2011-01-28 Pavel Feldman <pfeldman@chromium.org>
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
2
3         Reviewed by Yury Semikhatsky.
4
5         Web Inspector: copy HAR to clipboard instead of saving blob on export.
6         https://bugs.webkit.org/show_bug.cgi?id=53328
7
8         * inspector/front-end/NetworkPanel.js:
9         (WebInspector.NetworkPanel.prototype._exportAll):
10         (WebInspector.NetworkPanel.prototype._exportResource):
11
12 2011-01-30  Pavel Feldman  <pfeldman@chromium.org>
13
14         Reviewed by Timothy Hatcher.
15
16         Web Inspector: speed up network panel rendering.
17         https://bugs.webkit.org/show_bug.cgi?id=53397
18
19         * inspector/front-end/DataGrid.js:
20         (WebInspector.DataGrid.prototype.get scrollContainer):
21         * inspector/front-end/NetworkPanel.js:
22         (WebInspector.NetworkPanel.prototype.elementsToRestoreScrollPositionsFor):
23         (WebInspector.NetworkPanel.prototype._positionSummaryBar):
24         (WebInspector.NetworkPanel.prototype._createTable):
25         (WebInspector.NetworkPanel.prototype._exportResource):
26         (WebInspector.NetworkPanel.prototype._onScroll):
27         * inspector/front-end/networkPanel.css:
28         (.network-sidebar .data-grid.small tr.offscreen):
29         (.network-sidebar .data-grid tr.offscreen):
30         (.network-sidebar .data-grid tr.offscreen td):
31
32 2011-01-31  Peter Varga  <pvarga@webkit.org>
33
34         Reviewed by Andreas Kling.
35
36         Remove wrec from WebCore
37         https://bugs.webkit.org/show_bug.cgi?id=53298
38
39         No new tests needed.
40
41         * Android.jscbindings.mk:
42         * ForwardingHeaders/wrec/WREC.h: Removed.
43         * WebCore.vcproj/WebCore.vcproj:
44         * WebCore.vcproj/copyForwardingHeaders.cmd:
45
46 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
47
48         Unreviewed, rolling out r76969.
49         http://trac.webkit.org/changeset/76969
50         https://bugs.webkit.org/show_bug.cgi?id=53418
51
52         "It is causing crashes in GTK+ and Leopard bots" (Requested by
53         alexg__ on #webkit).
54
55         * bridge/runtime_root.cpp:
56         (JSC::Bindings::RootObject::invalidate):
57         (JSC::Bindings::RootObject::addRuntimeObject):
58         (JSC::Bindings::RootObject::removeRuntimeObject):
59         * bridge/runtime_root.h:
60
61 2011-01-31  Antti Koivisto  <antti@apple.com>
62
63         Not reviewed.
64
65         Spelling.
66
67         * css/CSSSelectorList.h:
68         (WebCore::CSSSelectorList::next):
69
70 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
71
72         Unreviewed. Fix Chromium compilation on Linux.
73
74         * platform/graphics/ShadowBlur.cpp: added PLATFORM(CHROMIUM) guard
75         * platform/graphics/ShadowBlur.h: added missing ColorSpace.h header include
76
77 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
78
79         Unreviewed. Fix Chromium compilation on Mac broken by r77101.
80
81         * WebCore.gypi: add ShadowBlur.{h,cpp} to the gypi file.
82
83 2011-01-31  Mikhail Naganov  <mnaganov@chromium.org>
84
85         Reviewed by Yury Semikhatsky.
86
87         WebInspector: Change button title from "Clear CPU profiles" to "Clear all profiles".
88
89         https://bugs.webkit.org/show_bug.cgi?id=53309
90
91         * English.lproj/localizedStrings.js:
92         * inspector/front-end/ProfilesPanel.js:
93         (WebInspector.ProfilesPanel):
94
95 2011-01-31  Carlos Garcia Campos  <cgarcia@igalia.com>
96
97         Unreviewed, fix the build with current GTK+ 3.x.
98
99         * plugins/gtk/gtk2xtbin.c:
100         * plugins/gtk/gtk2xtbin.h:
101
102 2011-01-30  Kenichi Ishibashi  <bashi@google.com>
103
104         Reviewed by Kent Tamura.
105
106         Dangling form associated elements should not be registered on the document
107         https://bugs.webkit.org/show_bug.cgi?id=53223
108
109         Adds insertedIntoDocument() and remvoedFromDocument() to
110         FormAssociatedElement class to register the element on the document
111         if and only if it actually inserted into (removed from) the document.
112
113         Test: fast/forms/dangling-form-element-crash.html
114
115         * html/FormAssociatedElement.cpp:
116         (WebCore::FormAssociatedElement::insertedIntoDocument): Added.
117         (WebCore::FormAssociatedElement::removedFromDocument): Ditto.
118         (WebCore::FormAssociatedElement::insertedIntoTree): Don't register
119         the element to a document.
120         (WebCore::FormAssociatedElement::removedFromTree): Don't unregister
121         the element from a document.
122         * html/FormAssociatedElement.h:
123         * html/HTMLFormControlElement.cpp:
124         (WebCore::HTMLFormControlElement::insertedIntoDocument): Added.
125         (WebCore::HTMLFormControlElement::removedFromDocument): Ditto.
126         * html/HTMLFormControlElement.h:
127         * html/HTMLObjectElement.cpp:
128         (WebCore::HTMLObjectElement::insertedIntoDocument): Calls
129         FormAssociatedElement::insertedIntoDocument().
130         (WebCore::HTMLObjectElement::removedFromDocument): Calls
131         FormAssociatedElement::removedFromDocument().
132
133 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
134
135         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
136         r77111.
137         http://trac.webkit.org/changeset/77098
138         http://trac.webkit.org/changeset/77099
139         http://trac.webkit.org/changeset/77100
140         http://trac.webkit.org/changeset/77109
141         http://trac.webkit.org/changeset/77111
142         https://bugs.webkit.org/show_bug.cgi?id=53219
143
144         Qt build is broken
145
146         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
147         * WebCore.exp.in:
148         * bindings/js/DOMWrapperWorld.h:
149         * bindings/js/JSAudioConstructor.cpp:
150         (WebCore::JSAudioConstructor::JSAudioConstructor):
151         * bindings/js/JSDOMBinding.cpp:
152         (WebCore::markDOMNodesForDocument):
153         (WebCore::markDOMObjectWrapper):
154         (WebCore::markDOMNodeWrapper):
155         * bindings/js/JSDOMGlobalObject.cpp:
156         (WebCore::JSDOMGlobalObject::markChildren):
157         (WebCore::JSDOMGlobalObject::setInjectedScript):
158         (WebCore::JSDOMGlobalObject::injectedScript):
159         * bindings/js/JSDOMGlobalObject.h:
160         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
161         (WebCore::getDOMConstructor):
162         * bindings/js/JSDOMWindowCustom.cpp:
163         (WebCore::JSDOMWindow::setLocation):
164         (WebCore::DialogHandler::dialogCreated):
165         * bindings/js/JSDOMWindowShell.cpp:
166         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
167         (WebCore::JSDOMWindowShell::setWindow):
168         (WebCore::JSDOMWindowShell::markChildren):
169         (WebCore::JSDOMWindowShell::unwrappedObject):
170         * bindings/js/JSDOMWindowShell.h:
171         (WebCore::JSDOMWindowShell::window):
172         (WebCore::JSDOMWindowShell::setWindow):
173         * bindings/js/JSDeviceMotionEventCustom.cpp:
174         (WebCore::createAccelerationObject):
175         (WebCore::createRotationRateObject):
176         * bindings/js/JSEventListener.cpp:
177         (WebCore::JSEventListener::JSEventListener):
178         (WebCore::JSEventListener::markJSFunction):
179         * bindings/js/JSEventListener.h:
180         (WebCore::JSEventListener::jsFunction):
181         * bindings/js/JSHTMLDocumentCustom.cpp:
182         (WebCore::JSHTMLDocument::setAll):
183         * bindings/js/JSImageConstructor.cpp:
184         (WebCore::JSImageConstructor::JSImageConstructor):
185         * bindings/js/JSImageDataCustom.cpp:
186         (WebCore::toJS):
187         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
188         (WebCore::JSJavaScriptCallFrame::scopeChain):
189         (WebCore::JSJavaScriptCallFrame::scopeType):
190         * bindings/js/JSNodeFilterCondition.cpp:
191         (WebCore::JSNodeFilterCondition::markAggregate):
192         (WebCore::JSNodeFilterCondition::acceptNode):
193         * bindings/js/JSNodeFilterCondition.h:
194         * bindings/js/JSNodeFilterCustom.cpp:
195         * bindings/js/JSOptionConstructor.cpp:
196         (WebCore::JSOptionConstructor::JSOptionConstructor):
197         * bindings/js/JSSQLResultSetRowListCustom.cpp:
198         (WebCore::JSSQLResultSetRowList::item):
199         * bindings/js/ScriptCachedFrameData.cpp:
200         (WebCore::ScriptCachedFrameData::restore):
201         * bindings/js/ScriptObject.cpp:
202         (WebCore::ScriptGlobalObject::set):
203         * bindings/js/SerializedScriptValue.cpp:
204         (WebCore::CloneDeserializer::putProperty):
205         * bindings/scripts/CodeGeneratorJS.pm:
206         * bridge/qt/qt_instance.cpp:
207         (JSC::Bindings::QtInstance::QtInstance):
208         (JSC::Bindings::QtInstance::removeCachedMethod):
209         (JSC::Bindings::QtInstance::markAggregate):
210         * bridge/qt/qt_instance.h:
211         * bridge/qt/qt_runtime.cpp:
212         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
213         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
214         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
215         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
216         * bridge/qt/qt_runtime.h:
217         * bridge/runtime_root.cpp:
218         (JSC::Bindings::RootObject::invalidate):
219         * bridge/runtime_root.h:
220         * dom/Document.h:
221
222 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
223
224         Unreviewed, rolling out r77107.
225         http://trac.webkit.org/changeset/77107
226         https://bugs.webkit.org/show_bug.cgi?id=53412
227
228         Caused 5 new form-related test crashes (Requested by smfr on
229         #webkit).
230
231         * css/CSSSelector.cpp:
232         (WebCore::CSSSelector::pseudoId):
233         (WebCore::nameToPseudoTypeMap):
234         (WebCore::CSSSelector::extractPseudoType):
235         * css/CSSSelector.h:
236         * html/HTMLProgressElement.cpp:
237         (WebCore::HTMLProgressElement::parseMappedAttribute):
238         (WebCore::HTMLProgressElement::attach):
239         * html/HTMLProgressElement.h:
240         * rendering/RenderProgress.cpp:
241         (WebCore::RenderProgress::~RenderProgress):
242         (WebCore::RenderProgress::updateFromElement):
243         (WebCore::RenderProgress::layoutParts):
244         (WebCore::RenderProgress::shouldHaveParts):
245         * rendering/RenderProgress.h:
246         * rendering/style/RenderStyleConstants.h:
247
248 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
249
250         Reviewed by Sam Weinig.
251
252         Enhance ShadowBlur to render inset box shadows
253         https://bugs.webkit.org/show_bug.cgi?id=51567
254         
255         Use ShadowBlur for inset box-shadows with CG. It 
256         currently lacks a tiled version, but is still much
257         faster than CG shadows.
258
259         Test: fast/box-shadow/inset-box-shadow-radius.html
260
261         * platform/graphics/ShadowBlur.cpp:
262         * platform/graphics/ShadowBlur.h: New method for inset
263         shadows.
264         (WebCore::ShadowBlur::drawInsetShadow): 
265
266         * platform/graphics/GraphicsContext.cpp: #ifdef out
267         fillRectWithRoundedHole() for CG.
268
269         * platform/graphics/cg/GraphicsContextCG.cpp:
270         (WebCore::GraphicsContext::fillRectWithRoundedHole): If there's
271         a shadow with a radius > 0, use ShadowBlur.
272
273 2011-01-28  Kenneth Russell  <kbr@google.com>
274
275         Reviewed by Chris Marrin.
276
277         WebGL shows PNG Textures with indexed colors too dark
278         https://bugs.webkit.org/show_bug.cgi?id=47477
279
280         Properly handle indexed PNG images by re-rendering them as RGBA
281         images before upload. Verified with this layout test and the test
282         cases from bugs 47477 and 53269.
283
284         * platform/graphics/cg/GraphicsContext3DCG.cpp:
285         (WebCore::GraphicsContext3D::getImageData):
286
287 2011-01-27  MORITA Hajime  <morrita@google.com>
288
289         Reviewed by Dimitri Glazkov.
290         
291         Convert <progress> shadow DOM to a DOM-based shadow.
292         https://bugs.webkit.org/show_bug.cgi?id=50660
293
294         * Removed RenderProgress::m_valuePart, moved the shadow node
295           to the shadow root of HTMLProgressElement.
296         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
297           ProgressBarValueElement is defined only for overriding
298           shadowPseudoId().
299         
300         No new tests. No behavioral change.
301
302         * css/CSSSelector.cpp:
303         (WebCore::CSSSelector::pseudoId):
304         (WebCore::nameToPseudoTypeMap):
305         (WebCore::CSSSelector::extractPseudoType):
306         * css/CSSSelector.h:
307         * html/HTMLProgressElement.cpp:
308         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
309         (WebCore::ProgressBarValueElement::shadowPseudoId):
310         (WebCore::ProgressBarValueElement::create):
311         (WebCore::HTMLProgressElement::parseMappedAttribute):
312         (WebCore::HTMLProgressElement::attach):
313         (WebCore::HTMLProgressElement::valuePart):
314         (WebCore::HTMLProgressElement::didElementStateChange):
315         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
316         * html/HTMLProgressElement.h:
317         * rendering/RenderProgress.cpp:
318         (WebCore::RenderProgress::~RenderProgress):
319         (WebCore::RenderProgress::updateFromElement):
320         (WebCore::RenderProgress::layoutParts):
321         (WebCore::RenderProgress::shouldHaveParts):
322         (WebCore::RenderProgress::valuePart):
323         * rendering/RenderProgress.h:
324         * rendering/style/RenderStyleConstants.h:
325
326 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
327
328         Reviewed by Ariya Hidayat.
329
330         Enhance ShadowBlur to render inset box shadows; Part 1.
331         https://bugs.webkit.org/show_bug.cgi?id=51567
332         
333         Add a new method to GraphicsContext to render a rect with a rounded hole,
334         for use by inset box-shadow code. Knowledge that we're rendering a rounded
335         hole will enable ShadowBlur to be used here in future.
336
337         * platform/graphics/GraphicsContext.cpp:
338         (WebCore::GraphicsContext::fillRectWithRoundedHole):
339         * platform/graphics/GraphicsContext.h:
340         * rendering/RenderBoxModelObject.cpp:
341         (WebCore::RenderBoxModelObject::paintBoxShadow):
342
343 2011-01-23  MORITA Hajime  <morrita@google.com>
344
345         Reviewed by Eric Seidel.
346
347         REGRESSION: Inset shadow with too large border radius misses rounded corner.
348         https://bugs.webkit.org/show_bug.cgi?id=52800
349
350         The refactoring on r76083 broke the invariant between border
351         IntRect and its radii because RoundedIntRect::setRect() is called
352         after getRoundedInnerBorderWithBorderWidths(), which enforces the
353         invariant. Th rounded-rect clipping code verifies the invariant,
354         and discard the invalid radii, that results broken paintings.
355         
356         This change moved setRect() before
357         getRoundedInnerBorderWithBorderWidths() not to modify the valid
358         RoundedIntRect value.
359         
360         Test: fast/box-shadow/inset-with-extraordinary-radii-and-border.html
361
362         * rendering/RenderBoxModelObject.cpp:
363         (WebCore::RenderBoxModelObject::paintBoxShadow):
364
365 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
366
367         Attempt to fix Windows build by adding ShadowBlur.cpp/h to the
368         vcproj.
369
370         * WebCore.vcproj/WebCore.vcproj:
371
372 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
373
374         Reviewed by Dan Bernstein.
375
376         -webkit-box-shadow causes awful scroll/resize/redraw performance
377         https://bugs.webkit.org/show_bug.cgi?id=22102
378         
379         Use ShadowBlur for CG, whe rendering shadows on rects and
380         rounded rects outside of canvas.
381         
382         CG shadows with a radius of more than 8px do not render
383         correctly. We preserve this incorrect rendering by compensating
384         for it when rending -webkit-box-shadow. Calls that should use
385         this deprecated radius behavior now use setLegacyShadow().
386
387         Test: fast/box-shadow/box-shadow-transformed.html
388         
389         * html/canvas/CanvasRenderingContext2D.cpp: Use setLegacyShadow()
390         for canvas, to indicate that it should use the deprecated radius
391         behavior.
392         (WebCore::CanvasRenderingContext2D::setAllAttributesToDefault): Ditto.
393         (WebCore::CanvasRenderingContext2D::setShadow): Ditto.
394         (WebCore::CanvasRenderingContext2D::applyShadow): Ditto.
395         
396         * platform/graphics/GraphicsContext.cpp:
397         (WebCore::GraphicsContext::setLegacyShadow): Set the m_state.shadowsUseLegacyRadius bit.
398         
399         * platform/graphics/GraphicsContext.h:
400         (WebCore::GraphicsContextState::GraphicsContextState): Add a 
401         shadowsUseLegacyRadius bit to the state.
402         
403         * platform/graphics/cg/GraphicsContextCG.cpp:
404         (WebCore::radiusToLegacyRadius): Map from the actual radius to one
405         that approximates CG behavior.
406         (WebCore::hasBlurredShadow): Helper that returns true if we have a shadow
407         with a non-zero blur radius.
408         (WebCore::GraphicsContext::fillRect): Use ShadowBlur if not canvas.
409         (WebCore::GraphicsContext::fillRoundedRect): Ditto.
410         (WebCore::GraphicsContext::setPlatformShadow): Comment.
411
412         * rendering/RenderBoxModelObject.cpp:
413         (WebCore::RenderBoxModelObject::paintBoxShadow): Call setLegacyShadow()
414         for -webkit-box-shadow.
415
416         * platform/graphics/ShadowBlur.cpp: 
417         (WebCore::ShadowBlur::calculateLayerBoundingRect): Fix some pixel crack issues
418         by rounding up the blur radius.
419         (WebCore::ShadowBlur::drawRectShadow): Ditto
420         (WebCore::ShadowBlur::drawRectShadowWithTiling): Ditto.
421
422 2011-01-30  Oliver Hunt  <oliver@apple.com>
423
424         Try to fix Qt build (again).
425
426         * bridge/qt/qt_runtime.cpp:
427         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
428         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
429
430 2011-01-30  Oliver Hunt  <oliver@apple.com>
431
432         Try to fix Qt build.
433
434         * bridge/qt/qt_instance.cpp:
435         (JSC::Bindings::QtInstance::QtInstance):
436         (JSC::Bindings::QtInstance::removeCachedMethod):
437         (JSC::Bindings::QtInstance::markAggregate):
438         * bridge/qt/qt_instance.h:
439
440 2011-01-30  Oliver Hunt  <oliver@apple.com>
441
442         Convert markstack to a slot visitor API
443         https://bugs.webkit.org/show_bug.cgi?id=53219
444
445         rolling r77006 and r77020 back in.
