CSS 2.1 failure: height-width-table-001.htm
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-10-08  Robert Hogan  <robert@webkit.org>
2
3         CSS 2.1 failure: height-width-table-001.htm
4         https://bugs.webkit.org/show_bug.cgi?id=69709
5
6         Reviewed by Simon Fraser.
7
8         CSS 2.1 expects CSS table elements to treat fixed height/width as
9         excluding table borders, but HTML table elements to treat fixed height/width as
10         including them.
11         
12         See http://lists.w3.org/Archives/Public/www-style/2011Jan/0178.html
13             http://lists.w3.org/Archives/Public/public-css-testsuite/2011Oct/0005.html
14             
15         It looks like some clarification is pending in the specs, but the new behaviour
16         lets WebKit pass the following tests in the suite CSS and also match FF:
17           height-width-table-001.htm
18           height-width-inline-table-001.htm
19           abspos-containing-block-initial-004d.htm
20
21         * rendering/RenderTable.cpp:
22         (WebCore::RenderTable::computeLogicalWidth):
23         (WebCore::RenderTable::layout):
24
25 2011-10-15  Darin Adler  <darin@apple.com>
26
27         Make toHTMLElement fail to compile if you try to use it on an HTMLElement*
28         https://bugs.webkit.org/show_bug.cgi?id=70164
29
30         Reviewed by Adam Barth.
31
32         Refactoring covered by existing tests.
33
34         * bindings/js/JSHTMLFrameSetElementCustom.cpp:
35         (WebCore::JSHTMLFrameSetElement::nameGetter): Removed unneeded casts and
36         some unneeded local variables as well. Changed the name of the local variable
37         for the HTMLFrameElement to frameElement to avoid confusion with the Frame.
38         * dom/Document.cpp:
39         (WebCore::Document::openSearchDescriptionURL): Removed unneeded HTMLElement
40         check; we can call hasTagName directly on a Node and that takes care of
41         checking both that it's an HTMLElement and checking the tag name.
42         * dom/MicroDataItemList.cpp:
43         (WebCore::MicroDataItemList::nodeMatches): Use toHTMLElement instead of
44         a cast. Also changed hasAttribute calls to fastHasAttribute and getAttribute
45         calls to fastGetAttribute since these are neither style attributes nor SVG
46         animatables.
47         * editing/ApplyStyleCommand.cpp:
48         (WebCore::ApplyStyleCommand::applyInlineStyleToPushDown): Use toHTMLElement.
49         (WebCore::ApplyStyleCommand::addInlineStyleIfNeeded): Ditto.
50         * editing/DeleteButtonController.cpp:
51         (WebCore::DeleteButtonController::show): Removed unneeded toHTMLElement call.
52         * html/HTMLElement.cpp:
53         (WebCore::HTMLElement::setOuterHTML): Use toHTMLElement.
54         * html/HTMLElement.h: Added toHTMLElement overload to catch calls when the
55         pointer is already HTMLElement* or a pointer to a class derived from it.
56         * html/HTMLSelectElement.cpp:
57         (WebCore::HTMLSelectElement::recalcListItems): Use toHTMLElement.
58         * html/HTMLTextAreaElement.cpp:
59         (WebCore::HTMLTextAreaElement::innerTextElement): Use toHTMLElement.
60
61 2011-10-15  Antoine Labour  <piman@chromium.org>
62
63         Add WebAcceleratedContentLayer backed by a texture to support accelerated content hosting
64         https://bugs.webkit.org/show_bug.cgi?id=70084
65
66         Reviewed by James Robinson.
67
68         Covered by existing compositing/ tests
69
70         * platform/graphics/chromium/LayerChromium.h:
71         * platform/graphics/chromium/LayerRendererChromium.cpp:
72         (WebCore::LayerRendererChromium::pluginLayerProgramFlip):
73         (WebCore::LayerRendererChromium::cleanupSharedObjects):
74         * platform/graphics/chromium/LayerRendererChromium.h:
75         * platform/graphics/chromium/PluginLayerChromium.cpp:
76         (WebCore::PluginLayerChromium::PluginLayerChromium):
77         (WebCore::PluginLayerChromium::setTextureId):
78         (WebCore::PluginLayerChromium::setFlipped):
79         (WebCore::PluginLayerChromium::pushPropertiesTo):
80         * platform/graphics/chromium/PluginLayerChromium.h:
81         (WebCore::PluginLayerChromium::flipped):
82         * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp:
83         (WebCore::CCPluginLayerImpl::CCPluginLayerImpl):
84         (WebCore::CCPluginLayerImpl::draw):
85         * platform/graphics/chromium/cc/CCPluginLayerImpl.h:
86         (WebCore::CCPluginLayerImpl::setFlipped):
87
88 2011-10-15  Michael Nordman  <michaeln@google.com>
89
90         [Chromium] Some WebSQLDatabase in worker bug fixes.
91         https://bugs.webkit.org/show_bug.cgi?id=70071
92
93         - Test for a NULL webView WebWorkerClientImpl.
94         - Avoid altering Database instance lifetimes during WorkerThread::stop().
95
96         Existing tests coverage applies.
97
98         Reviewed by David Levin.
99
100         * storage/chromium/DatabaseTrackerChromium.cpp:
101         (WebCore::DatabaseTracker::interruptAllDatabasesForContext):
102
103 2011-10-14  Adam Barth  <abarth@webkit.org>
104
105         Update expected results.
106
107         * bindings/scripts/test/V8/V8TestObj.cpp:
108         (WebCore::TestObjInternal::serializedValueCallback):
109
110 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
111
112         GTK build fix after r97533.
113
114         * accessibility/gtk/AXObjectCacheAtk.cpp:
115         (WebCore::notifyChildrenSelectionChange):
116         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
117         (optionFromSelection):
118         (webkit_accessible_selection_get_selection_count):
119
120 2011-10-14  David Kilzer  <ddkilzer@apple.com>
121
122         <http://webkit.org/b/70158> Fix clang compiler warnings
123
124         Reviewed by Darin Adler.
125
126         * dom/ViewportArguments.cpp:
127         (WebCore::computeViewportAttributes): Use std::max<float>()
128         instead of std::max().
129
130 2011-10-14  Mark Hahnenberg  <mhahnenberg@apple.com>
131
132         Rename getOwnPropertySlot to getOwnPropertySlotVirtual
133         https://bugs.webkit.org/show_bug.cgi?id=69810
134
135         Reviewed by Geoffrey Garen.
136
137         No new tests.
138
139         Renamed the virtual version of getOwnPropertySlot to getOwnPropertySlotVirtual
140         in preparation for when we add the static getOwnPropertySlot to the MethodTable 
141         in ClassInfo.
142
143         Also added a few static getOwnPropertySlot functions where they had been overlooked 
144         before (especially in CodeGeneratorJS.pm).
145
146         * WebCore.exp.in:
147         * bindings/js/JSDOMWindowCustom.cpp:
148         (WebCore::JSDOMWindow::getOwnPropertySlotVirtual):
149         (WebCore::JSDOMWindow::getOwnPropertySlot):
150         (WebCore::DialogHandler::returnValue):
151         * bindings/js/JSDOMWindowShell.cpp:
152         (WebCore::JSDOMWindowShell::getOwnPropertySlotVirtual):
153         (WebCore::JSDOMWindowShell::getOwnPropertySlot):
154         * bindings/js/JSDOMWindowShell.h:
155         * bindings/js/JSWorkerContextCustom.cpp:
156         (WebCore::JSWorkerContext::getOwnPropertySlotDelegate):
157         * bindings/js/SerializedScriptValue.cpp:
158         (WebCore::CloneSerializer::getSparseIndex):
159         (WebCore::CloneSerializer::getProperty):
160         * bindings/scripts/CodeGeneratorJS.pm:
161         (GenerateGetOwnPropertySlotBody):
162         (GenerateHeader):
163         (GenerateImplementation):
164         (GenerateConstructorDeclaration):
165         (GenerateConstructorDefinition):
166         * bindings/scripts/test/JS/JSTestInterface.cpp:
167         (WebCore::JSTestInterfaceConstructor::getOwnPropertySlotVirtual):
168         (WebCore::JSTestInterfaceConstructor::getOwnPropertySlot):
169         (WebCore::JSTestInterface::getOwnPropertySlotVirtual):
170         (WebCore::JSTestInterface::getOwnPropertySlot):
171         * bindings/scripts/test/JS/JSTestInterface.h:
172         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
173         (WebCore::JSTestMediaQueryListListenerConstructor::getOwnPropertySlotVirtual):
174         (WebCore::JSTestMediaQueryListListenerConstructor::getOwnPropertySlot):
175         (WebCore::JSTestMediaQueryListListenerPrototype::getOwnPropertySlotVirtual):
176         (WebCore::JSTestMediaQueryListListenerPrototype::getOwnPropertySlot):
177         (WebCore::JSTestMediaQueryListListener::getOwnPropertySlotVirtual):
178         (WebCore::JSTestMediaQueryListListener::getOwnPropertySlot):
179         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
180         * bindings/scripts/test/JS/JSTestObj.cpp:
181         (WebCore::JSTestObjConstructor::getOwnPropertySlotVirtual):
182         (WebCore::JSTestObjConstructor::getOwnPropertySlot):
183         (WebCore::JSTestObjPrototype::getOwnPropertySlotVirtual):
184         (WebCore::JSTestObjPrototype::getOwnPropertySlot):
185         (WebCore::JSTestObj::getOwnPropertySlotVirtual):
186         (WebCore::JSTestObj::getOwnPropertySlot):
187         * bindings/scripts/test/JS/JSTestObj.h:
188         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
189         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::getOwnPropertySlotVirtual):
190         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::getOwnPropertySlot):
191         (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlotVirtual):
192         (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlot):
193         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
194         * bridge/objc/objc_runtime.h:
195         * bridge/objc/objc_runtime.mm:
196         (JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlotVirtual):
197         * bridge/qt/qt_instance.cpp:
198         (JSC::Bindings::QtInstance::getOwnPropertySlot):
199         * bridge/qt/qt_runtime.cpp:
200         (JSC::Bindings::QtRuntimeMetaMethod::getOwnPropertySlotVirtual):
201         (JSC::Bindings::QtRuntimeConnectionMethod::getOwnPropertySlotVirtual):
202         * bridge/qt/qt_runtime.h:
203         * bridge/runtime_array.cpp:
204         (JSC::RuntimeArray::getOwnPropertySlotVirtual):
205         * bridge/runtime_array.h:
206         * bridge/runtime_method.cpp:
207         (JSC::RuntimeMethod::getOwnPropertySlotVirtual):
208         * bridge/runtime_method.h:
209         * bridge/runtime_object.cpp:
210         (JSC::Bindings::RuntimeObject::getOwnPropertySlotVirtual):
211         * bridge/runtime_object.h:
212
213 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
214
215         Windows build fix attempt after r97533.
216
217         * html/HTMLSelectElementWin.cpp:
218         (WebCore::HTMLSelectElement::platformHandleKeydownEvent):
219
220 2011-10-14  Darin Adler  <darin@apple.com>
221
222         Follow up the recent HTMLSelectElement improvements with a little bit more
223         https://bugs.webkit.org/show_bug.cgi?id=70139
224
225         Reviewed by Ryosuke Niwa.
226
227         Refactoring, covered by existing tests.
228
229         Mostly, this adds a toHTMLSelectElement and uses it wherever possible.
230
231         * accessibility/AccessibilityListBox.cpp:
232         (WebCore::AccessibilityListBox::canSetSelectedChildrenAttribute): Use toHTMLSelectElement.
233         (WebCore::AccessibilityListBox::addChildren): Ditto. Also removed unneeded toHTMLElement.
234         * accessibility/AccessibilityMenuListPopup.cpp:
235         (WebCore::AccessibilityMenuListPopup::addChildren): Ditto.
236         * accessibility/AccessibilityRenderObject.cpp:
237         (WebCore::AccessibilityRenderObject::isMultiSelectable): Ditto.
238         (WebCore::AccessibilityRenderObject::stringValue): Removed checks on the type of the
239         underlying node, since other code already assumes that a menu list renderer is only
240         created for a select element. Streamlined the code a bit and removed some unneeded
241         local variables.
242         * bindings/js/JSHTMLOptionsCollectionCustom.cpp:
243         (WebCore::JSHTMLOptionsCollection::indexSetter): Use toHTMLSelectElement.
244         * bindings/js/JSHTMLSelectElementCustom.cpp:
245         (WebCore::JSHTMLSelectElement::remove): Ditto.
246         (WebCore::JSHTMLSelectElement::indexSetter): Ditto.
247         * editing/FrameSelection.cpp:
248         (WebCore::FrameSelection::selectAll): Ditto.
249         * html/HTMLKeygenElement.cpp:
250         (WebCore::HTMLKeygenElement::shadowSelect): Ditto.
251         * html/HTMLOptGroupElement.cpp:
252         (WebCore::HTMLOptGroupElement::recalcSelectOptions): Ditto.
253         (WebCore::HTMLOptGroupElement::ownerSelectElement): Ditto.
254         * html/HTMLOptionElement.cpp:
255         (WebCore::HTMLOptionElement::selected): Changed code to call renamed
256         updateListItemSelectedStates rather than the confusing old name
257         recalcListItemsIfNeeded.
258         (WebCore::HTMLOptionElement::childrenChanged): Changed to call
259         optionElementChildrenChanged rather than calling childrenChanged,
260         because the children of the select element did not change!
261         (WebCore::HTMLOptionElement::ownerSelectElement): Use toHTMLSelectElement.
262         * html/HTMLOptionsCollection.cpp:
263         (WebCore::HTMLOptionsCollection::add): Use toHTMLSelectElement.
264         (WebCore::HTMLOptionsCollection::remove): Use toHTMLSelectElement.
265         (WebCore::HTMLOptionsCollection::selectedIndex): Use toHTMLSelectElement.
266         (WebCore::HTMLOptionsCollection::setSelectedIndex): Use toHTMLSelectElement.
267         (WebCore::HTMLOptionsCollection::setLength): Use toHTMLSelectElement.
268         * html/HTMLSelectElement.cpp:
269         (WebCore::HTMLSelectElement::setSelectedIndexByUser): Call setSelectedIndex
270         without the now-unneeded internal suffix.
271         (WebCore::HTMLSelectElement::parseMappedAttribute): When the code says that
272         we should "determine selectedness of the items", call updateListItemSelectedStates
273         rather than the confusingly named recalcListItemsIfNeeded.
274         (WebCore::HTMLSelectElement::updateListItemSelectedStates): Renamed
275         recalcListItemsIfNeeded to this, since that's what this function is for.
276         (WebCore::HTMLSelectElement::optionElementChildrenChanged): Added. Does
277         the same work as childrenChanged, although it does not call up to the
278         base class childrenChanged function. Later we might find we can remove
279         some of the work here, for example it's not clear we should call the
280         accessibility childrenChanged function.
281         (WebCore::HTMLSelectElement::nextValidIndex): Changed this to a member function
282         and made it get the list items itself rather than requiring they be passed in.
283         (WebCore::HTMLSelectElement::nextSelectableListIndex): Updated for change to
284         nextValidIndex.
285         (WebCore::HTMLSelectElement::previousSelectableListIndex): Ditto.
286         (WebCore::HTMLSelectElement::firstSelectableListIndex): Ditto.
287         (WebCore::HTMLSelectElement::lastSelectableListIndex): Ditto.
288         (WebCore::HTMLSelectElement::nextSelectableListIndexPageAway): Ditto.
289         (WebCore::HTMLSelectElement::listItems): Removed unneeded const_cast, since
290         recalcListItems is now a const member function. Call recalcListItems by that
291         name instead of recalcListItemsInternal.
292         (WebCore::HTMLSelectElement::recalcListItems): Renamed from recalcListItemsInternal
293         and made this a const member function. The data members that this needs to modify
294         are now mutable.
295         (WebCore::HTMLSelectElement::setSelectedIndex): Renamed from setSelectedIndexInternal.
296         Changed call to updateValidity to instead call setNeedsValidityCheck, since both
297         do the same thing.
298         (WebCore::HTMLSelectElement::parseMultipleAttribute): Ditto.
299         (WebCore::HTMLSelectElement::menuListDefaultEventHandler): Updated for change to
300         nextValidIndex, removed unneeded comparison with zero that's already handled by
301         casting to an unsigned type, and use setSelectedIndex instead of using
302         setSelectedIndexInternal since they are both the same thing.
303         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler): Removed another unneeded
304         comparision with zero that's handled by casting to an unsigned type.
305         (WebCore::HTMLSelectElement::lastSelectedListIndex): Use size_t instead of unsigned
306         for a vector index.
307         (WebCore::HTMLSelectElement::typeAheadFind): Use setSelectedIndex instead of
308         setSelectedIndexInternal.
309         (WebCore::HTMLSelectElement::insertedIntoTree): Removed unneeded explicit boolean
310         when calling a function that already has a default value of true.
311         (WebCore::HTMLSelectElement::accessKeySetSelectedIndex): Use setSelectedIndex
312         instead of setSelectedIndexInternal.
313
314         * html/HTMLSelectElement.h: Made childrenChanged private. Added
315         optionElementChildrenChanged. Renamed recalcListItemsIfNeeded to the clearer
316         updateListItemSelectedStates. Removed unused listBoxSelectItem. Removed
317         updateValidity after changing all callers to instead call setNeedsValidityCheck.
318         Made canSelectAll and selectAll non-virtual. Removed recalcListItemsInternal
319         since it's the same thing as recalcListItems now. Renamed setSelectedIndexInternal
320         to setSelectedIndex since it's the same function, just with a few arguments we
321         don't want to allow outside callers to pass. Changed nextValidIndex into a
322         non-static member function. Made m_listItems and m_shouldRecalcListItems mutable.
323         Added a toHTMLSelectElement function, modeled on the toElement function.
324
325         * html/ValidityState.cpp:
326         (WebCore::ValidityState::valueMissing): Use toHTMLSelectElement.
327         * rendering/RenderListBox.cpp:
328         (WebCore::RenderListBox::updateFromElement): Ditto.
329         (WebCore::RenderListBox::scrollToRevealSelection): Ditto.
330         (WebCore::RenderListBox::size): Ditto.
331         (WebCore::RenderListBox::numItems): Ditto.
332         (WebCore::RenderListBox::addFocusRingRects): Ditto.
333         (WebCore::RenderListBox::paintItemForeground): Ditto.
334         (WebCore::RenderListBox::paintItemBackground): Ditto.
335         (WebCore::RenderListBox::panScroll): Ditto.
336         (WebCore::RenderListBox::autoscroll): Ditto.
337         (WebCore::RenderListBox::stopAutoscroll): Ditto.
338         (WebCore::RenderListBox::valueChanged): Ditto.
339         (WebCore::RenderListBox::nodeAtPoint): Ditto.
340         * rendering/RenderMenuList.cpp:
341         (WebCore::RenderMenuList::updateOptionsWidth): Ditto.
342         (WebCore::RenderMenuList::updateFromElement): Ditto.
343         (WebCore::RenderMenuList::setTextFromOption): Ditto.
344         (WebCore::RenderMenuList::showPopup): Ditto.
345         (WebCore::RenderMenuList::valueChanged): Ditto.
346         (WebCore::RenderMenuList::listBoxSelectItem): Ditto.
347         (WebCore::RenderMenuList::multiple): Ditto.
348         (WebCore::RenderMenuList::didSetSelectedIndex): Ditto.
349         (WebCore::RenderMenuList::didUpdateActiveOption): Ditto.
350         (WebCore::RenderMenuList::itemText): Ditto.
351         (WebCore::RenderMenuList::itemAccessibilityText): Ditto.
352         (WebCore::RenderMenuList::itemToolTip): Ditto.
353         (WebCore::RenderMenuList::itemIsEnabled): Ditto. Also use the
354         disabled function instead of the virtual isEnabledFormControl
355         function to check if the optgroup is enabled.
356         (WebCore::RenderMenuList::itemStyle): Ditto.
357         (WebCore::RenderMenuList::itemBackgroundColor): Ditto.
358         (WebCore::RenderMenuList::listSize): Ditto.
359         (WebCore::RenderMenuList::selectedIndex): Ditto.
360         (WebCore::RenderMenuList::itemIsSeparator): Ditto.
361         (WebCore::RenderMenuList::itemIsLabel): Ditto.
362         (WebCore::RenderMenuList::itemIsSelected): Ditto.
363         (WebCore::RenderMenuList::setTextFromItem): Ditto.
364
365 2011-10-14  Mark Hahnenberg  <mhahnenberg@apple.com>
366
367         Rename virtual put to putVirtual
368         https://bugs.webkit.org/show_bug.cgi?id=69851
369
370         Reviewed by Darin Adler.
371
372         No new tests.
373
374         Renamed virtual versions of put to putVirtual in prepration for 
375         adding the static put to the MethodTable in ClassInfo since the 
376         compiler gets mad if the virtual and static versions have the same 
377         name.
