2af26a5e76a0228b39de4d08a3cded519e14d811
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2018-05-16  Antoine Quint  <graouts@apple.com>
2
3         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
4         https://bugs.webkit.org/show_bug.cgi?id=185299
5         <rdar://problem/39630230>
6
7         Reviewed by Simon Fraser.
8
9         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
10         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
11         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
12         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
13         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
14         newly-uncommitted animation.
15
16         Test: transitions/interrupted-transition-hardware.html
17
18         * platform/graphics/ca/GraphicsLayerCA.cpp:
19         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
20         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
21         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
22         * platform/graphics/ca/GraphicsLayerCA.h:
23         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
24
25 2018-05-15  Yusuke Suzuki  <utatane.tea@gmail.com>
26
27         [JSC] Check TypeInfo first before calling getCallData when we would like to check whether given object is a function
28         https://bugs.webkit.org/show_bug.cgi?id=185601
29
30         Reviewed by Saam Barati.
31
32         No behavior change.
33
34         * Modules/plugins/QuickTimePluginReplacement.mm:
35         (WebCore::QuickTimePluginReplacement::ensureReplacementScriptInjected):
36         * bindings/js/JSCustomElementRegistryCustom.cpp:
37         (WebCore::getCustomElementCallback):
38         * bindings/js/JSDOMConstructorBase.h:
39         * bindings/js/JSDOMConvertCallbacks.h:
40         (WebCore::Converter<IDLCallbackFunction<T>>::convert):
41         * bindings/js/JSDOMPromise.cpp:
42         (WebCore::DOMPromise::whenSettled):
43         * bindings/js/ReadableStream.cpp:
44         (WebCore::ReadableStream::pipeTo):
45         (WebCore::ReadableStream::tee):
46         * bindings/js/ReadableStreamDefaultController.cpp:
47         (WebCore::ReadableStreamDefaultController::invoke):
48         * bindings/scripts/CodeGeneratorJS.pm:
49         (GenerateHeader):
50         (GenerateOverloadDispatcher):
51         * bindings/scripts/test/JS/JSTestObj.h:
52         * bindings/scripts/test/JS/JSTestPluginInterface.h:
53         * bridge/objc/objc_runtime.h:
54         * bridge/runtime_method.h:
55         * bridge/runtime_object.h:
56         * html/HTMLMediaElement.cpp:
57         (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
58         * testing/Internals.cpp:
59         (WebCore::Internals::parserMetaData):
60         (WebCore::Internals::cloneArrayBuffer):
61
62 2018-05-15  Matt Baker  <mattbaker@apple.com>
63
64         Web Inspector: element details hanger in inspector overlay should have better placement logic
65         https://bugs.webkit.org/show_bug.cgi?id=128482
66         <rdar://problem/16020709>
67
68         Reviewed by Timothy Hatcher.
69
70         When determining the best position for the hovered element details "tooltip",
71         perform placement tests in view space, not canvas space, and account for the
72         top content inset.
73
74         * inspector/InspectorOverlayPage.js:
75         (reset): Drive by fix: added missing `.height`.
76         (_drawElementTitle):
77
78 2018-05-15  Commit Queue  <commit-queue@webkit.org>
79
80         Unreviewed, rolling out r231765.
81         https://bugs.webkit.org/show_bug.cgi?id=185668
82
83         the layout test added with this change is very flaky
84         (Requested by realdawei on #webkit).
85
86         Reverted changeset:
87
88         "REGRESSION (r230574): Interrupted hardware transitions don't
89         behave correctly"
90         https://bugs.webkit.org/show_bug.cgi?id=185299
91         https://trac.webkit.org/changeset/231765
92
93 2018-05-15  Devin Rousso  <webkit@devinrousso.com>
94
95         Web Inspector: Add rulers and guides
96         https://bugs.webkit.org/show_bug.cgi?id=32263
97         <rdar://problem/19281564>
98
99         Reviewed by Matt Baker.
100
101         This patch is purely a visual change for WebInspector, and doesn't affect anything else.
102
103         * inspector/InspectorOverlay.h:
104         * inspector/InspectorOverlay.cpp:
105         (WebCore::InspectorOverlay::update):
106         (WebCore::InspectorOverlay::reset):
107         (WebCore::InspectorOverlay::drawGutter): Deleted.
108
109         * inspector/InspectorOverlayPage.html:
110         * inspector/InspectorOverlayPage.js:
111         (Bounds): Added.
112         (Bounds.prototype.get minX): Added.
113         (Bounds.prototype.get minY): Added.
114         (Bounds.prototype.get maxX): Added.
115         (Bounds.prototype.get maxY): Added.
116         (Bounds.prototype.update): Added.
117         (drawNodeHighlight):
118         (drawQuadHighlight):
119         (reset):
120         (_isolateActions): Added.
121         (_quadToPath): Added.
122         (_quadToPath.parseQuadPoint): Added.
123         (_drawOutlinedQuad): Added.
124         (_drawPath): Added.
125         (_drawPath.parsePoints): Added.
126         (_drawOutlinedQuadWithClip): Added.
127         (_drawElementTitle):
128         (_drawShapeHighlight):
129         (_drawFragmentHighlight):
130         (_drawRulers): Added.
131         (quadToPath): Deleted.
132         (drawOutlinedQuad): Deleted.
133         (pathCommand): Deleted.
134         (drawPath): Deleted.
135         (drawOutlinedQuadWithClip): Deleted.
136         (drawGutter): Deleted.
137         * inspector/InspectorOverlayPage.css:
138         (#log): Added.
139         (#right-gutter): Deleted.
140         (#bottom-gutter): Deleted.
141
142 2018-05-15  Jer Noble  <jer.noble@apple.com>
143
144         Media continues loading after rendered invisible (removed from DOM; scrolled off screen)
145         https://bugs.webkit.org/show_bug.cgi?id=185487
146
147         Reviewed by Eric Carlson.
148
149         Test: media/video-buffering-allowed.html
150
151         When a media element is removed from the dom (e.g. through innerHTML=""), it doesn't
152         necessarily stop loading media data; it will continue to do so until its destructor is
153         called through garbage collection. Similarly, when a media element is rendered not-visible
154         by being scrolled off-screen or being made display:none, media loading continues. There
155         are legitimate use cases for out-of-DOM media loading, so only temporarily block loading
156         when the element transitions out of the document. Similarly, only block loading for non-visible
157         media elements when returning from the "page is hidden" state, and only until the media
158         element is asked to play or is otherwise made visible.
159
160         Note: this refactors a lot of code out of PlatformMediaSession and into MediaElementSession,
161         since this code is specific to "media elements".
162
163         * html/HTMLMediaElement.cpp:
164         (WebCore::HTMLMediaElement::HTMLMediaElement):
165         (WebCore::HTMLMediaElement::insertedIntoAncestor):
166         (WebCore::HTMLMediaElement::removedFromAncestor):
167         (WebCore::HTMLMediaElement::playInternal):
168         (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
169         (WebCore::HTMLMediaElement::resume):
170         (WebCore::HTMLMediaElement::visibilityStateChanged):
171         (WebCore::HTMLMediaElement::createMediaPlayer):
172         (WebCore::HTMLMediaElement::setShouldBufferData):
173         (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible):
174         (WebCore::HTMLMediaElement::isVisibleInViewportChanged):
175         (WebCore::HTMLMediaElement::fullscreenModeChanged):
176         (WebCore::HTMLMediaElement::setInActiveDocument):
177         * html/HTMLMediaElement.h:
178         (WebCore::HTMLMediaElement::shouldBufferData const):
179         (WebCore::HTMLMediaElement::elementIsHidden const):
180         * html/MediaElementSession.cpp:
181         (WebCore::MediaElementSession::MediaElementSession):
182         (WebCore::MediaElementSession::clientWillBeginAutoplaying):
183         (WebCore::MediaElementSession::clientWillBeginPlayback):
184         (WebCore::MediaElementSession::clientWillPausePlayback):
185         (WebCore::MediaElementSession::visibilityChanged):
186         (WebCore::MediaElementSession::isVisibleInViewportChanged):
187         (WebCore::MediaElementSession::inActiveDocumentChanged):
188         (WebCore::MediaElementSession::scheduleClientDataBufferingCheck):
189         (WebCore::MediaElementSession::clientDataBufferingTimerFired):
190         (WebCore::MediaElementSession::updateClientDataBuffering):
191         (WebCore::MediaElementSession::dataBufferingPermitted const):
192         (WebCore::MediaElementSession::wantsToObserveViewportVisibilityForAutoplay const):
193         * html/MediaElementSession.h:
194         * platform/audio/PlatformMediaSession.cpp:
195         (WebCore::PlatformMediaSession::PlatformMediaSession):
196         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
197         (WebCore::PlatformMediaSession::clientWillBeginPlayback):
198         (WebCore::PlatformMediaSession::clientWillPausePlayback):
199         (): Deleted.
200         (WebCore::PlatformMediaSession::visibilityChanged): Deleted.
201         (WebCore::PlatformMediaSession::scheduleClientDataBufferingCheck): Deleted.
202         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired): Deleted.
203         (WebCore::PlatformMediaSession::updateClientDataBuffering): Deleted.
204         (WebCore::PlatformMediaSession::isHidden const): Deleted.
205         * platform/audio/PlatformMediaSession.h:
206         (WebCore::PlatformMediaSessionClient::setShouldBufferData): Deleted.
207         (WebCore::PlatformMediaSessionClient::elementIsHidden const): Deleted.
208         * platform/audio/PlatformMediaSessionManager.cpp:
209         (WebCore::PlatformMediaSessionManager::sessionCanLoadMedia const): Deleted.
210         * platform/audio/PlatformMediaSessionManager.h:
211         * platform/audio/ios/MediaSessionManagerIOS.h:
212         * platform/audio/ios/MediaSessionManagerIOS.mm:
213         (WebCore::MediaSessionManageriOS::sessionCanLoadMedia const): Deleted.
214         * rendering/RenderVideo.cpp:
215         (WebCore::RenderVideo::willBeDestroyed):
216         * testing/Internals.cpp:
217         (WebCore::Internals::elementShouldBufferData):
218         * testing/Internals.h:
219         * testing/Internals.idl:
220
221 2018-05-15  Charles Vazac  <cvazac@gmail.com>
222
223         Add the PerformanceServerTiming Interface which makes Server-Timing header timing values available to JavaScript running in the browser.
224         https://bugs.webkit.org/show_bug.cgi?id=175569
225
226         Reviewed by Youenn Fablet.
227
228         Tests were imported from web-platform-tests: WebKit/LayoutTests/imported/w3c/web-platform-tests/server-timing/*
229
230         * Sources.txt: Added references to HeaderFieldTokenizer.cpp, ServerTiming.cpp, and ServerTimingParser.cpp.
231         * WebCore.xcodeproj/project.pbxproj: Added various files.
232         * loader/HeaderFieldTokenizer.cpp: Added.
233         (WebCore::HeaderFieldTokenizer::HeaderFieldTokenizer): Added class for tokenizing header values.
234         (WebCore::HeaderFieldTokenizer::consume): Added method to consume a specified character.
235         (WebCore::HeaderFieldTokenizer::consumeQuotedString): Added method to consume a quote-string.
236         (WebCore::HeaderFieldTokenizer::consumeToken): Added a method to consume a token.
237         (WebCore::HeaderFieldTokenizer::consumeTokenOrQuotedString): Added method to consume a quote-string or quote-string, depending on net character.
238         (WebCore::HeaderFieldTokenizer::skipSpaces): Added method to skip whitespace.
239         (WebCore::HeaderFieldTokenizer::consumeBeforeAnyCharMatch): Added method to advance the cursor up until any of a list of characters.
240         * loader/HeaderFieldTokenizer.h: Added.
241         * loader/HTTPHeaderField.cpp: Expose isTokenCharacter and isWhitespace.
242         * loader/HTTPHeaderField.h: Expose isTokenCharacter and isWhitespace.
243         * loader/PolicyChecker.cpp: Added #include so source compiled on my machine.
244         * loader/ResourceTiming.cpp:
245         (WebCore::ResourceTiming::ResourceTiming): Added call to initServerTiming to parse the header.
246         (WebCore::ResourceTiming::initServerTiming): Added method to parse the header.
247         (WebCore::ResourceTiming::populateServerTiming): Added method to populate the server timing entries on a PerformanceResourceTiming object.
248         (WebCore::ResourceTiming::isolatedCopy const): Added code to copy over the server timing entries.
249         * loader/ResourceTiming.h:
250         (WebCore::ResourceTiming::ResourceTiming): Accept collection of server timing entries in c'tor.
251         * loader/ServerTiming.cpp: Added.
252         (WebCore::ServerTiming::setParameter): Set named parameters, ignoring unrecognized or duplicates.
253         (WebCore::ServerTiming::isolatedCopy const): Return a new pointer to the object.
254         * loader/ServerTiming.h: Added.
255         (WebCore::ServerTiming::ServerTiming): Added struct for the data needed by a server timing entry.
256         (WebCore::ServerTiming::name const): Added name field of a server timing entry.
257         (WebCore::ServerTiming::duration const): Added duration field of a server timing entry.
258         (WebCore::ServerTiming::description const): Added description field of a server timing entry.
259         * loader/ServerTimingParser.cpp: Added.
260         (WebCore::ServerTimingParser::parseServerTiming): Parses the header generating a collection of server timing structs.
261         * loader/ServerTimingParser.h: Added.
262         * loader/WorkerThreadableLoader.h: Fix build.
263         * page/Performance.cpp:
264         (WebCore::Performance::addResourceTiming): Fixed a typo.
265         * page/PerformanceResourceTiming.cpp:
266         (WebCore::PerformanceResourceTiming::PerformanceResourceTiming): Given a ResourceTiming object, populate our collection of PerformanceServerTiming objects.
267         * page/PerformanceResourceTiming.h: Added serverTiming member and getter.
268         * page/PerformanceResourceTiming.idl: Added serverTiming member to interface.
269         * platform/network/HTTPHeaderNames.in: Added "Server-Timing" to the header enum.
270         * platform/network/ResourceResponseBase.cpp: Added "Server-Timing" to isSafeCrossOriginResponseHeader whitelist.
271
272 2018-05-15  Brady Eidson  <beidson@apple.com>
273
274         Fix crash after a Worker terminates but there are still IDB transactions the server is trying to open for it.
275         <rdar://problem/33744241> and https://bugs.webkit.org/show_bug.cgi?id=185653
276
277         Reviewed by Andy Estes.
278
279         Test: storage/indexeddb/modern/worker-transaction-open-after-worker-stop.html
280
281         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
282         (WebCore::IDBClient::IDBConnectionProxy::didStartTransaction): It's okay to not be able to find a pending TX
283           that the server has started. e.g. When it was a WebWorker that asked for the TX but it has since terminated.
284
285 2018-05-15  Thomas Klausner  <tk@giga.or.at>
286
287         Add missing header to fix build.
288         https://bugs.webkit.org/show_bug.cgi?id=185378
289
290         Reviewed by Michael Catanzaro.
291
292         * platform/network/soup/SoupNetworkSession.h:
293
294 2018-05-15  Carlos Alberto Lopez Perez  <clopez@igalia.com>
295
296         [WPE] Build failure with RPi userland drivers and gstreamer-gl
297         https://bugs.webkit.org/show_bug.cgi?id=185639
298
299         Reviewed by Philippe Normand.
300
301         When building for the RPi with userland drivers (dispmanx) override the
302         value of GST_GL_HAVE_GLSYNC to 1 to avoid that the gstreamer-gl headers
303         try to redefine the GLsync type that is already defined in libepoxy.
304
305         Defining __gl2_h_ is also needed to avoid other conflicting type
306         definitions that happen between libepoxy and RPi GLES2 userland
307         headers when the gstreamer-gl headers are included.
308
309         The issue doesn't happen with 1.14.0, so a check for that is added
310         as well.
311
312         No new tests, no behavior change. It is a build fix.
313
314         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
315
316 2018-05-15  Michael Catanzaro  <mcatanzaro@igalia.com>
317
318         Unreviewed, rolling out r230749
319
320         This did not work as desired.
321
322         * platform/UserAgentQuirks.cpp:
323         (WebCore::urlRequiresMacintoshPlatform):
324
325 2018-05-15  Dirk Schulze  <krit@webkit.org>
326
327         Add new SVGDOM SVGFEBLEND constants
328         https://bugs.webkit.org/show_bug.cgi?id=185581
329
330         Reviewed by Simon Fraser.
331
332         Provide new SVG DOM constants for the new blend modes added to feBlend.
333
334         https://drafts.fxtf.org/filter-effects-1/#InterfaceSVGFEBlendElement
335
336         * platform/graphics/GraphicsTypes.cpp:
337         (WebCore::blendModeName):
338         * platform/graphics/GraphicsTypes.h:
339         * svg/SVGFEBlendElement.h:
340         (WebCore::SVGPropertyTraits<BlendMode>::highestEnumValue):
341         (WebCore::SVGPropertyTraits<BlendMode>::toString):
342         * svg/SVGFEBlendElement.idl:
343
344 2018-05-15  Antoine Quint  <graouts@apple.com>
345
346         [Web Animations] Expose Web Animations CSS integration as an experimental feature
347         https://bugs.webkit.org/show_bug.cgi?id=185647
348
349         Reviewed by Dean Jackson.
350
351         Make the Web Animations CSS integration flag an experimental feature, and only indicate that it is on if the Web Animations
352         experimental feature is also enabled.
353
354         * dom/Document.cpp:
355         (WebCore::Document::didBecomeCurrentDocumentInFrame):
356         (WebCore::Document::resume):
357         * dom/Element.cpp:
358         (WebCore::Element::removedFromAncestor):
359         * dom/PseudoElement.cpp:
360         (WebCore::PseudoElement::clearHostElement):
361         * history/CachedFrame.cpp:
362         (WebCore::CachedFrameBase::restore):
363         * page/Frame.cpp:
364         (WebCore::Frame::clearTimers):
365         * page/FrameView.cpp:
366         (WebCore::FrameView::didDestroyRenderTree):
367         * page/Page.cpp:
368         (WebCore::Page::handleLowModePowerChange):
369         (WebCore::Page::setIsVisibleInternal):
370         (WebCore::Page::hiddenPageCSSAnimationSuspensionStateChanged):
371         * page/RuntimeEnabledFeatures.h:
372         (WebCore::RuntimeEnabledFeatures::setWebAnimationsCSSIntegrationEnabled):
373         (WebCore::RuntimeEnabledFeatures::webAnimationsCSSIntegrationEnabled const):
374         (WebCore::RuntimeEnabledFeatures::setCSSAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
375         (WebCore::RuntimeEnabledFeatures::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled const): Deleted.
376         * rendering/RenderLayer.cpp:
377         (WebCore::RenderLayer::currentTransform const):
378         (WebCore::RenderLayer::calculateClipRects const):
379         * rendering/RenderLayerBacking.cpp:
380         (WebCore::RenderLayerBacking::updateGeometry):
381         * rendering/RenderLayerCompositor.cpp:
382         (WebCore::RenderLayerCompositor::requiresCompositingForAnimation const):
383         (WebCore::RenderLayerCompositor::isRunningTransformAnimation const):
384         * rendering/updating/RenderTreeUpdater.cpp:
385         (WebCore::RenderTreeUpdater::tearDownRenderers):
386         * style/StyleTreeResolver.cpp:
387         (WebCore::Style::TreeResolver::createAnimatedElementUpdate):
388         * testing/InternalSettings.cpp:
389         (WebCore::InternalSettings::webAnimationsCSSIntegrationEnabled):
390         (WebCore::InternalSettings::cssAnimationsAndCSSTransitionsBackedByWebAnimationsEnabled): Deleted.
391         * testing/InternalSettings.h:
392         * testing/InternalSettings.idl:
393         * testing/Internals.cpp:
394         (WebCore::Internals::numberOfActiveAnimations const):
395         (WebCore::Internals::animationsAreSuspended const):
396         (WebCore::Internals::animationsInterval const):
397         (WebCore::Internals::suspendAnimations const):
398         (WebCore::Internals::resumeAnimations const):
399
400 2018-05-15  David Kilzer  <ddkilzer@apple.com>
401
402         Fix -Wreturn-std-move warnings in WebKit found by new clang compiler
403         <https://webkit.org/b/185621>
404
405         Reviewed by Youenn Fablet.
406
407         Fix warnings like the following:
408
409             In file included from DerivedSources/WebCore/unified-sources/UnifiedSource139.cpp:5:
410             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: error: local variable 'sdp' will be copied despite being returned by name [-Werror,-Wreturn-std-move]
411                     return sdp;
412                            ^~~
413             ./Modules/mediastream/PeerConnectionBackend.cpp:412:16: note: call 'std::move' explicitly to avoid copying
414                     return sdp;
415                            ^~~
416                            std::move(sdp)
417             1 error generated.
418
419         * Modules/mediastream/PeerConnectionBackend.cpp:
420         (WebCore::PeerConnectionBackend::filterSDP const):
421         * accessibility/AccessibilityObject.cpp:
422         (WebCore::rangeClosestToRange):
423         * bindings/js/JSDOMConvertSequences.h:
424         (WebCore::Detail::GenericSequenceConverter::convert):
425         (WebCore::Detail::NumericSequenceConverter::convertArray):
426         * bindings/js/JSDOMConvertStrings.cpp:
427         (WebCore::stringToByteString):
428         (WebCore::stringToUSVString):
429         - Use WTFMove() in return statements to fix the warnings.
430
431 2018-05-14  Dean Jackson  <dino@apple.com>
432
433         Download and present System Preview
434         https://bugs.webkit.org/show_bug.cgi?id=185459
435         <rdar://problem/40079228>
436
437         Reviewed by Tim Horton.
438
439         If an <a> is a system preview, tell the resource request about it.
440
441         * html/HTMLAnchorElement.cpp:
442         (WebCore::HTMLAnchorElement::handleClick):
443
444 2018-05-15  Antti Koivisto  <antti@apple.com>
445
446         animation-play-state: paused causes very high cpu load because of style invalidation loop
447         https://bugs.webkit.org/show_bug.cgi?id=182436
448         <rdar://problem/37182562>
449
450         Reviewed by Dean Jackson.
451
452         Test: animations/animation-playstate-paused-style-resolution.html
453
454         If the style of an element with 'animation-play-state: paused' is recomputed so it stays
455         paused we would enter zero-duration animation timer loop.
456
457         * page/animation/AnimationBase.cpp:
458         (WebCore::AnimationBase::updateStateMachine):
459
460         Don't move to AnimationState::PausedWaitResponse unless we get AnimationStateInput::StyleAvailable
461         (matching the comments). Otherwise just stay in the existing paused state.
462
463         Remove AnimationStateInput::StartAnimation from assertion as the case can't happen.
464
465 2018-05-14  Youenn Fablet  <youenn@apple.com>
466
467         readableStreamDefaultControllerError should return early if stream is not readable
468         https://bugs.webkit.org/show_bug.cgi?id=185602
469
470         Reviewed by Chris Dumez.
471
472         Return early if stream is not readable in @readableStreamDefaultControllerError.
473         Update call sites to no longer check for ReadableStream state.
474         Covered by unflaked and rebased tests.
475
476         * Modules/streams/ReadableStreamDefaultController.js:
477         (error):
478         * Modules/streams/ReadableStreamInternals.js:
479         (readableStreamDefaultControllerError):
480         (readableStreamDefaultControllerCallPullIfNeeded):
481
482 2018-05-14  Zalan Bujtas  <zalan@apple.com>
483
484         [LFC] Implement width computation for non-replaced block level inflow elements.
485         https://bugs.webkit.org/show_bug.cgi?id=185641
486
487         Reviewed by Sam Weinig.
488
489         Block level inflow elements participate in block formatting context.
490
491         * layout/FormattingContext.cpp:
492         (WebCore::Layout::FormattingContext::computeWidth const):
493         * layout/FormattingContext.h:
494         * layout/blockformatting/BlockFormattingContext.cpp:
495         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
496         * layout/blockformatting/BlockFormattingContext.h:
497         * layout/inlineformatting/InlineFormattingContext.cpp:
498         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
499         * layout/inlineformatting/InlineFormattingContext.h:
500
501 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
502
503         Unreviewed, fix the iOS build after r231779
504
505         Also address a minor in-person review comment by returning "extrazoom" instead of the empty string.
506
507         * page/DisabledAdaptations.cpp:
508         (WebCore::extraZoomModeAdaptationName):
509
510 2018-05-14  Zalan Bujtas  <zalan@apple.com>
511
512         [LFC] FormattingContext:computeOutOfFlowNonReplacedHeight/Width should use the computed margins/paddings/borders
513         https://bugs.webkit.org/show_bug.cgi?id=185633
514
515         Reviewed by Sam Weinig.
516
517         By the time we start computing height and width, DisplayBox should already have the computed values for margin/padding/border.
