * bindings/js/JSDOMBinding.cpp:
2378         (WebCore::markDOMNodesForDocument):
2379         (WebCore::markDOMObjectWrapper):
2380         (WebCore::markDOMNodeWrapper):
2381         * bindings/js/JSDOMGlobalObject.cpp:
2382         (WebCore::JSDOMGlobalObject::markChildren):
2383         (WebCore::JSDOMGlobalObject::setInjectedScript):
2384         (WebCore::JSDOMGlobalObject::injectedScript):
2385         * bindings/js/JSDOMGlobalObject.h:
2386         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2387         (WebCore::getDOMConstructor):
2388         * bindings/js/JSDOMWindowCustom.cpp:
2389         (WebCore::JSDOMWindow::setLocation):
2390         (WebCore::DialogHandler::dialogCreated):
2391         * bindings/js/JSDOMWindowShell.cpp:
2392         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2393         (WebCore::JSDOMWindowShell::setWindow):
2394         (WebCore::JSDOMWindowShell::markChildren):
2395         (WebCore::JSDOMWindowShell::unwrappedObject):
2396         * bindings/js/JSDOMWindowShell.h:
2397         (WebCore::JSDOMWindowShell::window):
2398         (WebCore::JSDOMWindowShell::setWindow):
2399         * bindings/js/JSDeviceMotionEventCustom.cpp:
2400         (WebCore::createAccelerationObject):
2401         (WebCore::createRotationRateObject):
2402         * bindings/js/JSEventListener.cpp:
2403         (WebCore::JSEventListener::JSEventListener):
2404         (WebCore::JSEventListener::markJSFunction):
2405         * bindings/js/JSEventListener.h:
2406         (WebCore::JSEventListener::jsFunction):
2407         * bindings/js/JSHTMLDocumentCustom.cpp:
2408         (WebCore::JSHTMLDocument::setAll):
2409         * bindings/js/JSImageConstructor.cpp:
2410         (WebCore::JSImageConstructor::JSImageConstructor):
2411         * bindings/js/JSImageDataCustom.cpp:
2412         (WebCore::toJS):
2413         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2414         (WebCore::JSJavaScriptCallFrame::scopeChain):
2415         (WebCore::JSJavaScriptCallFrame::scopeType):
2416         * bindings/js/JSNodeFilterCondition.cpp:
2417         (WebCore::JSNodeFilterCondition::markAggregate):
2418         (WebCore::JSNodeFilterCondition::acceptNode):
2419         * bindings/js/JSNodeFilterCondition.h:
2420         * bindings/js/JSNodeFilterCustom.cpp:
2421         * bindings/js/JSOptionConstructor.cpp:
2422         (WebCore::JSOptionConstructor::JSOptionConstructor):
2423         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2424         (WebCore::JSSQLResultSetRowList::item):
2425         * bindings/js/ScriptCachedFrameData.cpp:
2426         (WebCore::ScriptCachedFrameData::restore):
2427         * bindings/js/ScriptObject.cpp:
2428         (WebCore::ScriptGlobalObject::set):
2429         * bindings/js/SerializedScriptValue.cpp:
2430         (WebCore::CloneDeserializer::putProperty):
2431         * bindings/scripts/CodeGeneratorJS.pm:
2432         * bridge/qt/qt_runtime.cpp:
2433         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2434         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2435         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2436         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2437         * bridge/qt/qt_runtime.h:
2438         * bridge/runtime_root.cpp:
2439         (JSC::Bindings::RootObject::invalidate):
2440         * bridge/runtime_root.h:
2441         * dom/Document.h:
2442
2443 2011-01-28  Adam Barth  <abarth@webkit.org>
2444
2445         Reviewed by Eric Seidel.
2446
2447         XSSFilter should log to the console when it blocks something
2448         https://bugs.webkit.org/show_bug.cgi?id=53354
2449
2450         This patch refactors a bunch of methods in XSSFilter to return a bool
2451         indicating whether they blocked anything.  Using this bool, we decide
2452         whether to log to the console.  We're using the same log message as the
2453         XSSAuditor, but it seems likely we can improve this message in the
2454         future (especially by piping in the correct line number, which is now
2455         accessible via the parser).
2456
2457         * html/parser/XSSFilter.cpp:
2458         (WebCore::HTMLNames::isNameOfInlineEventHandler):
2459         (WebCore::XSSFilter::filterToken):
2460         (WebCore::XSSFilter::filterTokenInitial):
2461         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
2462         (WebCore::XSSFilter::filterScriptToken):
2463         (WebCore::XSSFilter::filterObjectToken):
2464         (WebCore::XSSFilter::filterEmbedToken):
2465         (WebCore::XSSFilter::filterAppletToken):
2466         (WebCore::XSSFilter::filterMetaToken):
2467         (WebCore::XSSFilter::filterBaseToken):
2468         (WebCore::XSSFilter::eraseInlineEventHandlersIfInjected):
2469         * html/parser/XSSFilter.h:
2470
2471 2011-01-28  Adam Barth  <abarth@webkit.org>
2472
2473         Reviewed by Daniel Bates.
2474
2475         Wire up settings->xssAuditorEnabled to XSSFilter
2476         https://bugs.webkit.org/show_bug.cgi?id=53345
2477
2478         * html/parser/XSSFilter.cpp:
2479         (WebCore::XSSFilter::XSSFilter):
2480         (WebCore::XSSFilter::filterToken):
2481         * html/parser/XSSFilter.h:
2482
2483 2011-01-28  Adam Barth  <abarth@webkit.org>
2484
2485         Reviewed by Daniel Bates.
2486
2487         Teach XSSFilter about <meta> and <base> tags
2488         https://bugs.webkit.org/show_bug.cgi?id=53339
2489
2490         I'm not 100% sure we need to block <meta http-equiv>, but it seems
2491         prudent given how powerful that attribute is.  We definitely need to
2492         block injection of <base href> because that can redirect script tags
2493         that use relative URLs.
2494
2495         * html/parser/XSSFilter.cpp:
2496         (WebCore::XSSFilter::filterToken):
2497         (WebCore::XSSFilter::filterMetaToken):
2498         (WebCore::XSSFilter::filterBaseToken):
2499         * html/parser/XSSFilter.h:
2500
2501 2011-01-28  Adam Barth  <abarth@webkit.org>
2502
2503         Reviewed by Daniel Bates.
2504
2505         Teach XSSFilter about <applet>
2506         https://bugs.webkit.org/show_bug.cgi?id=53338
2507
2508         HTML5 is pretty light on information about how the <applet> tag works.
2509         According to this site:
2510
2511         http://download.oracle.com/javase/1.4.2/docs/guide/misc/applet.html
2512
2513         The "code" and "object" attributes are the essential attributes for
2514         determining which piece of Java to run.  We might need to expand to the
2515         codebase and archive attributes at some point, but hopefully code and
2516         object will be sufficient.
