398fe0d4bbd29f024146cc71e53039639eb3217b
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-24  Frederic Wang  <fwang@igalia.com>
2
3         Refactor RenderMathMLOperator and RenderMathMLToken to avoid using anonymous renderers.
4         https://bugs.webkit.org/show_bug.cgi?id=155018
5
6         Reviewed by Martin Robinson.
7
8         No new tests, already covered by existing tests.
9
10         We use MathOperator for RenderMathMLOperator to avoid creating anonymous text nodes again
11         and again. We reimplement implicit mathvariant="italic" on single-char mi in a way that does
12         not rely on creating anonymous text nodes. Finally, we improve the determination/update of
13         when mathvariant is italic to avoid breaking foreign-mi-dynamic test.
14         The change in the render tree structure breaks mfenced accessibility support but that will
15         be fixed in follow-up patches. The simplifications made here will also allow to simplify the
16         accessibility code.
17
18         * css/mathml.css:
19         (mo): Deleted. This flexbox rule is no longer needed.
20         * rendering/mathml/RenderMathMLBlock.cpp:
21         (WebCore::RenderMathMLBlock::createAnonymousMathMLBlock): Deleted. We no longer need to
22         create anonymous renderer with this function.
23         * rendering/mathml/RenderMathMLBlock.h: Delete createAnonymousMathMLBlock.
24         * rendering/mathml/RenderMathMLOperator.cpp: Implement layout functions without relying on
25         flexbox or anonymous.
26         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Handle the case of !useMathOperator()
27         for which we need to add extra operator spacing after the RenderMathMLToken layout.
28         (WebCore::RenderMathMLOperator::layoutBlock): Ditto.
29         (WebCore::RenderMathMLOperator::isChildAllowed): Deleted. We allow the non-anonymous text.
30         (WebCore::RenderMathMLOperator::rebuildTokenContent): No longer destroy and rebuild
31         anonymous wrapper. Remove updateStyle call.
32         (WebCore::RenderMathMLOperator::updateStyle): Deleted. We no longer need anonymous style for the spacing.
33         * rendering/mathml/RenderMathMLOperator.h: Remove updateStyle() and isChildAllowed().
34         Make textContent() public so that it can be accessed from the accessibility code.
35         * rendering/mathml/RenderMathMLToken.cpp: Reimplement implicit mathvariant="italic" by
36         painting MATHEMATICAL ITALIC characters instead of styling an anonymous wrapper.
37         (WebCore::RenderMathMLToken::RenderMathMLToken): Init m_mathVariantGlyph and m_mathVariantGlyphDirty
38         (WebCore::RenderMathMLToken::updateTokenContent): Set mathvariant glyph dirty when the content changes.
39         (WebCore::transformToItalic): Helper function to map latin and greek alphabets to their
40         MATHEMATICAL ITALIC counterpart.
41         (WebCore::RenderMathMLToken::computePreferredLogicalWidths): Implement this function to
42         handle the case where the mathvariant glyph is used.
43         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Helper function to update the mathvariant glyph.
44         For now, we try and keep with the old (and limited) implementation: a mathvariant glyph may
45         only used for single-char <mi> without mathvariant attribute attached to it.
46         (WebCore::RenderMathMLToken::styleDidChange): Set the mathvariant glyph dirty when the style
47         changes.
48         (WebCore::RenderMathMLToken::updateFromElement): Remove updateStyle call and set mathvariant
49         glyph dirty.
50         (WebCore::RenderMathMLToken::firstLineBaseline): Implement this function to handle the case
51          where the mathvariant glyph is used.
52         (WebCore::RenderMathMLToken::layoutBlock): Ditto.
53         (WebCore::RenderMathMLToken::paint): Ditto.
54         (WebCore::RenderMathMLToken::paintChildren): Ditto.
55         (WebCore::RenderMathMLToken::addChild): Deleted. No need to bother with anonymous renderer
56         or style.
57         (WebCore::RenderMathMLToken::createWrapperIfNeeded): Deleted. Ditto.
58         (WebCore::RenderMathMLToken::updateStyle): Deleted. Ditto.
59         * rendering/mathml/RenderMathMLToken.h: Update declarations of functions.
60         (WebCore::RenderMathMLToken::setMathVariantGlyphDirty): Helper function to indicate that the
61         mathvariant glyph will need to be updated.
62
63 2016-06-24  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
64
65         Unreviewed EFL build fix.
66
67         There is forward declaration build error on EFL port.
68
69         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp: Include DOMWindow.h and Document.h.
70
71 2016-06-23  Brady Eidson  <beidson@apple.com>
72
73         Retrieving Blobs from IndexedDB using cursors fails in WK2 (Sandboxing)
74         https://bugs.webkit.org/show_bug.cgi?id=158991
75
76         Reviewed by Alex Christensen.
77
78         Test: storage/indexeddb/modern/blob-cursor.html
79
80         * platform/network/BlobDataFileReference.cpp:
81         (WebCore::BlobDataFileReference::startTrackingModifications): Deleted.
82
83 2016-06-23  Alex Christensen  <achristensen@webkit.org>
84
85         Remove unused didCancelAuthenticationChallenge
86         https://bugs.webkit.org/show_bug.cgi?id=158819
87
88         Reviewed by David Kilzer.
89
90         No change in behavior.  This callback was deprecated in Yosemite.  It is never called.
91
92         * loader/EmptyClients.h:
93         * loader/FrameLoaderClient.h:
94         * loader/ResourceLoadNotifier.cpp:
95         (WebCore::ResourceLoadNotifier::didCancelAuthenticationChallenge): Deleted.
96         * loader/ResourceLoadNotifier.h:
97         * loader/ResourceLoader.cpp:
98         (WebCore::ResourceLoader::didCancelAuthenticationChallenge): Deleted.
99         * loader/ResourceLoader.h:
100         * platform/network/ResourceHandle.h:
101         * platform/network/ResourceHandleClient.h:
102         (WebCore::ResourceHandleClient::didCancelAuthenticationChallenge): Deleted.
103         * platform/network/mac/ResourceHandleMac.mm:
104         (WebCore::ResourceHandle::didCancelAuthenticationChallenge): Deleted.
