Revert to dispatching the popstate event synchronously
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-18  Andy Estes  <aestes@apple.com>
2
3         Revert to dispatching the popstate event synchronously
4         https://bugs.webkit.org/show_bug.cgi?id=153297
5         rdar://problem/24092294
6
7         Reviewed by Brent Fulgham.
8
9         r192369 made the popstate event dispatch asynchronously, which matches what the HTML5 spec says to do. However,
10         due to compatibility regressions we need to revert back to dispatching synchronously. This change reverts
11         r192369's changes to Document.cpp, but retains the new tests.
12
13         Firing popstate synchronously makes both fast/loader/remove-iframe-during-history-navigation-different.html and
14         fast/loader/remove-iframe-during-history-navigation-same.html crash, because their onpopstate handlers remove
15         frames from the document that will later be accessed by HistoryController::recursiveGoToItem().
16
17         To prevent the crashes, this change does two things:
18         1. Keep a reference to the current frame inside FrameLoader::loadSameDocumentItem(), since calling
19            loadInSameDocument() might otherwise delete it.
20         2. Handle a null frame when iterating a HistoryItem's child frames in HistoryController::recursiveGoToItem(),
21            since calling goToItem() on one frame might cause another frame to be deleted.
22
23         Covered by existing tests. fast/loader/stateobjects/popstate-is-asynchronous.html was renamed to
24         fast/loader/stateobjects/popstate-is-synchronous.html and modified to expect synchronous dispatch.
25
26         * dom/Document.cpp:
27         (WebCore::Document::enqueuePopstateEvent):
28         * loader/FrameLoader.cpp:
29         (WebCore::FrameLoader::loadSameDocumentItem):
30         * loader/HistoryController.cpp:
31         (WebCore::HistoryController::recursiveGoToItem):
32
33 2016-02-19  Carlos Garcia Campos  <cgarcia@igalia.com>
34
35         Unreviewed. Fix GObject DOM bindings API break after r196769.
36
37         * html/HTMLTextAreaElement.idl:
38
39 2016-02-18  Gwang Yoon Hwang  <yoon@igalia.com>
40
41         [GTK] Limit the number of tiles according to the visible area
42         https://bugs.webkit.org/show_bug.cgi?id=126122
43
44         Reviewed by Carlos Garcia Campos.
45
46         TextureMapperTiledBackingStore creates tiles for whole layer bounds, which
47         means it creates the huge amount of textures if there is an excessively big
48         layer.  Not only it wastes the memory and the CPU time, it even can crash GPU
49         drivers.
50
51         This patch modifies TextureMapperTiledBackingStore to take into account the
52         visible area with a coverage multiplier when creating tiles.
53
54         * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
55         (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
56         Set a flag to recalculate the visible area of the layer when there are
57         geometric changes.
58         (WebCore::GraphicsLayerTextureMapper::setContentsToImage):
59         (WebCore::GraphicsLayerTextureMapper::flushCompositingStateForThisLayerOnly):
60         (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIncludingSubLayers):
61         (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded):
62         (WebCore::GraphicsLayerTextureMapper::markVisibleRectAsDirty):
63         (WebCore::GraphicsLayerTextureMapper::selfOrAncestorHasActiveTransformAnimation):
64         (WebCore::GraphicsLayerTextureMapper::computeTransformedVisibleRect):
65         Compute the inverse transform matrix to map a global visible are to
66         the local visible area.
67         (WebCore::clampToContentsRectIfRectIsInfinite):
68         (WebCore::GraphicsLayerTextureMapper::transformedVisibleRect):
69         * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
70         (WebCore::TextureMapperTiledBackingStore::paintToTextureMapper):
71         In HiDPI, the directly composited image is uploaded to the unscaled
72         texture to reduce memory usages. So we should apply device scale
73         factor to render it correctly.
74         (WebCore::TextureMapperTiledBackingStore::createOrDestroyTilesIfNeeded):
75         Create tiles which covered by visible rect with a coverage multiplier.
76
77 2016-02-18  Brent Fulgham  <bfulgham@apple.com>
78
79         Extend HashCountedSet with a method to efficiently set the count of an entry
80         https://bugs.webkit.org/show_bug.cgi?id=154352
81
82         Reviewed by Geoffrey Garen.
83
84         Tested by new TestWebKitAPI tests.
85
86         * loader/ResourceLoadStatistics.cpp:
87         (WebCore::decodeHashCountedSet): Update to use new HashCountedSet::add method.
88
89 2016-02-18  Commit Queue  <commit-queue@webkit.org>
90
91         Unreviewed, rolling out r196790.
92         https://bugs.webkit.org/show_bug.cgi?id=154439
93
94         made fast/events/wheelevent-basic-actual.txt fail in WK2
95         (Requested by alexchristensen on #webkit).
96
97         Reverted changeset:
98
99         "Wheel event callback removing the window causes crash in
100         WebCore."
101         https://bugs.webkit.org/show_bug.cgi?id=150871
102         http://trac.webkit.org/changeset/196790
103
104 2016-02-18  Commit Queue  <commit-queue@webkit.org>
105
106         Unreviewed, rolling out r196791.
107         https://bugs.webkit.org/show_bug.cgi?id=154438
108
109         broke windows build (Requested by alexchristensen on #webkit).
110
111         Reverted changeset:
112
113         "Extend HashCountedSet with a method to efficiently set the
114         count of an entry"
115         https://bugs.webkit.org/show_bug.cgi?id=154352
116         http://trac.webkit.org/changeset/196791
117
118 2016-02-18  Chris Dumez  <cdumez@apple.com>
119
120         window.history / window.navigator should not be replaceable
121         https://bugs.webkit.org/show_bug.cgi?id=154412
122
123         Reviewed by Ryosuke Niwa.
124
125         window.history / window.navigator should not be replaceable as per
126         the latest HTML specification:
127         https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
128
129         Firefox and Chrome already match the specification. This patch aligns
130         our behavior.
131
132         No new tests, already covered by existing tests.
133
134         * page/DOMWindow.idl:
135
136 2016-02-18  Chris Dumez  <cdumez@apple.com>
137
138         HTMLTableHeaderCellElement.scope should only return known values
139         https://bugs.webkit.org/show_bug.cgi?id=154423
140         <rdar://problem/24731018>
141
142         Reviewed by Ryosuke Niwa.
143
144         HTMLTableHeaderCellElement.scope should only return known values as per:
145         - https://html.spec.whatwg.org/multipage/tables.html#dom-th-scope
146
147         Known values are document here:
148         - https://html.spec.whatwg.org/multipage/tables.html#attr-th-scope
149
150         No new tests, already covered by existing test.
151
152         * CMakeLists.txt:
153         * WebCore.vcxproj/WebCore.vcxproj:
154         * WebCore.vcxproj/WebCore.vcxproj.filters:
155         * WebCore.xcodeproj/project.pbxproj:
156         * html/HTMLElementsAllInOne.cpp:
157         * html/HTMLTableHeaderCellElement.cpp: Copied from Source/WebCore/html/HTMLTableHeaderCellElement.h.
158         (WebCore::HTMLTableHeaderCellElement::scope):
159         (WebCore::HTMLTableHeaderCellElement::setScope):
160         * html/HTMLTableHeaderCellElement.h:
161         * html/HTMLTableHeaderCellElement.idl:
162
163 2016-02-18  Brent Fulgham  <bfulgham@apple.com>
164
165         Extend HashCountedSet with a method to efficiently set the count of an entry
166         https://bugs.webkit.org/show_bug.cgi?id=154352
167
168         Reviewed by Geoffrey Garen.
169
170         Tested by new TestWebKitAPI tests.
171
172         * loader/ResourceLoadStatistics.cpp:
173         (WebCore::decodeHashCountedSet): Update to use new HashCountedSet::add method.
174
175 2016-02-18  Simon Fraser  <simon.fraser@apple.com>
176
177         Wheel event callback removing the window causes crash in WebCore.
178         https://bugs.webkit.org/show_bug.cgi?id=150871
179
180         Reviewed by Brent Fulgham.
181         
182         Null check the FrameView before using it, since the iframe may have been removed
183         from its parent document inside the event handler.
184
185         Test: fast/events/wheel-event-destroys-frame.html
186
187         * page/mac/EventHandlerMac.mm:
188         (WebCore::EventHandler::platformCompleteWheelEvent):
189
190 2016-02-18  Brady Eidson  <beidson@apple.com>
191
192         Modern IDB: Fix IDBGetResult encoder/decoder.
193         https://bugs.webkit.org/show_bug.cgi?id=154421
194
195         Reviewed by Alex Christensen.
196
197         No new tests, as Modern IDB is still disabled for WK2.
198         
199         But if you manually enable it, "Basic IndexedDB Seems To Work"
200
201         * Modules/indexeddb/IDBGetResult.h:
202         (WebCore::IDBGetResult::encode):
203         (WebCore::IDBGetResult::decode):
204
205 2016-02-18  Myles C. Maxfield  <mmaxfield@apple.com>
206
207         Addressing post-review comments after r196747.
208
209         Unreviewed.
210
211         * css/CSSFontFaceSet.h:
212         * css/FontFaceSet.cpp:
213         (WebCore::FontFaceSet::size):
214         (WebCore::FontFaceSet::clear):
215         * css/FontFaceSet.h:
216
217 2016-02-18  Zalan Bujtas  <zalan@apple.com>
218
219         Soft hyphen is not shown when it is placed at the end of an inline element
220         https://bugs.webkit.org/show_bug.cgi?id=153980
221
222         Reviewed by David Hyatt.
223
224         This patch handles the case when the character at the breaking position does not fit the
225         line and soft-hyphen, as the first breaking opportunity, is followed by this overflowing character.
226         (foo&shy;bar where b overflows the line).
227         In such cases we don't yet have an item in the breaking history so we need to take a look at
228         the current context instead.    
229
230         Test: fast/text/soft-hyphen-as-first-breaking-opportunity.html
231
232         * rendering/line/BreakingContext.h:
233         (WebCore::BreakingContext::InlineIteratorHistory::nextBreakablePosition):
234         (WebCore::BreakingContext::handleText):
235
236 2016-02-18  Andreas Kling  <akling@apple.com>
237
238         Fake memory pressure handler should log detailed memory breakdown.
239         <https://webkit.org/b/154415>
240
241         Reviewed by Antti Koivisto.
242
243         Piggyback on the RESOURCE_USAGE code to implement some detailed memory footprint diffing
244         and have the fake memory handler dump before/after/diff after it runs.
245
246         * page/ResourceUsageThread.h:
247         (WebCore::TagInfo::TagInfo):
248         * page/cocoa/ResourceUsageThreadCocoa.mm:
249         (WebCore::logFootprintComparison):
250         (WebCore::displayNameForVMTag):
251         (WebCore::pagesPerVMTag):
252         (WebCore::TagInfo::TagInfo): Deleted.
253         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
254         (WebCore::MemoryPressureHandler::install):
255
256 2016-02-18  Brady Eidson  <beidson@apple.com>
257
258         Modern IDB: Implement server->client operations in WK2.
259         https://bugs.webkit.org/show_bug.cgi?id=154411
260
261         Reviewed by Alex Christensen.
262
263         No change in behavior yet; Just laying the groundwork.
264     
265         * Modules/indexeddb/client/IDBConnectionToServer.h:
266         * Modules/indexeddb/server/IDBServer.h:
267         * Modules/indexeddb/shared/IDBTransactionInfo.h:
268         (WebCore::IDBTransactionInfo::encode):
269         (WebCore::IDBTransactionInfo::decode):
270
271 2016-02-18  Csaba Osztrogonác  <ossy@webkit.org>
272
273         Fix unused-const-variable warning on non Cocoa platforms
274         https://bugs.webkit.org/show_bug.cgi?id=154394
275
276         Reviewed by Michael Catanzaro.
277
278         * html/HTMLPlugInImageElement.cpp:
279
280 2016-02-18  Brady Eidson  <beidson@apple.com>
281
282         Modern IDB: Implement client->server operations in WK2.
283         https://bugs.webkit.org/show_bug.cgi?id=154400
284
285         Reviewed by Alex Christensen.
286
287         No change in behavior yet; Just laying the groundwork.
288
289         * Modules/indexeddb/server/IDBServer.h:
290         * Modules/indexeddb/server/UniqueIDBDatabase.h:
291         * Modules/indexeddb/shared/IDBIndexInfo.h:
292         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
293
294 2016-02-18  Chris Dumez  <cdumez@apple.com>
295
296         [Unforgeable] operations should not be writable as per Web IDL
297         https://bugs.webkit.org/show_bug.cgi?id=154396
298         <rdar://problem/24721063>
299
300         Reviewed by Ryosuke Niwa.
301
302         [Unforgeable] operations should not be writable as per the Web IDL specification:
303         http://heycam.github.io/webidl/#es-operations
304
305         They were currently non-configurable in WebKit but still writable.
306
307         No new tests, already covered by existing test.
308
309         * bindings/scripts/CodeGeneratorJS.pm:
310         Mark [Unforgeable] operations as ReadOnly.
311
312         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
313         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
314         * bindings/scripts/test/JS/JSTestObj.cpp:
315         * bindings/scripts/test/ObjC/DOMTestObj.h:
316         * bindings/scripts/test/ObjC/DOMTestObj.mm:
317         * bindings/scripts/test/TestObj.idl:
318         Add bindings test coverage for [Unforgeable].
319
320 2016-02-18  Chris Dumez  <cdumez@apple.com>
321
322         Fix behavior of reflecting unsigned long IDL attributes that are limited to only non-negative numbers greater than zero
323         https://bugs.webkit.org/show_bug.cgi?id=154398
324
325         Reviewed by Ryosuke Niwa.
326
327         Fix behavior of reflecting unsigned long IDL attributes that are limited
328         to only non-negative numbers greater than zero to comply with:
329         - https://html.spec.whatwg.org/#limited-to-only-non-negative-numbers-greater-than-zero
330
331         This patch updates the following IDL attributes:
332         - colgroup.span
333         - col.span
334         - input.size
335         - textarea.cols
336         - textareal.rows
337
338         All of them now:
339         - Have "unsigned long" type on IDL size and "unsigned" type on native
340           side.
341         - On getting, return the value if it is in the range [1; 2147483647],
342           otherwise return the default value.
343         - On setting, set to the input value if it is in the range
344           [1; 2147483647], otherwise, set to the default value.
345
346         Note that as per the specification, we are supposed to throw an
347         IndexSizeError exception when trying to set those attributes to zero.
348         However, we instead use the default value to match other browsers.
349         It would be risky to be the only browser to throw in this case.
350
351         No new tests, already covered by existing test.
352
353         * html/HTMLInputElement.cpp:
354         (WebCore::HTMLInputElement::parseAttribute):
355         (WebCore::HTMLInputElement::setSize):
356         * html/HTMLTableColElement.cpp:
357         (WebCore::HTMLTableColElement::parseAttribute):
358         (WebCore::HTMLTableColElement::setSpan):
359         * html/HTMLTableColElement.h:
360         * html/HTMLTableColElement.idl:
361         * html/HTMLTextAreaElement.cpp:
362         (WebCore::HTMLTextAreaElement::parseAttribute):
363         (WebCore::HTMLTextAreaElement::setCols):
364         (WebCore::HTMLTextAreaElement::setRows):
365         (WebCore::HTMLTextAreaElement::shouldUseInputMethod): Deleted.
366         * html/HTMLTextAreaElement.h:
367         * html/HTMLTextAreaElement.idl:
368         * html/parser/HTMLParserIdioms.h:
369         (WebCore::limitToOnlyNonNegativeNumbersGreaterThanZero):
370
371 2016-02-18  David Kilzer  <ddkilzer@apple.com>
372
373         Remove redundant ASSERT_WITH_MESSAGE_UNUSED() from SOFT_LINK_FRAMEWORK_FOR_SOURCE() macro
374
375         Follow-up fix noted by Andy Estes for:
376
377             [Cocoa] Always check the return value of dlopen() and dlsym() in Release builds
378             <http://webkit.org/b/154364>
379
380         * platform/mac/SoftLinking.h:
381         (SOFT_LINK_FRAMEWORK_FOR_SOURCE): Remove redundant
382         ASSERT_WITH_MESSAGE_UNUSED().
383
384 2016-02-18  Andreas Kling  <akling@apple.com>
385
386         Reduce tiling coverage immediately when memory pressure hits.
387         <https://webkit.org/b/154374>
388
389         Reviewed by Simon Fraser.
390
391         We already had a policy that reduced tiling coverage to a minimum while the system
392         is under memory pressure. However, that policy wouldn't kick in immediately after
393         receiving the pressure notification, but the next time we flush compositing state.
394
395         This change makes it happen sooner, improving our chances to escape death!
396
397         * page/Page.h:
398         * page/Page.cpp:
399         (WebCore::Page::forEachPage):
400
401             Add a little helper for visiting every Page.
402
403         * platform/MemoryPressureHandler.cpp:
404         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
405
406             When under critical memory pressure, schedule a compositing flush in all Pages.
407             This ensures that the reduced tiling coverage policy takes effect, allowing us to
408             immediately drop several tiles in each visible web view.
409
410         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
411         (WebCore::MemoryPressureHandler::install):
412
413             To ensure that this behavior is testable with the fake memory pressure notification,
414             make the fake handler set the "in memory pressure" state just like the real one would.
415             I don't know why we were not doing this previously, it was just an oversight.
416             After the simulation completes, it schedules a runloop callback that resets the
417             "in memory pressure" state.
418
419 2016-02-17  Myles C. Maxfield  <mmaxfield@apple.com>
420
421         [Font Loading] Implement FontFaceSet
422         https://bugs.webkit.org/show_bug.cgi?id=153348
423
424         Reviewed by Simon Fraser.
425
426         The CSS Font Loading spec includes a FontFaceSet object which represents
427         a collection of FontFaces. This patch implements such an object, and
428         backs it with a vector of FontFaces. Similarly to the FontFace object,
429         FontFaceSet is separated into a FontFaceSet frontend object and a
430         CSSFontFaceSet backend object, which actually owns the FontFace objects.
431         All the interaction with Promises is performed in the frontend object.
432
433         This patch does not implement the EventTarget part of the FontFaceSet
434         API, so the only way to know when a font is finished loading is by using
435         the associated Promise objects.
436
437         The CSS Font Loading spec describes how the Document should vend an
438         instance of FontFaceSet which represents the font faces currently
439         associated with the Document. However, that functionality is
440         forthcoming. Currently, the only way to get a FontFaceSet is to create
441         one yourself (using the constructor). Therefore, this patch does not
442         implement the spec's notion of a "CSS-connected font face."
443
444         Test: fast/text/font-face-set-javascript.html
445
446         * CMakeLists.txt: Add new files.
447         * DerivedSources.make: Ditto.
448         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
449         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
450         * WebCore.xcodeproj/project.pbxproj: Ditto.
451         * bindings/js/JSFontFaceSetCustom.cpp: Added.
452         (WebCore::JSFontFaceSet::ready): Use the Promise member.
453         (WebCore::JSFontFaceSet::entries): Use existing iterator code.
454         (WebCore::JSFontFaceSet::keys):
455         (WebCore::JSFontFaceSet::values):
456         * css/CSSAllInOne.cpp: Add new files.
457         * css/CSSFontFace.cpp: We now have a collection of clients (instead of
458         just one). Also, we need to keep a pointer to our FontFace wrapper.
459         (WebCore::CSSFontFace::CSSFontFace):
460         (WebCore::CSSFontFace::addClient):
461         (WebCore::CSSFontFace::removeClient):
462         (WebCore::CSSFontFace::setStatus): Rename the delegate callback to be
463         more clear.
464         (WebCore::CSSFontFace::fontLoaded):
465         (WebCore::CSSFontFace::addedToSegmentedFontFace): Deleted.
466         (WebCore::CSSFontFace::removedFromSegmentedFontFace): Deleted.
467         * css/CSSFontFace.h: Same as above.
468         (WebCore::CSSFontFace::create):
469         (WebCore::CSSFontFace::Client::~Client):
470         (WebCore::CSSFontFace::Client::kick):
471         (WebCore::CSSFontFace::Client::stateChanged):
472         (WebCore::CSSFontFace::wrapper):
473         (WebCore::CSSFontFaceClient::~CSSFontFaceClient): Deleted.
474         * css/CSSFontFaceSet.cpp: Added. Initial imlementation.