2517
2518         * html/parser/XSSFilter.cpp:
2519         (WebCore::XSSFilter::filterToken):
2520         (WebCore::XSSFilter::filterAppletToken):
2521         * html/parser/XSSFilter.h:
2522
2523 2011-01-28  Adam Barth  <abarth@webkit.org>
2524
2525         Reviewed by Daniel Bates.
2526
2527         Teach the XSSFilter about object and embed tags
2528         https://bugs.webkit.org/show_bug.cgi?id=53336
2529
2530         For <object> and <embed>, we filter out attribute values that either
2531         indicate which piece of media to load or which plugin to load.  In a
2532         perfect world, we'd only need to filter out the URLs of the media, but
2533         some plug-ins (like Flash) have lots of fun places you can hide the
2534         URL (e.g., the "movie" <param>).
2535
2536         * html/parser/XSSFilter.cpp:
2537         (WebCore::XSSFilter::filterToken):
2538         (WebCore::XSSFilter::filterScriptToken):
2539         (WebCore::XSSFilter::filterObjectToken):
2540         (WebCore::XSSFilter::filterEmbedToken):
2541         (WebCore::XSSFilter::eraseAttributeIfInjected):
2542         * html/parser/XSSFilter.h:
2543
2544 2011-01-28  Oliver Hunt  <oliver@apple.com>
2545
2546         Fix Qt build.
2547
2548         * bridge/qt/qt_runtime.cpp:
2549         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2550         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2551         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2552         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2553         * bridge/qt/qt_runtime.h:
2554
2555 2011-01-28  Antti Koivisto  <antti@apple.com>
2556
2557         Reviewed by Simon Fraser.
2558
2559         CSS styles are shared based on uninitialized property values
2560         https://bugs.webkit.org/show_bug.cgi?id=53285
2561         
2562         Null test.
2563
2564         * dom/NamedNodeMap.cpp:
2565         (WebCore::NamedNodeMap::mappedMapsEquivalent):
2566
2567 2011-01-27  Oliver Hunt  <oliver@apple.com>
2568
2569         Reviewed by Geoffrey Garen.
2570
2571         Convert markstack to a slot visitor API
2572         https://bugs.webkit.org/show_bug.cgi?id=53219
2573
2574         Update WebCore to the new marking apis, correct bindings
2575         codegen. 
2576
2577         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
2578         * WebCore.exp.in:
2579         * bindings/js/DOMWrapperWorld.h:
2580         (WebCore::DOMWrapperWorld::globalData):
2581         * bindings/js/JSAudioConstructor.cpp:
2582         (WebCore::JSAudioConstructor::JSAudioConstructor):
2583         * bindings/js/JSDOMBinding.cpp:
2584         (WebCore::markDOMNodesForDocument):
2585         (WebCore::markDOMObjectWrapper):
2586         (WebCore::markDOMNodeWrapper):
2587         * bindings/js/JSDOMGlobalObject.cpp:
2588         (WebCore::JSDOMGlobalObject::markChildren):
2589         (WebCore::JSDOMGlobalObject::setInjectedScript):
2590         (WebCore::JSDOMGlobalObject::injectedScript):
2591         * bindings/js/JSDOMGlobalObject.h:
2592         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2593         (WebCore::getDOMConstructor):
2594         * bindings/js/JSDOMWindowCustom.cpp:
2595         (WebCore::JSDOMWindow::setLocation):
2596         (WebCore::DialogHandler::dialogCreated):
2597         * bindings/js/JSDOMWindowShell.cpp:
2598         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2599         (WebCore::JSDOMWindowShell::setWindow):
2600         (WebCore::JSDOMWindowShell::markChildren):
2601         (WebCore::JSDOMWindowShell::unwrappedObject):
2602         * bindings/js/JSDOMWindowShell.h:
2603         (WebCore::JSDOMWindowShell::window):
2604         (WebCore::JSDOMWindowShell::setWindow):
2605         * bindings/js/JSEventListener.cpp:
2606         (WebCore::JSEventListener::JSEventListener):
2607         (WebCore::JSEventListener::markJSFunction):
2608         * bindings/js/JSEventListener.h:
2609         (WebCore::JSEventListener::jsFunction):
2610         * bindings/js/JSHTMLDocumentCustom.cpp:
2611         (WebCore::JSHTMLDocument::setAll):
2612         * bindings/js/JSImageConstructor.cpp:
2613         (WebCore::JSImageConstructor::JSImageConstructor):
2614         * bindings/js/JSImageDataCustom.cpp:
2615         (WebCore::toJS):
2616         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2617         (WebCore::JSJavaScriptCallFrame::scopeChain):
2618         (WebCore::JSJavaScriptCallFrame::scopeType):
2619         * bindings/js/JSNodeFilterCondition.cpp:
2620         (WebCore::JSNodeFilterCondition::markAggregate):
2621         (WebCore::JSNodeFilterCondition::acceptNode):
2622         * bindings/js/JSNodeFilterCondition.h:
2623         * bindings/js/JSNodeFilterCustom.cpp:
2624         * bindings/js/JSOptionConstructor.cpp:
2625         (WebCore::JSOptionConstructor::JSOptionConstructor):
2626         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2627         (WebCore::JSSQLResultSetRowList::item):
2628         * bindings/js/ScriptCachedFrameData.cpp:
2629         (WebCore::ScriptCachedFrameData::restore):
2630         * bindings/js/ScriptObject.cpp:
2631         (WebCore::ScriptGlobalObject::set):
2632         * bindings/js/SerializedScriptValue.cpp:
2633         (WebCore::CloneDeserializer::putProperty):
2634         * bindings/scripts/CodeGeneratorJS.pm:
2635         * dom/Document.h:
2636
2637 2011-01-28  Sam Weinig  <sam@webkit.org>
2638
2639         Reviewed by Anders Carlsson.
2640
2641         Keyboard scrolling doesn’t work in WebKit2
2642         <rdar://problem/8909672>
2643
2644         * platform/mac/ScrollAnimatorMac.mm:
2645         (-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
2646         (-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
2647         Add additional necessary delegate methods.
2648
2649 2011-01-29  Darin Adler  <darin@apple.com>
2650
2651         Reviewed by Dan Bernstein.
2652
2653         Re-land this patch with the missing null check that caused crashes in layout tests.
2654
2655         Changing cursor style has no effect until the mouse moves
2656         https://bugs.webkit.org/show_bug.cgi?id=14344
2657         rdar://problem/7563712
2658
2659         No tests added because we don't have infrastructure for testing actual cursor
2660         changes (as opposed to cursor style computation) at this time. We might add it later.