378
379         * WebCore.exp.in:
380         * bindings/js/JSDOMWindowCustom.cpp:
381         (WebCore::JSDOMWindow::putVirtual):
382         * bindings/js/JSDOMWindowShell.cpp:
383         (WebCore::JSDOMWindowShell::putVirtual):
384         * bindings/js/JSDOMWindowShell.h:
385         * bindings/js/JSLocationCustom.cpp:
386         (WebCore::JSLocation::putDelegate):
387         * bindings/js/JSPluginElementFunctions.cpp:
388         (WebCore::runtimeObjectCustomPut):
389         * bindings/js/SerializedScriptValue.cpp:
390         (WebCore::CloneDeserializer::putProperty):
391         * bindings/objc/WebScriptObject.mm:
392         (-[WebScriptObject setValue:forKey:]):
393         (-[WebScriptObject setWebScriptValueAtIndex:value:]):
394         * bindings/scripts/CodeGeneratorJS.pm:
395         (GenerateHeader):
396         (GenerateImplementation):
397         * bindings/scripts/test/JS/JSTestObj.cpp:
398         (WebCore::JSTestObj::putVirtual):
399         * bindings/scripts/test/JS/JSTestObj.h:
400         * bridge/NP_jsobject.cpp:
401         (_NPN_SetProperty):
402         * bridge/jni/jni_jsobject.mm:
403         (JavaJSObject::setMember):
404         (JavaJSObject::setSlot):
405         * bridge/objc/objc_runtime.h:
406         * bridge/objc/objc_runtime.mm:
407         (JSC::Bindings::ObjcFallbackObjectImp::putVirtual):
408         * bridge/qt/qt_instance.cpp:
409         (JSC::Bindings::QtInstance::put):
410         * bridge/qt/qt_runtime.cpp:
411         (JSC::Bindings::convertQVariantToValue):
412         * bridge/runtime_array.cpp:
413         (JSC::RuntimeArray::putVirtual):
414         * bridge/runtime_array.h:
415         * bridge/runtime_object.cpp:
416         (JSC::Bindings::RuntimeObject::putVirtual):
417         * bridge/runtime_object.h:
418         * bridge/testqtbindings.cpp:
419         (main):
420
421 2011-10-14  Sheriff Bot  <webkit.review.bot@gmail.com>
422
423         Unreviewed, rolling out r97519.
424         http://trac.webkit.org/changeset/97519
425         https://bugs.webkit.org/show_bug.cgi?id=70156
426
427         Broke 79+ tests on bots (Requested by dglazkov on #webkit).
428
429         * platform/graphics/skia/GraphicsContextSkia.cpp:
430         (WebCore::getFocusRingOutset):
431         (WebCore::GraphicsContext::drawFocusRing):
432
433 2011-09-28  Robert Hogan  <robert@webkit.org>
434
435         Replaced elements squeezed when width is specified as percentage inside a table with Auto layout
436         https://bugs.webkit.org/show_bug.cgi?id=29447
437
438         If inserting a 'replaced' element (e.g. image, plugin) in a table cell that is not descendant from
439         a block with fixed layout then do not squeeze the element, let it use its intrinsic width and height.
440
441         Reviewed by David Hyatt.
442
443         Test: fast/replaced/table-percent-width.html
444
445         * rendering/RenderBox.cpp:
446         (WebCore::shouldExpandToIntrinsicDimension):
447         (WebCore::RenderBox::containingBlockReplacedLogicalWidthForContent):
448         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
449         (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
450         * rendering/RenderBox.h:
451
452 2011-10-14  Cary Clark  <caryclark@google.com>
453
454         [Chromium Skia on Mac] Improve focus ring
455         https://bugs.webkit.org/show_bug.cgi?id=70124
456
457         Reviewed by Eric Seidel.
458         
459         The focus ring code formerly outset the bounds of
460         the component rectangles by fractional amounts. Because
461         the rectangles are SkIRect (integer based), the fractional
462         outset had no effect.
463
464         The equivalent code in GraphicsContextMac.mm computes
465         the curve radius and rectangle outset with integers, so
466         the use of floats in Skia's case, besides not working,
467         is unnecessary.
468
469         The Skia code also failed to take the offset into account.
470         In LayoutTests, the focus rings either have an offset of
471         0 or 2. The CoreGraphics code increases the ring's rectangles
472         by the offset, then passes the result to wkDrawFocusRing.
473
474         I did not find any documentation about how wkDrawFocusRing
475         further inflates the focus ring, but empirically I determined
476         that adding 2 to the offset generated rings with identical
477         outer diameters.
478  
479         With these adjustments, the layout tests generate focus rings
480         in the Skia on Mac case that match the coverage of the
481         Chromium CG-based platform, in particular, matching:
482         
483         editing/inserting/editable-inline-element.html
484         editing/selection/3690703-2.html
485
486         * platform/graphics/skia/GraphicsContextSkia.cpp:
487         (WebCore::getFocusRingOutset):
488         (WebCore::GraphicsContext::drawFocusRing):
489
490 2011-10-14  Chang Shu  <cshu@webkit.org>
491
492         [Qt] Enable fullscreen api on Qt
493         https://bugs.webkit.org/show_bug.cgi?id=70131
494
495         As a result, we have 3 passed tests.
496
497         Reviewed by Noam Rosenthal.
498
499         * features.pri:
500
501 2011-10-14  Beth Dakin  <bdakin@apple.com>
502
503         https://bugs.webkit.org/show_bug.cgi?id=70148
504         Should switch to CoreUI version of CorrectionDot, GrammarDot, and SpellingDot
505         -and corresponding-
506         <rdar://problem/10208281>
507
508         Reviewed by Anders Carlsson.
509
510         Use NS*Dot whenever it's available, and fallback to *Dot only when it is not.
511         * platform/graphics/mac/GraphicsContextMac.mm:
512         (WebCore::createPatternColor):
513         (WebCore::GraphicsContext::drawLineForTextChecking):
514
515 2011-10-14  Dmitry Lomov  <dslomov@google.com>
516
517         https://bugs.webkit.org/show_bug.cgi?id=70120
518         [Chromium] Pass MessagePortArray to SerializedScriptValue::serialize/deserialize.
519         This patch augments SerializedScriptValue with MessagePortArray* parameter to implement MessagePort 
520         transfer within the message in the future.
521
522         Reviewed by David Levin.
523
524         * bindings/scripts/CodeGeneratorV8.pm:
525         (GenerateParametersCheck):
526         * bindings/v8/SerializedScriptValue.cpp:
527         (WebCore::SerializedScriptValue::create):
528         (WebCore::SerializedScriptValue::SerializedScriptValue):
529         (WebCore::SerializedScriptValue::deserialize):
530         * bindings/v8/SerializedScriptValue.h:
531         * bindings/v8/custom/V8DOMWindowCustom.cpp:
532         (WebCore::handlePostMessageCallback):
533         (WebCore::V8DOMWindow::postMessageCallback):
534         (WebCore::V8DOMWindow::webkitPostMessageCallback):
535         * bindings/v8/custom/V8DedicatedWorkerContextCustom.cpp:
536         (WebCore::handlePostMessageCallback):
537         (WebCore::V8DedicatedWorkerContext::postMessageCallback):
538         (WebCore::V8DedicatedWorkerContext::webkitPostMessageCallback):
539         * bindings/v8/custom/V8HistoryCustom.cpp:
540         (WebCore::V8History::pushStateCallback):
541         (WebCore::V8History::replaceStateCallback):
542         * bindings/v8/custom/V8MessageEventCustom.cpp:
543         (WebCore::V8MessageEvent::dataAccessorGetter):
544         * bindings/v8/custom/V8MessagePortCustom.cpp:
545         (WebCore::handlePostMessageCallback):
546         (WebCore::V8MessagePort::postMessageCallback):
547         (WebCore::V8MessagePort::webkitPostMessageCallback):
548         * bindings/v8/custom/V8WorkerCustom.cpp:
549         (WebCore::handlePostMessageCallback):
550         (WebCore::V8Worker::postMessageCallback):
551         (WebCore::V8Worker::webkitPostMessageCallback):
552         * workers/Worker.idl:
553
554 2011-10-14  Jeff Miller  <jeffm@apple.com>
555
556         InjectedBundleHitTestResult::imageRect() should return rect in WKView coordinates
557         https://bugs.webkit.org/show_bug.cgi?id=69963
558         
559         Add infrastructure to convert from any frame view's coordinate system to the
560         root view's coordinate system.
561
562         Reviewed by Simon Fraser.
563
564         No new tests (yet), this is covered by <https://bugs.webkit.org/show_bug.cgi?id=70136>.
565
566         * WebCore.exp.in: Exported WebCore::ScrollView::contentsToRootView(), used by InjectedBundleHitTestResult.cpp.
567         
568         * platform/ScrollView.cpp:
569         (WebCore::ScrollView::rootViewToContents): Added (both point and rect versions).
570         (WebCore::ScrollView::contentsToRootView): Ditto.
571         
572         * platform/ScrollView.h: Added member functions to convert to/from root view coordinates.
573         
574         * platform/Widget.cpp:
575         (WebCore::Widget::convertFromRootView): Added (both point and rect versions).
576         (WebCore::Widget::convertToRootView): Ditto.
577         
578         * platform/Widget.h: Added member functions to convert to/from root view coordinates.
579
580 2011-10-14  Andreas Kling  <kling@webkit.org>
581
582         CSSParser: Remove StyleBase usage.
583         https://bugs.webkit.org/show_bug.cgi?id=70150
584
585         Reviewed by Darin Adler.
586
587         Split CSSParser::m_parsedStyleObjects into two vectors of
588         CSSRules and MediaLists.
589
590         * css/CSSParser.cpp:
591         (WebCore::CSSParser::createMediaList):
592         (WebCore::CSSParser::createCharsetRule):
593         (WebCore::CSSParser::createImportRule):
594         (WebCore::CSSParser::createMediaRule):
595         (WebCore::CSSParser::createKeyframesRule):
596         (WebCore::CSSParser::createStyleRule):
597         (WebCore::CSSParser::createFontFaceRule):
598         (WebCore::CSSParser::createPageRule):
599         (WebCore::CSSParser::createKeyframeRule):
600         * css/CSSParser.h:
601
602 2011-10-14  Adam Barth  <abarth@webkit.org>
603
604         canvas getImageData should explain why it throws SECURITY_ERR
605         https://bugs.webkit.org/show_bug.cgi?id=70088
606
607         Reviewed by Darin Adler.
608
609         Log as message to the console when getImageData fails because the
610         canvas is tainted.
611
612         * html/canvas/CanvasRenderingContext2D.cpp:
613         (WebCore::CanvasRenderingContext2D::getImageData):
614
615 2011-10-14  Andreas Kling  <kling@webkit.org>
616
617         Inspector: Remove StyleBase usage.
618         https://bugs.webkit.org/show_bug.cgi?id=70138
619
620         Reviewed by Antti Koivisto.
621
622         Be fully specific about whether we're operating on a CSSRule or
623         a CSSStyleSheet.
624
625         No behavior change expected, this merely is a cleanup.
626
627         * inspector/InspectorCSSAgent.cpp:
628         (WebCore::InspectorCSSAgent::parentStyleSheet):
629         (WebCore::InspectorCSSAgent::asCSSStyleRule):
630         * inspector/InspectorCSSAgent.h:
631         * inspector/InspectorStyleSheet.cpp:
632         (WebCore::asCSSRuleList):
633
634 2011-10-14  Mark Hahnenberg  <mhahnenberg@apple.com>
635
636         Rename virtual deleteProperty to deletePropertyVirtual
637         https://bugs.webkit.org/show_bug.cgi?id=69884
638
639         Reviewed by Darin Adler.
640
641         No new tests.
642
643         Renamed virtual versions of deleteProperty to deletePropertyVirtual in prepration for 
644         adding the static deleteProperty to the MethodTable in ClassInfo since the 
645         compiler gets mad if the virtual and static versions have the same name.
646
647         * WebCore.exp.in:
648         * bindings/js/JSDOMStringMapCustom.cpp:
649         (WebCore::JSDOMStringMap::deletePropertyVirtual):
650         * bindings/js/JSDOMWindowCustom.cpp:
651         (WebCore::JSDOMWindow::deletePropertyVirtual):
652         * bindings/js/JSDOMWindowShell.cpp:
653         (WebCore::JSDOMWindowShell::deletePropertyVirtual):
654         * bindings/js/JSDOMWindowShell.h:
655         * bindings/js/JSHistoryCustom.cpp:
656         (WebCore::JSHistory::deletePropertyVirtual):
657         * bindings/js/JSLocationCustom.cpp:
658         (WebCore::JSLocation::deletePropertyVirtual):
659         * bindings/js/JSStorageCustom.cpp:
660         (WebCore::JSStorage::deletePropertyVirtual):
661         * bindings/js/ScriptObject.cpp:
662         (WebCore::ScriptGlobalObject::remove):
663         * bindings/objc/WebScriptObject.mm:
664         (-[WebScriptObject removeWebScriptKey:]):
665         * bindings/scripts/CodeGeneratorJS.pm:
666         (GenerateHeader):
667         * bridge/NP_jsobject.cpp:
668         (_NPN_RemoveProperty):
669         * bridge/jni/jni_jsobject.mm:
670         (JavaJSObject::removeMember):
671         * bridge/objc/objc_runtime.h:
672         * bridge/objc/objc_runtime.mm:
673         (JSC::Bindings::ObjcFallbackObjectImp::deletePropertyVirtual):
674         * bridge/runtime_array.cpp:
675         (JSC::RuntimeArray::deletePropertyVirtual):
676         * bridge/runtime_array.h:
677         * bridge/runtime_object.cpp:
678         (JSC::Bindings::RuntimeObject::deletePropertyVirtual):
679         * bridge/runtime_object.h:
680
681 2011-10-14  Simon Fraser  <simon.fraser@apple.com>
682
683         Web Inspector: WebProcess crashes hard when inspecting elements with border-images applied
684         https://bugs.webkit.org/show_bug.cgi?id=70105
685
686         Reviewed by Dave Hyatt.
687         
688         Fix three different crashes related to getting computed style for border-image.
689         In both valueForNinePieceImageSlice() and valueForNinePieceImageQuad(),
690         assign 'right' to 'left' because we've computed a value for 'right' already.
691         Otherwise this would leave 'right' as null, causing later crashes in cssText().
692         
693         In mapNinePieceImage(), borderImage->imageValue() can be null for a border-image
694         shorthand that is missing the image value.
695
696         Test: fast/css/getComputedStyle/computed-style-border-image.html
697
698         * css/CSSComputedStyleDeclaration.cpp:
699         (WebCore::valueForNinePieceImageSlice):
700         (WebCore::valueForNinePieceImageQuad):
701         * css/CSSStyleSelector.cpp:
702         (WebCore::CSSStyleSelector::mapNinePieceImage):
703
704 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
705
706         Mac build fix after r97497.
707
708         * editing/markup.cpp:
709         (WebCore::isNonTableCellHTMLBlockElement):
710
711 2011-10-14  Daniel Cheng  <dcheng@chromium.org>
712
713         Context-aware HTML paste for Chromium
714         https://bugs.webkit.org/show_bug.cgi?id=62112
715
716         Reviewed by Ryosuke Niwa.
717
718         Add createFragmentFromMarkupWithContext which understands enough about DOM structure to
719         retain necessary elements to preserve structure and appearance when extracting a subset of
720         a DOM tree.
721
722         Covered by existing layout tests.
723
724         * editing/MarkupAccumulator.h:
725         * editing/markup.cpp:
726         (WebCore::isNonTableCellHTMLBlockElement):
727         (WebCore::isHTMLBlockElement):
728         (WebCore::ancestorToRetainStructureAndAppearanceForBlock):
729         (WebCore::ancestorToRetainStructureAndAppearance):
730         (WebCore::ancestorToRetainStructureAndAppearanceWithNoRenderer):
731         (WebCore::findNodesSurroundingContext):
732         (WebCore::trimFragment):
733         (WebCore::createFragmentFromMarkupWithContext):
734         * editing/markup.h:
735         * platform/chromium/ChromiumDataObject.cpp:
736         (WebCore::ChromiumDataObject::getData):
737         * platform/chromium/DataTransferItemChromium.cpp:
738         (WebCore::DataTransferItemChromium::getAsString):
739         * platform/chromium/PasteboardChromium.cpp:
740         (WebCore::Pasteboard::documentFragment):
741         * platform/chromium/PlatformSupport.h:
742
743 2011-10-14  Peter Beverloo  <peter@chromium.org>
744
745         [Chromium] Inherit settings from Chromium's envsetup.sh, address a NDK todo
746         https://bugs.webkit.org/show_bug.cgi?id=70028
747
748         Reviewed by Adam Barth.
749
750         * WebCore.gyp/WebCore.gyp:
751
752 2011-10-14  Nate Chapin  <japhet@chromium.org>
753
754         Check CachedResourceClient types with ASSERTs rather
755         than if statements.
756         https://bugs.webkit.org/show_bug.cgi?id=70113
757
758         Reviewed by Adam Barth.
759
760         No new tests, no functionality change.
761
762         * loader/cache/CachedCSSStyleSheet.cpp:
763         * loader/cache/CachedFont.cpp:
764         * loader/cache/CachedImage.cpp:
765         * loader/cache/CachedResourceClientWalker.h:
766         * loader/cache/CachedXSLStyleSheet.cpp:
767
768 2011-10-14  Andreas Kling  <kling@webkit.org>
769
770         Don't assert that CSSRules are CSSRules.
771
772         Rubber-stamped by Antti Koivisto.
773
774         * css/CSSRule.h:
775         (WebCore::CSSRule::isRule):
776         * css/CSSStyleSheet.cpp:
777         (WebCore::CSSStyleSheet::append):
778         (WebCore::CSSStyleSheet::insert):
779
780 2011-10-14  Beth Dakin  <bdakin@apple.com>
781
782         Attempted Leopard build fix.
783
784         * platform/graphics/GraphicsContext.cpp:
785         (WebCore::GraphicsContext::createCompatibleBuffer):
786
787 2011-10-14  Andreas Kling  <kling@webkit.org>
788
789         CSSStyleSheet should only ever contain CSSRules.
790         https://bugs.webkit.org/show_bug.cgi?id=70116
791
792         Reviewed by Antti Koivisto.
793
794         Move child management from the StyleSheet class down into
795         CSSStyleSheet and XSLStyleSheet. XSLStyleSheet continues to
796         manage StyleBase objects, while CSSStyleSheet now only contains
797         CSSRule.
798
799         This is enforced at both compile time and runtime with explicit
800         types and assertions.
801
802         * css/CSSRule.h:
803         (WebCore::CSSRule::isRule):
804
805             Promoted to a public method so we can use it in assertions.
806
807         * css/CSSRuleList.h:
808         (WebCore::CSSRuleList::create):
809         (WebCore::CSSRuleList::styleSheet):
810         * css/CSSRuleList.cpp:
811         (WebCore::CSSRuleList::CSSRuleList):
812         * bindings/js/JSCSSRuleListCustom.cpp:
813         (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots):
814
815             Change backing to a CSSStyleSheet instead of a StyleSheet.
816
817         * css/CSSRuleList.cpp:
818         (WebCore::CSSRuleList::item):
819
820             Remove redundant assertions.
821
822         * css/CSSStyleSheet.cpp:
823         (WebCore::CSSStyleSheet::isLoading):
824         (WebCore::CSSStyleSheet::addSubresourceStyleURLs):
825         * css/CSSStyleSelector.cpp:
826         (WebCore::RuleSet::addRulesFromSheet):
827         * inspector/InspectorCSSAgent.cpp:
828         (WebCore::InspectorCSSAgent::collectStyleSheets):
829         * page/PageSerializer.cpp:
830         (WebCore::PageSerializer::serializeCSSStyleSheet):
831
832             Use more specific CSSRule* since that's what we get from
833             CSSStyleSheet::item() now.
834
835         * css/StyleSheet.cpp:
836         (WebCore::StyleSheet::~StyleSheet):
837         * css/CSSStyleSheet.cpp:
838         (WebCore::CSSStyleSheet::~CSSStyleSheet):
839         * xml/XSLStyleSheetLibxslt.cpp:
840         (WebCore::XSLStyleSheet::~XSLStyleSheet):
841         * xml/XSLStyleSheetQt.cpp:
842         (WebCore::XSLStyleSheet::~XSLStyleSheet):
843
844             Orphaning logic from ~StyleSheet() moved to subclass dtors.
845
846         * css/StyleSheet.h:
847         * css/CSSStyleSheet.h:
848         (WebCore::CSSStyleSheet::length):
849         (WebCore::CSSStyleSheet::item):
850         * css/CSSStyleSheet.cpp:
851         (WebCore::CSSStyleSheet::append):
852         (WebCore::CSSStyleSheet::insert):
853         (WebCore::CSSStyleSheet::remove):
854
855             Moved from StyleSheet and changed to only accept CSSRules.
856
857         * css/StyleSheet.h:
858         * xml/XSLStyleSheet.h:
859         (WebCore::XSLStyleSheet::length):
860         (WebCore::XSLStyleSheet::item):
861         (WebCore::XSLStyleSheet::append):
862         (WebCore::XSLStyleSheet::insert):
863         (WebCore::XSLStyleSheet::remove):
864
865             Moved from StyleSheet though still uses StyleBase.
866
867 2011-10-14 Yuji Sanachan <sanachan.y@gmail.com>
868
869         Include dom/ExceptionCode.h instead of Filesystem APIs headers
870         to fix compile error when ENABLE_WORKERS=1 and ENABLE_FILE_SYSTEM=0
871         https://bugs.webkit.org/show_bug.cgi?id=70036
872
873         Reviewed by Darin Adler.
874
875         * workers/WorkerContext.cpp:
876         (WebCore::WorkerContext::importScript):
877
878 2011-10-14  Darin Adler  <darin@apple.com>
879
880         Text drawn via -webkit-background-clip:text should be non-blurry with all scaling 
881         techniques
882         https://bugs.webkit.org/show_bug.cgi?id=68641
883
884         Reviewed by Simon Fraser. Committed by Beth Dakin.
885
886         * platform/graphics/GraphicsContext.cpp:
887         (WebCore::GraphicsContext::createCompatibleBuffer): Allocate a buffer based on the 
888         scale
889         factor of the context.
890         * platform/graphics/GraphicsContext.h: Added createCompatibleBuffer.
891
892         * rendering/RenderBoxModelObject.cpp:
893         (WebCore::RenderBoxModelObject::paintFillLayerExtended): Use 
894         createCompatibleBuffer.
895
896 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
897
898         Move selectionStartStyle and selectionHasStyle to EditingStyle
899         https://bugs.webkit.org/show_bug.cgi?id=69882
900
901         Reviewed by Enrica Casucci.
902
903         Moved selectionHasStyle and selectionStartStyle from Editor to EditingStyle.
904         Also moved much of code in Editor::selectionStartCSSPropertyValue to method of EditingStyle.
905
906         In addition, moved Range::editingStartPosition to htmlediting where it belongs
907         and renamed it to adjustedSelectionStartForStyleComputation.