105         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
106         (-[WebCoreResourceHandleAsDelegate connection:didCancelAuthenticationChallenge:]): Deleted.
107         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
108         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didCancelAuthenticationChallenge:]): Deleted.
109         * platform/spi/cocoa/NSURLDownloadSPI.h:
110
111 2016-06-23  Anders Carlsson  <andersca@apple.com>
112
113         Add "shippingType" to the list of valid payment request properties
114         https://bugs.webkit.org/show_bug.cgi?id=159079
115         <rdar://problem/26988429>
116
117         Reviewed by Dean Jackson.
118
119         * Modules/applepay/ApplePaySession.cpp:
120         (WebCore::isValidPaymentRequestPropertyName):
121
122 2016-06-23  Benjamin Poulain  <benjamin@webkit.org>
123
124         Specialize synchronous event tracking per event type
125         https://bugs.webkit.org/show_bug.cgi?id=158826
126
127         Reviewed by Simon Fraser.
128
129         First, kudos to Rick Byers for all his helps on passive event dispatch.
130         The specs are pretty damn good and his help reviewing patches is very useful.
131
132         This patch change synchronous event dispatch to happen per event
133         instead of per sequence touchstart->touchend.
134
135         The big advantage of this is we can dispatch more events asynchronously.
136         For example, to handle a tap programmatically, you can limit the active listener
137         to the touchend event. The touchstart and touchmove are now dispatched asynchronously.
138
139         The implementation is a simple extension to EventTrackingRegions.
140         Instead of a single synchronous region, we have one region per event type.
141         When processing the events, we only need to send the events synchronously
142         if that particular event type has a synchronous region.
143
144         Note that EventDispatcher's touch event support already supports
145         mixing synchronous and asynchronous events. The events are always processed
146         in order even if asynchronous events are pending when a synchronous dispatch
147         happens.
148
149         Tests: fast/events/touch/ios/tap-with-active-listener-inside-document-with-passive-listener.html
150                fast/events/touch/ios/tap-with-active-listener-inside-window-with-passive-listener.html
151                fast/events/touch/ios/tap-with-active-touch-end-listener.html
152                fast/events/touch/ios/tap-with-passive-listener-inside-active-listener.html
153                fast/events/touch/ios/tap-with-passive-touch-end-listener.html
154                fast/events/touch/ios/tap-with-passive-touch-start-active-touch-end-listeners-on-elements.html
155                fast/events/touch/ios/tap-with-passive-touch-start-active-touch-move-listeners-on-elements.html
156
157         * CMakeLists.txt:
158         * WebCore.xcodeproj/project.pbxproj:
159         * dom/EventTarget.cpp:
160         (WebCore::EventTarget::hasActiveTouchEventListeners): Deleted.
161         * dom/EventTarget.h:
162         * page/DebugPageOverlays.cpp:
163         (WebCore::NonFastScrollableRegionOverlay::updateRegion):
164         * page/Page.cpp:
165         (WebCore::Page::nonFastScrollableRects):
166         * page/scrolling/ScrollingCoordinator.cpp:
167         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame):
168         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
169         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
170         * page/scrolling/ScrollingTree.cpp:
171         (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
172         (WebCore::ScrollingTree::eventTrackingTypeForPoint):
173         * page/scrolling/ScrollingTree.h:
174         * platform/EventTrackingRegions.cpp: Added.
175         (WebCore::EventTrackingRegions::trackingTypeForPoint):
176         (WebCore::EventTrackingRegions::isEmpty):
177         (WebCore::EventTrackingRegions::translate):
178         (WebCore::EventTrackingRegions::uniteSynchronousRegion):
179         (WebCore::EventTrackingRegions::unite):
180         (WebCore::operator==):
181         * platform/EventTrackingRegions.h:
182         (WebCore::EventTrackingRegions::isEmpty): Deleted.
183         (WebCore::EventTrackingRegions::trackingTypeForPoint): Deleted.
184         (WebCore::operator==): Deleted.
185
186 2016-06-23  Simon Fraser  <simon.fraser@apple.com>
187
188         More attempting to fix external iOS builds.
189
190         * platform/spi/cocoa/QuartzCoreSPI.h:
191
192 2016-06-23  Simon Fraser  <simon.fraser@apple.com>
193
194         Try to fix the non-internal builds by defining CARenderServerBufferRef.
195
196         * platform/spi/cocoa/QuartzCoreSPI.h:
197
198 2016-06-23  Simon Fraser  <simon.fraser@apple.com>
199
200         [iOS] Make DumpRenderTree and WebKitTestRunner in the simulator use render server snapshotting
201         https://bugs.webkit.org/show_bug.cgi?id=159077
202
203         Reviewed by Tim Horton.
204
205         Add CARenderServer SPIs.
206
207         Test: fast/harness/snapshot-captures-compositing.html
208
209         * platform/spi/cocoa/QuartzCoreSPI.h:
210
211 2016-06-23  Brian Burg  <bburg@apple.com>
212
213         Web Inspector: add assertions to catch dangling frontends that persist between tests
214         https://bugs.webkit.org/show_bug.cgi?id=159073
215
216         Reviewed by Joseph Pecoraro.
217
218         Based on the analysis in https://webkit.org/b/159070, we suspect that some test
219         flakiness might be caused by dangling frontends from previous test cases. Add an
220         assertion that should catch any frontends that are attached to the inspected page's
221         backend. There should never be any frontends connected when a test first starts.
222
223         * inspector/InspectorController.cpp:
224         (WebCore::InspectorController::setIsUnderTest):
225         * inspector/InspectorController.h:
226
227 2016-06-23  Said Abou-Hallawa  <sabouhallawa@apple.com>
228
229         requestFrameAnimation() callback timestamp should be very close to Performance.now() 
230         https://bugs.webkit.org/show_bug.cgi?id=159038
231
232         Reviewed by Simon Fraser.
233
234         Pass the Performance.now() to requestFrameAnimation() callback. Do not add
235         the timeUntilOutput which is the difference between outputTime and now since
236         this addition makes us report a timestamp ahead in the future by almost 33ms.