446
447         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
448         * WebCore.exp.in:
449         * bindings/js/DOMWrapperWorld.h:
450         (WebCore::DOMWrapperWorld::globalData):
451         * bindings/js/JSAudioConstructor.cpp:
452         (WebCore::JSAudioConstructor::JSAudioConstructor):
453         * bindings/js/JSDOMBinding.cpp:
454         (WebCore::markDOMNodesForDocument):
455         (WebCore::markDOMObjectWrapper):
456         (WebCore::markDOMNodeWrapper):
457         * bindings/js/JSDOMGlobalObject.cpp:
458         (WebCore::JSDOMGlobalObject::markChildren):
459         (WebCore::JSDOMGlobalObject::setInjectedScript):
460         (WebCore::JSDOMGlobalObject::injectedScript):
461         * bindings/js/JSDOMGlobalObject.h:
462         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
463         (WebCore::getDOMConstructor):
464         * bindings/js/JSDOMWindowCustom.cpp:
465         (WebCore::JSDOMWindow::setLocation):
466         (WebCore::DialogHandler::dialogCreated):
467         * bindings/js/JSDOMWindowShell.cpp:
468         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
469         (WebCore::JSDOMWindowShell::setWindow):
470         (WebCore::JSDOMWindowShell::markChildren):
471         (WebCore::JSDOMWindowShell::unwrappedObject):
472         * bindings/js/JSDOMWindowShell.h:
473         (WebCore::JSDOMWindowShell::window):
474         (WebCore::JSDOMWindowShell::setWindow):
475         * bindings/js/JSDeviceMotionEventCustom.cpp:
476         (WebCore::createAccelerationObject):
477         (WebCore::createRotationRateObject):
478         * bindings/js/JSEventListener.cpp:
479         (WebCore::JSEventListener::JSEventListener):
480         (WebCore::JSEventListener::markJSFunction):
481         * bindings/js/JSEventListener.h:
482         (WebCore::JSEventListener::jsFunction):
483         * bindings/js/JSHTMLDocumentCustom.cpp:
484         (WebCore::JSHTMLDocument::setAll):
485         * bindings/js/JSImageConstructor.cpp:
486         (WebCore::JSImageConstructor::JSImageConstructor):
487         * bindings/js/JSImageDataCustom.cpp:
488         (WebCore::toJS):
489         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
490         (WebCore::JSJavaScriptCallFrame::scopeChain):
491         (WebCore::JSJavaScriptCallFrame::scopeType):
492         * bindings/js/JSNodeFilterCondition.cpp:
493         (WebCore::JSNodeFilterCondition::markAggregate):
494         (WebCore::JSNodeFilterCondition::acceptNode):
495         * bindings/js/JSNodeFilterCondition.h:
496         * bindings/js/JSNodeFilterCustom.cpp:
497         * bindings/js/JSOptionConstructor.cpp:
498         (WebCore::JSOptionConstructor::JSOptionConstructor):
499         * bindings/js/JSSQLResultSetRowListCustom.cpp:
500         (WebCore::JSSQLResultSetRowList::item):
501         * bindings/js/ScriptCachedFrameData.cpp:
502         (WebCore::ScriptCachedFrameData::restore):
503         * bindings/js/ScriptObject.cpp:
504         (WebCore::ScriptGlobalObject::set):
505         * bindings/js/SerializedScriptValue.cpp:
506         (WebCore::CloneDeserializer::putProperty):
507         * bindings/scripts/CodeGeneratorJS.pm:
508         * bridge/qt/qt_runtime.cpp:
509         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
510         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
511         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
512         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
513         * bridge/qt/qt_runtime.h:
514         * bridge/runtime_root.cpp:
515         (JSC::Bindings::RootObject::invalidate):
516         * bridge/runtime_root.h:
517         * dom/Document.h:
518
519 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
520
521         Reviewed by Sam Weinig.
522
523         Make ContextShadow code cross-platform
524         https://bugs.webkit.org/show_bug.cgi?id=51312
525
526         Add a new class, ShadowBlur, that contains most of the
527         code from ContextShadow, but is fully cross-platform.
528         It depends on one new method, GraphicsContext::clipBounds(),
529         which platforms will have to implement.
530         
531         Add ShadowBlur to the Mac Xcode project, but don't use it
532         anywhere yet.
533
534         * WebCore.xcodeproj/project.pbxproj:
535         * platform/graphics/GraphicsContext.cpp:
536         (WebCore::GraphicsContext::clipBounds):
537         * platform/graphics/GraphicsContext.h:
538         * platform/graphics/ShadowBlur.cpp: Added.
539         (WebCore::roundUpToMultipleOf32):
540         (WebCore::ScratchBuffer::ScratchBuffer):
541         (WebCore::ScratchBuffer::getScratchBuffer):
542         (WebCore::ScratchBuffer::scheduleScratchBufferPurge):
543         (WebCore::ScratchBuffer::timerFired):
544         (WebCore::ScratchBuffer::clearScratchBuffer):
545         (WebCore::ScratchBuffer::shared):
546         (WebCore::ShadowBlur::ShadowBlur):
547         (WebCore::ShadowBlur::blurLayerImage):
548         (WebCore::ShadowBlur::adjustBlurDistance):
549         (WebCore::ShadowBlur::calculateLayerBoundingRect):
550         (WebCore::ShadowBlur::beginShadowLayer):
551         (WebCore::ShadowBlur::endShadowLayer):
552         (WebCore::ShadowBlur::drawRectShadow):
553         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
554         (WebCore::ShadowBlur::drawRectShadowWithTiling):
555         (WebCore::ShadowBlur::clipBounds):
556         * platform/graphics/ShadowBlur.h: Added.
557         (WebCore::ShadowBlur::setShadowsIgnoreTransforms):
558         (WebCore::ShadowBlur::shadowsIgnoreTransforms):
559         * platform/graphics/cg/GraphicsContextCG.cpp:
560         (WebCore::GraphicsContext::clipBounds):
561
562 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
563
564         Reviewed by Dan Bernstein.
565
566         CSS3 gradients with em-based stops fail to repaint when font size changes
567         https://bugs.webkit.org/show_bug.cgi?id=51845
568         
569         Mark as uncacheable gradidients whose color stops depend on font size,
570         and don't attempt to put these into CSSImageGeneratorValue's image cache.
571         This means we return a new gradient each time, which is fairly cheap, and
572         fixes repaint issues under changing font size.
573
574         Test: fast/repaint/gradients-em-stops-repaint.html
575
576         * css/CSSGradientValue.cpp:
577         (WebCore::CSSGradientValue::image):
578         (WebCore::CSSGradientValue::isCacheable):
579         * css/CSSGradientValue.h:
580
581 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
582
583         Undo try to fix the Qt build.
584         
585         My guess didn't work.
586
587         * WebCore.pro:
588
589 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
590
591         Try to fix the Qt build.
592
593         * WebCore.pro: Added platform/text/CharacterNames.h.
594
595 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
596
597         Reviewed by Maciej Stachowiak.
598
599         Some more Heap cleanup.
600         https://bugs.webkit.org/show_bug.cgi?id=53357
601         
602         Updated for JavaScriptCore changes.
603
604         * bindings/js/ScriptGCEvent.cpp:
605         (WebCore::ScriptGCEvent::getHeapSize):
606
607 2011-01-29  Adam Barth  <abarth@webkit.org>
608
609         Reviewed by Daniel Bates.
610
611         Fix XSSFilter crash when extracting the source for a token twice
612         https://bugs.webkit.org/show_bug.cgi?id=53368
613
614         Previously, it was unsafe to extract the source for the same token
615         twice because the HTMLSourceTracker would advance its internal
616         representation of the SegmentedString.  This patch introduces a cache
617         to make calling HTMLSourceTracker::sourceForToken multiple times safe.
618
619         * html/parser/HTMLSourceTracker.cpp:
620         (WebCore::HTMLSourceTracker::end):
621         (WebCore::HTMLSourceTracker::sourceForToken):
622         * html/parser/HTMLSourceTracker.h:
623
624 2011-01-29  Maciej Stachowiak  <mjs@apple.com>
625
626         Reviewed by Dan Bernstein.
627
628         Fix fat build for both 32-bit and 64-bit under llvm-gcc 4.2
629         https://bugs.webkit.org/show_bug.cgi?id=53386
630
631         * platform/mac/ScrollAnimatorMac.mm:
632         (WebCore::elasticDeltaForReboundDelta):
633         (WebCore::scrollWheelMultiplier):
634         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
635         (WebCore::ScrollAnimatorMac::beginScrollGesture):
636         (WebCore::roundTowardZero):
637         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
638
639 2011-01-29  Daniel Bates  <dbates@rim.com>
640
641         Reviewed by Maciej Stachowiak.
642
643         Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
644         https://bugs.webkit.org/show_bug.cgi?id=53382
645
646         Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
647         So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
648         Therefore, we should remove such references.
649
650         * CMakeLists.txt:
651
652 2011-01-29  Sam Weinig  <sam@webkit.org>
653
654         Reviewed by Jon Honeycutt.
655
656         Fix 32-bit build on the Mac.
657
658         * platform/mac/ScrollAnimatorMac.mm:
659         (WebCore::roundTowardZero):
660         (WebCore::roundToDevicePixelTowardZero):
661         Use floats instead of doubles to avoid double-to-float conversion
662         issues.
663
664 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
665
666         Reviewed by Adam Barth.
667
668         Use clampToInteger() functions in a few places
669         https://bugs.webkit.org/show_bug.cgi?id=53363
670         
671         * css/CSSStyleSelector.cpp:
672         (WebCore::CSSStyleSelector::applyProperty): Use clampToInteger() for z-index.
673         (WebCore::CSSStyleSelector::createTransformOperations): Use clampToPositiveInteger().
674         * platform/graphics/transforms/PerspectiveTransformOperation.cpp: Ditto.
675         (WebCore::PerspectiveTransformOperation::blend): Ditto.
676
677 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
678
679         Reviewed by David Kilzer.
680
681         Move CharacterNames.h into WTF directory
682         https://bugs.webkit.org/show_bug.cgi?id=49618
683
684         * ForwardingHeaders/wtf/unicode/CharacterNames.h: Added.
685         * GNUmakefile.am:
686         * WebCore.gypi:
687         * WebCore.vcproj/WebCore.vcproj:
688         * WebCore.xcodeproj/project.pbxproj:
689         * accessibility/AccessibilityObject.cpp:
690         * accessibility/AccessibilityRenderObject.cpp:
691         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
692         * bindings/js/JSHTMLDocumentCustom.cpp:
693         * dom/Position.cpp:
694         * dom/SelectElement.cpp:
695         * editing/CompositeEditCommand.cpp:
696         * editing/Editor.cpp:
697         * editing/HTMLInterchange.cpp:
698         * editing/InsertTextCommand.cpp:
699         * editing/MarkupAccumulator.cpp:
700         * editing/TextIterator.cpp:
701         * editing/VisibleSelection.cpp:
702         * editing/htmlediting.cpp:
703         * editing/htmlediting.h:
704         * editing/markup.cpp:
705         * html/FTPDirectoryDocument.cpp:
706         * html/HTMLFormControlElement.cpp:
707         * html/parser/HTMLTreeBuilder.cpp:
708         * loader/appcache/ManifestParser.cpp:
709         * platform/chromium/PopupMenuChromium.cpp:
710         * platform/graphics/Font.h:
711         * platform/graphics/FontFastPath.cpp:
712         * platform/graphics/GlyphPageTreeNode.cpp:
713         * platform/graphics/StringTruncator.cpp:
714         * platform/graphics/mac/ComplexTextController.cpp:
715         * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
716         * platform/graphics/wince/GraphicsContextWinCE.cpp:
717         * platform/mac/PasteboardMac.mm:
718         * platform/text/TextCodecICU.cpp:
719         * platform/text/mac/TextCodecMac.cpp:
720         * platform/text/transcoder/FontTranscoder.cpp:
721         * rendering/RenderBlockLineLayout.cpp:
722         * rendering/RenderFlexibleBox.cpp:
723         * rendering/RenderListMarker.cpp:
724         * rendering/RenderText.cpp:
725         * rendering/RenderTextControl.cpp:
726         * rendering/RenderTreeAsText.cpp:
727         * rendering/break_lines.cpp:
728         * rendering/mathml/RenderMathMLOperator.h:
729         * websockets/WebSocketHandshake.cpp:
730         * wml/WMLTableElement.cpp:
731
732 2011-01-29  Dan Winship  <danw@gnome.org>
733
734         Reviewed by Xan Lopez.
735
736         [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
737         libsoup 2.33.1 now.
738         https://bugs.webkit.org/show_bug.cgi?id=50675
739
740         * platform/network/soup/CookieJarSoup.cpp:
741         (WebCore::defaultCookieJar):
742         (WebCore::setCookies):
743         * platform/network/soup/ResourceHandleSoup.cpp:
744         (WebCore::ResourceHandle::prepareForURL):
745         (WebCore::restartedCallback):
746         (WebCore::startHttp):
747         * platform/network/soup/ResourceRequestSoup.cpp:
748         (WebCore::ResourceRequest::updateSoupMessage):
749         (WebCore::ResourceRequest::toSoupMessage):
750         (WebCore::ResourceRequest::updateFromSoupMessage):
751
752 2011-01-29  Adam Barth  <abarth@webkit.org>
753
754         Reviewed by Daniel Bates.
755
756         XSSFilter should replace URLs with about:blank instead of the empty string
757         https://bugs.webkit.org/show_bug.cgi?id=53370
758
759         Using the empty string will make the URL complete to the current
760         document's URL, which isn't really what we want.  Instead, we want to
761         use about:blank, which is safe.
762
763         * html/parser/XSSFilter.cpp:
764         (WebCore::XSSFilter::filterObjectToken):
765         (WebCore::XSSFilter::filterEmbedToken):
766
767 2011-01-29  Adam Barth  <abarth@webkit.org>
768
769         Reviewed by Daniel Bates.
770
771         XSSFilter should pass xssAuditor/script-tag-addslashes*
772         https://bugs.webkit.org/show_bug.cgi?id=53365
773
774         We need to canonicalize strings to avoid being tricked by addslashes.
775
776         * html/parser/XSSFilter.cpp:
777         (WebCore::HTMLNames::isNonCanonicalCharacter):
778             - This function is copied from the XSSAuditor (with some tweaks).
779               We'll eventually remove the XSSAuditor once we've got XSSFilter
780               working properly.
781         (WebCore::HTMLNames::canonicalize):
782         (WebCore::HTMLNames::decodeURL):
783         (WebCore::XSSFilter::isContainedInRequest):
784
785 2011-01-29  Adam Barth  <abarth@webkit.org>
786
787         Reviewed by Daniel Bates.
788
789         XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
790         and xssAuditor/script-tag-post-*
791         https://bugs.webkit.org/show_bug.cgi?id=53364
792
793         We're supposed to allow loading same-origin resources even if they
794         appear as part of the request.
795
796         Also, we're supposed to look at the POST data too.  :)
797
798         * html/parser/XSSFilter.cpp:
799         (WebCore::XSSFilter::eraseAttributeIfInjected):
800         (WebCore::XSSFilter::isSameOriginResource):
801             - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
802               eventually remove the XSSAuditor version when XSSFilter is done.
803         * html/parser/XSSFilter.h:
804
805 2011-01-29  Adam Barth  <abarth@webkit.org>
806
807         Reviewed by Daniel Bates.
808
809         XSSFilter should pass 16 of the xssAuditor/script-tag* tests
810         https://bugs.webkit.org/show_bug.cgi?id=53362
811
812         Turns out we need to replace the src attribute of script tags with
813         about:blank to avoid loading the main document URL as a script.  Also,
814         move misplaced return statement that was triggering the console message
815         too often.
816
817         * html/parser/HTMLToken.h:
818         (WebCore::HTMLToken::appendToAttributeValue):
819         * html/parser/XSSFilter.cpp:
820         (WebCore::XSSFilter::filterScriptToken):
821         (WebCore::XSSFilter::eraseAttributeIfInjected):
822         * html/parser/XSSFilter.h:
823
824 2011-01-28  Jon Honeycutt  <jhoneycutt@apple.com>
825
826         Downloads in WK2 on Windows should write resume data to bundle
827         https://bugs.webkit.org/show_bug.cgi?id=53282
828         <rdar://problem/8753077>
829
830         Reviewed by Alice Liu.
831
832         * WebCore.vcproj/WebCore.vcproj:
833         Added new files to project.
834
835         * platform/network/cf/DownloadBundle.h: Added.
836         * platform/network/win/DownloadBundleWin.cpp: Added.
837         (WebCore::DownloadBundle::magicNumber):
838         Moved from WebKit's WebDownload so that WebKit and WebKit2 can share
839         it.
840         (WebCore::DownloadBundle::fileExtension):
841         Ditto.
842         (WebCore::DownloadBundle::appendResumeData):
843         Ditto - but modified to return bool rather than HRESULT and to clean up
844         whitespace.
845         (WebCore::DownloadBundle::extractResumeData):
846         Ditto - modified to clean up whitespace.
847
848 2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>
849
850         Unreviewed, rolling out r77050.
851         http://trac.webkit.org/changeset/77050
852         https://bugs.webkit.org/show_bug.cgi?id=53371
853
854         Caused a crash in Chromium's test_shell_tests (Requested by
855         rniwa on #webkit).
856
857         * html/parser/HTMLTreeBuilder.cpp:
858         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
859         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
860         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
861         * html/parser/HTMLTreeBuilder.h:
862
863 2011-01-28  Eric Seidel  <eric@webkit.org>
864
865         Reviewed by Darin Adler.
866
867         HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
868         https://bugs.webkit.org/show_bug.cgi?id=48719
869
870         It's unclear exactly what the Peacekeeper benchmark is testing,
871         because I haven't found a way to run it myself.
872
873         However, I constructed a benchmark which shows at least one possible slow point.
874         The HTML5 spec talks about creating a new document for every time we use
875         the fragment parsing algorithm.  Document() it turns out, it a huge bloated
876         mess, and the constructor and destructor do a huge amount of work.
877         To avoid constructing (or destructing) documents for each innerHTML call,
878         this patch adds a shared dummy document used by all innerHTML calls.
879
880         This patch brings us from 7x slower than Safari 5 on tiny-innerHTML
881         to only 1.5x slower than Safari 5.  I'm sure there is more work to do here.
882
883         Saving a shared Document like this is error prone.  Currently
884         DummyDocumentFactory::releaseDocument() calls removeAllChildren()
885         in an attempt to clear the Document's state. However it's possible
886         that that call is not sufficient and we'll have future bugs here.
887
888         * html/parser/HTMLTreeBuilder.cpp:
889         (WebCore::DummyDocumentFactory::createDummyDocument):
890         (WebCore::DummyDocumentFactory::releaseDocument):
891         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
892         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
893         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
894         * html/parser/HTMLTreeBuilder.h:
895
896 2011-01-28  Johnny Ding  <jnd@chromium.org>
897
898         Reviewed by Adam Barth.
899
900         Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
901         The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
902         https://bugs.webkit.org/show_bug.cgi?id=53244
903
904         Test: fast/events/popup-blocked-from-iframe-src.html
905
906         * bindings/ScriptControllerBase.cpp:
907         (WebCore::ScriptController::executeIfJavaScriptURL):
908
909 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
910
911         Reviewed by Gavin Barraclough.
912
913         Add various clampToInt() methods to MathExtras.h
914         https://bugs.webkit.org/show_bug.cgi?id=52910
915
916         Use clampToInteger() from MathExtras.h
917
918         * css/CSSParser.cpp:
919         (WebCore::CSSParser::parseCounter):
920
921 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
922
923         Unreviewed, rolling out r77006 and r77020.
924         http://trac.webkit.org/changeset/77006
925         http://trac.webkit.org/changeset/77020
926         https://bugs.webkit.org/show_bug.cgi?id=53360
927
928         "Broke Windows tests" (Requested by rniwa on #webkit).