518
519         * layout/FormattingContext.cpp:
520         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
521         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
522         * layout/displaytree/DisplayBox.h:
523         (WebCore::Display::Box::paddingTop const):
524         (WebCore::Display::Box::paddingLeft const):
525         (WebCore::Display::Box::paddingBottom const):
526         (WebCore::Display::Box::paddingRight const):
527         (WebCore::Display::Box::borderTop const):
528         (WebCore::Display::Box::borderLeft const):
529         (WebCore::Display::Box::borderBottom const):
530         (WebCore::Display::Box::borderRight const):
531
532 2018-05-14  Wenson Hsieh  <wenson_hsieh@apple.com>
533
534         [Extra zoom mode] Google search results are excessively zoomed in
535         https://bugs.webkit.org/show_bug.cgi?id=185347
536         <rdar://problem/39999778>
537
538         Reviewed by Tim Horton.
539
540         It turns out that basing minimum layout size and shrink-to-fit behaviors off of the `shrink-to-fit` viewport
541         argument poses compatibility risks with web pages that already specify `shrink-to-fit` to opt out of default
542         viewport shrinking behaviors in 1/3 multitasking mode on iPad.
543
544         One way to resolve this is to introduce a new viewport meta content attribute to disable viewport heuristics in
545         extra zoom mode. However, combined shrink-to-fit and minimum device width behaviors are difficult to describe
546         using a single backwards-compatible viewport meta content attribute, and the need to suppress the default
547         behavior of `shrink-to-fit=no` if such an attribute is not disabled further muddles our viewport story.
548
549         After some internal deliberation, we’ve decided to experiment with a new meta tag named "disabled-adaptations".
550         The content of this meta tag is a comma-separated list of adaptation names; if an adaptation name matches a
551         known adaptation type (for instance, extra zoom mode), we disable the class of behaviors used to adapt web
552         content. The first and only known adaptation type is extra zoom mode, which affects `shrink-to-fit` and layout
553         size adjustments.
554
555         See per-method changes below for more details.
556
557         Test: fast/viewport/extrazoom/viewport-disable-extra-zoom-adaptations.html
558
559         * Sources.txt:
560         * WebCore.xcodeproj/project.pbxproj:
561         * dom/Document.cpp:
562         (WebCore::Document::processDisabledAdaptations):
563         * dom/Document.h:
564         (WebCore::Document::disabledAdaptations const):
565
566         Add disabled adaptations to Document. Changes to disabled adaptations are not propagated if the parsed disabled
567         adaptation types don't change; upon changing adaptation types, notify the client to adjust for the new disabled
568         adaptations (currently, this only affects the viewport configuration).
569
570         * dom/ViewportArguments.h:
571         * html/HTMLMetaElement.cpp:
572         (WebCore::HTMLMetaElement::process):
573         * html/parser/HTMLPreloadScanner.cpp:
574         (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner):
575         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
576         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
577         * loader/FrameLoader.cpp:
578         (WebCore::FrameLoader::commitProvisionalLoad):
579
580         Restore the set of disabled adaptations when restoring a page from the cache.
581
582         * page/Chrome.cpp:
583         (WebCore::Chrome::dispatchDisabledAdaptationsDidChange const):
584         * page/Chrome.h:
585         * page/ChromeClient.h:
586
587         Add plumbing for changes to the set of disabled adaptations.
588
589         * page/DisabledAdaptations.cpp: Added.
590         (WebCore::extraZoomModeAdaptationName):
591         * page/DisabledAdaptations.h: Added.
592
593         Introduce a header containing a new enum for the extra zoom mode adaptation, as well as a helper function to
594         return the extra zoom mode adaptation name.
595
596         * page/Page.cpp:
597         (WebCore::Page::disabledAdaptations const):
598
599         Returns the mainframe's set of adaptations to disable.
600
601         * page/Page.h:
602         * page/RemoteFrame.h:
603         * page/RuntimeEnabledFeatures.h:
604         (WebCore::RuntimeEnabledFeatures::setDisabledAdaptationsMetaTagEnabled):
605         (WebCore::RuntimeEnabledFeatures::disabledAdaptationsMetaTagEnabled const):
606
607         Add a new runtime feature to gate handling the "disabled-adaptations" meta tag.
608
609         * page/ViewportConfiguration.cpp:
610         (WebCore::shouldOverrideShrinkToFitArgument):
611         (WebCore::needsUpdateAfterChangingDisabledAdaptations):
612         (WebCore::ViewportConfiguration::setDisabledAdaptations):
613         (WebCore::ViewportConfiguration::shouldOverrideDeviceWidthAndShrinkToFit const):
614
615         Consult whether or not extra zoom mode adaptations are disabled, instead of the shrink-to-fit attribute value.
616
617         (WebCore::ViewportConfiguration::updateConfiguration):
618         * page/ViewportConfiguration.h:
619
620         Add an OptionSet of disabled adaptation types to ViewportConfiguration. Updates to the adaptation type are
621         propagated to the ViewportConfiguration from Document, through the ChromeClient and the client layer (refer to
622         changes in WebKit). Once the OptionSet is changed, we recompute the viewport configuration only if needed by the
623         platform.
624
625         (WebCore::ViewportConfiguration::viewLayoutSize const):
626         (WebCore::ViewportConfiguration::disabledAdaptations const):
627         * page/WindowFeatures.cpp:
628         (WebCore::parseDisabledAdaptations):
629         * page/WindowFeatures.h:
630
631         Add a new helper to parse the meta content of a "disabled-adaptations" tag as an OptionSet of disabled
632         adaptation types. The string is parsed by first splitting on the comma character, and then iterating over lower
633         case, whitespace-stripped tokens to look for known adaptation names. So far, only extra zoom mode is supported.
634
635         * testing/Internals.cpp:
636         (WebCore::Internals::extraZoomModeAdaptationName const):
637         * testing/Internals.h:
638         * testing/Internals.idl:
639
640         Expose the extra zoom mode adaptation name to the DOM, only when running layout tests.
641
642 2018-05-14  Joanmarie Diggs  <jdiggs@igalia.com>
643
644         AX: Listbox and Combobox roles embedded in labels should participate in name calculation
645         https://bugs.webkit.org/show_bug.cgi?id=185521
646
647         Reviewed by Chris Fleizach.
648
649         Take selected children into account when computing the name in accessibleNameForNode.
650         Add ListBox to the roles for which accessibleNameDerivesFromContent returns false so
651         that native select elements with size > 1 are treated the same way as ARIA listbox.
652         Also add ListBox to the roles which are treated as controls when used in ARIA. Finally,
653         prevent labels which contain unrelated controls from being used as an AXTitleUIElement.
654         This causes us to build a string from the label and its descendants, ensuring the latter
655         participate in the name calculation.
656
657         Test: accessibility/text-alternative-calculation-from-listbox.html
658
659         * accessibility/AccessibilityLabel.cpp:
660         (WebCore::childrenContainUnrelatedControls):
661         (WebCore::AccessibilityLabel::containsUnrelatedControls const):
662         * accessibility/AccessibilityLabel.h:
663         * accessibility/AccessibilityNodeObject.cpp:
664         (WebCore::accessibleNameForNode):
665         * accessibility/AccessibilityObject.cpp:
666         (WebCore::AccessibilityObject::accessibleNameDerivesFromContent const):
667         (WebCore::AccessibilityObject::isARIAControl):
668         * accessibility/AccessibilityRenderObject.cpp:
669         (WebCore::AccessibilityRenderObject::exposesTitleUIElement const):
670         (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const):
671
672 2018-05-14  Antoine Quint  <graouts@apple.com>
673
674         [Web Animations] Tests using the new animation engine may crash under WebCore::FrameView::didDestroyRenderTree when using internals methods
675         https://bugs.webkit.org/show_bug.cgi?id=185612
676         <rdar://problem/39579344>
677
678         Reviewed by Dean Jackson.
679
680         Add a new internals.pseudoElement() method to obtain a pseudo element matching a given pseudo-id. This is necessary to be able to move off
681         internals.pauseTransitionAtTimeOnPseudoElement() and internals.pauseAnimationAtTimeOnPseudoElement() for Web Animations testing.
682
683         * testing/Internals.cpp:
684         (WebCore::Internals::pseudoElement):
685         * testing/Internals.h:
686         * testing/Internals.idl:
687
688 2018-05-14  Antoine Quint  <graouts@apple.com>
689
690         REGRESSION (r230574): Interrupted hardware transitions don't behave correctly
691         https://bugs.webkit.org/show_bug.cgi?id=185299
692         <rdar://problem/39630230>
693
694         Reviewed by Simon Fraser.
695
696         In r230574, the fix for webkit.org/b/184518, we changed the processing order in GraphicsLayerCA::updateAnimations() to first
697         process m_uncomittedAnimations and then m_animationsToProcess, so we are guaranteed animations exist before we attempt to pause
698         or seek them. This broke interrupting and resuming hardware animations (such as an interrupted CSS Transition or an animation
699         running in a non-visible tab) since a pause operation recorded _before_ an animation was added would be paused anyway since
700         the animation was now first added, and then paused. The fix is simply to clear any pending AnimationProcessingAction for a
701         newly-uncommitted animation.
702
703         Test: transitions/interrupted-transition-hardware.html
704
705         * platform/graphics/ca/GraphicsLayerCA.cpp:
706         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
707         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
708         (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
709         * platform/graphics/ca/GraphicsLayerCA.h:
710         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
711
712 2018-05-14  Thibault Saunier  <tsaunier@igalia.com>
713
714         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamerBase
715         https://bugs.webkit.org/show_bug.cgi?id=185510
716
717         Reviewed by Philippe Normand.
718
719         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:629:  More than one command on the same line  [whitespace/newline] [4]
720         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:684:  More than one command on the same line  [whitespace/newline] [4]
721         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:807:  More than one command on the same line  [whitespace/newline] [4]
722
723         Indentation and style issue fixed only.
724
725         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
726         (WebCore::MediaPlayerPrivateGStreamerBase::volumeChangedCallback):
727         (WebCore::MediaPlayerPrivateGStreamerBase::muteChangedCallback):
728         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
729
730 2018-05-14  Zalan Bujtas  <zalan@apple.com>
731
732         [LFC] Implement height computation for non-replaced out of flow elements.
733         https://bugs.webkit.org/show_bug.cgi?id=185585
734
735         Reviewed by Antti Koivisto.
736
737         * layout/FormattingContext.cpp:
738         (WebCore::Layout::FormattingContext::computeHeight const):
739         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
740         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
741         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedHeight const):
742         (WebCore::Layout::FormattingContext::computeHeightForBlockFormattingContextRootWithAutoHeight const):
743         * layout/FormattingContext.h:
744         * layout/blockformatting/BlockFormattingContext.h:
745         * layout/displaytree/DisplayBox.h:
746
747 2018-05-14  Manuel Rego Casasnovas  <rego@igalia.com>
748
749         Renaming of overrides in LayoutBox
750         https://bugs.webkit.org/show_bug.cgi?id=185609
751
752         Reviewed by Javier Fernandez.
753
754         The names of the methods for the overrides were not consistent,
755         this patch fixes it by using the same structure in all the cases.
756
757         No new tests, no change of behavior.
758
759         * rendering/GridLayoutFunctions.cpp:
760         (WebCore::GridLayoutFunctions::hasOverrideContainingBlockContentSizeForChild):
761         * rendering/GridTrackSizingAlgorithm.cpp:
762         (WebCore::GridTrackSizingAlgorithmStrategy::logicalHeightForChild const):
763         * rendering/RenderBlock.cpp:
764         (WebCore::RenderBlock::computeChildPreferredLogicalWidths const):
765         (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):
766         * rendering/RenderBlockFlow.cpp:
767         (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
768         * rendering/RenderBlockLineLayout.cpp:
769         (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
770         * rendering/RenderBox.cpp:
771         (WebCore::RenderBox::willBeDestroyed):
772         (WebCore::RenderBox::hasOverrideContentLogicalHeight const):
773         (WebCore::RenderBox::hasOverrideContentLogicalWidth const):
774         (WebCore::RenderBox::setOverrideContentLogicalHeight):
775         (WebCore::RenderBox::setOverrideContentLogicalWidth):
776         (WebCore::RenderBox::clearOverrideContentLogicalHeight):
777         (WebCore::RenderBox::clearOverrideContentLogicalWidth):
778         (WebCore::RenderBox::clearOverrideContentSize):
779         (WebCore::RenderBox::overrideContentLogicalWidth const):
780         (WebCore::RenderBox::overrideContentLogicalHeight const):
781         (WebCore::RenderBox::overrideContainingBlockContentLogicalWidth const):
782         (WebCore::RenderBox::overrideContainingBlockContentLogicalHeight const):
783         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalWidth const):
784         (WebCore::RenderBox::hasOverrideContainingBlockContentLogicalHeight const):
785         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalWidth):
786         (WebCore::RenderBox::setOverrideContainingBlockContentLogicalHeight):
787         (WebCore::RenderBox::clearOverrideContainingBlockContentSize):
788         (WebCore::RenderBox::clearOverrideContainingBlockContentLogicalHeight):
789         (WebCore::RenderBox::containingBlockLogicalWidthForContent const):
790         (WebCore::RenderBox::containingBlockLogicalHeightForContent const):
791         (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight const):
792         (WebCore::RenderBox::computeLogicalWidthInFragment const):
793         (WebCore::RenderBox::computeLogicalHeight const):
794         (WebCore::RenderBox::computePercentageLogicalHeight const):
795         (WebCore::RenderBox::computeReplacedLogicalHeightUsing const):
796         (WebCore::RenderBox::availableLogicalHeightUsing const):
797         (WebCore::RenderBox::containingBlockLogicalWidthForPositioned const):
798         (WebCore::RenderBox::containingBlockLogicalHeightForPositioned const):
799         * rendering/RenderBox.h:
800         * rendering/RenderBoxModelObject.cpp:
801         (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight const):
802         * rendering/RenderDeprecatedFlexibleBox.cpp:
803         (WebCore::contentWidthForChild):
804         (WebCore::contentHeightForChild):
805         (WebCore::gatherFlexChildrenInfo):
806         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
807         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
808         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
809         (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
810         * rendering/RenderFlexibleBox.cpp:
811         (WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild):
812         (WebCore::RenderFlexibleBox::crossSizeForPercentageResolution):
813         (WebCore::RenderFlexibleBox::mainSizeForPercentageResolution):
814         (WebCore::RenderFlexibleBox::constructFlexItem):
815         (WebCore::RenderFlexibleBox::setOverrideMainAxisContentSizeForChild):
816         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
817         * rendering/RenderFullScreen.cpp:
818         (WebCore::RenderFullScreen::unwrapRenderer):
819         * rendering/RenderGrid.cpp:
820         (WebCore::RenderGrid::layoutBlock):
821         (WebCore::RenderGrid::layoutGridItems):
822         (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
823         * rendering/RenderRubyBase.cpp:
824         (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds const):
825         * rendering/RenderTableCell.cpp:
826         (WebCore::RenderTableCell::setOverrideContentLogicalHeightFromRowHeight):
827         * rendering/RenderTableCell.h:
828         * rendering/RenderTableSection.cpp:
829         (WebCore::RenderTableSection::calcRowLogicalHeight):
830         (WebCore::RenderTableSection::relayoutCellIfFlexed):
831
832 2018-05-14  Zalan Bujtas  <zalan@apple.com>
833
834         [LFC] Implement width computation for non-replaced out of flow elements.
835         https://bugs.webkit.org/show_bug.cgi?id=185598
836
837         Reviewed by Antti Koivisto.
838
839         * layout/FormattingContext.cpp:
840         (WebCore::Layout::FormattingContext::computeWidth const):
841         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
842         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
843         (WebCore::Layout::FormattingContext::computeOutOfFlowNonReplacedWidth const):
844         (WebCore::Layout::FormattingContext::shrinkToFitWidth const):
845         * layout/FormattingContext.h:
846         * layout/blockformatting/BlockFormattingContext.cpp:
847         (WebCore::Layout::BlockFormattingContext::layout const):
848         * layout/displaytree/DisplayBox.h:
849
850 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
851
852         Drop the m_compositorTexture member variable in TextureMapperGC3DPlatformLayer.
853         It's not used at all inside the class or outside it.
854
855         Rubber-stamped by Michael Catanzaro.
856
857         * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
858
859 2018-05-14  Zan Dobersek  <zdobersek@igalia.com>
860
861         [GTK] REGRESSION(r231170) Build broken with Clang 5.0
862         https://bugs.webkit.org/show_bug.cgi?id=185198
863
864         Reviewed by Michael Catanzaro.
865
866         Avoid gperf files using the register keyword which has been made
867         reserved and as such unusable in C++17.
868
869         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
870         * css/makeSelectorPseudoElementsMap.py:
871         * css/makeprop.pl:
872         * css/makevalues.pl:
873         * platform/ColorData.gperf:
874         * platform/ReferrerPolicy.h: With std::optional forward declaration
875         gone, explicitly include the WTF Optional.h header.
876         * platform/Theme.h: Ditto.
877         * platform/network/create-http-header-name-table:
878
879 2018-05-14  Commit Queue  <commit-queue@webkit.org>
880
881         Unreviewed, rolling out r219515.
882         https://bugs.webkit.org/show_bug.cgi?id=185603
883
884         It sometimes makes AudioUnitInitialize call to fail in
885         CoreAudioCaptureSource (Requested by youenn on #webkit).
886
887         Reverted changeset:
888
889         "Remove CoreAudioCaptureSource speaker configuration"
890         https://bugs.webkit.org/show_bug.cgi?id=174512
891         https://trac.webkit.org/changeset/219515
892
893 2018-05-13  Dirk Schulze  <krit@webkit.org>
894
895         Implement SVGGeometryElement's isPointInFill and isPointInStroke
896         https://bugs.webkit.org/show_bug.cgi?id=185580
897
898         Reviewed by Antti Koivisto.
899
900         Implement isPointInFill and isPointInStroke methods for
901         SVGGeometryElement interface from SVG2.
902
903         https://svgwg.org/svg2-draft/types.html#InterfaceSVGGeometryElement
904
905         Tests: svg/dom/SVGGeometry-isPointInFill.xhtml
906                svg/dom/SVGGeometry-isPointInStroke.xhtml
907
908         * rendering/svg/RenderSVGEllipse.cpp:
909         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains): Flag
910                 to switch between local and "global" coordinate space for hit testing.
911         * rendering/svg/RenderSVGEllipse.h:
912         * rendering/svg/RenderSVGPath.cpp:
913         (WebCore::RenderSVGPath::shapeDependentStrokeContains): Flag
914                 to switch between local and "global" coordinate space for hit testing.
915         * rendering/svg/RenderSVGPath.h:
916         * rendering/svg/RenderSVGRect.cpp:
917         (WebCore::RenderSVGRect::shapeDependentStrokeContains): Flag
918                 to switch between local and "global" coordinate space for hit testing.
919         * rendering/svg/RenderSVGRect.h:
920         * rendering/svg/RenderSVGShape.cpp:
921         (WebCore::RenderSVGShape::shapeDependentStrokeContains): Flag
922                 to switch between local and "global" coordinate space for hit testing.
923         (WebCore::RenderSVGShape::isPointInFill): Take the winding rule given by
924                 `fill-rule` to test if a given point is in the fill area of a path.
925         (WebCore::RenderSVGShape::isPointInStroke): Take stroke properties into
926                 account to check if a point is on top of the stroke area.
927         * rendering/svg/RenderSVGShape.h:
928         * svg/SVGGeometryElement.cpp:
929         (WebCore::SVGGeometryElement::isPointInFill):
930         (WebCore::SVGGeometryElement::isPointInStroke):
931         (WebCore::SVGGeometryElement::createElementRenderer): Deleted. This is getting implemented
932                 by inheriting classes. No need to create RenderSVGPath here.
933         * svg/SVGGeometryElement.h:
934         * svg/SVGGeometryElement.idl:
935
936 2018-05-12  Zalan Bujtas  <zalan@apple.com>
937
938         Use WeakPtr for m_enclosingPaginationLayer in RenderLayer
939         https://bugs.webkit.org/show_bug.cgi?id=185566
940         <rdar://problem/36486052>
941
942         Reviewed by Simon Fraser.
943
944         Since RenderLayer does not own the enclosing pagination layout, it should
945         construct a weak pointer instead of holding on to a raw pointer.
946
947         Unable to create a reliably reproducible test case.
948
949         * page/mac/EventHandlerMac.mm:
950         (WebCore::scrollableAreaForEventTarget):
951         (WebCore::scrollableAreaForContainerNode):
952         (WebCore::EventHandler::platformPrepareForWheelEvents):
953         * platform/ScrollableArea.h:
954         (WebCore::ScrollableArea::weakPtrFactory const):
955         (WebCore::ScrollableArea::createWeakPtr): Deleted.
956         * rendering/RenderLayer.cpp:
957         (WebCore::RenderLayer::RenderLayer):
958         (WebCore::RenderLayer::updatePagination):
959         * rendering/RenderLayer.h:
960
961 2018-05-11  Daniel Bates  <dabates@apple.com>
962
963         X-Frame-Options: SAMEORIGIN needs to check all ancestor frames
964         https://bugs.webkit.org/show_bug.cgi?id=185567
965         <rdar://problem/40175008>
966
967         Reviewed by Brent Fulgham.
968
969         Change the behavior of "X-Frame-Options: SAMEORIGIN" to ensure that all ancestors frames
970         are same-origin with the document that delivered this header. This prevents an intermediary
971         malicious frame from clickjacking a child frame whose document is same-origin with the top-
972         level frame. It also makes the behavior of X-Frame-Options in WebKit more closely match
973         the behavior of X-Frame-Options in other browsers, including Chrome and Firefox.
974         
975         Currently a document delivered with "X-Frame-Options: SAMEORIGIN" must only be same-origin
976         with the top-level frame's document in order to be displayed. This prevents clickjacking by
977         a malicious page that embeds a page delivered with "X-Frame-Options: SAMEORIGIN". However,
978         it does not protect against clickjacking of the "X-Frame-Options: SAMEORIGIN" page (victim)
979         if embedded by an intermediate malicious iframe, say a "rogue ad", that was embedded in a
980         document same origin with the victim page. We should protect against such attacks. 
981
982         Tests: http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html
983                http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-deny.html
984
985         * loader/FrameLoader.cpp:
986         (WebCore::FrameLoader::shouldInterruptLoadForXFrameOptions):
987
988 2018-05-11  Daniel Bates  <dabates@apple.com>
989
990         [iOS] Text decoration of dragged content does not paint with opacity
991         https://bugs.webkit.org/show_bug.cgi?id=185551
992         <rdar://problem/40166867>
993
994         Reviewed by Wenson Hsieh.
995
996         Respect alpha when painting the text decoration for dragged content.
997
998         * rendering/InlineTextBox.cpp:
999         (WebCore::InlineTextBox::MarkedTextStyle::areDecorationMarkedTextStylesEqual): Consider alpha when
1000         comparing decoration styles for equality so that we do not coalesce styles with differing alpha.
1001         (WebCore::InlineTextBox::paintMarkedTextDecoration): Respect alpha when painting dragged content.
1002
1003 2018-05-11  Nan Wang  <n_wang@apple.com>
1004
1005         AX: In role=dialog elements with aria-modal=true VoiceOver iOS/macOS can't manually focus or read dialog paragraph description text inside the modal.
1006         https://bugs.webkit.org/show_bug.cgi?id=185219
1007         <rdar://problem/39920009>
1008
1009         Reviewed by Chris Fleizach.
1010
1011         The text node descendants of a modal dialog are ignored. Fixed it by using AccessibilityObject's 
1012         node() to determine if it's the descendant of the modal dialog node.