2661
2662         * page/EventHandler.cpp:
2663         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
2664         * page/EventHandler.h: Ditto.
2665
2666         * rendering/RenderObject.cpp:
2667         (WebCore::areNonIdenticalCursorListsEqual): Added.
2668         (WebCore::areCursorsEqual): Added.
2669         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
2670         cursor styles changed.
2671
2672 2011-01-28  Justin Schuh  <jschuh@chromium.org>
2673
2674         Reviewed by Eric Seidel.
2675
2676         We should hold RefPtrs to SVG font faces
2677         https://bugs.webkit.org/show_bug.cgi?id=53270
2678
2679         Test: svg/custom/use-multiple-on-nested-disallowed-font.html
2680
2681         * css/CSSFontFaceSource.cpp:
2682         (WebCore::CSSFontFaceSource::getFontData):
2683         * css/CSSFontFaceSource.h:
2684         * svg/SVGFontFaceElement.cpp:
2685         (WebCore::SVGFontFaceElement::associatedFontElement):
2686         * svg/SVGFontFaceElement.h:
2687
2688 2011-01-28  Zhenyao Mo  <zmo@google.com>
2689
2690         Reviewed by Kenneth Russell.
2691
2692         uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
2693         https://bugs.webkit.org/show_bug.cgi?id=53306
2694
2695         * html/canvas/WebGLRenderingContext.cpp:
2696         (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
2697
2698 2011-01-28  Tom Sepez  <tsepez@chromium.org>
2699
2700         Reviewed by Eric Seidel.
2701
2702         NULL pointer crash in TextIterator::handleTextBox()
2703         https://bugs.webkit.org/show_bug.cgi?id=53267
2704
2705         Test: fast/css/rtl-nth-child-first-letter-crash.html
2706
2707         * editing/TextIterator.cpp:
2708         (WebCore::TextIterator::handleTextBox):
2709
2710 2011-01-28  Adrienne Walker  <enne@google.com>
2711
2712         Reviewed by Kenneth Russell.
2713
2714         [chromium] Remove a spurious diagnostic CRASH check.
2715         https://bugs.webkit.org/show_bug.cgi?id=52379
2716
2717         * platform/graphics/chromium/LayerTilerChromium.cpp:
2718         (WebCore::LayerTilerChromium::invalidateRect):
2719
2720 2011-01-28  Dan Bernstein  <mitz@apple.com>
2721
2722         Reviewed by Sam Weinig.
2723
2724         <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
2725         https://bugs.webkit.org/show_bug.cgi?id=19785
2726
2727         Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
2728         direction corresponding to the writing direction of the <select> element, with the checkmarks
2729         on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
2730         pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
2731         which returns true for this pop-up behavior.
2732
2733         * loader/EmptyClients.h:
2734         (WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
2735         * manual-tests/pop-up-alignment-and-direction.html: Added.
2736         * page/Chrome.cpp:
2737         (WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
2738         client.
2739         * page/Chrome.h:
2740         * page/ChromeClient.h:
2741         * platform/PopupMenuStyle.h:
2742         (WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
2743         variable initialization.
2744         (WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
2745         * platform/mac/PopupMenuMac.mm:
2746         (WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
2747         to match the menu's writing direction. Set items' writing direction and direction override
2748         according to their styles.
2749         * rendering/RenderMenuList.cpp:
2750         (WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
2751         (WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
2752         menu's writing direction, use that alignment for the button as well. Also in this mode, use the
2753         item's writing direction and override setting.
2754         (WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
2755         (WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
2756         (WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
2757         * rendering/RenderMenuList.h:
2758         * rendering/RenderTextControlSingleLine.cpp:
2759         (WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.
2760
2761 2011-01-28  Adam Barth  <abarth@webkit.org>
2762
2763         Reviewed by Daniel Bates.
2764
2765         Teach XSSFilter how to filter <script> elements
2766         https://bugs.webkit.org/show_bug.cgi?id=53279
2767
2768         This patch adds the ability for the XSSFilter to block injected
2769         <script> elements.  Handling script elements is slightly subtle because
2770         these elements act very differently depending on whether they have a
2771         src attribute.
2772         
2773         In the "src case", which check whether the src attribute was present in
2774         the request.  In the "non-src case", we check whether the start tag and
2775         the body of the script element was included in the request.  Checking
2776         for the whole start tag means we miss out on some attribute splitting
2777         attacks inside of script tags, but that doesn't seem like that big a
2778         deal.
2779
2780         This patch also introduces some amount of state into the XSSFilter
2781         because inline script elements span multiple tokens.  There's a lot of
2782         tuning and optimization left in these cases, some of which I've noted
2783         with FIXMEs.
2784
2785         To test this patch, I played around with some of the existing
2786         XSSAuditor tests.  Hopefully I'll be able to run the test suite more
2787         systematically in the future.
2788
2789         * html/parser/HTMLToken.h:
2790         (WebCore::HTMLToken::eraseCharacters):
2791         (WebCore::HTMLToken::eraseValueOfAttribute):
2792         * html/parser/XSSFilter.cpp:
2793         (WebCore::HTMLNames::hasName):
2794         (WebCore::HTMLNames::findAttributeWithName):
2795         (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
2796         (WebCore::XSSFilter::XSSFilter):
2797         (WebCore::XSSFilter::filterToken):
2798         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
2799         (WebCore::XSSFilter::filterScriptToken):
2800         (WebCore::XSSFilter::snippetForRange):
2801         (WebCore::XSSFilter::snippetForAttribute):
2802         * html/parser/XSSFilter.h:
2803
2804 2011-01-28  Adam Barth  <abarth@webkit.org>
2805
2806         Reviewed by Daniel Bates.
2807
2808         Sketch out new XSS filter design (disabled by default)
2809         https://bugs.webkit.org/show_bug.cgi?id=53205
2810
2811         This patch adds a basic sketch of the new XSS filter design.  Rather
2812         than watching scripts as they execute, in this design, we watch tokens
2813         emitted by the tokenizer.  We then map the tokens directly back into
2814         input characters, which lets us skip all the complicated logic related
2815         to HTML entities and double-decoding of JavaScript URLs.