475         (WebCore::CSSFontFaceSet::CSSFontFaceSet):
476         (WebCore::CSSFontFaceSet::~CSSFontFaceSet):
477         (WebCore::CSSFontFaceSet::incrementActiveCount):
478         (WebCore::CSSFontFaceSet::decrementActiveCount):
479         (WebCore::CSSFontFaceSet::has):
480         (WebCore::CSSFontFaceSet::add):
481         (WebCore::CSSFontFaceSet::remove):
482         (WebCore::extractFamilies):
483         (WebCore::familiesIntersect): Because this is an initial imlementation,
484         this function is not optimized. A subsequent patch (which implements
485         Document.fonts) will optimize this.
486         (WebCore::CSSFontFaceSet::matchingFaces):
487         (WebCore::CSSFontFaceSet::load):
488         (WebCore::CSSFontFaceSet::check):
489         (WebCore::CSSFontFaceSet::stateChanged):
490         * css/CSSFontFaceSet.h: Added.
491         (WebCore::CSSFontFaceSetClient::~CSSFontFaceSetClient):
492         (WebCore::CSSFontFaceSet::size):
493         (WebCore::CSSFontFaceSet::operator[]):
494         (WebCore::CSSFontFaceSet::status):
495         * css/CSSFontSelector.cpp:
496         (WebCore::CSSFontSelector::familyNameFromPrimitive):
497         (WebCore::CSSFontSelector::registerLocalFontFacesForFamily):
498         (WebCore::CSSFontSelector::addFontFaceRule):
499         (WebCore::familyNameFromPrimitive): Deleted.
500         (WebCore::CSSFontSelector::kick): Deleted.
501         * css/CSSFontSelector.h:
502         * css/CSSSegmentedFontFace.cpp:
503         (WebCore::CSSSegmentedFontFace::~CSSSegmentedFontFace):
504         (WebCore::CSSSegmentedFontFace::appendFontFace):
505         (WebCore::CSSSegmentedFontFace::kick):
506         (WebCore::CSSSegmentedFontFace::fontLoaded): Deleted.
507         * css/CSSSegmentedFontFace.h:
508         * css/FontFace.cpp:
509         (WebCore::FontFace::FontFace):
510         (WebCore::FontFace::~FontFace):
511         (WebCore::FontFace::stateChanged): Renamed to make its purpose clearer.
512         (WebCore::FontFace::kick): Deleted.
513         * css/FontFace.h:
514         * css/FontFaceSet.cpp: Added.
515         (WebCore::createPromise):
516         (WebCore::FontFaceSet::FontFaceSet):
517         (WebCore::FontFaceSet::~FontFaceSet):
518         (WebCore::FontFaceSet::Iterator::Iterator):
519         (WebCore::FontFaceSet::Iterator::next):
520         (WebCore::FontFaceSet::PendingPromise::PendingPromise):
521         (WebCore::FontFaceSet::PendingPromise::~PendingPromise):
522         (WebCore::FontFaceSet::has):
523         (WebCore::FontFaceSet::size):
524         (WebCore::FontFaceSet::add):
525         (WebCore::FontFaceSet::remove):
526         (WebCore::FontFaceSet::clear):
527         (WebCore::FontFaceSet::load): Most of the complexity of loading is
528         due to the promises involved. Rather than use the Javascript function
529         Promise.all(), this patch builds a data structure to represent the
530         promises which need to be resolved. When fonts finish loading, we look
531         at the data structure to determine which promises to resolve.
532         (WebCore::FontFaceSet::check):
533         (WebCore::FontFaceSet::status):
534         (WebCore::FontFaceSet::canSuspendForDocumentSuspension):
535         (WebCore::FontFaceSet::startedLoading):
536         (WebCore::FontFaceSet::completedLoading):
537         (WebCore::FontFaceSet::fulfillPromise): Keep the promise alive.
538         (WebCore::FontFaceSet::faceFinished):
539         * css/FontFaceSet.h: Added.
540         (WebCore::FontFaceSet::create):
541         (WebCore::FontFaceSet::load):
542         (WebCore::FontFaceSet::check):
543         (WebCore::FontFaceSet::createIterator):
544         (WebCore::FontFaceSet::PendingPromise::create):
545         * css/FontFaceSet.idl: Added.
546         * dom/EventNames.h:
547         * dom/EventTargetFactory.in:
548
549 2016-02-17  Mark Lam  <mark.lam@apple.com>
550
551         Callers of JSString::value() should check for exceptions thereafter.
552         https://bugs.webkit.org/show_bug.cgi?id=154346
553
554         Reviewed by Geoffrey Garen.
555
556         No new tests.  The crash that results from this issue is dependent on a race
557         condition where an OutOfMemory error occurs precisely at the point where the
558         JSString::value() function is called on a rope JSString.
559
560         * bindings/js/JSHTMLAllCollectionCustom.cpp:
561         (WebCore::callHTMLAllCollection):
562         * bindings/js/JSStorageCustom.cpp:
563         (WebCore::JSStorage::putDelegate):
564         - Added a comment at the site of the exception check to clarify the meaning of
565           the return value.
566
567 2016-02-17  David Kilzer  <ddkilzer@apple.com>
568
569         [Cocoa] Always check the return value of dlopen() and dlsym() in Release builds
570         <http://webkit.org/b/154364>
571
572         Reviewed by Alexey Proskuryakov.
573
574         * platform/mac/SoftLinking.h:
575         (SOFT_LINK_LIBRARY): Change ASSERT_WITH_MESSAGE() to
576         RELEASE_ASSERT_WITH_MESSAGE().
577         (SOFT_LINK_FRAMEWORK): Ditto.
578         (SOFT_LINK_PRIVATE_FRAMEWORK): Ditto.
579         (SOFT_LINK_STAGED_FRAMEWORK): Ditto.
580         (SOFT_LINK_FRAMEWORK_IN_UMBRELLA): Ditto.
581         (SOFT_LINK): Ditto.
582         (SOFT_LINK_POINTER): Ditto.
583         (SOFT_LINK_CONSTANT): Ditto.
584         (SOFT_LINK_FRAMEWORK_FOR_SOURCE): Add
585         RELEASE_ASSERT_WITH_MESSAGE() when soft-link is not
586         optional.
587
588 2016-02-17  Chris Dumez  <cdumez@apple.com>
589
590         Regression(r196648): http://w3c-test.org/html/dom/interfaces.html redirects at the end of the test
591         https://bugs.webkit.org/show_bug.cgi?id=154357
592
593         Reviewed by Alexey Proskuryakov.
594
595         Make location.assign() / location.replace()'s parameter mandatory,
596         as per the specification:
597         https://html.spec.whatwg.org/multipage/browsers.html#the-location-interface
598
599         Previously, calling location.assign() / location.replace() without
600         parameter would be identical to calling location.assign("undefined") /
601         location.replace("undefined"), which is not useful.
602
603         After r196648, http://w3c-test.org/html/dom/interfaces.html was able to
604         test location.assign() / location.replace() further because they are now
605         on the instance (where they should be) instead of the prototype. One of
606         these tests calls these functions without parameter, expecting them to
607         throw an exception. However, in WebKit, it would not throw and it would
608         redirect us to http://w3c-test.org/html/dom/undefined.
609
610         Firefox and Chrome both follow the specification already and throw in
611         this case.
612
613         No new tests, already covered by existing test.
614
615         * page/Location.idl:
616         Make location.assign() / location.replace()'s parameter mandatory,
617         as per the specification.
618
619 2016-02-17  Commit Queue  <commit-queue@webkit.org>
620
621         Unreviewed, rolling out r196738.
622         https://bugs.webkit.org/show_bug.cgi?id=154380
623
624         broke css3/calc/transforms-translate.html (Requested by
625         alexchristensen on #webkit).
626
627         Reverted changeset:
628
629         "WebKitCSSMatrix transformList with calculated relative length
630         crashes Safari."
631         https://bugs.webkit.org/show_bug.cgi?id=153333
632         http://trac.webkit.org/changeset/196738
633
634 2016-02-17  Dean Jackson  <dino@apple.com>
635
636         WebKitCSSMatrix transformList with calculated relative length crashes Safari.
637         https://bugs.webkit.org/show_bug.cgi?id=153333
638         <rdar://problem/17198383>
639
640         Reviewed by Simon Fraser.
641
642         WebKitCSSMatrix objects should fail to construct when not
643         using absolute lengths.
644
645         Updated existing tests:
646         - transforms/cssmatrix-2d-interface.xhtml
647         - transforms/cssmatrix-3d-interface.xhtml
648
649         * css/StyleBuilderConverter.h:
650         (WebCore::StyleBuilderConverter::convertTransform): Tell transformsForValue
651         that we don't require absolute lengths.
652         * css/TransformFunctions.cpp:
653         (WebCore::convertToFloatLength): Add an optional parameter that will
654         cause the conversion to fail if the primitive value has a non-absolute
655         length.
656         (WebCore::transformsForValue): Pass the parameter for requiring an
657         absolute length on to convertToFloatLength when necessary.
658         * css/TransformFunctions.h:
659         * css/WebKitCSSMatrix.cpp:
660         (WebCore::WebKitCSSMatrix::setMatrixValue): In this case we do
661         require all transform strings to have absolute lengths, not ones
662         that depend on the font size or are calculated.
663
664 2016-02-17  Commit Queue  <commit-queue@webkit.org>
665
666         Unreviewed, rolling out r196712.
667         https://bugs.webkit.org/show_bug.cgi?id=154371
668
669         This change caused 5 API test failures on ios-simulator
670         (Requested by ryanhaddad on #webkit).
671
672         Reverted changeset:
673
674         "[iOS] Purge GraphicsServices font cache on memory warning."
675         https://bugs.webkit.org/show_bug.cgi?id=154343
676         http://trac.webkit.org/changeset/196712
677
678 2016-02-17  Brady Eidson  <beidson@apple.com>
679
680         Modern IDB: More Encoder/Decoder/Messaging scaffolding for WK2 IPC.
681         https://bugs.webkit.org/show_bug.cgi?id=154356
682
683         Reviewed by Alex Christensen.
684
685         No change in behavior yet; Just laying the groundwork.
686
687         * Modules/indexeddb/shared/IDBDatabaseInfo.h:
688         (WebCore::IDBDatabaseInfo::encode):
689         (WebCore::IDBDatabaseInfo::decode):
690
691         * Modules/indexeddb/shared/IDBError.h:
692         (WebCore::IDBError::encode):
693         (WebCore::IDBError::decode):
694
695         * Modules/indexeddb/shared/IDBRequestData.h:
696         (WebCore::IDBRequestData::decode):
697
698         * Modules/indexeddb/shared/IDBResultData.h:
699         (WebCore::IDBResultData::encode):
700         (WebCore::IDBResultData::decode):
701
702 2016-02-17  Saam barati  <sbarati@apple.com>
703
704         Implement Proxy [[Get]]
705         https://bugs.webkit.org/show_bug.cgi?id=154081
706
707         Reviewed by Michael Saboff.
708
709         Tests are in JavaScriptCore.
710
711         * bindings/js/JSCryptoAlgorithmDictionary.cpp:
712         (WebCore::getProperty):
713         (WebCore::getHashAlgorithm):
714         * bindings/js/JSCryptoKeySerializationJWK.cpp:
715         (WebCore::getJSArrayFromJSON):
716         (WebCore::getStringFromJSON):
717         (WebCore::getBooleanFromJSON):
718         * bindings/js/JSDOMWindowCustom.cpp:
719         (WebCore::DialogHandler::returnValue):
720         * bindings/js/JSDictionary.cpp:
721         (WebCore::JSDictionary::tryGetProperty):
722         * bindings/js/JSStorageCustom.cpp:
723         (WebCore::JSStorage::deleteProperty):
724         (WebCore::JSStorage::deletePropertyByIndex):
725         (WebCore::JSStorage::putDelegate):
726         * bindings/js/SerializedScriptValue.cpp:
727         (WebCore::CloneSerializer::getProperty):
728         * testing/Internals.cpp:
729         (WebCore::Internals::isReadableStreamDisturbed):
730
731 2016-02-17  Simon Fraser  <simon.fraser@apple.com>
732
733         PDFPlugin's scrollableArea container is not properly unregistered when page is going into the PageCache
734         https://bugs.webkit.org/show_bug.cgi?id=148182
735
736         Reviewed by Brent Fulgham.
737
738         When handling Command-arrow key while showing a scrollable PDF, the timing of PDFPlugin
739         teardown and navigation could result in PDFPlugin::destroy() getting the wrong FrameView,
740         so the old FrameView was left with a stale pointer in its scrollableAreaSet.
741
742         Fix this by adding an explicit willDetatchRenderer() which is called on the plugin
743         before the Frame gets a new FrameView.
744
745         Also narrow the scope of the RefPtr<Widget> in HTMLPlugInElement::defaultEventHandler()
746         so that the Widget is not kept alive over a possible navigation.
747
748         I was unable to make an automated test, because reproducing the bug requires handling
749         a Command-arrow key event in a way that the last ref to a Widget is held over the event
750         handling, and this wasn't possible in an iframe.
751
752         * html/HTMLPlugInElement.cpp:
753         (WebCore::HTMLPlugInElement::defaultEventHandler):
754         * html/HTMLPlugInImageElement.cpp:
755         (WebCore::HTMLPlugInImageElement::willDetachRenderers):
756         * plugins/PluginViewBase.h:
757         (WebCore::PluginViewBase::willDetatchRenderer):
758         * style/StyleTreeResolver.cpp:
759         (WebCore::Style::detachRenderTree): Drive-by nullptr.
760
761 2016-02-17  Brady Eidson  <beidson@apple.com>
762
763         Modern IDB: Encoder/Decoder/Messaging scaffolding for WK2 IPC.
764         https://bugs.webkit.org/show_bug.cgi?id=154351
765
766         Reviewed by Alex Christensen.
767
768         No change in behavior yet; Just laying the groundwork.
769
770         * Modules/indexeddb/IDBDatabaseIdentifier.h:
771         (WebCore::IDBDatabaseIdentifier::encode):
772         (WebCore::IDBDatabaseIdentifier::decode):
773         
774         * Modules/indexeddb/shared/IDBCursorInfo.h:
775         (WebCore::IDBCursorInfo::encode):
776         (WebCore::IDBCursorInfo::decode):
777         
778         * Modules/indexeddb/shared/IDBIndexInfo.h:
779         (WebCore::IDBIndexInfo::encode):
780         (WebCore::IDBIndexInfo::decode):
781         
782         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
783         (WebCore::IDBObjectStoreInfo::encode):
784         (WebCore::IDBObjectStoreInfo::decode):
785         
786         * Modules/indexeddb/shared/IDBRequestData.h:
787         (WebCore::IDBRequestData::encode):
788         (WebCore::IDBRequestData::decode):
789         
790         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
791         (WebCore::IDBResourceIdentifier::encode):
792         (WebCore::IDBResourceIdentifier::decode):
793         
794         * Modules/indexeddb/shared/IDBTransactionInfo.h:
795         (WebCore::IDBTransactionInfo::encode):
796         (WebCore::IDBTransactionInfo::decode):
797
798 2016-02-17  Andreas Kling  <akling@apple.com>
799
800         [iOS] Purge GraphicsServices font cache on memory warning.
801         <https://webkit.org/b/154343>
802
803         Reviewed by Antti Koivisto.
804
805         The GS font cache was holding on to the last retain on CSS fonts after they stop being used.
806         Call SPI to purge it on memory pressure.
807
808         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
809         (WebCore::MemoryPressureHandler::platformReleaseMemory):
810         * platform/spi/ios/GraphicsServicesSPI.h:
811
812 2016-02-17  Chris Dumez  <cdumez@apple.com>
813
814         Regression(r196648): window.showModalDialog is no longer undefined if the client does not allow showing modal dialog
815         https://bugs.webkit.org/show_bug.cgi?id=154330
816
817         Reviewed by Gavin Barraclough.
818
819         window.showModalDialog is no longer undefined if the client does not
820         allow showing modal dialog after r196648. This patch fixes the issue
821         and add test coverage for this.
822
823         Test: fast/dom/Window/forbid-showModalDialog.html
824
825         * bindings/js/JSDOMWindowCustom.cpp:
826         (WebCore::JSDOMWindow::getOwnPropertySlot):
827         - Move the DOMWindow::canShowModalDialog() check *before* checking
828           for static properties as showModalDialog is now in the static
829           property table after r196648.
830         - Add check for Base::getOwnPropertySlot() first to support overriding
831           window.showModalDialog (This behavior matches Firefox).
832         - Return false if DOMWindow::canShowModalDialog() returns false as this
833           seems cleaner than claiming that the property is there but undefined.
834
835         * page/DOMWindow.cpp:
836         (WebCore::DOMWindow::canShowModalDialogNow): Deleted.
837         This was indentical to canShowModalDialog().
838
839         (WebCore::DOMWindow::canShowModalDialog):
840         (WebCore::DOMWindow::setCanShowModalDialogOverride):
841         (WebCore::DOMWindow::showModalDialog):
842         * page/DOMWindow.h:
843         * testing/Internals.cpp:
844         (WebCore::Internals::setCanShowModalDialogOverride):
845         * testing/Internals.h:
846         * testing/Internals.idl:
847         Add support for overriding the ChromeClient's canShowModalDialog
848         decision and hook it up to Internals to add layout test coverage.
849
850 2016-02-17  Brady Eidson  <beidson@apple.com>
851
852         Modern IDB: More WK2 IPC Scaffolding.
853         https://bugs.webkit.org/show_bug.cgi?id=154317
854
855         Reviewed by Alex Christensen.
856
857         No change in behavior yet; Just laying the groundwork.
858
859         * Modules/indexeddb/shared/IDBCursorInfo.cpp:
860         (WebCore::IDBCursorInfo::IDBCursorInfo):
861         * Modules/indexeddb/shared/IDBCursorInfo.h:
862         (WebCore::IDBCursorInfo::decode):
863         * Modules/indexeddb/shared/IDBError.h:
864         (WebCore::IDBError::decode):
865         * Modules/indexeddb/shared/IDBIndexInfo.h:
866         (WebCore::IDBIndexInfo::decode):
867         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
868         (WebCore::IDBObjectStoreInfo::decode):
869         * Modules/indexeddb/shared/IDBRequestData.cpp:
870         (WebCore::IDBRequestData::IDBRequestData):
871         * Modules/indexeddb/shared/IDBRequestData.h:
872         (WebCore::IDBRequestData::decode):
873         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
874         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier):
875         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
876         (WebCore::IDBResourceIdentifier::decode):
877         * Modules/indexeddb/shared/IDBResultData.cpp:
878         (WebCore::IDBResultData::IDBResultData):
879         * Modules/indexeddb/shared/IDBResultData.h:
880         (WebCore::IDBResultData::decode):
881         * Modules/indexeddb/shared/IDBTransactionInfo.cpp:
882         (WebCore::IDBTransactionInfo::IDBTransactionInfo):
883         * Modules/indexeddb/shared/IDBTransactionInfo.h:
884         (WebCore::IDBTransactionInfo::decode):
885         * WebCore.xcodeproj/project.pbxproj:
886
887 2016-02-17  Eric Carlson  <eric.carlson@apple.com>
888
889         [Win] Allow ports to disable automatic text track selection
890         https://bugs.webkit.org/show_bug.cgi?id=154322
891         <rdar://problem/24623986>
892
893         Reviewed by Brent Fulgham.
894
895         * page/CaptionUserPreferencesMediaAF.cpp:
896         (MTEnableCaption2015BehaviorPtr): Implement for Windows.
897
898 2016-02-17  Gavin Barraclough  <barraclough@apple.com>
899
900         JSDOMWindow::put should not do the same thing twice
901         https://bugs.webkit.org/show_bug.cgi?id=154334
902
903         Reviewed by Chris Dumez.
904
905         It either calls JSGlobalObject::put or Base::put. Hint: these are basically the same thing.
906         In the latter case it might call lookupPut. That's redundant; JSObject::put handles static
907         table entries.
908
909         * bindings/js/JSDOMWindowCustom.cpp:
910         (WebCore::JSDOMWindow::put):
911             - just call Base::put.
912         (WebCore::JSDOMWindow::putByIndex):
913             - just call Base::putByIndex.
914
915 2016-02-17  Nan Wang  <n_wang@apple.com>
916
917         AX: Implement sentence related text marker functions using TextIterator
918         https://bugs.webkit.org/show_bug.cgi?id=154312
919
920         Reviewed by Chris Fleizach.
921
922         Using CharacterOffset to implement sentence related text marker calls. Reused
923         logic from VisibleUnits class. Also fixed an issue where paragraph navigation
924         should skip preceding and following BR nodes.