1013
1014         Test: accessibility/aria-modal-text-descendants.html
1015
1016         * accessibility/AccessibilityObject.cpp:
1017         (WebCore::AccessibilityObject::isModalDescendant const):
1018
1019 2018-05-11  Ryosuke Niwa  <rniwa@webkit.org>
1020
1021         Tapping after CSS-based table casues an infinite loop in wordRangeFromPosition
1022         https://bugs.webkit.org/show_bug.cgi?id=185465
1023         <rdar://problem/35263057>
1024
1025         Reviewed by Antti Koivisto.
1026
1027         The bug was caused by TextIterator not emitting a line break when exiting a CSS-based table when an element
1028         with `display: table-row` has an invisible text node. Specifically, TextIterator::exitNode is never called on
1029         an element with `table-cell: row` when m_node is a text node with whitespaces which appears after an element
1030         with `display: table-cell`.
1031
1032         For example, for a tree structure like:
1033         table-row (R)
1034           table-cell (C)
1035             "text" (1)
1036           " " (2)
1037         Getting out of (C) would result in moving onto (2) without generating a line break for (R).
1038
1039         When this happens in nextBoundary as it tries to find the end of the last word in the table cell, we end up
1040         finding the end of the document as the end of the word. As a result, nextWordBoundaryInDirection, the caller
1041         of nextBoundary, ends up infinite looping between the positon at the end of the document and the position
1042         immediately before the last word in the last table cell when it traverses words backwards.
1043
1044         This patch fixes the hang by addressing this root cause in TextIterator. Namely, TextIterator now generates
1045         a line break when exiting a block while walking up ancestors in TextIterator::advance().
1046
1047         Tests: editing/selection/tapping-in-table-at-end-of-document.html
1048                editing/text-iterator/table-at-end-of-document.html
1049
1050         * editing/TextIterator.cpp:
1051         (WebCore::TextIterator::advance): Fixed the bug.
1052         (WebCore::shouldEmitNewlineAfterNode): Do generate a new line at the end of a document when we're trying to
1053         generate every visible poitions even there are no renderers beyond this point. e.g. a position inside the
1054         last cell of a table at the end of a document hits this condition.
1055         (WebCore::shouldEmitExtraNewlineForNode): Don't emit a line break when the render box's height is 0px
1056         to avoid generating many empty lines for empty paragraph and header elements (this function is used to generate
1057         a blank line between p's and h1/h2/...'s).
1058         (WebCore::TextIterator::exitNode):
1059
1060 2018-05-11  Dean Jackson  <dino@apple.com>
1061
1062         System preview badge doesn't show on <picture> elements
1063         https://bugs.webkit.org/show_bug.cgi?id=185559
1064         <rdar://problem/40150066>
1065
1066         Reviewed by Tim Horton.
1067
1068         We should also identify <img>s that are the child of a <picture>
1069         contained inside the appropriate <a> element.
1070
1071         Tested internally, since the badge is platform specific.
1072
1073         * html/HTMLImageElement.cpp:
1074         (WebCore::HTMLImageElement::isSystemPreviewImage const): Add logic
1075         to look for <picture> parents.
1076
1077 2018-05-11  Chris Dumez  <cdumez@apple.com>
1078
1079         REGRESSION (async policy delegate): Revoking an object URL immediately after triggering download breaks file download
1080         https://bugs.webkit.org/show_bug.cgi?id=185531
1081         <rdar://problem/39909589>
1082
1083         Reviewed by Geoffrey Garen.
1084
1085         Whenever we start an asynchronous navigation policy decision for a blob URL, create a temporary
1086         blob URL pointing to the same data, and update the request's URL. This way, if the page's JS revokes
1087         the URL during the policy decision, the load will still succeed.
1088
1089         Test: fast/dom/HTMLAnchorElement/anchor-file-blob-download-then-revoke.html
1090
1091         * loader/DocumentLoader.cpp:
1092         (WebCore::DocumentLoader::willSendRequest):
1093         * loader/FrameLoader.cpp:
1094         (WebCore::FrameLoader::loadURL):
1095         (WebCore::FrameLoader::load):
1096         (WebCore::FrameLoader::loadPostRequest):
1097         * loader/PolicyChecker.cpp:
1098         (WebCore::PolicyChecker::extendBlobURLLifetimeIfNecessary const):
1099         (WebCore::PolicyChecker::checkNavigationPolicy):
1100         (WebCore::PolicyChecker::checkNewWindowPolicy):
1101         * loader/PolicyChecker.h:
1102
1103 2018-05-11  Antti Koivisto  <antti@apple.com>
1104
1105         LinkLoader fails to remove CachedResourceClient in some cases
1106         https://bugs.webkit.org/show_bug.cgi?id=185553
1107         <rdar://problem/36879656>
1108
1109         Reviewed by Geoffrey Garen.
1110
1111         Test: http/tests/preload/link-preload-client-remove.html
1112
1113         * loader/LinkLoader.cpp:
1114         (WebCore::LinkLoader::loadLink):
1115
1116         If there is a link preload already in progress, we fail to clear the client for the ongoing load.
1117         This may leave the CachedResource client map in a bad state.
1118
1119 2018-05-11  Charles Vazac  <cvazac@gmail.com>
1120
1121         Runtime feature flag for Server-Timing
1122         https://bugs.webkit.org/show_bug.cgi?id=184758
1123
1124         Reviewed by Youenn Fablet.
1125
1126         * Source/WebCore/CMakeLists.txt: Added reference to PerformanceServerTiming.idl.
1127         * Source/WebCore/DerivedSources.make: Added reference to PerformanceServerTiming.idl.
1128         * Source/WebCore/Sources.txt: Added reference to PerformanceServerTiming.cpp and JSPerformanceServerTiming.cpp.
1129         * Source/WebCore/WebCore.xcodeproj/project.pbxproj: Added references to PerformanceServerTiming.cpp, PerformanceServerTiming.h, and PerformanceServerTiming.idl.
1130         * Source/WebCore/bindings/js/WebCoreBuiltinNames.h: Added PerformanceServerTiming.
1131         * Source/WebCore/page/PerformanceResourceTiming.h: Added serverTiming member.
1132         * Source/WebCore/page/PerformanceResourceTiming.idl: Added serverTiming attribute.
1133         * Source/WebCore/page/PerformanceServerTiming.cpp: Added.
1134         * Source/WebCore/page/PerformanceServerTiming.h: Added.
1135         * Source/WebCore/page/PerformanceServerTiming.idl: Added.
1136
1137 2018-05-11  Brady Eidson  <beidson@apple.com>
1138
1139         Make sure history navigations reuse the existing process when necessary.
1140         <rdar://problem/39746516> and https://bugs.webkit.org/show_bug.cgi?id=185532
1141
1142         Reviewed by Ryosuke Niwa.
1143
1144         Covered by new API tests.
1145
1146         In WebCore-land, make sure *all* NavigationActions to a back/forward item are tagged with
1147         the item identifier.
1148
1149         * history/HistoryItem.cpp:
1150         (WebCore::HistoryItem::HistoryItem):
1151         (WebCore::HistoryItem::logString const):
1152         * history/HistoryItem.h:
1153
1154         * loader/FrameLoader.cpp:
1155         (WebCore::FrameLoader::loadDifferentDocumentItem):
1156
1157         * loader/NavigationAction.cpp:
1158         (WebCore::NavigationAction::setTargetBackForwardItem):
1159
1160         * loader/NavigationAction.h:
1161         (WebCore::NavigationAction::targetBackForwardItemIdentifier const):
1162
1163 2018-05-11  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1164
1165         [EME][GStreamer] Handle the protection event in MediaPlayerPrivate
1166         https://bugs.webkit.org/show_bug.cgi?id=185535
1167
1168         Reviewed by Xabier Rodriguez-Calvar.
1169
1170         This patch is based on this calvaris's commit
1171         https://github.com/WebPlatformForEmbedded/WPEWebKit/commit/d966168b0d2b65f9ca9415426e26d3752c78b03e
1172
1173         It adds a handler for the protection event in MediaPalyerPrivateGStreamerBase, it extracts the InitData from the event
1174         and sends the encrypted event to JS via HTMLMediaElement.
1175         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1176         (WebCore::MediaPlayerPrivateGStreamerBase::initializationDataEncountered):
1177         (WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
1178         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
1179         * platform/graphics/gstreamer/eme/GStreamerEMEUtilities.h: Add a new type InitData.
1180
1181 2018-05-11  Basuke Suzuki  <Basuke.Suzuki@sony.com>
1182
1183         [Curl] Make the cipher suites, the signing algorithms and the curve lists configurable.
1184         https://bugs.webkit.org/show_bug.cgi?id=185139
1185
1186         Add interface to configure the cipher suites, the signing algorithms and the curve lists 
1187         used by OpenSSL and libcurl to exchange, to sign or to verify keys.
1188
1189         Reviewed by Youenn Fablet.
1190
1191         No new tests in public. Have tested internally.
1192
1193         * platform/network/curl/CurlContext.cpp:
1194         (WebCore::CurlHandle::setSslCipherList):
1195         * platform/network/curl/CurlContext.h:
1196         * platform/network/curl/CurlRequest.cpp:
1197         (WebCore::CurlRequest::setupTransfer):
1198         (WebCore::CurlRequest::willSetupSslCtx):
1199         * platform/network/curl/CurlSSLHandle.cpp:
1200         (WebCore::CurlSSLHandle::getCACertPathEnv):
1201         * platform/network/curl/CurlSSLHandle.h:
1202         (WebCore::CurlSSLHandle::getCipherList const):
1203         (WebCore::CurlSSLHandle::getSignatureAlgorithmsList const):
1204         (WebCore::CurlSSLHandle::getCurvesList const):
1205         (WebCore::CurlSSLHandle::setCipherList):
1206         (WebCore::CurlSSLHandle::setSignatureAlgorithmsList):
1207         (WebCore::CurlSSLHandle::setCurvesList):
1208         (WebCore::CurlSSLHandle::getCACertPath const):
1209         (WebCore::CurlSSLHandle::setCACertPath):
1210         * platform/network/curl/CurlSSLVerifier.cpp:
1211         (WebCore::CurlSSLVerifier::CurlSSLVerifier):
1212
1213 2018-05-10  Daniel Bates  <dabates@apple.com>
1214
1215         Use PlatformStrategies to switch between WebKit and WebKitLegacy checking of CSP frame-ancestors and X-Frame-Options
1216         https://bugs.webkit.org/show_bug.cgi?id=185412
1217
1218         Reviewed by Ryosuke Niwa.
1219
1220         Consolidate the knowledge on how to determine whether security checks were performed on a ResourceResponse
1221         into LoaderStrategy::havePerformedSecurityChecks() (default implementation returns false) and query it
1222         to determine whether CSP frame-ancestors and X-Frame-Options need to be checked for a ResourceResponse.
1223
1224         Additionally, rename LoaderStrategy::isDoingLoadingSecurityChecks() to shouldPerformSecurityChecks()
1225         for consistency with havePerformedSecurityChecks(). Querying shouldPerformSecurityChecks() answers the
1226         question of whether the loader strategy is responsible for performing security checks when building up
1227         a ResourceRequest to have the loader strategy load. And LoaderStrategy::havePerformedSecurityChecks()
1228         is used to determine whether the loader strategy performed these security checks for a given ResourceResponse.
1229
1230         * inspector/agents/InspectorNetworkAgent.cpp:
1231         (WebCore::InspectorNetworkAgent::didReceiveResponse):
1232         (WebCore::InspectorNetworkAgent::didFinishLoading):
1233         (WebCore::isResponseProbablyComingFromNetworkProcess): Deleted.
1234         * loader/DocumentLoader.cpp:
1235         (WebCore::DocumentLoader::responseReceived):
1236         * loader/DocumentThreadableLoader.cpp:
1237         (WebCore::shouldPerformSecurityChecks):
1238         (WebCore::DocumentThreadableLoader::shouldSetHTTPHeadersToKeep const):
1239         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
1240         (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
1241         (WebCore::DocumentThreadableLoader::redirectReceived):
1242         (WebCore::DocumentThreadableLoader::didFail):
1243         (WebCore::DocumentThreadableLoader::loadRequest):
1244         (WebCore::isDoingSecurityChecksInNetworkProcess): Deleted.
1245         (WebCore::isResponseComingFromNetworkProcess): Deleted.
1246         * loader/LoaderStrategy.cpp:
1247         * loader/LoaderStrategy.h:
1248         * page/Settings.yaml: Remove setting networkProcessCSPFrameAncestorsCheckingEnabled as we now make
1249         use of the loader strategy to determine whether to perform CSP frame-ancestors and X-Frame-Options
1250         checking in DocumentLoader.
1251         * platform/network/ResourceResponseBase.h:
1252         (WebCore::ResourceResponseBase::setSource): Added an ASSERT to catch the programming error of setting
1253         source to ResourceResponse::Source::Unknown. This source type represents an uninitialized ResourceResponse.
1254
1255 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1256
1257         Lookup sometimes shows a second yellow highlight on top of WebKit's TextIndicator
1258         https://bugs.webkit.org/show_bug.cgi?id=185538
1259         <rdar://problem/38817825>
1260
1261         Reviewed by Sam Weinig.
1262
1263         * editing/mac/DictionaryLookup.mm:
1264         (WebCore::showPopupOrCreateAnimationController):
1265         Options can be nil, in which case we can't mutableCopy it and add
1266         LUTermOptionDisableSearchTermIndicator. Instead, create a new dictionary,
1267         and add the items from options, if it's not nil.
1268
1269 2018-05-10  Matt Baker  <mattbaker@apple.com>
1270
1271         Web Inspector: ASSERT_NOT_REACHED in PageDebuggerAgent::didAddEventListener when page adds attribute event listener
1272         https://bugs.webkit.org/show_bug.cgi?id=181580
1273         <rdar://problem/36461309>
1274
1275         Reviewed by Brian Burg.
1276
1277         EventTarget should pass newly added EventListeners to InspectorInstrumentation,
1278         instead of PageDebuggerAgent assuming the last item in the EventListenerVector
1279         is the most recently added listener. This assumption does not hold when
1280         the new listener replaces an existing listener.
1281
1282         * dom/EventTarget.cpp:
1283         (WebCore::EventTarget::addEventListener):
1284         (WebCore::EventTarget::setAttributeEventListener):
1285
1286         * inspector/InspectorInstrumentation.cpp:
1287         (WebCore::InspectorInstrumentation::didAddEventListenerImpl):
1288
1289         * inspector/InspectorInstrumentation.h:
1290         (WebCore::InspectorInstrumentation::didAddEventListener):
1291
1292         * inspector/agents/page/PageDebuggerAgent.cpp:
1293         (WebCore::PageDebuggerAgent::didAddEventListener):
1294         * inspector/agents/page/PageDebuggerAgent.h:
1295
1296 2018-05-10  Chris Dumez  <cdumez@apple.com>
1297
1298         'Cross-Origin-Options header implementation follow-up
1299         https://bugs.webkit.org/show_bug.cgi?id=185520
1300
1301         Reviewed by Ryosuke Niwa.
1302
1303         * dom/Document.cpp:
1304         * dom/Document.h:
1305         * loader/FrameLoader.cpp:
1306         (WebCore::FrameLoader::didBeginDocument):
1307         Using isNull() check is sufficient here as the header parsing
1308         function will do the right thing when passed the empty string.
1309         Also set the options directly on the window instead of the
1310         document. The window is guaranteed to have been constructed
1311         by then because didBeginDocument() is called DocumentWriter::begin()
1312         which calls Document::createDOMWindow() or Document::takeDOMWindowFrom().
1313
1314         * page/AbstractDOMWindow.cpp:
1315         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1316         * page/AbstractDOMWindow.h:
1317         * page/DOMWindow.cpp:
1318         (WebCore::DOMWindow::DOMWindow):
1319         (WebCore::DOMWindow::didSecureTransitionTo):
1320         * page/RemoteDOMWindow.cpp:
1321         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1322         * page/RemoteDOMWindow.h:
1323         CrossOriginOptions are now stored only on the Window, not the Document.
1324
1325         * platform/network/HTTPParsers.cpp:
1326         (WebCore::parseCrossOriginOptionsHeader):
1327         Drop strippedHeader local variable as it is not strictly needed.
1328
1329 2018-05-10  Tim Horton  <timothy_horton@apple.com>
1330
1331         Fix the build after r231393
1332         https://bugs.webkit.org/show_bug.cgi?id=185519
1333         <rdar://problem/40131741>
1334
1335         Reviewed by Simon Fraser.
1336
1337         * Configurations/WebCore.xcconfig:
1338
1339 2018-05-10  Eric Carlson  <eric.carlson@apple.com>
1340
1341         Log missing cues correctly
1342         https://bugs.webkit.org/show_bug.cgi?id=185499
1343         <rdar://problem/40113821>
1344
1345         Reviewed by Daniel Bates.
1346
1347         No new tests, tested manually.
1348
1349         * html/track/InbandGenericTextTrack.cpp:
1350         (WebCore::InbandGenericTextTrack::removeGenericCue): Log the cue we searched for, not
1351         the NULL cue.
1352
1353 2018-05-10  Zalan Bujtas  <zalan@apple.com>
1354
1355         [LFC] Implement height computation for non-replaced inflow elements.
1356         https://bugs.webkit.org/show_bug.cgi?id=185474
1357
1358         Reviewed by Antti Koivisto.
1359
1360         Initial implementation. Does not cover all the cases.
1361
1362         * layout/FormattingContext.cpp:
1363         (WebCore::Layout::FormattingContext::computeHeight const):
1364         * layout/FormattingContext.h:
1365         * layout/blockformatting/BlockFormattingContext.cpp:
1366         (WebCore::Layout::BlockFormattingContext::layout const):
1367         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
1368         (WebCore::Layout::BlockFormattingContext::computeInFlowNonReplacedHeight const):
1369         * layout/blockformatting/BlockFormattingContext.h:
1370         * layout/blockformatting/BlockMarginCollapse.cpp:
1371         (WebCore::Layout::collapsedMarginBottomFromLastChild):
1372         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent):
1373         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParentMarginBottom):
1374         (WebCore::Layout::isMarginBottomCollapsedWithParent): Deleted.
1375         * layout/blockformatting/BlockMarginCollapse.h:
1376         * layout/inlineformatting/InlineFormattingContext.cpp:
1377         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
1378         * layout/inlineformatting/InlineFormattingContext.h:
1379         * layout/layouttree/LayoutBox.cpp:
1380         (WebCore::Layout::Box::isReplaced const):
1381         * layout/layouttree/LayoutBox.h:
1382
1383 2018-05-10  Thibault Saunier  <tsaunier@igalia.com>
1384
1385         [GTK] Implement ImageBuffer::toBGRAData
1386         https://bugs.webkit.org/show_bug.cgi?id=185511
1387
1388         Reviewed by Michael Catanzaro.
1389
1390         This was never implemented but will be required for the MediaStream API
1391         tests.
1392
1393         * platform/graphics/ImageBuffer.cpp:
1394         (WebCore::ImageBuffer::toBGRAData const):
1395         * platform/graphics/cg/ImageBufferCG.cpp:
1396         (WebCore::ImageBuffer::toBGRAData const):
1397         * platform/graphics/gtk/ImageBufferGtk.cpp:
1398         (WebCore::ImageBuffer::toBGRAData const):
1399
1400 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1401
1402         [EME][GStreamer] Add a handler for GStreamer protection event
1403         https://bugs.webkit.org/show_bug.cgi?id=185245
1404
1405         Reviewed by Xabier Rodriguez-Calvar.
1406
1407         Qtdemux sends the protection event when encountered a new PSSH box (encrypted content).
1408
1409         The Decryptor is moved from AppendPipeline to PlaybackPipeline (see https://bugs.webkit.org/show_bug.cgi?id=181855),
1410         thus the protection event is no longer handled because the Decryptor is not in the same pipeline as qtdemux.
1411
1412         AppendPipeline: httpsrc-->qtdemux-->appsink
1413         PlaybackPipeline: appsrc-->parser--> decryptor-->decoder-->sink
1414
1415         This patch attaches a probe to the sink pad of the appsink in the appendPipeline in order to
1416         catch and manage the protection event.
1417
1418         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1419         (WebCore::AppendPipeline::AppendPipeline):
1420         (WebCore::AppendPipeline::~AppendPipeline):
1421         (WebCore::appendPipelineAppsinkPadEventProbe):
1422         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1423         (WebCore::AppendPipeline::playerPrivate):
1424
1425 2018-05-10  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1426
1427         [EME][GStreamer] Move the decryptor from AppendPipeline to PlaybackPipeline.
1428         https://bugs.webkit.org/show_bug.cgi?id=181855
1429
1430         Reviewed by Xabier Rodriguez-Calvar.
1431
1432         The goal of this move is to handle the limitation of SVP (Secure Video Path) memory size.
1433
1434         When the decryptor is in the AppendPipeline and we use SVP, we buffer in MediaSource queue
1435         the decrypted GstBuffers that are in SVP memory.
1436         This behavior cause an out-of-memory error, because we are limited in SVP memory size.
1437
1438         By moving the decryptor in PlaybackPipeline, we avoid to buffer the decrypted GstBuffers
1439         which use the SVP memory and we buffer the encrypted GstBuffers that are in system memory.
1440
1441         This new architecture also allows to start the buffering before obtaining the DRM license
1442         and it makes easier to manage dynamic change of the license or Key.
1443
1444         The decryptor is auto plugged by GStreamer playbin in PlaybackPipeline.
1445
1446         SVP: Secure Video Path also named trusted or protected video path, it is a memory which is
1447         protected by a hardware access control engine, it is not accessible to other unauthorised
1448         software or hardware components.
1449
1450         Tests:
1451             media/encrypted-media/clearKey/clearKey-cenc-audio-playback-mse.html
1452             media/encrypted-media/clearKey/clearKey-cenc-video-playback-mse.html
1453
1454         * platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
1455         (webkitMediaCommonEncryptionDecryptSinkEventHandler):
1456         * platform/graphics/gstreamer/mse/AppendPipeline.cpp:
1457         (WebCore::dumpAppendState):
1458         (WebCore::AppendPipeline::AppendPipeline):
1459         (WebCore::AppendPipeline::handleNeedContextSyncMessage):
1460         (WebCore::AppendPipeline::handleAppsrcNeedDataReceived):
1461         (WebCore::AppendPipeline::setAppendState):
1462         (WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
1463         (WebCore::AppendPipeline::appsinkNewSample):
1464         (WebCore::AppendPipeline::connectDemuxerSrcPadToAppsinkFromAnyThread):
1465         (WebCore::AppendPipeline::disconnectDemuxerSrcPadFromAppsinkFromAnyThread):
1466         (WebCore::appendPipelineElementMessageCallback): Deleted.
1467         (WebCore::AppendPipeline::handleElementMessage): Deleted.
1468         (WebCore::AppendPipeline::dispatchPendingDecryptionStructure): Deleted.
1469         (WebCore::AppendPipeline::dispatchDecryptionStructure): Deleted.
1470         * platform/graphics/gstreamer/mse/AppendPipeline.h:
1471         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
1472         (WebCore::MediaPlayerPrivateGStreamerMSE::attemptToDecryptWithInstance):
1473         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
1474
1475 2018-05-09  Nan Wang  <n_wang@apple.com>
1476
1477         AX: VoiceOver iframe scrolling focus jumping bug
1478         https://bugs.webkit.org/show_bug.cgi?id=176615
1479         <rdar://problem/34333067>
1480
1481         Reviewed by Chris Fleizach.
1482
1483         Scrolling to make elements visible is not working correctly for elements inside an
1484         offscreen iframe. Fixed it by using RenderLayer::scrollRectToVisible() to handle
1485         scrolling more properly.