2816
2817         This patch contains only the bare essentially machinery.  I'll add more
2818         in future patches and eventually remove the previous code once this
2819         code is up and running correctly.
2820
2821         * Android.mk:
2822         * CMakeLists.txt:
2823         * GNUmakefile.am:
2824         * WebCore.gypi:
2825         * WebCore.pro:
2826         * WebCore.vcproj/WebCore.vcproj:
2827         * WebCore.xcodeproj/project.pbxproj:
2828         * html/parser/HTMLDocumentParser.cpp:
2829         (WebCore::HTMLDocumentParser::HTMLDocumentParser):
2830         (WebCore::HTMLDocumentParser::pumpTokenizer):
2831         (WebCore::HTMLDocumentParser::sourceForToken):
2832         * html/parser/HTMLDocumentParser.h:
2833         * html/parser/XSSFilter.cpp: Added.
2834         * html/parser/XSSFilter.h: Added.
2835
2836 2011-01-28  Michael Saboff  <msaboff@apple.com>
2837
2838         Reviewed by Geoffrey Garen.
2839
2840         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2841         https://bugs.webkit.org/show_bug.cgi?id=53271
2842
2843         Reapplying this patch with the change that the second ASSERT in 
2844         RootObject::removeRuntimeObject was changed to use
2845         .uncheckedGet() instead of the failing .get().  The object in question
2846         could be in the process of being GC'ed.  The get() call will not return
2847         such an object while the uncheckedGet() call will return the (unsafe) 
2848         object.  This is the behavior we want.
2849
2850         Precautionary change.
2851         Changed RootObject to use WeakGCMap instead of HashSet.
2852         Found will looking for another issue, but can't produce a test case
2853         that is problematic.  THerefore there aren't any new tests.
2854
2855         * bridge/runtime_root.cpp:
2856         (JSC::Bindings::RootObject::invalidate):
2857         (JSC::Bindings::RootObject::addRuntimeObject):
2858         (JSC::Bindings::RootObject::removeRuntimeObject):
2859         * bridge/runtime_root.h:
2860
2861 2011-01-28  Adam Roben  <aroben@apple.com>
2862
2863         Notify CACFLayerTreeHost when the context is flushed
2864
2865         LegacyCACFLayerTreeHost was keeping this a secret, which meant that WebCore's animation
2866         timers were never starting.
2867
2868         Fixes <http://webkit.org/b/53302> [Windows 7 Release Tests] changesets 76853, 76856, and
2869         76858 broke ~36 animations, compositing, and transitions tests
2870
2871         Reviewed by Sam Weinig.
2872
2873         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
2874         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): Call up to the base class after we
2875         start our render timer.
2876
2877 2011-01-28  Antti Koivisto  <antti@apple.com>
2878
2879         Reviewed by Dan Bernstein.
2880
2881         Remove dead code that tried to map from CSS values to parser values
2882         https://bugs.webkit.org/show_bug.cgi?id=53318
2883
2884         * css/CSSFunctionValue.cpp:
2885         * css/CSSFunctionValue.h:
2886         * css/CSSPrimitiveValue.cpp:
2887         * css/CSSPrimitiveValue.h:
2888         * css/CSSValue.h:
2889         * css/CSSValueList.cpp:
2890         * css/CSSValueList.h:
2891
2892 2011-01-28  Enrica Casucci  <enrica@apple.com>
2893
2894         Reviewed by Adam Roben.
2895
2896         Some drag and drop tests fail since r76824
2897         https://bugs.webkit.org/show_bug.cgi?id=53304
2898
2899         There were '||' instead of '&&' in the checks for valid
2900         clipboard content.
2901         
2902         * platform/win/ClipboardWin.cpp:
2903         (WebCore::ClipboardWin::getData):
2904         (WebCore::ClipboardWin::types):
2905         (WebCore::ClipboardWin::files):
2906
2907 2011-01-28  Martin Robinson  <mrobinson@igalia.com>
2908
2909         [GTK] AudioProcessingEvent.h and JSJavaScriptAudioNode.h: No such file or directory
2910         https://bugs.webkit.org/show_bug.cgi?id=52889
2911
2912         Build fix for WebAudio. Include WebAudio source files on the source
2913         list when WebAudio is enabled.
2914
2915         * GNUmakefile.am: Include missing source files.
2916
2917 2011-01-28  Sam Weinig  <sam@webkit.org>
2918
2919         Reviewed by Maciej Stachowiak.
2920
2921         Add basic rubber banding support
2922         <rdar://problem/8219429>
2923         https://bugs.webkit.org/show_bug.cgi?id=53277
2924
2925         * page/EventHandler.cpp:
2926         (WebCore::EventHandler::handleGestureEvent):
2927         Pass gesture events to the FrameView.
2928
2929         * platform/ScrollAnimator.cpp:
2930         (WebCore::ScrollAnimator::handleGestureEvent):
2931         * platform/ScrollAnimator.h:
2932         Add stubbed out implementation.
2933
2934         * platform/ScrollView.cpp:
2935         (WebCore::ScrollView::ScrollView):
2936         (WebCore::ScrollView::overhangAmount):
2937         (WebCore::ScrollView::wheelEvent):
2938         * platform/ScrollView.h:
2939         * platform/ScrollableArea.cpp:
2940         (WebCore::ScrollableArea::ScrollableArea):
2941         (WebCore::ScrollableArea::handleGestureEvent):
2942         * platform/ScrollableArea.h:
2943         (WebCore::ScrollableArea::constrainsScrollingToContentEdge):
2944         (WebCore::ScrollableArea::setConstrainsScrollingToContentEdge):
2945         Move constrains scrolling bit to ScrollableArea from ScrollView.
2946
2947         (WebCore::ScrollableArea::contentsSize):
2948         (WebCore::ScrollableArea::overhangAmount):