237
238         A new function named "nowTimestamp()" is added to the DOMWindow class. It
239         calls Performance.now() if WEB_TIMING is enabled, otherwise it calls
240         monotonicallyIncreasingTime(). The returned timestamp is seconds and it is
241         relative to the document loading time.
242
243         The timestamp passing will be removed all the down till the callers of
244         ScriptedAnimationController::serviceScriptedAnimations(). The callers will
245         getting the now timestamp by calling DOMWindow::nowTimestamp().
246
247         Tests: animations/animation-callback-timestamp.html
248                animations/animation-multiple-callbacks-timestamp.html
249
250         * dom/Document.cpp:
251         (WebCore::Document::monotonicTimestamp):
252         (WebCore::Document::serviceScriptedAnimations):
253         * dom/Document.h:
254         * dom/ScriptedAnimationController.cpp:
255         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
256         (WebCore::ScriptedAnimationController::animationTimerFired):
257         (WebCore::ScriptedAnimationController::displayRefreshFired):
258         * dom/ScriptedAnimationController.h:
259         * html/HTMLMediaElement.cpp:
260         (WebCore::HTMLMediaElement::getVideoPlaybackQuality):
261         * loader/DocumentLoadTiming.h:
262         (WebCore::DocumentLoadTiming::referenceWallTime):
263         * page/DOMWindow.cpp:
264         (WebCore::DOMWindow::nowTimestamp):
265         * page/DOMWindow.h:
266         * page/FrameView.cpp:
267         (WebCore::FrameView::serviceScriptedAnimations):
268         * page/FrameView.h:
269         * platform/graphics/DisplayRefreshMonitor.cpp:
270         (WebCore::DisplayRefreshMonitor::DisplayRefreshMonitor):
271         (WebCore::DisplayRefreshMonitor::displayDidRefresh):
272         * platform/graphics/DisplayRefreshMonitor.h:
273         (WebCore::DisplayRefreshMonitor::setMonotonicAnimationStartTime): Deleted.
274         * platform/graphics/DisplayRefreshMonitorClient.cpp:
275         (WebCore::DisplayRefreshMonitorClient::fireDisplayRefreshIfNeeded):
276         * platform/graphics/DisplayRefreshMonitorClient.h:
277         * platform/graphics/GraphicsLayerUpdater.cpp:
278         (WebCore::GraphicsLayerUpdater::displayRefreshFired):
279         * platform/graphics/GraphicsLayerUpdater.h:
280         * platform/graphics/ios/DisplayRefreshMonitorIOS.h:
281         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
282         (-[WebDisplayLinkHandler handleDisplayLink:]):
283         (WebCore::DisplayRefreshMonitorIOS::displayLinkFired):
284         (WebCore::mediaTimeToCurrentTime): Deleted.
285         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
286         (WebCore::displayLinkCallback):
287         (WebCore::DisplayRefreshMonitorMac::displayLinkFired):
288         * platform/graphics/mac/DisplayRefreshMonitorMac.h:
289         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
290         (WebCore::CompositingCoordinator::syncDisplayState):
291         (WebCore::CompositingCoordinator::nextAnimationServiceTime):
292
293 2016-06-23  David Kilzer  <ddkilzer@apple.com>
294
295         Remove unused HarfBuzzFaceCoreText.cpp
296         <https://webkit.org/b/159065>
297
298         Reviewed by Myles C. Maxfield.
299
300         * platform/graphics/harfbuzz/HarfBuzzFaceCoreText.cpp: Removed.
301
302 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
303
304         Web Inspector: Memory Timeline sometimes shows impossible value for bmalloc size (underflowed)
305         https://bugs.webkit.org/show_bug.cgi?id=158110
306         <rdar://problem/26498584>
307
308         Reviewed by Andreas Kling.
309
310         IOSurface memory backing Canvas element buffers should be classified as "GC Owned",
311         but should not be considered a part of bmalloc. In fact, the actual memory cost is
312         external to the Web Content Process. The majority of extra memory reporters tend
313         to report extra memory that is also allocated in bmalloc. However, some report
314         non-bmalloc memory, such as the IOSurfaces here.
315         
316         Continue to report the memory cost without changes to inform the Heap for garbage
317         collection. However, also keep better accounting of GCOwned memory that is external
318         to the process for better accounting for the Resource Usage overlay and Web Inspector
319         Memory timeline.
320         
321         This is a bit of a game where we want to display the best possible number for
322         "GCOwned memory" in the tools, but some of that memory shows up in the other
323         regions (bmalloc, system malloc, etc). Already many sizes are estimates
324         (ReportExtraMemory, reportExtraMemory ignores small allocations), so we just focus
325         on getting the largest sources of allocations, such as Canvas IOSurfaces here,
326         into the right bucket. ResourceUsageThreadCocoa continues to subtract the "extra"
327         memory from bmalloc. So, we should address other large sources of "extra memory"
328         not in bmalloc. A likely candidate is HTMLMediaElement which uses the deprecated
329         reporting right now.
330
331         * bindings/scripts/CodeGeneratorJS.pm:
332         (GenerateImplementation):
333         * bindings/scripts/IDLAttributes.txt:
334         Add a way to report External memory, dependent on reporting Extra memory.
335
336         * html/HTMLCanvasElement.cpp:
337         (WebCore::HTMLCanvasElement::externalMemoryCost):
338         * html/HTMLCanvasElement.h:
339         * html/HTMLCanvasElement.idl:
340         Report external memory cost just like extra memory.
341
342         * page/ResourceUsageData.cpp:
343         (WebCore::ResourceUsageData::ResourceUsageData):
344         * page/ResourceUsageData.h:
345         (WebCore::MemoryCategoryInfo::totalSize):
346         * page/cocoa/ResourceUsageOverlayCocoa.mm:
347         (WebCore::RingBuffer::at):
348         (WebCore::appendDataToHistory):
349         (WebCore::ResourceUsageOverlay::platformDraw):
350         * page/cocoa/ResourceUsageThreadCocoa.mm:
351         (WebCore::categoryForVMTag):
352         (WebCore::ResourceUsageThread::platformThreadBody):
353         Do not count the GCOwned External memory as dirty memory.
354         Include External memory output in the overlay.
355
356         * inspector/InspectorMemoryAgent.cpp:
357         (WebCore::InspectorMemoryAgent::collectSample):
358         When sizing the JavaScript portion, include both the GC Owned
359         category's dirty and external memory. Ultimately we will
360         want this everywhere in case things change.