908
909         * dom/Range.cpp:
910         * dom/Range.h:
911         * editing/EditingStyle.cpp:
912         (WebCore::EditingStyle::triStateOfStyle): Extracted from selectionHasStyle.
913         (WebCore::EditingStyle::legacyFontSize): Extracted from selectionStartCSSPropertyValue.
914         (WebCore::EditingStyle::styleAtSelectionStart): Moved from Editor::selectionStartStyle.
915         * editing/EditingStyle.h:
916         * editing/Editor.cpp:
917         (WebCore::Editor::fontForSelection):
918         (WebCore::Editor::selectionStartHasStyle):
919         (WebCore::Editor::selectionHasStyle):
920         (WebCore::Editor::selectionStartCSSPropertyValue):
921         * editing/Editor.h:
922         * editing/EditorCommand.cpp:
923         (WebCore::executeToggleStyleInList):
924         * editing/htmlediting.cpp:
925         (WebCore::adjustedSelectionStartForStyleComputation): Moved from Range::editingStartPosition.
926         * editing/htmlediting.h:
927
928 2011-10-14  Ryosuke Niwa  <rniwa@webkit.org>
929
930         Redundant comparison in AccessibilityObject.cpp updateAXLineStartForVisiblePosition
931         https://bugs.webkit.org/show_bug.cgi?id=70074
932
933         Reviewed by Chris Fleizach.
934
935         Removed redundant code.
936
937         * accessibility/AccessibilityObject.cpp:
938         (WebCore::updateAXLineStartForVisiblePosition):
939
940 2011-10-12  Ryosuke Niwa  <rniwa@webkit.org>
941
942         Make the interface of locationAndLengthFromRange and rangeFromLocationAndLength consistent
943         https://bugs.webkit.org/show_bug.cgi?id=69964
944
945         Reviewed by Enrica Casucci.
946
947         Extracted the logic to determine the scope element as FrameSelection::rootEditableElementOrDocumentElement
948         and deployed it in WebKit layer. Made locationAndLengthFromRange take a scope element and renamed it to
949         getLocationAndLengthFromRange.
950
951         * WebCore.exp.in:
952         * editing/FrameSelection.cpp:
953         (WebCore::FrameSelection::rootEditableElementOrDocumentElement):
954         * editing/FrameSelection.h:
955         * editing/TextIterator.cpp:
956         (WebCore::TextIterator::getLocationAndLengthFromRange):
957         * editing/TextIterator.h:
958
959 2011-10-13  Arko Saha  <arko@motorola.com>
960
961         Microdata: Basic implementation of document.getItems() method.
962         https://bugs.webkit.org/show_bug.cgi?id=68610
963
964         Reviewed by Ryosuke Niwa.
965
966         Added ENABLE(MICRODATA) feature flag. Implement document.getItems() DOM API.
967         Spec: http://www.whatwg.org/specs/web-apps/current-work/complete/microdata.html
968
969         Tests: fast/dom/MicroData/001.html
970                fast/dom/MicroData/002.html
971                fast/dom/MicroData/003.html
972                fast/dom/MicroData/004.html
973                fast/dom/MicroData/005.html
974                fast/dom/MicroData/006.html
975                fast/dom/MicroData/007.html
976                fast/dom/MicroData/008.html
977                fast/dom/MicroData/009.html
978
979         * CMakeLists.txt:
980         * DerivedSources.make:
981         * GNUmakefile.am:
982         * GNUmakefile.list.am:
983         * WebCore.gypi:
984         * WebCore.pro:
985         * WebCore.vcproj/WebCore.vcproj:
986         * dom/Document.cpp:
987         (WebCore::Document::getItems): Returns NodeList of the element in the Document that
988         create items, that are not part of other items, and that are of one of the types
989         given in the argument. If no tokens specified/undefined in the argument, then
990         return a NodeList containing all top level microdata items.
991         (WebCore::Document::removeCachedMicroDataItemList): Remove Microdata item node list
992         from cache.
993         * dom/Document.h:
994         * dom/Document.idl: Added getItems() microdata DOM API.
995         * dom/MicroDataItemList.cpp: Added.
996         (WebCore::MicroDataItemList::MicroDataItemList):
997         (WebCore::MicroDataItemList::~MicroDataItemList):
998         (WebCore::MicroDataItemList::nodeMatches):
999         * dom/MicroDataItemList.h: Added.
1000         (WebCore::MicroDataItemList::create):
1001         * dom/Node.cpp:
1002         (WebCore::Node::itemTypeAttributeChanged): It is responsible to invalidate the Microdata
1003         item node cache when itemType attribute changes.
1004         (WebCore::NodeListsNodeData::invalidateCachesThatDependOnAttributes):
1005         (WebCore::NodeListsNodeData::invalidateMicrodataItemListCaches): Invalidate Microdata item
1006         list cache.
1007         (WebCore::NodeListsNodeData::isEmpty):
1008         * dom/Node.h:
1009         * dom/NodeRareData.h:
1010         * features.pri:
1011         * html/HTMLAttributeNames.in: Added itemid, itemprop, itemscope, itemtype attributes.
1012         * html/HTMLElement.cpp:
1013         (WebCore::HTMLElement::parseMappedAttribute): Handle itemtype attribute change.
1014         * html/HTMLElement.idl: Added itemid, itemprop, itemscope, itemtypes microdata attributes.
1015
1016 2011-10-14  Andreas Kling  <kling@webkit.org>
1017
1018         Stricter management of WebKitCSSKeyframeRules.
1019         https://bugs.webkit.org/show_bug.cgi?id=70109
1020
1021         Reviewed by Antti Koivisto.
1022
1023         Covered by existing tests.
1024
1025         * css/CSSParser.h:
1026         * css/CSSParser.cpp:
1027         (WebCore::CSSParser::parseKeyframeRule):
1028
1029             Return a WebKitCSSKeyframeRule instead of a CSSRule.
1030
1031         * css/CSSRuleList.cpp:
1032         (WebCore::CSSRuleList::deleteRule):
1033         * css/WebKitCSSKeyframesRule.cpp:
1034         (WebCore::WebKitCSSKeyframesRule::deleteRule):
1035
1036             Moved style sheet orphaning logic for @-webkit-keyframe
1037             from CSSRuleList into WebKitCSSKeyframesRule::deleteRule()
1038             since that's the only caller operating on those rules.
1039
1040         * css/WebKitCSSKeyframesRule.cpp:
1041         (WebCore::WebKitCSSKeyframesRule::~WebKitCSSKeyframesRule):
1042         (WebCore::WebKitCSSKeyframesRule::length):
1043         (WebCore::WebKitCSSKeyframesRule::item):
1044         (WebCore::WebKitCSSKeyframesRule::insertRule):
1045
1046             Change isKeyframeRule() checks to assertions since we know
1047             our rules are always WebKitCSSKeyframeRules. Also tidied up.
1048
1049 2011-10-14  Andreas Kling  <kling@webkit.org>
1050
1051         Unreviewed, actually remove StyleList.* after r97640.
1052
1053         * css/StyleList.cpp: Removed.
1054         * css/StyleList.h: Removed.
1055
1056 2011-10-14  Andreas Kling  <kling@webkit.org>
1057
1058         Merge StyleList into StyleSheet.
1059         https://bugs.webkit.org/show_bug.cgi?id=70100
1060
1061         Reviewed by Antti "printf" Koivisto.
1062
1063         Merge all functionality from StyleList into StyleSheet,
1064         since StyleSheet was the only subclass of StyleList anyway.
1065
1066         Also removed FIXME's about throwing exceptions in CSSRuleList
1067         since they were incorrect. The call sites already handle the
1068         relevant cases.
1069
1070         * CMakeLists.txt:
1071         * GNUmakefile.list.am:
1072         * WebCore.gypi:
1073         * WebCore.pro:
1074         * WebCore.vcproj/WebCore.vcproj:
1075         * WebCore.xcodeproj/project.pbxproj:
1076         * bindings/js/JSCSSRuleListCustom.cpp:
1077         (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots):
1078         * css/CSSRuleList.cpp:
1079         (WebCore::CSSRuleList::CSSRuleList):
1080         (WebCore::CSSRuleList::length):
1081         (WebCore::CSSRuleList::item):
1082         (WebCore::CSSRuleList::deleteRule):
1083         (WebCore::CSSRuleList::append):
1084         (WebCore::CSSRuleList::insertRule):
1085         * css/CSSRuleList.h:
1086         (WebCore::CSSRuleList::create):
1087         (WebCore::CSSRuleList::styleSheet):
1088         * css/StyleList.cpp: Removed.
1089         * css/StyleList.h: Removed.
1090         * css/StyleSheet.cpp:
1091         (WebCore::StyleSheet::StyleSheet):
1092         (WebCore::StyleSheet::append):
1093         (WebCore::StyleSheet::insert):
1094         (WebCore::StyleSheet::remove):
1095         * css/StyleSheet.h:
1096         (WebCore::StyleSheet::length):
1097         (WebCore::StyleSheet::item):
1098
1099 2011-10-14  Mihnea Ovidenie  <mihnea@adobe.com>
1100
1101         [CSS Regions] Change -webkit-flow to -webkit-flow-into
1102         https://bugs.webkit.org/show_bug.cgi?id=70014
1103
1104         Reviewed by David Hyatt.
1105
1106         1. -webkit-flow is renamed to -webkit-flow-into
1107         2. -webkit-flow-into takes <ident> instead of strings
1108
1109         * css/CSSComputedStyleDeclaration.cpp:
1110         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1111         * css/CSSParser.cpp:
1112         (WebCore::CSSParser::parseValue):
1113         (WebCore::validFlowName):
1114         (WebCore::CSSParser::parseFlowThread):
1115         * css/CSSPropertyNames.in:
1116         * css/CSSStyleSelector.cpp:
1117         (WebCore::CSSStyleSelector::applyProperty):
1118
1119 2011-10-12  Hans Wennborg  <hans@chromium.org>
1120
1121         IndexedDB: Remove SQLite backing store
1122         https://bugs.webkit.org/show_bug.cgi?id=69620
1123
1124         Reviewed by Darin Fisher.
1125
1126         Remove the SQLite backing store implementation; it is not used anymore.
1127         Also remove the maximumSize parameter, it is not used either.
1128
1129         No new functionality, so no new tests.
1130
1131         * GNUmakefile.list.am:
1132         * WebCore.gypi:
1133         * storage/IDBBackingStore.h:
1134         * storage/IDBFactory.cpp:
1135         (WebCore::IDBFactory::getDatabaseNames):
1136         (WebCore::IDBFactory::open):
1137         * storage/IDBFactoryBackendImpl.cpp:
1138         (WebCore::computeFileIdentifier):
1139         (WebCore::computeUniqueIdentifier):
1140         (WebCore::IDBFactoryBackendImpl::getDatabaseNames):
1141         (WebCore::IDBFactoryBackendImpl::open):
1142         (WebCore::IDBFactoryBackendImpl::openBackingStore):
1143         * storage/IDBFactoryBackendImpl.h:
1144         * storage/IDBFactoryBackendInterface.h:
1145         * storage/IDBLevelDBBackingStore.cpp:
1146         (WebCore::IDBLevelDBBackingStore::open):
1147         * storage/IDBLevelDBBackingStore.h:
1148         * storage/IDBSQLiteBackingStore.cpp: Removed.
1149         * storage/IDBSQLiteBackingStore.h: Removed.
1150
1151 2011-10-14  Nikolas Zimmermann  <nzimmermann@rim.com>
1152
1153         Not reviewed. Fix mac builds. r97448 broke them.
1154
1155         * WebCore.xcodeproj/project.pbxproj: Set ImageBySizeCache.h role to private.
1156
1157 2011-10-14  Justin Schuh  <jschuh@chromium.org>
1158
1159         Clear WebMediaPlayerClientImpl back pointer on destruction
1160         https://bugs.webkit.org/show_bug.cgi?id=69973
1161
1162         Reviewed by James Robinson.
1163
1164         Clear the backpointer and remove the unused m_currentFrame
1165
1166         * platform/graphics/chromium/VideoLayerChromium.cpp:
1167         (WebCore::VideoLayerChromium::VideoLayerChromium):
1168         (WebCore::VideoLayerChromium::cleanupResources):
1169         (WebCore::VideoLayerChromium::updateCompositorResources):
1170         (WebCore::VideoLayerChromium::releaseProvider):
1171         * platform/graphics/chromium/VideoLayerChromium.h:
1172
1173 2011-10-13  Hans Wennborg  <hans@chromium.org>
1174
1175         IndexedDB: Make IDBCursor.value() return an IDBAny object
1176         https://bugs.webkit.org/show_bug.cgi?id=70024
1177
1178         Reviewed by Tony Chang.
1179
1180         This is to work around the fact that the V8 bindings mechanism does
1181         eager deserialization of SerializedScriptValue attributes. This means
1182         that the value is fetched from the back-end only once, when the
1183         IDBCursor is first wrapped. When the cursor's value changes, this is
1184         not reflected.
1185
1186         We work around this by making IDBCursor.value() return the
1187         SerializedScriptValue wrapped in an IDBAny object.
1188
1189         * storage/IDBCursor.cpp:
1190         (WebCore::IDBCursor::value):
1191         * storage/IDBCursor.h:
1192         * storage/IDBCursorWithValue.idl:
1193
1194 2011-10-14  Rémi Duraffort  <remi.duraffort@st.com>
1195
1196         Fix compilation when the JS Debugger is disabled.
1197         https://bugs.webkit.org/show_bug.cgi?id=70007
1198
1199         Reviewed by Antti Koivisto.
1200
1201         * inspector/InspectorInstrumentation.cpp:
1202         (WebCore::InspectorInstrumentation::willEvaluateWorkerScript):
1203         * inspector/InspectorRuntimeAgent.cpp:
1204         * inspector/InspectorRuntimeAgent.h:
1205         * inspector/WorkerInspectorController.cpp:
1206         * inspector/WorkerInspectorController.h:
1207         * workers/WorkerMessagingProxy.cpp:
1208         (WebCore::WorkerMessagingProxy::disconnectFromInspector):
1209         (WebCore::WorkerMessagingProxy::sendMessageToInspector):
1210
1211 2011-10-13  Nikolas Zimmermann  <nzimmermann@rim.com>
1212
1213         Prepare SVGImage intrinsic size negotiation: Introduce an IntSize <-> SVGImage cache in CachedImage
1214         https://bugs.webkit.org/show_bug.cgi?id=69416
1215
1216         Reviewed by Antti Koivisto.
1217
1218         Refactor ImageBySizeCache out of CSSImageGeneratorValue as CachedImage wants to use the same type of cache for its purposes.
1219         When introducing the SVGImage intrinsic size negotiation the container size of an SVGImage is dependant on the place where
1220         it gets embedded (eg width/height attributes of host documents <img> force a certain size).
1221
1222         Currently CachedImage only contains a single RefPtr<Image>, which it constructs out of the decoded data.
1223         Multiple RenderObjects share the same CachedImages, when embedding eg. a SVG document in a <html:img> or using it in a background-image for a <div>.
1224         Consider the case where two RenderObjects use the same CachedImage, each with a different container size (200x100 vs 100x200) and the embedded
1225         document contains a viewBox and some arbitary preserveAspectRatio settings. To honour these we have to relayout the document with the desired
1226         size (percentual unit resolving etc, all depend on the RenderSVGRoots size).
1227
1228         With the current design this is hard to realize, w/o requring to relayout the embedded document for each embedder that uses an SVGImage.
1229         This patch introduces a cache right within CachedImage, which manages a map of images to certain sizes, by utilizing the new ImageBySizeCache.
1230
1231         CachedImage::imageForRenderer() takes a RenderObject* parameter, which it uses to look up the last set image container size for a renderer.
1232         Using that size it queries the cache whether it already has an SVGImage for that size, if not it gets created, by creating a whole
1233         new instance of SVGImage, filling it with the already decoded data, and passing on a fixed image container size, which overrides the
1234         size that RenderSVGRoot reports, when computeReplacedLogicalWidth/Height is called and thus laying out the document at the desired size.
1235         This image is then put in the cache for further reusability.
1236
1237         Likewise CachedImage::setContainerSizeForRenderer() now takes a RenderObject* parameter and stores that in the cache with an associated container size.
1238         It requires to touch several files which use CachedImage throughout WebCore/WebKit/WebKit2.
1239
1240         The actual cache is not yet turned on yet, so this is not a functional change so far, as it needs some other changes to SVGImage,
1241         which will come with the master patch in bug 47156.
1242
1243         No new tests yet, as the new cache isn't turned on yet.
1244
1245         * CMakeLists.txt: Add rendering/ImageBySizeCache.* to build.
1246         * GNUmakefile.list.am: Ditto.
1247         * WebCore.gypi: Ditto.
1248         * WebCore.pro: Ditto.
1249         * WebCore.vcproj/WebCore.vcproj: Ditto.
1250         * WebCore.xcodeproj/project.pbxproj: Ditto.
1251         * accessibility/AccessibilityRenderObject.cpp:
1252         (WebCore::AccessibilityRenderObject::accessibilityIsIgnored): Use new CachedImage::imageSizeForRenderer(RenderObject*) method.
1253         * bindings/objc/DOM.mm: Ditto (for CachedImage::image()).
1254         (-[DOMElement image]):
1255         (-[DOMElement _imageTIFFRepresentation]):
1256         * bridge/qt/qt_pixmapruntime.cpp:
1257         (JSC::Bindings::QtPixmapInstance::variantFromObject): Ditto (for CachedImage::image()).
1258         * css/CSSCanvasValue.cpp: s/m_clients/clients()/, which now live in the ImageBySizeCache instead of CSSImageGeneratorValue.
1259         (WebCore::CSSCanvasValue::canvasChanged):
1260         (WebCore::CSSCanvasValue::canvasResized):
1261         (WebCore::CSSCanvasValue::image):
1262         * css/CSSGradientValue.cpp: Ditto.
1263         (WebCore::CSSGradientValue::image):
1264         * css/CSSImageGeneratorValue.cpp: Move the sizes/clients/images cache into a new ImageBySizeCache class, to make it usable for CachedImage as well.
1265         (WebCore::CSSImageGeneratorValue::addClient): Adapt to move.
1266         (WebCore::CSSImageGeneratorValue::removeClient): Ditto.
1267         (WebCore::CSSImageGeneratorValue::getImage): Ditto.
1268         (WebCore::CSSImageGeneratorValue::putImage): Ditto.
1269         * css/CSSImageGeneratorValue.h:
1270         (WebCore::CSSImageGeneratorValue::clients): Forwarded to the ImageBySizeCache.
1271         * editing/DeleteButtonController.cpp: 
1272         (WebCore::isDeletableElement): CachedImage::canRender() now takes a RenderObject* parameter.
1273         * html/HTMLImageElement.cpp:
1274         (WebCore::HTMLImageElement::width): Use new CachedImage::imageSizeForRenderer(RenderObject*) method.
1275         (WebCore::HTMLImageElement::height): Ditto.
1276         (WebCore::HTMLImageElement::naturalWidth): Ditto.
1277         (WebCore::HTMLImageElement::naturalHeight): Ditto.
1278         * html/ImageDocument.cpp:
1279         (WebCore::ImageDocumentParser::finish): Ditto.
1280         (WebCore::ImageDocument::scale): Ditto.
1281         (WebCore::ImageDocument::resizeImageToFit): Ditto.
1282         (WebCore::ImageDocument::imageUpdated): Ditto.
1283         (WebCore::ImageDocument::restoreImageSize): Ditto.
1284         (WebCore::ImageDocument::imageFitsInWindow): Ditto.
1285         * html/canvas/CanvasRenderingContext.cpp:
1286         (WebCore::CanvasRenderingContext::wouldTaintOrigin): Use new CachedImage::imageForRenderer(RenderObject*) method.
1287         * html/canvas/CanvasRenderingContext2D.cpp:
1288         (WebCore::isOriginClean): Ditto.
1289         (WebCore::size): Ditto (for CachedImage::imageSizeForRenderer()).
1290         (WebCore::CanvasRenderingContext2D::drawImage): Ditto.
1291         (WebCore::CanvasRenderingContext2D::createPattern): Ditto.
1292         * html/canvas/WebGLRenderingContext.cpp:
1293         (WebCore::WebGLRenderingContext::texImage2D): Ditto.
1294         (WebCore::WebGLRenderingContext::texSubImage2D): Ditto.
1295         * loader/cache/CachedImage.cpp: Add currently _disabled_ cache for SVGImages. The intrinsic size negotiation will need to use multiple SVGImages
1296         for each requested size (equal to the size of the embedding place for the image) - make it possible to cache these SVGImages, and maintain a cache
1297         for them. The hash code is a 1:1 refactoring from the already present code in CSSImageGeneratorValue, now named 'ImageBySizeCache'.
1298         (WebCore::CachedImage::lookupImageForSize): Looks up an Image from the cache for a given IntSize. Currently turned off.
1299         (WebCore::CachedImage::lookupImageForRenderer): Looks up an Image from the cache for a given renderer. Currently turned off.
1300         (WebCore::CachedImage::lookupOrCreateImageForRenderer): Looks up an Image from the cache or creates a new SVGImage for a given size and caches it, if possible. Currently turned off.
1301         All following changes share this: Don't operate on m_image directly, instead always look up one from the cache for a given size or renderer - if that's not present fallback to m_image.
1302         When an SVGImage is first created by CachedImage::createImage() and stored in m_image, the cache remains empty.
1303
1304         If eg. <img width="30" height="70" src="foo.svg"> is used which implies a container size of 30x70 a new SVGImage is created with the additional information of a 30x70 container size
1305         which is immediately passed to the SVGImage after its creation. This SVGImage is put in the ImageBySizeCache associated with a container size of 30x70.
1306         We now have two SVGImage objects present, one living in CachedImage::m_image, created by createImage() during data decoding, and one living in the ImageBySizeCache
1307         created by lookupOrCreateImageForRenderer() associated with the 30x70 container. The first SVGImage::size() will return a value as defined in the referenced foo.svg,
1308         whereas the SVGImage::size() call of the new SVGImage living in the cache reports 30x70 and renders according to that.