2949         Add additional virtual functions for information needed by the animator.
2950
2951         * platform/mac/ScrollAnimatorMac.h:
2952         * platform/mac/ScrollAnimatorMac.mm:
2953         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
2954         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaX):
2955         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaY):
2956         (WebCore::elasticDeltaForTimeDelta):
2957         (WebCore::elasticDeltaForReboundDelta):
2958         (WebCore::reboundDeltaForElasticDelta):
2959         (WebCore::scrollWheelMultiplier):
2960         (WebCore::ScrollAnimatorMac::handleWheelEvent):
2961         (WebCore::ScrollAnimatorMac::handleGestureEvent):
2962         (WebCore::ScrollAnimatorMac::pinnedInDirection):
2963         (WebCore::ScrollAnimatorMac::allowsVerticalStretching):
2964         (WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
2965         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
2966         (WebCore::ScrollAnimatorMac::beginScrollGesture):
2967         (WebCore::ScrollAnimatorMac::endScrollGesture):
2968         (WebCore::ScrollAnimatorMac::snapRubberBand):
2969         (WebCore::roundTowardZero):
2970         (WebCore::roundToDevicePixelTowardZero):
2971         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
2972         Implement basic rubber banding.
2973
2974 2011-01-28  Dan Bernstein  <mitz@apple.com>
2975
2976         Reviewed by Anders Carlsson.
2977
2978         Changing unicode-bidi doesn’t force layout
2979         https://bugs.webkit.org/show_bug.cgi?id=53311
2980
2981         Test: fast/dynamic/unicode-bidi.html
2982
2983         * rendering/style/RenderStyle.cpp:
2984         (WebCore::RenderStyle::diff): Return a layout difference if unicode-bidi values differ.
2985
2986 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
2987
2988         Reviewed by Kent Tamura.
2989
2990         Change HTMLInputElement-derived parts of media element shadow DOM to use shadowPseudoId.
2991         https://bugs.webkit.org/show_bug.cgi?id=53122
2992
2993         This is the first step in converting HTMLMediaElement to the new shadow DOM.
2994
2995         Should not regress any existing tests. No observable change in behavior.
2996
2997         * css/CSSSelector.cpp:
2998         (WebCore::CSSSelector::pseudoId): Removed now-unnecessary hard-coded pseudo-element selectors.
2999         (WebCore::nameToPseudoTypeMap): Ditto.
3000         (WebCore::CSSSelector::extractPseudoType): Ditto.
3001         * css/CSSSelector.h: Ditto.
3002         * css/mediaControls.css: Added proper initial values, now that elements use the proper selector pipeline.
3003         * rendering/MediaControlElements.cpp:
3004         (WebCore::MediaControlInputElement::MediaControlInputElement): Removed the switch statement,
3005             which is now replaced with virtual shadowPseudoId on each corresponding class.
3006         (WebCore::MediaControlInputElement::styleForElement): Changed to use element pipeline.
3007         (WebCore::MediaControlMuteButtonElement::MediaControlMuteButtonElement): Changed to set
3008             display type in constructor.
3009         (WebCore::MediaControlMuteButtonElement::create): Changed to not take PseudoId as
3010             constructor argument.
3011         (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Added.
3012         (WebCore::MediaControlVolumeSliderMuteButtonElement::MediaControlVolumeSliderMuteButtonElement): Added
3013             to disambiguate from the MediaControlMuteButtonElement.
3014         (WebCore::MediaControlVolumeSliderMuteButtonElement::create): Added.
3015         (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Added.
3016         (WebCore::MediaControlPlayButtonElement::MediaControlPlayButtonElement): Changed to not take PseudoId as
3017             constructor argument.
3018         (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Added.
3019         (WebCore::MediaControlSeekButtonElement::MediaControlSeekButtonElement): Changed to not take PseudoId as
3020             constructor argument.
3021         (WebCore::MediaControlSeekForwardButtonElement::MediaControlSeekForwardButtonElement): Added.
3022         (WebCore::MediaControlSeekForwardButtonElement::create): Added.
3023         (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Added.
3024         (WebCore::MediaControlSeekBackButtonElement::MediaControlSeekBackButtonElement): Added.
3025         (WebCore::MediaControlSeekBackButtonElement::create): Added.
3026         (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Added.
3027         (WebCore::MediaControlRewindButtonElement::MediaControlRewindButtonElement): Added.
3028         (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Added.
3029         (WebCore::MediaControlReturnToRealtimeButtonElement::MediaControlReturnToRealtimeButtonElement): Changed to not take PseudoId as
3030             constructor argument.
3031         (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Added.
3032         (WebCore::MediaControlToggleClosedCaptionsButtonElement::MediaControlToggleClosedCaptionsButtonElement): Changed to not take PseudoId as
3033             constructor argument.
3034         (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Added.
3035         (WebCore::MediaControlTimelineElement::MediaControlTimelineElement): Changed to not take PseudoId as
3036             constructor argument.
3037         (WebCore::MediaControlTimelineElement::shadowPseudoId): Added.
3038         (WebCore::MediaControlVolumeSliderElement::MediaControlVolumeSliderElement): Changed to not take PseudoId as
3039             constructor argument.
3040         (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Added.
3041         (WebCore::MediaControlFullscreenButtonElement::MediaControlFullscreenButtonElement): Changed to not take PseudoId as
3042             constructor argument.
3043         (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Added.
3044         * rendering/MediaControlElements.h:
3045         (WebCore::MediaControlSeekForwardButtonElement::isForwardButton): Added.
3046         (WebCore::MediaControlSeekBackButtonElement::isForwardButton): Added.
3047         * rendering/RenderMedia.cpp:
3048         (WebCore::RenderMedia::createMuteButton): Changed to use new constructor.
3049         (WebCore::RenderMedia::createSeekBackButton): Ditto.
3050         (WebCore::RenderMedia::createSeekForwardButton): Ditto.
3051         (WebCore::RenderMedia::createVolumeSliderMuteButton): Ditto.
3052         * rendering/style/RenderStyleConstants.h: Removed constants that are no longer used.
3053
3054 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
3055
3056         Reviewed by Eric Carlson.
3057
3058         Split MediaControls out of RenderMedia.
3059         https://bugs.webkit.org/show_bug.cgi?id=53252
3060
3061         Near-mechanical moving of stuff, no change in behavior, thus no new tests.
3062
3063         * Android.mk: Added MediaControls to build system.
3064         * CMakeLists.txt: Ditto.
3065         * GNUmakefile.am: Ditto.
3066         * WebCore.gypi: Ditto.
3067         * WebCore.pro: Ditto.
3068         * WebCore.vcproj/WebCore.vcproj: Ditto.
3069         * WebCore.xcodeproj/project.pbxproj: Ditto.