925
926         Test: accessibility/mac/text-marker-sentence-nav.html
927
928         * accessibility/AXObjectCache.cpp:
929         (WebCore::resetNodeAndOffsetForReplacedNode):
930         (WebCore::setRangeStartOrEndWithCharacterOffset):
931         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
932         (WebCore::AXObjectCache::previousCharacterOffset):
933         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
934         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
935         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
936         (WebCore::AXObjectCache::leftWordRange):
937         (WebCore::AXObjectCache::rightWordRange):
938         (WebCore::AXObjectCache::characterBefore):
939         (WebCore::characterOffsetNodeIsBR):
940         (WebCore::parentEditingBoundary):
941         (WebCore::AXObjectCache::nextBoundary):
942         (WebCore::AXObjectCache::previousBoundary):
943         (WebCore::AXObjectCache::paragraphForCharacterOffset):
944         (WebCore::AXObjectCache::nextParagraphEndCharacterOffset):
945         (WebCore::AXObjectCache::previousParagraphStartCharacterOffset):
946         (WebCore::AXObjectCache::startCharacterOffsetOfSentence):
947         (WebCore::AXObjectCache::endCharacterOffsetOfSentence):
948         (WebCore::AXObjectCache::sentenceForCharacterOffset):
949         (WebCore::AXObjectCache::nextSentenceEndCharacterOffset):
950         (WebCore::AXObjectCache::previousSentenceStartCharacterOffset):
951         (WebCore::AXObjectCache::rootAXEditableElement):
952         (WebCore::startWordBoundary): Deleted.
953         (WebCore::endWordBoundary): Deleted.
954         (WebCore::AXObjectCache::nextWordBoundary): Deleted.
955         (WebCore::AXObjectCache::previousWordBoundary): Deleted.
956         * accessibility/AXObjectCache.h:
957         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
958         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
959         * editing/VisibleUnits.cpp:
960         (WebCore::startWordBoundary):
961         (WebCore::startOfWord):
962         (WebCore::endWordBoundary):
963         (WebCore::startSentenceBoundary):
964         (WebCore::startOfSentence):
965         (WebCore::endSentenceBoundary):
966         * editing/VisibleUnits.h:
967
968 2016-02-17  Manuel Rego Casasnovas  <rego@igalia.com>
969
970         [css-grid] GridSpan refactoring
971         https://bugs.webkit.org/show_bug.cgi?id=153868
972
973         Reviewed by Sergio Villar Senin.
974
975         Add new enum to know if a GridSpan is definite or indefinite.
976         That way we don't need GridUnresolvedSpan class (which is removed).
977         We can always have two GridSpans in GridCoordinate,
978         if the position is "auto" the GridSpan will be marked as indefinite.
979         This will allow in a follow-up patch to avoid repeated calls
980         to methods that resolve positions.
981
982         Most operations in GridSpan are restricted to definite GridSpans (access
983         to positions, iterator, etc.). For indefinite GridSpans we only need to
984         know that they're indefinite, we shouldn't use the rest of the data.
985
986         No new tests, no change of behavior.
987
988         * css/CSSGridTemplateAreasValue.cpp:
989         (WebCore::stringForPosition):
990         * css/CSSParser.cpp:
991         (WebCore::CSSParser::parseGridTemplateAreasRow):
992         * css/StyleBuilderConverter.h:
993         (WebCore::StyleBuilderConverter::createImplicitNamedGridLinesFromGridArea):
994         * rendering/RenderGrid.cpp:
995         (WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
996         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
997         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
998         (WebCore::RenderGrid::insertItemIntoGrid):
999         (WebCore::RenderGrid::placeItemsOnGrid):
1000         (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
1001         (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
1002         (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
1003         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
1004         (WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets):
1005         (WebCore::RenderGrid::columnAxisOffsetForChild):
1006         (WebCore::RenderGrid::rowAxisOffsetForChild):
1007         (WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Deleted.
1008         (WebCore::RenderGrid::autoPlacementMinorAxisDirection): Deleted.
1009         (WebCore::RenderGrid::populateGridPositions): Deleted.
1010         * rendering/style/GridCoordinate.h:
1011         (WebCore::GridSpan::definiteGridSpan):
1012         (WebCore::GridSpan::indefiniteGridSpan):
1013         (WebCore::GridSpan::operator==):
1014         (WebCore::GridSpan::integerSpan):
1015         (WebCore::GridSpan::resolvedInitialPosition):
1016         (WebCore::GridSpan::resolvedFinalPosition):
1017         (WebCore::GridSpan::begin):
1018         (WebCore::GridSpan::end):
1019         (WebCore::GridSpan::isDefinite):
1020         (WebCore::GridSpan::GridSpan):
1021         (WebCore::GridCoordinate::GridCoordinate):
1022         * rendering/style/GridResolvedPosition.cpp:
1023         (WebCore::initialPositionSide):
1024         (WebCore::finalPositionSide):
1025         (WebCore::adjustGridPositionsFromStyle):
1026         (WebCore::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition):
1027         (WebCore::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
1028         (WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
1029         (WebCore::resolveGridPositionAgainstOppositePosition):
1030         (WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):
1031         (WebCore::GridResolvedPosition::resolveGridPositionsFromStyle):
1032         (WebCore::implicitNamedGridLineForSide): Deleted.
1033         (WebCore::GridResolvedPosition::isNonExistentNamedLineOrArea): Deleted.
1034         (WebCore::resolveNamedGridLinePositionFromStyle): Deleted.
1035         (WebCore::resolveGridPositionFromStyle): Deleted.
1036         * rendering/style/GridResolvedPosition.h:
1037         (WebCore::GridResolvedPosition::GridResolvedPosition): Deleted.
1038         (WebCore::GridResolvedPosition::operator*): Deleted.
1039         (WebCore::GridResolvedPosition::operator++): Deleted.
1040         (WebCore::GridResolvedPosition::operator==): Deleted.
1041
1042 2016-02-17  Chris Dumez  <cdumez@apple.com>
1043
1044         Window should have its 'constructor' property on the prototype
1045         https://bugs.webkit.org/show_bug.cgi?id=154037
1046         <rdar://problem/24689078>
1047
1048         Reviewed by Gavin Barraclough.
1049
1050         Window should have its 'constructor' property on the prototype as per
1051         the Web IDL specification:
1052         http://heycam.github.io/webidl/#interface-prototype-object
1053
1054         Firefox and Chrome already match the specification.
1055
1056         No new tests, covered by:
1057         - fast/dom/Window/window-constructor-settable.html
1058         - fast/dom/Window/window-constructor.html
1059         - http/tests/security/cross-origin-window-property-access.html
1060         - imported/w3c/web-platform-tests/html/dom/interfaces.html
1061
1062         * bindings/scripts/CodeGeneratorJS.pm:
1063         (ConstructorShouldBeOnInstance): Deleted.
1064         Drop this routine as all constructors are now on the prototype.
1065
1066         (InstancePropertyCount):
1067         Do not account for constructor properties as these can only be
1068         on the prototype now.
1069
1070         (PrototypePropertyCount):
1071         Increment the property count by 1 if the interface has a constructor
1072         property (e.g. [NoInterfaceObject] interfaces do not have one).
1073
1074         (GeneratePropertiesHashTable):
1075         Stop calling ConstructorShouldBeOnInstance() as it no longer exists.
1076         Always generated the "constructor" property if:
1077         1. We are generating the prototype hash table.
1078         and
1079         2. The interface needs a constructor (i.e. not marked as
1080            [NoInterfaceObject]).
1081
1082         (GenerateImplementation):
1083         - Drop code handling the case where ConstructorShouldBeOnInstance()
1084           returns true as constructors are not always on the prototype and
1085           the ConstructorShouldBeOnInstance() routine has been dropped.
1086         - Drop code handling [CustomProxyToJSObject]. Now that the constructor
1087           is always on the prototype, we never need to cast thisValue to a
1088           JSDOMWindow (by calling toJSDOMWindow). In the Window case, thisValue
1089           is now casted to a JSDOMWindowPrototype*, similarly to other interfaces
1090           so we don't need a special casting function anymore.
1091         - Stop generating security checks. This only impacts Window as it is the
1092           only interface marked as [CheckSecurity]. The cross-origin checking code
1093           as it was would not work when "constructor" is on the prototype because
1094           thisValue is a JSDOMWindowPrototype, not a JSDOMWindow and we have no
1095           way of getting the wrapped window. Also, the security check is no longer
1096           needed because:
1097           1. Accessing crossOriginWindow.constructor will not work now that
1098              constructor is on the prototype because
1099              JSDOMWindow::getOwnPropertySlot() already prevents access to the
1100              prototype in the cross-origin case.
1101           2. "constructor" is a value property, not a getter/setter. Therefore,
1102              it is no possible to use the getter/setter from a same origin window
1103              instance and call it on a cross origin window.
1104
1105 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1106
1107         Add a way to test ScrollAnimator
1108         https://bugs.webkit.org/show_bug.cgi?id=153479
1109
1110         Reviewed by Michael Catanzaro.
1111
1112         Tests: fast/scrolling/overlay-scrollbars-scroll-corner.html
1113                fast/scrolling/scroll-animator-basic-events.html
1114                fast/scrolling/scroll-animator-overlay-scrollbars-hovered.html
1115                fast/scrolling/scroll-animator-select-list-events.html
1116
1117         * CMakeLists.txt:
1118         * WebCore.xcodeproj/project.pbxproj:
1119         * page/FrameView.cpp:
1120         (WebCore::FrameView::usesMockScrollAnimator):
1121         (WebCore::FrameView::logMockScrollAnimatorMessage):
1122         * page/FrameView.h:
1123         * page/Settings.cpp:
1124         (WebCore::Settings::setUsesMockScrollAnimator):
1125         (WebCore::Settings::usesMockScrollAnimator):
1126         * page/Settings.h:
1127         * platform/ScrollableArea.cpp:
1128         (WebCore::ScrollableArea::scrollAnimator):
1129         * platform/ScrollableArea.h:
1130         (WebCore::ScrollableArea::usesMockScrollAnimator):
1131         (WebCore::ScrollableArea::logMockScrollAnimatorMessage):
1132         * platform/mock/ScrollAnimatorMock.cpp: Added.
1133         (WebCore::ScrollAnimatorMock::create):
1134         (WebCore::ScrollAnimatorMock::ScrollAnimatorMock):
1135         (WebCore::ScrollAnimatorMock::~ScrollAnimatorMock):
1136         (WebCore::ScrollAnimatorMock::didAddVerticalScrollbar):
1137         (WebCore::ScrollAnimatorMock::didAddHorizontalScrollbar):
1138         (WebCore::ScrollAnimatorMock::willRemoveVerticalScrollbar):
1139         (WebCore::ScrollAnimatorMock::willRemoveHorizontalScrollbar):
1140         (WebCore::ScrollAnimatorMock::mouseEnteredContentArea):
1141         (WebCore::ScrollAnimatorMock::mouseMovedInContentArea):
1142         (WebCore::ScrollAnimatorMock::mouseExitedContentArea):
1143         (WebCore::ScrollAnimatorMock::mouseEnteredScrollbar):
1144         (WebCore::ScrollAnimatorMock::mouseExitedScrollbar):
1145         (WebCore::ScrollAnimatorMock::mouseIsDownInScrollbar):
1146         * platform/mock/ScrollAnimatorMock.h: Added.
1147         * platform/mock/ScrollbarThemeMock.cpp:
1148         (WebCore::ScrollbarThemeMock::usesOverlayScrollbars):
1149         * platform/mock/ScrollbarThemeMock.h:
1150         * rendering/RenderLayer.cpp:
1151         (WebCore::RenderLayer::usesMockScrollAnimator):
1152         (WebCore::RenderLayer::logMockScrollAnimatorMessage):
1153         * rendering/RenderLayer.h:
1154         * rendering/RenderListBox.cpp:
1155         (WebCore::RenderListBox::usesMockScrollAnimator):
1156         (WebCore::RenderListBox::logMockScrollAnimatorMessage):
1157         * rendering/RenderListBox.h:
1158         * testing/Internals.cpp:
1159         (WebCore::Internals::resetToConsistentState):
1160         (WebCore::Internals::setUsesMockScrollAnimator):
1161         * testing/Internals.h:
1162         * testing/Internals.idl:
1163
1164 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1165
1166         Unreviewed. Enable overlay scrollbars in GTK+ after r196641.
1167
1168         This was blocked by bug #153404, but the commit that introduced
1169         the regression was rolled out in r196641.
1170
1171         * platform/gtk/ScrollbarThemeGtk.cpp:
1172         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1173
1174 2016-02-16  Gavin Barraclough  <barraclough@apple.com>
1175
1176         JSDOMWindow::getOwnPropertySlot should just call getStaticPropertySlot
1177         https://bugs.webkit.org/show_bug.cgi?id=154257
1178
1179         Reviewed by Chris Dumez.
1180
1181         * bindings/js/JSDOMWindowCustom.cpp:
1182         (WebCore::JSDOMWindow::getOwnPropertySlot):
1183             - JSDOMWindow::getOwnPropertySlot should just call getStaticPropertySlot
1184
1185 2016-02-16  Gavin Barraclough  <barraclough@apple.com>
1186
1187         JSDOMWindow::getOwnPropertySlot should not search photo chain
1188         https://bugs.webkit.org/show_bug.cgi?id=154102
1189
1190         Reviewed by Chris Dumez.
1191
1192         Should only return *own* properties.
1193
1194         * bindings/js/JSDOMWindowCustom.cpp:
1195         (WebCore::jsDOMWindowGetOwnPropertySlotNamedItemGetter):
1196
1197 2016-02-16  Alex Christensen  <achristensen@webkit.org>
1198
1199         CMake build fix.
1200
1201         * PlatformMac.cmake:
1202
1203 2016-02-16  Chris Dumez  <cdumez@apple.com>
1204
1205         Navigator.geolocation should not be marked a [Replaceable] and should be on the prototype
1206         https://bugs.webkit.org/show_bug.cgi?id=154304
1207         <rdar://problem/24685092>
1208
1209         Reviewed by Gavin Barraclough.
1210
1211         1. Drop the [Replaceable] IDL extended attribute for navigator.geolocation
1212            as this does not match other browsers or the specification:
1213            - https://dev.w3.org/geo/api/spec-source.html#geolocation_interface
1214         2. Move Navigator attributes to the prototype, where they should be as
1215            per the Web IDL specification.
1216
1217         The previous behavior was meant as a workaround for a bug in the Amazon
1218         iOS app (rdar://problem/16332749). However, I have confirmed that the
1219         latest Amazon App no longer has any issue with those changes.
1220
1221         Test: js/navigator-set-geolocation.html
1222
1223         * Modules/geolocation/NavigatorGeolocation.idl:
1224         * bindings/scripts/CodeGeneratorJS.pm:
1225         (InterfaceRequiresAttributesOnInstanceForCompatibility): Deleted.
1226
1227 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1228
1229         REGRESSION(r196268): WTFCrashWithSecurityImplication on SVG path animation tests
1230         https://bugs.webkit.org/show_bug.cgi?id=154221
1231
1232         Reviewed by Brent Fulgham.
1233
1234         In r196268, a destructor was added to SVGListPropertyTearOff that notifies
1235         its wrapper (the SVGAnimatedListPropertyTearoff) about its deletion. This
1236         allows the wrapper to nullify any references to the wrapped content.
1237         
1238         We needed to do the same thing for SVGPathSegListPropertyTearOff. Both
1239         SVGPathSegListPropertyTearOff and SVGListPropertyTearOff inherit from
1240         SVGListProperty and both hold pointers to SVGAnimatedListPropertyTearOff
1241         which needs to be notified.
1242         
1243         Tests: exiting svg path animation tests should not crash.
1244
1245         * svg/properties/SVGPathSegListPropertyTearOff.h:
1246         (WebCore::SVGPathSegListPropertyTearOff::~SVGPathSegListPropertyTearOff):
1247
1248 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1249
1250         REGRESSION (r190430): WTFCrashWithSecurityImplication in:void SVGRootInlineBox::layoutCharactersInTextBoxes()
1251         https://bugs.webkit.org/show_bug.cgi?id=154185
1252
1253         Reviewed by Ryosuke Niwa.
1254
1255         This is a regression caused by adding support for HTMLSlotElement. The
1256         crash happens when adding an HTMLSlotElement to anther element which should
1257         not have it as a child like SVGTextElement for example. In this case, we
1258         were creating a RenderText which should not be happen inside an SVG document.
1259         The RenderText::createTextBox() was creating InlineTextBox for the slot's
1260         text and attach it to the SVGRootInlineBox. In layoutCharactersInTextBoxes(),
1261         the assumption is the inline box is either SVGInlineTextBox or SVGInlineFlowBox.
1262         But since we have an InlineTextBox instead, the crash happens when casting
1263         the InlineTextBox to SVGInlineFlowBox.
1264
1265         The fix is for createRenderTreeForSlotAssignees() to not create a renderer
1266         when the parent element should not have a renderer for the this element.
1267         This is the same thing we do for createRenderer() which handles the non
1268         HTMLSlotElement case and which is called also from createRenderTreeRecursively().
1269         
1270         Test: fast/shadow-dom/text-slot-child-crash.svg
1271
1272         * style/StyleTreeResolver.cpp:
1273         (WebCore::Style::moveToFlowThreadIfNeeded):
1274         (WebCore::Style::TreeResolver::createRenderer): Delete the check for
1275         shouldCreateRenderer() and handling the case when resolvedStyle is null
1276         since these are handled by the caller createRenderTreeRecursively().
1277         
1278         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
1279         Assert shouldCreateRenderer() is true for this element.
1280         
1281         (WebCore::Style::TreeResolver::createRenderTreeRecursively): Don't create
1282         the renderer if shouldCreateRenderer() returns false. Also handle the case
1283         when resolvedStyle is null and pass the new style to createRenderer().
1284         
1285         * style/StyleTreeResolver.h:
1286
1287 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
1288
1289         Every RenderLayer should not have to remove itself from the scrollableArea set
1290         https://bugs.webkit.org/show_bug.cgi?id=154311
1291
1292         Reviewed by Zalan Bujtas.
1293
1294         A subset of RenderLayers are are scrollable, and get registered on the FrameView,
1295         but we pay the cost of a hash lookup for removal on every RenderLayer, which is a waste.
1296         
1297         Store a bit that tells RenderLayer that it's in the set and needs to be removed.
1298
1299         * rendering/RenderLayer.cpp:
1300         (WebCore::RenderLayer::RenderLayer):
1301         (WebCore::RenderLayer::~RenderLayer):
1302         (WebCore::RenderLayer::calculateClipRects):
1303         * rendering/RenderLayer.h:
1304
1305 2016-02-16  Daniel Bates  <dabates@apple.com>
1306
1307         CSP: Update violation report 'Content-Type' header
1308         https://bugs.webkit.org/show_bug.cgi?id=153166
1309         <rdar://problem/24383327>
1310
1311         Reviewed by Brent Fulgham.
1312
1313         Inspired by Blink patch:
1314         <https://src.chromium.org/viewvc/blink?view=rev&revision=154215>
1315
1316         Post the Content Security Policy violation report with Content-Type application/csp-report as
1317         per section Reporting of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/>.
1318
1319         Currently we post CSP violation reports with Content-Type application/json.
1320
1321         * html/parser/XSSAuditorDelegate.cpp:
1322         (WebCore::XSSAuditorDelegate::didBlockScript): Use report type ViolationReportType::XSSAuditor to PingLoader.
1323         * loader/PingLoader.cpp:
1324         (WebCore::PingLoader::sendViolationReport): Modified to take argument of type ViolationReportType
1325         to determine the appropriate Content-Type header to use for the report. For a XSS Auditor violation report
1326         we use Content-Type application/json. For a Content Security Policy violation report we use Content-Type
1327         application/csp-report. Additionally, pass a ASCIILiteral() to ResourceRequestBase::setHTTPMethod()
1328         as opposed to a constant string literal to avoid a copy of a constant string literal.
1329         * loader/PingLoader.h: Add enum class ViolationReportType.
1330         * page/csp/ContentSecurityPolicy.cpp:
1331         (WebCore::ContentSecurityPolicy::reportViolation): Use report type ViolationReportType::ContentSecurityPolicy.
1332
1333 2016-02-16  Alex Christensen  <achristensen@webkit.org>
1334
1335         Add checks before redirecting with NetworkSession
1336         https://bugs.webkit.org/show_bug.cgi?id=154298
1337
1338         Reviewed by Andy Estes.
1339
1340         This fixes http/tests/security/cors-post-redirect-307.html and 
1341         http/tests/navigation/post-307-response.html when using NetworkSession.