1309
1310         Whenever any method of CachedImage is called with a RenderObject* or IntSize, we can't just operate on m_image anymore but instead have to lookup the right
1311         images for a certain renderer/size from the cache and operate on these. When calling eg. CachedImage::image() with a null renderer, m_image is returned.
1312         When passing with a valid renderer only cache lookups are done if the m_image is actually a SVGImage, otherwhise lookupImageForSize/Renderer will just return the m_image.
1313         There is no logical change induced for non-SVGImage derived images.
1314
1315         CachedImage::image() of course needs a RenderObject* parameter now, to identify which of the images from the cache to use, if the underlying image is a SVGImage.
1316         Luckily these information are already present in StyleCachedImage/StyleImage & friends and only need to be added for some additional methods.
1317         (WebCore::CachedImage::image): FIXME
1318         (WebCore::CachedImage::imageForRenderer): Call lookupOrCreateImageForRenderer() instead of returning m_image, if it's not null. Its a no-op for non SVGImage derived objects.
1319         (WebCore::CachedImage::setContainerSizeForRenderer): For non-SVGImages, just pass on the size to the m_image. For SVGImages, associate the passed in renderer with the IntSize in the cache.
1320                                                              This does NOT create the SVGImage yet, this is delayed until imageForRenderer() is called for a given renderer that wants this size.
1321         (WebCore::CachedImage::imageSize): Don't operate on m_image, ask lookupImageForRenderer() with the incoming renderer.
1322         (WebCore::CachedImage::imageRect): Ditto.
1323         (WebCore::CachedImage::clear): Force clearing the m_svgImageCache.
1324         (WebCore::CachedImage::data): Call m_image->size() instead of imageSize(), to avoid having to pass a null renderer to imageSize() as here no renderer is available yet.
1325         (WebCore::CachedImage::destroyDecodedData): Don't destroy decoded data for SVG images, as m_data needs to be accessable at any time to construct a cloned SVGImage.
1326                                                     In future we don't need this anymore if we make sure multiple SVGImages share the same trees, but that's for a follow-up patch.
1327         (WebCore::CachedImage::decodedSizeChanged): Don't operate on m_image, ask lookupImageForRenderer() with the incoming renderer.
1328         (WebCore::CachedImage::didDraw): Ditto.
1329         (WebCore::CachedImage::shouldPauseAnimation): Ditto.
1330         (WebCore::CachedImage::animationAdvanced): Ditto.
1331         (WebCore::CachedImage::changedInRect): Ditto. (eg. when leaving out this change animated SVG images wouldn't update anymore, as the animation didn't happen on m_image!)
1332         * loader/cache/CachedImage.h: imageForRenderer/canRender/setContainerSizeForRenderer/imageSizeForRenderer now all take a RenderObject* parameter to identifiy the current user of the image.
1333         (WebCore::CachedImage::canRender): Pass on the incoming renderer to imageSizeForRenderer().
1334         * page/DragController.cpp:
1335         (WebCore::getImage): Use new CachedImage::imageForRenderer(RenderObject*) method.
1336         * page/EventHandler.cpp:
1337         (WebCore::EventHandler::selectCursor): Ditto.
1338         * page/PageSerializer.cpp:
1339         (WebCore::PageSerializer::serializeFrame): Ditto.
1340         (WebCore::PageSerializer::addImageToResources): Ditto.
1341         (WebCore::PageSerializer::retrieveResourcesForCSSDeclaration): Ditto.
1342         * page/PageSerializer.h:
1343         * platform/chromium/ClipboardChromium.cpp:
1344         (WebCore::writeImageToDataObject): Ditto.
1345         * platform/chromium/PasteboardChromium.cpp:
1346         (WebCore::Pasteboard::writeImage): Ditto.
1347         * platform/graphics/Image.h:
1348         (WebCore::Image::isSVGImage): Add boolean helper to identify SVGImages, just like isBitmapImage().
1349         * platform/gtk/ClipboardGtk.cpp:
1350         (WebCore::ClipboardGtk::declareAndWriteDragImage): Use new CachedImage::imageForRenderer(RenderObject*) method.
1351         * platform/gtk/PasteboardGtk.cpp:
1352         (WebCore::Pasteboard::writeImage): Ditto.
1353         * platform/mac/HTMLConverter.mm:
1354         (fileWrapperForElement): Ditto.
1355         * platform/mac/PasteboardMac.mm:
1356         (WebCore::Pasteboard::writeImage): Ditto.
1357         * platform/qt/ClipboardQt.cpp:
1358         (WebCore::ClipboardQt::declareAndWriteDragImage): Ditto.
1359         * platform/qt/PasteboardQt.cpp:
1360         (WebCore::Pasteboard::writeImage): Ditto.
1361         * platform/win/ClipboardWin.cpp:
1362         (WebCore::writeImageToDataObject): Ditto.
1363         * platform/win/PasteboardWin.cpp:
1364         (WebCore::Pasteboard::writeImage): Ditto.
1365         * platform/wince/PasteboardWinCE.cpp:
1366         (WebCore::Pasteboard::writeImage): Ditto.
1367         * rendering/HitTestResult.cpp:
1368         (WebCore::HitTestResult::image): Ditto.
1369         * rendering/ImageBySizeCache.cpp: Copied from WebCore/css/CSSImageGeneratorValue.cpp, to preserve history for the original cache code.
1370         (WebCore::ImageBySizeCache::ImageBySizeCache): Straight copy from CSSImageGeneratorValue, renamed to ImageBySizeCache, removing all but the cache relevant code.
1371         (WebCore::ImageBySizeCache::addClient): Ditto.
1372         (WebCore::ImageBySizeCache::removeClient): Ditto.
1373         (WebCore::ImageBySizeCache::getImage): Ditto.
1374         (WebCore::ImageBySizeCache::putImage): Ditto.
1375         (WebCore::ImageBySizeCache::clear): New function, that clears the cache, introduced for the needs of CachedImage.
1376         (WebCore::ImageBySizeCache::imageForSize): New function to query an Image* for a given IntSize, introduced for the needs of CachedImage.
1377         (WebCore::ImageBySizeCache::sizeForClient): New function to query an IntSize for a given renderer.
1378         * rendering/ImageBySizeCache.h: Copied from WebCore/css/CSSImageGeneratorValue.h.
1379         (WebCore::ImageBySizeCache::clients):
1380         * rendering/InlineFlowBox.cpp:
1381         (WebCore::InlineFlowBox::paintFillLayer): CachedImage::canRender() now takes a RenderObject* parameter.
1382         (WebCore::InlineFlowBox::paintBoxDecorations): Ditto.
1383         (WebCore::InlineFlowBox::paintMask): Ditto.
1384         * rendering/RenderBox.cpp:
1385         (WebCore::RenderBox::paintMaskImages): Ditto.
1386         (WebCore::RenderBox::repaintLayerRectsForImage): Ditto.
1387         * rendering/RenderBoxModelObject.cpp:
1388         (WebCore::RenderBoxModelObject::paintFillLayerExtended): Ditto.
1389         (WebCore::RenderBoxModelObject::calculateFillTileSize): Ditto (for CachedImage::setContainerSizeForRenderer()).
1390         (WebCore::RenderBoxModelObject::paintNinePieceImage): Ditto.
1391         * rendering/RenderImage.cpp:
1392         (WebCore::RenderImage::imageSizeForError): Use new CachedImage::imageForRenderer(RenderObject*) method.
1393         (WebCore::RenderImage::setImageSizeForAltText): Ditto.
1394         (WebCore::RenderImage::computeReplacedLogicalWidth): FIXME
1395         * rendering/RenderImageResource.cpp:
1396         (WebCore::RenderImageResource::setContainerSizeForRenderer): Pass on m_renderer to CachedImage::setContainerSizeForRenderer().
1397         * rendering/RenderImageResource.h: Remove constness from setContainerSizeForRenderer.
1398         (WebCore::RenderImageResource::image): Pass on m_renderer to CachedImage::image().
1399         (WebCore::RenderImageResource::imageSize): Pass on m_renderer to CachedImage::imageSizeForRenderer().
1400         * rendering/RenderImageResourceStyleImage.h:
1401         (WebCore::RenderImageResourceStyleImage::setContainerSizeForRenderer): Remove constness, pass on m_renderer to StyleImage::setContainerSizeForRenderer().
1402         * rendering/RenderLayerBacking.cpp:
1403         (WebCore::RenderLayerBacking::isDirectlyCompositedImage): Use new CachedImage::imageForRenderer(RenderObject*) method.
1404         (WebCore::RenderLayerBacking::updateImageContents): Ditto.
1405         * rendering/RenderListMarker.cpp:
1406         (WebCore::RenderListMarker::computePreferredLogicalWidths): CachedImage::setContainerSizeForRenderer() now takes a RenderObject* parameter.
1407         * rendering/RenderObject.cpp:
1408         (WebCore::mustRepaintFillLayers): CachedImage::canRender() now takes a RenderObject* parameter.
1409         (WebCore::RenderObject::borderImageIsLoadedAndCanBeRendered): Ditto.
1410         * rendering/style/StyleCachedImage.cpp:
1411         (WebCore::StyleCachedImage::canRender): Pass on incoming renderer to CachedImage::canRender().
1412         (WebCore::StyleCachedImage::imageSize): Pass on incoming renderer to CachedImage::imageSizeForRenderer().
1413         (WebCore::StyleCachedImage::setContainerSizeForRenderer): Pass on incoming renderer to CachedImage::setContainerSizeForRenderer().
1414         (WebCore::StyleCachedImage::addClient): Remove unneeded return statment in void method.
1415         (WebCore::StyleCachedImage::removeClient): Ditto.
1416         (WebCore::StyleCachedImage::image): Pass on incoming renderer to CachedImage::image().
1417         * rendering/style/StyleCachedImage.h: Add RenderObject* parameter to canRender()/setContainerSizeForRenderer(). image() already has one, that was unused so far.
1418         * rendering/style/StyleGeneratedImage.cpp: Inlined setContainerSizeForRenderer.
1419         * rendering/style/StyleGeneratedImage.h: 
1420         (WebCore::StyleGeneratedImage::setContainerSizeForRenderer): Add RenderObject* parameter.
1421         * rendering/style/StyleImage.h:
1422         (WebCore::StyleImage::canRender): Ditto.
1423         * rendering/style/StylePendingImage.h:
1424         (WebCore::StylePendingImage::setContainerSizeForRenderer): Ditto.
1425         * svg/SVGFEImageElement.cpp:
1426         (WebCore::SVGFEImageElement::build): Use new CachedImage::imageForRenderer(RenderObject*) method.
1427         * svg/graphics/SVGImage.cpp: Cleanup file, the include hack seems not needed anymore.
1428         (WebCore::SVGImage::setContainerSize): s/LayoutSize/IntSize/ to match the code in platform/.
1429         * svg/graphics/SVGImage.h: Ditto.
1430         (WebCore::SVGImage::isSVGImage): Return true.
1431
1432 2011-10-13  Kenichi Ishibashi  <bashi@chromium.org>
1433
1434         [Chromium] Uninitialized read in WebCore::*Font* / HB_GSUB_Select_Feature
1435         https://bugs.webkit.org/show_bug.cgi?id=70087
1436
1437         Reviewed by Kent Tamura.
1438
1439         Initialize local variables in ComplexTextControllerLinux::setupfontFeatures.
1440
1441         No new tests because there is no behavior change. Manually tested with valgrind.
1442
1443         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
1444         (WebCore::setupFontFeatures):
1445
1446 2011-10-13  Csaba Osztrogonác  <ossy@webkit.org>
1447
1448         [Qt][Win] Unreviewed buildfix after r97433.
1449
1450         * platform/MemoryPressureHandler.h: Add a missing include.
1451
1452 2011-10-13  Adam Barth  <abarth@webkit.org>
1453
1454         Spelling error in v8WebSocket::constructorCallback error
1455         https://bugs.webkit.org/show_bug.cgi?id=63943
1456
1457         Reviewed by Kent Tamura.
1458
1459         Fix typo.
1460
1461         * bindings/v8/custom/V8WebSocketCustom.cpp:
1462         (WebCore::V8WebSocket::constructorCallback):
1463
1464 2011-10-13  Mark Hahnenberg  <mhahnenberg@apple.com>
1465
1466         Rename virtual getConstructData to getConstructDataVirtual
1467         https://bugs.webkit.org/show_bug.cgi?id=69872
1468
1469         Reviewed by Geoffrey Garen.
1470
1471         No new tests.
1472
1473         Renamed virtual getConstructData functions to getConstructDataVirtual to 
1474         avoid conflicts when we add static getConstructData to the MethodTable.
1475
1476         * WebCore.exp.in:
1477         * bindings/js/JSAudioConstructor.cpp:
1478         (WebCore::JSAudioConstructor::getConstructDataVirtual):
1479         * bindings/js/JSAudioConstructor.h:
1480         * bindings/js/JSImageConstructor.cpp:
1481         (WebCore::JSImageConstructor::getConstructDataVirtual):
1482         * bindings/js/JSImageConstructor.h:
1483         * bindings/js/JSOptionConstructor.cpp:
1484         (WebCore::JSOptionConstructor::getConstructDataVirtual):
1485         * bindings/js/JSOptionConstructor.h:
1486         * bindings/js/ScriptFunctionCall.cpp:
1487         (WebCore::ScriptFunctionCall::construct):
1488         * bindings/scripts/CodeGeneratorJS.pm:
1489         (GenerateConstructorDeclaration):
1490         (GenerateConstructorDefinition):
1491         * bindings/scripts/test/JS/JSTestInterface.cpp:
1492         (WebCore::JSTestInterfaceConstructor::getConstructDataVirtual):
1493         * bridge/runtime_object.cpp:
1494         (JSC::Bindings::RuntimeObject::getConstructDataVirtual):
1495         * bridge/runtime_object.h:
1496
1497 2011-10-13  Simon Fraser  <simon.fraser@apple.com>
1498
1499         Remove #include of <QuartzCore/QuartzCore.h> in a widely-used header.
1500
1501         Reviewed by Sam Weinig.
1502
1503         * platform/PlatformScreen.h: Typedef PlatformDisplayID to a uint32_t.
1504         * platform/graphics/DisplayRefreshMonitor.h: Typedef CVDisplayLinkRef as
1505         an opaque type to avoid bringing in QuartzCore.h, and move displayLinkCallback
1506         to the .cpp file since it uses Core Video types.
1507         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
1508         (WebCore::displayLinkCallback): Make this a local static function, that
1509         calls a member fuction on the object.
1510         (WebCore::DisplayRefreshMonitor::requestRefreshCallback):
1511         (WebCore::DisplayRefreshMonitor::displayLinkFired):
1512
1513 2011-10-13  Michael Saboff  <msaboff@apple.com>
1514
1515         REGRESSION: High frequency memory warnings cause Safari to hog the CPU doing useless garbage collection
1516         https://bugs.webkit.org/show_bug.cgi?id=69774
1517
1518         Throttle the processing of memory pressure events to no more often than once every 5 seconds.
1519
1520         Reviewed by Geoffrey Garen.
1521
1522         No new tests.
1523
1524         * platform/MemoryPressureHandler.cpp:
1525         (WebCore::MemoryPressureHandler::MemoryPressureHandler):
1526         * platform/MemoryPressureHandler.h:
1527         * platform/mac/MemoryPressureHandlerMac.mm:
1528         (WebCore::MemoryPressureHandler::respondToMemoryPressure):
1529
1530 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1531
1532         Implement an OverflowEvent constructor for V8
1533         https://bugs.webkit.org/show_bug.cgi?id=70017
1534
1535         Reviewed by Adam Barth.
1536
1537         Test: fast/events/constructors/overflow-event-constructor.html
1538
1539         * bindings/v8/custom/V8EventConstructors.cpp: Added an OverflowEvent constructor.
1540         * dom/OverflowEvent.idl: Replaced 'JSCustomConstructor' with 'CustomConstructor'.
1541
1542 2011-10-13  Anantanarayanan G Iyengar  <ananta@chromium.org>
1543
1544         https://bugs.webkit.org/show_bug.cgi?id=70064
1545         
1546         The NPObjectWrapper class used by V8 bindings in Chromium to wrap the window
1547         script object was allocating an instance of itself in the NPAllocate
1548         implementation and returning this pointer. It should be returning a pointer
1549         to the wrapped NPObject structure (NPProxyObject). The member function
1550         getUnderlyingNPObject should return 0 if we fail to find the underlying NPObject
1551         for the call. It was incorrectly returning a pointer to the same NPObject in
1552         this case which could cause recursion. 
1553
1554         Reviewed by Nate Chapin.
1555
1556         No new tests as there is no change in functionality.
1557
1558         * bindings/v8/NPObjectWrapper.cpp:
1559         (WebCore::NPObjectWrapper::getObjectForCall):
1560         (WebCore::NPObjectWrapper::NPAllocate):
1561         * bindings/v8/NPObjectWrapper.h:
1562
1563 2011-10-13  Arthur Hsu  <arthurhsu@chromium.org>
1564
1565         Ensure font loaded before calling Skia to drawPosText in Chrome sandbox
1566         https://bugs.webkit.org/show_bug.cgi?id=69370
1567
1568         Reviewed by James Robinson.
1569
1570         * platform/graphics/chromium/FontChromiumWin.cpp:
1571         (WebCore::Font::drawGlyphs):
1572
1573 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1574
1575         Regarding constructor, replace [ConstructorWith=...] IDL with [CallWith=...] IDL
1576         https://bugs.webkit.org/show_bug.cgi?id=69801
1577
1578         As for constructors, [ConstructorWith=...] has the same meaning as [CallWith=...].
1579         We should deprecate [ConstructorWith=...]. This is a clean-up bug for the bug 65839.
1580
1581         Reviewed by Adam Barth.
1582
1583         No new tests, since no change in behavior.
1584
1585         * bindings/scripts/CodeGeneratorV8.pm: Replaced [ConstructorWith=...] IDL with [CallWith=...] IDL.
1586         (GenerateConstructorCallback):
1587         * bindings/scripts/test/TestInterface.idl: Ditto.
1588         * fileapi/FileReader.idl: Ditto.
1589         * p2p/PeerConnection.idl: Ditto.
1590         * page/EventSource.idl: Ditto.
1591         * workers/Worker.idl: Ditto.
1592
1593 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1594
1595         Constructor should not be called if the object is being constructed inside WebCore
1596         https://bugs.webkit.org/show_bug.cgi?id=70015
1597
1598         Reviewed by Adam Barth.
1599
1600         Summary: A DOM object can be created from the JS context and from the WebCore context.
1601         Constructor should be called if the object is created from the JS context,
1602         but should not be called if the object is created from the WebCore context.
1603
1604         Details:
1605         - Expected behavior when the object is created from the JS context (e.g. "new Event()"):
1606         (1) V8XXXX::constructorCallback() is called.
1607         (2) V8XXXX::constructorCallback() calls XXXX::create().
1608         (3) XXXX::create() creates a C++ object.
1609         (4) V8XXXX::constructorCallback() calls toV8() for the C++ object.
1610         (5) toV8() wraps the C++ object and returns the wrapped JS object.
1611
1612         - Actual behavior when the object is created from the JS context (e.g. "new Event()"):
1613         As described above (1) - (5). That's fine!!
1614
1615         - Expected behavior when the object is created from the WebCore context.
1616         (e.g. "window.addEventListener("load", function (event) { ... });". In this case,
1617         the Event object is created inside the WebCore context):
1618         (1) WebCore calls XXXX::create().
1619         (2) XXXX::create() creates a C++ object.
1620         (3) WebCore calls toV8() for the C++ object.
1621         (4) toV8() wraps the C++ object and returns the wrapped JS object.
1622
1623         - Actual behavior when the object is created from the WebCore context.
1624         (e.g. "window.addEventListener("load", function (event) { ... });"):
1625         (1) WebCore calls XXXX::create().
1626         (2) XXXX::create() creates a C++ object.
1627         (3) WebCore calls toV8() for the C++ object.
1628         (4) toV8() can call XXXX::constructorCallback(). (Whether or not toV8() calls
1629         XXXX::constructorCallback() depends on the implementation of toV8().)
1630         (5) V8XXXX::constructorCallback() calls XXXX::create().
1631         (6) XXXX::create() creates __another__ C++ object.
1632         (7) V8XXXX::constructorCallback() calls toV8() for the C++ object.
1633         (8) toV8() wraps the C++ object and returns the wrapped JS object.
1634
1635         This actual behavior definitely causes the following problems:
1636
1637         - Problem1: The object returned to JS is not the object created in (2)
1638         but the object created in (6). However, I do not yet know a test case that causes
1639         some visible bug because of this problem.
1640
1641         - Problem2: In (4), XXXX::constructorCallback() can be called with no argument.
1642         If XXXX::constructorCallback() expects at least one argument, XXXX::constructorCallback()
1643         throws TypeError, resulting in crash. For example, Event caused this problem
1644         when I implemented constructor for Event. Based on the discussion with Dominicc,
1645         we solved this problem by adding the following two lines of code to Event::constructorCallback()
1646         (See here: http://codesearch.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/WebCore/bindings/v8/custom/V8EventConstructors.cpp&exact_package=chromium&q=allowallocation&type=cs):
1647
1648         XXXX::constructorCallback(...) {
1649             ...;
1650             if (AllowAllocation::current())
1651                 return args.Holder();
1652             ...;
1653         }
1654
1655         This if check means "XXXX::constructorCallback() returns immediately if it is called
1656         from the WebCore context".
1657
1658         With these observations, we think that all constructorCallback() should have the above
1659         if check. This patch adds the if check to CodeGeneratorV8.pm. After this patch is landed,
1660         I would like to add the if check to all existing custom V8 constructors.
1661
1662         No new tests, since we could not find a test case that causes some visible bug without the if check.
1663
1664         * bindings/scripts/CodeGeneratorV8.pm:
1665         (GenerateConstructorCallback): Generates a constructor so that it returns immediately without doing anything if the constructor is called from the WebCore context.
1666         * bindings/scripts/test/V8/V8TestInterface.cpp: Updated the result.