361
362         * platform/graphics/ImageBuffer.cpp:
363         (WebCore::memoryCost):
364         (WebCore::externalMemoryCost):
365         * platform/graphics/ImageBuffer.h:
366         * platform/graphics/cg/ImageBufferCG.cpp:
367         (WebCore::ImageBuffer::memoryCost):
368         (WebCore::ImageBuffer::externalMemoryCost):
369         Report IOSurface total bytes as extra memory and external memory
370         so that it can be tracked as GC Owned memory that is separate from
371         regular (bmalloc/other) in process memory.
372
373 2016-06-23  Alexey Proskuryakov  <ap@apple.com>
374
375         Handle (0, 0) ranges from Lookup
376         https://bugs.webkit.org/show_bug.cgi?id=159062
377         rdar://problem/26960385
378
379         Reviewed by Tim Horton.
380
381         * editing/mac/DictionaryLookup.mm: (WebCore::DictionaryLookup::rangeAtHitTestResult):
382         Paper over <https://bugs.webkit.org/show_bug.cgi?id=159063>, which seems too involved
383         to fix now.
384
385 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
386
387         Web Inspector: first heap snapshot taken when a page is reloaded happens before the reload navigation
388         https://bugs.webkit.org/show_bug.cgi?id=158995
389         <rdar://problem/26923778>
390
391         Reviewed by Brian Burg.
392
393         When the "Heap" instrument is included in the Timeline list
394         of instruments, defer starting it in an auto-capture scenario
395         until after the page does its first navigation.
396
397         AutoCapture on the backend happens when it is enabled at
398         the main resource starts loading. In that case it proceeds
399         through the following phases:
400
401             No Auto Capture:
402                 None
403
404             Auto Capture:
405                 BeforeLoad -> FirstNavigation -> AfterFirstNavigation
406
407         When toggling instruments for backend initiated capture
408         most instruments do not care and will just start/stop.
409
410         * inspector/InspectorInstrumentation.cpp:
411         (WebCore::InspectorInstrumentation::didCommitLoadImpl):
412         Inform the TimelineAgent that the main frame navigated.
413         Do this after informing the HeapAgent (so any potential
414         snapshot does not get cleared) and PageAgent (so the
415         frontend knows the page navigated before the agent starts).
416
417         * inspector/InspectorTimelineAgent.h:
418         * inspector/InspectorTimelineAgent.cpp:
419         (WebCore::InspectorTimelineAgent::internalStop):
420         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
421         (WebCore::InspectorTimelineAgent::mainFrameNavigated):
422         Update the auto capture phase transitions.
423
424         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
425         Only start the heap agent during the None phase (console.profile)
426         or with the first navigation (auto capture page navigation).
427
428 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
429
430         Web Inspector: Snapshots should be cleared at some point
431         https://bugs.webkit.org/show_bug.cgi?id=157907
432         <rdar://problem/26373610>
433
434         Reviewed by Timothy Hatcher.
435
436         * CMakeLists.txt:
437         * WebCore.xcodeproj/project.pbxproj:
438         * inspector/InspectorAllInOne.cpp:
439         New specialized agent.
440
441         * inspector/InspectorController.cpp:
442         (WebCore::InspectorController::InspectorController):
443         Construct a specialized HeapAgent.
444
445         * inspector/PageHeapAgent.h:
446         * inspector/PageHeapAgent.cpp:
447         (WebCore::PageHeapAgent::PageHeapAgent):
448         (WebCore::PageHeapAgent::enable):
449         (WebCore::PageHeapAgent::disable):
450         (WebCore::PageHeapAgent::mainFrameNavigated):
451         Clear backend snapshots on page navigations.
452         Set the PageHeapAgent instrumenting agent on enable/disable.
453
454         * inspector/InstrumentingAgents.cpp:
455         (WebCore::InstrumentingAgents::reset):
456         * inspector/InstrumentingAgents.h:
457         (WebCore::InstrumentingAgents::pageHeapAgent):
458         (WebCore::InstrumentingAgents::setPageHeapAgent):
459         Active PageHeapAgent.
460
461         * inspector/InspectorInstrumentation.cpp:
462         (WebCore::InspectorInstrumentation::didCommitLoadImpl):
463         Inform the PageHeapAgent when the mainframe navigates.
464
465 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
466
467         CSSComputedStyleDeclaration::length should recalculate styles if needed to provide the correct value
468         https://bugs.webkit.org/show_bug.cgi?id=159053
469         <rdar://problem/26638119>
470
471         Reviewed by Simon Fraser.
472
473         Test: fast/css/variables/custom-property-computed-style-length-update.html
474
475         * css/CSSComputedStyleDeclaration.cpp:
476         (WebCore::CSSComputedStyleDeclaration::length):
477
478 2016-06-23  John Wilander  <wilander@apple.com>
479
480         Enable window.open() for existing versions of Secret Society
481         https://bugs.webkit.org/show_bug.cgi?id=159049
482         <rdar://problem/26528349>
483
484         Reviewed by Andy Estes.
485
486         The Secret Society Hidden Mystery app has a broken version check treating iOS 10
487         as iOS 1 on iPads. Therefore it believes it can use window.open() in a tap
488         handler. We should allow the existing versions of the app to do this to not break
489         them.
490
491         No new tests. Tested manually in the app.
492
493         * page/DOMWindow.cpp:
494         (WebCore::DOMWindow::allowPopUp):
495             Now checks with Settings whether it should allow a popup even though it is
496             not processing a user gesture.