1342
1343         * platform/network/ResourceRequestBase.h:
1344         WEBCORE_EXPORT some functions newly used in WebKit2.
1345
1346 2016-02-16  Daniel Bates  <dabates@apple.com>
1347
1348         CSP: Fix parsing of 'host/path' source expressions
1349         https://bugs.webkit.org/show_bug.cgi?id=153170
1350         <rdar://problem/24383407>
1351
1352         Reviewed by Brent Fulgham.
1353
1354         Merged from Blink (patch by Mike West):
1355         <https://src.chromium.org/viewvc/blink?revision=154875&view=revision>
1356
1357         Fixes an issue where a source of the form example.com/A/ was incorrectly considered
1358         invalid and hence such a requested resource would be blocked. A source of this form
1359         is valid by the definition of host-source in section Source List Syntax of the Content
1360         Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.
1361
1362         * page/csp/ContentSecurityPolicySourceList.cpp:
1363         (WebCore::ContentSecurityPolicySourceList::parseSource):
1364
1365 2016-02-16  Daniel Bates  <dabates@apple.com>
1366
1367         CSP: Disallow an empty host in a host-source source expression
1368         https://bugs.webkit.org/show_bug.cgi?id=153168
1369         <rdar://problem/24383366>
1370
1371         Reviewed by Brent Fulgham.
1372
1373         Merged from Blink (patch by rob@robwu.nl):
1374         <https://src.chromium.org/viewvc/blink?revision=180407&view=revision>
1375
1376         * page/csp/ContentSecurityPolicySourceList.cpp:
1377         (WebCore::ContentSecurityPolicySourceList::parseSource):
1378
1379 2016-02-16  Brady Eidson  <beidson@apple.com>
1380
1381         Modern IDB: WK2 IPC Scaffolding.
1382         https://bugs.webkit.org/show_bug.cgi?id=154296
1383
1384         Reviewed by Alex Christensen.
1385         
1386         No change in behavior yet; Just laying the groundwork.
1387
1388         * Modules/indexeddb/client/IDBConnectionToServer.h:
1389         * Modules/indexeddb/server/IDBConnectionToClient.h:
1390         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1391
1392 2016-02-16  Chris Dumez  <cdumez@apple.com>
1393
1394         [Web IDL] Operations should be on the instance for global objects or if [Unforgeable]
1395         https://bugs.webkit.org/show_bug.cgi?id=154120
1396         <rdar://problem/24613231>
1397
1398         Reviewed by Gavin Barraclough.
1399
1400         Operations should be on the instance for global objects or if
1401         [Unforgeable] as per the Web IDL specification:
1402         - http://heycam.github.io/webidl/#es-operations
1403         - http://heycam.github.io/webidl/#dfn-unforgeable-on-an-interface
1404
1405         This patch implements this behavior in order to align
1406         with the specification and other browsers.
1407
1408         No new tests, already covered by existing tests.
1409
1410         * bindings/js/JSDOMWindowCustom.cpp:
1411         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1412         Update function names now that they have "Instance" in their
1413         name instead of "Prototype".
1414
1415         (WebCore::JSDOMWindow::getOwnPropertySlot):
1416         - Update function names now that they have "Instance" in their
1417           name instead of "Prototype".
1418         - Move the functions hard-coding *before* the static table check
1419           now that these functions are in the static table to maintain
1420           the previous behavior.
1421
1422         * bindings/js/JSLocationCustom.cpp:
1423         (WebCore::JSLocation::getOwnPropertySlotDelegate):
1424         Update function names now that they have "Instance" in their
1425         name instead of "Prototype".
1426
1427         * bindings/scripts/CodeGeneratorJS.pm:
1428         - Move functions to the instance if their interface is a global
1429           object or if they are marked as [Unforgeable]. Operations are
1430           now treated more like attributes, as they can now be either on
1431           the instance or the prototype. In a lot of places, I now use
1432           the naming "properties" instead of "attributes" as "properties"
1433           refer both "attributes" and "operations" / "functions".
1434
1435         * bindings/scripts/test/JS/JSTestInterface.cpp:
1436         * bindings/scripts/test/JS/JSTestObj.cpp:
1437         Rebaseline bindings tests.
1438
1439 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
1440
1441         Rollout r188659. This broke scrolling of iframes and overflow when
1442         navigating back to a page in the page cache.
1443         
1444         The fix was overly agressive and had no layout test. I will fix the original
1445         issue a different way.
1446
1447         * history/CachedFrame.cpp:
1448         (WebCore::CachedFrame::CachedFrame):
1449         * page/FrameView.cpp:
1450         (WebCore::FrameView::clearScrollableAreas): Deleted.
1451         * page/FrameView.h:
1452
1453 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1454
1455         [GTK] No hover-horizontal scrolling available
1456         https://bugs.webkit.org/show_bug.cgi?id=122859
1457
1458         Reviewed by Michael Catanzaro.
1459
1460         This is a regression of WebKit2, because in WebKit1 we used native
1461         widgets for frame scrollbars that handled this automatically. Now
1462         we need to also check if the mouse is over frame scrollbars to
1463         adjust the wheel event.
1464
1465         Test: platform/gtk/scrollbars/main-frame-scrollbar-horizontal-wheel-scroll.html
1466
1467         * page/EventHandler.cpp:
1468         (WebCore::EventHandler::handleWheelEvent): Pass the adjusted wheel
1469         event to platformCompleteWheelEvent().
1470         * page/gtk/EventHandlerGtk.cpp:
1471         (WebCore::EventHandler::shouldTurnVerticalTicksIntoHorizontal):
1472         Check also frame scrollbars.
1473
1474 2016-02-16  Antti Koivisto  <antti@apple.com>
1475
1476         Factor id mutation style invalidation code into a class
1477         https://bugs.webkit.org/show_bug.cgi?id=154287
1478
1479         Reviewed by Andreas Kling.
1480
1481         Also add a cheap basic optimization that avoids descendant invalidation if they can not be affected.
1482
1483         It would be easy to implement fine grained invalidation like with classes and attribute selectors.
1484         However dynamic id changes are not common enough (nor recommended) to pay the memory cost of
1485         the required data structures.
1486
1487         Test: fast/css/style-invalidation-id-change-descendants.html
1488
1489         * CMakeLists.txt:
1490         * WebCore.vcxproj/WebCore.vcxproj:
1491         * WebCore.xcodeproj/project.pbxproj:
1492         * css/RuleFeature.cpp:
1493         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
1494         (WebCore::RuleFeatureSet::add):
1495         (WebCore::RuleFeatureSet::clear):
1496         * css/RuleFeature.h:
1497         * dom/Element.cpp:
1498         (WebCore::makeIdForStyleResolution):
1499         (WebCore::Element::attributeChanged):
1500         (WebCore::checkNeedsStyleInvalidationForIdChange): Deleted.
1501         * style/IdChangeInvalidation.cpp: Added.
1502         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
1503         * style/IdChangeInvalidation.h: Added.
1504         (WebCore::Style::IdChangeInvalidation::IdChangeInvalidation):
1505         (WebCore::Style::IdChangeInvalidation::~IdChangeInvalidation):
1506
1507 2016-02-16  Andreas Kling  <akling@apple.com>
1508
1509         Drop StyleResolver and SelectorQueryCache when entering PageCache.
1510         <https://webkit.org/b/154238>
1511
1512         Reviewed by Antti Koivisto.
1513
1514         Stop keeping these around for cached pages to save lots of memory.
1515         We can easily rebuild them if a cached navigation occurs, and this
1516         way we also don't need to worry about invalidating style for cached
1517         pages in all the right places.
1518
1519         Restoring a cached page will now lead to a forced style recalc.
1520         We don't try to defer this (beyond a zero-timer) since it's going
1521         to happen anyway, and it's nicer to front-load the cost rather than
1522         stuttering on the first user content interaction.
1523
1524         * dom/Document.cpp:
1525         (WebCore::Document::setInPageCache):
1526         * history/CachedPage.cpp:
1527         (WebCore::CachedPage::restore):
1528         (WebCore::CachedPage::clear): Deleted.
1529         * history/CachedPage.h:
1530         (WebCore::CachedPage::markForVisitedLinkStyleRecalc): Deleted.
1531         (WebCore::CachedPage::markForFullStyleRecalc): Deleted.
1532         * history/PageCache.cpp:
1533         (WebCore::PageCache::markPagesForVisitedLinkStyleRecalc): Deleted.
1534         (WebCore::PageCache::markPagesForFullStyleRecalc): Deleted.
1535         * history/PageCache.h:
1536         * page/Frame.cpp:
1537         (WebCore::Frame::setPageAndTextZoomFactors): Deleted.
1538         * page/Page.cpp:
1539         (WebCore::Page::setViewScaleFactor): Deleted.
1540         (WebCore::Page::setDeviceScaleFactor): Deleted.
1541         (WebCore::Page::setPagination): Deleted.
1542         (WebCore::Page::setPaginationLineGridEnabled): Deleted.
1543         (WebCore::Page::setVisitedLinkStore): Deleted.
1544
1545 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1546
1547         [GTK] clicking on the scrollbar trough steps rather than jumps to the clicked position
1548         https://bugs.webkit.org/show_bug.cgi?id=115363
1549
1550         Reviewed by Michael Catanzaro.
1551
1552         Allow ScrollbarTheme to decide the behavior of a button press event,
1553         instead of only deciding whether to center on thumb or not. This
1554         way we can match the current GTK+ behavior in WebKit, without
1555         affecting other ports.
1556
1557         * platform/ScrollTypes.h: Add ScrollbarButtonPressAction enum.
1558         * platform/Scrollbar.cpp:
1559         (WebCore::Scrollbar::mouseDown): Ask ScrollbarTheme to handle the
1560         event for the pressed part and do the requested action.
1561         * platform/ScrollbarTheme.cpp:
1562         (WebCore::ScrollbarTheme::handleMousePressEvent): Add default
1563         implementation. It's equivalent to the previous default implementation.
1564         * platform/ScrollbarTheme.h:
1565         * platform/gtk/ScrollbarThemeGtk.cpp:
1566         (WebCore::ScrollbarThemeGtk::handleMousePressEvent): Match current
1567         GTK+ behavior: left click centers on thumb and right click
1568         scrolls. Dragging the thumb works for left and middle buttons.
1569         * platform/gtk/ScrollbarThemeGtk.h:
1570         * platform/ios/ScrollbarThemeIOS.h: Remove shouldCenterOnThumb,
1571         and don't override handleMousePressEvent since iOS wants the
1572         default behavior.
1573         * platform/ios/ScrollbarThemeIOS.mm:
1574         * platform/mac/ScrollbarThemeMac.h: Override handleMousePressEvent
1575         and remove shouldCenterOnThumb.
1576         * platform/mac/ScrollbarThemeMac.mm:
1577         (WebCore::shouldCenterOnThumb): Same implementation just made it
1578         static to be used as helper.
1579         (WebCore::ScrollbarThemeMac::handleMousePressEvent): Return the
1580         desired action keeping the same behavior.
1581         * platform/win/ScrollbarThemeWin.cpp:
1582         (WebCore::ScrollbarThemeWin::handleMousePressEvent): Ditto.
1583         * platform/win/ScrollbarThemeWin.h:
1584         * rendering/RenderScrollbarTheme.h:
1585
1586 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1587
1588         Mouse cursor doesn't change when entering scrollbars
1589         https://bugs.webkit.org/show_bug.cgi?id=154243
1590
1591         Reviewed by Simon Fraser.
1592
1593         If the scrollbar is over or very close to text or a link, when
1594         entering the scrollbar the cursor is not changed, keeping the beam
1595         or hand cursor when using the scrollbar. Same happens for image
1596         documents where the magnifier cursor is used and it remains when
1597         entering the scrollbars. We should use pointer cursor always for
1598         scrollbars.
1599
1600         * page/EventHandler.cpp:
1601         (WebCore::EventHandler::updateCursor): Request also to include
1602         frame scrollbars in hit test result.
1603         (WebCore::EventHandler::selectCursor): Use always pointer cursor
1604         for scrollbars.
1605
1606 2016-02-15  Antti Koivisto  <antti@apple.com>
1607
1608         Optimize style invalidations for attribute selectors
1609         https://bugs.webkit.org/show_bug.cgi?id=154242
1610
1611         Reviewed by Andreas Kling.
1612
1613         Currently we invalidate the whole element subtree if there are any attribute selectors for the changed attribute.
1614         This is slow as generally few if any elements are really affected. Using attribute selectors for dynamic styling
1615         should be performant.
1616
1617         This patch implements optimization strategy for attributes similar to what we already have for classes:
1618
1619         - Collect a map of all rules that contains descendant-affecting attribute selectors for a given attribute.
1620         - When an attribute value changes check if there are any such rules for it.
1621         - Check if the value change affects the results of any of the attribute selectors.
1622         - Only if it does invalidate the exact descendant elements affected by the rules.
1623
1624         Test: fast/css/style-invalidation-attribute-change-descendants.html
1625
1626         * WebCore.xcodeproj/project.pbxproj:
1627         * css/DocumentRuleSets.cpp:
1628         (WebCore::DocumentRuleSets::ancestorClassRules):
1629         (WebCore::DocumentRuleSets::ancestorAttributeRulesForHTML):
1630
1631             Create optimization RuleSets when needed.
1632
1633         * css/DocumentRuleSets.h:
1634         (WebCore::DocumentRuleSets::uncommonAttribute):
1635         (WebCore::DocumentRuleSets::features):
1636         * css/RuleFeature.cpp:
1637         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
1638         (WebCore::makeAttributeSelectorKey):
1639         (WebCore::RuleFeatureSet::collectFeatures):
1640
1641             Collect rules with descendant affecting attribute selectors.
1642
1643         (WebCore::RuleFeatureSet::add):
1644         (WebCore::RuleFeatureSet::clear):
1645         (WebCore::RuleFeatureSet::shrinkToFit):
1646         * css/RuleFeature.h:
1647         * css/SelectorChecker.cpp:
1648         (WebCore::anyAttributeMatches):
1649         (WebCore::SelectorChecker::attributeSelectorMatches):
1650
1651             Expose function for matching single attribute selectors.
1652
1653         (WebCore::canMatchHoverOrActiveInQuirksMode):
1654         * css/SelectorChecker.h:
1655         * dom/Attr.cpp:
1656         (WebCore::Attr::setValue):
1657         (WebCore::Attr::childrenChanged):
1658         * dom/Element.cpp:
1659         (WebCore::Element::setAttributeInternal):
1660         (WebCore::makeIdForStyleResolution):
1661         (WebCore::Element::attributeChanged):
1662         (WebCore::Element::removeAttributeInternal):
1663         (WebCore::Element::addAttributeInternal):
1664         (WebCore::Element::removeAttribute):
1665
1666             Add AttributeChangeInvalidation where needed.
1667
1668         (WebCore::Element::needsStyleInvalidation):
1669
1670             Move to Element from ClassChangeInvalidation.
1671
1672         (WebCore::Element::willModifyAttribute):
1673
1674             No more full style invalidation on attribute change.
1675
1676         * style/AttributeChangeInvalidation.cpp: Added.
1677         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
1678
1679             Invalidate local style.
1680             Check if we need to invalidate descendants by looking into ancestorAttributeRules.
1681
1682         (WebCore::Style::AttributeChangeInvalidation::invalidateDescendants):
1683
1684             Use StyleInvalidationAnalysis to invalidate the subtree for the relevant rules.
1685
1686         * style/AttributeChangeInvalidation.h: Added.
1687         (WebCore::Style::AttributeChangeInvalidation::needsInvalidation):
1688         (WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):
1689         (WebCore::Style::AttributeChangeInvalidation::~AttributeChangeInvalidation):
1690
1691             If needed, invalidate descendants before and after attribute change to catch rules that start and stop applying.
1692
1693 2016-02-16  Chris Dumez  <cdumez@apple.com>
1694
1695         Do security checks early in JSDOMWindow::put*()
1696         https://bugs.webkit.org/show_bug.cgi?id=154270
1697
1698         Reviewed by Gavin Barraclough.
1699
1700         Do security checks early in JSDOMWindow::put() / JSDOMWindow::putByIndex()
1701         and return as soon as possible. This makes it less error-prone as we need
1702         to do the security check only once, at the top of the function.
1703
1704         Also lock down the security further by calling lookupPut() only if the
1705         property name is "location". The "location" property is the only one that
1706         can be set cross-origin. Previously, trying to set a property such as
1707         "name" (which cannot be set cross-origin) relied on the attribute setter
1708         doing the security check when getting called. The new check is less error
1709         prone and will correctly prevent overriding window's method cross-origin
1710         once these move down from the prototype (Bug 154120).
1711
1712         Finally, the previous code was failing to set the "location" property
1713         cross-origin after the window has been reified. This patch fixes the
1714         issue by always calling the original "location" property setter from the
1715         static table in the cross-origin case.
1716
1717         Test: http/tests/security/cross-origin-reified-window-location-setting.html
1718
1719         * bindings/js/JSDOMWindowCustom.cpp:
1720         (WebCore::JSDOMWindow::put):
1721         (WebCore::JSDOMWindow::putByIndex):
1722
1723 2016-02-15  Brent Fulgham  <bfulgham@apple.com>
1724
1725         [Mac] Gather some rudimentary statistics during resource load 
1726         https://bugs.webkit.org/show_bug.cgi?id=153575
1727         <rdar://problem/24075254>
1728
1729         Reviewed by Brady Eidson.
1730
1731         Tested by: http/tests/navigation/statistics.html
1732
1733         * CMakeLists.txt:
1734         * PlatformWin.cmake:
1735         * WebCore.xcodeproj/project.pbxproj:
1736         * dom/Document.cpp:
1737         (WebCore::Document::updateLastHandledUserGestureTimestamp): Log user interaction
1738         with the ResourceLoadObserver.
1739         * loader/DocumentLoader.cpp:
1740         (WebCore::DocumentLoader::willSendRequest): Track load statistics if the
1741         user interacted with the document.
1742         * loader/ResourceLoadObserver.cpp: Added.
1743         * loader/ResourceLoadObserver.h: Added.
1744         * loader/ResourceLoadStatistics.cpp: Added.
1745         * loader/ResourceLoadStatistics.h: Added.
1746         * loader/SubresourceLoader.cpp:
1747         (WebCore::SubresourceLoader::willSendRequestInternal): Track load statistics.
1748         * page/Settings.cpp:
1749         (WebCore::Settings::setResourceLoadStatisticsEnabled): Added.
1750         * page/Settings.h:
1751         (WebCore::Settings::resourceLoadStatisticsEnabled): Added.
1752         * platform/Logging.h:
1753         * testing/Internals.cpp:
1754         (WebCore::Internals::resourceLoadStatisticsForOrigin):
1755         (WebCore::Internals::setResourceLoadStatisticsEnabled):
1756         * testing/Internals.h:
1757         * testing/Internals.idl:
1758
1759 2016-02-15  Chris Dumez  <cdumez@apple.com>
1760
1761         The following properties should exist on the global object: AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
1762         https://bugs.webkit.org/show_bug.cgi?id=154250
1763         <rdar://problem/24660829>
1764
1765         Reviewed by Eric Carlson.
1766
1767         The following properties should exist on the global object:
1768         - AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
1769
1770         These interfaces are not marked as [NoInterfaceObject] in:
1771         - https://html.spec.whatwg.org/#audiotracklist-and-videotracklist-objects
1772
1773         No new tests, already covered by existing tests.
1774
1775         * html/track/AudioTrack.idl:
1776         * html/track/AudioTrackList.idl:
1777         * html/track/VideoTrack.idl:
1778         * html/track/VideoTrackList.idl:
1779
1780 2016-02-15  Sam Weinig  <sam@webkit.org>
1781
1782         Stop using NSMapTable in places where we were only using it to be GC safe
1783         <rdar://problem/24063723>
1784         https://bugs.webkit.org/show_bug.cgi?id=154264
1785
1786         Reviewed by Dan Bernstein.
1787
1788         Switch from NSMapTable to HashMap.
1789
1790         * WebCore.xcodeproj/project.pbxproj:
1791         * bindings/objc/DOMInternal.h:
1792         * bindings/objc/DOMInternal.mm:
1793         * bindings/objc/WebScriptObject.mm:
1794         * bridge/objc/objc_instance.mm:
1795         * platform/spi/cocoa/NSPointerFunctionsSPI.h: Removed. No longer used.