929
930         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
931         * WebCore.exp.in:
932         * bindings/js/DOMWrapperWorld.h:
933         * bindings/js/JSAudioConstructor.cpp:
934         (WebCore::JSAudioConstructor::JSAudioConstructor):
935         * bindings/js/JSDOMBinding.cpp:
936         (WebCore::markDOMNodesForDocument):
937         (WebCore::markDOMObjectWrapper):
938         (WebCore::markDOMNodeWrapper):
939         * bindings/js/JSDOMGlobalObject.cpp:
940         (WebCore::JSDOMGlobalObject::markChildren):
941         (WebCore::JSDOMGlobalObject::setInjectedScript):
942         (WebCore::JSDOMGlobalObject::injectedScript):
943         * bindings/js/JSDOMGlobalObject.h:
944         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
945         (WebCore::getDOMConstructor):
946         * bindings/js/JSDOMWindowCustom.cpp:
947         (WebCore::JSDOMWindow::setLocation):
948         (WebCore::DialogHandler::dialogCreated):
949         * bindings/js/JSDOMWindowShell.cpp:
950         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
951         (WebCore::JSDOMWindowShell::setWindow):
952         (WebCore::JSDOMWindowShell::markChildren):
953         (WebCore::JSDOMWindowShell::unwrappedObject):
954         * bindings/js/JSDOMWindowShell.h:
955         (WebCore::JSDOMWindowShell::window):
956         (WebCore::JSDOMWindowShell::setWindow):
957         * bindings/js/JSDeviceMotionEventCustom.cpp:
958         (WebCore::createAccelerationObject):
959         (WebCore::createRotationRateObject):
960         * bindings/js/JSEventListener.cpp:
961         (WebCore::JSEventListener::JSEventListener):
962         (WebCore::JSEventListener::markJSFunction):
963         * bindings/js/JSEventListener.h:
964         (WebCore::JSEventListener::jsFunction):
965         * bindings/js/JSHTMLDocumentCustom.cpp:
966         (WebCore::JSHTMLDocument::setAll):
967         * bindings/js/JSImageConstructor.cpp:
968         (WebCore::JSImageConstructor::JSImageConstructor):
969         * bindings/js/JSImageDataCustom.cpp:
970         (WebCore::toJS):
971         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
972         (WebCore::JSJavaScriptCallFrame::scopeChain):
973         (WebCore::JSJavaScriptCallFrame::scopeType):
974         * bindings/js/JSNodeFilterCondition.cpp:
975         (WebCore::JSNodeFilterCondition::markAggregate):
976         (WebCore::JSNodeFilterCondition::acceptNode):
977         * bindings/js/JSNodeFilterCondition.h:
978         * bindings/js/JSNodeFilterCustom.cpp:
979         * bindings/js/JSOptionConstructor.cpp:
980         (WebCore::JSOptionConstructor::JSOptionConstructor):
981         * bindings/js/JSSQLResultSetRowListCustom.cpp:
982         (WebCore::JSSQLResultSetRowList::item):
983         * bindings/js/ScriptCachedFrameData.cpp:
984         (WebCore::ScriptCachedFrameData::restore):
985         * bindings/js/ScriptObject.cpp:
986         (WebCore::ScriptGlobalObject::set):
987         * bindings/js/SerializedScriptValue.cpp:
988         (WebCore::CloneDeserializer::putProperty):
989         * bindings/scripts/CodeGeneratorJS.pm:
990         * bridge/qt/qt_runtime.cpp:
991         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
992         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
993         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
994         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
995         * bridge/qt/qt_runtime.h:
996         * bridge/runtime_root.cpp:
997         (JSC::Bindings::RootObject::invalidate):
998         * bridge/runtime_root.h:
999         * dom/Document.h:
1000
1001 2011-01-28  Adam Barth  <abarth@webkit.org>
1002
1003         Reviewed by Eric Seidel.
1004
1005         XSSFilter should log to the console when it blocks something
1006         https://bugs.webkit.org/show_bug.cgi?id=53354
1007
1008         This patch refactors a bunch of methods in XSSFilter to return a bool
1009         indicating whether they blocked anything.  Using this bool, we decide
1010         whether to log to the console.  We're using the same log message as the
1011         XSSAuditor, but it seems likely we can improve this message in the
1012         future (especially by piping in the correct line number, which is now
1013         accessible via the parser).
1014
1015         * html/parser/XSSFilter.cpp:
1016         (WebCore::HTMLNames::isNameOfInlineEventHandler):
1017         (WebCore::XSSFilter::filterToken):
1018         (WebCore::XSSFilter::filterTokenInitial):
1019         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
1020         (WebCore::XSSFilter::filterScriptToken):
1021         (WebCore::XSSFilter::filterObjectToken):
1022         (WebCore::XSSFilter::filterEmbedToken):
1023         (WebCore::XSSFilter::filterAppletToken):
1024         (WebCore::XSSFilter::filterMetaToken):
1025         (WebCore::XSSFilter::filterBaseToken):
1026         (WebCore::XSSFilter::eraseInlineEventHandlersIfInjected):
1027         * html/parser/XSSFilter.h:
1028
1029 2011-01-28  Adam Barth  <abarth@webkit.org>
1030
1031         Reviewed by Daniel Bates.
1032
1033         Wire up settings->xssAuditorEnabled to XSSFilter
1034         https://bugs.webkit.org/show_bug.cgi?id=53345
1035
1036         * html/parser/XSSFilter.cpp:
1037         (WebCore::XSSFilter::XSSFilter):
1038         (WebCore::XSSFilter::filterToken):
1039         * html/parser/XSSFilter.h:
1040
1041 2011-01-28  Adam Barth  <abarth@webkit.org>
1042
1043         Reviewed by Daniel Bates.
1044
1045         Teach XSSFilter about <meta> and <base> tags
1046         https://bugs.webkit.org/show_bug.cgi?id=53339
1047
1048         I'm not 100% sure we need to block <meta http-equiv>, but it seems
1049         prudent given how powerful that attribute is.  We definitely need to
1050         block injection of <base href> because that can redirect script tags
1051         that use relative URLs.
1052
1053         * html/parser/XSSFilter.cpp:
1054         (WebCore::XSSFilter::filterToken):
1055         (WebCore::XSSFilter::filterMetaToken):
1056         (WebCore::XSSFilter::filterBaseToken):
1057         * html/parser/XSSFilter.h:
1058
1059 2011-01-28  Adam Barth  <abarth@webkit.org>
1060
1061         Reviewed by Daniel Bates.
1062
1063         Teach XSSFilter about <applet>
1064         https://bugs.webkit.org/show_bug.cgi?id=53338
1065
1066         HTML5 is pretty light on information about how the <applet> tag works.
1067         According to this site:
1068
1069         http://download.oracle.com/javase/1.4.2/docs/guide/misc/applet.html
1070
1071         The "code" and "object" attributes are the essential attributes for
1072         determining which piece of Java to run.  We might need to expand to the
1073         codebase and archive attributes at some point, but hopefully code and
1074         object will be sufficient.
1075
1076         * html/parser/XSSFilter.cpp:
1077         (WebCore::XSSFilter::filterToken):
1078         (WebCore::XSSFilter::filterAppletToken):
1079         * html/parser/XSSFilter.h:
1080
1081 2011-01-28  Adam Barth  <abarth@webkit.org>
1082
1083         Reviewed by Daniel Bates.
1084
1085         Teach the XSSFilter about object and embed tags
1086         https://bugs.webkit.org/show_bug.cgi?id=53336
1087
1088         For <object> and <embed>, we filter out attribute values that either
1089         indicate which piece of media to load or which plugin to load.  In a
1090         perfect world, we'd only need to filter out the URLs of the media, but
1091         some plug-ins (like Flash) have lots of fun places you can hide the
1092         URL (e.g., the "movie" <param>).
1093
1094         * html/parser/XSSFilter.cpp:
1095         (WebCore::XSSFilter::filterToken):
1096         (WebCore::XSSFilter::filterScriptToken):
1097         (WebCore::XSSFilter::filterObjectToken):
1098         (WebCore::XSSFilter::filterEmbedToken):
1099         (WebCore::XSSFilter::eraseAttributeIfInjected):
1100         * html/parser/XSSFilter.h:
1101
1102 2011-01-28  Oliver Hunt  <oliver@apple.com>
1103
1104         Fix Qt build.
1105
1106         * bridge/qt/qt_runtime.cpp:
1107         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1108         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1109         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1110         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1111         * bridge/qt/qt_runtime.h:
1112
1113 2011-01-28  Antti Koivisto  <antti@apple.com>
1114
1115         Reviewed by Simon Fraser.
1116
1117         CSS styles are shared based on uninitialized property values
1118         https://bugs.webkit.org/show_bug.cgi?id=53285
1119         
1120         Null test.
1121
1122         * dom/NamedNodeMap.cpp:
1123         (WebCore::NamedNodeMap::mappedMapsEquivalent):
1124
1125 2011-01-27  Oliver Hunt  <oliver@apple.com>
1126
1127         Reviewed by Geoffrey Garen.
1128
1129         Convert markstack to a slot visitor API
1130         https://bugs.webkit.org/show_bug.cgi?id=53219
1131
1132         Update WebCore to the new marking apis, correct bindings
1133         codegen. 
1134
1135         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
1136         * WebCore.exp.in:
1137         * bindings/js/DOMWrapperWorld.h:
1138         (WebCore::DOMWrapperWorld::globalData):
1139         * bindings/js/JSAudioConstructor.cpp:
1140         (WebCore::JSAudioConstructor::JSAudioConstructor):
1141         * bindings/js/JSDOMBinding.cpp:
1142         (WebCore::markDOMNodesForDocument):
1143         (WebCore::markDOMObjectWrapper):
1144         (WebCore::markDOMNodeWrapper):
1145         * bindings/js/JSDOMGlobalObject.cpp:
1146         (WebCore::JSDOMGlobalObject::markChildren):
1147         (WebCore::JSDOMGlobalObject::setInjectedScript):
1148         (WebCore::JSDOMGlobalObject::injectedScript):
1149         * bindings/js/JSDOMGlobalObject.h:
1150         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1151         (WebCore::getDOMConstructor):
1152         * bindings/js/JSDOMWindowCustom.cpp:
1153         (WebCore::JSDOMWindow::setLocation):
1154         (WebCore::DialogHandler::dialogCreated):
1155         * bindings/js/JSDOMWindowShell.cpp:
1156         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1157         (WebCore::JSDOMWindowShell::setWindow):
1158         (WebCore::JSDOMWindowShell::markChildren):
1159         (WebCore::JSDOMWindowShell::unwrappedObject):
1160         * bindings/js/JSDOMWindowShell.h:
1161         (WebCore::JSDOMWindowShell::window):
1162         (WebCore::JSDOMWindowShell::setWindow):
1163         * bindings/js/JSEventListener.cpp:
1164         (WebCore::JSEventListener::JSEventListener):
1165         (WebCore::JSEventListener::markJSFunction):
1166         * bindings/js/JSEventListener.h:
1167         (WebCore::JSEventListener::jsFunction):
1168         * bindings/js/JSHTMLDocumentCustom.cpp:
1169         (WebCore::JSHTMLDocument::setAll):
1170         * bindings/js/JSImageConstructor.cpp:
1171         (WebCore::JSImageConstructor::JSImageConstructor):
1172         * bindings/js/JSImageDataCustom.cpp:
1173         (WebCore::toJS):
1174         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1175         (WebCore::JSJavaScriptCallFrame::scopeChain):
1176         (WebCore::JSJavaScriptCallFrame::scopeType):
1177         * bindings/js/JSNodeFilterCondition.cpp:
1178         (WebCore::JSNodeFilterCondition::markAggregate):
1179         (WebCore::JSNodeFilterCondition::acceptNode):
1180         * bindings/js/JSNodeFilterCondition.h:
1181         * bindings/js/JSNodeFilterCustom.cpp:
1182         * bindings/js/JSOptionConstructor.cpp:
1183         (WebCore::JSOptionConstructor::JSOptionConstructor):
1184         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1185         (WebCore::JSSQLResultSetRowList::item):
1186         * bindings/js/ScriptCachedFrameData.cpp:
1187         (WebCore::ScriptCachedFrameData::restore):
1188         * bindings/js/ScriptObject.cpp:
1189         (WebCore::ScriptGlobalObject::set):
1190         * bindings/js/SerializedScriptValue.cpp:
1191         (WebCore::CloneDeserializer::putProperty):
1192         * bindings/scripts/CodeGeneratorJS.pm:
1193         * dom/Document.h:
1194
1195 2011-01-28  Sam Weinig  <sam@webkit.org>
1196
1197         Reviewed by Anders Carlsson.
1198
1199         Keyboard scrolling doesn’t work in WebKit2
1200         <rdar://problem/8909672>
1201
1202         * platform/mac/ScrollAnimatorMac.mm:
1203         (-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
1204         (-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
1205         Add additional necessary delegate methods.
1206
1207 2011-01-29  Darin Adler  <darin@apple.com>
1208
1209         Reviewed by Dan Bernstein.
1210
1211         Re-land this patch with the missing null check that caused crashes in layout tests.
1212
1213         Changing cursor style has no effect until the mouse moves
1214         https://bugs.webkit.org/show_bug.cgi?id=14344
1215         rdar://problem/7563712
1216
1217         No tests added because we don't have infrastructure for testing actual cursor
1218         changes (as opposed to cursor style computation) at this time. We might add it later.
1219
1220         * page/EventHandler.cpp:
1221         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
1222         * page/EventHandler.h: Ditto.
1223
1224         * rendering/RenderObject.cpp:
1225         (WebCore::areNonIdenticalCursorListsEqual): Added.
1226         (WebCore::areCursorsEqual): Added.
1227         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
1228         cursor styles changed.
1229
1230 2011-01-28  Justin Schuh  <jschuh@chromium.org>
1231
1232         Reviewed by Eric Seidel.
1233
1234         We should hold RefPtrs to SVG font faces
1235         https://bugs.webkit.org/show_bug.cgi?id=53270
1236
1237         Test: svg/custom/use-multiple-on-nested-disallowed-font.html
1238
1239         * css/CSSFontFaceSource.cpp:
1240         (WebCore::CSSFontFaceSource::getFontData):
1241         * css/CSSFontFaceSource.h:
1242         * svg/SVGFontFaceElement.cpp:
1243         (WebCore::SVGFontFaceElement::associatedFontElement):
1244         * svg/SVGFontFaceElement.h:
1245
1246 2011-01-28  Zhenyao Mo  <zmo@google.com>
1247
1248         Reviewed by Kenneth Russell.
1249
1250         uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
1251         https://bugs.webkit.org/show_bug.cgi?id=53306
1252
1253         * html/canvas/WebGLRenderingContext.cpp:
1254         (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
1255
1256 2011-01-28  Tom Sepez  <tsepez@chromium.org>
1257
1258         Reviewed by Eric Seidel.
1259
1260         NULL pointer crash in TextIterator::handleTextBox()
1261         https://bugs.webkit.org/show_bug.cgi?id=53267
1262
1263         Test: fast/css/rtl-nth-child-first-letter-crash.html
1264
1265         * editing/TextIterator.cpp:
1266         (WebCore::TextIterator::handleTextBox):
1267
1268 2011-01-28  Adrienne Walker  <enne@google.com>
1269
1270         Reviewed by Kenneth Russell.
1271
1272         [chromium] Remove a spurious diagnostic CRASH check.
1273         https://bugs.webkit.org/show_bug.cgi?id=52379
1274
1275         * platform/graphics/chromium/LayerTilerChromium.cpp:
1276         (WebCore::LayerTilerChromium::invalidateRect):
1277
1278 2011-01-28  Dan Bernstein  <mitz@apple.com>
1279
1280         Reviewed by Sam Weinig.
1281
1282         <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
1283         https://bugs.webkit.org/show_bug.cgi?id=19785
1284
1285         Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
1286         direction corresponding to the writing direction of the <select> element, with the checkmarks
1287         on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
1288         pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
1289         which returns true for this pop-up behavior.
1290
1291         * loader/EmptyClients.h:
1292         (WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
1293         * manual-tests/pop-up-alignment-and-direction.html: Added.
1294         * page/Chrome.cpp:
1295         (WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
1296         client.
1297         * page/Chrome.h:
1298         * page/ChromeClient.h:
1299         * platform/PopupMenuStyle.h:
1300         (WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
1301         variable initialization.
1302         (WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
1303         * platform/mac/PopupMenuMac.mm:
1304         (WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
1305         to match the menu's writing direction. Set items' writing direction and direction override
1306         according to their styles.
1307         * rendering/RenderMenuList.cpp:
1308         (WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
1309         (WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
1310         menu's writing direction, use that alignment for the button as well. Also in this mode, use the
1311         item's writing direction and override setting.
1312         (WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
1313         (WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
1314         (WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
1315         * rendering/RenderMenuList.h:
1316         * rendering/RenderTextControlSingleLine.cpp:
1317         (WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.
1318
1319 2011-01-28  Adam Barth  <abarth@webkit.org>
1320
1321         Reviewed by Daniel Bates.
1322
1323         Teach XSSFilter how to filter <script> elements
1324         https://bugs.webkit.org/show_bug.cgi?id=53279
1325
1326         This patch adds the ability for the XSSFilter to block injected
1327         <script> elements.  Handling script elements is slightly subtle because
1328         these elements act very differently depending on whether they have a
1329         src attribute.
1330         
1331         In the "src case", which check whether the src attribute was present in
1332         the request.  In the "non-src case", we check whether the start tag and
1333         the body of the script element was included in the request.  Checking
1334         for the whole start tag means we miss out on some attribute splitting
1335         attacks inside of script tags, but that doesn't seem like that big a
1336         deal.
1337
1338         This patch also introduces some amount of state into the XSSFilter
1339         because inline script elements span multiple tokens.  There's a lot of
1340         tuning and optimization left in these cases, some of which I've noted
1341         with FIXMEs.
1342
1343         To test this patch, I played around with some of the existing
1344         XSSAuditor tests.  Hopefully I'll be able to run the test suite more
1345         systematically in the future.
1346
1347         * html/parser/HTMLToken.h:
1348         (WebCore::HTMLToken::eraseCharacters):
1349         (WebCore::HTMLToken::eraseValueOfAttribute):
1350         * html/parser/XSSFilter.cpp:
1351         (WebCore::HTMLNames::hasName):
1352         (WebCore::HTMLNames::findAttributeWithName):
1353         (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
1354         (WebCore::XSSFilter::XSSFilter):
1355         (WebCore::XSSFilter::filterToken):
1356         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
1357         (WebCore::XSSFilter::filterScriptToken):
1358         (WebCore::XSSFilter::snippetForRange):
1359         (WebCore::XSSFilter::snippetForAttribute):
1360         * html/parser/XSSFilter.h:
1361
1362 2011-01-28  Adam Barth  <abarth@webkit.org>
1363
1364         Reviewed by Daniel Bates.
1365
1366         Sketch out new XSS filter design (disabled by default)
1367         https://bugs.webkit.org/show_bug.cgi?id=53205
1368
1369         This patch adds a basic sketch of the new XSS filter design.  Rather
1370         than watching scripts as they execute, in this design, we watch tokens
1371         emitted by the tokenizer.  We then map the tokens directly back into
1372         input characters, which lets us skip all the complicated logic related
1373         to HTML entities and double-decoding of JavaScript URLs.
1374
1375         This patch contains only the bare essentially machinery.  I'll add more
1376         in future patches and eventually remove the previous code once this
1377         code is up and running correctly.
1378
1379         * Android.mk:
1380         * CMakeLists.txt:
1381         * GNUmakefile.am:
1382         * WebCore.gypi:
1383         * WebCore.pro:
1384         * WebCore.vcproj/WebCore.vcproj:
1385         * WebCore.xcodeproj/project.pbxproj:
1386         * html/parser/HTMLDocumentParser.cpp:
1387         (WebCore::HTMLDocumentParser::HTMLDocumentParser):
1388         (WebCore::HTMLDocumentParser::pumpTokenizer):
1389         (WebCore::HTMLDocumentParser::sourceForToken):
1390         * html/parser/HTMLDocumentParser.h:
1391         * html/parser/XSSFilter.cpp: Added.
1392         * html/parser/XSSFilter.h: Added.
1393
1394 2011-01-28  Michael Saboff  <msaboff@apple.com>
1395
1396         Reviewed by Geoffrey Garen.
1397
1398         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1399         https://bugs.webkit.org/show_bug.cgi?id=53271
1400
1401         Reapplying this patch with the change that the second ASSERT in 
1402         RootObject::removeRuntimeObject was changed to use
1403         .uncheckedGet() instead of the failing .get().  The object in question
1404         could be in the process of being GC'ed.  The get() call will not return
1405         such an object while the uncheckedGet() call will return the (unsafe) 
1406         object.  This is the behavior we want.