1667         (WebCore::V8TestInterface::constructorCallback):
1668         * bindings/scripts/test/V8/V8TestObj.cpp: Ditto.
1669         (WebCore::V8TestObj::constructorCallback):
1670
1671 2011-10-13  Kentaro Hara  <haraken@chromium.org>
1672
1673         Implement a BeforeLoadEvent constructor for V8
1674         https://bugs.webkit.org/show_bug.cgi?id=69980
1675
1676         Reviewed by Adam Barth.
1677
1678         Test: fast/events/constructors/before-load-event-constructor.html
1679
1680         * bindings/v8/custom/V8EventConstructors.cpp: Added a BeforeLoadEvent constructor.
1681         * dom/BeforeLoadEvent.idl: Replaced 'JSCustomConstructor' with 'CustomConstructor'.
1682
1683 2011-10-13  Joshua Bell  <jsbell@chromium.org>
1684
1685         make IDBFactory.open wait for pending setVersion transactions to complete
1686         https://bugs.webkit.org/show_bug.cgi?id=69307
1687
1688         Reviewed by Tony Chang.
1689
1690         Added a queue of pending open calls, similar to the queue of pending
1691         setVersion calls. Ensure pending calls are processed in the correct
1692         order when transactions complete.
1693
1694         Tests: storage/indexeddb/open-close-version.html
1695                storage/indexeddb/two-version-changes.html
1696                storage/indexeddb/version-change-exclusive.html
1697
1698         * storage/IDBDatabaseBackendImpl.cpp:
1699         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::create):
1700         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::callbacks):
1701         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::PendingOpenCall):
1702         (WebCore::IDBDatabaseBackendImpl::setVersion):
1703         (WebCore::IDBDatabaseBackendImpl::transactionStarted):
1704         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
1705         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
1706         (WebCore::IDBDatabaseBackendImpl::openConnection):
1707         (WebCore::IDBDatabaseBackendImpl::close):
1708         * storage/IDBDatabaseBackendImpl.h:
1709         * storage/IDBFactoryBackendImpl.cpp:
1710         (WebCore::IDBFactoryBackendImpl::open):
1711         * storage/IDBTransactionBackendImpl.cpp:
1712         (WebCore::IDBTransactionBackendImpl::abort):
1713         (WebCore::IDBTransactionBackendImpl::start):
1714         (WebCore::IDBTransactionBackendImpl::commit):
1715
1716 2011-10-13  Chris Marrin  <cmarrin@apple.com>
1717
1718         Fix Leopard build
1719
1720         Unreviewed.
1721
1722         * platform/graphics/DisplayRefreshMonitor.h: Added.
1723
1724 2011-10-12  Chris Marrin  <cmarrin@apple.com>
1725
1726         Sync requestAnimationFrame callback to CVDisplayLink on Mac
1727         https://bugs.webkit.org/show_bug.cgi?id=68911
1728
1729         Reviewed by Simon Fraser.
1730
1731         Test: fast/animation/request-animation-frame-iframe.html
1732
1733         Implement CVDisplayLink which checks to see if any scheduleAnimation requests
1734         have come in. If so, remember the timestamp and do a callOnMainThread to fire
1735         the callbacks. A DisplayRefreshMonitorManager is a singleton which has a list
1736         of DisplayRefreshMonitors, one for each display. Each monitor has one or more
1737         DisplayRefreshMonitorClients, which is a abstract virtual class implemented
1738         by ScriptAnimationController. When an animation is scheduled, the
1739         displayRefreshFired method is called on the client, which in turn calls the
1740         requestAnimationFrame callbacks. 
1741
1742         DisplayRefreshMonitor and therefore the CVDisplayLink it owns is discarded
1743         when it no longer has any clients. This minimizes the number of concurrent
1744         CVDisplayLink threads.
1745
1746         * WebCore.exp.in:
1747         * WebCore.xcodeproj/project.pbxproj:
1748         * dom/Document.cpp:
1749         (WebCore::Document::windowScreenDidChange):
1750         (WebCore::Document::webkitRequestAnimationFrame):
1751         * dom/Document.h:
1752         * dom/ScriptedAnimationController.cpp:
1753         (WebCore::ScriptedAnimationController::ScriptedAnimationController):
1754         (WebCore::ScriptedAnimationController::windowScreenDidChange):
1755         (WebCore::ScriptedAnimationController::scheduleAnimation):
1756         * dom/ScriptedAnimationController.h:
1757         (WebCore::ScriptedAnimationController::displayRefreshFired):
1758         * page/Page.cpp:
1759         (WebCore::Page::Page):
1760         (WebCore::Page::windowScreenDidChange):
1761         * page/Page.h:
1762         (WebCore::Page::displayID):
1763         * platform/PlatformScreen.h:
1764         * platform/graphics/DisplayRefreshMonitor.cpp: Added.
1765         (WebCore::DisplayRefreshMonitorClient::DisplayRefreshMonitorClient):
1766         (WebCore::DisplayRefreshMonitorClient::~DisplayRefreshMonitorClient):
1767         (WebCore::DisplayRefreshMonitorClient::fireDisplayRefreshIfNeeded):
1768         (WebCore::DisplayRefreshMonitor::DisplayRefreshMonitor):
1769         (WebCore::DisplayRefreshMonitor::refreshDisplayOnMainThread):
1770         (WebCore::DisplayRefreshMonitorManager::sharedManager):
1771         (WebCore::DisplayRefreshMonitorManager::findMonitor):
1772         (WebCore::DisplayRefreshMonitorManager::registerClient):
1773         (WebCore::DisplayRefreshMonitorManager::unregisterClient):
1774         (WebCore::DisplayRefreshMonitorManager::scheduleAnimation):
1775         (WebCore::DisplayRefreshMonitorManager::windowScreenDidChange):
1776         * platform/graphics/DisplayRefreshMonitor.h: Added.
1777         (WebCore::DisplayRefreshMonitorClient::scheduleAnimation):
1778         (WebCore::DisplayRefreshMonitor::hasClients):
1779         (WebCore::DisplayRefreshMonitor::addClient):
1780         (WebCore::DisplayRefreshMonitor::removeClient):
1781         (WebCore::DisplayRefreshMonitor::displayID):
1782         (WebCore::DisplayRefreshMonitorManager::DisplayRefreshMonitorManager):
1783         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp: Added.
1784         (WebCore::DisplayRefreshMonitor::displayLinkCallback):
1785         (WebCore::DisplayRefreshMonitor::~DisplayRefreshMonitor):
1786         (WebCore::DisplayRefreshMonitor::scheduleAnimation):
1787
1788 2011-10-13  Abhishek Arya  <inferno@chromium.org>
1789
1790         Unreviewed. Qt compile fix.
1791
1792         * css/CSSFontFaceSource.cpp: include Document.h.
1793
1794 2011-10-12  Abhishek Arya  <inferno@chromium.org>
1795
1796         Register custom fonts at their creation time,  
1797         rather than at retirement time.
1798         https://bugs.webkit.org/show_bug.cgi?id=68929
1799
1800         Reviewed by Dan Bernstein.
1801
1802         Test: fast/text/custom-font-data-crash2.html
1803
1804         * css/CSSFontFace.cpp:
1805         * css/CSSFontFace.h: remove function added in r94508,
1806         which is no longer needed. We now register custom fonts
1807         at creation time.
1808         * css/CSSFontFaceSource.cpp:
1809         (WebCore::CSSFontFaceSource::pruneTable): no longer need
1810         to delete/retire font data here, it will be handled in ~Document.
1811         (WebCore::CSSFontFaceSource::getFontData): register custom
1812         font to document's m_customFonts.
1813         * css/CSSFontSelector.cpp:
1814         * css/CSSFontSelector.h: remove function added in r94508,
1815         which is no longer needed. We now register custom fonts
1816         at creation time.
1817         * css/CSSSegmentedFontFace.cpp:
1818         (WebCore::CSSSegmentedFontFace::pruneTable): no longer need
1819         to delete/retire font data here, it will be handled in ~Document.
1820         (WebCore::CSSSegmentedFontFace::getFontData): register custom
1821         font to document's m_customFonts.
1822         * dom/Document.cpp: Change function names to registerCustomFont
1823         , deleteCustomFonts and local to m_customFont.
1824         (WebCore::Document::~Document):
1825         (WebCore::Document::recalcStyle): yanking out the comment. We
1826         no longer keep retired custom fonts. We clear all custom fonts
1827         on Document destruction.
1828         (WebCore::Document::registerCustomFont): 
1829         (WebCore::Document::deleteCustomFonts):
1830         * dom/Document.h:
1831
1832 2011-10-13  Ryosuke Niwa  <rniwa@webkit.org>
1833
1834         Crash in DeleteSelectionCommand::handleGeneralDelete
1835         https://bugs.webkit.org/show_bug.cgi?id=70045
1836
1837         Reviewed by Darin Adler.
1838
1839         Exit early when m_upstreamStart is null.
1840
1841         No new tests because we don't have a reduction.
1842
1843         * editing/DeleteSelectionCommand.cpp:
1844         (WebCore::DeleteSelectionCommand::handleGeneralDelete):
1845
1846 2011-10-13  David Hyatt  <hyatt@apple.com>
1847
1848         https://bugs.webkit.org/show_bug.cgi?id=70049
1849         
1850         [CSS Regions] Add a test of a float being pushed down because it can't fit
1851         next to another float and make sure it re-evaluates its position when it changes
1852         regions as a result of the push.
1853
1854         Reviewed by Sam Weinig.
1855
1856         Added new test in fast/regions.
1857
1858         * rendering/RenderBlock.cpp:
1859         (WebCore::RenderBlock::computeLogicalLocationForFloat):
1860
1861 2011-10-13  Adam Barth  <abarth@webkit.org>
1862
1863         Move XSTL to script-src in Content-Security-Policy
1864         https://bugs.webkit.org/show_bug.cgi?id=63637
1865
1866         Reviewed by Eric Seidel.
1867
1868         The spec was unclear about how to treat XSLT.  My reading was that they
1869         should fall under style-src, but further discussion on the mailing list
1870         settled on using script-src because an XSLT can inject arbitrary DOM
1871         and script into a page, which is more risky than including style.
1872
1873         Tests: http/tests/security/contentSecurityPolicy/xsl-unaffected-by-style-src-1.php
1874                http/tests/security/contentSecurityPolicy/xsl-unaffected-by-style-src-2.php
1875
1876         * loader/cache/CachedResourceLoader.cpp:
1877         (WebCore::CachedResourceLoader::canRequest):
1878
1879 2011-10-13  Zeno Albisser  <zeno.albisser@nokia.com>
1880
1881         [Qt] QtWebKit build error for Mac 32bit
1882         https://bugs.webkit.org/show_bug.cgi?id=69914
1883
1884         In WebCore.pro and QtWebKit.pro we define NSGEOMETRY_TYPES_SAME_AS_CGGEOMETRY_TYPES
1885         when compiling with ENABLE_VIDEO and with WTF_USE_QTKIT.
1886         But this is meant to be defined in NSGeometry.h under certain preconditions.
1887         Without setting NS_BUILD_32_LIKE_64 none of these preconditions is
1888         met and therefore NSGeometry.h will create several conflicting type definitions.
1889
1890         With this patch we create consistent definitions again.
1891         Due to the order of include files we cannot remove
1892         NSGEOMETRY_TYPES_SAME_AS_CGGEOMETRY_TYPES from WebCore.pro.
1893
1894         Reviewed by Andreas Kling.
1895
1896         * WebCore.pro:
1897
1898 2011-10-13  Tom Hudson  <tomhudson@google.com>
1899
1900         Revert border radius clips (r95239) for Chromium due to performance issues. Update test expectations to skip border radius clip layout tests.
1901         https://bugs.webkit.org/show_bug.cgi?id=69844
1902
1903         Reviewed by Simon Fraser.
1904
1905         * rendering/RenderLayer.cpp:
1906         (WebCore::RenderLayer::clipToRect): Only process border radius clips #if !PLATFORM(CHROMIUM)
1907
1908 2011-10-13  Julien Chaffraix  <jchaffraix@webkit.org>
1909
1910         Deprecate event.layerX and event.layerY in WebKit
1911         https://bugs.webkit.org/show_bug.cgi?id=69951
1912
1913         Reviewed by Darin Adler.
1914
1915         layerX and layerY were concepts of the old Netscape code that stayed
1916         in WebKit for a long time without changes. Now the code is completely
1917         wrong and Mozilla has expressed some interest in removing it from their
1918         API too.
1919
1920         This is a first step in the removal as layerX and layerY are exposed
1921         in some APIs. Chromium and Win are fine with removing the property
1922         directly, but ObjC needs to deprecate them first.
1923
1924         * bindings/objc/PublicDOMInterfaces.h: Mark the API as deprecated.
1925
1926         * dom/MouseRelatedEvent.cpp:
1927         (WebCore::MouseRelatedEvent::layerX):
1928         (WebCore::MouseRelatedEvent::layerY):
1929         * dom/UIEvent.cpp:
1930         (WebCore::UIEvent::layerX):
1931         (WebCore::UIEvent::layerY):
1932         Added a call to warnDeprecatedLayerXYUsage in the previous functions.
1933
1934         (WebCore::UIEvent::warnDeprecatedLayerXYUsage): Print a warning in the
1935         console about the removal of event.layerX and event.layerY in the near future.
1936
1937         * dom/UIEvent.h: Added warnDeprecatedLayerXYUsage.
1938
1939 2011-10-03  Robert Hogan  <robert@webkit.org>
1940
1941         CSS 2.1 failure: inline-replaced-height-008.htm
1942         https://bugs.webkit.org/show_bug.cgi?id=69273
1943
1944         Reviewed by Simon Fraser.
1945
1946         Test: css2.1/20110323/inline-block-replaced-height-008.html
1947
1948         Per http://www.w3.org/TR/CSS21/visudet.html#inline-replaced-height,  if 'height' has computed value of 
1949         'auto', the replaced element has an intrinsic ratio and its used width is known or resolved, then 
1950         the used value of 'height' is determined by the equation (used width) / (intrinsic ratio).
1951
1952         * rendering/RenderImage.cpp:
1953         (WebCore::RenderImage::computeReplacedLogicalHeight):
1954         * rendering/RenderReplaced.h:
1955
1956 2011-10-13  Sheriff Bot  <webkit.review.bot@gmail.com>
1957
1958         Unreviewed, rolling out r97362.
1959         http://trac.webkit.org/changeset/97362
1960         https://bugs.webkit.org/show_bug.cgi?id=70039
1961
1962         Relies on V8 APIs that have been reverted upstream. (Requested
1963         by dglazkov on #webkit).
1964
1965         * English.lproj/localizedStrings.js:
1966         * bindings/js/ScriptProfiler.cpp:
1967         * bindings/js/ScriptProfiler.h:
1968         * bindings/v8/ScriptProfiler.cpp:
1969         * bindings/v8/ScriptProfiler.h:
1970         * inspector/Inspector.json:
1971         * inspector/InspectorController.cpp:
1972         (WebCore::InspectorController::InspectorController):
1973         * inspector/InspectorProfilerAgent.cpp:
1974         (WebCore::InspectorProfilerAgent::create):
1975         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
1976         * inspector/InspectorProfilerAgent.h:
1977         * inspector/front-end/DetailedHeapshotGridNodes.js:
1978         (WebInspector.HeapSnapshotGridNode.prototype.hasHoverMessage.false.hoverMessage):
1979         (WebInspector.HeapSnapshotGenericObjectNode):
1980         (WebInspector.HeapSnapshotGenericObjectNode.prototype.get data):
1981         (WebInspector.HeapSnapshotGenericObjectNode.prototype.hoverMessage):
1982         (WebInspector.HeapSnapshotGenericObjectNode.prototype.shortenWindowURL):
1983         * inspector/front-end/DetailedHeapshotView.js:
1984         (WebInspector.DetailedHeapshotView.prototype._showStringContentPopover):
1985         * inspector/front-end/HeapSnapshot.js:
1986         (WebInspector.HeapSnapshot.prototype._init):
1987         (WebInspector.HeapSnapshot.prototype.dispose):
1988         (WebInspector.HeapSnapshot.prototype.updateStaticData):
1989         (WebInspector.HeapSnapshotNodesProvider.prototype._serialize):
1990         * inspector/front-end/HeapSnapshotProxy.js:
1991         * inspector/front-end/RemoteObject.js:
1992         * inspector/front-end/heapProfiler.css:
1993
1994 2011-10-13  David Hyatt  <hyatt@apple.com>
1995
1996         https://bugs.webkit.org/show_bug.cgi?id=69932
1997         
1998         Layout repainting messed up for objects in regions. There were two bugs here.
1999         The first is that the regionOverflowRect needs to at least be the size of the 
2000         region's rect. When you're in the middle of layout, you haven't computed the
2001         overflow rect for the flow thread yet (the flow thread's height could even be 0),
2002         and so you just need to enforce a minimum size. Also removed the region-overflow:break
2003         clipping behavior, since it was established that was wrong.
2004         
2005         The second bug is that when you tell a region to repaint, you need to disable layout state,
2006         since applying layout deltas from the flow thread makes no sense. The region is in a totally
2007         different place in the render tree, so the current flow thread layout state can't be used
2008         to determine your coordinate offset.
2009
2010         Reviewed by Dan Bernstein.
2011
2012         Added fast/repaint test.
2013
2014         * rendering/RenderFlowThread.cpp:
2015         (WebCore::RenderFlowThread::repaintRectangleInRegions):
2016         * rendering/RenderRegion.cpp:
2017         (WebCore::RenderRegion::regionOverflowRect):
2018
2019 2011-10-13  Renata Hodovan  <reni@webkit.org>
2020
2021         FEComponentTransfer element doesn't support dynamic invalidation
2022         https://bugs.webkit.org/show_bug.cgi?id=69747
2023
2024         The dynamic changes are captured by the svgAttributeChange() function, and
2025         invalidate the filter primitive if necessary.
2026         invalidateFilterPrimitiveParent() is a new free function in
2027         SVGFilterPrimitiveStanardAttributes what makes the invalidation possible
2028         by objects not inherited from SVGFilterPrimitiveStanardAttributes too.
2029         This solution was used in SVGFEMergeNodeElement::svgAttributeChanged()
2030         previously and now it can use this new function too.
2031
2032         Reviewed by Nikolas Zimmermann.
2033
2034         Tests: svg/dynamic-updates/SVGFEComponentTransferElement-dom-amplitude-attr.html
2035                svg/dynamic-updates/SVGFEComponentTransferElement-dom-exponent-attr.html
2036                svg/dynamic-updates/SVGFEComponentTransferElement-dom-intercept-attr.html
2037                svg/dynamic-updates/SVGFEComponentTransferElement-dom-offset-attr.html
2038                svg/dynamic-updates/SVGFEComponentTransferElement-dom-slope-attr.html
2039                svg/dynamic-updates/SVGFEComponentTransferElement-dom-tableValues-attr.html
2040                svg/dynamic-updates/SVGFEComponentTransferElement-dom-type-attr.html
2041                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-amplitude-prop.html
2042                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-exponent-prop.html
2043                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-intercept-prop.html
2044                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-offset-prop.html
2045                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-slope-prop.html
2046                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-tableValues-prop.html
2047                svg/dynamic-updates/SVGFEComponentTransferElement-svgdom-type-prop.html
2048
2049         * svg/SVGComponentTransferFunctionElement.cpp:
2050         (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged):
2051         * svg/SVGComponentTransferFunctionElement.h:
2052         * svg/SVGFEComponentTransferElement.cpp:
2053         (WebCore::SVGFEComponentTransferElement::build):
2054         * svg/SVGFEMergeNodeElement.cpp:
2055         (WebCore::SVGFEMergeNodeElement::svgAttributeChanged):
2056         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
2057         (WebCore::invalidateFilterPrimitiveParent):
2058         * svg/SVGFilterPrimitiveStandardAttributes.h:
2059
2060 2011-10-13  Deepak Sherveghar  <bpwv64@motorola.com>
2061
2062         REGRESSION (r95381): Standalone video can be focused and draws a focus ring.
2063         https://bugs.webkit.org/show_bug.cgi?id=69097
2064
2065         Reviewed by Eric Carlson.
2066
2067         We don't want to focus a media element in a standalone document.
2068
2069         Test: fast/events/media-focus-in-standalone-media-document.html
2070
2071         * html/HTMLMediaElement.cpp:
2072         (WebCore::HTMLMediaElement::supportsFocus): return false if media element is in a standalone media document.
2073
2074 2011-10-13  Mikhail Naganov  <mnaganov@chromium.org>
2075
2076         Web Inspector: [Chromium] Add an ability to look up and explore an object from a heap profile.
2077         https://bugs.webkit.org/show_bug.cgi?id=61179
2078
2079         This is exteremely helpful when dealing with DOM wrappers, as
2080         their properties are mostly implemented with getters and thus not
2081         stored in heap snapshots.