1796
1797 2016-02-15  Myles C. Maxfield  <mmaxfield@apple.com>
1798
1799         [Font Loading] Implement FontFace JavaScript object
1800         https://bugs.webkit.org/show_bug.cgi?id=153345
1801
1802         Reviewed by Antti Koivisto.
1803
1804         Test: fast/text/font-face-javascript.html
1805
1806         This patch implements the FontFace Javascript object. This object mostly consists of
1807         style getters / setters, which we implement by parsing input strings and generating
1808         output strings similarly to getComputedStyle(). This object also has a load() function
1809         which returns a promise which will be fulfilled or rejected depending on the load.
1810         There is also a "loaded" attribute which exposes this promise directly. Also, a status
1811         field is exposed so script knows what the state of the load is.
1812
1813         Currently, loading depends on our CachedResourceLoader which is part of the Document,
1814         so this API is not available in a non-document context.
1815
1816         Another caveat is that immediate-mode font loading (where the content provides an
1817         ArrayBuffer containing the bytes of the font file) is forthcoming. This requires
1818         changing the relationship between CSSFontFaceSource and CachedFont.
1819
1820         CSSFontFace has been modified to keep a strong reference to the CSSFontSelector. This
1821         is because the lifetime of the CSSFontFace can now outlive the CSSFontSelector. When
1822         the CSSFontSelector is removed from the Document, it explicitly clears its constituent
1823         CSSFontFaces, thereby breaking the reference cycle.
1824
1825         Test: fast/text/font-face-javascript-expected.html
1826
1827         * CMakeLists.txt: Add new files.
1828         * DerivedSources.cpp: Ditto.
1829         * DerivedSources.make: Ditto.
1830         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
1831         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
1832         * WebCore.xcodeproj/project.pbxproj: Ditto.
1833         * bindings/js/JSDOMPromise.cpp:
1834         (WebCore::DeferredWrapper::globalObject): Remove whitespace.
1835         (WebCore::DeferredWrapper::deferred): Allow access to the inner JSC object.
1836         * bindings/js/JSDOMPromise.h:
1837         (WebCore::DOMPromise::deferred): Ditto.
1838         * bindings/js/JSFontFaceCustom.cpp: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
1839         (WebCore::JSFontFace::loaded):
1840         (WebCore::JSFontFace::load):
1841         * css/CSSFontFace.cpp:
1842         (WebCore::CSSFontFace::CSSFontFace): 
1843         (WebCore::CSSFontFace::adoptSource):
1844         (WebCore::CSSFontFace::updateStatus): Enforce the state machine's transitions.
1845         (WebCore::CSSFontFace::fontLoaded):
1846         (WebCore::CSSFontFace::pump):
1847         (WebCore::CSSFontFace::load):
1848         * css/CSSFontFace.h:
1849         (WebCore::CSSFontFaceClient::~CSSFontFaceClient):
1850         (WebCore::CSSFontFace::create):
1851         (WebCore::CSSFontFace::status):
1852         * css/CSSFontSelector.cpp:
1853         (WebCore::CSSFontSelector::appendSources): Update for new CSSFontFace API.
1854         (WebCore::CSSFontSelector::registerLocalFontFacesForFamily): Ditto.
1855         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
1856         (WebCore::CSSFontSelector::kick): Ditto.
1857         (WebCore::appendSources): Deleted.
1858         (WebCore::registerLocalFontFacesForFamily): Deleted.
1859         * css/CSSFontSelector.h:
1860         * css/CSSUnicodeRangeValue.cpp: Use for serializing the "unicodeRange" property.
1861         * css/FontFace.cpp:
1862         (WebCore::createPromise): Implement the remaining Javascript API functions.
1863         (WebCore::valueFromDictionary):
1864         (WebCore::FontFace::create):
1865         (WebCore::FontFace::FontFace):
1866         (WebCore::FontFace::parseString):
1867         (WebCore::FontFace::status):
1868         (WebCore::FontFace::kick):
1869         (WebCore::FontFace::load):
1870         (WebCore::FontFace::fulfillPromise):
1871         (WebCore::FontFace::rejectPromise):
1872         (WebCore::parseString): Deleted.
1873         * css/FontFace.h:
1874         (WebCore::FontFace::promise):
1875         (WebCore::FontFace::backing):
1876         (WebCore::FontFace::create): Deleted.
1877         * css/FontFace.idl: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
1878
1879 2016-02-15  Jer Noble  <jer.noble@apple.com>
1880
1881         Null-deref crash in DefaultAudioDestinationNode::suspend()
1882         https://bugs.webkit.org/show_bug.cgi?id=154248
1883
1884         Reviewed by Alex Christensen.
1885
1886         Drive-by fix: AudioContext should be a reference, not a pointer.
1887
1888         * Modules/webaudio/AnalyserNode.cpp:
1889         (WebCore::AnalyserNode::AnalyserNode):
1890         * Modules/webaudio/AnalyserNode.h:
1891         (WebCore::AnalyserNode::create):
1892         * Modules/webaudio/AudioBasicInspectorNode.cpp:
1893         (WebCore::AudioBasicInspectorNode::AudioBasicInspectorNode):
1894         (WebCore::AudioBasicInspectorNode::connect):
1895         (WebCore::AudioBasicInspectorNode::disconnect):
1896         (WebCore::AudioBasicInspectorNode::checkNumberOfChannelsForInput):
1897         (WebCore::AudioBasicInspectorNode::updatePullStatus):
1898         * Modules/webaudio/AudioBasicInspectorNode.h:
1899         * Modules/webaudio/AudioBasicProcessorNode.cpp:
1900         (WebCore::AudioBasicProcessorNode::AudioBasicProcessorNode):
1901         (WebCore::AudioBasicProcessorNode::checkNumberOfChannelsForInput):
1902         * Modules/webaudio/AudioBasicProcessorNode.h:
1903         * Modules/webaudio/AudioBufferSourceNode.cpp:
1904         (WebCore::AudioBufferSourceNode::create):
1905         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
1906         (WebCore::AudioBufferSourceNode::renderFromBuffer):
1907         (WebCore::AudioBufferSourceNode::setBuffer):
1908         (WebCore::AudioBufferSourceNode::startPlaying):
1909         (WebCore::AudioBufferSourceNode::looping):
1910         (WebCore::AudioBufferSourceNode::setLooping):
1911         * Modules/webaudio/AudioBufferSourceNode.h:
1912         * Modules/webaudio/AudioContext.cpp:
1913         (WebCore::AudioContext::AudioContext):
1914         (WebCore::AudioContext::createBufferSource):
1915         (WebCore::AudioContext::createMediaElementSource):
1916         (WebCore::AudioContext::createMediaStreamDestination):
1917         (WebCore::AudioContext::createScriptProcessor):
1918         (WebCore::AudioContext::createBiquadFilter):
1919         (WebCore::AudioContext::createWaveShaper):
1920         (WebCore::AudioContext::createPanner):
1921         (WebCore::AudioContext::createConvolver):
1922         (WebCore::AudioContext::createDynamicsCompressor):
1923         (WebCore::AudioContext::createAnalyser):
1924         (WebCore::AudioContext::createGain):
1925         (WebCore::AudioContext::createDelay):
1926         (WebCore::AudioContext::createChannelSplitter):
1927         (WebCore::AudioContext::createChannelMerger):
1928         (WebCore::AudioContext::createOscillator):
1929         * Modules/webaudio/AudioContext.h:
1930         (WebCore::operator==):
1931         (WebCore::operator!=):
1932         * Modules/webaudio/AudioDestinationNode.cpp:
1933         (WebCore::AudioDestinationNode::AudioDestinationNode):
1934         (WebCore::AudioDestinationNode::render):
1935         (WebCore::AudioDestinationNode::updateIsEffectivelyPlayingAudio):
1936         * Modules/webaudio/AudioDestinationNode.h:
1937         * Modules/webaudio/AudioNode.cpp:
1938         (WebCore::AudioNode::AudioNode):
1939         (WebCore::AudioNode::connect):
1940         (WebCore::AudioNode::disconnect):
1941         (WebCore::AudioNode::setChannelCount):
1942         (WebCore::AudioNode::setChannelCountMode):
1943         (WebCore::AudioNode::setChannelInterpretation):
1944         (WebCore::AudioNode::scriptExecutionContext):
1945         (WebCore::AudioNode::processIfNecessary):
1946         (WebCore::AudioNode::checkNumberOfChannelsForInput):
1947         (WebCore::AudioNode::propagatesSilence):
1948         (WebCore::AudioNode::pullInputs):
1949         (WebCore::AudioNode::enableOutputsIfNecessary):
1950         (WebCore::AudioNode::deref):
1951         (WebCore::AudioNode::finishDeref):
1952         * Modules/webaudio/AudioNode.h:
1953         (WebCore::AudioNode::context):
1954         * Modules/webaudio/AudioNodeInput.cpp:
1955         (WebCore::AudioNodeInput::connect):
1956         (WebCore::AudioNodeInput::disconnect):
1957         (WebCore::AudioNodeInput::disable):
1958         (WebCore::AudioNodeInput::enable):
1959         (WebCore::AudioNodeInput::updateInternalBus):
1960         (WebCore::AudioNodeInput::bus):
1961         (WebCore::AudioNodeInput::internalSummingBus):
1962         (WebCore::AudioNodeInput::sumAllConnections):
1963         (WebCore::AudioNodeInput::pull):
1964         * Modules/webaudio/AudioNodeOutput.cpp:
1965         (WebCore::AudioNodeOutput::setNumberOfChannels):
1966         (WebCore::AudioNodeOutput::updateNumberOfChannels):
1967         (WebCore::AudioNodeOutput::propagateChannelCount):
1968         (WebCore::AudioNodeOutput::pull):
1969         (WebCore::AudioNodeOutput::bus):
1970         (WebCore::AudioNodeOutput::fanOutCount):
1971         (WebCore::AudioNodeOutput::paramFanOutCount):
1972         (WebCore::AudioNodeOutput::addInput):
1973         (WebCore::AudioNodeOutput::removeInput):
1974         (WebCore::AudioNodeOutput::disconnectAllInputs):
1975         (WebCore::AudioNodeOutput::addParam):
1976         (WebCore::AudioNodeOutput::removeParam):
1977         (WebCore::AudioNodeOutput::disconnectAllParams):
1978         (WebCore::AudioNodeOutput::disable):
1979         (WebCore::AudioNodeOutput::enable):
1980         * Modules/webaudio/AudioNodeOutput.h:
1981         (WebCore::AudioNodeOutput::context):
1982         * Modules/webaudio/AudioParam.cpp:
1983         (WebCore::AudioParam::value):
1984         (WebCore::AudioParam::smooth):
1985         (WebCore::AudioParam::calculateSampleAccurateValues):
1986         (WebCore::AudioParam::calculateFinalValues):
1987         (WebCore::AudioParam::calculateTimelineValues):
1988         (WebCore::AudioParam::connect):
1989         (WebCore::AudioParam::disconnect):
1990         * Modules/webaudio/AudioParam.h:
1991         (WebCore::AudioParam::create):
1992         (WebCore::AudioParam::AudioParam):
1993         * Modules/webaudio/AudioParamTimeline.cpp:
1994         (WebCore::AudioParamTimeline::valueForContextTime):
1995         * Modules/webaudio/AudioParamTimeline.h:
1996         * Modules/webaudio/AudioScheduledSourceNode.cpp:
1997         (WebCore::AudioScheduledSourceNode::AudioScheduledSourceNode):
1998         (WebCore::AudioScheduledSourceNode::updateSchedulingInfo):
1999         (WebCore::AudioScheduledSourceNode::start):
2000         (WebCore::AudioScheduledSourceNode::finish):
2001         * Modules/webaudio/AudioScheduledSourceNode.h:
2002         * Modules/webaudio/AudioSummingJunction.cpp:
2003         (WebCore::AudioSummingJunction::AudioSummingJunction):
2004         (WebCore::AudioSummingJunction::~AudioSummingJunction):
2005         (WebCore::AudioSummingJunction::changedOutputs):
2006         (WebCore::AudioSummingJunction::updateRenderingState):
2007         * Modules/webaudio/AudioSummingJunction.h:
2008         (WebCore::AudioSummingJunction::context):
2009         * Modules/webaudio/BiquadFilterNode.cpp:
2010         (WebCore::BiquadFilterNode::BiquadFilterNode):
2011         * Modules/webaudio/BiquadFilterNode.h:
2012         (WebCore::BiquadFilterNode::create):
2013         * Modules/webaudio/BiquadProcessor.cpp:
2014         (WebCore::BiquadProcessor::BiquadProcessor):
2015         * Modules/webaudio/BiquadProcessor.h:
2016         * Modules/webaudio/ChannelMergerNode.cpp:
2017         (WebCore::ChannelMergerNode::create):
2018         (WebCore::ChannelMergerNode::ChannelMergerNode):
2019         (WebCore::ChannelMergerNode::checkNumberOfChannelsForInput):
2020         * Modules/webaudio/ChannelMergerNode.h:
2021         * Modules/webaudio/ChannelSplitterNode.cpp:
2022         (WebCore::ChannelSplitterNode::create):
2023         (WebCore::ChannelSplitterNode::ChannelSplitterNode):
2024         * Modules/webaudio/ChannelSplitterNode.h:
2025         * Modules/webaudio/ConvolverNode.cpp:
2026         (WebCore::ConvolverNode::ConvolverNode):
2027         (WebCore::ConvolverNode::setBuffer):
2028         * Modules/webaudio/ConvolverNode.h:
2029         (WebCore::ConvolverNode::create):
2030         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
2031         (WebCore::DefaultAudioDestinationNode::DefaultAudioDestinationNode):
2032         (WebCore::DefaultAudioDestinationNode::resume):
2033         (WebCore::DefaultAudioDestinationNode::suspend):
2034         (WebCore::DefaultAudioDestinationNode::close):
2035         * Modules/webaudio/DefaultAudioDestinationNode.h:
2036         (WebCore::DefaultAudioDestinationNode::create):
2037         * Modules/webaudio/DelayNode.cpp:
2038         (WebCore::DelayNode::DelayNode):
2039         * Modules/webaudio/DelayNode.h:
2040         (WebCore::DelayNode::create):
2041         * Modules/webaudio/DelayProcessor.cpp:
2042         (WebCore::DelayProcessor::DelayProcessor):
2043         * Modules/webaudio/DelayProcessor.h:
2044         * Modules/webaudio/DynamicsCompressorNode.cpp:
2045         (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
2046         * Modules/webaudio/DynamicsCompressorNode.h:
2047         (WebCore::DynamicsCompressorNode::create):
2048         * Modules/webaudio/GainNode.cpp:
2049         (WebCore::GainNode::GainNode):
2050         (WebCore::GainNode::checkNumberOfChannelsForInput):
2051         * Modules/webaudio/GainNode.h:
2052         (WebCore::GainNode::create):
2053         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
2054         (WebCore::MediaElementAudioSourceNode::create):
2055         (WebCore::MediaElementAudioSourceNode::MediaElementAudioSourceNode):
2056         (WebCore::MediaElementAudioSourceNode::setFormat):
2057         * Modules/webaudio/MediaElementAudioSourceNode.h:
2058         * Modules/webaudio/MediaStreamAudioDestinationNode.cpp:
2059         (WebCore::MediaStreamAudioDestinationNode::create):
2060         (WebCore::MediaStreamAudioDestinationNode::MediaStreamAudioDestinationNode):
2061         * Modules/webaudio/MediaStreamAudioDestinationNode.h:
2062         * Modules/webaudio/MediaStreamAudioSourceNode.cpp:
2063         (WebCore::MediaStreamAudioSourceNode::MediaStreamAudioSourceNode):
2064         (WebCore::MediaStreamAudioSourceNode::setFormat):
2065         * Modules/webaudio/OfflineAudioDestinationNode.cpp:
2066         (WebCore::OfflineAudioDestinationNode::OfflineAudioDestinationNode):
2067         (WebCore::OfflineAudioDestinationNode::offlineRender):
2068         (WebCore::OfflineAudioDestinationNode::notifyComplete):
2069         * Modules/webaudio/OfflineAudioDestinationNode.h:
2070         (WebCore::OfflineAudioDestinationNode::create):
2071         * Modules/webaudio/OscillatorNode.cpp:
2072         (WebCore::OscillatorNode::create):
2073         (WebCore::OscillatorNode::OscillatorNode):
2074         * Modules/webaudio/OscillatorNode.h:
2075         * Modules/webaudio/PannerNode.cpp:
2076         (WebCore::PannerNode::PannerNode):
2077         (WebCore::PannerNode::pullInputs):
2078         (WebCore::PannerNode::process):
2079         (WebCore::PannerNode::listener):
2080         (WebCore::PannerNode::setPanningModel):
2081         * Modules/webaudio/PannerNode.h:
2082         (WebCore::PannerNode::create):
2083         * Modules/webaudio/ScriptProcessorNode.cpp:
2084         (WebCore::ScriptProcessorNode::create):
2085         (WebCore::ScriptProcessorNode::ScriptProcessorNode):
2086         (WebCore::ScriptProcessorNode::initialize):
2087         (WebCore::ScriptProcessorNode::fireProcessEvent):
2088         * Modules/webaudio/ScriptProcessorNode.h:
2089         * Modules/webaudio/WaveShaperNode.cpp:
2090         (WebCore::WaveShaperNode::WaveShaperNode):
2091         (WebCore::WaveShaperNode::setOversample):
2092         * Modules/webaudio/WaveShaperNode.h:
2093         (WebCore::WaveShaperNode::create):
2094
2095 2016-02-15  Jer Noble  <jer.noble@apple.com>
2096
2097         Null-deref crash in DefaultAudioDestinationNode::suspend()
2098         https://bugs.webkit.org/show_bug.cgi?id=154248
2099
2100         Reviewed by Alex Christensen.
2101
2102         Null-check scriptExecutionContext() before deref.
2103
2104         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
2105         (WebCore::DefaultAudioDestinationNode::resume):
2106         (WebCore::DefaultAudioDestinationNode::suspend):
2107         (WebCore::DefaultAudioDestinationNode::close):
2108
2109 2016-02-15  Chris Dumez  <cdumez@apple.com>
2110
2111         XMLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
2112         https://bugs.webkit.org/show_bug.cgi?id=154230
2113
2114         Reviewed by Alex Christensen.
2115
2116         MLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
2117         as per:
2118         https://xhr.spec.whatwg.org/#xmlhttprequesteventtarget
2119
2120         Firefox and Chrome already match the specification.
2121
2122         No new tests, already covered by existing tests.
2123
2124         * CMakeLists.txt:
2125         * DerivedSources.make:
2126         * WebCore.vcxproj/WebCore.vcxproj:
2127         * WebCore.vcxproj/WebCore.vcxproj.filters:
2128         * WebCore.xcodeproj/project.pbxproj:
2129         * xml/XMLHttpRequest.h:
2130         * xml/XMLHttpRequest.idl:
2131         * xml/XMLHttpRequestEventTarget.h: Added.
2132         * xml/XMLHttpRequestEventTarget.idl: Copied from Source/WebCore/xml/XMLHttpRequestUpload.idl.
2133         * xml/XMLHttpRequestUpload.h:
2134         * xml/XMLHttpRequestUpload.idl:
2135
2136 2016-02-15  Jiewen Tan  <jiewen_tan@apple.com>
2137
2138         Refine SimulatedMouseEvent to support Event.isTrusted
2139         https://bugs.webkit.org/show_bug.cgi?id=154133
2140         <rdar://problem/24616246>
2141
2142         Reviewed by Darin Adler.
2143
2144         This patch extracts everything related to create/dispatch SimulatedMouseEvent from MouseEvent.h/cpp
2145         and EventDispatcher.h/cpp, and produces SimulateClick.h/cpp which will handle simulated click solely.
2146         After that, we hide the SimulatedMouseEvent and only expose simulateClick to be called. The reason is
2147         that we both want to tell whether the call sites are from user agent/bindings and keep the
2148         SimulatedMouseEvent intact.
2149
2150         Also, this patch separate Element::dispatchSimulatedClick into two: one for the user agent, and another
2151         for the bindings. Therefore, HTMLElement.click will be treated as untrusted.
2152
2153         Some of the changes in this patch referred Blink r200401:
2154         https://codereview.chromium.org/1285793004
2155
2156         Modified test:
2157         LayoutTests/imported/blink/fast/events/event-trusted.html
2158
2159         * CMakeLists.txt:
2160         * WebCore.xcodeproj/project.pbxproj:
2161         * dom/Element.cpp:
2162         (WebCore::Element::dispatchSimulatedClick):
2163         (WebCore::Element::dispatchSimulatedClickForBindings):
2164         * dom/Element.h:
2165         * dom/EventDispatcher.cpp:
2166         (WebCore::EventDispatcher::dispatchSimulatedClick): Deleted.