1407
1408         Precautionary change.
1409         Changed RootObject to use WeakGCMap instead of HashSet.
1410         Found will looking for another issue, but can't produce a test case
1411         that is problematic.  THerefore there aren't any new tests.
1412
1413         * bridge/runtime_root.cpp:
1414         (JSC::Bindings::RootObject::invalidate):
1415         (JSC::Bindings::RootObject::addRuntimeObject):
1416         (JSC::Bindings::RootObject::removeRuntimeObject):
1417         * bridge/runtime_root.h:
1418
1419 2011-01-28  Adam Roben  <aroben@apple.com>
1420
1421         Notify CACFLayerTreeHost when the context is flushed
1422
1423         LegacyCACFLayerTreeHost was keeping this a secret, which meant that WebCore's animation
1424         timers were never starting.
1425
1426         Fixes <http://webkit.org/b/53302> [Windows 7 Release Tests] changesets 76853, 76856, and
1427         76858 broke ~36 animations, compositing, and transitions tests
1428
1429         Reviewed by Sam Weinig.
1430
1431         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
1432         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): Call up to the base class after we
1433         start our render timer.
1434
1435 2011-01-28  Antti Koivisto  <antti@apple.com>
1436
1437         Reviewed by Dan Bernstein.
1438
1439         Remove dead code that tried to map from CSS values to parser values
1440         https://bugs.webkit.org/show_bug.cgi?id=53318
1441
1442         * css/CSSFunctionValue.cpp:
1443         * css/CSSFunctionValue.h:
1444         * css/CSSPrimitiveValue.cpp:
1445         * css/CSSPrimitiveValue.h:
1446         * css/CSSValue.h:
1447         * css/CSSValueList.cpp:
1448         * css/CSSValueList.h:
1449
1450 2011-01-28  Enrica Casucci  <enrica@apple.com>
1451
1452         Reviewed by Adam Roben.
1453
1454         Some drag and drop tests fail since r76824
1455         https://bugs.webkit.org/show_bug.cgi?id=53304
1456
1457         There were '||' instead of '&&' in the checks for valid
1458         clipboard content.
1459         
1460         * platform/win/ClipboardWin.cpp:
1461         (WebCore::ClipboardWin::getData):
1462         (WebCore::ClipboardWin::types):
1463         (WebCore::ClipboardWin::files):
1464
1465 2011-01-28  Martin Robinson  <mrobinson@igalia.com>
1466
1467         [GTK] AudioProcessingEvent.h and JSJavaScriptAudioNode.h: No such file or directory
1468         https://bugs.webkit.org/show_bug.cgi?id=52889
1469
1470         Build fix for WebAudio. Include WebAudio source files on the source
1471         list when WebAudio is enabled.
1472
1473         * GNUmakefile.am: Include missing source files.
1474
1475 2011-01-28  Sam Weinig  <sam@webkit.org>
1476
1477         Reviewed by Maciej Stachowiak.
1478
1479         Add basic rubber banding support
1480         <rdar://problem/8219429>
1481         https://bugs.webkit.org/show_bug.cgi?id=53277
1482
1483         * page/EventHandler.cpp:
1484         (WebCore::EventHandler::handleGestureEvent):
1485         Pass gesture events to the FrameView.
1486
1487         * platform/ScrollAnimator.cpp:
1488         (WebCore::ScrollAnimator::handleGestureEvent):
1489         * platform/ScrollAnimator.h:
1490         Add stubbed out implementation.
1491
1492         * platform/ScrollView.cpp:
1493         (WebCore::ScrollView::ScrollView):
1494         (WebCore::ScrollView::overhangAmount):
1495         (WebCore::ScrollView::wheelEvent):
1496         * platform/ScrollView.h:
1497         * platform/ScrollableArea.cpp:
1498         (WebCore::ScrollableArea::ScrollableArea):
1499         (WebCore::ScrollableArea::handleGestureEvent):
1500         * platform/ScrollableArea.h:
1501         (WebCore::ScrollableArea::constrainsScrollingToContentEdge):
1502         (WebCore::ScrollableArea::setConstrainsScrollingToContentEdge):
1503         Move constrains scrolling bit to ScrollableArea from ScrollView.
1504
1505         (WebCore::ScrollableArea::contentsSize):
1506         (WebCore::ScrollableArea::overhangAmount):
1507         Add additional virtual functions for information needed by the animator.
1508
1509         * platform/mac/ScrollAnimatorMac.h:
1510         * platform/mac/ScrollAnimatorMac.mm:
1511         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
1512         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaX):
1513         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaY):
1514         (WebCore::elasticDeltaForTimeDelta):
1515         (WebCore::elasticDeltaForReboundDelta):
1516         (WebCore::reboundDeltaForElasticDelta):
1517         (WebCore::scrollWheelMultiplier):
1518         (WebCore::ScrollAnimatorMac::handleWheelEvent):
1519         (WebCore::ScrollAnimatorMac::handleGestureEvent):
1520         (WebCore::ScrollAnimatorMac::pinnedInDirection):
1521         (WebCore::ScrollAnimatorMac::allowsVerticalStretching):
1522         (WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
1523         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
1524         (WebCore::ScrollAnimatorMac::beginScrollGesture):
1525         (WebCore::ScrollAnimatorMac::endScrollGesture):
1526         (WebCore::ScrollAnimatorMac::snapRubberBand):
1527         (WebCore::roundTowardZero):
1528         (WebCore::roundToDevicePixelTowardZero):
1529         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
1530         Implement basic rubber banding.
1531
1532 2011-01-28  Dan Bernstein  <mitz@apple.com>
1533
1534         Reviewed by Anders Carlsson.
1535
1536         Changing unicode-bidi doesn’t force layout
1537         https://bugs.webkit.org/show_bug.cgi?id=53311
1538
1539         Test: fast/dynamic/unicode-bidi.html
1540
1541         * rendering/style/RenderStyle.cpp:
1542         (WebCore::RenderStyle::diff): Return a layout difference if unicode-bidi values differ.
1543
1544 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
1545
1546         Reviewed by Kent Tamura.
1547
1548         Change HTMLInputElement-derived parts of media element shadow DOM to use shadowPseudoId.
1549         https://bugs.webkit.org/show_bug.cgi?id=53122
1550
1551         This is the first step in converting HTMLMediaElement to the new shadow DOM.
1552
1553         Should not regress any existing tests. No observable change in behavior.
1554
1555         * css/CSSSelector.cpp:
1556         (WebCore::CSSSelector::pseudoId): Removed now-unnecessary hard-coded pseudo-element selectors.
1557         (WebCore::nameToPseudoTypeMap): Ditto.
1558         (WebCore::CSSSelector::extractPseudoType): Ditto.
1559         * css/CSSSelector.h: Ditto.
1560         * css/mediaControls.css: Added proper initial values, now that elements use the proper selector pipeline.
1561         * rendering/MediaControlElements.cpp:
1562         (WebCore::MediaControlInputElement::MediaControlInputElement): Removed the switch statement,
1563             which is now replaced with virtual shadowPseudoId on each corresponding class.
1564         (WebCore::MediaControlInputElement::styleForElement): Changed to use element pipeline.
1565         (WebCore::MediaControlMuteButtonElement::MediaControlMuteButtonElement): Changed to set
1566             display type in constructor.
1567         (WebCore::MediaControlMuteButtonElement::create): Changed to not take PseudoId as
1568             constructor argument.
1569         (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Added.
1570         (WebCore::MediaControlVolumeSliderMuteButtonElement::MediaControlVolumeSliderMuteButtonElement): Added
1571             to disambiguate from the MediaControlMuteButtonElement.
1572         (WebCore::MediaControlVolumeSliderMuteButtonElement::create): Added.
1573         (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Added.
1574         (WebCore::MediaControlPlayButtonElement::MediaControlPlayButtonElement): Changed to not take PseudoId as
1575             constructor argument.
1576         (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Added.
1577         (WebCore::MediaControlSeekButtonElement::MediaControlSeekButtonElement): Changed to not take PseudoId as
1578             constructor argument.
1579         (WebCore::MediaControlSeekForwardButtonElement::MediaControlSeekForwardButtonElement): Added.
1580         (WebCore::MediaControlSeekForwardButtonElement::create): Added.
1581         (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Added.
1582         (WebCore::MediaControlSeekBackButtonElement::MediaControlSeekBackButtonElement): Added.
1583         (WebCore::MediaControlSeekBackButtonElement::create): Added.
1584         (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Added.
1585         (WebCore::MediaControlRewindButtonElement::MediaControlRewindButtonElement): Added.
1586         (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Added.
1587         (WebCore::MediaControlReturnToRealtimeButtonElement::MediaControlReturnToRealtimeButtonElement): Changed to not take PseudoId as
1588             constructor argument.
1589         (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Added.
1590         (WebCore::MediaControlToggleClosedCaptionsButtonElement::MediaControlToggleClosedCaptionsButtonElement): Changed to not take PseudoId as
1591             constructor argument.
1592         (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Added.
1593         (WebCore::MediaControlTimelineElement::MediaControlTimelineElement): Changed to not take PseudoId as
1594             constructor argument.
1595         (WebCore::MediaControlTimelineElement::shadowPseudoId): Added.
1596         (WebCore::MediaControlVolumeSliderElement::MediaControlVolumeSliderElement): Changed to not take PseudoId as
1597             constructor argument.
1598         (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Added.
1599         (WebCore::MediaControlFullscreenButtonElement::MediaControlFullscreenButtonElement): Changed to not take PseudoId as
1600             constructor argument.
1601         (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Added.
1602         * rendering/MediaControlElements.h:
1603         (WebCore::MediaControlSeekForwardButtonElement::isForwardButton): Added.
1604         (WebCore::MediaControlSeekBackButtonElement::isForwardButton): Added.
1605         * rendering/RenderMedia.cpp:
1606         (WebCore::RenderMedia::createMuteButton): Changed to use new constructor.
1607         (WebCore::RenderMedia::createSeekBackButton): Ditto.
1608         (WebCore::RenderMedia::createSeekForwardButton): Ditto.
1609         (WebCore::RenderMedia::createVolumeSliderMuteButton): Ditto.
1610         * rendering/style/RenderStyleConstants.h: Removed constants that are no longer used.
1611
1612 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
1613
1614         Reviewed by Eric Carlson.
1615
1616         Split MediaControls out of RenderMedia.
1617         https://bugs.webkit.org/show_bug.cgi?id=53252
1618
1619         Near-mechanical moving of stuff, no change in behavior, thus no new tests.
1620
1621         * Android.mk: Added MediaControls to build system.
1622         * CMakeLists.txt: Ditto.
1623         * GNUmakefile.am: Ditto.
1624         * WebCore.gypi: Ditto.
1625         * WebCore.pro: Ditto.
1626         * WebCore.vcproj/WebCore.vcproj: Ditto.
1627         * WebCore.xcodeproj/project.pbxproj: Ditto.
1628         * html/HTMLMediaElement.cpp:
1629         (WebCore::HTMLMediaElement::defaultEventHandler): Changed to forward events to MediaControls.
1630         * html/shadow/MediaControls.cpp: Copied all controls-related methods from
1631             Source/WebCore/rendering/RenderMedia.cpp, pulled them into their own class called MediaControls. 
1632         * html/shadow/MediaControls.h: Ditto from Source/WebCore/rendering/RenderMedia.h.
1633         * rendering/MediaControlElements.cpp:
1634         (WebCore::MediaControlTimelineElement::defaultEventHandler): Changed to use MediaControls.
1635         * rendering/RenderMedia.cpp:
1636         (WebCore::RenderMedia::RenderMedia): Moved relevant constructor initializers out to MediaControls.
1637         (WebCore::RenderMedia::destroy): Changed to use MediaControls.
1638         (WebCore::RenderMedia::styleDidChange): Ditto.
1639         (WebCore::RenderMedia::layout): Ditto.
1640         (WebCore::RenderMedia::updateFromElement): Ditto.
1641         * rendering/RenderMedia.h: Updated defs accordingly and removed player() accessor, which
1642             is only used by sub-class RenderVideo.
1643         (WebCore::RenderMedia::controls): Added.
1644         * rendering/RenderVideo.cpp:
1645         (WebCore::RenderVideo::~RenderVideo): Changed to access MediaPlayer* directly from mediaElement().
1646         (WebCore::RenderVideo::calculateIntrinsicSize): Ditto.
1647         (WebCore::RenderVideo::paintReplaced): Ditto.
1648         (WebCore::RenderVideo::updatePlayer): Ditto.
1649         (WebCore::RenderVideo::supportsAcceleratedRendering): Ditto.
1650         (WebCore::RenderVideo::acceleratedRenderingStateChanged): Ditto.
1651
1652 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
1653
1654         Reviewed by Yury Semikhatsky.
1655
1656         Web Inspector: allow remote debugging with front-end
1657         served from the cloud.
1658         https://bugs.webkit.org/show_bug.cgi?id=53303
1659
1660         * inspector/front-end/inspector.js:
1661
1662 2011-01-28  Aparna Nandyal  <aparna.nand@wipro.com>
1663
1664         Reviewed by Andreas Kling.
1665
1666         Setting value of m_PressedPos to make scrolling smooth
1667
1668         Page scroll popup menu "Scroll here" option not working when cliking above scroll slider/handler.
1669         https://bugs.webkit.org/show_bug.cgi?id=51349
1670
1671         The value of m_PressedPos was getting set before moveThumb() call
1672         in all other scenarios except when "Scroll Here" option is used.
1673         Hence scrolling with this option was not as expected even in cases
1674         where scrolling was happening. The thumb would move in unexpected
1675         direction. m_PressedPos is now set to pressed position so delta is
1676         calculated.
1677         Unable to write a test case as the test needs to click on "Scroll
1678         Here" option of context sensitive menu and QTest is unable to do it.
1679         Besides no new functionality introduced.
1680
1681         * platform/qt/ScrollbarQt.cpp:
1682         (WebCore::Scrollbar::contextMenu):
1683
1684 2011-01-28  Andrey Kosyakov  <caseq@chromium.org>
1685
1686         Reviewed by Pavel Feldman.
1687
1688         Web Inspector: [Extensions API] add JSON schema for extensions API
1689         https://bugs.webkit.org/show_bug.cgi?id=53236
1690
1691         * inspector/front-end/ExtensionAPISchema.json: Added.
1692
1693 2011-01-27  Zhenyao Mo  <zmo@google.com>
1694
1695         Reviewed by Kenneth Russell.
1696
1697         Remove _LENGTH enumerants
1698         https://bugs.webkit.org/show_bug.cgi?id=53259
1699
1700         * html/canvas/WebGLRenderingContext.cpp: Remove queries for *LENGTH.
1701         (WebCore::WebGLRenderingContext::getProgramParameter):
1702         (WebCore::WebGLRenderingContext::getShaderParameter):
1703         * html/canvas/WebGLRenderingContext.idl: Remove *LENGTH.
1704
1705 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
1706
1707         Reviewed by Yury Semikhatsky.
1708
1709         Web Inspector: syntax highlight inline JS and CSS in HTML resources
1710         https://bugs.webkit.org/show_bug.cgi?id=30831
1711
1712         * inspector/front-end/SourceHTMLTokenizer.js:
1713         (WebInspector.SourceHTMLTokenizer):
1714         (WebInspector.SourceHTMLTokenizer.prototype.set line):
1715         (WebInspector.SourceHTMLTokenizer.prototype.nextToken):
1716         * inspector/front-end/SourceHTMLTokenizer.re2js:
1717
1718 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
1719
1720         Reviewed by Yury Semikhatsky.
1721
1722         Web Inspector: [STYLES] Up/Down-suggestion breaks an existing keyword
1723         https://bugs.webkit.org/show_bug.cgi?id=53295
1724
1725         Select the current word suffix before switching to the next suggestion.
1726
1727         * inspector/front-end/StylesSidebarPane.js:
1728         ():
1729
1730 2011-01-28  Alejandro G. Castro  <alex@igalia.com>
1731
1732         Reviewed by Xan Lopez.
1733
1734         [GTK] Fix dist compilation for the release
1735         https://bugs.webkit.org/show_bug.cgi?id=53290
1736
1737         * GNUmakefile.am: Added inspector files to the extra dist.
1738
1739 2011-01-28  Ilya Sherman  <isherman@chromium.org>
1740
1741         Reviewed by Andreas Kling.
1742
1743         Const-correct HTMLSelectElement and WebSelectElement
1744         https://bugs.webkit.org/show_bug.cgi?id=53293
1745
1746         * html/HTMLSelectElement.cpp:
1747         (WebCore::HTMLSelectElement::value): const.
1748         * html/HTMLSelectElement.h:
1749
1750 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1751
1752         Unreviewed, rolling out r76893.
1753         http://trac.webkit.org/changeset/76893
1754         https://bugs.webkit.org/show_bug.cgi?id=53287
1755
1756         It made some tests crash on GTK and Qt debug bots (Requested
1757         by Ossy on #webkit).
1758
1759         * bridge/runtime_root.cpp:
1760         (JSC::Bindings::RootObject::invalidate):
1761         (JSC::Bindings::RootObject::addRuntimeObject):
1762         (JSC::Bindings::RootObject::removeRuntimeObject):
1763         * bridge/runtime_root.h:
1764
1765 2011-01-27  Greg Coletta  <greg.coletta@nokia.com>
1766
1767         Reviewed by Laszlo Gombos.
1768
1769         Get rid of prefix header dependency for WebKit2 build system
1770         https://bugs.webkit.org/show_bug.cgi?id=50174
1771
1772         Guard EmptyProtocalDefinitions.h to make sure it's not included twice.
1773
1774         * platform/mac/EmptyProtocolDefinitions.h:
1775
1776 2011-01-27  Abhishek Arya  <inferno@chromium.org>
1777
1778         Reviewed by Dan Bernstein.
1779
1780         Recalc table sections if needed before calculating the first line
1781         box baseline.
1782         https://bugs.webkit.org/show_bug.cgi?id=53265
1783
1784         When we try to calculate the baseline position of a table cell,
1785         we recurse through all the child sibling boxes (when children are
1786         non inline) and add their first linebox baseline values. If one of
1787         the children is a table with pending section recalc, we will access
1788         wrong table section values. We recalc table sections if it is needed.
1789
1790         Test: fast/table/recalc-section-first-body-crash-main.html
1791
1792         * rendering/RenderTable.cpp:
1793         (WebCore::RenderTable::firstLineBoxBaseline):
1794
1795 2011-01-27  Adrienne Walker  <enne@google.com>
1796
1797         Reviewed by Kenneth Russell.
1798
1799         [chromium] Add CRASH calls to further debug tiled compositor memcpy crash.
1800         https://bugs.webkit.org/show_bug.cgi?id=52379
1801
1802         Test: LayoutTests/compositing (to verify these weren't triggered)
1803
1804         * platform/graphics/chromium/LayerTilerChromium.cpp:
1805         (WebCore::LayerTilerChromium::invalidateRect):
1806         (WebCore::LayerTilerChromium::update):
1807
1808 2011-01-27  Alexander Pavlov  <apavlov@chromium.org>
1809
1810         Reviewed by Pavel Feldman.
1811
1812         Web Inspector: [STYLES] Cancelled suggestion of a property name results in a visual artifact
1813         https://bugs.webkit.org/show_bug.cgi?id=53242
1814
1815         * inspector/front-end/StylesSidebarPane.js:
1816         (WebInspector.StylePropertyTreeElement.prototype):
1817
1818 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
1819
1820         Unreviewed, rolling out r76891.
1821         http://trac.webkit.org/changeset/76891
1822         https://bugs.webkit.org/show_bug.cgi?id=53280
1823
1824         Makes every layout test crash (Requested by othermaciej on
1825         #webkit).