1486
1487         Test: accessibility/scroll-to-make-visible-iframe-offscreen.html
1488
1489         * accessibility/AccessibilityObject.cpp:
1490         (WebCore::AccessibilityObject::scrollToMakeVisible const):
1491
1492 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1493
1494         AX: accessibleNameForNode should simplify whitespace when using innerText
1495         https://bugs.webkit.org/show_bug.cgi?id=185498
1496
1497         Reviewed by Chris Fleizach.
1498
1499         Test: accessibility/text-alternative-calculation-from-unrendered-table.html
1500
1501         Call simplifyWhiteSpace() before returning the innerText value.
1502
1503         * accessibility/AccessibilityNodeObject.cpp:
1504         (WebCore::accessibleNameForNode):
1505
1506 2018-05-09  Chris Dumez  <cdumez@apple.com>
1507
1508         Add initial support for 'Cross-Origin-Options' HTTP response header
1509         https://bugs.webkit.org/show_bug.cgi?id=184996
1510         <rdar://problem/39664620>
1511
1512         Reviewed by Geoff Garen.
1513
1514         Add initial support for 'Cross-Origin-Options' HTTP response header behind an experimental
1515         feature flag, on by default. When the HTTP server services this HTTP response header for a
1516         main resource, we'll set these options on the corresponding Document. This will impact the
1517         behavior of the Document's associated Window API when cross-origin.
1518
1519         The HTTP header has 3 possible values:
1520         - allow: This is the default. Regular cross-origin Window API is available.
1521         - allow-postmessage: Only postMessage() is available on a cross-origin window, trying to
1522           access anything else will throw a SecurityError.
1523         - deny: Trying to do anything with a cross-origin window will throw a SecurityError.
1524
1525         The header has no effect when accessing same origin windows.
1526
1527         Note that on cross-origin access from Window A to Window B, we check the cross-origin
1528         options for both Window A and Window B and use the lowest common denominator as effective
1529         cross-origin options for the access. So if Window A has 'Cross-Origin-Options: deny' and
1530         tries to call postMessage() on Window B which has 'Cross-Origin-Options: allow-postmessage',
1531         we will throw a SecurityError. This is because Window A's more restrictive options (deny)
1532         apply.
1533
1534         Tests: http/wpt/cross-origin-options/allow-postmessage-from-deny.html
1535                http/wpt/cross-origin-options/allow-postmessage.html
1536                http/wpt/cross-origin-options/cross-origin-options-header.html
1537
1538         * bindings/js/JSDOMBindingSecurity.cpp:
1539         (WebCore::BindingSecurity::shouldAllowAccessToDOMWindowGivenMinimumCrossOriginOptions):
1540         * bindings/js/JSDOMBindingSecurity.h:
1541         * bindings/js/JSDOMWindowCustom.cpp:
1542         (WebCore::effectiveCrossOriginOptionsForAccess):
1543         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1544         (WebCore::JSDOMWindow::getOwnPropertySlot):
1545         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
1546         (WebCore::addCrossOriginWindowPropertyNames):
1547         (WebCore::addScopedChildrenIndexes):
1548         (WebCore::addCrossOriginWindowOwnPropertyNames):
1549         (WebCore::JSDOMWindow::getOwnPropertyNames):
1550         * bindings/js/JSDOMWindowCustom.h:
1551         * bindings/js/JSRemoteDOMWindowCustom.cpp:
1552         (WebCore::JSRemoteDOMWindow::getOwnPropertySlot):
1553         (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex):
1554         (WebCore::JSRemoteDOMWindow::getOwnPropertyNames):
1555         * bindings/scripts/CodeGeneratorJS.pm:
1556         (GenerateAttributeGetterBodyDefinition):
1557         (GetCrossOriginsOptionsFromExtendedAttributeValue):
1558         (GenerateAttributeSetterBodyDefinition):
1559         (GenerateOperationBodyDefinition):
1560         * bindings/scripts/IDLAttributes.json:
1561         * dom/Document.cpp:
1562         (WebCore::Document::setCrossOriginOptions):
1563         * dom/Document.h:
1564         (WebCore::Document::crossOriginOptions const):
1565         * loader/FrameLoader.cpp:
1566         (WebCore::FrameLoader::didBeginDocument):
1567         * page/AbstractDOMWindow.cpp:
1568         (WebCore::AbstractDOMWindow::AbstractDOMWindow):
1569         * page/AbstractDOMWindow.h:
1570         (WebCore::AbstractDOMWindow::crossOriginOptions):
1571         (WebCore::AbstractDOMWindow::setCrossOriginOptions):
1572         * page/DOMWindow.cpp:
1573         (WebCore::DOMWindow::DOMWindow):
1574         (WebCore::DOMWindow::didSecureTransitionTo):
1575         * page/DOMWindow.idl:
1576         * page/Frame.h:
1577         * page/RemoteDOMWindow.cpp:
1578         (WebCore::RemoteDOMWindow::RemoteDOMWindow):
1579         * page/RemoteDOMWindow.h:
1580         * page/Settings.yaml:
1581         * platform/network/HTTPHeaderNames.in:
1582         * platform/network/HTTPParsers.cpp:
1583         (WebCore::parseCrossOriginOptionsHeader):
1584         * platform/network/HTTPParsers.h:
1585
1586 2018-05-09  Ryosuke Niwa  <rniwa@webkit.org>
1587
1588         Release assert in TreeScopeOrderedMap::remove via HTMLImageElement::removedFromAncestor
1589         https://bugs.webkit.org/show_bug.cgi?id=185493
1590
1591         Reviewed by Brent Fulgham.
1592
1593         Fixed the bug that HTMLImageElement::removedFromAncestor and HTMLMapElement::removedFromAncestor
1594         were calling removeImageElementByUsemap on the document instead of the shadow tree from which it was removed.
1595
1596         Test: fast/images/imagemap-in-shadow-tree-removed.html
1597
1598         * html/HTMLImageElement.cpp:
1599         (WebCore::HTMLImageElement::removedFromAncestor):
1600         * html/HTMLMapElement.cpp:
1601         (WebCore::HTMLMapElement::removedFromAncestor):
1602
1603 2018-05-09  Joanmarie Diggs  <jdiggs@igalia.com>
1604
1605         AX: Hidden nodes which are not directly referenced should not participate name/description from content
1606         https://bugs.webkit.org/show_bug.cgi?id=185478
1607
1608         Reviewed by Chris Fleizach.
1609
1610         Add a check to AccessibilityNodeObject::textUnderElement() and return early
1611         if the node is hidden, not referenced by aria-labelledby or aria-describedby,
1612         not an HTMLLabelElement, and not fallback content for an HTMLCanvasElement.
1613
1614         Test: accessibility/text-alternative-calculation-hidden-nodes.html
1615
1616         * accessibility/AccessibilityNodeObject.cpp:
1617         (WebCore::AccessibilityNodeObject::textUnderElement const):
1618
1619 2018-05-09  Eric Carlson  <eric.carlson@apple.com>
1620
1621         Update MediaSession to use release logging
1622         https://bugs.webkit.org/show_bug.cgi?id=185376
1623         <rdar://problem/40022203>
1624
1625         Reviewed by Youenn Fablet.
1626
1627         No new tests, tested manually.
1628
1629         * Modules/mediastream/MediaStream.h: hostingDocument() doesn't need to return a const Document.
1630         * Modules/webaudio/AudioContext.cpp:
1631         (WebCore::AudioContext::hostingDocument const): Ditto.
1632         * Modules/webaudio/AudioContext.h:
1633
1634         * html/HTMLMediaElement.h: Ditto.
1635
1636         * html/MediaElementSession.cpp:
1637         (WebCore::MediaElementSession::MediaElementSession):
1638         (WebCore::MediaElementSession::addBehaviorRestriction):
1639         (WebCore::MediaElementSession::removeBehaviorRestriction):
1640         (WebCore::MediaElementSession::dataLoadingPermitted const):
1641         (WebCore::MediaElementSession::fullscreenPermitted const):
1642         (WebCore::MediaElementSession::pageAllowsDataLoading const):
1643         (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming const):
1644         (WebCore::MediaElementSession::canShowControlsManager const):
1645         (WebCore::MediaElementSession::showPlaybackTargetPicker):
1646         (WebCore::MediaElementSession::hasWirelessPlaybackTargets const):
1647         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled const):
1648         (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
1649         (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
1650         (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
1651         (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
1652         (WebCore::MediaElementSession::mediaEngineUpdated):
1653         (WebCore::MediaElementSession::willLog const): Deleted.
1654         (WebCore::MediaElementSession::logger const): Deleted.
1655         (WebCore::MediaElementSession::logIdentifier const): Deleted.
1656         (WebCore::MediaElementSession::logChannel const): Deleted.
1657         * html/MediaElementSession.h:
1658
1659         * platform/audio/PlatformMediaSession.cpp:
1660         (WebCore::nextLogIdentifier):
1661         (WebCore::convertEnumerationToString):
1662         (WebCore::PlatformMediaSession::PlatformMediaSession):
1663         (WebCore::PlatformMediaSession::setState):
1664         (WebCore::PlatformMediaSession::beginInterruption):
1665         (WebCore::PlatformMediaSession::endInterruption):
1666         (WebCore::PlatformMediaSession::clientWillBeginAutoplaying):
1667         (WebCore::PlatformMediaSession::clientWillPausePlayback):
1668         (WebCore::PlatformMediaSession::pauseSession):
1669         (WebCore::PlatformMediaSession::stopSession):
1670         (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
1671         (WebCore::PlatformMediaSession::logChannel const):
1672         (WebCore::stateName): Deleted.
1673         (WebCore::interruptionName): Deleted.
1674         * platform/audio/PlatformMediaSession.h:
1675         (WTF::LogArgument<WebCore::PlatformMediaSession::State>::toString):
1676         (WTF::LogArgument<WebCore::PlatformMediaSession::InterruptionType>::toString):
1677
1678 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1679
1680         [GStreamer] Never call updateTracks if running on legacy pipeline
1681         https://bugs.webkit.org/show_bug.cgi?id=184581
1682
1683         This makes sure failling code path is never reached in the conditions where it should not have been reached.
1684
1685         Reviewed by Philippe Normand.
1686
1687         Re enables all tests that were disabled after fixing.
1688
1689         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1690         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1691
1692 2018-05-09  Daniel Bates  <dabates@apple.com>
1693
1694         REGRESSION (r231479): http/tests/appcache/x-frame-options-prevents-framing.php is timing out
1695         https://bugs.webkit.org/show_bug.cgi?id=185443
1696         <rdar://problem/40100660>
1697
1698         Reviewed by Andy Estes.
1699
1700         Following r231479 when using WebKit2 and Restricted HTTP Response Access is enabled (enabled in
1701         WebKitTestRunner) we only check the CSP frame-ancestors directive and X-Frame-Options in
1702         NetworkProcess. We need to check these security requirements in WebContent process whenever
1703         we are performing a substitute data load, such as for app cache, as these loads do not go
1704         through NetworkProcess.
1705
1706         * loader/DocumentLoader.cpp:
1707         (WebCore::DocumentLoader::responseReceived):
1708
1709 2018-05-09  Justin Fan  <justin_fan@apple.com>
1710
1711         Hooked up ASTC support in WebGL; requires OpenGL ES 3 context to work. 
1712         https://bugs.webkit.org/show_bug.cgi?id=185272
1713         <rdar://problem/15745737>
1714
1715         Reviewed by Dean Jackson.
1716
1717         Also added in Khronos' ASTC test from version 1.0.4 beta of their conformance test suite,
1718         although again, this requires OpenGL ES 3 context for WebKit to detect proper support.
1719
1720         Test: fast/canvas/webgl/webgl-compressed-texture-astc.html
1721
1722         * DerivedSources.make:
1723         * Sources.txt:
1724         * WebCore.xcodeproj/project.pbxproj:
1725         * bindings/js/JSDOMConvertWebGL.cpp:
1726         (WebCore::convertToJSValue):
1727         * html/canvas/WebGL2RenderingContext.cpp:
1728         (WebCore::WebGL2RenderingContext::getExtension):
1729         (WebCore::WebGL2RenderingContext::getSupportedExtensions):
1730         * html/canvas/WebGLCompressedTextureASTC.cpp: Added.
1731         (WebCore::WebGLCompressedTextureASTC::WebGLCompressedTextureASTC):
1732         (WebCore::WebGLCompressedTextureASTC::getName const):
1733         (WebCore::WebGLCompressedTextureASTC::supported):
1734         (WebCore::WebGLCompressedTextureASTC::getSupportedProfiles):
1735         * html/canvas/WebGLCompressedTextureASTC.h: Added.
1736         * html/canvas/WebGLCompressedTextureASTC.idl: Added.
1737         * html/canvas/WebGLExtension.h:
1738         * html/canvas/WebGLRenderingContext.cpp:
1739         (WebCore::WebGLRenderingContext::getExtension):
1740         (WebCore::WebGLRenderingContext::getSupportedExtensions):
1741         * html/canvas/WebGLRenderingContextBase.cpp:
1742         (WebCore::WebGLRenderingContextBase::validateCompressedTexFuncData):
1743         (WebCore::WebGLRenderingContextBase::validateCompressedTexDimensions):
1744         * html/canvas/WebGLRenderingContextBase.h:
1745         * platform/graphics/Extensions3D.h:
1746
1747 2018-05-09  Youenn Fablet  <youenn@apple.com>
1748
1749         Allow WebResourceLoader to cancel a load served from a service worker
1750         https://bugs.webkit.org/show_bug.cgi?id=185274
1751
1752         Reviewed by Chris Dumez.
1753
1754         Add support for cancelling a fetch from WebProcess to service worker process.
1755         Use FetchIdentifier instead of uint64_t.
1756
1757         * Modules/fetch/FetchIdentifier.h: Added.
1758         * WebCore.xcodeproj/project.pbxproj:
1759         * workers/service/context/ServiceWorkerFetch.h:
1760         * workers/service/context/ServiceWorkerThreadProxy.cpp:
1761         (WebCore::ServiceWorkerThreadProxy::startFetch):
1762         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
1763         * workers/service/context/ServiceWorkerThreadProxy.h:
1764
1765 2018-05-09  Thibault Saunier  <tsaunier@igalia.com>
1766
1767         [GStreamer] Fix style issue in MediaPlayerPrivateGStreamer
1768         https://bugs.webkit.org/show_bug.cgi?id=185479
1769
1770         Reviewed by Philippe Normand.
1771
1772         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:114:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1773         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:194:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1774         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:398:  One line control clauses should not use braces.  [whitespace/braces] [4]
1775         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:440:  One line control clauses should not use braces.  [whitespace/braces] [4]
1776         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:806:  More than one command on the same line  [whitespace/newline] [4]
1777         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:869:  More than one command on the same line  [whitespace/newline] [4]
1778         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:880:  More than one command on the same line  [whitespace/newline] [4]
1779         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:940:  More than one command on the same line  [whitespace/newline] [4]
1780         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1102:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1781         ERROR: Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:1109:  Multi line control clauses should use braces.  [whitespace/braces] [4]
1782
1783         Indentation and style issue fixed only.
1784
1785         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1786         (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
1787         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
1788         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
1789         (WebCore::MediaPlayerPrivateGStreamer::play):
1790         (WebCore::MediaPlayerPrivateGStreamer::videoChangedCallback):
1791         (WebCore::MediaPlayerPrivateGStreamer::videoSinkCapsChangedCallback):
1792         (WebCore::MediaPlayerPrivateGStreamer::audioChangedCallback):
1793         (WebCore::MediaPlayerPrivateGStreamer::textChangedCallback):
1794         (WebCore::MediaPlayerPrivateGStreamer::buffered const):
1795         (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
1796
1797 2018-05-09  Daniel Bates  <dabates@apple.com>
1798
1799         REGRESSION (r231479): com.apple.WebCore crash in WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied()
1800         https://bugs.webkit.org/show_bug.cgi?id=185475
1801         <rdar://problem/40093853>
1802
1803         Reviewed by Andy Estes.
1804
1805         DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() must extends its lifetime
1806         until completion as dispatching a DOM load event at the associated frame can cause JavaScript execution
1807         that can do anything, including destroying the loader that dispatched the event.
1808
1809         Following r231479 DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() is now
1810         invoked by both DocumentLoader::responseReceived() and WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1811         The latter only can happen when using WebKit2 and the experimental feature Restricted HTTP Response Access
1812         is enabled (RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()). Unlike DocumentLoader::responseReceived()
1813         WebResourceLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() does not take out a ref
1814         on the DocumentLoader before invoking DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1815         Therefore, DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() can cause its
1816         own destruction as a result of dispatching a DOM load event at the frame. We should take out a ref on
1817         the DocumentLoader when executing DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied().
1818
1819         * loader/DocumentLoader.cpp:
1820         (WebCore::DocumentLoader::stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied):
1821
1822 2018-05-09  Tim Horton  <timothy_horton@apple.com>
1823
1824         Fix the build by ignoring some deprecation warnings
1825
1826         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1827         (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldDisableSleep):
1828
1829 2018-05-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1830
1831         [WPE] Build cleanly with GCC 8 and ICU 60
1832         https://bugs.webkit.org/show_bug.cgi?id=185462
1833
1834         Reviewed by Carlos Alberto Lopez Perez.
1835
1836         * PlatformGTK.cmake: Include directories are in the wrong place.
1837         * accessibility/AXObjectCache.cpp: Silence -Wclass-memaccess problems and leave warnings.
1838         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
1839         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
1840         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1841         (WebCore::AXObjectCache::textMarkerDataForFirstPositionInTextControl):
1842         * css/CSSFontFace.cpp: Silence -Wfallthrough
1843         (WebCore::CSSFontFace::fontLoadTiming const):
1844         * css/CSSSelectorList.cpp: Silence -Wclass-memaccess, this one is intentional.
1845         (WebCore::CSSSelectorList::adoptSelectorVector):
1846         * editing/TextIterator.cpp: Silence ICU deprecation warnings.
1847         * platform/Length.h:
1848         (WebCore::Length::operator=): More -Wclass-memaccess, looks benign.
1849         * platform/graphics/Gradient.cpp:
1850         (WebCore::Gradient::hash const): -Wclass-memaccess again. Leave a warning.
1851         * platform/graphics/SurrogatePairAwareTextIterator.cpp: Silence ICU deprecation warnings.
1852         * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
1853         (WebCore::FontCascade::fontForCombiningCharacterSequence const): Silence ICU deprecation.
1854         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1855         (WebCore::FontCustomPlatformData::FontCustomPlatformData): Silence -Wcast-function-type.
1856         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
1857         (WebCore::Font::canRenderCombiningCharacterSequence const): Silence ICU deprecation.
1858         * platform/graphics/gstreamer/GstAllocatorFastMalloc.cpp:
1859         (gstAllocatorFastMallocMemUnmap): Fix -Wcast-function-type.
1860         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1861         (WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix bad printf.
1862         (WebCore::MediaPlayerPrivateGStreamer::enableTrack): Another bad printf.
1863         (WebCore::findHLSQueue): Fix -Wcast-function-type.
1864         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
1865         (webKitMediaClearKeyDecryptorDecrypt): Fix another bad printf.
1866         * platform/network/soup/SocketStreamHandleImplSoup.cpp: Silence -Wcast-function-type.
1867         (WebCore::SocketStreamHandleImpl::beginWaitingForSocketWritability):
1868         * platform/text/TextEncoding.cpp: Silence ICU deprecration.
1869
1870 2018-05-08  Simon Fraser  <simon.fraser@apple.com>
1871
1872         SVG lighting colors need to be converted into linearSRGB
1873         https://bugs.webkit.org/show_bug.cgi?id=181196
1874
1875         Reviewed by Darin Adler.
1876
1877         Address post-commit comments. Don't make a Color that contains linearRGB components,
1878         but use FloatComponents instead. Since these FloatComponents are in the 0-1 range,
1879         FELighting::setPixelInternal() needs to multiply by 255 since the output pixels are
1880         8-bit 0-255.
1881         
1882         Change linearToSRGBColorComponent() and sRGBToLinearColorComponent() to do math in
1883         floats without promoting to doubles.
1884
1885         * platform/graphics/ColorUtilities.cpp:
1886         (WebCore::FloatComponents::FloatComponents):
1887         (WebCore::linearToSRGBColorComponent):
1888         (WebCore::sRGBToLinearColorComponent):
1889         (WebCore::sRGBColorToLinearComponents):
1890         (WebCore::linearToSRGBColor): Deleted.
1891         (WebCore::sRGBToLinearColor): Deleted.
1892         * platform/graphics/ColorUtilities.h:
1893         * platform/graphics/filters/FELighting.cpp:
1894         (WebCore::FELighting::setPixelInternal):
1895         (WebCore::FELighting::drawLighting):
1896
1897 2018-05-09  Timothy Hatcher  <timothy@apple.com>
1898
1899         Use StyleColor::Options in more places.
1900
1901         https://bugs.webkit.org/show_bug.cgi?id=185458
1902         rdar://problem/39853798
1903
1904         Add UseDefaultAppearance to StyleColor::Options, to avoid passing yet another
1905         boolean on some of these functions.
1906
1907         Reviewed by Tim Horton.
1908
1909         * css/MediaQueryEvaluator.cpp:
1910         * css/StyleColor.h:
1911         * dom/Document.cpp:
1912         (WebCore::Document::useDefaultAppearance const):
1913         (WebCore::Document::styleColorOptions const):
1914         * dom/Document.h:
1915         * platform/Theme.cpp:
1916         (WebCore::Theme::paint):
1917         * platform/Theme.h:
1918         * platform/mac/LocalDefaultSystemAppearance.h:
1919         * platform/mac/LocalDefaultSystemAppearance.mm:
1920         (WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):
1921         (WebCore::LocalDefaultSystemAppearance::~LocalDefaultSystemAppearance):
1922         * platform/mac/ThemeMac.h:
1923         * platform/mac/ThemeMac.mm:
1924         (WebCore::paintToggleButton):
1925         (WebCore::paintButton):
1926         (WebCore::ThemeMac::ensuredView):
1927         (WebCore::ThemeMac::drawCellOrFocusRingWithViewIntoContext):
1928         (WebCore::ThemeMac::paint):
1929         (-[WebCoreThemeView initWithUseSystemAppearance:]): Deleted.
1930         * platform/wpe/ThemeWPE.cpp:
1931         (WebCore::ThemeWPE::paint):
1932         * platform/wpe/ThemeWPE.h:
1933         * rendering/RenderListBox.cpp:
1934         (WebCore::RenderListBox::paintItemBackground):
1935         * rendering/RenderTheme.cpp:
1936         (WebCore::RenderTheme::paint):
1937         (WebCore::RenderTheme::inactiveListBoxSelectionBackgroundColor const):
1938         (WebCore::RenderTheme::platformInactiveListBoxSelectionBackgroundColor const):
1939         * rendering/RenderTheme.h:
1940         * rendering/RenderThemeGtk.cpp:
1941         (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor const):
1942         * rendering/RenderThemeGtk.h:
1943         * rendering/RenderThemeMac.h:
1944         * rendering/RenderThemeMac.mm:
1945         (WebCore::RenderThemeMac::documentViewFor const):
1946         (WebCore::RenderThemeMac::platformInactiveListBoxSelectionBackgroundColor const):
1947         (WebCore::RenderThemeMac::systemColor const):
1948         (WebCore::RenderThemeMac::paintCellAndSetFocusedElementNeedsRepaintIfNecessary):
1949         (WebCore::RenderThemeMac::paintSliderThumb):
1950
1951 2018-05-09  Yacine Bandou  <yacine.bandou_ext@softathome.com>
1952
1953         [EME][GStreamer] Crash when the mediaKeys are created before loading the media in debug conf
1954         https://bugs.webkit.org/show_bug.cgi?id=185244
1955
1956         Reviewed by Xabier Rodriguez-Calvar.
1957
1958         The function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" is expected to be called once,
1959         so there is an ASSERT(!m_cdmInstance).
1960         But when the MediaKeys are created before loading the media, the cdminstance is created and attached
1961         to the MediaPlayerPrivate via "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached" before loading
1962         the media, then when the media is loading, the function "MediaPlayerPrivateGStreamerBase::cdmInstanceAttached"
1963         will be called several times via the function "mediaEngineWasUpdated" wich is called for each change
1964         in the MediaElement state, thus the WebProcess crashes in the ASSERT(!m_cdmInstance).