2082
2083         Reviewed by Pavel Feldman.
2084
2085         * English.lproj/localizedStrings.js:
2086         * bindings/js/ScriptProfiler.cpp:
2087         (WebCore::ScriptProfiler::objectByHeapObjectId):
2088         * bindings/js/ScriptProfiler.h:
2089         * bindings/v8/ScriptProfiler.cpp:
2090         (WebCore::ScriptProfiler::objectByHeapObjectId):
2091         * bindings/v8/ScriptProfiler.h:
2092         * inspector/Inspector.json:
2093         * inspector/InspectorController.cpp:
2094         (WebCore::InspectorController::InspectorController):
2095         * inspector/InspectorProfilerAgent.cpp:
2096         (WebCore::InspectorProfilerAgent::create):
2097         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2098         (WebCore::InspectorProfilerAgent::getObjectByHeapObjectId):
2099         * inspector/InspectorProfilerAgent.h:
2100         * inspector/front-end/DetailedHeapshotGridNodes.js:
2101         (WebInspector.HeapSnapshotGridNode.prototype.hasHoverMessage.false.queryObjectContent):
2102         (WebInspector.HeapSnapshotGenericObjectNode):
2103         (WebInspector.HeapSnapshotGenericObjectNode.prototype.get data):
2104         (WebInspector.HeapSnapshotGenericObjectNode.prototype.queryObjectContent.else.formatResult):
2105         (WebInspector.HeapSnapshotGenericObjectNode.prototype.queryObjectContent):
2106         (WebInspector.HeapSnapshotGenericObjectNode.prototype.shortenWindowURL):
2107         * inspector/front-end/DetailedHeapshotView.js:
2108         (WebInspector.DetailedHeapshotView.prototype._showObjectPopover):
2109         * inspector/front-end/HeapSnapshot.js:
2110         (WebInspector.HeapSnapshotNode.prototype.get canBeQueried):
2111         (WebInspector.HeapSnapshotNode.prototype.get flags):
2112         (WebInspector.HeapSnapshotNode.prototype.get isDOMWindow):
2113         (WebInspector.HeapSnapshot.prototype._init):
2114         (WebInspector.HeapSnapshot.prototype.dispose):
2115         (WebInspector.HeapSnapshot.prototype._flagsOfNode):
2116         (WebInspector.HeapSnapshot.prototype._calculateFlags):
2117         (WebInspector.HeapSnapshot.prototype.updateStaticData):
2118         (WebInspector.HeapSnapshotNodesProvider.prototype._serialize):
2119         * inspector/front-end/HeapSnapshotProxy.js:
2120         (WebInspector.HeapSnapshotProxy.prototype.get nodeFlags):
2121         * inspector/front-end/RemoteObject.js:
2122         (WebInspector.RemoteObject.fromError):
2123         * inspector/front-end/heapProfiler.css:
2124         (.detailed-heapshot-view tr:not(.selected) td.object-column span.highlight):
2125
2126 2011-10-13  Adam Barth  <abarth@webkit.org>
2127
2128         script-src * should allow all URLs
2129         https://bugs.webkit.org/show_bug.cgi?id=70011
2130
2131         Reviewed by Eric Seidel.
2132
2133         This patch gets us slightly ahead of the spec.  Technically, script-src
2134         means "any host" and inherits the current scheme.  However, that's not
2135         what developers expect and it's even contradicted by examples in the
2136         spec itself.  After this patch, * matches all URLs.
2137
2138         Test: http/tests/security/contentSecurityPolicy/script-src-star-cross-scheme.html
2139
2140         * page/ContentSecurityPolicy.cpp:
2141         (WebCore::CSPSourceList::CSPSourceList):
2142         (WebCore::CSPSourceList::matches):
2143         (WebCore::CSPSourceList::parseSource):
2144         (WebCore::CSPSourceList::addSourceStar):
2145
2146 2011-10-13  Kentaro Hara  <haraken@chromium.org>
2147
2148         Implement an OverflowEvent constructor for JSC
2149         https://bugs.webkit.org/show_bug.cgi?id=69907
2150
2151         Reviewed by Adam Barth.
2152
2153         There is no spec for the OverflowEvent constructor
2154         since it is WebKit-specific. However, judging from the current
2155         IDL of initOverflowEvent(), the constructor IDL should be as follows.
2156
2157         [Constructor(DOMString type, optional OverflowEventInit eventInitDict)]
2158         interface OverflowEvent : Event {
2159             ...;
2160         }
2161
2162         dictionary OverflowEventInit : EventInit {
2163             unsigned short orient;
2164             boolean horizontalOverflow;
2165             boolean verticalOverflow;
2166         }
2167
2168         Note: In initOverflowEvent(), we cannot specify |bubbles| and |cancelable|.
2169         I do not know why, but we can find a comment in fast/events/script-tests/init-events.js
2170         that says "initOverflowEvent has an interface that has a design that's
2171         inconsistent with the init functions from other events".
2172         On the other hand, the above constructor enables to specify |bubbles| and |cancelable|,
2173         which is consistent with other constructors.
2174
2175         Test: fast/events/constructors/overflow-event-constructor.html
2176
2177         * bindings/generic/EventConstructors.h: Added a definition for the OverflowEvent constructor.
2178         * bindings/js/JSEventConstructors.cpp: Added #includes for OverflowEvent.
2179         * dom/OverflowEvent.cpp:
2180         (WebCore::OverflowEventInit::OverflowEventInit):
2181         (WebCore::OverflowEvent::OverflowEvent):
2182         (WebCore::OverflowEvent::initOverflowEvent):
2183         * dom/OverflowEvent.h: Added a definition for OverflowEventInit.
2184         (WebCore::OverflowEvent::create):
2185         (WebCore::OverflowEvent::orient):
2186         (WebCore::OverflowEvent::horizontalOverflow):
2187         (WebCore::OverflowEvent::verticalOverflow):
2188         * dom/OverflowEvent.idl: Makes OverflowEvent constructible.
2189
2190 2011-10-13  Kent Tamura  <tkent@chromium.org>
2191
2192         Cleanup of HTMLSelectElement
2193         https://bugs.webkit.org/show_bug.cgi?id=69908
2194
2195         Reviewed by Darin Adler.
2196
2197         - Change the m_listItems type: Vector<Element*> -> Vector<HTMLElement*>
2198         - Rename a member: m_recalcListItems -> m_shouldRecalcListItems
2199         - Fold checkListItems() into listItems()
2200         - Style fixes
2201
2202         No new tests, just a cleanup.
2203
2204         * accessibility/AccessibilityListBox.cpp:
2205         (WebCore::AccessibilityListBox::addChildren):
2206         * accessibility/AccessibilityListBoxOption.cpp:
2207         (WebCore::AccessibilityListBoxOption::listBoxOptionIndex):
2208         * accessibility/AccessibilityMenuListPopup.cpp:
2209         (WebCore::AccessibilityMenuListPopup::addChildren):
2210         * accessibility/AccessibilityRenderObject.cpp:
2211         (WebCore::AccessibilityRenderObject::stringValue):
2212         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
2213         (optionFromSelection):
2214         (webkit_accessible_selection_get_selection_count):
2215         * dom/OptionElement.cpp:
2216         (WebCore::OptionElement::optionIndex):
2217         * html/HTMLSelectElement.cpp:
2218         (WebCore::HTMLSelectElement::HTMLSelectElement):
2219         (WebCore::HTMLSelectElement::add):
2220         (WebCore::HTMLSelectElement::value):
2221         (WebCore::HTMLSelectElement::setValue):
2222         (WebCore::HTMLSelectElement::parseMappedAttribute):
2223         (WebCore::HTMLSelectElement::recalcListItemsIfNeeded):
2224         (WebCore::HTMLSelectElement::setOption):
2225         (WebCore::HTMLSelectElement::setLength):
2226         (WebCore::HTMLSelectElement::nextValidIndex):
2227         (WebCore::HTMLSelectElement::firstSelectableListIndex):
2228         (WebCore::HTMLSelectElement::nextSelectableListIndexPageAway):
2229         (WebCore::HTMLSelectElement::selectAll):
2230         (WebCore::HTMLSelectElement::saveLastSelection):
2231         (WebCore::HTMLSelectElement::setActiveSelectionAnchorIndex):
2232         (WebCore::HTMLSelectElement::updateListBoxSelection):
2233         (WebCore::HTMLSelectElement::listBoxOnChange):
2234         (WebCore::HTMLSelectElement::listItems):
2235         (WebCore::HTMLSelectElement::setRecalcListItems):
2236         (WebCore::HTMLSelectElement::recalcListItemsInternal):
2237         (WebCore::HTMLSelectElement::selectedIndex):
2238         (WebCore::HTMLSelectElement::setSelectedIndexInternal):
2239         (WebCore::HTMLSelectElement::optionToListIndex):
2240         (WebCore::HTMLSelectElement::listToOptionIndex):
2241         (WebCore::HTMLSelectElement::dispatchFocusEvent):
2242         (WebCore::HTMLSelectElement::deselectItemsWithoutValidation):
2243         (WebCore::HTMLSelectElement::saveFormControlState): Use StringBuilder.
2244         (WebCore::HTMLSelectElement::restoreFormControlState):
2245         (WebCore::HTMLSelectElement::appendFormData):
2246         (WebCore::HTMLSelectElement::reset):
2247         (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
2248         (WebCore::HTMLSelectElement::updateSelectedState):
2249         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
2250         (WebCore::HTMLSelectElement::lastSelectedListIndex):
2251         Optimize the code by iterating in the reverse order.
2252         (WebCore::HTMLSelectElement::typeAheadFind):
2253         (WebCore::HTMLSelectElement::accessKeySetSelectedIndex):
2254         (WebCore::HTMLSelectElement::length):
2255         (WebCore::toSelectElement):
2256         * html/HTMLSelectElement.h:
2257         * rendering/RenderListBox.cpp:
2258         (WebCore::RenderListBox::updateFromElement):
2259         (WebCore::RenderListBox::addFocusRingRects):
2260         (WebCore::RenderListBox::paintItemForeground):
2261         (WebCore::RenderListBox::paintItemBackground):
2262         (WebCore::RenderListBox::nodeAtPoint):
2263         * rendering/RenderMenuList.cpp:
2264         (WebCore::RenderMenuList::updateOptionsWidth):
2265         (WebCore::RenderMenuList::setTextFromOption):
2266         (WebCore::RenderMenuList::itemText):
2267         (WebCore::RenderMenuList::itemAccessibilityText):
2268         (WebCore::RenderMenuList::itemToolTip):
2269         (WebCore::RenderMenuList::itemIsEnabled):
2270         (WebCore::RenderMenuList::itemStyle):
2271         (WebCore::RenderMenuList::itemBackgroundColor):
2272         (WebCore::RenderMenuList::itemIsSeparator):
2273         (WebCore::RenderMenuList::itemIsLabel):
2274         (WebCore::RenderMenuList::itemIsSelected):
2275
2276 2011-10-13  Adam Barth  <abarth@webkit.org>
2277
2278         DOMWindow subobjects can be re-created after navigation
2279         https://bugs.webkit.org/show_bug.cgi?id=68849
2280
2281         Reviewed by Sam Weinig.
2282
2283         Test: http/tests/security/xss-DENIED-getSelection-from-inactive-domwindow.html
2284
2285         * page/DOMWindow.cpp:
2286         (WebCore::DOMWindow::~DOMWindow):
2287             - Add ASSERTs to show that we're not recreating these objects.
2288             - Add a call to clear() as defense in depth in case we have any of
2289               these objects hanging around.
2290         (WebCore::DOMWindow::clear):
2291             - Clear out a couple of objects that weren't getting cleared.
2292               These are actually not likely to cause problems, but clearing
2293               them out is the safe thing to do.
2294         (WebCore::DOMWindow::isActive):
2295             - Add a concept of whether the DOMWindow is "active" in its frame.
2296               We had this concept in a couple places already, but centralizing
2297               it into a helper function make it easier to use and talk about.
2298         (WebCore::DOMWindow::orientation):
2299             - Whitespace nit.
2300         (WebCore::DOMWindow::screen):
2301         (WebCore::DOMWindow::history):
2302         (WebCore::DOMWindow::crypto):
2303         (WebCore::DOMWindow::locationbar):
2304         (WebCore::DOMWindow::menubar):
2305         (WebCore::DOMWindow::personalbar):
2306         (WebCore::DOMWindow::scrollbars):
2307         (WebCore::DOMWindow::statusbar):
2308         (WebCore::DOMWindow::toolbar):
2309         (WebCore::DOMWindow::console):
2310         (WebCore::DOMWindow::applicationCache):
2311         (WebCore::DOMWindow::navigator):
2312         (WebCore::DOMWindow::performance):
2313         (WebCore::DOMWindow::location):
2314         (WebCore::DOMWindow::sessionStorage):
2315         (WebCore::DOMWindow::localStorage):
2316         (WebCore::DOMWindow::webkitNotifications):
2317         (WebCore::DOMWindow::webkitIndexedDB):
2318         (WebCore::DOMWindow::getSelection):
2319         (WebCore::DOMWindow::styleMedia):
2320         (WebCore::DOMWindow::webkitURL):
2321         (WebCore::DOMWindow::webkitStorageInfo):
2322             - Avoid creating these objects when we're not active.  That can
2323               only lead to sadness.
2324         (WebCore::DOMWindow::webkitRequestFileSystem):
2325         (WebCore::DOMWindow::webkitResolveLocalFileSystemURL):
2326         (WebCore::DOMWindow::openDatabase):
2327         (WebCore::DOMWindow::postMessage):
2328             - While not techincally creating subobjects, these functions also
2329               seem unwise when the DOMWindow is inactive.
2330         (WebCore::DOMWindow::find):
2331         (WebCore::DOMWindow::length):
2332         (WebCore::DOMWindow::getMatchedCSSRules):
2333             - These functions operate on the active Document.  When we're not
2334               active, that's not us!
2335         (WebCore::DOMWindow::document):
2336             - Update to use the new concept of being active rather than having
2337               this function roll its own implementation.
2338         (WebCore::DOMWindow::webkitConvertPointFromNodeToPage):
2339         (WebCore::DOMWindow::webkitConvertPointFromPageToNode):
2340         (WebCore::DOMWindow::scrollBy):
2341         (WebCore::DOMWindow::scrollTo):
2342             - These functions also look unwise to run when inactive because
2343               they're reading information from the active document.
2344             - I added a RefPtr for node because the call to
2345               updateLayoutIgnorePendingStylesheets() seems likely to be able to
2346               run script somehow.
2347         (WebCore::DOMWindow::addEventListener):
2348         (WebCore::DOMWindow::removeEventListener):
2349         (WebCore::DOMWindow::dispatchLoadEvent):
2350         (WebCore::DOMWindow::dispatchEvent):
2351             - I don't think these functions worked when inactive anyway, but
2352               explicitly blocking them seems wise.
2353         (WebCore::DOMWindow::setLocation):
2354         (WebCore::DOMWindow::isInsecureScriptAccess):
2355         (WebCore::DOMWindow::open):
2356         (WebCore::DOMWindow::showModalDialog):
2357             - These already have checks for being active, but it can't hurt to
2358               be explicit at the top of the function.
2359         * page/DOMWindow.h:
2360
2361 2011-10-13  Kent Tamura  <tkent@chromium.org>
2362
2363         REGRESSION(r89915): <input type=email multiple> don't show the default value
2364         https://bugs.webkit.org/show_bug.cgi?id=69895
2365
2366         Reviewed by Hajime Morita.
2367
2368         m_valueIfDirty became unexpectedly empty because
2369         EmailInputType::sanitizeValue() returned an empty string for a
2370         null input string.
2371
2372         To solve this issue, HTMLInputElement::sanitizeValue() checks
2373         nullness, and remove the null check of sanitizeValue() of
2374         InputType subclasses.
2375         Also, we make InputType::sanitizeValue() const.
2376
2377         * html/ColorInputType.cpp:
2378         (WebCore::ColorInputType::sanitizeValue):
2379         - Make this const.
2380         - Remove null check.
2381         * html/ColorInputType.h: Make sanitizeValue() const.
2382         * html/EmailInputType.cpp:
2383         (WebCore::EmailInputType::sanitizeValue): Make this const.
2384         * html/EmailInputType.h: Make sanitizeValue() const.
2385         * html/HTMLInputElement.cpp:
2386         (WebCore::HTMLInputElement::sanitizeValue):
2387         (WebCore::HTMLInputElement::updateValueIfNeeded):
2388         * html/InputType.cpp:
2389         (WebCore::InputType::sanitizeValue):
2390         Returns a null string if the input string is null, and
2391         don't call InputType::sanitizeValue() in this case.
2392         * html/InputType.h: Make sanitizeValue() const.
2393         * html/NumberInputType.cpp:
2394         (WebCore::NumberInputType::sanitizeValue): Make this const.
2395         * html/NumberInputType.h: Make sanitizeValue() const.
2396         * html/RangeInputType.cpp:
2397         (WebCore::RangeInputType::sanitizeValue):
2398         - Make this const.
2399         - Remove null check.
2400         * html/RangeInputType.h: Make sanitizeValue() const.
2401         * html/TextFieldInputType.cpp:
2402         (WebCore::TextFieldInputType::sanitizeValue): Make this const.
2403         * html/TextFieldInputType.h: Make sanitizeValue() const.
2404
2405 2011-10-12  Joseph Pecoraro  <joepeck@webkit.org>
2406
2407         Pass Parsed Accept Attribute MIME Types to WebKit Clients
2408         https://bugs.webkit.org/show_bug.cgi?id=69598
2409
2410         Reviewed by David Kilzer.
2411
2412         No new tests. No new functionality in WebCore, just
2413         exposing more information to the WebKit port.
2414
2415         * html/FileInputType.cpp:
2416         (WebCore::FileInputType::handleDOMActivateEvent):
2417         (WebCore::FileInputType::receiveDropForDirectoryUpload):
2418         Set the MIME type list on the FileChooser settings.
2419
2420         * html/HTMLInputElement.h:
2421         * html/HTMLInputElement.cpp:
2422         (WebCore::HTMLInputElement::acceptMIMETypes):
2423         Accessor for a parsed list of MIME types from the accept attribute.
2424         
2425         * platform/FileChooser.h:
2426         Add a slot for a MIME type list on the chooser settings.
2427
2428 2011-10-12  Joseph Pecoraro  <joepeck@webkit.org>
2429
2430         Pass Parsed Accept Attribute MIME Types to WebKit Clients
2431         https://bugs.webkit.org/show_bug.cgi?id=69598
2432
2433         Reviewed by Kent Tamura.
2434
2435         Deprecate the old String version of getting the "accept"
2436         mime type values. Instead we will change to include a
2437         list of MIME types.
2438
2439         * html/FileInputType.cpp:
2440         (WebCore::FileInputType::handleDOMActivateEvent):
2441         (WebCore::FileInputType::receiveDropForDirectoryUpload):
2442         * platform/FileChooser.h:
2443
2444 2011-10-12  Adam Barth  <abarth@webkit.org>
2445
2446         Remove ENABLE(XHTMLMP) and associated code
2447         https://bugs.webkit.org/show_bug.cgi?id=69729
2448
2449         Reviewed by David Levin.
2450
2451         As discussed on webkit-dev, we are removing this feature as part of our
2452         cleanup of unmaintained code in WebKit.
2453
2454         * Configurations/FeatureDefines.xcconfig:
2455         * GNUmakefile.am:
2456         * GNUmakefile.list.am:
2457         * WebCore.gypi:
2458         * WebCore.pro:
2459         * WebCore.vcproj/WebCore.vcproj:
2460         * WebCore.xcodeproj/project.pbxproj:
2461         * dom/DOMImplementation.cpp:
2462         (WebCore::DOMImplementation::createDocument):
2463         * dom/Document.cpp:
2464         (WebCore::Document::Document):
2465         * dom/Document.h:
2466         (WebCore::Document::isMediaDocument):
2467         * dom/Node.cpp:
2468         * dom/make_names.pl:
2469         (usesDefaultJSWrapper):
2470         * features.pri:
2471         * html/HTMLElement.cpp:
2472         (WebCore::HTMLElement::rendererIsNeeded):
2473         * html/HTMLElementsAllInOne.cpp:
2474         * html/HTMLNoScriptElement.cpp: Removed.
2475         * html/HTMLNoScriptElement.h: Removed.
2476         * html/HTMLTagNames.in:
2477         * html/HTMLViewSourceDocument.cpp:
2478         (WebCore::HTMLViewSourceDocument::createParser):
2479         * loader/FrameLoader.cpp:
2480         * platform/wince/MIMETypeRegistryWinCE.cpp:
2481         (WebCore::MIMETypeRegistry::getPreferredExtensionForMIMEType):
2482         * xml/parser/XMLDocumentParser.h:
2483         (WebCore::XMLDocumentParser::isXHTMLDocument):
2484         * xml/parser/XMLDocumentParserLibxml2.cpp:
2485         (WebCore::XMLDocumentParser::XMLDocumentParser):
2486         (WebCore::XMLDocumentParser::startElementNs):
2487         (WebCore::XMLDocumentParser::endElementNs):
2488         (WebCore::XMLDocumentParser::endDocument):
2489         (WebCore::XMLDocumentParser::internalSubset):
2490         (WebCore::getEntityHandler):
2491         (WebCore::externalSubsetHandler):
2492         * xml/parser/XMLDocumentParserQt.cpp:
2493         (WebCore::XMLDocumentParser::XMLDocumentParser):
2494         (WebCore::XMLDocumentParser::parse):
2495         (WebCore::XMLDocumentParser::parseStartElement):
2496         (WebCore::XMLDocumentParser::parseEndElement):
2497         (WebCore::XMLDocumentParser::endDocument):
2498         (WebCore::XMLDocumentParser::parseDtd):
2499
2500 2011-10-12  Kentaro Hara  <haraken@chromium.org>
2501
2502         Implement a WebKitTransitionEvent constructor for V8
2503         https://bugs.webkit.org/show_bug.cgi?id=69911
2504
2505         Reviewed by Adam Barth.
2506
2507         Test: fast/events/constructors/webkit-transition-event-constructor.html
2508
2509         * bindings/v8/custom/V8EventConstructors.cpp: Added a WebKitTransitionEvent constructor.
2510         * dom/WebKitTransitionEvent.idl: Replaced 'JSCustomConstructor' with 'CustomConstructor'.
2511
2512 2011-10-12  Kentaro Hara  <haraken@chromium.org>
2513
2514         Implement a BeforeLoadEvent constructor for JSC
2515         https://bugs.webkit.org/show_bug.cgi?id=69893
2516
2517         Reviewed by Adam Barth.
2518
2519         There is no spec for the BeforeLoadEvent constructor
2520         since it is WebKit-specific. However, judging from the current
2521         IDL of initBeforeLoadEvent(), the constructor IDL
2522         should be as follows.
2523
2524         [Constructor(DOMString type, optional BeforeLoadEventInit eventInitDict)]
2525         interface BeforeLoadEvent : Event {
2526             ...;
2527         }
2528
2529         dictionary BeforeLoadEventInit : EventInit {
2530             DOMString url;
2531         }
2532
2533         Test: fast/events/constructors/before-load-event-constructor.html
2534
2535         * bindings/generic/EventConstructors.h: Added a definition for the BeforeLoadEvent constructor.