1826
1827         * page/EventHandler.cpp:
1828         * page/EventHandler.h:
1829         * rendering/RenderObject.cpp:
1830         (WebCore::RenderObject::styleDidChange):
1831
1832 2011-01-27  Ryosuke Niwa  <rniwa@webkit.org>
1833
1834         Unreviewed, rolling out r76839.
1835         http://trac.webkit.org/changeset/76839
1836         https://bugs.webkit.org/show_bug.cgi?id=49744
1837
1838         broke pixel tests
1839
1840         * rendering/RenderBox.cpp:
1841         (WebCore::RenderBox::localCaretRect):
1842
1843 2011-01-27  Emil A Eklund  <eae@chromium.org>
1844
1845         Reviewed by Darin Adler.
1846
1847         contentEditable formatBlock crashes on divs with contenteditable="false"
1848         https://bugs.webkit.org/show_bug.cgi?id=53263
1849
1850         Check if editableRootForPosition returns null for position.
1851
1852         Test: editing/execCommand/format-block-contenteditable-false.html
1853
1854         * editing/FormatBlockCommand.cpp:
1855         (WebCore::FormatBlockCommand::formatRange):
1856
1857 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
1858
1859         Reviewed by Darin Adler.
1860
1861         Remove RenderMedia members that aren't used.
1862         https://bugs.webkit.org/show_bug.cgi?id=53245
1863
1864         Refactoring, no change in behavior, so no new tests.
1865
1866         * rendering/RenderMedia.h: Removed unused member variables.
1867
1868 2011-01-27  Michael Saboff  <msaboff@apple.com>
1869
1870         Reviewed by Darin Adler.
1871
1872         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1873         https://bugs.webkit.org/show_bug.cgi?id=53271
1874
1875         Precautionary change.
1876         Changed RootObject to use WeakGCMap instead of HashSet.
1877         Found will looking for another issue, but can't produce a test case
1878         that is problematic.  THerefore there aren't any new tests.
1879
1880         * bridge/runtime_root.cpp:
1881         (JSC::Bindings::RootObject::invalidate):
1882         (JSC::Bindings::RootObject::addRuntimeObject):
1883         (JSC::Bindings::RootObject::removeRuntimeObject):
1884         * bridge/runtime_root.h:
1885
1886 2011-01-27  Kenneth Russell  <kbr@google.com>
1887
1888         Reviewed by James Robinson.
1889
1890         Rename Typed Array slice() to subset()
1891         https://bugs.webkit.org/show_bug.cgi?id=53273
1892
1893         * bindings/js/JSArrayBufferViewHelper.h:
1894         (WebCore::constructArrayBufferView):
1895         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
1896         (WebCore::constructWebGLArray):
1897         * html/canvas/Float32Array.cpp:
1898         (WebCore::Float32Array::subset):
1899         * html/canvas/Float32Array.h:
1900         * html/canvas/Float32Array.idl:
1901         * html/canvas/Int16Array.cpp:
1902         (WebCore::Int16Array::subset):
1903         * html/canvas/Int16Array.h:
1904         * html/canvas/Int16Array.idl:
1905         * html/canvas/Int32Array.cpp:
1906         (WebCore::Int32Array::subset):
1907         * html/canvas/Int32Array.h:
1908         * html/canvas/Int32Array.idl:
1909         * html/canvas/Int8Array.cpp:
1910         (WebCore::Int8Array::subset):
1911         * html/canvas/Int8Array.h:
1912         * html/canvas/Int8Array.idl:
1913         * html/canvas/TypedArrayBase.h:
1914         (WebCore::TypedArrayBase::subsetImpl):
1915         * html/canvas/Uint16Array.cpp:
1916         (WebCore::Uint16Array::subset):
1917         * html/canvas/Uint16Array.h:
1918         * html/canvas/Uint16Array.idl:
1919         * html/canvas/Uint32Array.cpp:
1920         (WebCore::Uint32Array::subset):
1921         * html/canvas/Uint32Array.h:
1922         * html/canvas/Uint32Array.idl:
1923         * html/canvas/Uint8Array.cpp:
1924         (WebCore::Uint8Array::subset):
1925         * html/canvas/Uint8Array.h:
1926         * html/canvas/Uint8Array.idl:
1927
1928 2011-01-27  Darin Adler  <darin@apple.com>
1929
1930         Reviewed by Dan Bernstein.
1931
1932         Changing cursor style has no effect until the mouse moves
1933         https://bugs.webkit.org/show_bug.cgi?id=14344
1934         rdar://problem/7563712
1935
1936         No tests added because we don't have infrastructure for testing actual cursor
1937         changes (as opposed to cursor style computation) at this time. We might add it later.
1938
1939         * page/EventHandler.cpp:
1940         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
1941         * page/EventHandler.h: Ditto.
1942
1943         * rendering/RenderObject.cpp:
1944         (WebCore::areNonIdenticalCursorListsEqual): Added.
1945         (WebCore::areCursorsEqual): Added.
1946         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
1947         cursor styles changed.
1948
1949 2011-01-27  Leo Yang  <leo.yang@torchmobile.com.cn>
1950
1951         Reviewed by Dirk Schulze.
1952
1953         SVG Use Cycle is not detected
1954         https://bugs.webkit.org/show_bug.cgi?id=52544
1955
1956         We should check if SVGUseElement::buildInstanceTree finds problem
1957         for every child node. If it finds problem for any children we must
1958         return immediately because otherwise the foundProblem variable may
1959         be rewritten to false.
1960
1961         Test: svg/custom/recursive-use2.svg
1962
1963         * svg/SVGUseElement.cpp:
1964         (WebCore::SVGUseElement::buildInstanceTree):
1965
1966 2011-01-27  Zhenyao Mo  <zmo@google.com>
1967
1968         Reviewed by Kenneth Russell.
1969
1970         texSubImage2D's format/type needs to match the internalformat/type from the previous texImage2D call
1971         https://bugs.webkit.org/show_bug.cgi?id=53054
1972
1973         Test: fast/canvas/webgl/tex-sub-image-2d-bad-args.html
1974
1975         * html/canvas/WebGLRenderingContext.cpp:
1976         (WebCore::WebGLRenderingContext::texSubImage2DBase): Check format/type match.
1977
1978 2011-01-27  Yi Shen  <yi.4.shen@nokia.com>, Tor Arne Vestbø <tor.arne.vestbo@nokia.com>
1979
1980         Reviewed by Andreas Kling.
1981
1982         [Qt] Add fullscreen media control button for html video
1983         https://bugs.webkit.org/show_bug.cgi?id=51543
1984
1985         Implement media control fullscreen button for QtWebKit html5 video.
1986
1987         * css/mediaControlsQt.css:
1988         (video::-webkit-media-controls-fullscreen-button):
1989         * platform/qt/RenderThemeQt.cpp:
1990         (WebCore::RenderThemeQt::paintMediaFullscreenButton):
1991
1992 2011-01-27  Nate Chapin  <japhet@chromium.org>
1993
1994         Reviewed by Adam Barth.
1995
1996         Remove FrameLoader::url() and update callers to use
1997         Document::url().
1998         https://bugs.webkit.org/show_bug.cgi?id=41165
1999
2000         Refactor, no new tests.
2001
2002         * WebCore.exp.in:
2003         * dom/Document.cpp:
2004         (WebCore::Document::processHttpEquiv):
2005         (WebCore::Document::removePendingSheet):
2006         * history/CachedFrame.cpp:
2007         (WebCore::CachedFrameBase::CachedFrameBase):
2008         * history/PageCache.cpp:
2009         (WebCore::logCanCacheFrameDecision):
2010         (WebCore::PageCache::canCachePageContainingThisFrame):
2011         * html/HTMLFrameElementBase.cpp:
2012         (WebCore::HTMLFrameElementBase::isURLAllowed):
2013         * html/HTMLPlugInImageElement.cpp:
2014         (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
2015         * inspector/InspectorAgent.cpp:
2016         (WebCore::InspectorAgent::inspectedURL):
2017         * inspector/InspectorResourceAgent.cpp:
2018         (WebCore::buildObjectForFrame):
2019         * loader/DocumentWriter.cpp:
2020         (WebCore::DocumentWriter::replaceDocument):
2021         (WebCore::DocumentWriter::deprecatedFrameEncoding):
2022         * loader/FrameLoader.cpp:
2023         * loader/FrameLoader.h:
2024         * loader/HistoryController.cpp:
2025         (WebCore::HistoryController::updateForStandardLoad):
2026         (WebCore::HistoryController::updateForRedirectWithLockedBackForwardList):
2027         (WebCore::HistoryController::updateForSameDocumentNavigation):
2028         * loader/NavigationScheduler.cpp:
2029         (WebCore::ScheduledHistoryNavigation::fire):
2030         (WebCore::NavigationScheduler::scheduleLocationChange):
2031         (WebCore::NavigationScheduler::scheduleRefresh):
2032         * page/FrameView.cpp:
2033         (WebCore::FrameView::updateControlTints):
2034         * page/Location.cpp:
2035         (WebCore::Location::url):
2036         (WebCore::Location::setProtocol):
2037         (WebCore::Location::setHost):
2038         (WebCore::Location::setHostname):
2039         (WebCore::Location::setPort):
2040         (WebCore::Location::setPathname):
2041         (WebCore::Location::setSearch):
2042         (WebCore::Location::setHash):
2043         (WebCore::Location::reload):
2044         * page/Page.cpp:
2045         (WebCore::Page::goToItem):
2046
2047 2011-01-27  Stephen White  <senorblanco@chromium.org>
2048
2049         Reviewed by Darin Adler.
2050
2051         Fix performance regression in ImageQualityController::objectDestroyed().
2052         https://bugs.webkit.org/show_bug.cgi?id=52645
2053
2054         In r72282, I inadvertently introduced this regression by using a
2055         linear search through the hash map on object destruction.  This was
2056         because the hash key consisted of both object pointer and layer id,
2057         but on object destruction we only know the object pointer, requiring
2058         a search to find all the layers. 
2059         By replacing the hash map with two nested hash maps, where the outer key
2060         is the object and the inner key is the layer, we can find all the
2061         relevant data for an object in one hash lookup.
2062
2063         * rendering/RenderBoxModelObject.cpp:
2064         Replace the (object,layer)->size HashMap with object->layer and
2065         layer->size HashMaps.
2066         (WebCore::ImageQualityController::isEmpty):
2067         Implement isEmpty() for the outer HashMap.
2068         (WebCore::ImageQualityController::removeLayer):
2069         When a layer is removed, remove it from the inner hash map.
2070         (WebCore::ImageQualityController::set):
2071         Implement set():  if the inner map exists, set the layer->size tuple
2072         directly.  If not, create a new inner map, set the tuple, and insert
2073         it in the outer map.
2074         (WebCore::ImageQualityController::objectDestroyed):
2075         Look up the object in the outer map only.
2076         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
2077         Cosmetic changes for the renamed now-outer hash map.
2078         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
2079         Do both outer and inner hash map lookups.  Call set() to add/update
2080         entries to the hash maps.  keyDestroyed() is now removeLayer().
2081         (WebCore::imageQualityController):
2082         Make the ImageQualityController a file-static global, so it can be
2083         created and destroyed on the fly.
2084         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
2085         If there is no ImageQualityController, don't call objectDestroyed().
2086         If it's empty, delete it.
2087         * rendering/RenderImage.cpp:
2088         (WebCore::RenderImage::paintIntoRect):
2089         Also pass the Image* as the (void*) layer, since 0 is not a valid
2090         HashMap key.
2091
2092 2011-01-27  Adrienne Walker  <enne@google.com>
2093
2094         Reviewed by James Robinson.
2095
2096         [chromium] Tiled compositor crashes if compositing turned off mid-paint
2097         https://bugs.webkit.org/show_bug.cgi?id=53198
2098
2099         * platform/graphics/chromium/LayerRendererChromium.cpp:
2100         (WebCore::LayerRendererChromium::drawLayers):
2101         * platform/graphics/chromium/LayerTilerChromium.cpp:
2102         (WebCore::LayerTilerChromium::update):
2103         (WebCore::LayerTilerChromium::draw):
2104
2105 2011-01-27  Carol Szabo <carol.szabo@nokia.com>
2106
2107         Reviewed by David Hyatt.
2108
2109         A corrupted counter tree is created when renderers are added to the
2110         tree bypassing RenderObject::addChild
2111         https://bugs.webkit.org/show_bug.cgi?id=51270
2112
2113         No new tests. This patch reimplements the fix for bugs 43812 and
2114         51637 and hence all tests are already there as part of the original
2115         fixes for those bugs.
2116
2117         * rendering/RenderCounter.cpp:
2118         (WebCore::findPlaceForCounter):
2119         Removed old workaround as this patch hopefully fixes the real
2120         problem.
2121         * rendering/RenderObject.cpp:
2122         (WebCore::RenderObject::addChild):
2123         Removed call to counter updater as it was moved to a lower level.
2124         (WebCore::RenderObject::destroy):
2125         Moved attached counter nodes destruction to after the node is
2126         removed from the tree.
2127         * rendering/RenderObjectChildList.cpp:
2128         (WebCore::RenderObjectChildList::removeChildNode):
2129         (WebCore::RenderObjectChildList::appendChildNode):
2130         (WebCore::RenderObjectChildList::insertChildNode):
2131         Added notifications to the Counter system such that the
2132         CounterForest reflects the changes to the RendererTree.
2133         * rendering/RenderWidget.cpp:
2134         (WebCore::RenderWidget::destroy):
2135         Applied the same changes as for RenderObject::destroy()
2136         since RenderObject::destroy() is not called from here.
2137
2138 2011-01-27  Adam Roben  <aroben@apple.com>
2139
2140         Add WKCACFViewLayerTreeHost
2141
2142         This is a class that derives from CACFLayerTreeHost and uses a WKCACFView to render.
2143
2144         Fixes <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost should use
2145         WKCACFView for rendering
2146
2147         * WebCore.vcproj/WebCore.vcproj: Added WKCACFViewLayerTreeHost.{cpp,h}.
2148
2149         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
2150         (WebCore::CACFLayerTreeHost::acceleratedCompositingAvailable): Make the test window have a
2151         non-zero size. WKCACFView will always say it can't render if you pass it a 0-sized window,
2152         so we need a non-empty window to perform a valid test.
2153         (WebCore::CACFLayerTreeHost::create): First try to create a WKCACFViewLayerTreeHost, then
2154         fall back to a LegacyCACFLayerTreeHost.
2155         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Moved code to react to the
2156         context flush from here...
2157         (WebCore::CACFLayerTreeHost::contextDidChange): ...to here. Derived classes are required to
2158         call this function whenever changes are flushed to the context.
2159
2160         * platform/graphics/ca/win/CACFLayerTreeHost.h: Added contextDidChange.
2161
2162         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
2163         (WebCore::LegacyCACFLayerTreeHost::createRenderer):
2164         (WebCore::LegacyCACFLayerTreeHost::resize):
2165         Changed to use flushContext instead of flushing the context manually so that we will always
2166         notify the base class when the context gets flushed.
2167
2168         (WebCore::LegacyCACFLayerTreeHost::flushContext): Added a call to contextDidChange so the
2169         base class will know what happened. Moved code to schedule a render from here...
2170         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): ...to here.
2171
2172         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h: Added contextDidChange.
2173
2174         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp: Added.
2175         (WebCore::WKCACFViewLayerTreeHost::create): If WebKitQuartzCoreAdditions, which provides
2176         WKCACFView, isn't present, bail. Otherwise allocate and return a new host.
2177         (WebCore::WKCACFViewLayerTreeHost::WKCACFViewLayerTreeHost): Initialize members.
2178         (WebCore::WKCACFViewLayerTreeHost::updateViewIfNeeded): Update the view if we previously
2179         marked that we needed to do so, and flush the context if our layer's bounds have changed.
2180         (WebCore::WKCACFViewLayerTreeHost::contextDidChangeCallback): Call through to
2181         contextDidChange.
2182         (WebCore::WKCACFViewLayerTreeHost::contextDidChange): Tell the WKCACFView to start rendering
2183         (if we didn't already), then call up to the base class.
2184         (WebCore::WKCACFViewLayerTreeHost::initializeContext): Set the context's user data, the
2185         view's layer, and hook up our "context did change" callback.
2186         (WebCore::WKCACFViewLayerTreeHost::resize): Mark that the view needs to be updated the next
2187         time we paint.
2188         (WebCore::WKCACFViewLayerTreeHost::createRenderer): Update our view and return whether it is
2189         able to render or not.
2190         (WebCore::WKCACFViewLayerTreeHost::destroyRenderer): Clear out all the info we passed down
2191         to the view.
2192         (WebCore::WKCACFViewLayerTreeHost::lastCommitTime): Call through to the view.
2193         (WebCore::WKCACFViewLayerTreeHost::flushContext): Ditto.
2194         (WebCore::WKCACFViewLayerTreeHost::paint): Update the view so it will draw at the right
2195         size, then call up to the base class.
2196         (WebCore::WKCACFViewLayerTreeHost::render): Invalidate the view using the passed-in dirty
2197         rects, then ask it to draw.
2198
2199         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h: Copied from Source/WebCore/platform/graphics/ca/win/LegacyCACFLayerTreeHost.h.
2200
2201 2011-01-27  Adam Roben  <aroben@apple.com>
2202
2203         Move LegacyCACFLayerTreeHost into its own files
2204
2205         More preparation for <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost
2206         should use WKCACFView for rendering
2207
2208         Reviewed by Simon Fraser.
2209
2210         * WebCore.vcproj/WebCore.vcproj: Added LegacyCACFLayerTreeHost.{cpp,h}.
2211
2212         * platform/graphics/ca/win/CACFLayerTreeHost.cpp: Moved code from here to new files.
2213
2214         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp: Added.
2215         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h: Added.
2216
2217 2011-01-27  Patrick Gansterer  <paroga@webkit.org>
2218
2219         Unreviewed WinCE build fix for r76824.
2220
2221         * platform/wince/DragDataWinCE.cpp:
2222         (WebCore::DragData::dragDataMap):
2223
2224 2011-01-27  Adam Roben  <aroben@apple.com>
2225
2226         Split CACFLayerTreeHost into base and derived classes
2227
2228         The derived class, LegacyCACFLayerTreeHost, contains all the D3D-related code. A later patch
2229         will add a new derived class that replaces the D3D code with a different rendering API.
2230
2231         For now, LegacyCACFLayerTreeHost lives in CACFLayerTreeHost.cpp. This keeps the diff a
2232         little smaller. A later patch will move it to its own source files.
2233
2234         Preparation for <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost
2235         should use WKCACFView for rendering
2236
2237         Reviewed by Simon Fraser.
2238
2239         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
2240         (WebCore::CACFLayerTreeHost::acceleratedCompositingAvailable): Clear the window before
2241         destroying the host, as that is now the API contract that clients must fulfill.
2242         (WebCore::LegacyCACFLayerTreeHost::create): Added. Simple creator.
2243         (WebCore::CACFLayerTreeHost::create): Now instantiates a LegacyCACFLayerTreeHost. Calls the
2244         new initialize function to perform initialization that has to happen after the vtable has
2245         been set up.
2246
2247         (WebCore::LegacyCACFLayerTreeHost::LegacyCACFLayerTreeHost):
2248         (WebCore::CACFLayerTreeHost::CACFLayerTreeHost):
2249         (WebCore::LegacyCACFLayerTreeHost::initializeContext):
2250         (WebCore::CACFLayerTreeHost::initialize):
2251         Moved some initialization code from the CACFLayerTreeHost constructor into these new
2252         functions.
2253
2254         (WebCore::LegacyCACFLayerTreeHost::~LegacyCACFLayerTreeHost): Added. Moved code here from
2255         ~CACFLayerTreeHost.
2256         (WebCore::CACFLayerTreeHost::~CACFLayerTreeHost): Rather than clearing the window at this
2257         point (which would be too late, since we won't be able to call into the derived class's
2258         virtual functions), just assert that it has already been cleared (or was never set in the
2259         first place).