497         * page/Settings.in:
498             Added setting allowWindowOpenWithoutUserGesture.
499         * platform/RuntimeApplicationChecks.h:
500         * platform/RuntimeApplicationChecks.mm:
501         (WebCore::IOSApplication::isTheSecretSocietyHiddenMystery):
502             Added.
503
504 2016-06-23  Chris Dumez  <cdumez@apple.com>
505
506         Only call sqlite3_initialize() when a SQLite database is actually being opened
507         https://bugs.webkit.org/show_bug.cgi?id=159033
508
509         Reviewed by Brady Eidson.
510
511         Only call sqlite3_initialize() when a SQLite database is actually being opened
512         instead of doing it unconditionally. sqlite3_initialize() was previously called
513         in the SQLiteDatabase constructor which gets called on WebContent process
514         initialization because a DatabaseTracker is constructed on initialization and
515         DatabaseTracker has a SQLiteDatabase data member.
516
517         * platform/sql/SQLiteDatabase.cpp:
518         (WebCore::initializeSQLiteIfNecessary):
519         (WebCore::SQLiteDatabase::open):
520         (WebCore::SQLiteDatabase::SQLiteDatabase): Deleted.
521         * platform/sql/SQLiteDatabase.h:
522
523 2016-06-23  Adam Bergkvist  <adam.bergkvist@ericsson.com>
524
525         WebRTC: Align 'update ICE connection/gathering state' steps with the WebRTC 1.0 specification
526         https://bugs.webkit.org/show_bug.cgi?id=159054
527
528         Reviewed by Eric Carlson.
529
530         Add checks for same state and closed RTCPeerConnection in the 'update ICE connection state'
531         and 'update ICE gathering state' routines as described in [1].
532
533         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#update-ice-gathering-state
534
535         No change in current behavior.
536
537         * Modules/mediastream/RTCPeerConnection.cpp:
538         (WebCore::RTCPeerConnection::updateIceGatheringState):
539         (WebCore::RTCPeerConnection::updateIceConnectionState):
540
541 2016-06-23  Adam Bergkvist  <adam.bergkvist@ericsson.com>
542
543         WebRTC: Add support for RTCPeerConnection legacy MediaStream-based API
544         https://bugs.webkit.org/show_bug.cgi?id=158940
545
546         Reviewed by Eric Carlson.
547
548         Implement the legacy MediaStream-based RTCPeerConnection API as JS built-ins. The
549         getRemoteStreams() function and the 'addstream' event are partly implemented with native
550         code.
551
552         Test: fast/mediastream/RTCPeerConnection-legacy-stream-based-api.html
553
554         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
555         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
556         (WebCore::MediaEndpointPeerConnection::getRemoteStreams):
557         The getRemoteStreams() function and the 'addstream' event is backed up by native code.
558         * Modules/mediastream/MediaEndpointPeerConnection.h:
559         * Modules/mediastream/MediaStream.idl:
560         * Modules/mediastream/PeerConnectionBackend.h:
561         * Modules/mediastream/RTCPeerConnection.h:
562         * Modules/mediastream/RTCPeerConnection.idl:
563         * Modules/mediastream/RTCPeerConnection.js:
564         (initializeRTCPeerConnection):
565         (getLocalStreams):
566         (getRemoteStreams):
567         (getStreamById):
568         (addStream):
569         (removeStream):
570         Legacy API implemented as JS built-ins.
571         * bindings/js/JSDOMGlobalObject.cpp:
572         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
573         * bindings/js/WebCoreBuiltinNames.h:
574
575 2016-06-23  Carlos Garcia Campos  <cgarcia@igalia.com>
576
577         Unreviewed. Fix the build with CSS Shapes disabled.
578
579         * css/StyleBuilderConverter.h:
580
581 2016-06-23  Carlos Garcia Campos  <cgarcia@igalia.com>
582
583         [Soup] Clean up SocketStreamHandle soup implementation
584         https://bugs.webkit.org/show_bug.cgi?id=159024
585
586         Reviewed by Žan Doberšek.
587
588         Stop using a global HashMap to "acivate"/"deactivate" handles, and just take a reference of the handle and
589         pass the ownership to the callbacks, using a GCancellable to cancel all async operations.
590
591         * platform/network/soup/SocketStreamHandle.h:
592         (WebCore::SocketStreamHandle::create):
593         (WebCore::SocketStreamHandle::id): Deleted.
594         * platform/network/soup/SocketStreamHandleSoup.cpp:
595         (WebCore::SocketStreamHandle::SocketStreamHandle):
596         (WebCore::SocketStreamHandle::connected):
597         (WebCore::SocketStreamHandle::connectedCallback):
598         (WebCore::SocketStreamHandle::readBytes):
599         (WebCore::SocketStreamHandle::readReadyCallback):
600         (WebCore::SocketStreamHandle::didFail):
601         (WebCore::SocketStreamHandle::platformSend):
602         (WebCore::SocketStreamHandle::platformClose):
603         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
604         (WebCore::SocketStreamHandle::writeReadyCallback):
605         (WebCore::getHandleFromId): Deleted.
606         (WebCore::deactivateHandle): Deleted.
607         (WebCore::activateHandle): Deleted.
608         (WebCore::SocketStreamHandle::~SocketStreamHandle): Deleted.
609         (WebCore::connectedCallback): Deleted.
610         (WebCore::readReadyCallback): Deleted.
611         (WebCore::writeReadyCallback): Deleted.
612
613 2016-06-22  Brady Eidson  <beidson@apple.com>
614
615         DatabaseProcess doesn't handle WebProcesses going away uncleanly.
616         https://bugs.webkit.org/show_bug.cgi?id=158894
617
618         Reviewed by Alex Christensen.
619
620         No new tests (Covered by additions to existing API test).
621
622         * Modules/indexeddb/server/IDBConnectionToClient.cpp:
623         (WebCore::IDBServer::IDBConnectionToClient::registerDatabaseConnection):
624         (WebCore::IDBServer::IDBConnectionToClient::unregisterDatabaseConnection):
625         (WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):
626         * Modules/indexeddb/server/IDBConnectionToClient.h:
627         
628         * Modules/indexeddb/server/IDBServer.cpp:
629         (WebCore::IDBServer::IDBServer::unregisterConnection): Call connectionToClientClosed() on
630           the connection, which cleans up after it in the server.