3070         * html/HTMLMediaElement.cpp:
3071         (WebCore::HTMLMediaElement::defaultEventHandler): Changed to forward events to MediaControls.
3072         * html/shadow/MediaControls.cpp: Copied all controls-related methods from
3073             Source/WebCore/rendering/RenderMedia.cpp, pulled them into their own class called MediaControls. 
3074         * html/shadow/MediaControls.h: Ditto from Source/WebCore/rendering/RenderMedia.h.
3075         * rendering/MediaControlElements.cpp:
3076         (WebCore::MediaControlTimelineElement::defaultEventHandler): Changed to use MediaControls.
3077         * rendering/RenderMedia.cpp:
3078         (WebCore::RenderMedia::RenderMedia): Moved relevant constructor initializers out to MediaControls.
3079         (WebCore::RenderMedia::destroy): Changed to use MediaControls.
3080         (WebCore::RenderMedia::styleDidChange): Ditto.
3081         (WebCore::RenderMedia::layout): Ditto.
3082         (WebCore::RenderMedia::updateFromElement): Ditto.
3083         * rendering/RenderMedia.h: Updated defs accordingly and removed player() accessor, which
3084             is only used by sub-class RenderVideo.
3085         (WebCore::RenderMedia::controls): Added.
3086         * rendering/RenderVideo.cpp:
3087         (WebCore::RenderVideo::~RenderVideo): Changed to access MediaPlayer* directly from mediaElement().
3088         (WebCore::RenderVideo::calculateIntrinsicSize): Ditto.
3089         (WebCore::RenderVideo::paintReplaced): Ditto.
3090         (WebCore::RenderVideo::updatePlayer): Ditto.
3091         (WebCore::RenderVideo::supportsAcceleratedRendering): Ditto.
3092         (WebCore::RenderVideo::acceleratedRenderingStateChanged): Ditto.
3093
3094 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
3095
3096         Reviewed by Yury Semikhatsky.
3097
3098         Web Inspector: allow remote debugging with front-end
3099         served from the cloud.
3100         https://bugs.webkit.org/show_bug.cgi?id=53303
3101
3102         * inspector/front-end/inspector.js:
3103
3104 2011-01-28  Aparna Nandyal  <aparna.nand@wipro.com>
3105
3106         Reviewed by Andreas Kling.
3107
3108         Setting value of m_PressedPos to make scrolling smooth
3109
3110         Page scroll popup menu "Scroll here" option not working when cliking above scroll slider/handler.
3111         https://bugs.webkit.org/show_bug.cgi?id=51349
3112
3113         The value of m_PressedPos was getting set before moveThumb() call
3114         in all other scenarios except when "Scroll Here" option is used.
3115         Hence scrolling with this option was not as expected even in cases
3116         where scrolling was happening. The thumb would move in unexpected
3117         direction. m_PressedPos is now set to pressed position so delta is
3118         calculated.
3119         Unable to write a test case as the test needs to click on "Scroll
3120         Here" option of context sensitive menu and QTest is unable to do it.
3121         Besides no new functionality introduced.
3122
3123         * platform/qt/ScrollbarQt.cpp:
3124         (WebCore::Scrollbar::contextMenu):
3125
3126 2011-01-28  Andrey Kosyakov  <caseq@chromium.org>
3127
3128         Reviewed by Pavel Feldman.
3129
3130         Web Inspector: [Extensions API] add JSON schema for extensions API
3131         https://bugs.webkit.org/show_bug.cgi?id=53236
3132
3133         * inspector/front-end/ExtensionAPISchema.json: Added.
3134
3135 2011-01-27  Zhenyao Mo  <zmo@google.com>
3136
3137         Reviewed by Kenneth Russell.
3138
3139         Remove _LENGTH enumerants
3140         https://bugs.webkit.org/show_bug.cgi?id=53259
3141
3142         * html/canvas/WebGLRenderingContext.cpp: Remove queries for *LENGTH.
3143         (WebCore::WebGLRenderingContext::getProgramParameter):
3144         (WebCore::WebGLRenderingContext::getShaderParameter):
3145         * html/canvas/WebGLRenderingContext.idl: Remove *LENGTH.
3146
3147 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
3148
3149         Reviewed by Yury Semikhatsky.
3150
3151         Web Inspector: syntax highlight inline JS and CSS in HTML resources
3152         https://bugs.webkit.org/show_bug.cgi?id=30831
3153
3154         * inspector/front-end/SourceHTMLTokenizer.js:
3155         (WebInspector.SourceHTMLTokenizer):
3156         (WebInspector.SourceHTMLTokenizer.prototype.set line):
3157         (WebInspector.SourceHTMLTokenizer.prototype.nextToken):
3158         * inspector/front-end/SourceHTMLTokenizer.re2js:
3159
3160 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
3161
3162         Reviewed by Yury Semikhatsky.
3163
3164         Web Inspector: [STYLES] Up/Down-suggestion breaks an existing keyword
3165         https://bugs.webkit.org/show_bug.cgi?id=53295
3166
3167         Select the current word suffix before switching to the next suggestion.
3168
3169         * inspector/front-end/StylesSidebarPane.js:
3170         ():
3171
3172 2011-01-28  Alejandro G. Castro  <alex@igalia.com>
3173
3174         Reviewed by Xan Lopez.
3175
3176         [GTK] Fix dist compilation for the release
3177         https://bugs.webkit.org/show_bug.cgi?id=53290
3178
3179         * GNUmakefile.am: Added inspector files to the extra dist.
3180
3181 2011-01-28  Ilya Sherman  <isherman@chromium.org>
3182
3183         Reviewed by Andreas Kling.
3184
3185         Const-correct HTMLSelectElement and WebSelectElement
3186         https://bugs.webkit.org/show_bug.cgi?id=53293
3187
3188         * html/HTMLSelectElement.cpp:
3189         (WebCore::HTMLSelectElement::value): const.
3190         * html/HTMLSelectElement.h:
3191
3192 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3193
3194         Unreviewed, rolling out r76893.
3195         http://trac.webkit.org/changeset/76893
3196         https://bugs.webkit.org/show_bug.cgi?id=53287
3197
3198         It made some tests crash on GTK and Qt debug bots (Requested
3199         by Ossy on #webkit).