2260         (WebCore::LegacyCACFLayerTreeHost::createRenderer): Renamed from
2261         CACFLayerTreeHost::createRenderer, and changed to use getters instead of accessing
2262         CACFLayerTreeHost's data members directly.
2263
2264         (WebCore::LegacyCACFLayerTreeHost::destroyRenderer):
2265         (WebCore::CACFLayerTreeHost::destroyRenderer):
2266         Moved some code to the new LegacyCACFLayerTreeHost function.
2267
2268         (WebCore::LegacyCACFLayerTreeHost::resize):
2269         (WebCore::LegacyCACFLayerTreeHost::renderTimerFired):
2270         Moved these functions to LegacyCACFLayerTreeHost.
2271
2272         (WebCore::LegacyCACFLayerTreeHost::paint):
2273         (WebCore::CACFLayerTreeHost::paint):
2274         Moved some code to the new LegacyCACFLayerTreeHost function.
2275
2276         (WebCore::LegacyCACFLayerTreeHost::render):
2277         (WebCore::LegacyCACFLayerTreeHost::renderSoon):
2278         Moved these functions to LegacyCACFLayerTreeHost.
2279
2280         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Moved code to flush the context
2281         from here...
2282         (WebCore::LegacyCACFLayerTreeHost::flushContext): ...to this new function.
2283
2284         (WebCore::LegacyCACFLayerTreeHost::lastCommitTime): Moved code to get the last commit time
2285         to this new function...
2286         (WebCore::CACFLayerTreeHost::notifyAnimationsStarted): ...from here.
2287
2288         (WebCore::LegacyCACFLayerTreeHost::initD3DGeometry):
2289         (WebCore::LegacyCACFLayerTreeHost::resetDevice):
2290         Moved these functions to LegacyCACFLayerTreeHost.
2291
2292         * platform/graphics/ca/win/CACFLayerTreeHost.h: Made some functions virtual, removed some
2293         members that have moved to LegacyCACFLayerTreeHost, grouped remaining members more
2294         logically, and added some getters used by LegacyCACFLayerTreeHost.
2295
2296 2011-01-27  Adam Roben  <aroben@apple.com>
2297
2298         Move CACFLayerTreeHostClient to its own header file
2299
2300         Rubber-stamped by Steve Falkenburg.
2301
2302         * WebCore.vcproj/WebCore.vcproj: Added CACFLayerTreeHostClient.h. Also let VS have its way
2303         with the file.
2304
2305         * platform/graphics/ca/win/CACFLayerTreeHost.cpp: Added new #include.
2306
2307         * platform/graphics/ca/win/CACFLayerTreeHost.h: Removed CACFLayerTreeHostClient.
2308
2309         * platform/graphics/ca/win/CACFLayerTreeHostClient.h: Added.
2310
2311         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp: Moved some #includes here
2312         from the header file.
2313
2314         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h: Replaced broader #includes
2315         with more specific ones, plus a forward-declaration.
2316
2317 2011-01-27  James Simonsen  <simonjam@chromium.org>
2318
2319         Reviewed by Tony Chang.
2320
2321         [Chromium] Simplify small caps logic in complex text on linux
2322         https://bugs.webkit.org/show_bug.cgi?id=53207
2323
2324         Test: fast/text/atsui-multiple-renderers.html
2325               fast/text/atsui-small-caps-punctuation-size.html
2326
2327         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
2328         (WebCore::ComplexTextController::nextScriptRun): Remove redundant logic. Case changes in a text run imply FontData changes.
2329         (WebCore::ComplexTextController::setupFontForScriptRun): Update comment to reflect above.
2330
2331 2011-01-27  Adam Barth  <abarth@webkit.org>
2332
2333         In which I attempt to fix the EFL build.
2334
2335         * CMakeLists.txt:
2336
2337 2011-01-25  Levi Weintraub  <leviw@chromium.org>
2338
2339         Reviewed by Darin Adler.
2340
2341         Adding border and padding to the calculation of the local caret rect for RenderBoxes.
2342         Corrected for mistake in r76625
2343
2344         Undo moves caret to invalid position
2345         https://bugs.webkit.org/show_bug.cgi?id=49744
2346
2347         Tests: editing/selection/caret-painting-after-paste-undo-rtl.html
2348                editing/selection/caret-painting-after-paste-undo.html
2349
2350         * rendering/RenderBox.cpp:
2351         (WebCore::RenderBox::localCaretRect):
2352
2353 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
2354
2355         Unreviewed, rolling out r76825.
2356         http://trac.webkit.org/changeset/76825
2357         https://bugs.webkit.org/show_bug.cgi?id=53256
2358
2359         "caused crashes on GTK and chromium" (Requested by rniwa on
2360         #webkit).
2361
2362         * rendering/RenderBoxModelObject.cpp:
2363         (WebCore::ImageQualityController::keyDestroyed):
2364         (WebCore::ImageQualityController::objectDestroyed):
2365         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
2366         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
2367         (WebCore::imageQualityController):
2368         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
2369
2370 2011-01-27  Adam Barth  <abarth@webkit.org>
2371
2372         Reviewed by Eric Seidel.
2373
2374         Generalize the mechanism view-source uses to remember the source for an HTMLToken
2375         https://bugs.webkit.org/show_bug.cgi?id=53200
2376
2377         Currently view-source tracks the source associated with each HTMLToken.
2378         We want to re-use this mechanism for the new XSS auditor.  This patch
2379         moves this code into its own class so it can be shared between the
2380         view-source parser and the general HTML parser.  This patch also add
2381         support for tracking the source of tokens that span document.write
2382         boundaries.
2383
2384         No functional change.  This code change is somewhat tested by our
2385         view-source layout tests.
2386
2387         * Android.mk:
2388         * GNUmakefile.am:
2389         * WebCore.gypi:
2390         * WebCore.pro:
2391         * WebCore.vcproj/WebCore.vcproj:
2392         * WebCore.xcodeproj/project.pbxproj:
2393             - Fun with updating build files.
2394         * html/parser/HTMLDocumentParser.cpp:
2395         (WebCore::HTMLDocumentParser::pumpTokenizer):
2396             - Teach HTMLDocumentParser to track the source for HTMLTokens.
2397               Currently, this information isn't used, but it will be shortly.
2398               I ran the HTML parser benchmark and this change didn't have a
2399               measurable effect.
2400         * html/parser/HTMLDocumentParser.h:
2401             - Composite in the HTMLSourceTracker.
2402         * html/parser/HTMLSourceTracker.cpp: Added.
2403         (WebCore::HTMLSourceTracker::HTMLSourceTracker):
2404         (WebCore::HTMLSourceTracker::start):
2405         (WebCore::HTMLSourceTracker::end):
2406             - This function should eventualy be folded into HTMLTokenizer.
2407         (WebCore::HTMLSourceTracker::sourceForToken):
2408         * html/parser/HTMLSourceTracker.h: Added.
2409         * html/parser/HTMLToken.h:
2410             - Now HTMLTokens always have a start index of zero.  To do the job
2411               of the old start index, this patch introduces the notion of a
2412               baseOffset.  Unlike the start index (which was used as the base
2413               offset for all the other indicies), the baseOffset can change
2414               over the lifetime of the token.  We need the flexibility to
2415               change the offset for tokens that span document.write boundaries.
2416               Values are now normalized to zero-offset when stored.
2417         (WebCore::HTMLToken::clear):
2418         (WebCore::HTMLToken::setBaseOffset):
2419         (WebCore::HTMLToken::end):
2420         (WebCore::HTMLToken::beginAttributeName):
2421         (WebCore::HTMLToken::endAttributeName):
2422         (WebCore::HTMLToken::beginAttributeValue):
2423         (WebCore::HTMLToken::endAttributeValue):
2424         * html/parser/HTMLViewSourceParser.cpp:
2425             - Updates the HTMLViewSourceParser to use the new
2426               HTMLSourceTracker.
2427         (WebCore::HTMLViewSourceParser::pumpTokenizer):
2428         (WebCore::HTMLViewSourceParser::append):
2429         (WebCore::HTMLViewSourceParser::sourceForToken):
2430             - This function now just calls through to HTMLSourceTracker.
2431         * html/parser/HTMLViewSourceParser.h:
2432         * platform/text/SegmentedString.cpp:
2433         (WebCore::SegmentedString::currentColumn):
2434         (WebCore::SegmentedString::setCurrentPosition):
2435         * platform/text/SegmentedString.h:
2436         (WebCore::SegmentedString::numberOfCharactersConsumed):
2437             - We need to handle the general case now.  The "slow" version
2438               doesn't turn out to be any slower in practice anyway.
2439
2440 2011-01-27  Sam Weinig  <sam@webkit.org>
2441
2442         Fix all the builds.
2443
2444         * platform/ScrollView.cpp:
2445         (WebCore::ScrollView::paintOverhangAreas): Add parameters.
2446
2447 2011-01-27  Sam Weinig  <sam@webkit.org>
2448
2449         Reviewed by Dave Hyatt.
2450
2451         Add ability to do an unconstrained scroll on a ScrollView
2452         https://bugs.webkit.org/show_bug.cgi?id=53249
2453
2454         * platform/ScrollView.cpp:
2455         (WebCore::ScrollView::ScrollView):
2456         Initialize m_constrainsScrollingToContentEdge to true.
2457
2458         (WebCore::ScrollView::setScrollOffset):
2459         Only constrain the offset if the m_constrainsScrollingToContentEdge is set.
2460
2461         (WebCore::ScrollView::updateScrollbars):
2462         Simplify expression converting an IntSize to an IntPoint.
2463         
2464         (WebCore::ScrollView::paint):
2465         Paint the overhang if there is any.
2466         
2467         (WebCore::ScrollView::calculateOverhangAreasForPainting):
2468         Calculate the overhang in viewport coordinates for painting.
2469
2470         * platform/ScrollView.h:
2471         (WebCore::ScrollView::constrainsScrollingToContentEdge):
2472         (WebCore::ScrollView::setConstrainsScrollingToContentEdge):
2473         Add bit to control whether the scroll position should be constrained
2474         to the content edge when set.
2475
2476         * platform/ScrollbarThemeComposite.cpp:
2477         (WebCore::usedTotalSize):
2478         (WebCore::ScrollbarThemeComposite::thumbPosition):
2479         (WebCore::ScrollbarThemeComposite::thumbLength):
2480         * platform/mac/ScrollbarThemeMac.mm:
2481         (WebCore::ScrollbarThemeMac::paint):
2482         Improve calculations of thumb size and position to take overhang into account.
2483
2484 2011-01-27  Dirk Schulze  <krit@webkit.org>
2485
2486         Reviewed by Nikolas Zimmermann.
2487
2488         SVG animation of Paths with segments of different coordinate modes on begin and end
2489         https://bugs.webkit.org/show_bug.cgi?id=52984
2490
2491         At the moment we just support SVG path animations, if the number of segments on the given start path
2492         is the same as the number of segments on the given end path. But a segment on a given position must be identical
2493         on both paths as well. Not only the segment type, also the coordinate mode of the segments must be identical.
2494         If MoveToRel is on the second position on the start path a MoveToRel must be on the second position
2495         of the end path too. According to the SVG spec, at least the coordinate mode can differ. Means, if we have MoveToRel
2496         in the start path, we can use MoveToAbs on the same position in the end path.
2497
2498         This patch fixes the blending code to follow the spec here. It was necessary to track the current position of
2499         both paths, transform coordinates to the same coordinate mode and transform the resulting animation coordinate back
2500         to the coordinate mode of either the start or the end path. Which mode is taken depends on the progress of the
2501         animation.
2502
2503         Tests: svg/animations/animate-path-animation-Cc-Ss.html
2504                svg/animations/animate-path-animation-Ll-Vv-Hh.html
2505                svg/animations/animate-path-animation-Qq-Tt.html
2506                svg/animations/animate-path-animation-cC-sS-inverse.html
2507                svg/animations/animate-path-animation-lL-vV-hH-inverse.html
2508                svg/animations/animate-path-animation-qQ-tT-inverse.html
2509
2510         * svg/SVGPathBlender.cpp:
2511         (WebCore::blendFloatPoint):
2512         (WebCore::blendAnimatedFloat):
2513         (WebCore::SVGPathBlender::blendAnimatedDimensionalFloat):
2514         (WebCore::SVGPathBlender::blendAnimatedFloatPoint):
2515         (WebCore::SVGPathBlender::blendMoveToSegment):
2516         (WebCore::SVGPathBlender::blendLineToSegment):
2517         (WebCore::SVGPathBlender::blendLineToHorizontalSegment):
2518         (WebCore::SVGPathBlender::blendLineToVerticalSegment):
2519         (WebCore::SVGPathBlender::blendCurveToCubicSegment):
2520         (WebCore::SVGPathBlender::blendCurveToCubicSmoothSegment):
2521         (WebCore::SVGPathBlender::blendCurveToQuadraticSegment):
2522         (WebCore::SVGPathBlender::blendCurveToQuadraticSmoothSegment):
2523         (WebCore::SVGPathBlender::blendArcToSegment):
2524         (WebCore::coordinateModeOfCommand):
2525         (WebCore::isSegmentEqual):
2526         (WebCore::SVGPathBlender::blendAnimatedPath):
2527         (WebCore::SVGPathBlender::cleanup):
2528         * svg/SVGPathBlender.h:
2529
2530 2011-01-27  Cris Neckar  <cdn@chromium.org>
2531
2532         Reviewed by Dimitri Glazkov.
2533
2534         Clear the parent on a css keyframe's m_style when removing it from the stylesheet.
2535         https://bugs.webkit.org/show_bug.cgi?id=52320
2536
2537         Test: fast/css/css-keyframe-style-crash.html
2538
2539         * css/CSSRuleList.cpp:
2540         (WebCore::CSSRuleList::deleteRule):
2541         * css/WebKitCSSKeyframesRule.cpp:
2542         (WebCore::WebKitCSSKeyframesRule::~WebKitCSSKeyframesRule):
2543
2544 2011-01-27  Rob Buis  <rwlbuis@gmail.com>
2545
2546         Reviewed by Kent Tamura.
2547
2548         Color changes to option elements in a select multiple aren't drawn immediately
2549         https://bugs.webkit.org/show_bug.cgi?id=49790
2550
2551         Redirect style changes on <option> element to the owner <select> element.
2552
2553         Test: fast/repaint/select-option-background-color.html
2554
2555         * html/HTMLOptionElement.cpp:
2556         (WebCore::HTMLOptionElement::setRenderStyle):
2557
2558 2011-01-19  Stephen White  <senorblanco@chromium.org>
2559
2560         Reviewed by Darin Adler.
2561
2562         Fix performance regression in ImageQualityController::objectDestroyed().
2563         https://bugs.webkit.org/show_bug.cgi?id=52645
2564
2565         In r72282, I inadvertently introduced this regression by using a
2566         linear search through the hash map on object destruction.  This was
2567         because the hash key consisted of both object pointer and layer id,
2568         but on object destruction we only know the object pointer, requiring
2569         a search to find all the layers. 
2570         By replacing the hash map with two nested hash maps, where the outer key
2571         is the object and the inner key is the layer, we can find all the
2572         relevant data for an object in one hash lookup.
2573
2574         * rendering/RenderBoxModelObject.cpp:
2575         Replace the (object,layer)->size HashMap with object->layer and
2576         layer->size HashMaps.
2577         (WebCore::ImageQualityController::isEmpty):
2578         Implement isEmpty() for the outer HashMap.
2579         (WebCore::ImageQualityController::removeLayer):
2580         When a layer is removed, remove it from the inner hash map.
2581         (WebCore::ImageQualityController::set):
2582         Implement set():  if the inner map exists, set the layer->size tuple
2583         directly.  If not, create a new inner map, set the tuple, and insert
2584         it in the outer map.
2585         (WebCore::ImageQualityController::objectDestroyed):
2586         Look up the object in the outer map only.
2587         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
2588         Cosmetic changes for the renamed now-outer hash map.
2589         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
2590         Do both outer and inner hash map lookups.  Call set() to add/update
2591         entries to the hash maps.  keyDestroyed() is now removeLayer().
2592         (WebCore::imageQualityController):
2593         Make the ImageQualityController a file-static global, so it can be
2594         created and destroyed on the fly.
2595         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
2596         If there is no ImageQualityController, don't call objectDestroyed().
2597         If it's empty, delete it.
2598
2599
2600 2011-01-26  Enrica Casucci  <enrica@apple.com>
2601
2602         Reviewed by Darin Adler and Adam Roben.
2603
2604         WebKit2: add support for drag and drop on Windows
2605         https://bugs.webkit.org/show_bug.cgi?id=52775
2606         <rdar://problem/8514409>
2607         
2608         On Windows the access to the content being dragged is
2609         provided via the IDataObject interface that is made available
2610         to the window that registers itself as drop target.
2611         Since this interface cannot be accessed from the WebProcess,
2612         in every call to one of the methods of the IDropTarget interface
2613         we serialize the content of the drag clipboard and send it over to
2614         the WebProcess.
2615         The bulk of this patch consists in the refactoring needed in DragData
2616         and ClipboardWin classes to extract the data from the serialized object.
2617         
2618         * platform/DragData.cpp:
2619         * platform/DragData.h:
2620         * platform/win/ClipboardUtilitiesWin.cpp:
2621         (WebCore::getWebLocData):
2622         (WebCore::getURL):
2623         (WebCore::getPlainText):
2624         (WebCore::getTextHTML):
2625         (WebCore::getCFHTML):
2626         (WebCore::fragmentFromFilenames):
2627         (WebCore::containsFilenames):
2628         (WebCore::fragmentFromHTML):
2629         (WebCore::containsHTML):
2630         (WebCore::getClipboardData):
2631         * platform/win/ClipboardUtilitiesWin.h:
2632         * platform/win/ClipboardWin.cpp:
2633         (WebCore::Clipboard::create):
2634         (WebCore::ClipboardWin::ClipboardWin):
2635         (WebCore::ClipboardWin::getData):
2636         (WebCore::ClipboardWin::types):
2637         (WebCore::ClipboardWin::files):
2638         (WebCore::ClipboardWin::hasData):
2639         * platform/win/ClipboardWin.h:
2640         (WebCore::ClipboardWin::create):
2641         * platform/win/DragDataWin.cpp:
2642         (WebCore::DragData::DragData):
2643         (WebCore::DragData::containsURL):
2644         (WebCore::DragData::dragDataMap):
2645         (WebCore::DragData::asURL):
2646         (WebCore::DragData::containsFiles):
2647         (WebCore::DragData::asFilenames):
2648         (WebCore::DragData::containsPlainText):
2649         (WebCore::DragData::asPlainText):
2650         (WebCore::DragData::canSmartReplace):
2651         (WebCore::DragData::containsCompatibleContent):
2652         (WebCore::DragData::asFragment):
2653
2654 2011-01-27  Mario Sanchez Prada  <msanchez@igalia.com>
2655
2656         Reviewed by Martin Robinson.
2657
2658         [GTK] Space characters in source document interfere with reported caret offset
2659         https://bugs.webkit.org/show_bug.cgi?id=53033
2660
2661         Calculate caret offset from rendered text instead of from node contents.
2662
2663         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
2664         (objectAndOffsetUnignored): Calculate the caret offset based only
2665         on positions and ranges, instead of using the computed offset in
2666         the container node.
2667
2668 2011-01-26  Alexey Proskuryakov  <ap@apple.com>
2669
2670         Reviewed by Darin Adler.
2671
2672         https://bugs.webkit.org/show_bug.cgi?id=53197
2673         <rdar://problem/8895682> Make WebKit2 printing asynchronous
2674
2675         * WebCore.exp.in: Export more PrintContext methods that we didn't use on Mac before.
2676
2677         * page/PrintContext.cpp: (WebCore::PrintContext::spoolRect): Changed to make the same
2678         transformation as spoolPages does for consistency.