631         
632         * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
633         (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
634         (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
635
636 2016-06-22  Benjamin Poulain  <bpoulain@apple.com>
637
638         AX: Add support for CSS4 :focus-within pseudo
639         https://bugs.webkit.org/show_bug.cgi?id=140144
640
641         Reviewed by Antti Koivisto.
642
643         Tests: fast/css/pseudo-focus-within-basics.html
644                fast/css/pseudo-focus-within-inside-shadow-dom.html
645                fast/css/pseudo-focus-within-style-sharing-1.html
646                fast/css/pseudo-focus-within-style-sharing-2.html
647                fast/selectors/focus-within-style-update.html
648
649         * css/CSSSelector.cpp:
650         (WebCore::CSSSelector::selectorText):
651         * css/CSSSelector.h:
652         * css/SelectorChecker.cpp:
653         (WebCore::SelectorChecker::checkOne):
654         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
655         * cssjit/SelectorCompiler.cpp:
656         (WebCore::SelectorCompiler::addPseudoClassType):
657         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
658         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasFocusWithin):
659         * dom/ContainerNode.cpp:
660         (WebCore::destroyRenderTreeIfNeeded):
661         * dom/Element.cpp:
662         (WebCore::Element::~Element):
663         (WebCore::Element::setFocus):
664         (WebCore::Element::unregisterNamedFlowContentElement):
665         (WebCore::Element::setIsNamedFlowContentElement):
666         (WebCore::Element::clearIsNamedFlowContentElement):
667         (WebCore::Element::setStyleAffectedByFocusWithin):
668         (WebCore::Element::rareDataStyleAffectedByFocusWithin):
669         (WebCore::Element::rareDataIsNamedFlowContentElement):
670         * dom/Element.h:
671         (WebCore::Element::hasFocusWithin):
672         (WebCore::Element::styleAffectedByFocusWithin):
673         (WebCore::Element::isNamedFlowContentElement):
674         (WebCore::Element::setHasFocusWithin):
675         * dom/ElementRareData.h:
676         (WebCore::ElementRareData::styleAffectedByFocusWithin):
677         (WebCore::ElementRareData::setStyleAffectedByFocusWithin):
678         (WebCore::ElementRareData::isNamedFlowContentElement):
679         (WebCore::ElementRareData::setIsNamedFlowContentElement):
680         (WebCore::ElementRareData::ElementRareData):
681         (WebCore::ElementRareData::resetComputedStyle):
682         * dom/Node.h:
683         (WebCore::Node::flagHasFocusWithin):
684         (WebCore::Node::isNamedFlowContentNode): Deleted.
685         (WebCore::Node::setIsNamedFlowContentNode): Deleted.
686         (WebCore::Node::clearIsNamedFlowContentNode): Deleted.
687         * rendering/RenderNamedFlowThread.cpp:
688         (WebCore::RenderNamedFlowThread::clearContentElements):
689         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
690         (WebCore::RenderNamedFlowThread::unregisterNamedFlowContentElement):
691         (WebCore::nextNodeInsideContentElement):
692         * style/RenderTreeUpdater.cpp:
693         (WebCore::RenderTreeUpdater::updateElementRenderer):
694         * style/StyleRelations.cpp:
695         (WebCore::Style::commitRelationsToRenderStyle):
696         (WebCore::Style::commitRelations):
697         * style/StyleRelations.h:
698         * style/StyleSharingResolver.cpp:
699         (WebCore::Style::SharingResolver::canShareStyleWithElement):
700
701 2016-06-22  Oliver Hunt  <oliver@apple.com>
702
703         Integrate WebKit's CFURLConnection with App Transport Security
704         https://bugs.webkit.org/show_bug.cgi?id=159039
705         <rdar://problem/26953685>
706
707         Reviewed by Alex Christensen.
708
709         Pass additional options to NSURLConnect initialiser to identify that
710         this connection is for WebKit content loading.
711
712         * platform/network/mac/ResourceHandleMac.mm:
713         (WebCore::ResourceHandle::createNSURLConnection):
714
715 2016-06-20  Jeremy Jones  <jeremyj@apple.com>
716
717         Adopt commitPriority to get rid of the 2 AVPL solution for PiP
718         https://bugs.webkit.org/show_bug.cgi?id=158949
719         rdar://problem/26867866
720
721         Reviewed by Simon Fraser.
722
723         No new tests because there is no behavior change. This reverts changes from 
724         https://bugs.webkit.org/show_bug.cgi?id=158148 and instead uses -[CAContext commitPriority:]
725         to prevent flicker when moving a layer between contexts. 
726         commitPriority allows the layer to be added to the destination context before it is 
727         removed from the source context.
728
729         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: remove m_secondaryVideoLayer.
730         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
731         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): ditto.
732         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds): ditto.
733         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto.
734         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity): ditto.
735         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: ditto
736         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): ditto
737         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: ditto
738         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):ditto
739         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: ditto
740         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm: ditto
741         (WebCore::VideoFullscreenLayerManager::setVideoLayer): ditto
742         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer): ditto and adopt commitPriority.
743         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenFrame): ditto
744         (WebCore::VideoFullscreenLayerManager::setVideoLayers): Deleted. 
745         (WebCore::VideoFullscreenLayerManager::didDestroyVideoLayer): remove m_secondaryVideoLayer.
746         * platform/spi/cocoa/QuartzCoreSPI.h: Add commitPriority.
747
748 2016-06-22  Simon Fraser  <simon.fraser@apple.com>
749
750         REGRESSION (r201629): Weird button glitching on github.com
751         https://bugs.webkit.org/show_bug.cgi?id=159031
752         rdar://problem/26880332
753
754         Reviewed by Tim Horton.
755
756         r201629 changed the logic slightly when creating an image buffer for a scaled context;
757         it set the buffer context's scale to the scale in the source context, but this failed
758         to take into account the rounding up of the buffer size, which the old code did.
759
760         Fix by reverting to the old behavior.
761
762         Since buffer sizes can only be integral, changed compatibleBufferSize() to return
763         an IntSize.