2167         * dom/EventDispatcher.h:
2168         * dom/MouseEvent.cpp:
2169         (WebCore::SimulatedMouseEvent::create): Deleted.
2170         (WebCore::SimulatedMouseEvent::~SimulatedMouseEvent): Deleted.
2171         (WebCore::SimulatedMouseEvent::SimulatedMouseEvent): Deleted.
2172         * dom/MouseEvent.h:
2173         * dom/SimulatedClick.cpp: Added.
2174         (WebCore::simulateMouseEvent):
2175         (WebCore::simulateClick):
2176         * dom/SimulatedClick.h: Added.
2177         * html/HTMLElement.cpp:
2178         (WebCore::HTMLElement::click):
2179
2180 2016-02-15  Joseph Pecoraro  <pecoraro@apple.com>
2181
2182         Web Inspector: Web Workers have no access to console for debugging
2183         https://bugs.webkit.org/show_bug.cgi?id=26237
2184
2185         Reviewed by Timothy Hatcher.
2186
2187         This adds the most basic console message support to Workers.
2188         Messages logged from workers get surfaced through the Page's console.
2189         This lacks support for logging and interacting with arguments,
2190         which would be addressed when adding more complete Worker
2191         debugging tools.
2192
2193         Test: inspector/console/messageAdded-from-worker.html
2194
2195         * CMakeLists.txt:
2196         * WebCore.xcodeproj/project.pbxproj:
2197         Add new files.
2198
2199         * bindings/js/WorkerScriptController.cpp:
2200         (WebCore::WorkerScriptController::~WorkerScriptController):
2201         (WebCore::WorkerScriptController::initScript):
2202         Set the ConsoleClient for the Worker's global object. We route
2203         the messages to the Page's console.
2204
2205         * bindings/js/WorkerScriptController.h:
2206         * workers/WorkerConsoleClient.h: Added.
2207         * workers/WorkerConsoleClient.cpp: Added.
2208         (WebCore::WorkerConsoleClient::WorkerConsoleClient):
2209         (WebCore::WorkerConsoleClient::~WorkerConsoleClient):
2210         (WebCore::WorkerConsoleClient::profile):
2211         (WebCore::WorkerConsoleClient::profileEnd):
2212         (WebCore::WorkerConsoleClient::count):
2213         (WebCore::WorkerConsoleClient::time):
2214         (WebCore::WorkerConsoleClient::timeEnd):
2215         (WebCore::WorkerConsoleClient::timeStamp):
2216         Stub most console methods in a Worker.
2217
2218         (WebCore::WorkerConsoleClient::messageWithTypeAndLevel):
2219         Send worker log messages to the global scope and on to the main page.
2220
2221         * workers/WorkerGlobalScope.h:
2222         * workers/WorkerGlobalScope.cpp:
2223         (WebCore::WorkerGlobalScope::addConsoleMessage):
2224         (WebCore::WorkerGlobalScope::addMessageToWorkerConsole):
2225         Ideally we want to converge on simple addConsoleMessage
2226         APIs that just take a ConsoleMessage, without a barrage
2227         of parameters. Add these versions now.
2228
2229 2016-02-15  Alex Christensen  <achristensen@webkit.org>
2230
2231         CMake build fix.
2232
2233         * PlatformMac.cmake:
2234
2235 2016-02-15  Chris Dumez  <cdumez@apple.com>
2236
2237         Regression(r196563): It is no longer possible to call window.addEventListener without an explicit 'this'
2238         https://bugs.webkit.org/show_bug.cgi?id=154245
2239
2240         Reviewed by Ryosuke Niwa.
2241
2242         This patch adds support for calling the EventListener API without an
2243         explicit 'this' value. If no explicit 'this' value is passed, then we
2244         fall back to using the global object. This matches Chrome and Firefox's
2245         behavior. It also fixes the Dromaeo/cssquery-dojo.html test.
2246
2247         Test: fast/dom/Window/addEventListener-implicit-this.html
2248
2249         * bindings/scripts/CodeGeneratorJS.pm:
2250         (GenerateFunctionCastedThis):
2251
2252 2016-02-14  Gavin Barraclough  <barraclough@apple.com>
2253
2254         Organize, deduplicate & comment JSDOMWindowCustom getOwnPropertySlot
2255         https://bugs.webkit.org/show_bug.cgi?id=154224
2256
2257         Reviewed by Chris Dumez.
2258
2259         * bindings/js/JSDOMWindowCustom.cpp:
2260         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
2261         (WebCore::jsDOMWindowGetOwnPropertySlotNamedItemGetter):
2262         (WebCore::JSDOMWindow::getOwnPropertySlot):
2263         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
2264             - organized property access sequence into a more logical order, removed
2265               duplicated code & added comments.
2266         (WebCore::namedItemGetter): Deleted.
2267             - there was no need for a custom callback here; merged functionality into
2268               jsDOMWindowGetOwnPropertySlotNamedItemGetter.
2269         (WebCore::jsDOMWindowGetOwnPropertySlotCrossOrigin): Deleted.
2270             - renamed to jsDOMWindowGetOwnPropertySlotRestrictedAccess
2271               (this now also handles frameless access).
2272
2273 2016-02-15  Daniel Bates  <dabates@apple.com>
2274
2275         CSP: 'sandbox' should be ignored in report-only mode
2276         https://bugs.webkit.org/show_bug.cgi?id=153167
2277         <rdar://problem/22708669>
2278
2279         Reviewed by Brent Fulgham.
2280
2281         Merged from Blink (patch by Mike West):
2282         <https://src.chromium.org/viewvc/blink?revision=165322&view=revision>
2283
2284         * page/csp/ContentSecurityPolicy.cpp:
2285         (WebCore::ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode): Added. Logs a
2286         console message to the console to explain that the specified directive is invalid in
2287         report-only mode.
2288         * page/csp/ContentSecurityPolicy.h:
2289         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2290         (WebCore::ContentSecurityPolicyDirectiveList::applySandboxPolicy): Do not apply sandbox
2291         policy when in report-only mode and call ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode()
2292         to log a message to the console.
2293
2294 2016-02-15  Daniel Bates  <dabates@apple.com>
2295
2296         CSP: Allow schemeless source expressions to match an HTTP or HTTPS resource
2297         https://bugs.webkit.org/show_bug.cgi?id=154177
2298         <rdar://problem/22708772>
2299
2300         Reviewed by Brent Fulgham.
2301
2302         Allow a schemeless source expression to match an HTTP or HTTPS subresource when the page is
2303         delivered over HTTP as per section Matching Source Expressions of the Content Security Policy
2304         2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/> (21 July 2015).
2305
2306         Currently we have logic that implements this functionality, but it is guarded behind the compile-
2307         time macro ENABLE(CSP_NEXT) that is disabled by default. Instead we should always compile such
2308         code. In subsequent commits we will move more code out from under the ENABLE(CSP_NEXT)-guard
2309         towards removing the ENABLE_CSP_NEXT macro entirely.
2310
2311         * page/csp/ContentSecurityPolicy.cpp:
2312         (WebCore::ContentSecurityPolicy::protocolMatchesSelf):
2313
2314 2016-02-15  Konstantin Tokarev  <annulen@yandex.ru>
2315
2316         [cmake] Consolidated Linux-specific file lists.
2317         https://bugs.webkit.org/show_bug.cgi?id=154219
2318
2319         Reviewed by Gyuyoung Kim.
2320
2321         No new tests needed.
2322
2323         * PlatformEfl.cmake: Moved Linux files and include dir to Linux.cmake.
2324         * PlatformGTK.cmake: Ditto.
2325         * platform/Linux.cmake: Added.
2326
2327 2016-02-15  Csaba Osztrogonác  <ossy@webkit.org>
2328
2329         Fix the !(ENABLE(SVG_FONTS) || ENABLE(SVG_OTF_CONVERTER)) build after r196322
2330         https://bugs.webkit.org/show_bug.cgi?id=154104
2331
2332         Reviewed by Myles C. Maxfield.
2333
2334         * css/CSSFontFaceSource.cpp:
2335         (WebCore::CSSFontFaceSource::CSSFontFaceSource):
2336
2337 2016-02-14  Antti Koivisto  <antti@apple.com>
2338
2339         Add test for class change style invalidation optimization
2340         https://bugs.webkit.org/show_bug.cgi?id=154226
2341
2342         Reviewed by Myles Maxfield.
2343
2344         Test for https://trac.webkit.org/r196383
2345
2346         Add internals.styleChangeType function.
2347
2348         Test: fast/css/style-invalidation-class-change-descendants.html
2349
2350         * testing/Internals.cpp:
2351         (WebCore::Internals::nodeNeedsStyleRecalc):
2352         (WebCore::asString):
2353         (WebCore::Internals::styleChangeType):
2354         (WebCore::Internals::description):
2355         * testing/Internals.h:
2356         * testing/Internals.idl:
2357
2358 2016-02-14  Simon Fraser  <simon.fraser@apple.com>
2359
2360         [CSS Filters] When applying an SVG filter on a composited image using CSS the image is rendered without the filter
2361         https://bugs.webkit.org/show_bug.cgi?id=154108
2362
2363         Reviewed by Sam Weinig.
2364         
2365         When checking whether we can directly composite an image, we need to check for software-rendered
2366         filters.
2367
2368         Test: compositing/filters/simple-image-with-svg-filter.html
2369
2370         * rendering/RenderLayerBacking.cpp:
2371         (WebCore::RenderLayerBacking::isDirectlyCompositedImage):
2372
2373 2016-02-14  Chris Dumez  <cdumez@apple.com>
2374
2375         Drop the [EventTarget] WebKit-specific IDL extended attribute
2376         https://bugs.webkit.org/show_bug.cgi?id=154171
2377
2378         Reviewed by Sam Weinig.
2379
2380         Drop the [EventTarget] WebKit-specific IDL extended attribute now that
2381         all interfaces inherit EventTarget when they should.
2382
2383         No new tests, no Web-Exposed behavior change.
2384
2385         * Modules/battery/BatteryManager.idl:
2386         * Modules/encryptedmedia/MediaKeySession.idl:
2387         * Modules/indexeddb/IDBDatabase.idl:
2388         * Modules/indexeddb/IDBOpenDBRequest.idl:
2389         * Modules/indexeddb/IDBRequest.idl:
2390         * Modules/indexeddb/IDBTransaction.idl:
2391         * Modules/mediasession/MediaRemoteControls.idl:
2392         * Modules/mediasource/MediaSource.idl:
2393         * Modules/mediasource/SourceBuffer.idl:
2394         * Modules/mediasource/SourceBufferList.idl:
2395         * Modules/mediastream/MediaStream.idl:
2396         * Modules/mediastream/MediaStreamTrack.idl:
2397         * Modules/mediastream/RTCDTMFSender.idl:
2398         * Modules/mediastream/RTCDataChannel.idl:
2399         * Modules/mediastream/RTCPeerConnection.idl:
2400         * Modules/notifications/Notification.idl:
2401         * Modules/speech/SpeechSynthesisUtterance.idl:
2402         * Modules/webaudio/AudioContext.idl:
2403         * Modules/webaudio/AudioNode.idl:
2404         * Modules/webaudio/OfflineAudioContext.idl:
2405         * Modules/websockets/WebSocket.idl:
2406         * bindings/scripts/CodeGeneratorGObject.pm:
2407         (ImplementsInterface):
2408         (SkipFunction): Deleted.
2409         (GenerateCFile): Deleted.
2410         * bindings/scripts/CodeGeneratorJS.pm:
2411         (InstanceNeedsVisitChildren):
2412         (GenerateImplementation):
2413         * bindings/scripts/IDLAttributes.txt:
2414         * bindings/scripts/test/TestEventTarget.idl:
2415         * bindings/scripts/test/TestNode.idl:
2416         * css/FontLoader.idl:
2417         * dom/EventTarget.idl:
2418         * dom/MessagePort.idl:
2419         * dom/Node.idl:
2420         * dom/WebKitNamedFlow.idl:
2421         * fileapi/FileReader.idl:
2422         * html/MediaController.idl:
2423         * html/track/AudioTrackList.idl:
2424         * html/track/TextTrack.idl:
2425         * html/track/TextTrackCue.idl:
2426         * html/track/TextTrackList.idl:
2427         * html/track/VideoTrackList.idl:
2428         * loader/appcache/DOMApplicationCache.idl:
2429         * page/DOMWindow.idl:
2430         * page/EventSource.idl:
2431         * page/Performance.idl:
2432         * workers/WorkerGlobalScope.idl:
2433         * xml/XMLHttpRequest.idl:
2434         * xml/XMLHttpRequestUpload.idl:
2435
2436 2016-02-14  Chris Dumez  <cdumez@apple.com>
2437
2438         Unreviewed attempt to fix the Mac CMake build after r196136
2439
2440         * PlatformMac.cmake:
2441
2442 2016-02-14  Chris Dumez  <cdumez@apple.com>
2443
2444         Unreviewed attempt to fix the Windows build.
2445
2446         * Modules/webdatabase/Database.cpp:
2447         * bridge/c/c_utility.cpp:
2448         * platform/MemoryPressureHandler.cpp:
2449
2450 2016-02-14  Chris Dumez  <cdumez@apple.com>
2451
2452         Window and WorkerGlobalScope should inherit EventTarget
2453         https://bugs.webkit.org/show_bug.cgi?id=154170
2454         <rdar://problem/24642377>
2455
2456         Reviewed by Darin Adler.
2457
2458         Window and WorkerGlobalScope should inherit EventTarget instead of
2459         duplicating the EventTarget API in their IDL. These were the last
2460         interfaces that needed fixing. The next step will be to get rid
2461         of the [EventTarget] IDL extended attribute and rely entirely
2462         on the EventTarget inheritance.
2463
2464         Test:
2465         - fast/frames/detached-frame-eventListener.html
2466         - Covered by existing tests.
2467
2468         * WebCore.xcodeproj/project.pbxproj:
2469         Add JSEventTargetCustom.h header to the project.
2470
2471         * bindings/js/JSDOMWindowCustom.cpp:
2472         Drop custom bindings for Window's addEventListener() and
2473         removeEventListener(). The only reason these needed custom
2474         code was to add a check for frameless windows. The frameless
2475         Window checks was moved to the respective methods in the
2476         JSEventTarget generated bindings.
2477
2478         * bindings/js/JSDOMWindowShell.cpp:
2479         (WebCore::JSDOMWindowShell::setWindow):
2480         Set WindowPrototype's prototype to EventTarget's prototype.
2481
2482         * bindings/js/JSDOMWindowShell.h:
2483         * bindings/js/JSDictionary.cpp:
2484         Include "DOMWindow.h" to fix the build.
2485
2486         * bindings/js/JSEventTargetCustom.cpp:
2487         (WebCore::JSEventTarget::toWrapped):
2488         Handle DOMWindow and WorkerGlobalScope explicitely in toWrapped()
2489         and get rid of the DOM_EVENT_TARGET_INTERFACES_FOR_EACH(TRY_TO_UNWRAP_WITH_INTERFACE)
2490         now that all interfaces inherit EventTarget when they should.
2491         The reason DOMWindow and WorkerGlobalScope still need special
2492         handling is because their wrappers (JSDOMWindow /
2493         JSWorkerGlobalScope) do not subclass JSEventTarget.
2494
2495         (WebCore::JSEventTargetOrGlobalScope::create):
2496         * bindings/js/JSEventTargetCustom.h: Added.
2497         (WebCore::JSEventTargetOrGlobalScope::wrapped):
2498         (WebCore::JSEventTargetOrGlobalScope::operator JSC::JSObject&):
2499         (WebCore::JSEventTargetOrGlobalScope::JSEventTargetOrGlobalScope):
2500         Add a wrapper type for JSEventTarget / JSDOMWindow and
2501         JSWorkerGlobalScope for use in the generated bindings. This is
2502         needed because JSDOMWindow and JSWorkerGlobalScope do not
2503         subclass JSEventTarget. Subclassing JSEventTarget would be
2504         complicated for them because they already subclass
2505         JSDOMWindowBase / JSWorkerGlobalScopeBase, which subclasses
2506         JSDOMGlobalObject.
2507
2508         * bindings/js/WorkerScriptController.cpp:
2509         (WebCore::WorkerScriptController::initScript):
2510         Set WorkerGlobalScopePrototype's prototype to EventTarget's prototype.
2511
2512         * bindings/scripts/CodeGeneratorJS.pm:
2513         (ShouldGenerateToJSDeclaration):
2514         Do not generate to toJS() implementation for interfaces that use
2515         the [CustomProxyToJSObject] IDL extended attribute, even if they
2516         inherit EventTarget.
2517
2518         (GetCastingHelperForThisObject):
2519         To initialize castedThis from thisValue JSValue, we now use the
2520         JSEventTargetOrGlobalScope wrapper for the EventTarget
2521         implementation. This is to work around the fact that JSDOMWindow
2522         and JSWorkerGlobalScope do not subclass JSEventTarget.
2523
2524         (GenerateFunctionCastedThis):
2525         - Drop code handling [WorkerGlobalScope] IDL extended attribute
2526           as there is no such attribute.
2527         - Use auto instead of auto* type for castedThis because
2528           JSEventTargetOrGlobalScope::create() returns a unique_ptr.
2529         - Do not check that castedThis inherits JSEventTarget in the
2530           EventTarget bindings code as this no longer holds true.
2531
2532         (GenerateImplementation):
2533         Generate frameless window() and security checks for EventTarget
2534         methods when thisValue is a JSDOMWindow.
2535
2536         * dom/EventTarget.idl:
2537         Add [JSCustomHeader] IDL Extended attribute as we need a header
2538         to expose JSEventTargetOrGlobalScope class.
2539
2540         * page/DOMWindow.idl:
2541         * workers/WorkerGlobalScope.idl:
2542         Inherit EventTarget and stop duplicating the EventTarget API.
2543         This matches the HTML specification.
2544
2545 2016-02-14  Darin Adler  <darin@apple.com>
2546
2547         Small tweaks to some SimpleLineLayout code
2548         https://bugs.webkit.org/show_bug.cgi?id=154229
2549
2550         Reviewed by Zalan Bujtas.
2551
2552         * rendering/SimpleLineLayoutFunctions.cpp:
2553         (WebCore::SimpleLineLayout::paintFlow): Use std::ceil instead of ceilf.
2554         Use auto instead of const auto& for a for loop where the local object is
2555         copied and not a reference.
2556         (WebCore::SimpleLineLayout::hitTestFlow): Use modern for loop.
2557         (WebCore::SimpleLineLayout::collectFlowOverflow): Use std::ceil instead of
2558         ceilf. Use a modern for loop, and use slightly more descriptive local
2559         variable names.
2560         (WebCore::SimpleLineLayout::computeBoundingBox): Use auto instead of
2561         const auto& as above.
2562         (WebCore::SimpleLineLayout::computeFirstRunLocation): Use auto and use
2563         the name "range" for the range rather than the name "it", since the range
2564         is not an iterator.
2565         (WebCore::SimpleLineLayout::collectAbsoluteRects): Use auto instead of
2566         const auto& as above.
2567         (WebCore::SimpleLineLayout::collectAbsoluteQuads): Ditto.
2568         (WebCore::SimpleLineLayout::showLineLayoutForFlow): Use modern for loop.
2569
2570         * rendering/SimpleLineLayoutResolver.cpp:
2571         (WebCore::SimpleLineLayout::RunResolver::Run::text): Convert from a String
2572         to a StringView using the StringView constructor instead of writing out
2573         explicit 8-bit and 16-bit cases.
2574
2575 2016-02-13  Antti Koivisto  <antti@apple.com>
2576
2577         Factor class change style invalidation code into a class
2578         https://bugs.webkit.org/show_bug.cgi?id=154163
2579
2580         Reviewed by Andreas Kling.
2581
2582         Factor this piece of functionality out of Element and into ClassChangeInvalidation class.
2583
2584         * CMakeLists.txt:
2585         * WebCore.vcxproj/WebCore.vcxproj:
2586         * WebCore.xcodeproj/project.pbxproj:
2587         * dom/Element.cpp:
2588         (WebCore::classStringHasClassName):
2589         (WebCore::Element::classAttributeChanged):
2590         (WebCore::collectClasses): Deleted.
2591         (WebCore::computeClassChange): Deleted.
2592         (WebCore::invalidateStyleForClassChange): Deleted.
2593         * style/ClassChangeInvalidation.cpp: Added.
2594         (WebCore::Style::ClassChangeInvalidation::computeClassChange):
2595         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
2596         * style/ClassChangeInvalidation.h: Added.