1965
1966         This commit avoid the crash by replacing the assert with a simple check.
1967
1968         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1969         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
1970         (WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
1971
1972 2018-05-09  Antti Koivisto  <antti@apple.com>
1973
1974         Add OptionSet::operator& and operator bool
1975         https://bugs.webkit.org/show_bug.cgi?id=185306
1976
1977         Reviewed by Anders Carlsson.
1978
1979         Use it in a few places.
1980
1981         * loader/FrameLoader.cpp:
1982         (WebCore::FrameLoader::reload):
1983         * rendering/RenderLayerCompositor.cpp:
1984         (WebCore::RenderLayerCompositor::logReasonsForCompositing):
1985         (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
1986
1987 2018-05-08  Dean Jackson  <dino@apple.com>
1988
1989         Disable system preview link fetching
1990         https://bugs.webkit.org/show_bug.cgi?id=185463
1991
1992         Reviewed by Jon Lee.
1993
1994         Temporarily disable system preview detection when a link
1995         is clicked.
1996
1997         * html/HTMLAnchorElement.cpp:
1998         (WebCore::HTMLAnchorElement::handleClick):
1999
2000 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
2001
2002         Unreviewed, fix the internal iOS build
2003
2004         Add a missing import statement in an implementation file.
2005
2006         * editing/cocoa/WebContentReaderCocoa.mm:
2007
2008 2018-05-08  Ryan Haddad  <ryanhaddad@apple.com>
2009
2010         Unreviewed, rolling out r231486.
2011
2012         Caused service worker LayoutTest failures on macOS Debug WK2.
2013
2014         Reverted changeset:
2015
2016         "Allow WebResourceLoader to cancel a load served from a
2017         service worker"
2018         https://bugs.webkit.org/show_bug.cgi?id=185274
2019         https://trac.webkit.org/changeset/231486
2020
2021 2018-05-08  Wenson Hsieh  <wenson_hsieh@apple.com>
2022
2023         Consolidate WebContentReaderIOS and WebContentReaderMac into WebContentReaderCocoa
2024         https://bugs.webkit.org/show_bug.cgi?id=185340
2025
2026         Reviewed by Tim Horton.
2027
2028         WebContentReader::readURL is currently the only method implemented separately in iOS and macOS platform
2029         WebContentReader files. The implementation across macOS and iOS is nearly identical (with some exceptions with
2030         the way iOS handles file URLs and plain text editing), so we can merge these into a single method
2031         WebContentReaderCocoa and delete WebContentReaderIOS and WebContentReaderMac.
2032
2033         This also has the added bonus of fixing a latent bug in WebContentReaderMac, wherein URLs written to the
2034         pasteboard using -[NSPasteboard writeObjects:] are currently pasted as empty anchor elements. In this case, the
2035         link title isn't made explicit, so the `title` passed in to WebContentReader::readURL is empty. On iOS, we have
2036         code to fall back to pasting the absolute string of the URL if the title is empty, but on macOS, we'll just use
2037         this empty string as the title of the anchor.
2038
2039         Test: PasteMixedContent.PasteURLWrittenToPasteboardUsingWriteObjects
2040
2041         * SourcesCocoa.txt:
2042         * WebCore.xcodeproj/project.pbxproj:
2043         * editing/cocoa/WebContentReaderCocoa.mm:
2044         (WebCore::WebContentReader::readURL):
2045         * editing/ios/WebContentReaderIOS.mm: Removed.
2046         * editing/mac/WebContentReaderMac.mm: Removed.
2047
2048 2018-05-08  Zalan Bujtas  <zalan@apple.com>
2049
2050         [Simple line layout] Cache run resolver.
2051         https://bugs.webkit.org/show_bug.cgi?id=185411
2052
2053         Reviewed by Antti Koivisto.
2054
2055         This patch caches the run resolver on the [SimpleLine]Layout object. 
2056         In certain cases, when the block container has thousands of elements (foobar1<br>foobar2<br>.....foobar9999<br>),
2057         constructing the resolver (and its dependencies) in a repeating fashion could hang the WebProcess.
2058
2059         Covered by existing tests.
2060
2061         * rendering/SimpleLineLayout.cpp:
2062         (WebCore::SimpleLineLayout::create):
2063         (WebCore::SimpleLineLayout::Layout::create):
2064         (WebCore::SimpleLineLayout::Layout::Layout):
2065         * rendering/SimpleLineLayout.h:
2066         (WebCore::SimpleLineLayout::Layout::runResolver const):
2067         * rendering/SimpleLineLayoutFunctions.cpp:
2068         (WebCore::SimpleLineLayout::paintFlow):
2069         (WebCore::SimpleLineLayout::hitTestFlow):
2070         (WebCore::SimpleLineLayout::collectFlowOverflow):
2071         (WebCore::SimpleLineLayout::computeBoundingBox):
2072         (WebCore::SimpleLineLayout::computeFirstRunLocation):
2073         (WebCore::SimpleLineLayout::collectAbsoluteRects):
2074         (WebCore::SimpleLineLayout::collectAbsoluteQuads):
2075         (WebCore::SimpleLineLayout::textOffsetForPoint):
2076         (WebCore::SimpleLineLayout::collectAbsoluteQuadsForRange):
2077         (WebCore::SimpleLineLayout::generateLineBoxTree):
2078         * rendering/SimpleLineLayoutResolver.cpp:
2079         (WebCore::SimpleLineLayout::LineResolver::LineResolver):
2080         * rendering/SimpleLineLayoutResolver.h:
2081         (WebCore::SimpleLineLayout::lineResolver):
2082
2083 2018-05-08  Brent Fulgham  <bfulgham@apple.com>
2084
2085         Switch some RELEASE_ASSERTS to plain debug ASSERTS in PlatformScreenMac.mm
2086         https://bugs.webkit.org/show_bug.cgi?id=185451
2087         <rdar://problem/39620348>
2088
2089         Reviewed by Zalan Bujtas.
2090
2091         Change a set of RELEASE_ASSERTS used to prevent accessing NSScreen related functions in the
2092         PlatformScreenMac implementation to less expensive Debug ASSERTS.
2093
2094         No change in behavior.
2095
2096         * platform/mac/PlatformScreenMac.mm:
2097         (WebCore::screenHasInvertedColors):
2098         (WebCore::screenDepth):
2099         (WebCore::screenDepthPerComponent):
2100         (WebCore::screenRectForDisplay):
2101         (WebCore::screenRect):
2102         (WebCore::screenAvailableRect):
2103         (WebCore::screenColorSpace):
2104         (WebCore::screenSupportsExtendedColor):
2105
2106 2018-05-08  Daniel Bates  <dabates@apple.com>
2107
2108         Resign Strong Password appearance when text field value changes
2109         https://bugs.webkit.org/show_bug.cgi?id=185433
2110         <rdar://problem/39958508>
2111
2112         Reviewed by Ryosuke Niwa.
2113
2114         Remove the Strong Password decoration when the text field's value changes to avoid interfering
2115         with web sites that allow a person to clear the password field.
2116
2117         Tests: fast/forms/auto-fill-button/auto-fill-strong-password-button-when-maxlength-changes.html
2118                fast/forms/auto-fill-button/auto-fill-strong-password-button-when-minlength-changes.html
2119                fast/forms/auto-fill-button/hide-auto-fill-strong-password-button-when-value-changes.html
2120
2121         * html/HTMLInputElement.cpp:
2122         (WebCore::HTMLInputElement::resignStrongPasswordAppearance): Extracted from HTMLInputElement::updateType().
2123         (WebCore::HTMLInputElement::updateType): Extract out logic to resign the Strong Password appearance
2124         into a function that can be shared by this function and HTMLInputElement::setValue().
2125         (WebCore::HTMLInputElement::setValue): Resign the Strong Password appearance if this field was
2126         changed programmatically (i.e. no DOM change event was dispatched).
2127         * html/HTMLInputElement.h:
2128
2129 2018-05-08  Jer Noble  <jer.noble@apple.com>
2130
2131         Unreviewed build fix; add missing function definition.
2132
2133         * html/HTMLMediaElement.h:
2134         (WebCore::HTMLMediaElement::didPassCORSAccessCheck const):
2135
2136 2018-05-08  Jer Noble  <jer.noble@apple.com>
2137
2138         Mute MediaElementSourceNode when tainted.
2139         https://bugs.webkit.org/show_bug.cgi?id=184866
2140
2141         Reviewed by Eric Carlson.
2142
2143         Test: http/tests/security/webaudio-render-remote-audio-blocked-no-crossorigin.html
2144
2145         * Modules/webaudio/AudioContext.cpp:
2146         (WebCore::AudioContext::wouldTaintOrigin const):
2147         * Modules/webaudio/AudioContext.h:
2148         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
2149         (WebCore::MediaElementAudioSourceNode::setFormat):
2150         (WebCore::MediaElementAudioSourceNode::wouldTaintOrigin):
2151         (WebCore::MediaElementAudioSourceNode::process):
2152         * Modules/webaudio/MediaElementAudioSourceNode.h:
2153
2154 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2155
2156         Log rtcstats as JSON
2157         https://bugs.webkit.org/show_bug.cgi?id=185437
2158         <rdar://problem/40065332>
2159
2160         Reviewed by Youenn Fablet.
2161
2162         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
2163         (WebCore::RTCStatsLogger::RTCStatsLogger): Create a wrapper class so we don't have to add a
2164         toJSONString method to libwebrtc.
2165         (WebCore::RTCStatsLogger::toJSONString const): Log stats as JSON.
2166         (WebCore::LibWebRTCMediaEndpoint::OnStatsDelivered): Don't use the LOGIDENTIFIER macro because
2167         it doesn't work well inside of a lambda.
2168         (WTF::LogArgument<WebCore::RTCStatsLogger>::toString): Move into .cpp file because it is only
2169         used here.
2170         * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
2171         (WTF::LogArgument<webrtc::RTCStats>::toString): Deleted. Move to .cpp file.
2172
2173 2018-05-08  Dean Jackson  <dino@apple.com>
2174
2175         System Preview links should trigger a download
2176         https://bugs.webkit.org/show_bug.cgi?id=185439
2177         <rdar://problem/40065545>
2178
2179         Reviewed by Jon Lee.
2180
2181         Add a new field to FrameLoadRequest, which then is copied
2182         into ResourceRequest, identifying if the link clicked
2183         is a system preview.
2184
2185         * html/HTMLAnchorElement.cpp:
2186         (WebCore::HTMLAnchorElement::handleClick): Look for isSystemPreviewLink().
2187         * loader/FrameLoadRequest.cpp:
2188         (WebCore::FrameLoadRequest::FrameLoadRequest):
2189         * loader/FrameLoadRequest.h: New property.
2190         (WebCore::FrameLoadRequest::FrameLoadRequest):
2191         (WebCore::FrameLoadRequest::isSystemPreview const):
2192         * loader/FrameLoader.cpp:
2193         (WebCore::FrameLoader::urlSelected):
2194         (WebCore::FrameLoader::loadURL):
2195         * loader/FrameLoader.h:
2196         * platform/network/ResourceRequestBase.cpp:
2197         (WebCore::ResourceRequestBase::isSystemPreview const):
2198         (WebCore::ResourceRequestBase::setSystemPreview):
2199         * platform/network/ResourceRequestBase.h:
2200
2201 2018-05-08  Commit Queue  <commit-queue@webkit.org>
2202
2203         Unreviewed, rolling out r231491.
2204         https://bugs.webkit.org/show_bug.cgi?id=185434
2205
2206         Setting the Created key on a cookie does not work yet, due a
2207         bug in CFNetwork (Requested by ggaren on #webkit).
2208
2209         Reverted changeset:
2210
2211         "[WKHTTPCookieStore getAllCookies] returns inconsistent
2212         creation time"
2213         https://bugs.webkit.org/show_bug.cgi?id=185041
2214         https://trac.webkit.org/changeset/231491
2215
2216 2018-05-08  Sihui Liu  <sihui_liu@apple.com>
2217
2218         [WKHTTPCookieStore getAllCookies] returns inconsistent creation time
2219         https://bugs.webkit.org/show_bug.cgi?id=185041
2220         <rdar://problem/34684214>
2221
2222         Reviewed by Geoffrey Garen.
2223
2224         Set creationtime property when creating Cookie object to keep consistency after conversion.
2225
2226         New API test: WebKit.WKHTTPCookieStoreCreationTime.
2227
2228         * platform/network/cocoa/CookieCocoa.mm:
2229         (WebCore::Cookie::operator NSHTTPCookie * const):
2230
2231 2018-05-08  Eric Carlson  <eric.carlson@apple.com>
2232
2233         Text track cue logging should include cue text
2234         https://bugs.webkit.org/show_bug.cgi?id=185353
2235         <rdar://problem/40003565>
2236
2237         Reviewed by Brent Fulgham.
2238
2239         No new tests, tested manually.
2240
2241         * html/track/VTTCue.cpp:
2242         (WebCore::VTTCue::toJSON const):
2243         * platform/graphics/InbandTextTrackPrivateClient.h:
2244         (WebCore::GenericCueData::toJSONString const):
2245         * platform/graphics/iso/ISOVTTCue.cpp:
2246         (WebCore::ISOWebVTTCue::toJSONString const):
2247
2248 2018-05-08  Sam Weinig  <sam@webkit.org>
2249
2250         More cleanup of XMLHttpRequestUpload
2251         https://bugs.webkit.org/show_bug.cgi?id=185409
2252
2253         Reviewed by Alex Christensen.
2254
2255         - Remove unneeded #includes
2256         - Rename m_xmlHttpRequest to m_request
2257         - Make some overloaded some methods private, and mark them as final rather
2258           than override.
2259
2260         * xml/XMLHttpRequestUpload.cpp:
2261         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2262         * xml/XMLHttpRequestUpload.h:
2263
2264 2018-05-08  Zalan Bujtas  <zalan@apple.com>
2265
2266         [LFC] Start using BlockMarginCollapse
2267         https://bugs.webkit.org/show_bug.cgi?id=185424
2268
2269         Reviewed by Antti Koivisto.
2270
2271         BlockMarginCollapse could be all static.
2272
2273         * layout/blockformatting/BlockFormattingContext.cpp:
2274         (WebCore::Layout::BlockFormattingContext::marginTop const):
2275         (WebCore::Layout::BlockFormattingContext::marginBottom const):
2276         * layout/blockformatting/BlockMarginCollapse.cpp:
2277         (WebCore::Layout::isMarginTopCollapsedWithSibling):
2278         (WebCore::Layout::isMarginBottomCollapsedWithSibling):
2279         (WebCore::Layout::isMarginTopCollapsedWithParent):
2280         (WebCore::Layout::isMarginBottomCollapsedWithParent):
2281         (WebCore::Layout::collapsedMarginTopFromFirstChild):
2282         (WebCore::Layout::collapsedMarginBottomFromLastChild):
2283         (WebCore::Layout::nonCollapsedMarginTop):
2284         (WebCore::Layout::nonCollapsedMarginBottom):
2285         (WebCore::Layout::BlockMarginCollapse::marginTop):
2286         (WebCore::Layout::BlockMarginCollapse::marginBottom):
2287         (WebCore::Layout::BlockMarginCollapse::BlockMarginCollapse): Deleted.
2288         (WebCore::Layout::BlockMarginCollapse::marginTop const): Deleted.
2289         (WebCore::Layout::BlockMarginCollapse::marginBottom const): Deleted.
2290         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithSibling const): Deleted.
2291         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithSibling const): Deleted.
2292         (WebCore::Layout::BlockMarginCollapse::isMarginTopCollapsedWithParent const): Deleted.
2293         (WebCore::Layout::BlockMarginCollapse::isMarginBottomCollapsedWithParent const): Deleted.
2294         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginTop const): Deleted.
2295         (WebCore::Layout::BlockMarginCollapse::nonCollapsedMarginBottom const): Deleted.
2296         (WebCore::Layout::BlockMarginCollapse::collapsedMarginTopFromFirstChild const): Deleted.
2297         (WebCore::Layout::BlockMarginCollapse::collapsedMarginBottomFromLastChild const): Deleted.
2298         (WebCore::Layout::BlockMarginCollapse::hasAdjoiningMarginTopAndBottom const): Deleted.
2299         * layout/blockformatting/BlockMarginCollapse.h:
2300
2301 2018-05-08  Youenn Fablet  <youenn@apple.com>
2302
2303         Allow WebResourceLoader to cancel a load served from a service worker
2304         https://bugs.webkit.org/show_bug.cgi?id=185274
2305
2306         Reviewed by Chris Dumez.
2307
2308         Add support for cancelling a fetch from WebProcess to service worker process.
2309         Use FetchIdentifier instead of uint64_t.
2310
2311         * Modules/fetch/FetchIdentifier.h: Added.
2312         * WebCore.xcodeproj/project.pbxproj:
2313         * workers/service/context/ServiceWorkerFetch.h:
2314         * workers/service/context/ServiceWorkerThreadProxy.cpp:
2315         (WebCore::ServiceWorkerThreadProxy::startFetch):
2316         (WebCore::ServiceWorkerThreadProxy::cancelFetch):
2317         * workers/service/context/ServiceWorkerThreadProxy.h:
2318
2319 2018-05-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
2320
2321         feTurbulence is not rendered correctly on Retina display
2322         https://bugs.webkit.org/show_bug.cgi?id=183798
2323
2324         Reviewed by Simon Fraser.
2325
2326         On 2x display the feTurbulence filter creates a scaled ImageBuffer but
2327         processes only the unscaled size. This is a remaining work of r168577 and
2328         is very similar to what was done for the feMorphology filter in r188271.
2329
2330         Test: fast/hidpi/filters-turbulence.html
2331
2332         * platform/graphics/filters/FETurbulence.cpp:
2333         (WebCore::FETurbulence::fillRegion const):
2334         (WebCore::FETurbulence::platformApplySoftware):
2335
2336 2018-05-07  Zalan Bujtas  <zalan@apple.com>
2337
2338         [LFC] Add FormattingContext::layoutOutOfFlowDescendants implementation
2339         https://bugs.webkit.org/show_bug.cgi?id=185377
2340
2341         Reviewed by Antti Koivisto.
2342
2343         Also, remove FormattingContext's m_layoutContext member and pass it in to ::layout() instead.
2344         In theory LayoutContext is needed only during ::layout() call. 
2345
2346         * layout/FormattingContext.cpp:
2347         (WebCore::Layout::FormattingContext::layoutOutOfFlowDescendants const):
2348         * layout/FormattingContext.h:
2349         (WebCore::Layout::FormattingContext::layoutContext const):
2350         * layout/LayoutContext.cpp:
2351         (WebCore::Layout::LayoutContext::updateLayout):
2352         * layout/blockformatting/BlockFormattingContext.cpp:
2353         (WebCore::Layout::BlockFormattingContext::layout const):
2354         * layout/blockformatting/BlockFormattingContext.h:
2355         * layout/inlineformatting/InlineFormattingContext.cpp:
2356         (WebCore::Layout::InlineFormattingContext::layout const):
2357         * layout/inlineformatting/InlineFormattingContext.h:
2358
2359 2018-05-07  Daniel Bates  <dabates@apple.com>
2360
2361         Check X-Frame-Options and CSP frame-ancestors in network process
2362         https://bugs.webkit.org/show_bug.cgi?id=185410
2363         <rdar://problem/37733934>
2364
2365         Reviewed by Ryosuke Niwa.
2366
2367         * WebCore.xcodeproj/project.pbxproj: Make PingLoader.h a private header so that we can include it in WebKit.
2368         * loader/DocumentLoader.cpp:
2369         (WebCore::DocumentLoader::responseReceived): Only check CSP frame-ancestors and X-Frame-Options here if
2370         we are not checking them in the NetworkProcess and HTTP response access is restricted. I code is otherwise kept
2371         unchanged. There may be opportunities to clean this code up more and share more of it. We should look into this
2372         in subsequent bugs.
2373         * loader/DocumentLoader.h: Change visibility of stopLoadingAfterXFrameOptionsOrContentSecurityPolicyDenied() from
2374         private to public and export it so that we can call it from the WebKit.
2375         * loader/PingLoader.h:
2376         * page/Settings.yaml: Add a new setting called networkProcessCSPFrameAncestorsCheckingEnabled (defaults: false)
2377         and is hardcoded in WebPage.cpp to be enabled. This setting is used to determine if we will be using the NetworkProcess.
2378         Ideally we wouldn't have this setting and just key off RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess().
2379         However RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess() is always enabled in WebKit Legacy
2380         at the time of writing (why?). And, strangely, RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2381         is conditionally enabled in WebKit. For now, we add a new setting, networkProcessCSPFrameAncestorsCheckingEnabled,
2382         to determine if CSP checking should be performed in NetworkProcess. For checking to actually happen in NetworkProcess
2383         and not in DocumentLoader::responseReceived() RuntimeEnabledFeatures::sharedFeatures().restrictedHTTPResponseAccess()
2384         will also need to be enabled.
2385         * page/csp/ContentSecurityPolicy.cpp:
2386         (WebCore::ContentSecurityPolicy::allowFrameAncestors const): Added a variant that takes a vector of ancestor origins.
2387         * page/csp/ContentSecurityPolicy.h:
2388         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2389         (WebCore::checkFrameAncestors): Ditto.
2390         (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrameAncestorOrigins const): Ditto.
2391         * page/csp/ContentSecurityPolicyDirectiveList.h: Export constructor so that we can invoke it from NetworkResourceLoader::shouldInterruptLoadForCSPFrameAncestorsOrXFrameOptions().
2392         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2393         * platform/network/HTTPParsers.h: Export XFrameOptionsDisposition() so that we can use in WebKit.
2394
2395 2018-05-07  Daniel Bates  <dabates@apple.com>
2396
2397         Abstract logic to log console messages and send CSP violation reports into a client
2398         https://bugs.webkit.org/show_bug.cgi?id=185393
2399         <rdar://problem/40036053>
2400
2401         Reviewed by Brent Fulgham.
2402
2403         First pass at adding infrastructure to supporting CSP reporting from NetworkProcess and workers.
2404         Replaces the existing ContentSecurityPolicy constructor that takes a Frame with one that
2405         takes a ContentSecurityPolicyClient to delegate to for logging and sending reports. We will look
2406         to remove ContentSecurityPolicy constructor that takes a ScriptExecutionContext in a follow up.
2407
2408         Standardize on instantiating a ContentSecurityPolicy with the full URL to resource that it protects
2409         instead of taking only the SecurityOrigin of this URL. By taking the full URL the ContentSecurityPolicy
2410         object is now capable of resolving a relative report URL without needing a Document/ScriptExecutionContext.
2411
2412         We are underutilizing the CSPInfo struct and ContentSecurityPolicyClient::willSendCSPViolationReport()
2413         delegate callback in this patch. We will make use of this functionality in a subsequent patch to
2414         support collecting script state (e.g. source line number) when reporting CSP violations in worker
2415         threads. We also no longer go through the unnecessary motions to try to collect script state for a
2416         frame-ancestors violation (since DocumentLoader extends ContentSecurityPolicyClient and does not
2417         implement ContentSecurityPolicyClient::willSendCSPViolationReport()). The frame-ancestors directive
2418         is checked before a document is parsed and executes script; => there will never be any script state
2419         to collect; => it is not necessary to try to collect it as we currently do.
2420
2421         * Sources.txt: Add file ContentSecurityPolicyClient.cpp. See the remarks for ContentSecurityPolicyClient.cpp
2422         below on why we have this file.
2423         * WebCore.xcodeproj/project.pbxproj: Add files ContentSecurityPolicyClient.{h, cpp}.
2424         * dom/Document.cpp:
2425         (WebCore::Document::initSecurityContext): Pass the URL of the protected document.
2426         * loader/DocumentLoader.cpp:
2427         (WebCore::DocumentLoader::responseReceived): Ditto.
2428         (WebCore::DocumentLoader::addConsoleMessage): Added.
2429         (WebCore::DocumentLoader::sendCSPViolationReport): Added.
2430         (WebCore::DocumentLoader::dispatchSecurityPolicyViolationEvent): Added.
2431         * loader/DocumentLoader.h:
2432         * loader/FrameLoaderClient.h: Fix typo in comment.
2433         * loader/WorkerThreadableLoader.cpp:
2434         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass the URL of the worker script.
2435         * page/csp/ContentSecurityPolicy.cpp:
2436         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Added overload that takes a URL&& and an optional
2437         ContentSecurityPolicyClient*.
2438         (WebCore::ContentSecurityPolicy::deprecatedURLForReporting const): Extracted and simplified stripURLForUseInReport()
2439         into this member function.
2440         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to make use of the client, if we have
2441         one and removed code for handling a ContentSecurityPolicy that was instantiated with a Frame.