3200
3201         * bridge/runtime_root.cpp:
3202         (JSC::Bindings::RootObject::invalidate):
3203         (JSC::Bindings::RootObject::addRuntimeObject):
3204         (JSC::Bindings::RootObject::removeRuntimeObject):
3205         * bridge/runtime_root.h:
3206
3207 2011-01-27  Greg Coletta  <greg.coletta@nokia.com>
3208
3209         Reviewed by Laszlo Gombos.
3210
3211         Get rid of prefix header dependency for WebKit2 build system
3212         https://bugs.webkit.org/show_bug.cgi?id=50174
3213
3214         Guard EmptyProtocalDefinitions.h to make sure it's not included twice.
3215
3216         * platform/mac/EmptyProtocolDefinitions.h:
3217
3218 2011-01-27  Abhishek Arya  <inferno@chromium.org>
3219
3220         Reviewed by Dan Bernstein.
3221
3222         Recalc table sections if needed before calculating the first line
3223         box baseline.
3224         https://bugs.webkit.org/show_bug.cgi?id=53265
3225
3226         When we try to calculate the baseline position of a table cell,
3227         we recurse through all the child sibling boxes (when children are
3228         non inline) and add their first linebox baseline values. If one of
3229         the children is a table with pending section recalc, we will access
3230         wrong table section values. We recalc table sections if it is needed.
3231
3232         Test: fast/table/recalc-section-first-body-crash-main.html
3233
3234         * rendering/RenderTable.cpp:
3235         (WebCore::RenderTable::firstLineBoxBaseline):
3236
3237 2011-01-27  Adrienne Walker  <enne@google.com>
3238
3239         Reviewed by Kenneth Russell.
3240
3241         [chromium] Add CRASH calls to further debug tiled compositor memcpy crash.
3242         https://bugs.webkit.org/show_bug.cgi?id=52379
3243
3244         Test: LayoutTests/compositing (to verify these weren't triggered)
3245
3246         * platform/graphics/chromium/LayerTilerChromium.cpp:
3247         (WebCore::LayerTilerChromium::invalidateRect):
3248         (WebCore::LayerTilerChromium::update):
3249
3250 2011-01-27  Alexander Pavlov  <apavlov@chromium.org>
3251
3252         Reviewed by Pavel Feldman.
3253
3254         Web Inspector: [STYLES] Cancelled suggestion of a property name results in a visual artifact
3255         https://bugs.webkit.org/show_bug.cgi?id=53242
3256
3257         * inspector/front-end/StylesSidebarPane.js:
3258         (WebInspector.StylePropertyTreeElement.prototype):
3259
3260 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
3261
3262         Unreviewed, rolling out r76891.
3263         http://trac.webkit.org/changeset/76891
3264         https://bugs.webkit.org/show_bug.cgi?id=53280
3265
3266         Makes every layout test crash (Requested by othermaciej on
3267         #webkit).
3268
3269         * page/EventHandler.cpp:
3270         * page/EventHandler.h:
3271         * rendering/RenderObject.cpp:
3272         (WebCore::RenderObject::styleDidChange):
3273
3274 2011-01-27  Ryosuke Niwa  <rniwa@webkit.org>
3275
3276         Unreviewed, rolling out r76839.
3277         http://trac.webkit.org/changeset/76839
3278         https://bugs.webkit.org/show_bug.cgi?id=49744
3279
3280         broke pixel tests
3281
3282         * rendering/RenderBox.cpp:
3283         (WebCore::RenderBox::localCaretRect):
3284
3285 2011-01-27  Emil A Eklund  <eae@chromium.org>
3286
3287         Reviewed by Darin Adler.
3288
3289         contentEditable formatBlock crashes on divs with contenteditable="false"
3290         https://bugs.webkit.org/show_bug.cgi?id=53263
3291
3292         Check if editableRootForPosition returns null for position.
3293
3294         Test: editing/execCommand/format-block-contenteditable-false.html
3295
3296         * editing/FormatBlockCommand.cpp:
3297         (WebCore::FormatBlockCommand::formatRange):
3298
3299 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
3300
3301         Reviewed by Darin Adler.
3302
3303         Remove RenderMedia members that aren't used.
3304         https://bugs.webkit.org/show_bug.cgi?id=53245
3305
3306         Refactoring, no change in behavior, so no new tests.
3307
3308         * rendering/RenderMedia.h: Removed unused member variables.
3309
3310 2011-01-27  Michael Saboff  <msaboff@apple.com>
3311
3312         Reviewed by Darin Adler.
3313
3314         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3315         https://bugs.webkit.org/show_bug.cgi?id=53271
3316
3317         Precautionary change.
3318         Changed RootObject to use WeakGCMap instead of HashSet.
3319         Found will looking for another issue, but can't produce a test case
3320         that is problematic.  THerefore there aren't any new tests.
3321
3322         * bridge/runtime_root.cpp:
3323         (JSC::Bindings::RootObject::invalidate):
3324         (JSC::Bindings::RootObject::addRuntimeObject):
3325         (JSC::Bindings::RootObject::removeRuntimeObject):
3326         * bridge/runtime_root.h:
3327
3328 2011-01-27  Kenneth Russell  <kbr@google.com>
3329
3330         Reviewed by James Robinson.
3331
3332         Rename Typed Array slice() to subset()
3333         https://bugs.webkit.org/show_bug.cgi?id=53273
3334
3335         * bindings/js/JSArrayBufferViewHelper.h:
3336         (WebCore::constructArrayBufferView):
3337         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
3338         (WebCore::constructWebGLArray):
3339         * html/canvas/Float32Array.cpp:
3340         (WebCore::Float32Array::subset):
3341         * html/canvas/Float32Array.h:
3342         * html/canvas/Float32Array.idl:
3343         * html/canvas/Int16Array.cpp:
3344         (WebCore::Int16Array::subset):
3345         * html/canvas/Int16Array.h:
3346         * html/canvas/Int16Array.idl:
3347         * html/canvas/Int32Array.cpp:
3348         (WebCore::Int32Array::subset):
3349         * html/canvas/Int32Array.h:
3350         * html/canvas/Int32Array.idl:
3351         * html/canvas/Int8Array.cpp:
3352         (WebCore::Int8Array::subset):
3353         * html/canvas/Int8Array.h:
3354         * html/canvas/Int8Array.idl:
3355         * html/canvas/TypedArrayBase.h:
3356         (WebCore::TypedArrayBase::subsetImpl):
3357         * html/canvas/Uint16Array.cpp:
3358         (WebCore::Uint16Array::subset):
3359         * html/canvas/Uint16Array.h:
3360         * html/canvas/Uint16Array.idl:
3361         * html/canvas/Uint32Array.cpp:
3362         (WebCore::Uint32Array::subset):
3363         * html/canvas/Uint32Array.h:
3364         * html/canvas/Uint32Array.idl:
3365         * html/canvas/Uint8Array.cpp:
3366         (WebCore::Uint8Array::subset):
3367         * html/canvas/Uint8Array.h:
3368         * html/canvas/Uint8Array.idl:
3369
3370 2011-01-27  Darin Adler  <darin@apple.com>
3371
3372         Reviewed by Dan Bernstein.
3373
3374         Changing cursor style has no effect until the mouse moves
3375         https://bugs.webkit.org/show_bug.cgi?id=14344
3376         rdar://problem/7563712
3377
3378         No tests added because we don't have infrastructure for testing actual cursor
3379         changes (as opposed to cursor style computation) at this time. We might add it later.