2679
2680 2011-01-27  David Grogan  <dgrogan@google.com>
2681
2682         Reviewed by Jeremy Orlow.
2683
2684         initial support for close() in indexeddb backend
2685         https://bugs.webkit.org/show_bug.cgi?id=53150
2686
2687         Test: storage/indexeddb/transaction-after-close.html
2688
2689         * storage/IDBDatabase.cpp:
2690         (WebCore::IDBDatabase::IDBDatabase):
2691         (WebCore::IDBDatabase::transaction):
2692         (WebCore::IDBDatabase::close):
2693         * storage/IDBDatabase.h:
2694         * storage/IDBDatabase.idl:
2695         * storage/IDBDatabaseBackendImpl.cpp:
2696         (WebCore::IDBDatabaseBackendImpl::transaction):
2697         (WebCore::IDBDatabaseBackendImpl::close):
2698
2699 2011-01-27  Dirk Schulze  <krit@webkit.org>
2700
2701         Reviewed by Nikolas Zimmermann.
2702
2703         SVG animation doesn't support calcMode discrete for number and color values.
2704         https://bugs.webkit.org/show_bug.cgi?id=53189
2705
2706         Add support for calcMode discrete on number and color animation.
2707
2708         Tests: svg/animations/animate-color-calcMode-discrete.html
2709                svg/animations/animate-number-calcMode-discrete.html
2710
2711         * svg/SVGAnimateElement.cpp:
2712         (WebCore::SVGAnimateElement::calculateAnimatedValue):
2713
2714 2011-01-26  Zhenyao Mo  <zmo@google.com>
2715
2716         Reviewed by Kenneth Russell.
2717
2718         shaderSource needs to preserve original source
2719         https://bugs.webkit.org/show_bug.cgi?id=52833
2720
2721         Test: fast/canvas/webgl/gl-getshadersource.html
2722
2723         * html/canvas/WebGLRenderingContext.cpp:
2724         (WebCore::WebGLRenderingContext::getShaderParameter): Intercept SHADER_SOURCE_LENGTH.
2725         (WebCore::WebGLRenderingContext::getShaderSource): Intercept the call.
2726         (WebCore::WebGLRenderingContext::shaderSource): Cache the source.
2727         * html/canvas/WebGLShader.cpp: Cache shader source.
2728         (WebCore::WebGLShader::WebGLShader):
2729         * html/canvas/WebGLShader.h: Ditto.
2730         (WebCore::WebGLShader::getSource):
2731         (WebCore::WebGLShader::setSource):
2732
2733 2011-01-27  Patrick Gansterer  <paroga@webkit.org>
2734
2735         Unreviewed WinCE build fix for r76743.
2736
2737         * platform/graphics/wince/FontWinCE.cpp:
2738         (WebCore::TextRunComponent::TextRunComponent):
2739
2740 2011-01-27  Pavel Podivilov  <podivilov@chromium.org>
2741
2742         Reviewed by Pavel Feldman.
2743
2744         Web Inspector: Closure and Global variable details automatically collapsing on each step through JavaScript code.
2745         https://bugs.webkit.org/show_bug.cgi?id=53234
2746
2747         * inspector/front-end/ScopeChainSidebarPane.js:
2748         (WebInspector.ScopeChainSidebarPane):
2749         (WebInspector.ScopeChainSidebarPane.prototype.update):
2750
2751 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
2752
2753         Unreviewed, rolling out r76789.
2754         http://trac.webkit.org/changeset/76789
2755         https://bugs.webkit.org/show_bug.cgi?id=53238
2756
2757         Broke GTK layout tests (Requested by podivilov on #webkit).
2758
2759         * inspector/front-end/ScopeChainSidebarPane.js:
2760         (WebInspector.ScopeChainSidebarPane):
2761         (WebInspector.ScopeChainSidebarPane.prototype.update):
2762
2763 2011-01-27  Yury Semikhatsky  <yurys@chromium.org>
2764
2765         Reviewed by Pavel Feldman.
2766
2767         Web Inspector: store all settings related to the agents on the frontend side
2768         https://bugs.webkit.org/show_bug.cgi?id=53174
2769
2770         * CMakeLists.txt:
2771         * GNUmakefile.am:
2772         * WebCore.exp.in:
2773         * WebCore.gypi:
2774         * WebCore.pro:
2775         * WebCore.vcproj/WebCore.vcproj:
2776         * WebCore.xcodeproj/project.pbxproj:
2777         * bindings/js/ScriptDebugServer.cpp:
2778         * bindings/js/ScriptDebugServer.h:
2779         * bindings/js/ScriptProfiler.cpp:
2780         * bindings/js/ScriptProfiler.h:
2781         * bindings/v8/ScriptDebugServer.cpp:
2782         * bindings/v8/ScriptDebugServer.h:
2783         * bindings/v8/ScriptProfiler.cpp:
2784         * bindings/v8/ScriptProfiler.h:
2785         * inspector/Inspector.idl:
2786         * inspector/InspectorAgent.cpp: profiler and debugger enablement state is now stored
2787         on the front-end side and will be pushed to the backend when the frontend is loaded.
2788         (WebCore::InspectorAgent::InspectorAgent):
2789         (WebCore::InspectorAgent::disconnectFrontend):
2790         (WebCore::InspectorAgent::restoreDebugger):
2791         (WebCore::InspectorAgent::restoreProfiler):
2792         (WebCore::InspectorAgent::enableProfiler):
2793         (WebCore::InspectorAgent::disableProfiler):
2794         (WebCore::InspectorAgent::showAndEnableDebugger):
2795         (WebCore::InspectorAgent::enableDebugger):
2796         (WebCore::InspectorAgent::disableDebugger):
2797         * inspector/InspectorAgent.h:
2798         * inspector/InspectorConsoleAgent.cpp: XHR failures will be logged to the console only
2799         if the front-end was opened during current browser session and XHR logging is turned on
2800         there.
2801         (WebCore::InspectorConsoleAgent::setMonitoringXHREnabled):
2802         (WebCore::InspectorConsoleAgent::setConsoleMessagesEnabled):
2803         * inspector/InspectorDebuggerAgent.cpp:
2804         * inspector/InspectorDebuggerAgent.h:
2805         * inspector/InspectorInstrumentation.cpp:
2806         (WebCore::InspectorInstrumentation::identifierForInitialRequestImpl):
2807         (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
2808         * inspector/InspectorProfilerAgent.cpp:
2809         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2810         (WebCore::InspectorProfilerAgent::startUserInitiatedProfiling):
2811         * inspector/InspectorSettings.cpp: Removed.
2812         * inspector/InspectorSettings.h: Removed.
2813         * inspector/InspectorState.cpp:
2814         (WebCore::InspectorState::InspectorState):
2815         * inspector/InspectorState.h:
2816         * inspector/front-end/ConsoleView.js:
2817         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher.dispatcher.consoleMessagesCleared):
2818         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher):
2819         (WebInspector.ConsoleView.prototype._handleContextMenuEvent.itemAction):
2820         (WebInspector.ConsoleView.prototype._handleContextMenuEvent):
2821         * inspector/front-end/ProfilesPanel.js:
2822         (WebInspector.ProfilesPanel.prototype._toggleProfiling):
2823         * inspector/front-end/ScriptsPanel.js:
2824         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
2825         * inspector/front-end/Settings.js:
2826         (WebInspector.Settings):
2827         * inspector/front-end/inspector.js:
2828
2829 2011-01-27  Pavel Podivilov  <podivilov@chromium.org>
2830
2831         Reviewed by Pavel Feldman.
2832
2833         Web Inspector: Closure and Global variable details automatically collapsing on each step through JavaScript code.
2834         https://bugs.webkit.org/show_bug.cgi?id=53234
2835
2836         * inspector/front-end/ScopeChainSidebarPane.js:
2837         (WebInspector.ScopeChainSidebarPane):
2838         (WebInspector.ScopeChainSidebarPane.prototype.update):
2839
2840 2011-01-27  Alexander Pavlov  <apavlov@chromium.org>
2841
2842         Reviewed by Pavel Feldman.
2843
2844         Web Inspector: [Elements panel] Tooltip for relative links incorrectly identifies current URL
2845         https://bugs.webkit.org/show_bug.cgi?id=53171
2846
2847         * inspector/front-end/inspector.js:
2848         (WebInspector.completeURL): Taught to understand partial href's that start with "?" (contain GET parameters only)
2849
2850 2011-01-27  Yury Semikhatsky  <yurys@chromium.org>
2851
2852         Reviewed by Pavel Feldman.
2853
2854         [V8] Crash in WebCore::addMessageToConsole
2855         https://bugs.webkit.org/show_bug.cgi?id=53227
2856
2857         * bindings/v8/V8Proxy.cpp: check that the Frame where the error
2858         occured still has a page before getting a console object from it.
2859         (WebCore::V8Proxy::reportUnsafeAccessTo):
2860
2861 2011-01-27  Hans Wennborg  <hans@chromium.org>
2862
2863         Reviewed by Jeremy Orlow.
2864
2865         IndexedDB: Remove IDBCallbacks::onSuccess() used for null values.
2866         https://bugs.webkit.org/show_bug.cgi?id=53178
2867
2868         Remove the IDBCallbacks::onSuccess() function that was used for
2869         null values, and replace such calls with calls to
2870         IDBCallBacks::onSuccess(SerializedScriptValue::nullValue())
2871         instead.
2872
2873         No new functionality, so no new tests.
2874
2875         * storage/IDBCallbacks.h:
2876         * storage/IDBCursorBackendImpl.cpp:
2877         (WebCore::IDBCursorBackendImpl::updateInternal):
2878         (WebCore::IDBCursorBackendImpl::continueFunctionInternal):
2879         * storage/IDBIndexBackendImpl.cpp:
2880         (WebCore::IDBIndexBackendImpl::openCursorInternal):
2881         * storage/IDBObjectStoreBackendImpl.cpp:
2882         (WebCore::IDBObjectStoreBackendImpl::deleteInternal):
2883         (WebCore::IDBObjectStoreBackendImpl::openCursorInternal):
2884         * storage/IDBRequest.cpp:
2885         * storage/IDBRequest.h:
2886
2887 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
2888
2889         Unreviewed, rolling out r76773.
2890         http://trac.webkit.org/changeset/76773
2891         https://bugs.webkit.org/show_bug.cgi?id=53230
2892
2893         breaks multiple GTK media tests (Requested by philn-tp on
2894         #webkit).
2895
2896         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2897         (WebCore::mimeTypeCache):
2898
2899 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
2900
2901         Unreviewed, rolling out r76770.
2902         http://trac.webkit.org/changeset/76770
2903         https://bugs.webkit.org/show_bug.cgi?id=53229
2904
2905         Some inspector tests fail (Requested by yurys on #webkit).
2906
2907         * CMakeLists.txt:
2908         * GNUmakefile.am:
2909         * WebCore.exp.in:
2910         * WebCore.gypi:
2911         * WebCore.pro:
2912         * WebCore.vcproj/WebCore.vcproj:
2913         * WebCore.xcodeproj/project.pbxproj:
2914         * bindings/js/ScriptDebugServer.cpp:
2915         (WebCore::ScriptDebugServer::isDebuggerAlwaysEnabled):
2916         * bindings/js/ScriptDebugServer.h:
2917         * bindings/js/ScriptProfiler.cpp:
2918         (WebCore::ScriptProfiler::isProfilerAlwaysEnabled):
2919         * bindings/js/ScriptProfiler.h:
2920         * bindings/v8/ScriptDebugServer.cpp:
2921         (WebCore::ScriptDebugServer::isDebuggerAlwaysEnabled):
2922         * bindings/v8/ScriptDebugServer.h:
2923         * bindings/v8/ScriptProfiler.cpp:
2924         (WebCore::ScriptProfiler::isProfilerAlwaysEnabled):
2925         * bindings/v8/ScriptProfiler.h:
2926         * inspector/Inspector.idl:
2927         * inspector/InspectorAgent.cpp:
2928         (WebCore::InspectorAgent::InspectorAgent):
2929         (WebCore::InspectorAgent::disconnectFrontend):
2930         (WebCore::InspectorAgent::restoreDebugger):
2931         (WebCore::InspectorAgent::restoreProfiler):
2932         (WebCore::InspectorAgent::ensureSettingsLoaded):
2933         (WebCore::InspectorAgent::enableProfiler):
2934         (WebCore::InspectorAgent::disableProfiler):
2935         (WebCore::InspectorAgent::showAndEnableDebugger):
2936         (WebCore::InspectorAgent::enableDebugger):
2937         (WebCore::InspectorAgent::disableDebugger):
2938         * inspector/InspectorAgent.h:
2939         (WebCore::InspectorAgent::settings):
2940         * inspector/InspectorConsoleAgent.cpp:
2941         (WebCore::InspectorConsoleAgent::setMonitoringXHREnabled):
2942         (WebCore::InspectorConsoleAgent::setConsoleMessagesEnabled):
2943         * inspector/InspectorDebuggerAgent.cpp:
2944         (WebCore::InspectorDebuggerAgent::isDebuggerAlwaysEnabled):
2945         * inspector/InspectorDebuggerAgent.h:
2946         * inspector/InspectorInstrumentation.cpp:
2947         (WebCore::InspectorInstrumentation::identifierForInitialRequestImpl):
2948         (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
2949         * inspector/InspectorProfilerAgent.cpp:
2950         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2951         (WebCore::InspectorProfilerAgent::startUserInitiatedProfiling):
2952         * inspector/InspectorSettings.cpp: Added.
2953         (WebCore::InspectorSettings::InspectorSettings):
2954         (WebCore::InspectorSettings::getBoolean):
2955         (WebCore::InspectorSettings::setBoolean):
2956         (WebCore::InspectorSettings::getLong):
2957         (WebCore::InspectorSettings::setLong):
2958         (WebCore::InspectorSettings::registerBoolean):
2959         (WebCore::InspectorSettings::registerLong):
2960         * inspector/InspectorSettings.h: Copied from Source/WebCore/bindings/v8/ScriptProfiler.h.
2961         * inspector/InspectorState.cpp:
2962         (WebCore::InspectorState::InspectorState):
2963         * inspector/InspectorState.h:
2964         * inspector/front-end/ConsoleView.js:
2965         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher.dispatcher.monitoringXHRStateChanged):
2966         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher):
2967         (WebInspector.ConsoleView.prototype._handleContextMenuEvent):
2968         * inspector/front-end/ProfilesPanel.js:
2969         (WebInspector.ProfilesPanel.prototype._toggleProfiling):
2970         * inspector/front-end/ScriptsPanel.js:
2971         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
2972         * inspector/front-end/Settings.js:
2973         (WebInspector.Settings):
2974         * inspector/front-end/inspector.js:
2975
2976 2011-01-26  Philippe Normand  <pnormand@igalia.com>
2977
2978         Reviewed by Martin Robinson.
2979
2980         [GTK] LayoutTests/media/audio-mpeg4-supported.html fails
2981         https://bugs.webkit.org/show_bug.cgi?id=53125
2982
2983         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2984         (WebCore::mimeTypeCache): Add audio/x-m4a mimetype in the cache.
2985
2986 2011-01-26  Yury Semikhatsky  <yurys@chromium.org>
2987
2988         Reviewed by Pavel Feldman.
2989
2990         Web Inspector: store all settings related to the agents on the frontend side
2991         https://bugs.webkit.org/show_bug.cgi?id=53174
2992
2993         * CMakeLists.txt:
2994         * GNUmakefile.am:
2995         * WebCore.exp.in:
2996         * WebCore.gypi:
2997         * WebCore.pro:
2998         * WebCore.vcproj/WebCore.vcproj:
2999         * WebCore.xcodeproj/project.pbxproj:
3000         * inspector/Inspector.idl:
3001         * inspector/InspectorAgent.cpp: profiler and debugger enablement state is now stored
3002         on the front-end side and will be pushed to the backend when the frontend is loaded.
3003         (WebCore::InspectorAgent::InspectorAgent):
3004         (WebCore::InspectorAgent::disconnectFrontend):
3005         (WebCore::InspectorAgent::restoreDebugger):
3006         (WebCore::InspectorAgent::restoreProfiler):
3007         (WebCore::InspectorAgent::enableProfiler):
3008         (WebCore::InspectorAgent::disableProfiler):
3009         (WebCore::InspectorAgent::showAndEnableDebugger):
3010         (WebCore::InspectorAgent::enableDebugger):
3011         (WebCore::InspectorAgent::disableDebugger):
3012         * inspector/InspectorAgent.h:
3013         * inspector/InspectorConsoleAgent.cpp: XHR failures will be logged to the console only
3014         if the front-end was opened during current browser session and XHR logging is turned on
3015         there.
3016         (WebCore::InspectorConsoleAgent::setMonitoringXHREnabled):
3017         (WebCore::InspectorConsoleAgent::setConsoleMessagesEnabled):
3018         * inspector/InspectorInstrumentation.cpp:
3019         (WebCore::InspectorInstrumentation::identifierForInitialRequestImpl):
3020         (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
3021         * inspector/InspectorProfilerAgent.cpp:
3022         (WebCore::InspectorProfilerAgent::enable):
3023         (WebCore::InspectorProfilerAgent::startUserInitiatedProfiling):
3024         * inspector/InspectorProfilerAgent.h:
3025         * inspector/InspectorSettings.cpp: Removed.
3026         * inspector/InspectorSettings.h: Removed.
3027         * inspector/InspectorState.cpp:
3028         (WebCore::InspectorState::InspectorState):
3029         * inspector/InspectorState.h:
3030         * inspector/front-end/ConsoleView.js:
3031         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher.dispatcher.consoleMessagesCleared):
3032         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher):
3033         (WebInspector.ConsoleView.prototype._handleContextMenuEvent.itemAction):
3034         (WebInspector.ConsoleView.prototype._handleContextMenuEvent):
3035         * inspector/front-end/ProfilesPanel.js:
3036         (WebInspector.ProfilesPanel.prototype._toggleProfiling):
3037         * inspector/front-end/ScriptsPanel.js:
3038         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
3039         * inspector/front-end/Settings.js:
3040         (WebInspector.Settings):
3041         * inspector/front-end/inspector.js:
3042
3043 2011-01-27  Dan Bernstein  <mitz@apple.com>
3044
3045         Reviewed by Sam Weinig.
3046
3047         REGRESSION (r76743): Uneven spacing in right-to-left justified text
3048         https://bugs.webkit.org/show_bug.cgi?id=53225
3049
3050         Fixes failure in fast/text/atsui-spacing-features.html
3051
3052         There was an inconsistency between rendering code and font code in the interpretation of
3053         'after expansion' and 'trailing expansion'. Changed all code to interpret these in terms of
3054         visual order rather than logical.
3055
3056         * platform/graphics/Font.cpp:
3057         (WebCore::Font::expansionOpportunityCount): Added a text direction parameter and changed to
3058         iterate in visual order accordingly.
3059         * platform/graphics/Font.h:
3060         * platform/graphics/WidthIterator.cpp:
3061         (WebCore::WidthIterator::WidthIterator): Pass the run direction to expansionOpportunityCount().
3062         (WebCore::WidthIterator::advance): For right-to-left runs, evaluate the trailing expansion
3063         condition with respect to the first character, which is the trailing character in visual order.
3064         * platform/graphics/mac/ComplexTextController.cpp:
3065         (WebCore::ComplexTextController::ComplexTextController): Pass the run direction to
3066         expansionOpportunityCount().
3067         * rendering/RenderBlockLineLayout.cpp:
3068         (WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Ditto.
3069
3070 2011-01-26  Adam Roben  <aroben@apple.com>
3071
3072         Don't create the Direct3D device before it's first needed
3073
3074         We only need the device once we decide to render. There's no point in creating it before
3075         then.
3076
3077         Reviewed by Sam Weinig.
3078
3079         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
3080         (WebCore::CACFLayerTreeHost::setWindow): Removed the call to createRenderer() from here.
3081         We already have code to create it when we first try to draw.
3082         (WebCore::CACFLayerTreeHost::createRenderer): Flush the context after we set our layer's
3083         bounds so that the bounds will take effect the next time we render (which could be just
3084         after this function returns).