2442         (WebCore::ContentSecurityPolicy::logToConsole const): Ditto.
2443         (WebCore::stripURLForUseInReport): Deleted; incorporated into ContentSecurityPolicy::deprecatedURLForReporting().
2444         * page/csp/ContentSecurityPolicy.h:
2445         * page/csp/ContentSecurityPolicyClient.cpp: Added. This file exists so that we can define the virtual
2446         destructor out-of-line and export this abstract class so as to avoid the need for the vtable to be
2447         defined in the translation unit of each derived class.
2448         * page/csp/ContentSecurityPolicyClient.h: Added.
2449         * page/csp/ContentSecurityPolicySource.cpp:
2450         (WebCore::ContentSecurityPolicySource::operator SecurityOriginData const): Added.
2451         * page/csp/ContentSecurityPolicySource.h:
2452         * workers/WorkerGlobalScope.cpp:
2453         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate the ContentSecurityPolicy object with the
2454         URL of the worker script.
2455
2456 2018-05-07  Simon Fraser  <simon.fraser@apple.com>
2457
2458         CSS filters which reference SVG filters fail to respect the "color-interpolation-filters" of the filter
2459         https://bugs.webkit.org/show_bug.cgi?id=185343
2460
2461         Reviewed by Dean Jackson.
2462
2463         Test: css3/filters/color-interpolation-filters.html
2464         
2465         When applying CSS reference filters, apply the value of "color-interpolation-filters" for the
2466         referenced filter effect element, just as we do for SVG filters.
2467
2468         * rendering/FilterEffectRenderer.cpp:
2469         (WebCore::FilterEffectRenderer::buildReferenceFilter):
2470
2471 2018-05-07  Daniel Bates  <dabates@apple.com>
2472
2473         CSP status-code incorrect for document blocked due to violation of its frame-ancestors directive
2474         https://bugs.webkit.org/show_bug.cgi?id=185366
2475         <rdar://problem/40035116>
2476
2477         Reviewed by Brent Fulgham.
2478
2479         Fixes an issue where the status-code in the sent CSP report for an HTTP document blocked because
2480         its frame-ancestors directive was violated would be the status code of the previously loaded
2481         document in the frame. If the previously loaded document was about:blank then this would be 0.
2482
2483         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for the
2484         HTTP status code for the last response. Document::loader() returns the loader for the last committed
2485         document its frame. For a frame-ancestors violation, a CSP report is sent before the document
2486         that had the frame-ancestors directive has been committed and after it has been associate with a frame.
2487         As a result we are in are in a transient transition state for the frame and hence the last response
2488         for new document's loader (Document::loader()) is actually the last response of the previously loaded
2489         document in the frame. Instead we need to take care to tell CSP about the HTTP status code for the
2490         response associated with the document the CSP came from.
2491
2492         * dom/Document.cpp:
2493         (WebCore::Document::processHttpEquiv):
2494         (WebCore::Document::initSecurityContext):
2495         Pass the HTTP status code to CSP.
2496
2497         * page/csp/ContentSecurityPolicy.cpp:
2498         (WebCore::ContentSecurityPolicy::copyStateFrom):
2499         (WebCore::ContentSecurityPolicy::responseHeaders const):
2500         (WebCore::ContentSecurityPolicy::didReceiveHeaders):
2501         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2502         (WebCore::ContentSecurityPolicy::reportViolation const):
2503         * page/csp/ContentSecurityPolicy.h:
2504         Modify existing functions to take the HTTP status code, store it in a instance variable,
2505         and reference this variable when reporting a violation.
2506
2507         * page/csp/ContentSecurityPolicyResponseHeaders.cpp:
2508         (WebCore::ContentSecurityPolicyResponseHeaders::ContentSecurityPolicyResponseHeaders):
2509         (WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
2510         * page/csp/ContentSecurityPolicyResponseHeaders.h:
2511         (WebCore::ContentSecurityPolicyResponseHeaders::encode const):
2512         (WebCore::ContentSecurityPolicyResponseHeaders::decode):
2513         Store the HTTP status code along with the response headers.
2514
2515 2018-05-07  Daniel Bates  <dabates@apple.com>
2516
2517         CSP referrer incorrect for document blocked due to violation of its frame-ancestors directive
2518         https://bugs.webkit.org/show_bug.cgi?id=185380
2519
2520         Reviewed by Brent Fulgham.
2521
2522         Similar to <https://bugs.webkit.org/show_bug.cgi?id=185366>, fixes an issue where the referrer
2523         in the sent CSP report for an HTTP document blocked because its frame-ancestors directive was
2524         violated would be the referrer of the previously loaded document in the frame.
2525
2526         Currently whenever we send a CSP report we ask the document's loader (Document::loader()) for
2527         the referrer for the last request. Document::loader() returns the loader for the last committed
2528         document in its frame. For a frame-ancestors violation, a CSP report is sent before the document
2529         that had the frame-ancestors directive has been committed and after it has been associate with a
2530         frame. As a result we are in a transient transition state for the frame and hence the last request
2531         for the new document's loader (Document::loader()) is actually the last request of the previously
2532         loaded document in the frame. Instead we need to take care to tell CSP about the referrer for the
2533         request associated with the document the CSP came from.
2534
2535         * loader/DocumentLoader.cpp:
2536         (WebCore::DocumentLoader::responseReceived):
2537
2538 2018-05-07  Brent Fulgham  <bfulgham@apple.com>
2539
2540         Add experimental feature to prompt for Storage Access API use
2541         https://bugs.webkit.org/show_bug.cgi?id=185335
2542         <rdar://problem/39994649>
2543
2544         Reviewed by Alex Christensen and Youenn Fablet.
2545
2546         Create a new experimental feature that gates the ability of WebKit clients to prompt the user when
2547         Storage Access API is invoked.
2548
2549         Currently this feature doesn't have any user-visible impact.
2550
2551         * page/RuntimeEnabledFeatures.h:
2552         (WebCore::RuntimeEnabledFeatures::setStorageAccessPromptsEnabled):
2553         (WebCore::RuntimeEnabledFeatures::storageAccessPromptsEnabled const):
2554         * testing/InternalSettings.cpp:
2555         (WebCore::InternalSettings::Backup::Backup):
2556         (WebCore::InternalSettings::Backup::restoreTo):
2557         (WebCore::InternalSettings::setStorageAccessPromptsEnabled):
2558         * testing/InternalSettings.h:
2559         * testing/InternalSettings.idl:
2560
2561 2018-05-07  Chris Dumez  <cdumez@apple.com>
2562
2563         Stop using an iframe's id as fallback if its name attribute is not set
2564         https://bugs.webkit.org/show_bug.cgi?id=11388
2565
2566         Reviewed by Geoff Garen.
2567
2568         WebKit had logic to use an iframe's id as fallback name when its name
2569         content attribute is not set. This behavior was not standard and did not
2570         match other browsers:
2571         - https://html.spec.whatwg.org/#attr-iframe-name
2572
2573         Gecko / Trident never behaved this way. Blink was aligned with us until
2574         they started to match the specification in:
2575         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
2576
2577         This WebKit quirk was causing some Web-compatibility issues because it
2578         would affect the behavior of Window's name property getter when trying
2579         to look up an iframe by id. Because of Window's named property getter
2580         behavior [1], we would return the frame's contentWindow instead of the
2581         iframe element itself.
2582
2583         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
2584
2585         Test: fast/dom/Window/named-getter-frame-id.html
2586
2587         * html/HTMLFrameElementBase.cpp:
2588         (WebCore::HTMLFrameElementBase::openURL):
2589         (WebCore::HTMLFrameElementBase::parseAttribute):
2590         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
2591         * html/HTMLFrameElementBase.h:
2592
2593 2018-05-07  Chris Dumez  <cdumez@apple.com>
2594
2595         ASSERT(!childItemWithTarget(child->target())) is hit in HistoryItem::addChildItem()
2596         https://bugs.webkit.org/show_bug.cgi?id=185322
2597
2598         Reviewed by Geoff Garen.
2599
2600         We generate unique names for Frame to be used in HistoryItem. Those names not only
2601         need to be unique, they also need to be repeatable to avoid layout tests flakiness
2602         and for things like restoring form state from a HistoryItem.
2603
2604         The previously generated frame names were relying on the Frame's index among a
2605         parent Frame's children. The issue was that we could end up with duplicate names
2606         because one could insert a Frame *before* an existing one. This is because the code
2607         would not take care of updating existing Frames' unique name on frame tree mutation.
2608
2609         Updating frame tree names on mutation would be inefficient and is also not necessary.
2610         The approach chosen in this patch is to stop using the Frame's index and instead rely
2611         on an increasing counter stored on the top-frame's FrameTree. To make the names
2612         repeatable, we reset the counter on page navigation.
2613
2614         * page/Frame.cpp:
2615         (WebCore::Frame::setDocument):
2616         * page/FrameTree.cpp:
2617         (WebCore::FrameTree::uniqueChildName const):
2618         (WebCore::FrameTree::generateUniqueName const):
2619         * page/FrameTree.h:
2620         (WebCore::FrameTree::resetFrameIdentifiers):
2621
2622 2018-05-07  Yacine Bandou  <yacine.bandou_ext@softathome.com>
2623
2624         [EME][GStreamer] Fix wrong subsample parsing on r227067
2625         https://bugs.webkit.org/show_bug.cgi?id=185382
2626
2627         Reviewed by Philippe Normand.
2628
2629         The initialization of sampleIndex should be moved outside of the loop.
2630         Without this patch we will have a bad log and the check of the subsample
2631         count will be useless.
2632
2633         * platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
2634         (webKitMediaClearKeyDecryptorDecrypt):
2635
2636 2018-05-07  Daniel Bates  <dabates@apple.com>
2637
2638         CSP should be passed the referrer
2639         https://bugs.webkit.org/show_bug.cgi?id=185367
2640
2641         Reviewed by Per Arne Vollan.
2642
2643         As a step towards formalizing a CSP delegate object and removing the dependencies
2644         on ScriptExecutionContext and Frame, we should pass the document's referrer directly
2645         instead of indirectly obtaining it from the ScriptExecutionContext or Frame used
2646         to instantiate the ContentSecurityPolicy object.
2647
2648         * dom/Document.cpp:
2649         (WebCore::Document::processHttpEquiv): Pass the document's referrer.
2650         (WebCore::Document::initSecurityContext): Ditto.
2651         (WebCore::Document::applyQuickLookSandbox): Ditto.
2652         * loader/DocumentLoader.cpp:
2653         (WebCore::DocumentLoader::responseReceived): Ditto.
2654         * loader/FrameLoader.cpp:
2655         (WebCore::FrameLoader::didBeginDocument): Ditto.
2656         * page/csp/ContentSecurityPolicy.cpp:
2657         (WebCore::ContentSecurityPolicy::copyStateFrom): We pass a null string for the referrer
2658         to didReceiveHeader() as a placeholder since it requires the referrer be given to it. We
2659         fix up the referrer (m_referrer) after copying all the policy headers.
2660         (WebCore::ContentSecurityPolicy::didReceiveHeaders): Ditto.
2661         (WebCore::ContentSecurityPolicy::didReceiveHeader): Modified to take a referrer and WTFMove()s
2662         it into an instance variable (m_referrer).
2663         (WebCore::ContentSecurityPolicy::reportViolation const): Modified to use the stored referrer.
2664         * page/csp/ContentSecurityPolicy.h:
2665         * workers/WorkerGlobalScope.cpp:
2666         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Pass a null string
2667         for the referrer as a worker does not have a referrer.
2668
2669 2018-05-07  Daniel Bates  <dabates@apple.com>
2670
2671         CSP should only notify Inspector to pause the debugger on the first policy to violate a directive
2672         https://bugs.webkit.org/show_bug.cgi?id=185364
2673
2674         Reviewed by Brent Fulgham.
2675
2676         Notify Web Inspector that a script was blocked on the first enforced CSP policy that it
2677         violates.
2678
2679         A page can have more than one enforced Content Security Policy. Currently for inline
2680         scripts, inline event handlers, JavaScript URLs, and eval() that are blocked by CSP
2681         we notify Web Inspector that it was blocked for each CSP policy that blocked it. When
2682         Web Inspector is notified it pauses script execution. It does not seem very meaningful
2683         to pause script execution on the same script for each CSP policy that blocked it.
2684         Therefore, only tell Web Inspector that a script was blocked for the first enforced CSP
2685         policy that blocked it.
2686
2687         * page/csp/ContentSecurityPolicy.cpp:
2688         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
2689         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
2690         (WebCore::ContentSecurityPolicy::allowInlineScript const):
2691         (WebCore::ContentSecurityPolicy::allowEval const):
2692
2693 2018-05-07  Daniel Bates  <dabates@apple.com>
2694
2695         Substitute CrossOriginPreflightResultCache::clear() for CrossOriginPreflightResultCache::empty()
2696         https://bugs.webkit.org/show_bug.cgi?id=185170
2697
2698         Reviewed by Per Arne Vollan.
2699
2700         Rename CrossOriginPreflightResultCache::empty() to CrossOriginPreflightResultCache::clear() make
2701         it consistent with the terminology we use in WebKit to signify a function that clears a collection.
2702         A member function named "empty" is expected to return an instance of a class in its "empty state".
2703         For example, StringImpl::empty() returns a StringImpl instance that represents the empty string.
2704         However CrossOriginPreflightResultCache::empty() clears out the cache in-place. We should rename
2705         this function to better describe its purpose.
2706
2707         * loader/CrossOriginPreflightResultCache.cpp:
2708         (WebCore::CrossOriginPreflightResultCache::clear):
2709         (WebCore::CrossOriginPreflightResultCache::empty): Deleted.
2710         * loader/CrossOriginPreflightResultCache.h:
2711
2712 2018-05-06  Dean Jackson  <dino@apple.com>
2713
2714         WebGL: Reset simulated values after validation fails
2715         https://bugs.webkit.org/show_bug.cgi?id=185363
2716         <rdar://problem/39733417>
2717
2718         Reviewed by Anders Carlsson.
2719
2720         While fixing a previous bug, I forgot to reset some values
2721         when validation fails. This caused a bug where a subsequent
2722         invalid call might use those values and escape detection.
2723
2724         Test: fast/canvas/webgl/index-validation-with-subsequent-draws.html
2725
2726         * html/canvas/WebGLRenderingContextBase.cpp:
2727         (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Reset the
2728         sizes when validation fails.
2729         * html/canvas/WebGLRenderingContextBase.h:
2730
2731 2018-05-07  Ms2ger  <Ms2ger@igalia.com>
2732
2733         Support negative sw/sh values in createImageBitmap().
2734         https://bugs.webkit.org/show_bug.cgi?id=184449
2735
2736         Reviewed by Dean Jackson.
2737
2738         Tests: LayoutTests/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage.html
2739                LayoutTests/http/wpt/2dcontext/imagebitmap/createImageBitmap.html
2740
2741         * html/ImageBitmap.cpp:
2742         (WebCore::ImageBitmap::createPromise): handle negative values per spec.
2743
2744 2018-05-07  Brian Burg  <bburg@apple.com>
2745
2746         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
2747         https://bugs.webkit.org/show_bug.cgi?id=184861
2748         <rdar://problem/39153768>
2749
2750         Reviewed by Timothy Hatcher.
2751
2752         Notify the client of the current connection count whenever a frontend connects or disconnects.
2753
2754         Covered by new API test.
2755
2756         * inspector/InspectorClient.h:
2757         (WebCore::InspectorClient::frontendCountChanged):
2758         * inspector/InspectorController.cpp:
2759         (WebCore::InspectorController::connectFrontend):
2760         (WebCore::InspectorController::disconnectFrontend):
2761         (WebCore::InspectorController::disconnectAllFrontends):
2762         * inspector/InspectorController.h:
2763
2764 2018-05-07  Eric Carlson  <eric.carlson@apple.com>
2765
2766         Text track cue logging should include cue text
2767         https://bugs.webkit.org/show_bug.cgi?id=185353
2768         <rdar://problem/40003565>
2769
2770         Reviewed by Youenn Fablet.
2771
2772         No new tests, tested manually.
2773
2774         * html/track/VTTCue.cpp:
2775         (WebCore::VTTCue::toJSONString const): Use toJSON.
2776         (WebCore::VTTCue::toJSON const): New.
2777         * html/track/VTTCue.h:
2778
2779         * platform/graphics/InbandTextTrackPrivateClient.h:
2780         (WebCore::GenericCueData::toJSONString const): Log m_content.
2781
2782         * platform/graphics/iso/ISOVTTCue.cpp:
2783         (WebCore::ISOWebVTTCue::toJSONString const): Log m_cueText.
2784
2785 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2786
2787         [LFC] Add assertions for stale Display::Box geometry
2788         https://bugs.webkit.org/show_bug.cgi?id=185357
2789
2790         Reviewed by Antti Koivisto.
2791
2792         Ensure that we don't access stale geometry of other boxes during layout.
2793         For example, in order to layout a block child we need the containing block's content box top/left and width (but not the height)
2794
2795         * layout/displaytree/DisplayBox.h:
2796         (WebCore::Display::Box::invalidateTop):
2797         (WebCore::Display::Box::invalidateLeft):
2798         (WebCore::Display::Box::invalidateWidth):
2799         (WebCore::Display::Box::invalidateHeight):
2800         (WebCore::Display::Box::hasValidPosition const):
2801         (WebCore::Display::Box::hasValidSize const):
2802         (WebCore::Display::Box::hasValidGeometry const):
2803         (WebCore::Display::Box::invalidatePosition):
2804         (WebCore::Display::Box::invalidateSize):
2805         (WebCore::Display::Box::setHasValidPosition):
2806         (WebCore::Display::Box::setHasValidSize):
2807         (WebCore::Display::Box::setHasValidGeometry):
2808         (WebCore::Display::Box::rect const):
2809         (WebCore::Display::Box::top const):
2810         (WebCore::Display::Box::left const):
2811         (WebCore::Display::Box::bottom const):
2812         (WebCore::Display::Box::right const):
2813         (WebCore::Display::Box::topLeft const):
2814         (WebCore::Display::Box::bottomRight const):
2815         (WebCore::Display::Box::size const):
2816         (WebCore::Display::Box::width const):
2817         (WebCore::Display::Box::height const):
2818         (WebCore::Display::Box::setRect):
2819         (WebCore::Display::Box::setTopLeft):
2820         (WebCore::Display::Box::setTop):
2821         (WebCore::Display::Box::setLeft):
2822         (WebCore::Display::Box::setSize):
2823         (WebCore::Display::Box::setWidth):
2824         (WebCore::Display::Box::setHeight):
2825
2826 2018-05-06  Zalan Bujtas  <zalan@apple.com>
2827
2828         [LFC] Add BlockFormattingContext::computeStaticPosition
2829         https://bugs.webkit.org/show_bug.cgi?id=185352
2830
2831         Reviewed by Antti Koivisto.
2832
2833         This is the core logic for positioning inflow boxes in a block formatting context (very naive though).
2834
2835         * layout/blockformatting/BlockFormattingContext.cpp:
2836         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
2837         * layout/displaytree/DisplayBox.h:
2838
2839 2018-05-05  Sam Weinig  <sam@webkit.org>
2840
2841         Cleanup XMLHttpRequestUpload a little
2842         https://bugs.webkit.org/show_bug.cgi?id=185344
2843
2844         Reviewed by Yusuke Suzuki.
2845
2846         * bindings/js/JSXMLHttpRequestCustom.cpp:
2847         (WebCore::JSXMLHttpRequest::visitAdditionalChildren):
2848         Use auto to reduce redundancy.
2849
2850         * xml/XMLHttpRequest.cpp:
2851         (WebCore::XMLHttpRequest::upload):
2852         * xml/XMLHttpRequest.h:
2853         Switch upload() to return a reference.
2854         
2855         * xml/XMLHttpRequestUpload.cpp:
2856         (WebCore::XMLHttpRequestUpload::XMLHttpRequestUpload):
2857         (WebCore::XMLHttpRequestUpload::dispatchProgressEvent):
2858         * xml/XMLHttpRequestUpload.h:
2859         Cleanup formatting, modernize and switch XMLHttpRequest member from a pointer
2860         to a reference.
2861
2862 2018-05-05  Dean Jackson  <dino@apple.com>
2863
2864         Draw a drop-shadow behind the system preview badge
2865         https://bugs.webkit.org/show_bug.cgi?id=185356
2866         <rdar://problem/40004936>
2867
2868         Reviewed by Wenson Hsieh.
2869
2870         Draw a very subtle drop-shadow under the system
2871         preview badge so that it is more visible on a pure
2872         white background.
2873
2874         I also moved some code around to make it more clear
2875         and improved comments.
2876
2877         * rendering/RenderThemeIOS.mm:
2878         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2879
2880 2018-05-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2881
2882         [iOS] Multiple links in Mail are dropped in a single line, and are difficult to tell apart
2883         https://bugs.webkit.org/show_bug.cgi?id=185289
2884         <rdar://problem/35756912>
2885
2886         Reviewed by Tim Horton and Darin Adler.
2887
2888         When inserting multiple URLs as individual items in a single drop, we currently separate each item with a space
2889         (see r217284). However, it still seems difficult to tell dropped links apart. This patch makes some slight
2890         tweaks to WebContentReader::readURL so that it inserts line breaks before dropped URLs, if the dropped URL isn't
2891         the first item to be inserted in the resulting document fragment.
2892
2893         Augments existing API tests in DataInteractionTests.
2894
2895         * editing/ios/WebContentReaderIOS.mm:
2896
2897         Additionally remove some extraneous header imports from this implementation file.
2898
2899         (WebCore::WebContentReader::readURL):
2900
2901 2018-05-02  Dean Jackson  <dino@apple.com>
2902
2903         Use IOSurfaces for CoreImage operations where possible
2904         https://bugs.webkit.org/show_bug.cgi?id=185230
2905         <rdar://problem/39926929>
2906
2907         Reviewed by Jon Lee.
2908
2909         On iOS hardware, we can use IOSurfaces as a rendering destination
2910         for CoreImage, which means we're keeping data on the GPU
2911         for rendering.
2912
2913         As a drive-by fix, I used a convenience method for Gaussian blurs.
2914
2915         * rendering/RenderThemeIOS.mm:
2916         (WebCore::RenderThemeIOS::paintSystemPreviewBadge):
2917
2918 2018-05-04  Tim Horton  <timothy_horton@apple.com>
2919
2920         Shift to a lower-level framework for simplifying URLs
2921         https://bugs.webkit.org/show_bug.cgi?id=185334
2922
2923         Reviewed by Dan Bernstein.
2924
2925         * Configurations/WebCore.xcconfig:
2926         * platform/mac/DragImageMac.mm:
2927         (WebCore::LinkImageLayout::LinkImageLayout):
2928
2929 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
2930
2931         Release assert in ScriptController::canExecuteScripts via HTMLMediaElement::~HTMLMediaElement()
2932         https://bugs.webkit.org/show_bug.cgi?id=185288
2933
2934         Reviewed by Jer Noble.
2935
2936         The crash is caused by HTMLMediaElement::~HTMLMediaElement canceling the resource load via CachedResource
2937         which ends up calling FrameLoader::checkCompleted() and fire load event on the document synchronously.
2938         Speculatively fix the crash by scheduling the check instead.
2939
2940         In long term, ResourceLoader::cancel should never fire load event synchronously: webkit.org/b/185284.
2941
2942         Unfortunately, no new tests since I can't get MediaResource to get destructed at the right time.
2943
2944         * html/HTMLMediaElement.cpp:
2945         (WebCore::HTMLMediaElement::isRunningDestructor): Added to detect this specific case.
2946         (WebCore::HTMLMediaElementDestructorScope): Added.
2947         (WebCore::HTMLMediaElementDestructorScope::HTMLMediaElementDestructorScope): Added.
2948         (WebCore::HTMLMediaElementDestructorScope::~HTMLMediaElementDestructorScope): Added.
2949         (WebCore::HTMLMediaElement::~HTMLMediaElement): Instantiate HTMLMediaElement.
2950         * html/HTMLMediaElement.h:
2951         * loader/FrameLoader.cpp:
2952         (WebCore::FrameLoader::checkCompleted): Call scheduleCheckCompleted instead of synchronously calling
2953         checkCompleted if we're in the middle of destructing a HTMLMediaElement.