3380
3381         * page/EventHandler.cpp:
3382         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
3383         * page/EventHandler.h: Ditto.
3384
3385         * rendering/RenderObject.cpp:
3386         (WebCore::areNonIdenticalCursorListsEqual): Added.
3387         (WebCore::areCursorsEqual): Added.
3388         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
3389         cursor styles changed.
3390
3391 2011-01-27  Leo Yang  <leo.yang@torchmobile.com.cn>
3392
3393         Reviewed by Dirk Schulze.
3394
3395         SVG Use Cycle is not detected
3396         https://bugs.webkit.org/show_bug.cgi?id=52544
3397
3398         We should check if SVGUseElement::buildInstanceTree finds problem
3399         for every child node. If it finds problem for any children we must
3400         return immediately because otherwise the foundProblem variable may
3401         be rewritten to false.
3402
3403         Test: svg/custom/recursive-use2.svg
3404
3405         * svg/SVGUseElement.cpp:
3406         (WebCore::SVGUseElement::buildInstanceTree):
3407
3408 2011-01-27  Zhenyao Mo  <zmo@google.com>
3409
3410         Reviewed by Kenneth Russell.
3411
3412         texSubImage2D's format/type needs to match the internalformat/type from the previous texImage2D call
3413         https://bugs.webkit.org/show_bug.cgi?id=53054
3414
3415         Test: fast/canvas/webgl/tex-sub-image-2d-bad-args.html
3416
3417         * html/canvas/WebGLRenderingContext.cpp:
3418         (WebCore::WebGLRenderingContext::texSubImage2DBase): Check format/type match.
3419
3420 2011-01-27  Yi Shen  <yi.4.shen@nokia.com>, Tor Arne Vestbø <tor.arne.vestbo@nokia.com>
3421
3422         Reviewed by Andreas Kling.
3423
3424         [Qt] Add fullscreen media control button for html video
3425         https://bugs.webkit.org/show_bug.cgi?id=51543
3426
3427         Implement media control fullscreen button for QtWebKit html5 video.
3428
3429         * css/mediaControlsQt.css:
3430         (video::-webkit-media-controls-fullscreen-button):
3431         * platform/qt/RenderThemeQt.cpp:
3432         (WebCore::RenderThemeQt::paintMediaFullscreenButton):
3433
3434 2011-01-27  Nate Chapin  <japhet@chromium.org>
3435
3436         Reviewed by Adam Barth.
3437
3438         Remove FrameLoader::url() and update callers to use
3439         Document::url().
3440         https://bugs.webkit.org/show_bug.cgi?id=41165
3441
3442         Refactor, no new tests.
3443
3444         * WebCore.exp.in:
3445         * dom/Document.cpp:
3446         (WebCore::Document::processHttpEquiv):
3447         (WebCore::Document::removePendingSheet):
3448         * history/CachedFrame.cpp:
3449         (WebCore::CachedFrameBase::CachedFrameBase):
3450         * history/PageCache.cpp:
3451         (WebCore::logCanCacheFrameDecision):
3452         (WebCore::PageCache::canCachePageContainingThisFrame):
3453         * html/HTMLFrameElementBase.cpp:
3454         (WebCore::HTMLFrameElementBase::isURLAllowed):
3455         * html/HTMLPlugInImageElement.cpp:
3456         (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
3457         * inspector/InspectorAgent.cpp:
3458         (WebCore::InspectorAgent::inspectedURL):
3459         * inspector/InspectorResourceAgent.cpp:
3460         (WebCore::buildObjectForFrame):
3461         * loader/DocumentWriter.cpp:
3462         (WebCore::DocumentWriter::replaceDocument):
3463         (WebCore::DocumentWriter::deprecatedFrameEncoding):
3464         * loader/FrameLoader.cpp:
3465         * loader/FrameLoader.h:
3466         * loader/HistoryController.cpp:
3467         (WebCore::HistoryController::updateForStandardLoad):
3468         (WebCore::HistoryController::updateForRedirectWithLockedBackForwardList):
3469         (WebCore::HistoryController::updateForSameDocumentNavigation):
3470         * loader/NavigationScheduler.cpp:
3471         (WebCore::ScheduledHistoryNavigation::fire):
3472         (WebCore::NavigationScheduler::scheduleLocationChange):
3473         (WebCore::NavigationScheduler::scheduleRefresh):
3474         * page/FrameView.cpp:
3475         (WebCore::FrameView::updateControlTints):
3476         * page/Location.cpp:
3477         (WebCore::Location::url):
3478         (WebCore::Location::setProtocol):
3479         (WebCore::Location::setHost):
3480         (WebCore::Location::setHostname):
3481         (WebCore::Location::setPort):
3482         (WebCore::Location::setPathname):
3483         (WebCore::Location::setSearch):
3484         (WebCore::Location::setHash):
3485         (WebCore::Location::reload):
3486         * page/Page.cpp:
3487         (WebCore::Page::goToItem):
3488
3489 2011-01-27  Stephen White  <senorblanco@chromium.org>
3490
3491         Reviewed by Darin Adler.
3492
3493         Fix performance regression in ImageQualityController::objectDestroyed().
3494         https://bugs.webkit.org/show_bug.cgi?id=52645
3495
3496         In r72282, I inadvertently introduced this regression by using a
3497         linear search through the hash map on object destruction.  This was
3498         because the hash key consisted of both object pointer and layer id,
3499         but on object destruction we only know the object pointer, requiring
3500         a search to find all the layers. 
3501         By replacing the hash map with two nested hash maps, where the outer key
3502         is the object and the inner key is the layer, we can find all the
3503         relevant data for an object in one hash lookup.
3504
3505