3085
3086 2011-01-26  Adam Roben  <aroben@apple.com>
3087
3088         Add assertions that CACFLayerTreeHost gains and loses an HWND only once
3089
3090         CACFLayerTreeHost doesn't support any other use pattern.
3091
3092         Reviewed by Sam Weinig.
3093
3094         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
3095         (WebCore::CACFLayerTreeHost::CACFLayerTreeHost): Initialize new member.
3096         (WebCore::CACFLayerTreeHost::setWindow): Assert that we transition from not having a window,
3097         to having a window, to not having a window just once over the lifetime of this object.
3098
3099         * platform/graphics/ca/win/CACFLayerTreeHost.h: Added m_state.
3100
3101 2011-01-26  Adam Roben  <aroben@apple.com>
3102
3103         Notify layers that their animations have started when we flush the context, not when we
3104         render
3105
3106         r76372 separated context flushing from rendering, but this bit of code got left behind.
3107
3108         Reviewed by Sam Weinig.
3109
3110         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
3111         (WebCore::CACFLayerTreeHost::render): Moved code to notify the layers from here to
3112         notifyAnimationsStarted.
3113         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Added a call to
3114         notifyAnimationsStarted after we flush the context.
3115         (WebCore::CACFLayerTreeHost::notifyAnimationsStarted): Added. Code came from render. Changed
3116         to call PlatformCALayer::animationStarted rather than calling through to the client
3117         directly.
3118
3119         * platform/graphics/ca/win/CACFLayerTreeHost.h: Added notifyAniamtionsStarted.
3120
3121 2011-01-26  Adam Roben  <aroben@apple.com>
3122
3123         Small cleanup in MediaPlayerPrivateFullscreenWindow
3124
3125         Reviewed by Sam Weinig.
3126
3127         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp:
3128         (WebCore::MediaPlayerPrivateFullscreenWindow::~MediaPlayerPrivateFullscreenWindow): Moved
3129         code here from close(), since this was the only place that called it after the following
3130         change to createWindow.
3131         (WebCore::MediaPlayerPrivateFullscreenWindow::createWindow): Replaced code that handled the
3132         case where we had already created the window with an assertion that we have not already done
3133         so. Our single caller (FullscreenVideoController) did not require this behavior.
3134
3135         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h: Removed layerView.
3136
3137 2011-01-26  Sam Weinig  <sam@webkit.org>
3138
3139         Reviewed by Adam Roben.
3140
3141         Move ScrollView scroll wheel code to ScrollAnimator.
3142
3143         * platform/ScrollAnimator.cpp:
3144         (WebCore::ScrollAnimator::handleWheelEvent):
3145         * platform/ScrollAnimator.h:
3146         Moved implementation of handleWheelEvent from ScrollView::wheelEvent.
3147
3148         * platform/ScrollView.cpp:
3149         (WebCore::ScrollView::wheelEvent):
3150         Call down to the ScrollableArea.
3151
3152         * platform/ScrollableArea.cpp:
3153         (WebCore::ScrollableArea::handleWheelEvent):
3154         Call down to the ScrollAnimator.
3155
3156         * platform/ScrollableArea.h:
3157         (WebCore::ScrollableArea::scrollPosition):
3158         (WebCore::ScrollableArea::minimumScrollPosition):
3159         (WebCore::ScrollableArea::maximumScrollPosition):
3160         (WebCore::ScrollableArea::visibleContentRect):
3161         (WebCore::ScrollableArea::visibleHeight):
3162         (WebCore::ScrollableArea::visibleWidth):
3163         Add functions needed to implement wheel event in the animator.
3164
3165 2011-01-26  David Kilzer  <ddkilzer@apple.com>
3166
3167         <http://webkit.org/b/53192> Add experimental support for HTTP pipelining in CFNetwork
3168         <rdar://problem/8821760>
3169
3170         Reviewed by Antti Koivisto.
3171
3172         This adds support for HTTP pipelining in CFNetwork, but does not
3173         enable it.  To enable it post-SnowLeopard, use this command:
3174
3175             defaults write BUNDLE.ID WebKitEnableHTTPPipelining -bool YES
3176
3177         Once enabled, it is possible to force the same load priority
3178         (high) to be sent to CFNetwork to allow WebCore to handle the
3179         scheduling:
3180
3181             defaults write BUNDLE.ID WebKitForceHTTPPipeliningPriorityHigh -bool YES
3182
3183         * WebCore.exp.in: Export _wkGetHTTPPipeliningPriority and
3184         _wkSetHTTPPipeliningPriority.
3185
3186         * loader/DocumentThreadableLoader.cpp:
3187         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight):
3188         Copy the priority to preflightRequest.
3189
3190         * loader/ResourceLoadScheduler.cpp:
3191         (WebCore::ResourceLoadScheduler::scheduleLoad): Refactored code
3192         at the end of the method to use an early return.
3193
3194         * loader/cache/CachedResourceRequest.cpp:
3195         (WebCore::CachedResourceRequest::load): Set the priority on the
3196         ResourceRequest object based on the priority of the
3197         CachedResourceRequest before calling
3198         ResourceLoadScheduler::scheduleSubresourceLoad().
3199
3200         * loader/icon/IconLoader.cpp:
3201         (WebCore::IconLoader::startLoading): Create a ResourceRequest
3202         object and set its priority to ResourceLoadPriorityLow before
3203         passing it to ResourceLoadScheduler::scheduleSubresourceLoad().
3204
3205         * platform/mac/WebCoreSystemInterface.h:
3206         (wkGetHTTPPipeliningPriority): Added.
3207         (wkSetHTTPPipeliningPriority): Added.
3208         * platform/mac/WebCoreSystemInterface.mm:
3209         (wkGetHTTPPipeliningPriority): Added.
3210         (wkSetHTTPPipeliningPriority): Added.
3211
3212         * platform/network/ResourceRequestBase.cpp:
3213         (WebCore::ResourceRequestBase::adopt): Set m_priority when
3214         adopting a CrossThreadResourceRequestData.
3215         (WebCore::ResourceRequestBase::copyData): Set m_priority when
3216         creating a CrossThreadResourceRequestData.
3217         (WebCore::ResourceRequestBase::priority): Added.
3218         (WebCore::ResourceRequestBase::setPriority): Added.
3219         (WebCore::equalIgnoringHeaderFields): Priorities must match when
3220         comparing two ResourceRequest objects.
3221
3222         * platform/network/ResourceRequestBase.h:
3223         (WebCore::ResourceRequestBase::ResourceRequestBase): Set default
3224         priority of new objects to ResourceLoadPriorityLow.
3225         (WebCore::ResourceRequestBase::priority): Added declaration.
3226         (WebCore::ResourceRequestBase::setPriority): Added declaration.
3227         (WebCore::isHTTPPipeliningEnabled): Added.
3228         (WebCore::shouldUseHTTPPipeliningPriority): Added.
3229
3230         * platform/network/cf/ResourceRequestCFNet.cpp: Updated so that
3231         Mac OS X and Windows share code.
3232         (WebCore::initializeMaximumHTTPConnectionCountPerHost): Always
3233         set the HTTP connection count per host, but return an
3234         'unlimited' value when using HTTP pipelining.  This method used
3235         to be defined in ResourceRequestMac.mm for Mac OS X.
3236         (WebCore::readBooleanPreference): Added.  Helper method for
3237         reading boolean user defaults.
3238         (WebCore::isHTTPPipeliningEnabled): Returns value of user
3239         default key WebKitEnableHTTPPipelining, or false if not set.
3240         (WebCore::shouldUseHTTPPipeliningPriority): Returns value of
3241         user default key WebKitForceHTTPPipeliningPriorityHigh, or false
3242         if not set.
3243         * platform/network/cf/ResourceRequestCFNet.h: Updated so that
3244         Mac OS X and Windows share code.  Fixed indentation.
3245         (WebCore::mapHTTPPipeliningPriorityToResourceLoadPriority): Added.
3246         (WebCore::mapResourceLoadPriorityToHTTPPipeliningPriority): Added.
3247
3248         * platform/network/mac/ResourceRequestMac.mm:
3249         (WebCore::ResourceRequest::doUpdatePlatformRequest): Update
3250         HTTP pipelining priority on NSMutableFURLRequest object.
3251         (WebCore::ResourceRequest::doUpdateResourceRequest): Update
3252         m_priority from the NSURLRequest object.
3253         (WebCore::initializeMaximumHTTPConnectionCountPerHost): Removed.
3254         Code is now shared with Windows in ResourceRequestCFNet.cpp.
3255
3256 2011-01-26  Beth Dakin  <bdakin@apple.com>
3257
3258         Reviewed by Darin Adler.
3259
3260         Fix for <rdar://problem/8895140> Adopt WKScrollbar metrics 
3261         when using WKScrollbars.
3262
3263         New WebKitSystemInterface Functionality.
3264         * WebCore.exp.in:
3265         * platform/mac/WebCoreSystemInterface.h:
3266         * platform/mac/WebCoreSystemInterface.mm:
3267
3268         Some of the terrible static arrays are now only needed in the 
3269         old non-WK code, so they are if-def'd now.
3270         * platform/mac/ScrollbarThemeMac.mm:
3271         
3272         Just patching this function in a better way than I did
3273         before.
3274         (WebCore::updateArrowPlacement):
3275         
3276         Call into WK for the right values.
3277         (WebCore::ScrollbarThemeMac::scrollbarThickness):
3278         (WebCore::ScrollbarThemeMac::hasThumb):
3279         (WebCore::ScrollbarThemeMac::minimumThumbLength):
3280         
3281         Return false if there are no buttons.
3282         (WebCore::ScrollbarThemeMac::hasButtons):
3283
3284         Return an empty IntRect if there are not buttons.
3285         (WebCore::buttonRepaintRect):
3286
3287 2011-01-26  Sam Weinig  <sam@webkit.org>
3288
3289         Reviewed by Maciej Stachowiak.
3290
3291         Add events to represent the start/end of a gesture scroll
3292         https://bugs.webkit.org/show_bug.cgi?id=53215
3293
3294         * WebCore.exp.in: 
3295         Add new file.
3296
3297         * WebCore.xcodeproj/project.pbxproj:
3298         Add new file.
3299
3300         * page/EventHandler.cpp:
3301         (WebCore::EventHandler::handleGestureEvent):
3302         * page/EventHandler.h:
3303         Add entry point for handling gesture events.
3304
3305         * platform/PlatformGestureEvent.h: Added.
3306         (WebCore::PlatformGestureEvent::PlatformGestureEvent):
3307         (WebCore::PlatformGestureEvent::type):
3308         (WebCore::PlatformGestureEvent::position):
3309         (WebCore::PlatformGestureEvent::globalPosition):
3310         (WebCore::PlatformGestureEvent::timestamp):
3311         Add platform agnostic representation of a gesture event.
3312
3313 2011-01-26  Dan Bernstein  <mitz@apple.com>
3314
3315         Reviewed by Dave Hyatt.
3316
3317         <rdar://problem/8446709> Allow inter-ideograph justification for CJK
3318         https://bugs.webkit.org/show_bug.cgi?id=53184
3319
3320         Tests: fast/text/justify-ideograph-complex.html
3321                fast/text/justify-ideograph-simple.html
3322                fast/text/justify-ideograph-vertical.html
3323
3324         * html/canvas/CanvasRenderingContext2D.cpp:
3325         (WebCore::CanvasRenderingContext2D::drawTextInternal): Corrected the type of the third parameter
3326         passed to the TextRun constructor and added the trailingExpansionBehavior parameter.
3327         * platform/graphics/Font.cpp:
3328         (WebCore::Font::expansionOpportunityCount): Added. Returns the number of expansion opportunities
3329         for text justification. On entry, isAfterExpansion says whether an expansion opportunity exists
3330         before the first character. On return, isAfterExpansion says whether an expansion opportunity
3331         exists after the last character.
3332         * platform/graphics/Font.h: 
3333         * platform/graphics/GlyphBuffer.h:
3334         (WebCore::GlyphBuffer::expandLastAdvance): Added.
3335         * platform/graphics/TextRun.h:
3336         (WebCore::TextRun::TextRun): Added a TrailingExpansionBehavior parameter to the constructors.
3337         Renamed padding to expansion.
3338         (WebCore::TextRun::expansion): Renamed padding() to this.
3339         (WebCore::TextRun::allowsTrailingExpansion): Added this accessor.
3340         * platform/graphics/WidthIterator.cpp:
3341         (WebCore::WidthIterator::WidthIterator): Initialize m_isAfterExpansion. Use Font::expansionOpportunityCount()
3342         and adjust the count if it includes a trailing expansion opportunity but the run disallows trailing
3343         expansion.
3344         (WebCore::WidthIterator::advance): Apply expansion before and after CJK ideographs.
3345         (WebCore::WidthIterator::advanceOneCharacter): Changed to not clear the GlyphBuffer so that advance()
3346         can expand the last advance if it is followed by a CJK ideograph.
3347         * platform/graphics/WidthIterator.h: Renamed m_padding to m_expansion and m_padPerSpace
3348         to m_expansionPerOpportunity.
3349         * platform/graphics/chromium/FontChromiumWin.cpp:
3350         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3351         * platform/graphics/chromium/FontLinux.cpp:
3352         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3353         * platform/graphics/efl/FontEfl.cpp:
3354         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3355         * platform/graphics/gtk/FontGtk.cpp:
3356         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3357         * platform/graphics/haiku/FontHaiku.cpp:
3358         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3359         * platform/graphics/mac/ComplexTextController.cpp:
3360         (WebCore::ComplexTextController::ComplexTextController): Initialize m_isAfterExpansion. Use
3361         Font::expansionOpportunityCount() and adjust the count if it includes a trailing expansion
3362         opportunity but the run disallows trailing expansion.
3363         (WebCore::ComplexTextController::adjustGlyphsAndAdvances): Moved the definition and initialization
3364         of hasExtraSpacing outside the loop. Apply expansion before and after CJK ideographs.
3365         * platform/graphics/mac/ComplexTextController.h: Renamed m_padding to m_expansion and m_padPerSpace
3366         to m_expansionPerOpportunity.
3367         * platform/graphics/mac/FontMac.mm:
3368         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3369         * platform/graphics/qt/FontQt.cpp:
3370         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3371         * platform/graphics/win/FontWin.cpp:
3372         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3373         * platform/graphics/win/UniscribeController.cpp:
3374         (WebCore::UniscribeController::UniscribeController): Updated for rename.
3375         * platform/graphics/wince/FontWinCE.cpp:
3376         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3377         * platform/graphics/wx/FontWx.cpp:
3378         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
3379         * rendering/EllipsisBox.cpp:
3380         (WebCore::EllipsisBox::paint): Pass a TrailingExpansionBehavior to the TextRun constructor.
3381         (WebCore::EllipsisBox::selectionRect): Ditto.
3382         (WebCore::EllipsisBox::paintSelection): Ditto.
3383         * rendering/InlineBox.h:
3384         (WebCore::InlineBox::InlineBox): Renamed m_toAdd to m_expansion.
3385         (WebCore::InlineBox::expansion): Renamed toAdd() to this.
3386         * rendering/InlineTextBox.cpp:
3387         (WebCore::InlineTextBox::selectionRect): Pass a TrailingExpansionBehavior to the TextRun constructor.
3388         (WebCore::InlineTextBox::paint): Ditto.
3389         (WebCore::InlineTextBox::paintSelection): Ditto.
3390         (WebCore::InlineTextBox::paintCompositionBackground): Ditto.
3391         (WebCore::InlineTextBox::paintSpellingOrGrammarMarker): Ditto.
3392         (WebCore::InlineTextBox::paintTextMatchMarker): Ditto.
3393         (WebCore::InlineTextBox::computeRectForReplacementMarker): Ditto.
3394         (WebCore::InlineTextBox::offsetForPosition): Ditto.
3395         (WebCore::InlineTextBox::positionForOffset): Ditto.
3396         * rendering/InlineTextBox.h:
3397         (WebCore::InlineTextBox::setExpansion): Renamed setSpaceAdd() to this.
3398         (WebCore::InlineTextBox::trailingExpansionBehavior): Added. Trailing expansion is allowed if this
3399         is not the last leaf box on the line.
3400         * rendering/RenderBlockLineLayout.cpp:
3401         (WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Keep expansion opportunity counts
3402         in a vector instead of computing them twice. Discard the trailing expansion opportunity in the
3403         last text box.
3404         * rendering/RenderFileUploadControl.cpp:
3405         (WebCore::RenderFileUploadControl::paintObject): Pass a TrailingExpansionBehavior to the TextRun constructor.
3406         (WebCore::RenderFileUploadControl::computePreferredLogicalWidths): Ditto.
3407         * rendering/RenderListBox.cpp:
3408         (WebCore::RenderListBox::updateFromElement): Ditto.
3409         (WebCore::RenderListBox::paintItemForeground): Ditto. Also corrected the type of the second parameter.
3410         * rendering/RenderTextControl.cpp:
3411         (WebCore::RenderTextControl::getAvgCharWidth): Ditto.
3412         (WebCore::RenderTextControl::paintPlaceholder): Ditto.
3413         * rendering/svg/SVGInlineTextBox.cpp:
3414         (WebCore::SVGInlineTextBox::constructTextRun): Ditto.
3415
3416 2011-01-26  Andy Estes  <aestes@apple.com>
3417
3418         Rubber-stamped by Darin Adler.
3419
3420         Inline HTMLObjectElement::hasValidClassId().
3421
3422         * html/HTMLObjectElement.cpp:
3423         (WebCore::HTMLObjectElement::hasValidClassId):
3424
3425 2011-01-26  Evan Martin  <evan@chromium.org>
3426
3427         Reviewed by Tony Chang.
3428
3429         [chromium] crash on getBoundingClientRect in complex text
3430         https://bugs.webkit.org/show_bug.cgi?id=53199
3431
3432         Use the correct array bound; we want the number of characters processed by
3433         the shaper, not the longest continuous script run length.
3434
3435         Test: platform/chromium-linux/fast/text/international/complex-text-rectangle.html
3436
3437         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
3438         (WebCore::ComplexTextController::nextScriptRun):
3439         * platform/graphics/chromium/ComplexTextControllerLinux.h:
3440         (WebCore::ComplexTextController::numCodePoints):
3441
3442 2011-01-26  Emil A Eklund  <eae@chromium.org>
3443
3444         Reviewed by Alexey Proskuryakov.
3445
3446         Remove cached document reference from CSSStyleSheet and XSLStyleSheet.
3447         https://bugs.webkit.org/show_bug.cgi?id=52084
3448
3449         Test: fast/dom/css-delete-doc.html
3450
3451         * css/CSSMediaRule.cpp:
3452         (WebCore::CSSMediaRule::insertRule):
3453         (WebCore::CSSMediaRule::deleteRule):
3454         * css/CSSStyleSheet.cpp:
3455         (WebCore::CSSStyleSheet::CSSStyleSheet):
3456         (WebCore::CSSStyleSheet::document):
3457         * css/CSSStyleSheet.h:
3458         * xml/XSLStyleSheet.h:
3459         (WebCore::XSLStyleSheet::parentStyleSheet):
3460         * xml/XSLStyleSheetLibxslt.cpp:
3461         (WebCore::XSLStyleSheet::XSLStyleSheet):
3462         (WebCore::XSLStyleSheet::cachedResourceLoader):
3463         (WebCore::XSLStyleSheet::setParentStyleSheet):
3464         (WebCore::XSLStyleSheet::ownerDocument):
3465         * xml/XSLStyleSheetQt.cpp:
3466         (WebCore::XSLStyleSheet::XSLStyleSheet):
3467         (WebCore::XSLStyleSheet::cachedResourceLoader):
3468         (WebCore::XSLStyleSheet::ownerDocument):
3469
3470 2011-01-25  Dimitri Glazkov  <dglazkov@chromium.org>
3471
3472         Reviewed by Kent Tamura.
3473