2954
2955 2018-05-04  Ryosuke Niwa  <rniwa@webkit.org>
2956
2957         Rename DocumentOrderedMap to TreeScopeOrderedMap
2958         https://bugs.webkit.org/show_bug.cgi?id=185290
2959
2960         Reviewed by Zalan Bujtas.
2961
2962         Renamed the class since it's almost always a mistake to use this class as a member variable of Document.
2963
2964         * Sources.txt:
2965         * WebCore.xcodeproj/project.pbxproj:
2966         * dom/MouseRelatedEvent.cpp: Include the forgotten DOMWindow.h. Unified build files bit us here.
2967         * dom/TreeScope.cpp:
2968         (WebCore::TreeScope::addElementById):
2969         (WebCore::TreeScope::addElementByName):
2970         (WebCore::TreeScope::addImageMap):
2971         (WebCore::TreeScope::addImageElementByUsemap):
2972         (WebCore::TreeScope::labelElementForId):
2973         * dom/TreeScope.h:
2974         * dom/TreeScopeOrderedMap.cpp: Renamed from DocumentOrderedMap.cpp
2975         * dom/TreeScopeOrderedMap.h: Renamed from DocumentOrderedMap.h
2976         * html/HTMLDocument.h:
2977
2978 2018-05-04  Don Olmstead  <don.olmstead@sony.com>
2979
2980         [Win][WebKit] Fix forwarding headers for Windows build
2981         https://bugs.webkit.org/show_bug.cgi?id=184412
2982
2983         Reviewed by Alex Christensen.
2984
2985         No new tests. No change in behavior.
2986
2987         * PlatformWin.cmake:
2988
2989 2018-05-04  Zalan Bujtas  <zalan@apple.com>
2990
2991         [Simple line layout] Add support for line layout box generation with multiple text renderers.
2992         https://bugs.webkit.org/show_bug.cgi?id=185276
2993
2994         Reviewed by Antti Koivisto.
2995
2996         Covered by existing tests.
2997
2998         * rendering/SimpleLineLayoutFunctions.cpp:
2999         (WebCore::SimpleLineLayout::canUseForLineBoxTree):
3000         (WebCore::SimpleLineLayout::generateLineBoxTree):
3001         * rendering/SimpleLineLayoutResolver.cpp:
3002         (WebCore::SimpleLineLayout::RunResolver::Run::renderer const):
3003         (WebCore::SimpleLineLayout::RunResolver::Run::localStart const):
3004         (WebCore::SimpleLineLayout::RunResolver::Run::localEnd const):
3005         * rendering/SimpleLineLayoutResolver.h:
3006
3007 2018-05-04  Timothy Hatcher  <timothy@apple.com>
3008
3009         Deprecate legacy WebView and friends
3010         https://bugs.webkit.org/show_bug.cgi?id=185279
3011         rdar://problem/33268700
3012
3013         Reviewed by Tim Horton.
3014
3015         * Configurations/WebCore.xcconfig:
3016         Added BUILDING_WEBKIT define to disable the deprecation macros.
3017         * bridge/objc/WebScriptObject.h:
3018         Added deprecation macros to WebScriptObject and WebUndefined.
3019         * platform/cocoa/WebKitAvailability.h:
3020         Added more macros and a way to disable deprecation warnings for
3021         WebKit build and in clients like Safari.
3022
3023 2018-05-04  Eric Carlson  <eric.carlson@apple.com>
3024
3025         Log media time range as JSON
3026         https://bugs.webkit.org/show_bug.cgi?id=185321
3027         <rdar://problem/39986746>
3028
3029         Reviewed by Youenn Fablet.
3030
3031         No new tests, tested manually.
3032
3033         * html/HTMLMediaElement.cpp:
3034         (WebCore::HTMLMediaElement::addPlayedRange): Log as time range.
3035         (WebCore::HTMLMediaElement::visibilityStateChanged): Cleanup.
3036
3037         * platform/graphics/MediaPlayer.h:
3038         (WTF::LogArgument<MediaTime>::toString):
3039         (WTF::LogArgument<MediaTimeRange>::toString):
3040
3041         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
3042         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings): Log error as time range.
3043
3044 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3045
3046         Use the containing block to compute the pagination gap when the container is inline.
3047         https://bugs.webkit.org/show_bug.cgi?id=184724
3048         <rdar://problem/39521800>
3049
3050         Reviewed by Simon Fraser.
3051
3052         Test: fast/overflow/page-overflow-with-inline-body-crash.html
3053
3054         * page/FrameView.cpp:
3055         (WebCore::FrameView::applyPaginationToViewport):
3056
3057 2018-05-04  Tim Horton  <timothy_horton@apple.com>
3058
3059         Don't use GSFont* in minimal simulator mode
3060         https://bugs.webkit.org/show_bug.cgi?id=185320
3061         <rdar://problem/39734478>
3062
3063         Reviewed by Beth Dakin.
3064
3065         * page/cocoa/MemoryReleaseCocoa.mm:
3066         (WebCore::platformReleaseMemory):
3067
3068 2018-05-04  Chris Dumez  <cdumez@apple.com>
3069
3070         Unreviewed, rolling out r231331.
3071
3072         Caused a few tests to assert
3073
3074         Reverted changeset:
3075
3076         "Stop using an iframe's id as fallback if its name attribute
3077         is not set"
3078         https://bugs.webkit.org/show_bug.cgi?id=11388
3079         https://trac.webkit.org/changeset/231331
3080
3081 2018-05-04  Youenn Fablet  <youenn@apple.com>
3082
3083         Use more references in updateTracksOfType
3084         https://bugs.webkit.org/show_bug.cgi?id=185305
3085
3086         Reviewed by Eric Carlson.
3087
3088         No change of behavior.
3089
3090         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3091         (WebCore::updateTracksOfType):
3092         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3093
3094 2018-05-04  Myles C. Maxfield  <mmaxfield@apple.com>
3095
3096         Text shaping in the simple path is flipped in the y direction
3097         https://bugs.webkit.org/show_bug.cgi?id=185062
3098         <rdar://problem/39778678>
3099
3100         Reviewed by Simon Fraser.
3101
3102         Shaping in our simple codepath occurs in an "increasing-y-goes-up" coordinate system, but our painting
3103         code uses an "increasing-y-goes-down" coordinate system. We weren't fixing up the coordinate systems
3104         because we never noticed. This is because the simple codepath is only designed for kerning and ligatures,
3105         neither of which move glyphs vertically in the common case.
3106
3107         Test: fast/text/vertical-displacement-simple-codepath.html
3108
3109         * platform/graphics/Font.cpp:
3110         (WebCore::Font::applyTransforms const):
3111         * platform/graphics/WidthIterator.cpp:
3112         (WebCore::WidthIterator::applyFontTransforms):
3113
3114 2018-05-04  Chris Nardi  <cnardi@chromium.org>
3115
3116         Serialize all URLs with double-quotes per CSSOM spec
3117         https://bugs.webkit.org/show_bug.cgi?id=184935
3118
3119         Reviewed by Antti Koivisto.
3120
3121         According to https://drafts.csswg.org/cssom/#serialize-a-url, all URLs should be serialized as strings,
3122         which means they should have double quotes around the text of the URL. Update our implementation to match
3123         this (and Firefox/Chrome). Also remove isCSSTokenizerURL() as this method is no longer needed.
3124
3125         Tests: Many LayoutTests updated to use double quotes.
3126
3127         * css/CSSMarkup.cpp:
3128         (WebCore::serializeString): Remove FIXME as this was already fixed in a previous patch.
3129         (WebCore::serializeURL): Remove FIXME and update implementation.
3130
3131 2018-05-04  Youenn Fablet  <youenn@apple.com>
3132
3133         LayoutTests/fast/mediastream/change-tracks-media-stream-being-played.html is crashing after r231304
3134         https://bugs.webkit.org/show_bug.cgi?id=185303
3135
3136         Reviewed by Eric Carlson.
3137
3138         We need to stop observing the audio track like we do for video track once we are no longer interested in it.
3139         Covered by test no longer crashing.
3140
3141         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3142         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):
3143
3144 2018-05-04  Zalan Bujtas  <zalan@apple.com>
3145
3146         [LFC] Set the invalidation root as the result of style change.
3147         https://bugs.webkit.org/show_bug.cgi?id=185301
3148
3149         Reviewed by Antti Koivisto.
3150
3151         Compute/propagate the update type on the ancestor chain and return the invalidation root
3152         so that LayoutContext could use it as the entry point for the next layout frame.
3153
3154         * layout/LayoutContext.cpp:
3155         (WebCore::Layout::LayoutContext::updateLayout):
3156         (WebCore::Layout::LayoutContext::styleChanged):
3157         * layout/LayoutContext.h: order is not important.
3158         * layout/blockformatting/BlockInvalidation.cpp:
3159         (WebCore::Layout::invalidationStopsAtFormattingContextBoundary):
3160         (WebCore::Layout::computeUpdateType):
3161         (WebCore::Layout::computeUpdateTypeForAncestor):
3162         (WebCore::Layout::BlockInvalidation::invalidate):
3163         * layout/blockformatting/BlockInvalidation.h:
3164         * layout/inlineformatting/InlineInvalidation.cpp:
3165         (WebCore::Layout::InlineInvalidation::invalidate):
3166         * layout/inlineformatting/InlineInvalidation.h:
3167
3168 2018-05-04  Youenn Fablet  <youenn@apple.com>
3169
3170         PeerConnection should have its connectionState closed even if doing gathering
3171         https://bugs.webkit.org/show_bug.cgi?id=185267
3172
3173         Reviewed by Darin Adler.
3174
3175         Test: webrtc/addICECandidate-closed.html
3176
3177         In case m_iceConnectionState is closed, m_connectionState should also be set to closed
3178         and RTCPeerConnection should be closed so as to reject any other call.
3179
3180         * Modules/mediastream/RTCPeerConnection.cpp:
3181         (WebCore::RTCPeerConnection::close):
3182         (WebCore::RTCPeerConnection::updateConnectionState):
3183
3184 2018-05-04  Yacine Bandou  <yacine.bandou_ext@softathome.com>
3185
3186         [MSE][GStreamer] Delete properly the stream from the WebKitMediaSource
3187         https://bugs.webkit.org/show_bug.cgi?id=185242
3188
3189         Reviewed by Xabier Rodriguez-Calvar.
3190
3191         When the sourceBuffer is removed from mediasource, the appropriate stream is not
3192         properly deleted from WebKitMediaSource, because the appsrc and parser elements
3193         of the stream are not removed from the WebKitMediaSource bin.
3194
3195         This patch avoids the regression of r231089, see https://bugs.webkit.org/show_bug.cgi?id=185071
3196
3197         * platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
3198         (webKitMediaSrcFreeStream):
3199
3200 2018-05-04  Carlos Garcia Campos  <cgarcia@igalia.com>
3201
3202         [GTK] Epiphany (GNOME Web) says "Error downloading: Service Unavailable." when trying to download an image from discogs.com
3203         https://bugs.webkit.org/show_bug.cgi?id=174730
3204
3205         Reviewed by Michael Catanzaro.
3206
3207         Export ResourceRequestBase::hasHTTPHeaderField().
3208
3209         * platform/network/ResourceRequestBase.h:
3210
3211 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3212
3213         Use subprocess.call instead of os.system to handle path with spaces
3214         https://bugs.webkit.org/show_bug.cgi?id=185291
3215
3216         Reviewed by Darin Adler.
3217
3218         If gperf path includes spaces, these python scripts fail to execute gperf.
3219         We use subprocess module instead of os.system to invoke gperf.
3220
3221         * css/makeSelectorPseudoClassAndCompatibilityElementMap.py:
3222         * css/makeSelectorPseudoElementsMap.py:
3223         * platform/network/create-http-header-name-table:
3224
3225 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3226
3227         Unreviewed, attempt to fix WinCairo build failure
3228         https://bugs.webkit.org/show_bug.cgi?id=185218
3229
3230         * platform/text/win/LocaleWin.cpp:
3231         (WebCore::LocaleWin::getLocaleInfoString):
3232
3233 2018-05-03  Filip Pizlo  <fpizlo@apple.com>
3234
3235         Strings should not be allocated in a gigacage
3236         https://bugs.webkit.org/show_bug.cgi?id=185218
3237
3238         Reviewed by Saam Barati.
3239
3240         No new tests because no new behavior.
3241
3242         * Modules/indexeddb/server/IDBSerialization.cpp:
3243         (WebCore::decodeKey):
3244         * bindings/js/SerializedScriptValue.cpp:
3245         (WebCore::CloneDeserializer::readString):
3246         * html/canvas/CanvasRenderingContext2D.cpp:
3247         (WebCore::normalizeSpaces):
3248         * html/parser/HTMLTreeBuilder.cpp:
3249         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemainingWhitespace):
3250         * platform/URLParser.cpp:
3251         (WebCore::percentEncodeByte):
3252         (WebCore::serializeURLEncodedForm):
3253         (WebCore::URLParser::serialize):
3254         * platform/URLParser.h:
3255         * platform/graphics/FourCC.cpp:
3256         (WebCore::FourCC::toString const):
3257         * platform/graphics/ca/GraphicsLayerCA.cpp:
3258         (WebCore::GraphicsLayerCA::ReplicaState::cloneID const):
3259         * platform/text/LocaleICU.cpp:
3260         (WebCore::LocaleICU::decimalSymbol):
3261         (WebCore::LocaleICU::decimalTextAttribute):
3262         (WebCore::getDateFormatPattern):
3263         (WebCore::LocaleICU::createLabelVector):
3264         (WebCore::getFormatForSkeleton):
3265         * platform/win/FileSystemWin.cpp:
3266         (WebCore::FileSystem::getFinalPathName):
3267         (WebCore::FileSystem::pathByAppendingComponent):
3268         (WebCore::FileSystem::storageDirectory):
3269
3270 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3271
3272         Widgets should hold a WeakPtr to their parents
3273         https://bugs.webkit.org/show_bug.cgi?id=185239
3274         <rdar://problem/39741250>
3275
3276         Reviewed by Zalan Bujtas.
3277
3278         * platform/ScrollView.h:
3279         (WebCore::ScrollView::weakPtrFactory): Added.
3280         * platform/Widget.cpp:
3281         (WebCore::Widget::init): Don't perform an unnecessary assignment.
3282         (WebCore::Widget::setParent): Grab a WeakPtr to the parent ScrollView.
3283         * platform/Widget.h:
3284         (WebCore::Widget::parent const): Change type to a WeakPtr.
3285
3286 2018-05-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3287
3288         Use pointer instead of std::optional<T&>
3289         https://bugs.webkit.org/show_bug.cgi?id=185186
3290
3291         Reviewed by Alex Christensen.
3292
3293         std::optional<T&> is not accepted in C++17 spec.
3294         In this patch, we replace it with T*, which is well-aligned to
3295         WebKit's convention.
3296
3297         * Modules/mediastream/RTCPeerConnection.cpp:
3298         (WebCore::iceServersFromConfiguration):
3299         (WebCore::RTCPeerConnection::initializeConfiguration):
3300         (WebCore::RTCPeerConnection::setConfiguration):
3301         * css/parser/CSSParser.cpp:
3302         (WebCore::CSSParser::parseSystemColor):
3303         * css/parser/CSSParser.h:
3304         * dom/DatasetDOMStringMap.cpp:
3305         (WebCore::DatasetDOMStringMap::item const):
3306         (WebCore::DatasetDOMStringMap::namedItem const):
3307         (WebCore:: const): Deleted.
3308         * dom/DatasetDOMStringMap.h:
3309         * dom/Element.cpp:
3310         (WebCore::Element::insertAdjacentHTML):
3311         * dom/Element.h:
3312         * html/canvas/CanvasStyle.cpp:
3313         (WebCore::parseColor):
3314         * inspector/DOMEditor.cpp:
3315         * platform/network/curl/CurlFormDataStream.cpp:
3316         (WebCore::CurlFormDataStream::getPostData):
3317         (): Deleted.
3318         * platform/network/curl/CurlFormDataStream.h:
3319         * platform/network/curl/CurlRequest.cpp:
3320         (WebCore::CurlRequest::setupPOST):
3321         * testing/MockCDMFactory.cpp:
3322         (WebCore::MockCDMFactory::keysForSessionWithID const):
3323         (WebCore::MockCDMInstance::updateLicense):
3324         (WebCore:: const): Deleted.
3325         * testing/MockCDMFactory.h:
3326
3327 2018-05-03  Chris Dumez  <cdumez@apple.com>
3328
3329         Stop using an iframe's id as fallback if its name attribute is not set
3330         https://bugs.webkit.org/show_bug.cgi?id=11388
3331
3332         Reviewed by Geoff Garen.
3333
3334         WebKit had logic to use an iframe's id as fallback name when its name
3335         content attribute is not set. This behavior was not standard and did not
3336         match other browsers:
3337         - https://html.spec.whatwg.org/#attr-iframe-name
3338
3339         Gecko / Trident never behaved this way. Blink was aligned with us until
3340         they started to match the specification in:
3341         - https://bugs.chromium.org/p/chromium/issues/detail?id=347169
3342
3343         This WebKit quirk was causing some Web-compatibility issues because it
3344         would affect the behavior of Window's name property getter when trying
3345         to look up an iframe by id. Because of Window's named property getter
3346         behavior [1], we would return the frame's contentWindow instead of the
3347         iframe element itself.
3348
3349         [1] https://html.spec.whatwg.org/multipage/window-object.html#named-access-on-the-window-object
3350
3351         Test: fast/dom/Window/named-getter-frame-id.html
3352
3353         * html/HTMLFrameElementBase.cpp:
3354         (WebCore::HTMLFrameElementBase::openURL):
3355         (WebCore::HTMLFrameElementBase::parseAttribute):
3356         (WebCore::HTMLFrameElementBase::didFinishInsertingNode):
3357         * html/HTMLFrameElementBase.h:
3358
3359 2018-05-03  Eric Carlson  <eric.carlson@apple.com>
3360
3361         [iOS] Internal text and audio tracks not in fullscreen menu
3362         https://bugs.webkit.org/show_bug.cgi?id=185268
3363         <rdar://problem/38673440>
3364
3365         Reviewed by Jer Noble.
3366
3367         * platform/cocoa/PlaybackSessionModelMediaElement.mm:
3368         (WebCore::PlaybackSessionModelMediaElement::setMediaElement): 'addtrack' and 'removetrack'
3369         events are fired at the track lists, not the media element.
3370
3371 2018-05-03  Ryosuke Niwa  <rniwa@webkit.org>
3372
3373         Using image map inside a shadow tree results hits a release assert in DocumentOrderedMap::add
3374         https://bugs.webkit.org/show_bug.cgi?id=185238
3375
3376         Reviewed by Antti Koivisto.
3377
3378         The bug was caused by DocumentOrderedMap for the image elements with usemap being stored in Document
3379         even if those image elements were in a shadow tree. Fixed the bug by moving the map to TreeScope.
3380
3381         Test: fast/images/imagemap-in-nested-shadow-tree.html
3382               fast/images/imagemap-in-shadow-tree.html
3383
3384         * dom/Document.cpp:
3385         (WebCore::Document::addImageElementByUsemap): Moved to TreeScope.
3386         (WebCore::Document::removeImageElementByUsemap): Ditto.
3387         (WebCore::Document::imageElementByUsemap const): Ditto.
3388         * dom/Document.h:
3389         * dom/TreeScope.cpp:
3390         (WebCore::TreeScope::destroyTreeScopeData): Clear m_imagesByUsemap as well as m_elementsByName.
3391         (WebCore::TreeScope::getImageMap const): Removed the code to parse usemap. RenderImage::imageMap()
3392         which used to call this function with the raw value of the usemap content attribute now calls it
3393         via HTMLImageElement::associatedMapElement(), which uses the parsed usemap.
3394         (WebCore::TreeScope::addImageElementByUsemap): Moved from Document.
3395         (WebCore::TreeScope::removeImageElementByUsemap): Ditto.
3396         (WebCore::TreeScope::imageElementByUsemap const): Ditto.
3397         * dom/TreeScope.h:
3398         * html/HTMLImageElement.cpp:
3399         (WebCore::HTMLImageElement::parseAttribute):
3400         (WebCore::HTMLImageElement::insertedIntoAncestor): This image element can be associated with a map element
3401         if it's connected to a document.
3402         (WebCore::HTMLImageElement::removedFromAncestor):
3403         (WebCore::HTMLImageElement::associatedMapElement const):
3404         * html/HTMLImageElement.h:
3405         * html/HTMLMapElement.cpp:
3406         (WebCore::HTMLMapElement::imageElement):
3407         * rendering/RenderImage.cpp:
3408         (WebCore::RenderImage::imageMap const):
3409
3410 2018-05-03  Justin Fan  <justin_fan@apple.com>
3411
3412         [WebGL] Add runtime flag for enabling ASTC support in WebGL
3413         https://bugs.webkit.org/show_bug.cgi?id=184840
3414
3415         Reviewed by Myles C. Maxfield.
3416
3417         Added runtime flag for ASTC support in WebGL, to turn on/off when extension is implemented.
3418
3419         * page/RuntimeEnabledFeatures.h:
3420         (WebCore::RuntimeEnabledFeatures::setWebGLCompressedTextureASTCSupportEnabled):
3421         (WebCore::RuntimeEnabledFeatures::webGLCompressedTextureASTCSupportEnabled const):
3422
3423 2018-05-03  Chris Nardi  <cnardi@chromium.org>
3424
3425         Remove [NoInterfaceObject] from DOMRectList
3426         https://bugs.webkit.org/show_bug.cgi?id=185255
3427
3428         Reviewed by Chris Dumez.
3429
3430         In https://github.com/w3c/fxtf-drafts/issues/233, [NoInterfaceObject] was removed
3431         from DOMRectList. Remove it from our implementation to match the spec, as well as
3432         Chrome and Firefox.
3433
3434         Updated web platform tests IDL test for the Geometry spec.
3435
3436         * dom/DOMRectList.idl:
3437
3438 2018-05-03  Chris Dumez  <cdumez@apple.com>
3439
3440         REGRESSION(iOS 11.3): Crashes in TimerBase::~TimerBase() in Tencent x5gamehelper
3441         https://bugs.webkit.org/show_bug.cgi?id=185073
3442         <rdar://problem/39821223>
3443
3444         Reviewed by Alexey Proskuryakov.
3445
3446         The following changes were made:
3447         - Make sure SocketStream callbacks are always scheduled on the right runloop:
3448           WebThreadRunLoop() on WebKitLegacy iOS, loaderRunLoop() on Windows and
3449           main runloop otherwise.
3450         - When the SocketStream callbacks are called, unconditionally call callOnMainThreadAndWait()
3451           before calling methods on the SocketStream client. Previously, this code path
3452           was specific to Windows but there is no reason to have platform-specific code here.
3453           callOnMainThreadAndWait() calls the function right away if we're already on the main
3454           thread, which will be the case on other platform than Windows.
3455
3456         * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
3457         (WebCore::callbacksRunLoop):
3458         (WebCore::callbacksRunLoopMode):
3459         (WebCore::SocketStreamHandleImpl::scheduleStreams):
3460         (WebCore::SocketStreamHandleImpl::pacExecutionCallback):
3461         (WebCore::SocketStreamHandleImpl::executePACFileURL):
3462         (WebCore::SocketStreamHandleImpl::removePACRunLoopSource):
3463         (WebCore::SocketStreamHandleImpl::readStreamCallback):
3464         (WebCore::SocketStreamHandleImpl::writeStreamCallback):
3465         (WebCore::SocketStreamHandleImpl::platformClose):
3466
3467 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3468
3469         [LFC] Enable multiple layout roots for incremental layout.
3470         https://bugs.webkit.org/show_bug.cgi?id=185185
3471
3472         Reviewed by Antti Koivisto.
3473
3474         With certain type of style changes, we can stop the box invalidation at the formatting context boundary.
3475         When multiple boxes need updating in different formatting contexts, instead of marking the parent containing block chain all
3476         the way up to a common ancestor, we could just work with a list of layout entry points per layout frame.
3477
3478         * layout/FormattingState.h:
3479         * layout/LayoutContext.cpp:
3480         (WebCore::Layout::LayoutContext::updateLayout):
3481         (WebCore::Layout::LayoutContext::addLayoutEntryPoint):
3482         * layout/LayoutContext.h:
3483
3484 2018-05-03  Zalan Bujtas  <zalan@apple.com>
3485
3486         [LFC] Box invalidation logic should go to dedicated classes.