2536         * bindings/js/JSEventConstructors.cpp: Added #includes for BeforeLoadEvent.
2537         * dom/BeforeLoadEvent.h: Added a definition for BeforeLoadEventInit.
2538         (WebCore::BeforeLoadEventInit::BeforeLoadEventInit):
2539         (WebCore::BeforeLoadEvent::create):
2540         (WebCore::BeforeLoadEvent::initBeforeLoadEvent):
2541         (WebCore::BeforeLoadEvent::BeforeLoadEvent):
2542         * dom/BeforeLoadEvent.idl: Makes BeforeLoadEvent constructible.
2543
2544 2011-10-12  Ben Wells  <benwells@chromium.org>
2545
2546         [skia] Implement Path.currentPoint for skia
2547         https://bugs.webkit.org/show_bug.cgi?id=69817
2548
2549         Replace FIXME with implementation.
2550
2551         Reviewed by Kenneth Russell.
2552
2553         * platform/graphics/skia/PathSkia.cpp:
2554         (WebCore::Path::currentPoint):
2555
2556 2011-10-12  Ben Wells  <benwells@chromium.org>
2557
2558         Incorrect rendering with one-sided thick border and border-radius
2559         https://bugs.webkit.org/show_bug.cgi?id=38787
2560
2561         Reviewed by Simon Fraser.
2562
2563         Incorrect rendering resulted when the inner border could not be properly represented as a rounded
2564         rectangle. When this happens, and the inner border is clipped out, the clipping code clips out the
2565         enclosing rectangle instead.
2566
2567         This change addresses this by clipping in a different way in this case only. The inside is clipped
2568         out one side at a time with a rounded rect created by adjusting the unrenderable inner border
2569         rounded rectangle. The side polygon which is clipped to is also increased in this case to include
2570         the inside of the border so that no areas are missing.
2571
2572         Test: fast/borders/border-radius-complex-inner.html
2573
2574         * rendering/RenderBoxModelObject.cpp:
2575         (WebCore::RenderBoxModelObject::paintOneBorderSide):
2576         (WebCore::RenderBoxModelObject::paintBorder):
2577         (WebCore::calculateSideRectIncludingInner):
2578         (WebCore::calculateAdjustedInnerBorder):
2579         (WebCore::RenderBoxModelObject::clipBorderSideForComplexInnerPath):
2580         * rendering/RenderBoxModelObject.h:
2581
2582 2011-10-12  Luke Macpherson   <macpherson@chromium.org>
2583
2584         Clean up CSSPropertyTextDecoration implementation and ETextDecoration usage.
2585         https://bugs.webkit.org/show_bug.cgi?id=67625
2586
2587         Reviewed by Eric Seidel.
2588
2589         No new tests - no functionality changed.
2590
2591         The implementation of CSSPropertyTextDecoration is simlified because
2592         1) CSSValueListIterator produces a valid iterator when no results available.
2593         2) CSSParser only allows CSSValueNone or a list of appropriate idents.
2594         3) CSSParser will treat a zero-length list as invalid at parse time.
2595
2596         * css/CSSPrimitiveValueMappings.h:
2597         (WebCore::CSSPrimitiveValue::operator ETextDecoration):
2598         Implement cast from CSSPrimitiveValue to ETextDecoration.
2599         * css/CSSStyleSelector.cpp:
2600         (WebCore::CSSStyleSelector::applyProperty):
2601         * rendering/style/RenderStyle.h:
2602         Use ETextDecoration enum instead of int throughout.
2603         (WebCore::InheritedFlags::textDecorationsInEffect):
2604         (WebCore::InheritedFlags::textDecoration):
2605         (WebCore::InheritedFlags::addToTextDecorationsInEffect):
2606         (WebCore::InheritedFlags::setTextDecorationsInEffect):
2607         (WebCore::InheritedFlags::setTextDecoration):
2608         * rendering/style/RenderStyleConstants.h:
2609         Introduce constant for number of bits required to represent enum.
2610         (WebCore::operator|):
2611         Implement | operator for bitfield enum.
2612         (WebCore::operator|=):
2613         Implement |= operator for bitfield enum.
2614         * rendering/style/StyleVisualData.h:
2615         Use ETextDecoration instead of int.
2616
2617 2011-10-12  Tony Chang  <tony@chromium.org>
2618
2619         Implement -webkit-flex-align for cross axis alignment in flex-flow: row
2620         https://bugs.webkit.org/show_bug.cgi?id=69808
2621
2622         Reviewed by David Hyatt.
2623
2624         Tests: css3/flexbox/flex-align-percent-height.html
2625                css3/flexbox/flex-align-vertical-writing-mode.html
2626                css3/flexbox/flex-align.html
2627
2628         * rendering/RenderFlexibleBox.cpp:
2629         (WebCore::RenderFlexibleBox::isFlowAwareLogicalHeightAuto):
2630         (WebCore::RenderFlexibleBox::flowAwareContentLogicalHeight):
2631         (WebCore::RenderFlexibleBox::flowAwareBorderAndPaddingLogicalHeight):
2632         (WebCore::RenderFlexibleBox::flowAwareMarginLogicalHeightForChild):
2633         (WebCore::RenderFlexibleBox::flowAwareLogicalLocationForChild):
2634         (WebCore::RenderFlexibleBox::layoutInlineDirection):
2635         (WebCore::RenderFlexibleBox::availableLogicalHeightForChild):
2636         (WebCore::RenderFlexibleBox::marginBoxAscent):
2637         (WebCore::RenderFlexibleBox::layoutAndPlaceChildrenInlineDirection):
2638         (WebCore::RenderFlexibleBox::adjustLocationLogicalTopForChild):
2639         (WebCore::RenderFlexibleBox::alignChildrenBlockDirection):
2640         * rendering/RenderFlexibleBox.h:
2641
2642 2011-10-12  Mihnea Ovidenie  <mihnea@adobe.com>
2643
2644         [CSS Regions]Remove -webkit-content-order property
2645         https://bugs.webkit.org/show_bug.cgi?id=69848
2646
2647         Reviewed by Tony Chang.
2648
2649         -webkit-content-order property is removed from latest CSS Regions spec.
2650
2651         * css/CSSComputedStyleDeclaration.cpp:
2652         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
2653         * css/CSSParser.cpp:
2654         (WebCore::CSSParser::parseValue):
2655         * css/CSSPropertyNames.in:
2656         * css/CSSStyleSelector.cpp:
2657         (WebCore::CSSStyleSelector::applyProperty):
2658         * dom/Node.cpp:
2659         (WebCore::Node::diff):
2660         * rendering/RenderFlowThread.cpp:
2661         (WebCore::compareRenderRegions):
2662         * rendering/RenderTreeAsText.cpp:
2663         (WebCore::writeRenderFlowThreads):
2664         * rendering/style/RenderStyle.h:
2665         * rendering/style/StyleRareNonInheritedData.cpp:
2666         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
2667         (WebCore::StyleRareNonInheritedData::operator==):
2668         * rendering/style/StyleRareNonInheritedData.h:
2669
2670 2011-10-12  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2671
2672         Update PeerConnection to use WebCore platform interfaces
2673         https://bugs.webkit.org/show_bug.cgi?id=68462
2674
2675         Reviewed by Adam Barth.
2676
2677         Currently not testable.
2678
2679         * WebCore.gypi:
2680         * WebCore.pro:
2681         * bindings/js/JSPeerConnectionCustom.cpp:
2682         (WebCore::JSPeerConnectionConstructor::constructJSPeerConnection):
2683         * bindings/v8/custom/V8PeerConnectionCustom.cpp: Removed.
2684         * dom/MediaStreamList.cpp:
2685         (WebCore::MediaStreamList::item):
2686         (WebCore::MediaStreamList::append):
2687         (WebCore::MediaStreamList::remove):
2688         (WebCore::MediaStreamList::contains):
2689         * dom/MediaStreamList.h:
2690         * p2p/PeerConnection.cpp:
2691         (WebCore::PeerConnection::create):
2692         (WebCore::PeerConnection::PeerConnection):
2693         (WebCore::PeerConnection::processSignalingMessage):
2694         (WebCore::PeerConnection::readyState):
2695         (WebCore::PeerConnection::send):
2696         (WebCore::PeerConnection::addStream):
2697         (WebCore::PeerConnection::removeStream):
2698         (WebCore::PeerConnection::localStreams):
2699         (WebCore::PeerConnection::remoteStreams):
2700         (WebCore::PeerConnection::close):
2701         (WebCore::PeerConnection::iceProcessingCompleted):
2702         (WebCore::PeerConnection::sdpGenerated):
2703         (WebCore::PeerConnection::dataStreamMessageReceived):
2704         (WebCore::PeerConnection::remoteStreamAdded):
2705         (WebCore::PeerConnection::remoteStreamRemoved):
2706         (WebCore::PeerConnection::scriptExecutionContext):
2707         (WebCore::PeerConnection::stop):
2708         (WebCore::PeerConnection::scheduleInitialNegotiation):
2709         (WebCore::PeerConnection::initialNegotiationTimerFired):
2710         (WebCore::PeerConnection::ensureStreamChangeScheduled):
2711         (WebCore::PeerConnection::streamChangeTimerFired):
2712         (WebCore::PeerConnection::scheduleReadyStateChange):
2713         (WebCore::PeerConnection::readyStateChangeTimerFired):
2714         (WebCore::PeerConnection::changeReadyState):
2715         * p2p/PeerConnection.h:
2716         (WebCore::PeerConnection::refEventTarget):
2717         (WebCore::PeerConnection::derefEventTarget):
2718         * p2p/PeerConnection.idl:
2719         * page/MediaStreamClient.h:
2720         * page/MediaStreamController.cpp:
2721         (WebCore::MediaStreamController::MediaStreamController):
2722         * page/MediaStreamController.h:
2723         * page/MediaStreamFrameController.cpp:
2724         * page/MediaStreamFrameController.h:
2725
2726 2011-10-12  Chris Fleizach  <cfleizach@apple.com>
2727
2728         AX: CrashTracer: [USER] 296 crashes in WebProcess at com.apple.WebCore: WebCore::AccessibilityScrollbar::document const + 29
2729         https://bugs.webkit.org/show_bug.cgi?id=69936
2730
2731         AX Scrollbars have a weak pointer to their parent. They need to become AccessibilityMockObjects, so that they can
2732         participate in the detachFromParent() methods that happens when those parents go away.
2733         Could not reproduce the crash, but the backtrace is unequivocal.
2734
2735         Reviewed by Darin Adler.
2736
2737         * accessibility/AccessibilityScrollView.cpp:
2738         (WebCore::AccessibilityScrollView::removeChildScrollbar):
2739         * accessibility/AccessibilityScrollbar.cpp:
2740         (WebCore::AccessibilityScrollbar::AccessibilityScrollbar):
2741         * accessibility/AccessibilityScrollbar.h:
2742         (WebCore::AccessibilityScrollbar::scrollbar):
2743         (WebCore::AccessibilityScrollbar::isAccessibilityScrollbar):
2744
2745 2011-10-12  David Hyatt  <hyatt@apple.com>
2746
2747         https://bugs.webkit.org/show_bug.cgi?id=69950
2748         
2749         REGRESSION: Printing broken because of the isWritingModeRoot addition for unsplittable
2750         paginated content. Make sure not to include the RenderView when checking for writing mode
2751         roots. We only care about children that differ from their parents.
2752
2753         Reviewed by Dimitri Glazkov.
2754
2755         * rendering/LayoutState.cpp:
2756         (WebCore::LayoutState::LayoutState):
2757         * rendering/RenderBlock.cpp:
2758         (WebCore::RenderBlock::adjustForUnsplittableChild):
2759         * rendering/RenderBox.cpp:
2760         (WebCore::RenderBox::isUnsplittableForPagination):
2761         * rendering/RenderBox.h:
2762
2763 2011-10-12  Anna Cavender  <annacc@chromium.org>
2764
2765         Moving ScriptExecutionContext to the front of the argument list for
2766         IDL constructors that use ConstructorWith=ScriptExecutionContext.
2767         https://bugs.webkit.org/show_bug.cgi?id=69799
2768
2769         Reviewed by Adam Barth.
2770
2771         Tests:
2772         - http/tests/eventsource/* (for EventSource)
2773         - fast/filesystem/* (for Worker)
2774
2775         * bindings/js/JSEventSourceCustom.cpp:
2776         (WebCore::JSEventSourceConstructor::constructJSEventSource):
2777         * bindings/js/JSWorkerCustom.cpp:
2778         (WebCore::JSWorkerConstructor::constructJSWorker):
2779         * bindings/scripts/CodeGeneratorV8.pm:
2780         (GenerateConstructorCallback):
2781         * bindings/scripts/test/V8/V8TestInterface.cpp:
2782         (WebCore::V8TestInterface::constructorCallback):
2783         * page/EventSource.cpp:
2784         (WebCore::EventSource::create):
2785         * page/EventSource.h:
2786         * workers/Worker.cpp:
2787         (WebCore::Worker::create):
2788         * workers/Worker.h:
2789
2790 2011-10-11  David Hyatt  <hyatt@apple.com>
2791
2792         https://bugs.webkit.org/show_bug.cgi?id=69896
2793         
2794         [CSS Regions] Make positioned blocks work with variable width regions.
2795         
2796         Make positioned objects able to position and size independently in each region. This involves
2797         lifting the restriction in renderBoxRegionInfo for positioned objects and passing in region
2798         information to computeLogicalWidthForPositioned so that it can compute answers for a given
2799         region.
2800
2801         In order to make mixed writing modes work with positioned objects, this patch also takes some
2802         baby steps towards fixing differing writing modes in paginated environments.
2803
2804         Reviewed by Sam Weinig.
2805
2806         Added many new tests in fast/regions.
2807
2808         * rendering/LayoutState.cpp:
2809         (WebCore::LayoutState::LayoutState):
2810         Disable pagination whenever differing writing modes are encountered. The block effectively becomes
2811         unsplittable (as though it was an image).
2812
2813         * rendering/RenderBlock.cpp:
2814         (WebCore::RenderBlock::layoutBlock):
2815         Remove a FIXME that looks incorrect now.
2816
2817         (WebCore::RenderBlock::adjustPositionedBlock):
2818         Patch static inline position caching to call a new method that unshifts the position to put it back
2819         in the overall block's space rather than having it be per-region.
2820
2821         (WebCore::RenderBlock::layoutPositionedObjects):
2822         Make sure to attempt to set a logicalTop for positioned objects before they lay out so that they
2823         have a chance of paginating correctly the first time around. If for some reason the top estimate proves
2824         to be incorrect, we lay out again. Technically this bug exists for multi-column and printing as well, but
2825         for now just fixing it for regions.
2826
2827         (WebCore::RenderBlock::adjustForUnsplittableChild):
2828         Add writing mode roots to the set of objects we consider to be unsplittable.
2829
2830         (WebCore::RenderBlock::setStaticInlinePositionForChild):
2831         New helper function that handles shifting the inline static position back into the overall block's space
2832         rather than leaving it in a translated region-specific space.
2833
2834         * rendering/RenderBlock.h:
2835         (WebCore::RenderBlock::startOffsetForContent):
2836         New helper function for computing the start offset when no regions are involved.
2837
2838         * rendering/RenderBlockLineLayout.cpp:
2839         (WebCore::setStaticPositions):
2840         (WebCore::RenderBlock::LineBreaker::nextLineBreak):
2841         Patched to call the new helper function, setStaticInlinePositionForChild.
2842
2843         * rendering/RenderBox.cpp:
2844         (WebCore::RenderBox::positionLineBox):
2845         Patched to call the new helper function, setStaticInlinePositionForChild.
2846
2847         (WebCore::RenderBox::computeLogicalWidthInRegion):
2848         Pass region information into the positioning logical width computation function.
2849
2850         (WebCore::RenderBox::renderBoxRegionInfo):
2851         Remove the positioning restriction and properly compute shifting and left/right offsets for positioned
2852         objects.
2853
2854         (WebCore::RenderBox::computeLogicalHeight):
2855         Add code for perpendicular flows that just positions the object within the first region it is encountered
2856         in. Since the object is unsplittable, this will work out. Should the object be so tall that it can't fit
2857         in any region, then the resulting rendering will potentially be terrible, but the expectation is that authors should
2858         avoid having perpendicular flows break across pages.
2859
2860         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned):
2861         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned):
2862         Patched to handle regions when they are passed in. Also makes sure that the pagination direction axis computation uses
2863         the flow thread's first region when the flow thread is the positioned object's containing block.
2864
2865         (WebCore::computeInlineStaticDistance):
2866         Patched to examine regions and to modify the static distance computation accordingly so that it is per-region.
2867
2868         (WebCore::RenderBox::computePositionedLogicalWidth):
2869         Pass along the region information when computing the positioned logical width.
2870
2871         (WebCore::computeLogicalLeftPositionedOffset):
2872         Handle the adjustment of the logical left offset for differing writing modes (in this case when the writing mode
2873         is flipped relative to us).
2874
2875         (WebCore::RenderBox::computePositionedLogicalHeight):
2876         Deal with perpendicular writing modes and make sure the object is placed properly using the first region it 
2877         occurs in.
2878
2879         (WebCore::computeLogicalTopPositionedOffset):
2880         Remove code that is no longer needed.
2881
2882         (WebCore::RenderBox::computePositionedLogicalWidthReplaced):
2883         Patched to pass in 0 instead of a region since replaced elements aren't handled yet.
2884
2885         * rendering/RenderBox.h:
2886         Changing the computePositionedLogicalWidth method to take region information.
2887
2888         * rendering/RenderDeprecatedFlexibleBox.cpp:
2889         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
2890         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
2891         Didn't bother fixing deprecated flexible box, and the new flexbox still can't handle positioned objects. When it does,
2892         it will use the new method. Put in some FIXMEs to help the flexbox coders see the issue when they port the code over
2893         to the new flexbox.
2894
2895         * rendering/RenderLayer.h:
2896         (WebCore::RenderLayer::staticInlinePosition):
2897         (WebCore::RenderLayer::staticBlockPosition):
2898         (WebCore::RenderLayer::setStaticInlinePosition):
2899         (WebCore::RenderLayer::setStaticBlockPosition):
2900         Patched to take LayoutUnits instead of ints.
2901
2902 2011-10-12  Nate Chapin  <japhet@chromium.org>
2903
2904         Remove logging to determine how null v8::Contexts are happening,
2905         and check the return value of V8DOMWindowShell::initContextIfNeeded()
2906         before using the context it initialized.
2907         https://bugs.webkit.org/show_bug.cgi?id=68099
2908
2909         Reviewed by Adam Barth.
2910
2911         No new tests, the only symptom is a crash without a known repro.
2912
2913         * bindings/v8/ScriptController.cpp:
2914         * bindings/v8/V8DOMWindowShell.cpp:
2915         (WebCore::V8DOMWindowShell::initContextIfNeeded): Return true
2916             if a context already existed.
2917         (WebCore::V8DOMWindowShell::namedItemAdded): Remove logging.
2918         * bindings/v8/V8Proxy.cpp:
2919
2920 2011-10-06  Robert Hogan  <robert@webkit.org>
2921
2922         CSS 2.1 failure: border-conflict-style-079
2923         https://bugs.webkit.org/show_bug.cgi?id=69551
2924
2925         Reviewed by Antonio Gomes.
2926
2927         * css/CSSValueKeywords.in: ridge and outset were the wrong way round
2928         * rendering/style/RenderStyleConstants.h: ditto
2929
2930
2931 2011-10-12  Jian Li  <jianli@chromium.org>
2932
2933         Support passing optional filename when FormData.append() is used to
2934         append a blob
2935         https://bugs.webkit.org/show_bug.cgi?id=69885
2936
2937         Reviewed by David Levin.
2938
2939         Covered by existing test with new test case added:
2940         http/tests/local/formdata/send-form-data-with-sliced-file.html
2941
2942         * bindings/js/JSDOMFormDataCustom.cpp:
2943         (WebCore::JSDOMFormData::append):
2944         * bindings/v8/custom/V8DOMFormDataCustom.cpp:
2945         (WebCore::V8DOMFormData::appendCallback):
2946         * html/DOMFormData.cpp:
2947         (WebCore::DOMFormData::append):
2948         * html/DOMFormData.h:
2949         * html/DOMFormData.idl:
2950         * html/FormDataList.cpp:
2951         (WebCore::FormDataList::appendBlob):
2952         * html/FormDataList.h:
2953         (WebCore::FormDataList::Item::Item):
2954         (WebCore::FormDataList::Item::filename):
2955         (WebCore::FormDataList::appendBlob):
2956         * platform/network/FormData.cpp:
2957         (WebCore::FormData::appendKeyValuePairItems):
2958
2959 2011-10-12  Sergey Glazunov  <serg.glazunov@gmail.com>
2960
2961         ScriptController::executeIfJavaScriptURL gets confused by synchronous frame loads
2962         https://bugs.webkit.org/show_bug.cgi?id=69777
2963
2964         Reviewed by Adam Barth.
2965
2966         Test: http/tests/security/xss-DENIED-synchronous-frame-load-in-javascript-url.html
2967
2968         * bindings/ScriptControllerBase.cpp:
2969         (WebCore::ScriptController::executeIfJavaScriptURL):
2970         * loader/DocumentWriter.cpp:
2971         (WebCore::DocumentWriter::replaceDocument):
2972         (WebCore::DocumentWriter::begin):
2973         * loader/DocumentWriter.h:
2974
2975 2011-10-12  Vsevolod Vlasov  <vsevik@chromium.org>
2976
2977         Web Inspector: Searching in multiple scripts in the scripts tab
2978         https://bugs.webkit.org/show_bug.cgi?id=38807
2979
2980         Reviewed by Pavel Feldman.
2981
2982         Added support for advanced search capabilities in inspector by means
2983         of showing the new SearchView in Drawer. Advanced search is activated
2984         with Ctrl+Shift+F (Cmd+Shift+F) shortcut.
2985
2986         * English.lproj/localizedStrings.js:
2987         * WebCore.gypi:
2988         * WebCore.vcproj/WebCore.vcproj:
2989         * inspector/compile-front-end.sh:
2990         * inspector/front-end/AdvancedSearchController.js: Added.