764
765         Test: fast/backgrounds/scaled-gradient-background.html
766
767         * platform/graphics/ImageBuffer.cpp:
768         (WebCore::ImageBuffer::createCompatibleBuffer):
769         (WebCore::ImageBuffer::compatibleBufferSize):
770         * platform/graphics/ImageBuffer.h:
771         * platform/graphics/IntRect.h:
772         (WebCore::IntRect::area):
773         * platform/graphics/IntSize.h:
774         (WebCore::IntSize::area): Make this return an unsigned.
775
776 2016-06-22  Anders Carlsson  <andersca@apple.com>
777
778         Inline the last of the Apple Pay WebCore code
779         https://bugs.webkit.org/show_bug.cgi?id=159032
780
781         Reviewed by Tim Horton.
782
783         * loader/EmptyClients.cpp:
784         (WebCore::fillWithEmptyClients):
785         * page/MainFrame.cpp:
786         (WebCore::MainFrame::MainFrame):
787         * page/MainFrame.h:
788         * page/PageConfiguration.h:
789         * platform/cocoa/ThemeCocoa.mm:
790         (WebCore::passKitBundle):
791         (WebCore::loadPassKitPDFPage):
792         (WebCore::applePayButtonLogoBlack):
793         (WebCore::applePayButtonLogoWhite):
794         (WebCore::drawApplePayButton):
795         (WebCore::ThemeCocoa::drawNamedImage):
796
797 2016-06-22  Anders Carlsson  <andersca@apple.com>
798
799         Exception is not thrown when shipping method is an invalid amount
800         https://bugs.webkit.org/show_bug.cgi?id=159030
801         rdar://problem/26700413
802
803         Reviewed by Tim Horton.
804
805         * Modules/applepay/ApplePaySession.cpp:
806         (WebCore::createShippingMethods):
807         Bail if createShippingMethod returns Nullopt.
808
809         (WebCore::createPaymentRequest):
810         Bail if createShippingMethods returns Nullopt.
811
812 2016-06-22  Anders Carlsson  <andersca@apple.com>
813
814         Exception is not thrown when shipping method is an invalid amount
815         https://bugs.webkit.org/show_bug.cgi?id=159029
816         rdar://problem/26700413
817
818         Reviewed by Tim Horton.
819
820         * Modules/applepay/PaymentRequest.h:
821         Change ShippingMethod::amount to be a signed 64-bit integer.
822
823         * Modules/applepay/PaymentRequestValidator.cpp:
824         (WebCore::PaymentRequestValidator::validate):
825         Call validateShippingMethods.
826
827         (WebCore::PaymentRequestValidator::validateShippingMethods):
828         Validate all the shipping methods.
829
830         (WebCore::PaymentRequestValidator::validateShippingMethod):
831         Check that the amount is >= 0.
832
833         * Modules/applepay/PaymentRequestValidator.h:
834         Add new members.
835
836 2016-06-22  Adam Bergkvist  <adam.bergkvist@ericsson.com>
837
838         WebRTC: Add support for the negotiationneeded event in MediaEndpointPeerConnection
839         https://bugs.webkit.org/show_bug.cgi?id=158985
840
841         Reviewed by Eric Carlson.
842
843         Implement MediaEndpointPeerConnection's isNegotiationNeeded, markAsNeedingNegotiation and
844         clearNegotiationNeededState functions. The calls to these functions are already up-to-date.
845
846         Test: fast/mediastream/RTCPeerConnection-more-media-to-negotiate.html
847
848         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
849         (WebCore::MediaEndpointPeerConnection::markAsNeedingNegotiation):
850         * Modules/mediastream/MediaEndpointPeerConnection.h:
851         * Modules/mediastream/RTCPeerConnection.cpp:
852         (WebCore::RTCPeerConnection::scheduleNegotiationNeededEvent):
853
854 2016-06-22  Adam Bergkvist  <adam.bergkvist@ericsson.com>
855
856         WebRTC: Replace RTCPeerConnection custom constructor with a JS built-in constructor
857         https://bugs.webkit.org/show_bug.cgi?id=158832
858
859         Reviewed by Eric Carlson and Youenn Fablet.
860
861         Use a JS built-in constructor instead of a custom constructor. This makes it easier to
862         initialize private fields for functions implemented as JS built-ins. The constructor
863         behavior is in need of updating, but that is left to a follow-up change [1].
864
865         [1] http://webkit.org/b/158936
866         No change in behavior.
867
868         * CMakeLists.txt:
869         * Modules/mediastream/RTCPeerConnection.cpp:
870         (WebCore::RTCPeerConnection::create):
871         (WebCore::RTCPeerConnection::RTCPeerConnection):
872         (WebCore::RTCPeerConnection::~RTCPeerConnection):
873         (WebCore::RTCPeerConnection::initializeWith):
874         * Modules/mediastream/RTCPeerConnection.h:
875         * Modules/mediastream/RTCPeerConnection.idl:
876         * Modules/mediastream/RTCPeerConnection.js:
877         (initializeRTCPeerConnection):
878         Add JS built-in constructor function.
879         * WebCore.xcodeproj/project.pbxproj:
880         * bindings/js/JSRTCPeerConnectionCustom.cpp: Removed.
881         (WebCore::constructJSRTCPeerConnection): Deleted.
882
883 2016-06-22  Youenn Fablet  <youenn@apple.com>
884
885         CrossOriginPreflightChecker should call DocumentThreadableLoader preflightFailure instead of didFailLoading
886         https://bugs.webkit.org/show_bug.cgi?id=158984
887
888         Reviewed by Darin Adler.
889
890         No change of behavior.
891
892         Calling DocumentThreadableLoader preflightFailure instead of didFailLoading for any preflight error case.
893
894         * loader/CrossOriginPreflightChecker.cpp:
895         (WebCore::CrossOriginPreflightChecker::notifyFinished): Directly calling preflightFailure callback.
896         (WebCore::CrossOriginPreflightChecker::doPreflight): Ditto.
897         (WebCore::CrossOriginPreflightChecker::handleLoadingFailure): Deleted.