2597         (WebCore::Style::ClassChangeInvalidation::needsInvalidation):
2598         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
2599         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
2600
2601 2016-02-13  Myles C. Maxfield  <mmaxfield@apple.com>
2602
2603         [Win] [SVG -> OTF Converter] SVG fonts drawn into ImageBuffers are invisible
2604         https://bugs.webkit.org/show_bug.cgi?id=154222
2605
2606         Reviewed by Antti Koivisto.
2607
2608         Windows ImageBuffer code is sensitive to broken bounding box and
2609         descent code.
2610
2611         Covered by existing tests.
2612
2613         * svg/SVGToOTFFontConversion.cpp:
2614         (WebCore::SVGToOTFFontConverter::appendHHEATable):
2615         (WebCore::SVGToOTFFontConverter::appendOS2Table):
2616         (WebCore::SVGToOTFFontConverter::processGlyphElement):
2617         (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):
2618
2619 2016-02-13  Antti Koivisto  <antti@apple.com>
2620
2621         Add version number for default stylesheet
2622         https://bugs.webkit.org/show_bug.cgi?id=154220
2623
2624         Reviewed by Ryosuke Niwa.
2625
2626         We currently fail to update RuleFeatureSets for shadow trees when the default stylesheet grows
2627         (for example when media controls stylesheet is initialized).
2628
2629         No test since this is not causing known bugs. It is blocking optimizations in shadow trees that
2630         rely on rule features being up-to-date.
2631
2632         * css/CSSDefaultStyleSheets.cpp:
2633         (WebCore::CSSDefaultStyleSheets::loadSimpleDefaultStyle):
2634         (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):
2635
2636             Increment version number when the default stylesheet changes.
2637
2638         * css/CSSDefaultStyleSheets.h:
2639         * css/DocumentRuleSets.cpp:
2640         (WebCore::DocumentRuleSets::appendAuthorStyleSheets):
2641         (WebCore::DocumentRuleSets::collectFeatures):
2642
2643             Store the current default stylesheet version number.
2644
2645         * css/DocumentRuleSets.h:
2646         (WebCore::DocumentRuleSets::features):
2647
2648             Collect features again if the default stylesheet has changed.
2649
2650         * css/StyleResolver.cpp:
2651         (WebCore::StyleResolver::styleForElement):
2652
2653 2016-02-13  Konstantin Tokarev  <annulen@yandex.ru>
2654
2655         [cmake] Consolidate building of GStreamer and OpenWebRTC code.
2656         https://bugs.webkit.org/show_bug.cgi?id=154116
2657
2658         Reviewed by Michael Catanzaro.
2659
2660         No new tests needed.
2661
2662         * PlatformEfl.cmake: Migrated shared code to GStreamer.cmake.
2663         * PlatformGTK.cmake: Ditto.
2664         * platform/GStreamer.cmake: Added.
2665
2666 2016-02-13  Mark Lam  <mark.lam@apple.com>
2667
2668         Add thread violation checks to WebView public APIs.
2669         https://bugs.webkit.org/show_bug.cgi?id=154183
2670
2671         Reviewed by Timothy Hatcher.
2672
2673         No new tests.  Just adding a new thread violation round.
2674
2675         * platform/ThreadCheck.h:
2676         * platform/mac/ThreadCheck.mm:
2677         - Adding WebCoreThreadViolationCheckRoundThree().
2678
2679 2016-02-12  Nan Wang  <n_wang@apple.com>
2680
2681         AX: Implement paragraph related text marker functions using TextIterator
2682         https://bugs.webkit.org/show_bug.cgi?id=154098
2683         <rdar://problem/24269675>
2684
2685         Reviewed by Chris Fleizach.
2686
2687         Using CharacterOffset to implement paragraph related text marker calls. Reused
2688         logic from VisibleUnits class. And refactored textMarkerForCharacterOffset method
2689         to get better performance. Also fixed an issue where we can't navigate through a text
2690         node with line breaks in it using next/previousCharacterOffset call.
2691
2692         Test: accessibility/mac/text-marker-paragraph-nav.html
2693
2694         * accessibility/AXObjectCache.cpp:
2695         (WebCore::AXObjectCache::traverseToOffsetInRange):
2696         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
2697         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
2698         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
2699         (WebCore::AXObjectCache::textMarkerDataForNextCharacterOffset):
2700         (WebCore::AXObjectCache::textMarkerDataForPreviousCharacterOffset):
2701         (WebCore::AXObjectCache::nextNode):
2702         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
2703         (WebCore::AXObjectCache::nextCharacterOffset):
2704         (WebCore::AXObjectCache::previousCharacterOffset):
2705         (WebCore::startWordBoundary):
2706         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
2707         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
2708         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
2709         (WebCore::AXObjectCache::previousWordBoundary):
2710         (WebCore::AXObjectCache::startCharacterOffsetOfParagraph):
2711         (WebCore::AXObjectCache::endCharacterOffsetOfParagraph):
2712         (WebCore::AXObjectCache::paragraphForCharacterOffset):
2713         (WebCore::AXObjectCache::nextParagraphEndCharacterOffset):
2714         (WebCore::AXObjectCache::previousParagraphStartCharacterOffset):
2715         (WebCore::AXObjectCache::rootAXEditableElement):
2716         * accessibility/AXObjectCache.h:
2717         (WebCore::CharacterOffset::remaining):
2718         (WebCore::CharacterOffset::isNull):
2719         (WebCore::CharacterOffset::isEqual):
2720         (WebCore::AXObjectCache::isNodeInUse):
2721         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
2722         (+[WebAccessibilityTextMarker textMarkerWithCharacterOffset:cache:]):
2723         (-[WebAccessibilityObjectWrapper nextMarkerForCharacterOffset:]):
2724         (-[WebAccessibilityObjectWrapper previousMarkerForCharacterOffset:]):
2725         (-[WebAccessibilityObjectWrapper rangeForTextMarkers:]):
2726         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
2727         (startOrEndTextmarkerForRange):
2728         (nextTextMarkerForCharacterOffset):
2729         (previousTextMarkerForCharacterOffset):
2730         (-[WebAccessibilityObjectWrapper nextTextMarkerForCharacterOffset:]):
2731         (-[WebAccessibilityObjectWrapper previousTextMarkerForCharacterOffset:]):
2732         (-[WebAccessibilityObjectWrapper textMarkerForCharacterOffset:]):
2733         (textMarkerForCharacterOffset):
2734         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
2735         (-[WebAccessibilityObjectWrapper nextTextMarkerForNode:offset:]): Deleted.
2736         (-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]): Deleted.
2737         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:ignoreStart:]): Deleted.
2738         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]): Deleted.
2739         * editing/VisibleUnits.cpp:
2740         (WebCore::nextSentencePosition):
2741         (WebCore::findStartOfParagraph):
2742         (WebCore::findEndOfParagraph):
2743         (WebCore::startOfParagraph):
2744         (WebCore::endOfParagraph):
2745         * editing/VisibleUnits.h:
2746
2747 2016-02-12  Ryan Haddad  <ryanhaddad@apple.com>
2748
2749         Reset results for bindings tests after r196520
2750
2751         Unreviewed test gardening.
2752
2753         No new tests needed.
2754
2755         * bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
2756         (webkit_dom_test_event_target_dispatch_event):
2757         * bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
2758         (webkit_dom_test_node_dispatch_event):
2759
2760 2016-02-12  Saam barati  <sbarati@apple.com>
2761
2762         Attempting build fix from https://bugs.webkit.org/show_bug.cgi?id=154144.
2763
2764         * bindings/js/JSDOMGlobalObject.cpp:
2765         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
2766
2767 2016-02-12  Daniel Bates  <dabates@apple.com>
2768
2769         CSP: 'blob:' URLs should not match 'self' in CSP source expression lists.
2770         https://bugs.webkit.org/show_bug.cgi?id=153158
2771         <rdar://problem/24383264>
2772
2773         Reviewed by Brent Fulgham.
2774
2775         A blob URL should not match source 'self' by section Security Considerations for GUID URL schemes
2776         of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/CSP2/> (21 July 2015).
2777
2778         Tests: http/tests/security/contentSecurityPolicy/blob-url-does-not-match-source-self.html
2779                http/tests/security/contentSecurityPolicy/blob-url-matches-source-blob.html
2780
2781         * page/csp/ContentSecurityPolicySourceList.cpp:
2782         (WebCore::ContentSecurityPolicySourceList::matches): Do not make a distinction between URLs that
2783         contain a nested URL (e.g. blob://http://www.example.com/...) and URLs that do not contain a nested
2784         URL. The URL of the requested resource should be matched against the source list source expressions.
2785
2786 2016-02-12  Daniel Bates  <dabates@apple.com>
2787
2788         CSP: Implement child-src directive
2789         https://bugs.webkit.org/show_bug.cgi?id=153562
2790         <rdar://problem/24610087>
2791
2792         Reviewed by Brent Fulgham.
2793
2794         Add support for the child-src directive, <https://w3c.github.io/webappsec-csp/2/#child_src> (29 August 2015),
2795         which formally replaces the deprecated frame-src directive as of the Content Security Policy 2.0 spec. The
2796         child-src directive was first introduced in the Content Security Policy 1.1 spec, <https://www.w3.org/TR/2014/WD-CSP11-20140211/>.
2797
2798         As a side effect of this change, the script URL for a Web Worker is checked against the child-src directive
2799         as opposed to the script-src directive. This is a backward incompatible change from the CSP 1.0 spec.
2800
2801         Tests: http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-blocked.html
2802                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-redirect-blocked.html
2803                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-src-takes-precedence-over-child-src.html
2804                http/tests/security/contentSecurityPolicy/1.1/child-src/worker-redirect-blocked.html
2805                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-redirect.html
2806
2807         * loader/DocumentThreadableLoader.cpp:
2808         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Check child-src directive (if applicable).
2809         * loader/ThreadableLoader.h: Add enum value EnforceChildSrcDirective to enum class ContentSecurityPolicyEnforcement to
2810         enforce the child-src directive on redirect.
2811         * page/csp/ContentSecurityPolicy.cpp:
2812         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Added.
2813         * page/csp/ContentSecurityPolicy.h:
2814         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2815         (WebCore::ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation): Add message prefix for a child-src violation.
2816         We use the same message prefix as used by Blink.
2817         (WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Added.
2818         (WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Modified to check the frame-src
2819         directive (if specified) before checking the child-src directive by <https://w3c.github.io/webappsec-csp/2/#directive-child-src-nested>.
2820         (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the child-src directive.
2821         * page/csp/ContentSecurityPolicyDirectiveList.h:
2822         * workers/AbstractWorker.cpp:
2823         (WebCore::AbstractWorker::resolveURL): Check if the script URL for the worker is allowed by the child-src directive
2824         as opposed to the script-src directive. This is a backwards incompatible change from the CSP 1.0 spec.
2825         * workers/Worker.cpp:
2826         (WebCore::Worker::create): Enforce the child-src directive on redirects (if applicable).
2827
2828 2016-02-12  Saam barati  <sbarati@apple.com>
2829
2830         The parser doesn't properly protect against global variable references in builtins
2831         https://bugs.webkit.org/show_bug.cgi?id=154144
2832
2833         Reviewed by Geoffrey Garen.
2834
2835         Change JS builtins to no longer reference global variables.
2836
2837         No new tests because old tests cover the issues here.
2838
2839         * Modules/mediastream/NavigatorUserMedia.js:
2840         (webkitGetUserMedia):
2841         * Modules/mediastream/RTCPeerConnection.js:
2842         (addIceCandidate):
2843         (getStats):
2844         * Modules/mediastream/RTCPeerConnectionInternals.js:
2845         (setLocalOrRemoteDescription):
2846         * Modules/plugins/QuickTimePluginReplacement.js:
2847         (Replacement.prototype.handleEvent):
2848         * Modules/streams/ByteLengthQueuingStrategy.js:
2849         (initializeByteLengthQueuingStrategy):
2850         * Modules/streams/CountQueuingStrategy.js:
2851         (initializeCountQueuingStrategy):
2852         * Modules/streams/ReadableStreamInternals.js:
2853         (teeReadableStream):
2854         * bindings/js/JSDOMGlobalObject.cpp:
2855         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
2856         * bindings/js/WebCoreBuiltinNames.h:
2857
2858 2016-02-12  Jiewen Tan  <jiewen_tan@apple.com>
2859
2860         WebKit should expose the DOM 4 Event.isTrusted property
2861         https://bugs.webkit.org/show_bug.cgi?id=76121
2862         <rdar://problem/22558494>
2863
2864         Reviewed by Darin Adler.
2865
2866         Implements Event.isTrusted. The implementation here is slitely different from and better than
2867         the DOM specification. Here Event.isTrusted will be initialized differently depending on the
2868         callers of the constructors/create methods. If the caller is from user agent, the isTrusted
2869         will be true. Otherwise, it will be false. Since a user agent dispatched event can be catched
2870         and re-initialized/redispatched by the bindings, the flag will be unset at *Event::init*Event
2871         and EventTarget::dispatchEventForBindings. As currently there is no way to let user agent to
2872         dispatch a bindings created event, therefore we ensure that the Event.isTrusted is set for
2873         events dispatched by user agent, and unset for those by bindings.
2874
2875         EventTarget::dispatchEvent(Event*, ExceptionCode&) is renamed to EventTarget::dispatchEventForBindings
2876         in this patch as well. So that, together with the improved design of the API, developers in
2877         the future will be less likely using a wrong dispatchEvent method and setting Event.isTrusted
2878         incorrectly comparing to the DOM design.
2879
2880         After this patch, all events that are created by user agent should be dispatched by
2881         EventTarget::dispatchEvent, and those are created by bindings should be dispatched by
2882         EventTarget::dispatchEventForBindings.
2883
2884         Some of the changes in this patch referred Blink r198996:
2885         https://codereview.chromium.org/1241613004
2886
2887         Test: imported/blink/fast/events/event-trusted.html
2888
2889         * bindings/scripts/CodeGeneratorGObject.pm:
2890         (GenerateEventTargetIface):
2891         * dom/Event.cpp:
2892         (WebCore::Event::Event):
2893         (WebCore::Event::initEvent):
2894         * dom/Event.h:
2895         (WebCore::Event::isTrusted):
2896         (WebCore::Event::setUntrusted):
2897         * dom/Event.idl:
2898         * dom/EventTarget.cpp:
2899         (WebCore::EventTarget::dispatchEventForBindings):
2900         (WebCore::EventTarget::dispatchEvent): Deleted.
2901         * dom/EventTarget.h:
2902         * dom/EventTarget.idl:
2903         * page/DOMWindow.idl:
2904         * page/EventHandler.cpp:
2905         (WebCore::EventHandler::dispatchDragEvent):
2906         * workers/WorkerGlobalScope.idl:
2907
2908 2016-02-12  Brady Eidson  <beidson@apple.com>
2909
2910         Modern IDB: IDBObjectStore and IDBIndex need to be ActiveDOMObjects.
2911         https://bugs.webkit.org/show_bug.cgi?id=154153
2912
2913         Reviewed by Alex Christensen.
2914
2915         No new tests (No testable change in behavior).
2916
2917         This is needed so that IDBObjectStore and IDBIndex JS wrappers are not garbage collected
2918         while their IDBTransaction is still in progress.
2919
2920         * Modules/indexeddb/client/IDBIndexImpl.cpp:
2921         (WebCore::IDBClient::IDBIndex::IDBIndex):
2922         (WebCore::IDBClient::IDBIndex::activeDOMObjectName):
2923         (WebCore::IDBClient::IDBIndex::canSuspendForDocumentSuspension):
2924         (WebCore::IDBClient::IDBIndex::hasPendingActivity):
2925         * Modules/indexeddb/client/IDBIndexImpl.h:
2926         
2927         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
2928         (WebCore::IDBClient::IDBObjectStore::create):
2929         (WebCore::IDBClient::IDBObjectStore::IDBObjectStore):
2930         (WebCore::IDBClient::IDBObjectStore::activeDOMObjectName):
2931         (WebCore::IDBClient::IDBObjectStore::canSuspendForDocumentSuspension):
2932         (WebCore::IDBClient::IDBObjectStore::hasPendingActivity):
2933         (WebCore::IDBClient::IDBObjectStore::index):
2934         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
2935         
2936         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
2937         (WebCore::IDBClient::IDBTransaction::objectStore):
2938         (WebCore::IDBClient::IDBTransaction::createObjectStore):
2939         (WebCore::IDBClient::IDBTransaction::createIndex):
2940
2941 2016-02-12  Brady Eidson  <beidson@apple.com>
2942
2943         Modern IDB: Simplify the relationship between IDBObjectStore and IDBIndex.
2944         https://bugs.webkit.org/show_bug.cgi?id=154187
2945
2946         Reviewed by Alex Christensen.
2947
2948         Tests: storage/indexeddb/modern/deleteindex-3-private.html
2949                storage/indexeddb/modern/deleteindex-3.html
2950
2951         Instead of allowing IDBIndex to have two different lifecycle modes, it is now always
2952         owned by an IDBObjectStore.
2953         
2954         To support the case where an IDBIndex is deleted from its IDBObjectStore, the object
2955         store simply hangs on to deleted indexes until it is destroyed itself.
2956         
2957         * Modules/indexeddb/client/IDBIndexImpl.cpp:
2958         (WebCore::IDBClient::IDBIndex::markAsDeleted):
2959         (WebCore::IDBClient::IDBIndex::ref):
2960         (WebCore::IDBClient::IDBIndex::deref):
2961         * Modules/indexeddb/client/IDBIndexImpl.h:
2962         
2963         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
2964         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
2965         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
2966
2967 2016-02-12  Myles C. Maxfield  <mmaxfield@apple.com>
2968
2969         [CSS Font Loading] Implement CSSFontFace Boilerplate
2970         https://bugs.webkit.org/show_bug.cgi?id=154145
2971
2972         Reviewed by Dean Jackson.
2973
2974         The CSS Font Loading spec[1] dictates that the FontFace object needs to have string
2975         accessors and mutators for a bunch of properties. Our CSSFontFace object currently
2976         contains this parsed information, but it isn't accessible via string-based methods.
2977         This patch adds the necessary accessors and mutators, and migrates CSSFontSelector
2978         to use these mutators where necessary.
2979
2980         There is more work to come on CSSFontFace; the next step is to create an .idl file
2981         and hook it up to our CSSFontFace object. In this patch I have left some
2982         unimplemented pieces (for example: where the spec dictates that some operation should
2983         throw a JavaScript exception) which will be implemented in a follow-up patch. This
2984         patch does not have any visible behavior change; I'm separating out the boilerplate
2985         into this patch in order to ease reviewing burden.
2986
2987         This patch separates the externally-facing JavaScript API into a new class, FontFace.
2988         This class owns a CSSFontFace, which provides the backing implementation. There will
2989         be a system of shared ownership of these objects once FontFaceSet is implemented.
2990
2991         No new tests because there is no behavior change.
2992
2993         * CMakeLists.txt: Add new files to CMake builds.
2994         * WebCore.vcxproj/WebCore.vcxproj: Ditto for Windows.
2995         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
2996         * WebCore.xcodeproj/project.pbxproj: Ditto for Cocoa.
2997         * css/CSSAllInOne.cpp: Ditto for All-In-One builds.
2998         * css/CSSFontFace.cpp: Move shared code from CSSFontSelector into CSSFontFace.
2999         (WebCore::CSSFontFace::CSSFontFace):
3000         (WebCore::CSSFontFace::~CSSFontFace):
3001         (WebCore::CSSFontFace::setFamilies):
3002         (WebCore::CSSFontFace::setStyle):
3003         (WebCore::CSSFontFace::setWeight):
3004         (WebCore::CSSFontFace::setUnicodeRange):
3005         (WebCore::CSSFontFace::setVariantLigatures):
3006         (WebCore::CSSFontFace::setVariantPosition):
3007         (WebCore::CSSFontFace::setVariantCaps):
3008         (WebCore::CSSFontFace::setVariantNumeric):
3009         (WebCore::CSSFontFace::setVariantAlternates):
3010         (WebCore::CSSFontFace::setVariantEastAsian):
3011         (WebCore::CSSFontFace::setFeatureSettings):
3012         * css/CSSFontFace.h: Clean up.
3013         (WebCore::CSSFontFace::create):
3014         (WebCore::CSSFontFace::families):
3015         (WebCore::CSSFontFace::traitsMask):
3016         (WebCore::CSSFontFace::featureSettings):
3017         (WebCore::CSSFontFace::variantSettings):
3018         (WebCore::CSSFontFace::setVariantSettings):
3019         (WebCore::CSSFontFace::setTraitsMask):
3020         (WebCore::CSSFontFace::isLocalFallback):
3021         (WebCore::CSSFontFace::addRange): Deleted.