2991         * inspector/front-end/DebuggerPresentationModel.js:
2992         (WebInspector.DebuggerPresentationModel.prototype.uiSourceCodes):
2993         * inspector/front-end/ScriptsPanel.js:
2994         * inspector/front-end/ScriptsSearchScope.js: Added.
2995         * inspector/front-end/UISourceCode.js:
2996         (WebInspector.UISourceCode.prototype.searchInContent):
2997         * inspector/front-end/WebKit.qrc:
2998         * inspector/front-end/externs.js:
2999         (WebInspector.showViewInDrawer):
3000         * inspector/front-end/inspector.css:
3001         (.search-view):
3002         (.search-view .search-panel):
3003         (.search-view .search-results):
3004         (#search-results-pane-file-based .search-result):
3005         (#search-results-pane-file-based .search-result:first-child):
3006         (#search-results-pane-file-based .search-result .search-result-file-name):
3007         (#search-results-pane-file-based .search-result .search-result-matches-count):
3008         (#search-results-pane-file-based .search-match):
3009         (#search-results-pane-file-based .search-match .webkit-line-number.search-match-line-number):
3010         (#search-results-pane-file-based .search-match:not(:hover) .webkit-line-number.search-match-line-number):
3011         (#search-results-pane-file-based .search-match:hover):
3012         (#search-results-pane-file-based .search-match .highlighted-match):
3013         (#search-results-pane-file-based a):
3014         (#search-results-pane-file-based .search-match .search-match-content):
3015         * inspector/front-end/inspector.html:
3016         * inspector/front-end/inspector.js:
3017         (WebInspector.documentKeyDown):
3018         * inspector/front-end/utilities.js:
3019         ():
3020
3021 2011-10-12  Vsevolod Vlasov  <vsevik@chromium.org>
3022
3023         Web Inspector: Fix Drawer to make it possible to show views other than Console.
3024         https://bugs.webkit.org/show_bug.cgi?id=69831
3025
3026         Reviewed by Pavel Feldman.
3027
3028         Animation type extracted to distinguish between slow and normal
3029         animation and immediate show/hide.
3030         Implemented correct console toggle button behavior on showing views
3031         other than console in Drawer.
3032         View shown in Drawer is now shown in drawer-contents div with common
3033         styles moved there.
3034         Removed unused "_safelyRemoveChildren" method from Drawer.
3035
3036         * inspector/front-end/ConsolePanel.js:
3037         (WebInspector.ConsolePanel.prototype.show):
3038         (WebInspector.ConsolePanel.prototype.hide):
3039         * inspector/front-end/Drawer.js:
3040         (WebInspector.Drawer):
3041         (WebInspector.Drawer.prototype.show):
3042         (WebInspector.Drawer.prototype.hide):
3043         (WebInspector.Drawer.prototype._animationDuration):
3044         * inspector/front-end/inspector.css:
3045         (body.drawer-visible #drawer-contents):
3046         * inspector/front-end/inspector.js:
3047         (WebInspector._toggleConsoleButtonClicked):
3048         (WebInspector._escPressed):
3049         (WebInspector.showViewInDrawer):
3050         (WebInspector.documentKeyDown):
3051
3052 2011-10-12  Yury Semikhatsky  <yurys@chromium.org>
3053
3054         [v8] Use V8DOMWrapper::isWrapperOfType for determining global object type
3055         https://bugs.webkit.org/show_bug.cgi?id=69923
3056
3057         Get rid of globalObjectPrototypeIsDOMWindow, use V8DOMWrapper::isWrapperOfType instead.
3058
3059         Reviewed by Pavel Feldman.
3060
3061         * bindings/v8/V8DOMWrapper.cpp:
3062         (WebCore::V8DOMWrapper::instantiateV8Object):
3063         (WebCore::V8DOMWrapper::getEventListener):
3064
3065 2011-10-12  Yury Semikhatsky  <yurys@chromium.org>
3066
3067         [Chromium] Web Inspector: assertion failure when evaluating expression in worker inspector console
3068         https://bugs.webkit.org/show_bug.cgi?id=69922
3069
3070         Check that the global object is a DOMWindow wrapper befor casting it to V8DOMWindow.
3071
3072         Reviewed by Pavel Feldman.
3073
3074         * bindings/v8/ScriptState.cpp:
3075         (WebCore::ScriptState::domWindow):
3076
3077 2011-10-12  Yuta Kitamura  <yutak@chromium.org>
3078
3079         WebSocket: Update WebSocket protocol to hybi-17
3080         https://bugs.webkit.org/show_bug.cgi?id=69910
3081
3082         Reviewed by Kent Tamura.
3083
3084         Essential changes between hybi-10 and hybi-17 are:
3085         - Sec-WebSocket-Origin header has been renamed to "Origin".
3086         - Sec-WebSocket-Version header value has been bumped to 13.
3087
3088         No new tests are necessary. pywebsocket has already been updated to the latest version
3089         which understands the new protocol. Tests under http/tests/websocket/ should keep
3090         passing.
3091
3092         * websockets/WebSocketHandshake.cpp:
3093         (WebCore::WebSocketHandshake::clientHandshakeMessage):
3094         (WebCore::WebSocketHandshake::clientHandshakeRequest):
3095
3096 2011-10-11  Antti Koivisto  <antti@apple.com>
3097
3098         Resolve regular and visited link style in a single pass
3099         https://bugs.webkit.org/show_bug.cgi?id=69838
3100
3101         Reviewed by Darin Adler
3102         
3103         We can simplify and speed up selector matching by removing the recursive matching done
3104         to generate the style for the :visited pseudo selector. Both regular and visited link style
3105         can be generated in a single pass through the style selector.
3106         
3107         - Make SelectorChecker::checkSelector to return both :visited and :link matches for all links.
3108         - For each selector statically determine and cache the link states it may match.
3109         - When applying the matched style declarations, apply them to the right RenderStyle
3110           (regular, visited, or both).
3111
3112         Statically determining which link state will be matched works since we only support :visited matching
3113         based on the current element state (not ancestors or siblings).
3114         
3115         A later patch will eliminate the separate RenderStyle for visited style completely and include the
3116         few allowed properties to the regular RenderStyle.
3117
3118         * css/CSSStyleSelector.cpp:
3119         (WebCore::RuleData::linkMatchType):
3120         (WebCore::RuleSet::linkPseudoClassRules):
3121         (WebCore::CSSStyleSelector::addMatchedDeclaration):
3122         (WebCore::CSSStyleSelector::matchRules):
3123         (WebCore::CSSStyleSelector::styleForElement):
3124         (WebCore::CSSStyleSelector::pseudoStyleForElement):
3125         (WebCore::CSSStyleSelector::updateFont):
3126         (WebCore::CSSStyleSelector::checkSelector):
3127         (WebCore::RuleData::RuleData):
3128         (WebCore::RuleSet::addRule):
3129         (WebCore::RuleSet::collectFeatures):
3130         (WebCore::RuleSet::shrinkToFit):
3131         (WebCore::CSSStyleSelector::applyDeclaration):
3132         (WebCore::CSSStyleSelector::applyDeclarations):
3133         (WebCore::CSSStyleSelector::applyProperty):
3134         (WebCore::CSSStyleSelector::getColorFromPrimitiveValue):
3135         * css/CSSStyleSelector.h:
3136         (WebCore::CSSStyleSelector::MatchedStyleDeclaration::MatchedStyleDeclaration):
3137         * css/SelectorChecker.cpp:
3138         (WebCore::SelectorChecker::SelectorChecker):
3139         (WebCore::SelectorChecker::checkSelector):
3140         (WebCore::SelectorChecker::fastCheckRightmostSelector):
3141         (WebCore::SelectorChecker::fastCheckSelector):
3142         (WebCore::SelectorChecker::checkOneSelector):
3143         (WebCore::SelectorChecker::commonPseudoClassSelectorMatches):
3144         (WebCore::SelectorChecker::determineLinkMatchType):
3145         * css/SelectorChecker.h:
3146         * rendering/style/RenderStyle.cpp:
3147         (WebCore::RenderStyle::addCachedPseudoStyle):
3148
3149 2011-10-12  Kent Tamura  <tkent@chromium.org>
3150
3151         REGRESSION(r94836): An assertion fails in HTMLFormControlElement::isValidFormControlElement
3152         when HTMLInputElement::setValue() is called while the element is focused.
3153         https://bugs.webkit.org/show_bug.cgi?id=69909
3154
3155         Reviewed by Ryosuke Niwa.
3156
3157         setNeedsValidityCheck() should be called after the value update
3158         and before any style recalculation. r94836 moved
3159         setSelectionRange() call, and it recalculates the element style.
3160
3161         * html/HTMLInputElement.cpp:
3162         (WebCore::HTMLInputElement::setValue): Move setNeedsValidityCheck() to setValueInternal().
3163         (WebCore::HTMLInputElement::setValueInternal): Move setNeedsValidityCheck() from setValue().
3164
3165 2011-10-12  Kent Tamura  <tkent@chromium.org>
3166
3167         Build fixes for r97238.
3168         https://bugs.webkit.org/show_bug.cgi?id=69828
3169
3170         * GNUmakefile.list.am: Remove SelectElement.{cpp,h}.
3171         * dom/DOMAllInOne.cpp: Remove SelectElement.cpp.
3172
3173 2011-10-12  Kent Tamura  <tkent@chromium.org>
3174
3175         Move the content of SelectElementData into HTMLSelectElement, and remove SelectElement.{cpp,h}
3176         https://bugs.webkit.org/show_bug.cgi?id=69828
3177
3178         Reviewed by Darin Adler.
3179
3180         - Move all of the data members of SelectElementData to
3181         HTMLSelectElement, and their accessor functions are not needed
3182         anymore.
3183         - Move SelectElementData::useMenuList() to HTMLSelectElement.
3184
3185         No new tests, just a refactoring.
3186
3187         * CMakeLists.txt: Remove SelectElement.cpp.
3188         * WebCore.gypi: Remove SelectElement.{cpp,h}.
3189         * WebCore.pro: ditto.
3190         * WebCore.vcproj/WebCore.vcproj: ditto.
3191         * WebCore.xcodeproj/project.pbxproj: ditto.
3192         * dom/OptionElement.cpp: Remove a reference to SelectElement.h.
3193         * dom/SelectElement.cpp: Removed.
3194         * dom/SelectElement.h: Removed.
3195         * html/HTMLSelectElement.cpp:
3196         (WebCore::HTMLSelectElement::HTMLSelectElement):
3197         Initializes the moved data members.
3198         (WebCore::HTMLSelectElement::formControlType):
3199         (WebCore::HTMLSelectElement::setSelectedIndexByUser):
3200         (WebCore::HTMLSelectElement::activeSelectionStartListIndex):
3201         (WebCore::HTMLSelectElement::activeSelectionEndListIndex):
3202         (WebCore::HTMLSelectElement::parseMappedAttribute):
3203         (WebCore::HTMLSelectElement::canSelectAll):
3204         (WebCore::HTMLSelectElement::createRenderer):
3205         (WebCore::HTMLSelectElement::setOption):
3206         (WebCore::HTMLSelectElement::selectAll):
3207         (WebCore::HTMLSelectElement::saveLastSelection):
3208         (WebCore::HTMLSelectElement::setActiveSelectionAnchorIndex):
3209         (WebCore::HTMLSelectElement::setActiveSelectionEndIndex):
3210         (WebCore::HTMLSelectElement::updateListBoxSelection):
3211         (WebCore::HTMLSelectElement::listBoxOnChange):
3212         (WebCore::HTMLSelectElement::menuListOnChange):
3213         (WebCore::HTMLSelectElement::scrollToSelection):
3214         (WebCore::HTMLSelectElement::setOptionsChangedOnRenderer):
3215         (WebCore::HTMLSelectElement::setRecalcListItems):
3216         (WebCore::HTMLSelectElement::recalcListItemsInternal):
3217         (WebCore::HTMLSelectElement::setSelectedIndexInternal):
3218         (WebCore::HTMLSelectElement::dispatchFocusEvent):
3219         (WebCore::HTMLSelectElement::dispatchBlurEvent):
3220         (WebCore::HTMLSelectElement::parseMultipleAttribute):
3221         (WebCore::HTMLSelectElement::reset):
3222         (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
3223         (WebCore::HTMLSelectElement::updateSelectedState):
3224         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
3225         (WebCore::HTMLSelectElement::defaultEventHandler):
3226         (WebCore::HTMLSelectElement::typeAheadFind):
3227         (WebCore::HTMLSelectElement::accessKeySetSelectedIndex):
3228         * html/HTMLSelectElement.h:
3229         (WebCore::HTMLSelectElement::size):
3230         (WebCore::HTMLSelectElement::multiple):
3231         (WebCore::HTMLSelectElement::usesMenuList):
3232
3233 2011-10-12  Ryosuke Niwa  <rniwa@webkit.org>
3234
3235         Chromium Mac build fix after r97227.
3236
3237         * platform/chromium/ScrollbarThemeChromiumMac.mm:
3238         (+[ScrollbarPrefsObserver appearancePrefsChanged:]):
3239
3240 2011-10-11  Antoine Labour  <piman@chromium.org>
3241
3242         Separate compositor client thread from webkit's main thread.
3243         https://bugs.webkit.org/show_bug.cgi?id=69048
3244
3245         Reviewed by Darin Fisher.
3246
3247         Covered by compositing tests.
3248
3249         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
3250         (WebCore::CCLayerTreeHost::CCLayerTreeHost):
3251         * platform/graphics/chromium/cc/CCMainThread.cpp:
3252         * platform/graphics/chromium/cc/CCMainThread.h:
3253         * platform/graphics/chromium/cc/CCProxy.cpp:
3254         (WebCore::CCProxy::isMainThread):
3255         (WebCore::CCProxy::setMainThread):
3256         (WebCore::CCProxy::CCProxy):
3257         * platform/graphics/chromium/cc/CCProxy.h:
3258
3259 2011-10-11  Simon Fraser  <simon.fraser@apple.com>
3260
3261         Fix Leopard and Snow Leopard builds, which don't use the scrollbar painter.
3262         
3263         * platform/mac/ScrollAnimatorMac.mm:
3264
3265 2011-10-11  Simon Fraser  <simon.fraser@apple.com>
3266
3267         Make custom scrollbar theme for use in DRT, to reduce pixel diffs between platforms
3268         https://bugs.webkit.org/show_bug.cgi?id=68134
3269
3270         Reviewed by Darin Adler.
3271
3272         Use ScrollbarThemeMock when the setting to use mock scrollbars is enabled.
3273         
3274         Make ScrollbarTheme::nativeTheme() private, and add a new static theme() method
3275         that reads the setting, and returns the mock theme if set. All callers now use
3276         theme() rther than nativeTheme(). Add the new ScrollbarTheme.cpp file to the build.
3277         
3278         Fix scroll animator code for Mac and Chromium that was casting the ScrollbarTheme
3279         without type-checking it to test whether it's the mock theme.
3280
3281         * CMakeLists.txt:
3282         * GNUmakefile.list.am:
3283         * WebCore.exp.in:
3284         * WebCore.gypi:
3285         * WebCore.pro:
3286         * WebCore.vcproj/WebCore.vcproj:
3287         * WebCore.xcodeproj/project.pbxproj:
3288         * html/shadow/TextControlInnerElements.cpp:
3289         (WebCore::SpinButtonElement::startRepeatingTimer):
3290         * platform/ScrollAnimatorWin.cpp:
3291         (WebCore::ScrollAnimatorWin::scroll):
3292         (WebCore::ScrollAnimatorWin::accelerationTime):
3293         (WebCore::ScrollAnimatorWin::animateScroll):
3294         * platform/ScrollView.cpp:
3295         (WebCore::ScrollView::wheelEvent):
3296         * platform/ScrollableArea.cpp:
3297         (WebCore::ScrollableArea::setScrollbarOverlayStyle):
3298         * platform/Scrollbar.cpp:
3299         (WebCore::Scrollbar::maxOverlapBetweenPages):
3300         (WebCore::Scrollbar::Scrollbar):
3301         * platform/ScrollbarTheme.cpp: Copied from Source/WebCore/platform/mock/ScrollbarThemeMock.h.
3302         (WebCore::ScrollbarTheme::theme):
3303         * platform/ScrollbarTheme.h:
3304         (WebCore::ScrollbarTheme::isMockTheme):
3305         * platform/chromium/PopupListBox.cpp:
3306         (WebCore::PopupListBox::layout):
3307         * platform/chromium/ScrollAnimatorChromiumMac.mm:
3308         (WebCore::chromiumScrollbarTheme):
3309         (WebCore::ScrollAnimatorChromiumMac::didAddVerticalScrollbar):
3310         (WebCore::ScrollAnimatorChromiumMac::willRemoveVerticalScrollbar):
3311         (WebCore::ScrollAnimatorChromiumMac::didAddHorizontalScrollbar):
3312         (WebCore::ScrollAnimatorChromiumMac::willRemoveHorizontalScrollbar):
3313         (WebCore::ScrollAnimatorChromiumMac::updateScrollerStyle):
3314         * platform/chromium/ScrollbarThemeChromiumMac.mm:
3315         (+[ScrollbarPrefsObserver appearancePrefsChanged:]):
3316         (+[ScrollbarPrefsObserver behaviorPrefsChanged:]):
3317         * platform/mac/ScrollAnimatorMac.mm:
3318         (WebCore::macScrollbarTheme):
3319         (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
3320         (WebCore::ScrollAnimatorMac::willRemoveVerticalScrollbar):
3321         (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
3322         (WebCore::ScrollAnimatorMac::willRemoveHorizontalScrollbar):
3323         (WebCore::ScrollAnimatorMac::updateScrollerStyle):
3324         * platform/mac/ScrollbarThemeMac.mm:
3325         (+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
3326         (+[WebScrollbarPrefsObserver behaviorPrefsChanged:]):
3327         * platform/mock/ScrollbarThemeMock.h:
3328         (WebCore::ScrollbarThemeMock::isMockTheme):
3329         * platform/qt/RenderThemeQt.cpp:
3330         (WebCore::RenderThemeQt::adjustInnerSpinButtonStyle):
3331         * platform/win/PopupMenuWin.cpp:
3332         (WebCore::PopupMenuWin::calculatePositionAndSize):
3333         * rendering/RenderLayer.cpp:
3334         (WebCore::cornerRect):
3335         * rendering/RenderScrollbarPart.cpp:
3336         (WebCore::calcScrollbarThicknessUsing):
3337         * rendering/RenderScrollbarTheme.h:
3338         (WebCore::RenderScrollbarTheme::scrollbarThickness):
3339         (WebCore::RenderScrollbarTheme::buttonsPlacement):
3340         (WebCore::RenderScrollbarTheme::shouldCenterOnThumb):
3341         (WebCore::RenderScrollbarTheme::initialAutoscrollTimerDelay):
3342         (WebCore::RenderScrollbarTheme::autoscrollTimerDelay):
3343         (WebCore::RenderScrollbarTheme::registerScrollbar):
3344         (WebCore::RenderScrollbarTheme::unregisterScrollbar):
3345         * rendering/RenderTextControl.cpp:
3346         (WebCore::RenderTextControl::scrollbarThickness):
3347         * rendering/RenderThemeChromiumSkia.cpp:
3348         (WebCore::RenderThemeChromiumSkia::menuListInternalPadding):
3349         * rendering/RenderThemeChromiumWin.cpp:
3350         (WebCore::RenderThemeChromiumWin::adjustInnerSpinButtonStyle):
3351
3352 2011-10-11  Kentaro Hara  <haraken@chromium.org>
3353
3354         Implement a WebKitTransitionEvent constructor for JSC
3355         https://bugs.webkit.org/show_bug.cgi?id=69829
3356
3357         Reviewed by Adam Barth.
3358
3359         There is no spec for the WebKitTransitionEvent constructor
3360         since it is WebKit-specific. However, judging from the current
3361         IDL of initWebKitTransitionEvent(), the constructor IDL
3362         should be as follows.
3363
3364         [Constructor(DOMString type, optional WebKitTransitionEventInit eventInitDict)]
3365         interface WebKitTransitionEvent : Event {
3366             ...;
3367         }
3368
3369         dictionary WebKitTransitionEventInit : EventInit {
3370             DOMString propertyName;
3371             double elapsedTime;
3372         }
3373
3374         Test: fast/events/constructors/webkit-transition-event-constructor.html
3375
3376         * bindings/generic/EventConstructors.h: Added a definition for the WebKitTransitionEvent constructor.
3377         * bindings/js/JSEventConstructors.cpp: Added #includes for WebKitTransitionEvent.
3378         * dom/WebKitTransitionEvent.cpp:
3379         (WebCore::WebKitTransitionEventInit::WebKitTransitionEventInit):
3380         (WebCore::WebKitTransitionEvent::WebKitTransitionEvent):
3381         (WebCore::WebKitTransitionEvent::initWebKitTransitionEvent):
3382         * dom/WebKitTransitionEvent.h: Added a definition for WebKitTransitionEventInit.
3383         (WebCore::WebKitTransitionEvent::create):
3384         (WebCore::WebKitTransitionEvent::isWebKitTransitionEvent):
3385         * dom/WebKitTransitionEvent.idl: Makes WebKitTransitionEvent constructible.
3386
3387 2011-10-11  Sameer Patil  <mkrp87@motorola.com>
3388
3389         :checked pseudo selector not matching selected option 
3390         https://bugs.webkit.org/show_bug.cgi?id=63192
3391
3392         Reviewed by Kent Tamura.
3393
3394         Test: fast/css/checked-pseudo-selector.html
3395
3396         Option element selected state need to be checked in checkOneSelector, 
3397         so that it can be considered as checked on querySelectorAll(':checked').
3398
3399         * css/SelectorChecker.cpp:
3400         (WebCore::SelectorChecker::checkOneSelector):
3401
3402 2011-10-11  Ryuan Choi  <ryuan.choi@samsung.com>
3403
3404         StorageAreaSync::sync needs a transaction for better performance.
3405