3487         https://bugs.webkit.org/show_bug.cgi?id=185249
3488
3489         Reviewed by Antti Koivisto.
3490
3491         Each formatting context can initiate a different type of invalidation when
3492         style attribute changes in a box.
3493
3494         * Sources.txt:
3495         * WebCore.xcodeproj/project.pbxproj:
3496         * layout/FormattingState.cpp:
3497         (WebCore::Layout::FormattingState::FormattingState):
3498         * layout/FormattingState.h:
3499         (WebCore::Layout::FormattingState::isBlockFormattingState const):
3500         (WebCore::Layout::FormattingState::isInlineFormattingState const):
3501         * layout/LayoutContext.cpp:
3502         (WebCore::Layout::LayoutContext::styleChanged):
3503         (WebCore::Layout::LayoutContext::markNeedsUpdate):
3504         * layout/LayoutContext.h:
3505         * layout/blockformatting/BlockFormattingState.cpp:
3506         (WebCore::Layout::BlockFormattingState::BlockFormattingState):
3507         * layout/blockformatting/BlockFormattingState.h:
3508         * layout/blockformatting/BlockInvalidation.cpp: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.cpp.
3509         (WebCore::Layout::BlockInvalidation::invalidate):
3510         * layout/blockformatting/BlockInvalidation.h: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.h.
3511         * layout/inlineformatting/InlineFormattingState.cpp:
3512         (WebCore::Layout::InlineFormattingState::InlineFormattingState):
3513         * layout/inlineformatting/InlineFormattingState.h:
3514         * layout/inlineformatting/InlineInvalidation.cpp: Copied from Source/WebCore/layout/inlineformatting/InlineFormattingState.cpp.
3515         (WebCore::Layout::InlineInvalidation::invalidate):
3516         * layout/inlineformatting/InlineInvalidation.h: Copied from Source/WebCore/layout/blockformatting/BlockFormattingState.h.
3517
3518 2018-05-03  Michael Catanzaro  <mcatanzaro@igalia.com>
3519
3520         WebKit should send fake macOS user agent to docs.google.com
3521         https://bugs.webkit.org/show_bug.cgi?id=185165
3522
3523         Reviewed by Carlos Garcia Campos.
3524
3525         * platform/UserAgentQuirks.cpp:
3526         (WebCore::urlRequiresMacintoshPlatform):
3527         (WebCore::urlRequiresLinuxDesktopPlatform):
3528
3529 2018-05-03  Commit Queue  <commit-queue@webkit.org>
3530
3531         Unreviewed, rolling out r231223 and r231288.
3532         https://bugs.webkit.org/show_bug.cgi?id=185256
3533
3534         The change in r231223 breaks internal builds, and r231288 is a
3535         dependent change. (Requested by ryanhaddad on #webkit).
3536
3537         Reverted changesets:
3538
3539         "Use default std::optional if it is provided"
3540         https://bugs.webkit.org/show_bug.cgi?id=185159
3541         https://trac.webkit.org/changeset/231223
3542
3543         "Use pointer instead of
3544         std::optional<std::reference_wrapper<>>"
3545         https://bugs.webkit.org/show_bug.cgi?id=185186
3546         https://trac.webkit.org/changeset/231288
3547
3548 2018-05-03  Ryan Haddad  <ryanhaddad@apple.com>
3549
3550         Unreviewed, rolling out r231253.
3551
3552         The API test added with this change is crashing on the bots.
3553
3554         Reverted changeset:
3555
3556         "Web Inspector: opt out of process swap on navigation if a Web
3557         Inspector frontend is connected"
3558         https://bugs.webkit.org/show_bug.cgi?id=184861
3559         https://trac.webkit.org/changeset/231253
3560
3561 2018-05-03  Youenn Fablet  <youenn@apple.com>
3562
3563         A MediaStream being played should allow removing some of its tracks
3564         https://bugs.webkit.org/show_bug.cgi?id=185233
3565
3566         Reviewed by Eric Carlson.
3567
3568         Update the tracks out of the for loop.
3569         Test: fast/mediastream/change-tracks-media-stream-being-played.html
3570
3571         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3572         (WebCore::updateTracksOfType):
3573
3574 2018-05-03  Miguel Gomez  <magomez@igalia.com>
3575
3576         WebCore::TextureMapperLayer object used after freed
3577         https://bugs.webkit.org/show_bug.cgi?id=184729
3578
3579         Reviewed by Michael Catanzaro.
3580
3581         Replace the raw pointers with WeakPtr for effectTarget, maskLayer and replicaLayer
3582         inside TextureMapperLayer.
3583
3584         * platform/graphics/texmap/TextureMapperLayer.cpp:
3585         (WebCore::TextureMapperLayer::~TextureMapperLayer):
3586         (WebCore::TextureMapperLayer::setMaskLayer):
3587         (WebCore::TextureMapperLayer::setReplicaLayer):
3588         * platform/graphics/texmap/TextureMapperLayer.h:
3589
3590 2018-05-03  Basuke Suzuki  <Basuke.Suzuki@sony.com>
3591
3592         [Curl] Add OpenSSL/LibreSSL multi-threading support
3593         https://bugs.webkit.org/show_bug.cgi?id=185138
3594
3595         The older OpenSSL manual says the locking_function and threadid_function should
3596         be set when use it in multi-threading environment. This applies to LibreSSL also.
3597         https://www.openssl.org/docs/man1.0.2/crypto/threads.html
3598
3599         For unix and other similar os, the default threadId_function implementation is
3600         good enough. We'll set custom callback only for Windows OS.
3601
3602         Note it's not required for OpenSSL 1.1.0 and after.
3603         https://www.openssl.org/blog/blog/2017/02/21/threads/
3604
3605         Reviewed by Per Arne Vollan.
3606
3607         * platform/network/curl/CurlSSLHandle.cpp:
3608         (WebCore::CurlSSLHandle::CurlSSLHandle):
3609         (WebCore::CurlSSLHandle::ThreadSupport::ThreadSupport):
3610         (WebCore::CurlSSLHandle::ThreadSupport::lockingCallback):
3611         (WebCore::CurlSSLHandle::ThreadSupport::threadIdCallback):
3612         * platform/network/curl/CurlSSLHandle.h:
3613         (WebCore::CurlSSLHandle::ThreadSupport::setup):
3614         (WebCore::CurlSSLHandle::ThreadSupport::singleton):
3615         (WebCore::CurlSSLHandle::ThreadSupport::lock):
3616         (WebCore::CurlSSLHandle::ThreadSupport::unlock):
3617
3618 2018-05-02  Ryosuke Niwa  <rniwa@webkit.org>
3619
3620         Remove superfluous check for a null attribute value check in Element::removeAttributeInternal
3621         https://bugs.webkit.org/show_bug.cgi?id=185227
3622
3623         Reviewed by Chris Dumez.
3624
3625         Removed the check. The attribute value string can never be null.
3626
3627         * dom/Element.cpp:
3628         (WebCore::Element::removeAttributeInternal):
3629
3630 2018-05-02  Zalan Bujtas  <zalan@apple.com>
3631
3632         [LFC] Implement LayoutContext::createDisplayBox
3633         https://bugs.webkit.org/show_bug.cgi?id=185158
3634
3635         Reviewed by Antti Koivisto.
3636
3637         Now compute*() functions take both the const layout and the corresponding non-const display boxes.
3638         Display boxes are owned by the LayoutContext and they don't form a tree structure (only implicitly through the layout tree).
3639         (This might need to change in the future if we decide to arrange them in some sort of painting order)
3640
3641         * layout/FloatingContext.cpp:
3642         (WebCore::Layout::FloatingContext::computePosition):
3643         * layout/FloatingContext.h:
3644         * layout/FormattingContext.cpp:
3645         (WebCore::Layout::FormattingContext::computeStaticPosition const):
3646         (WebCore::Layout::FormattingContext::computeInFlowPositionedPosition const):
3647         (WebCore::Layout::FormattingContext::computeOutOfFlowPosition const):
3648         (WebCore::Layout::FormattingContext::computeWidth const):
3649         (WebCore::Layout::FormattingContext::computeHeight const):
3650         (WebCore::Layout::FormattingContext::computeOutOfFlowWidth const):
3651         (WebCore::Layout::FormattingContext::computeFloatingWidth const):
3652         (WebCore::Layout::FormattingContext::computeOutOfFlowHeight const):
3653         (WebCore::Layout::FormattingContext::computeFloatingHeight const):
3654         * layout/FormattingContext.h:
3655         * layout/LayoutContext.cpp:
3656         (WebCore::Layout::LayoutContext::createDisplayBox):
3657         * layout/LayoutContext.h:
3658         (WebCore::Layout::LayoutContext::displayBoxForLayoutBox const):
3659         * layout/blockformatting/BlockFormattingContext.cpp:
3660         (WebCore::Layout::BlockFormattingContext::layout const):
3661         (WebCore::Layout::BlockFormattingContext::computeStaticPosition const):
3662         (WebCore::Layout::BlockFormattingContext::computeInFlowWidth const):
3663         (WebCore::Layout::BlockFormattingContext::computeInFlowHeight const):
3664         * layout/blockformatting/BlockFormattingContext.h:
3665         * layout/displaytree/DisplayBox.h:
3666         (WebCore::Display::Box::parent const): Deleted.
3667         (WebCore::Display::Box::nextSibling const): Deleted.
3668         (WebCore::Display::Box::previousSibling const): Deleted.
3669         (WebCore::Display::Box::firstChild const): Deleted.
3670         (WebCore::Display::Box::lastChild const): Deleted.
3671         (WebCore::Display::Box::setParent): Deleted.
3672         (WebCore::Display::Box::setNextSibling): Deleted.
3673         (WebCore::Display::Box::setPreviousSibling): Deleted.
3674         (WebCore::Display::Box::setFirstChild): Deleted.
3675         (WebCore::Display::Box::setLastChild): Deleted.
3676         (): Deleted.
3677         * layout/inlineformatting/InlineFormattingContext.cpp:
3678         (WebCore::Layout::InlineFormattingContext::computeInFlowWidth const):
3679         (WebCore::Layout::InlineFormattingContext::computeInFlowHeight const):
3680         * layout/inlineformatting/InlineFormattingContext.h:
3681
3682 2018-05-02  Said Abou-Hallawa  <sabouhallawa@apple.com>
3683
3684         Hiding then showing an <object> of type image makes the underlaying image disappear
3685         https://bugs.webkit.org/show_bug.cgi?id=185216
3686         <rdar://problem/39055630>
3687
3688         Reviewed by Youenn Fablet.
3689
3690         Ensure the HTMLPlugInImageElement updates the RenderImageResource of its
3691         RenderImage with the CachedImage of its ImageLoader when the RenderImage
3692         is recreated.
3693
3694         Test: fast/images/object-image-hide-show.html
3695
3696         * html/HTMLPlugInImageElement.cpp:
3697         (WebCore::HTMLPlugInImageElement::didAttachRenderers):
3698         This is very similar to what we do in HTMLImageElement::didAttachRenderers().
3699
3700
3701 2018-05-02  Brent Fulgham  <bfulgham@apple.com>
3702
3703         Use RetainPtr for form input type
3704         https://bugs.webkit.org/show_bug.cgi?id=185210
3705         <rdar://problem/39734040>
3706
3707         Reviewed by Ryosuke Niwa.
3708
3709         Refactor our HTMLInputElement class to store its InputType member as a RefPtr.
3710
3711         Test: fast/forms/access-key-mutation-2.html.
3712
3713         * html/HTMLInputElement.cpp:
3714         (WebCore::HTMLInputElement::HTMLInputElement):
3715         (WebCore::HTMLInputElement::didAddUserAgentShadowRoot):
3716         (WebCore::HTMLInputElement::accessKeyAction):
3717         (WebCore::HTMLInputElement::parseAttribute):
3718         (WebCore::HTMLInputElement::appendFormData):
3719         * html/HTMLInputElement.h:
3720         * html/InputType.cpp:
3721         (WebCore::createInputType):
3722         (WebCore::InputType::create):
3723         (WebCore::InputType::createText):
3724         * html/InputType.h:
3725
3726 2018-05-01  Yusuke Suzuki  <utatane.tea@gmail.com>
3727
3728         Use pointer instead of std::optional<std::reference_wrapper<>>
3729         https://bugs.webkit.org/show_bug.cgi?id=185186
3730
3731         Reviewed by Alex Christensen.
3732
3733         std::optional<T&> is not accepted in C++17 spec. So we replaced it
3734         with std::optional<std::reference_wrapper<T>>.
3735
3736         In this patch, we replace it with T*, which is well-aligned to
3737         WebKit's convention.
3738
3739         * Modules/mediastream/RTCPeerConnection.cpp:
3740         (WebCore::iceServersFromConfiguration):
3741         (WebCore::RTCPeerConnection::initializeConfiguration):
3742         (WebCore::RTCPeerConnection::setConfiguration):
3743         * css/parser/CSSParser.cpp:
3744         (WebCore::CSSParser::parseSystemColor):
3745         * css/parser/CSSParser.h:
3746         * dom/DatasetDOMStringMap.cpp:
3747         (WebCore::DatasetDOMStringMap::item const):
3748         (WebCore::DatasetDOMStringMap::namedItem const):
3749         * dom/DatasetDOMStringMap.h:
3750         * dom/Element.cpp:
3751         (WebCore::Element::insertAdjacentHTML):
3752         * dom/Element.h:
3753         * html/canvas/CanvasStyle.cpp:
3754         (WebCore::parseColor):
3755         * inspector/DOMEditor.cpp:
3756         * platform/network/curl/CurlFormDataStream.cpp:
3757         (WebCore::CurlFormDataStream::getPostData):
3758         * platform/network/curl/CurlFormDataStream.h:
3759         * platform/network/curl/CurlRequest.cpp:
3760         (WebCore::CurlRequest::setupPOST):
3761         * testing/MockCDMFactory.cpp:
3762         (WebCore::MockCDMFactory::keysForSessionWithID const):
3763         (WebCore::MockCDMInstance::updateLicense):
3764         * testing/MockCDMFactory.h:
3765
3766 2018-05-02  Keith Rollin  <krollin@apple.com>
3767
3768         Add facility for tracking times and results of page and resource loading
3769         https://bugs.webkit.org/show_bug.cgi?id=184838
3770         <rdar://problem/36548974>
3771
3772         Reviewed by Brent Fulgham.
3773
3774         Update FrameProgressTracker to send the necessary page load start/stop
3775         signals so that we can track the entire page load at a network level.
3776         Add an empty override of the pure virtual
3777         LoaderStrategy::pageLoadCompleted method.
3778
3779         No new tests. There is no testable effect from these changes. On
3780         Cocoa, measurable changes take place in another (non-WebKit) process.
3781         On non-Cocoa systems, this facility is currently disabled.
3782
3783         * loader/FrameLoader.cpp:
3784         (WebCore::FrameLoader::FrameProgressTracker::progressCompleted):
3785         * loader/LoaderStrategy.h:
3786
3787 2018-05-02  Aditya Keerthi  <akeerthi@apple.com>
3788
3789         Can't copy and paste URLs that have no title into Mail (macOS)
3790         https://bugs.webkit.org/show_bug.cgi?id=185205
3791         <rdar://problem/36352406>
3792
3793         Reviewed by Tim Horton.
3794
3795         The pasteboardURL generated has an empty title for URLs without titles. Currently, the pasteboardURL.title is being saved to the pasteboard.
3796
3797         To fix the error, we check whether the title is empty and instead save the lastPathComponent to the pasteboard. This matches current behavior as the fallback title.
3798
3799         Augmented WebKitLegacy.ContextMenuCanCopyURL test
3800
3801         * platform/mac/PasteboardMac.mm:
3802         (WebCore::writeURLForTypes):
3803
3804 2018-05-01  Ryosuke Niwa  <rniwa@webkit.org>
3805
3806         REGRESSION(r225868): Release assert when removing an SVGUseElement from Document::m_svgUseElements
3807         https://bugs.webkit.org/show_bug.cgi?id=182188
3808         <rdar://problem/36689240>
3809
3810         Reviewed by Antti Koivisto.
3811
3812         Fixed the crash by removing up the release assert.
3813
3814         The crash is likely caused by re-entrancy to Document::resolveStyle during SVGUseElement::updateShadowTree.
3815         Because Document::resolveStyle invokes updateShadowTree on SVG use elements in Document::m_svgUseElements
3816         without clearing the map, the nested call to resolveStyle ends up calling updateShadowTree() for all elements
3817         in m_svgUseElements and removing them all from the map. When the stack frame eventually comes back to the outer
3818         invocation of Document::resolveStyle, updateShadowTree gets invoked for the second time on SVG use elements
3819         whose shadow tree had already been updated within the inner invocation to updateShadowTree, and release-asserts.
3820
3821         There is an alternative fix: avoid calling updateShadowTree on a svg element when shadowTreeNeedsUpdate returns
3822         true on the element in resolveStyle. However, removing the release assert is a sure way to fix the crash so
3823         this patch opts for that fix instead especially since we don't have any reproducible test case for this crash.
3824
3825         This release assertion was added in r225868 as a cautious measure to catch any use-after-frees of SVGUseElement's
3826         since m_svgUseElements stored raw pointes to SVG use elements but this crash is not an indicative of any UAF,
3827         and there is no evidence that r225868 has led to new UAFs even after five months.
3828
3829         No new tests. I couldn't find a way to trigger a nested style update inside SVGUseElement::updateShadowTree.
3830
3831         * dom/Document.cpp:
3832         (WebCore::Document::removeSVGUseElement):
3833
3834 2018-05-02  Dirk Schulze  <dschulze@chromium.org>
3835
3836         getCharNumAtPosition should take DOMPointInit as argument
3837         https://bugs.webkit.org/show_bug.cgi?id=184695
3838
3839         Reviewed by Antti Koivisto.
3840
3841         Extend existing tests for getCharNumAtPosition.
3842
3843         * svg/SVGTextContentElement.cpp:
3844         (WebCore::SVGTextContentElement::getCharNumAtPosition):
3845         * svg/SVGTextContentElement.h:
3846         * svg/SVGTextContentElement.idl: Use DOMPointInit argument.
3847
3848 2018-05-02  Youenn Fablet  <youenn@apple.com>
3849
3850         Use NetworkLoadChecker for navigation loads
3851         https://bugs.webkit.org/show_bug.cgi?id=184892
3852         <rdar://problem/39652686>
3853
3854         Reviewed by Chris Dumez.
3855
3856         Sanitize headers according response tainting.
3857         If tainting is basic, it means same origin load in which case we only filter Cookie related headers.
3858         If tainting is Opaque, we filter all uncommon headers.
3859         If tainting is CORS, we filter all uncommon headers except the one explicitely allowed by CORS headers.
3860         Covered by updated test.
3861
3862         * platform/network/ResourceResponseBase.cpp:
3863         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFieldsAccordingToTainting):
3864         (WebCore::ResourceResponseBase::sanitizeHTTPHeaderFields):
3865         * platform/network/ResourceResponseBase.h:
3866
3867 2018-05-02  Myles C. Maxfield  <mmaxfield@apple.com>
3868
3869         Collection fragment identifiers don't use PostScript names
3870         https://bugs.webkit.org/show_bug.cgi?id=184624
3871         <rdar://problem/39432089>
3872
3873         Reviewed by Simon Fraser.
3874
3875         In a previous version of the CSS Fonts spec, there was text saying that items in font collections
3876         should be 1-indexed (so the first item would be MyFonts.ttc#1). However, this is unfortunate because
3877         inserting an item into the middle of a collection would throw off all content that uses the file.
3878         Instead, the spec has since changed to use PostScript names (so the content instead would say
3879         MyFonts.ttc#MyFont-Regular).
3880
3881         Test: fast/text/font-collection.html
3882
3883         * css/CSSFontFaceSource.cpp:
3884         (WebCore::CSSFontFaceSource::load):
3885         * loader/cache/CachedFont.cpp:
3886         (WebCore::CachedFont::calculateItemInCollection const):
3887         (WebCore::CachedFont::ensureCustomFontData):
3888         (WebCore::CachedFont::createCustomFontData):
3889         (WebCore::CachedFont::calculateIndex const): Deleted.
3890         * loader/cache/CachedFont.h:
3891         * platform/graphics/mac/FontCustomPlatformData.cpp:
3892         (WebCore::createFontCustomPlatformData):
3893         * platform/graphics/mac/FontCustomPlatformData.h:
3894
3895 2018-05-02  Brian Burg  <bburg@apple.com>
3896
3897         Web Inspector: opt out of process swap on navigation if a Web Inspector frontend is connected
3898         https://bugs.webkit.org/show_bug.cgi?id=184861
3899         <rdar://problem/39153768>
3900
3901         Reviewed by Ryosuke Niwa.
3902
3903         Notify the client of the current connection count whenever a frontend connects or disconnects.
3904
3905         Covered by new API test.
3906
3907         * inspector/InspectorClient.h:
3908         (WebCore::InspectorClient::frontendCountChanged):
3909         * inspector/InspectorController.cpp:
3910         (WebCore::InspectorController::connectFrontend):
3911         (WebCore::InspectorController::disconnectFrontend):
3912         (WebCore::InspectorController::disconnectAllFrontends):
3913         * inspector/InspectorController.h:
3914
3915 2018-05-02  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3916
3917         [GStreamer] Remove unneeded include of gstgldisplay_wayland.h after r228866 and r229022
3918         https://bugs.webkit.org/show_bug.cgi?id=185207
3919
3920         Reviewed by Michael Catanzaro.
3921
3922         Remove unneeded include of gstgldisplay_wayland.h
3923
3924         No new tests, no change in behaviour.
3925
3926         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3927
3928 2018-05-02  Chris Dumez  <cdumez@apple.com>
3929
3930         document.open() event listener removal is not immediate
3931         https://bugs.webkit.org/show_bug.cgi?id=185191
3932
3933         Reviewed by Darin Adler.
3934
3935         We need to make sure we set the 'wasremoved' flag on RegisteredEventListeners
3936         whenever they get removed from the EventListenerMap. We were doing so correctly
3937         in EventListenerMap:remove() but not EventListenerMap::clear(). This patch
3938         updates clear() accordingly.
3939
3940         The reason we need to set this flag is that RegisteredEventListeners is RefCounted
3941         and EventTarget::fireEventListeners() may be currently running and calling
3942         each listener one by one, holding a reference to all listener of a given event.
3943
3944         Test: fast/dom/Document/document-open-removes-all-listeners.html
3945
3946         * dom/EventListenerMap.cpp:
3947         (WebCore::EventListenerMap::clear):
3948
3949 2018-05-02  Zalan Bujtas <zalan@apple.com>
3950
3951         Use WeakPtr in GridCell
3952         https://bugs.webkit.org/show_bug.cgi?id=185180
3953         <rdar://problem/39432165>
3954
3955         Reviewed by Antti Koivisto.
3956
3957         Since GridCell does not own the renderers, it should
3958         construct weak pointers.
3959
3960         Unable to create a reliably reproducible test case.
3961
3962         * rendering/Grid.cpp:
3963         (WebCore::Grid::insert):
3964         (WebCore::GridIterator::nextGridItem):
3965         * rendering/Grid.h:
3966         * rendering/RenderGrid.cpp:
3967         (WebCore::RenderGrid::firstLineBaseline const):
3968
3969 2018-05-02  Eric Carlson  <eric.carlson@apple.com>
3970
3971         [iOS] Provide audio route information when invoking AirPlay picker
3972         https://bugs.webkit.org/show_bug.cgi?id=185199
3973         <rdar://problem/39853103>
3974
3975         Reviewed by Jer Noble.
3976
3977         No new tests, this requires a specific hardware setup.
3978
3979         * dom/Document.cpp:
3980         (WebCore::Document::showPlaybackTargetPicker): Pass route sharing policy and routing context UID.
3981         * dom/Document.h:
3982
3983         * html/MediaElementSession.cpp:
3984         (WebCore::MediaElementSession::showPlaybackTargetPicker): Ditto.
3985
3986         * loader/EmptyClients.h:
3987         * page/ChromeClient.h:
3988
3989         * page/Page.cpp:
3990