3022         (WebCore::CSSFontFace::insertFeature): Deleted.
3023         (WebCore::CSSFontFace::setVariantCommonLigatures): Deleted.
3024         (WebCore::CSSFontFace::setVariantDiscretionaryLigatures): Deleted.
3025         (WebCore::CSSFontFace::setVariantHistoricalLigatures): Deleted.
3026         (WebCore::CSSFontFace::setVariantContextualAlternates): Deleted.
3027         (WebCore::CSSFontFace::setVariantPosition): Deleted.
3028         (WebCore::CSSFontFace::setVariantCaps): Deleted.
3029         (WebCore::CSSFontFace::setVariantNumericFigure): Deleted.
3030         (WebCore::CSSFontFace::setVariantNumericSpacing): Deleted.
3031         (WebCore::CSSFontFace::setVariantNumericFraction): Deleted.
3032         (WebCore::CSSFontFace::setVariantNumericOrdinal): Deleted.
3033         (WebCore::CSSFontFace::setVariantNumericSlashedZero): Deleted.
3034         (WebCore::CSSFontFace::setVariantAlternates): Deleted.
3035         (WebCore::CSSFontFace::setVariantEastAsianVariant): Deleted.
3036         (WebCore::CSSFontFace::setVariantEastAsianWidth): Deleted.
3037         (WebCore::CSSFontFace::setVariantEastAsianRuby): Deleted.
3038         (WebCore::CSSFontFace::CSSFontFace): Deleted.
3039         * css/CSSFontSelector.cpp: Migrate shared code into CSSFontFace, and udpate
3040         to use the new API.
3041         (WebCore::appendSources):
3042         (WebCore::registerLocalFontFacesForFamily):
3043         (WebCore::CSSFontSelector::addFontFaceRule):
3044         (WebCore::computeTraitsMask): Deleted.
3045         (WebCore::createFontFace): Deleted.
3046         * css/FontFace.cpp: Added. External JavaScript API. Owns a CSSFontFace.
3047         (WebCore::FontFace::FontFace):
3048         (WebCore::FontFace::~FontFace):
3049         (WebCore::parseString):
3050         (WebCore::FontFace::setFamily):
3051         (WebCore::FontFace::setStyle):
3052         (WebCore::FontFace::setWeight):
3053         (WebCore::FontFace::setStretch):
3054         (WebCore::FontFace::setUnicodeRange):
3055         (WebCore::FontFace::setVariant):
3056         (WebCore::FontFace::setFeatureSettings):
3057         (WebCore::FontFace::family):
3058         (WebCore::FontFace::style):
3059         (WebCore::FontFace::weight):
3060         (WebCore::FontFace::stretch):
3061         (WebCore::FontFace::unicodeRange):
3062         (WebCore::FontFace::variant):
3063         (WebCore::FontFace::featureSettings):
3064         * css/FontFace.h: Added. Ditto.
3065         (WebCore::FontFace::create):
3066         * css/FontVariantBuilder.cpp: Added. Moved code here from FontVariantBuilder.h.
3067         Refactored to support a new client (CSSFontFace).
3068         (WebCore::extractFontVariantLigatures):
3069         (WebCore::extractFontVariantNumeric):
3070         (WebCore::extractFontVariantEastAsian):
3071         (WebCore::computeFontVariant):
3072         * css/FontVariantBuilder.h: Moved code from here into FontVariantBuilder.cpp.
3073         (WebCore::applyValueFontVariantLigatures): Deleted.
3074         (WebCore::applyValueFontVariantNumeric): Deleted.
3075         (WebCore::applyValueFontVariantEastAsian): Deleted.
3076         * css/StyleBuilderCustom.h: Update for new FontVariantBuilder API.
3077         (WebCore::StyleBuilderCustom::applyValueFontVariantLigatures):
3078         (WebCore::StyleBuilderCustom::applyValueFontVariantNumeric):
3079         (WebCore::StyleBuilderCustom::applyValueFontVariantEastAsian):
3080         * platform/text/TextFlags.h: Provide convenience classes.
3081         (WebCore::FontVariantLigaturesValues::FontVariantLigaturesValues):
3082         (WebCore::FontVariantNumericValues::FontVariantNumericValues):
3083         (WebCore::FontVariantEastAsianValues::FontVariantEastAsianValues):
3084
3085 2016-02-12  Jer Noble  <jer.noble@apple.com>
3086
3087         Build fix after r196506; publish MediaResourceLoader.h as a private header so it can be used by
3088         TestWebKitAPI.
3089
3090         * WebCore.xcodeproj/project.pbxproj:
3091
3092 2016-02-11  Jer Noble  <jer.noble@apple.com>
3093
3094         [Mac] Adopt MediaResourceLoader (instead of CachedResourceLoader) in WebCoreNSURLSession.
3095         https://bugs.webkit.org/show_bug.cgi?id=154136
3096
3097         Reviewed by Alex Christensen.
3098
3099         MediaResourceLoader already supports using CORS attribute to verify CORS access requirements
3100         when loading media resources, so use it, rather than CachedResourceLoader, as the backing for
3101         WebCoreNSURLSession.
3102
3103         * platform/network/cocoa/WebCoreNSURLSession.h:
3104         * platform/network/cocoa/WebCoreNSURLSession.mm:
3105         (-[WebCoreNSURLSession delegateQueue]):
3106         (-[WebCoreNSURLSession streamTaskWithNetService:]):
3107         (-[WebCoreNSURLSession isKindOfClass:]):
3108         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
3109         (-[WebCoreNSURLSessionDataTask _restart]):
3110         (-[WebCoreNSURLSessionDataTask _cancel]):
3111         (-[WebCoreNSURLSessionDataTask resume]):
3112         (-[WebCoreNSURLSessionDataTask _timingData]):
3113         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
3114         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
3115         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Deleted.
3116         (-[WebCoreNSURLSession loader]): Deleted.
3117         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent): Deleted.
3118         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived): Deleted.
3119         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived): Deleted.
3120         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived): Deleted.
3121         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished): Deleted.
3122         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]): Deleted.
3123         (-[WebCoreNSURLSessionDataTask _finish]): Deleted.
3124         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
3125         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]): Deleted.
3126         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]): Deleted.
3127         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Deleted.
3128         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3129         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
3130
3131 2016-02-12  Alex Christensen  <achristensen@webkit.org>
3132
3133         Fix non-internal builds when using NetworkSession
3134         https://bugs.webkit.org/show_bug.cgi?id=152285
3135
3136         * platform/spi/cf/CFNetworkSPI.h:
3137         Add SPI declaration used in r194156.
3138
3139 2016-02-12  Andreas Kling  <akling@apple.com>
3140
3141         Throw out all live resource decoded data on memory pressure / suspension.
3142         <https://webkit.org/b/154176>
3143
3144         Reviewed by Antti Koivisto.
3145
3146         When pruning live resource decoded data from the memory cache,
3147         we normally avoid pruning anything that's been painted in the last second.
3148         This is an optimization to avoid getting into image decoding loops.
3149
3150         For memory pressure / process suspension scenarios this doesn't really
3151         make sense though:
3152
3153             - In the pressure case, if we have to render again soon it'll likely
3154               be a new GIF frame which we have to decode anyway.
3155
3156             - In the process suspension case, we might *never* render again,
3157               so we should be good citizens and drop all the decoded data we can.
3158
3159         This patch makes us drop all the decoded data, recently painted or not.
3160
3161         * platform/MemoryPressureHandler.cpp:
3162         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
3163
3164 2016-02-12  Gavin Barraclough  <barraclough@apple.com>
3165
3166         Separate out !allowsAccess path in JSDOMWindowCustom getOwnPropertySlot
3167         https://bugs.webkit.org/show_bug.cgi?id=154156
3168
3169         Reviewed by Chris Dumez.
3170
3171         JSDOMWindowCustom getOwnPropertySlot currently allows cross-origin access to all
3172         static properties, relying on the property to perform the access check. This is
3173         a little insecure, since it is error prone - someone could easily add a property
3174         to the static table without realizing it would be automatcially exposed.
3175
3176         Instead, add a hard-coded filter to restrict access. As a future implementation
3177         we might consider autogenerating this (the properties are already tagged in IDL,
3178         we might be able to track this in a flag on the static table).
3179
3180         By separating out the handling of the same- and cross-origin access we can
3181         simplify & make the policy being enforced much clearer.
3182
3183         * bindings/js/JSDOMBinding.cpp:
3184         (WebCore::objectToStringFunctionGetter): Deleted.
3185             - removed objectToStringFunctionGetter - this duplicated functionality of
3186               nonCachingStaticFunctionGetter.
3187         * bindings/js/JSDOMBinding.h:
3188         (WebCore::objectToStringFunctionGetter): Deleted.
3189             - removed objectToStringFunctionGetter - this duplicated functionality of
3190               nonCachingStaticFunctionGetter.
3191         * bindings/js/JSDOMWindowCustom.cpp:
3192         (WebCore::jsDOMWindowGetOwnPropertySlotDisallowAccess):
3193             - explicitly handle providing access to only the things we do want to allow cross-origin.
3194         (WebCore::JSDOMWindow::getOwnPropertySlot):
3195         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
3196             - push all !allowsAccess handling to jsDOMWindowGetOwnPropertySlotDisallowAccess
3197         (WebCore::childFrameGetter): Deleted.
3198             - this was just a deoptimiztion - moving access into a callback saved very
3199               little & caused more work to be duplicated.
3200
3201 2016-02-12  Sukolsak Sakshuwong  <sukolsak@gmail.com>
3202
3203         Update ICU header files to version 52
3204         https://bugs.webkit.org/show_bug.cgi?id=154160
3205
3206         Reviewed by Alex Christensen.
3207
3208         Update ICU header files to version 52 to allow the use of newer APIs.
3209
3210         No new tests because there is no behavior change.
3211
3212         * icu/unicode/bytestream.h:
3213         * icu/unicode/chariter.h:
3214         * icu/unicode/localpointer.h:
3215         * icu/unicode/platform.h:
3216         * icu/unicode/ptypes.h:
3217         * icu/unicode/putil.h:
3218         * icu/unicode/rep.h:
3219         (Replaceable::Replaceable):
3220         * icu/unicode/std_string.h:
3221         * icu/unicode/strenum.h:
3222         * icu/unicode/stringpiece.h:
3223         * icu/unicode/ubrk.h:
3224         * icu/unicode/uchar.h:
3225         * icu/unicode/ucnv.h:
3226         * icu/unicode/ucol.h:
3227         * icu/unicode/ucoleitr.h:
3228         * icu/unicode/uconfig.h:
3229         * icu/unicode/ucsdet.h:
3230         * icu/unicode/uenum.h:
3231         * icu/unicode/uidna.h:
3232         * icu/unicode/uiter.h:
3233         * icu/unicode/uloc.h:
3234         * icu/unicode/umachine.h:
3235         * icu/unicode/unistr.h:
3236         (UnicodeString::UnicodeString):
3237         (UnicodeString::operator== ):
3238         (UnicodeString::startsWith):
3239         (UnicodeString::setTo):
3240         (UnicodeString::remove):
3241         (UnicodeString::replace): Deleted.
3242         (UnicodeString::extract): Deleted.
3243         (UnicodeString::char32At): Deleted.
3244         (UnicodeString::getChar32Start): Deleted.
3245         (UnicodeString::getChar32Limit): Deleted.
3246         (UnicodeString::getTerminatedBuffer): Deleted.
3247         (UnicodeString::append): Deleted.
3248         (UnicodeString::truncate): Deleted.
3249         * icu/unicode/unorm2.h:
3250         * icu/unicode/uobject.h:
3251         * icu/unicode/urename.h:
3252         * icu/unicode/uscript.h:
3253         * icu/unicode/usearch.h:
3254         * icu/unicode/uset.h:
3255         * icu/unicode/ushape.h:
3256         * icu/unicode/ustring.h:
3257         * icu/unicode/utext.h:
3258         * icu/unicode/utf.h:
3259         * icu/unicode/utf16.h:
3260         * icu/unicode/utf8.h:
3261         * icu/unicode/utf_old.h:
3262         * icu/unicode/utypes.h:
3263         * icu/unicode/uvernum.h:
3264         * icu/unicode/uversion.h:
3265
3266 2016-02-12  Andreas Kling  <akling@apple.com>
3267
3268         [Mac] BitmapImage::decodedDataIsPurgeable() is telling lies and causing massive memory usage.
3269         <https://webkit.org/b/154172>
3270
3271         Reviewed by Antti Koivisto.
3272
3273         The underlying mechanism in CoreAnimation that made this work is no longer in place.
3274
3275         Instead of keeping purgeable frames and juggling volatility bits, we were simply caching
3276         every single frame of large GIF animations, sometimes leading to monstrous memory usage.
3277
3278         Remove the code from WebCore since it's not doing at all what it means to.
3279
3280         Now iOS and Mac will behave the same again, and frame caching decisions will be
3281         made by WebKit, based on total pixel byte size.
3282
3283         * loader/cache/CachedImage.h:
3284         * loader/cache/CachedResource.h:
3285         (WebCore::CachedResource::decodedDataIsPurgeable): Deleted.
3286         * loader/cache/MemoryCache.cpp:
3287         (WebCore::MemoryCache::pruneLiveResourcesToSize): Deleted.
3288         * platform/graphics/BitmapImage.cpp:
3289         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
3290         (WebCore::BitmapImage::destroyDecodedDataIfNecessary): Deleted.
3291         * platform/graphics/BitmapImage.h:
3292         * platform/graphics/Image.h:
3293         (WebCore::Image::decodedDataIsPurgeable): Deleted.
3294         * platform/graphics/cg/BitmapImageCG.cpp:
3295         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
3296         * platform/graphics/cg/ImageSourceCG.cpp:
3297         (WebCore::ImageSource::createFrameAtIndex): Deleted.
3298
3299 2016-02-12  Brady Eidson  <beidson@apple.com>
3300
3301         Modern IDB: Ref cycle between IDBObjectStore and IDBIndex.
3302         https://bugs.webkit.org/show_bug.cgi?id=154110
3303
3304         Reviewed by Darin Adler.
3305
3306         No new tests (Currently untestable).
3307
3308         The lifetime of IDBObjectStore and IDBIndex are closely intertwined, but we have to break the ref cycle.
3309         
3310         This patch does a few semi-gnarly things:
3311         1 - Makes both IDBIndex and IDBObjectStore have a custom marking function so they can add each other as 
3312             opaque roots.
3313         2 - Adds a lock to protect IDBObjectStore's collection of referenced indexes to support #1, as GC marking
3314             can happen on any thread.
3315         3 - Makes IDBIndex not be traditionally RefCounted; Instead, IDBIndex::ref()/deref() simply ref()/deref()
3316             the owning IDBObjectStore.
3317         4 - ...Except when somebody deletes an IDBIndex from its IDBObjectStore. Once that happens, the object
3318             store no longer has a reference back to the index, but the index still needs a reference back to the
3319             object store. To support this, the IDBIndex becomes "traditionally RefCounted" while holding a ref to
3320             its IDBObjectStore.
3321
3322         * CMakeLists.txt:
3323         * WebCore.xcodeproj/project.pbxproj:
3324
3325         * Modules/indexeddb/IDBIndex.h:
3326         (WebCore::IDBIndex::isModern):
3327         * Modules/indexeddb/IDBIndex.idl:
3328         
3329         * Modules/indexeddb/IDBObjectStore.h:
3330         (WebCore::IDBObjectStore::isModern):
3331         * Modules/indexeddb/IDBObjectStore.idl:
3332         
3333         * Modules/indexeddb/client/IDBIndexImpl.cpp:
3334         (WebCore::IDBClient::IDBIndex::objectStore):
3335         (WebCore::IDBClient::IDBIndex::openCursor):
3336         (WebCore::IDBClient::IDBIndex::doCount):
3337         (WebCore::IDBClient::IDBIndex::openKeyCursor):
3338         (WebCore::IDBClient::IDBIndex::doGet):
3339         (WebCore::IDBClient::IDBIndex::doGetKey):
3340         (WebCore::IDBClient::IDBIndex::markAsDeleted):
3341         (WebCore::IDBClient::IDBIndex::ref):
3342         (WebCore::IDBClient::IDBIndex::deref):
3343         (WebCore::IDBClient::IDBIndex::create): Deleted.
3344         * Modules/indexeddb/client/IDBIndexImpl.h:
3345         (WebCore::IDBClient::IDBIndex::modernObjectStore):
3346         
3347         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
3348         (WebCore::IDBClient::IDBObjectStore::createIndex):
3349         (WebCore::IDBClient::IDBObjectStore::index):
3350         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
3351         (WebCore::IDBClient::IDBObjectStore::visitReferencedIndexes):
3352         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
3353         
3354         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
3355         (WebCore::IDBClient::IDBTransaction::createIndex):
3356         * Modules/indexeddb/client/IDBTransactionImpl.h:
3357         
3358         * Modules/indexeddb/legacy/LegacyIndex.cpp:
3359         (WebCore::LegacyIndex::ref):
3360         (WebCore::LegacyIndex::deref):
3361         * Modules/indexeddb/legacy/LegacyIndex.h:
3362         
3363         * bindings/js/JSIDBIndexCustom.cpp: Added.
3364         (WebCore::JSIDBIndex::visitAdditionalChildren):
3365         
3366         * bindings/js/JSIDBObjectStoreCustom.cpp:
3367         (WebCore::JSIDBObjectStore::visitAdditionalChildren):
3368
3369 2016-02-12  Csaba Osztrogonác  <ossy@webkit.org>
3370
3371         [EFL][GTK] Fix ENABLE(SVG_OTF_CONVERTER) build
3372         https://bugs.webkit.org/show_bug.cgi?id=154165
3373
3374         Reviewed by Alex Christensen.
3375
3376         * CMakeLists.txt:
3377         * css/CSSFontFaceSource.cpp:
3378         (WebCore::CSSFontFaceSource::font):
3379         * svg/SVGToOTFFontConversion.cpp:
3380         * svg/SVGToOTFFontConversion.h:
3381
3382 2016-02-12  Chris Dumez  <cdumez@apple.com>
3383
3384         Unreviewed nit fixes after r196466.
3385
3386         * Modules/speech/SpeechSynthesisUtterance.idl: Fix curly bracket
3387           placement.
3388         * bindings/scripts/CodeGeneratorJS.pm:
3389         (GenerateHeader): Use wrappableObject instead of domObject.
3390         * bindings/scripts/test/*: Rebaseline.
3391         * dom/WebKitNamedFlow.idl: Drop unnecessary #if case.
3392
3393 2016-02-12  Carlos Garcia Campos  <cgarcia@igalia.com>
3394
3395         [GTK] Properly handle classes inheriting from EventTarget
3396         https://bugs.webkit.org/show_bug.cgi?id=154158
3397
3398         Reviewed by Michael Catanzaro.
3399
3400         Instead of removing its parent we now handle the case of classes
3401         having EventTarget as parent to make them implement the interface
3402         instead.
3403
3404         * bindings/scripts/CodeGeneratorGObject.pm:
3405         (ShouldBeExposedAsInterface): Whether the parent given class
3406         should be exposed as an interface instead of a parent class.
3407         (GetParentClassName): Return Object as parent for classes having
3408         a parent that should be exposed as an interface.
3409         (GetParentImplClassName): Ditto.
3410         (GetBaseClass): Ditto.
3411         (GetParentGObjType): Ditto.
3412         (SkipFunction): Add FIXME comment.
3413         (ImplementsInterface): Helper function to check if a class
3414         implements the given interface.
3415         (GenerateCFile): Check whether the class implements EventTarget to
3416         generate the interface implementation.
3417         (GenerateInterface): Do not remove the parent class when it's EventTarget.
3418
3419 2016-02-12  Commit Queue  <commit-queue@webkit.org>
3420
3421         Unreviewed, rolling out r196470.
3422         https://bugs.webkit.org/show_bug.cgi?id=154167
3423
3424         Broke some tests (Requested by anttik on #webkit).
3425
3426         Reverted changeset:
3427
3428         "Factor class change style invalidation code into a class"
3429         https://bugs.webkit.org/show_bug.cgi?id=154163
3430         http://trac.webkit.org/changeset/196470
3431
3432 2016-02-12  Antti Koivisto  <antti@apple.com>
3433
3434         Factor class change style invalidation code into a class