898         (WebCore::CrossOriginPreflightChecker::redirectReceived): Deleted (should have been removed as part of
899         https://bugs.webkit.org/show_bug.cgi?id=111008).
900         * loader/CrossOriginPreflightChecker.h:
901
902 2016-06-22  Youenn Fablet  <youennf@gmail.com>
903
904         JSDOMIterator forEach should support second optional parameter
905         https://bugs.webkit.org/show_bug.cgi?id=159020
906
907         Reviewed by Chris Dumez.
908
909         Covered by beefed up test.
910
911         * bindings/js/JSDOMIterator.h:
912         (WebCore::iteratorForEach): Setting callback thisValue to the second argument passed to forEach.
913
914 2016-06-22  Jer Noble  <jer.noble@apple.com>
915
916         Media controls stop working after exiting PiP
917         https://bugs.webkit.org/show_bug.cgi?id=159026
918         <rdar://problem/26753579>
919
920         Reviewed by Eric Carlson.
921
922         Do not slave setting WebVideoFullscreenModelVideoElement::setVideoElement() to
923         WebPlaybackSessionModelVideoElement::setMediaElement(). After all, someone else
924         (i.e., the media controls) may still be using it.
925
926         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
927         (WebVideoFullscreenModelVideoElement::setVideoElement): Deleted.
928         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
929         (WebVideoFullscreenControllerContext::didCleanupFullscreen):
930         (WebVideoFullscreenControllerContext::setUpFullscreen):
931
932 2016-06-22  Jer Noble  <jer.noble@apple.com>
933
934         Update document's isPlayingMedia() state whenever media element's media state changes
935         https://bugs.webkit.org/show_bug.cgi?id=159018
936         <rdar://problem/26586630>
937
938         Reviewed by Beth Dakin.
939
940         The Document can end up with a stale m_mediaState if its own value isn't updated when
941         its constituent HTMLMediaElement's m_mediaStates change.
942
943         * html/HTMLMediaElement.cpp:
944         (WebCore::HTMLMediaElement::updateMediaState):
945
946 2016-06-22  Simon Fraser  <simon.fraser@apple.com>
947
948         Crash under GraphicsLayerCA::recursiveCommitChanges() with deep layer trees
949         https://bugs.webkit.org/show_bug.cgi?id=159023
950         rdar://problem/25377842
951
952         Reviewed by Tim Horton.
953
954         Having an on-stack DisplayList::Recorder increased the stack frame size significantly,
955         causing stack exhaustion with deep layer trees, despite the existing depth check.
956
957         Make the Recorder heap-allocated to fix this.
958
959         Tested by LayoutTests/compositing//layer-creation/deep-tree.html.
960
961         * platform/graphics/ca/GraphicsLayerCA.cpp:
962         (WebCore::GraphicsLayerCA::recursiveCommitChanges):
963
964 2016-06-22  Carlos Garcia Campos  <cgarcia@igalia.com>
965
966         [GTK] Add support for variadic parameters to GObject DOM bindings
967         https://bugs.webkit.org/show_bug.cgi?id=158942
968
969         Reviewed by Michael Catanzaro.
970
971         Generate code for functions having variadic parameters.
972
973         * bindings/scripts/CodeGeneratorGObject.pm:
974         (GenerateFunction):
975         (SkipFunction):
976         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
977         (webkit_dom_test_obj_variadic_string_method):
978         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
979
980 2016-06-21  Benjamin Poulain  <bpoulain@apple.com>
981
982         :hover CSS pseudo-class sometimes keeps matching ever after mouse has left the element
983         https://bugs.webkit.org/show_bug.cgi?id=158340
984
985         Reviewed by Simon Fraser.
986
987         When removing a hovered subtree from the document, we were getting
988         into an inconsistent state where m_hoveredElement is in the detached
989         subtree and we have no way of clearing the existing IsHovered flags.
990
991         What happens is:
992         -The root "a" has an child "b" that is hovered.
993         -"a" starts being removed from the tree, its renderer is destroyed.
994         -RenderTreeUpdater::tearDownRenderers() pushes "a" on the teardownStack
995          and calls hoveredElementDidDetach().
996         -hoveredElementDidDetach() is called with "a". "a" is not the hovered
997          element, the function does nothing.
998         -RenderTreeUpdater::tearDownRenderers() pushes "b" on the teardownStack
999          and calls hoveredElementDidDetach().
1000         -hoveredElementDidDetach() is called with "b". The next parent with a renderer
1001          is "a", m_hoveredElement is set to "a".
1002         -"a"'s parent is set to nullptr.
1003
1004         -> We have a m_hoveredElement on the root of a detached tree, making
1005            it impossible to clear the real dirty tree.
1006
1007         This patch changes the order in which we clear the flags.
1008         It is done in the order in which we clear the renderers to ensure
1009         the last element with a dead renderer is the last to update m_hoveredElement.
1010
1011         Tests: fast/css/ancestor-of-hovered-element-detached.html
1012                fast/css/ancestor-of-hovered-element-removed.html
1013
1014         * Source/WebCore/style/RenderTreeUpdater.cpp:
1015
1016 2016-06-21  Youenn Fablet  <youennf@gmail.com>
1017
1018         [Fetch API] Rename 'origin-only' referrer policy to 'origin'
1019         https://bugs.webkit.org/show_bug.cgi?id=158982
1020
1021         Reviewed by Alex Christensen.
1022
1023         Covered by updated tests.
1024
1025         * Modules/fetch/FetchRequest.cpp:
1026         (WebCore::setReferrerPolicy): Renaming origin-only to origin.
1027         * Modules/fetch/FetchRequest.idl: Ditto.
1028         * loader/FetchOptions.h: Ditto.
1029
1030 2016-06-21  Chris Dumez  <cdumez@apple.com>
1031
1032         Let the compiler generate the move constructor and assignment operator for ScriptExecutionContext::Task
1033         https://bugs.webkit.org/show_bug.cgi?id=159013
1034
1035         Reviewed by Brady Eidson.
1036
1037         Let the compiler generate the move constructor and assignment operator for
1038         ScriptExecutionContext::Task. We previously manually defined the move
1039         constructor but there is no need as it doesn't do anything special.
1040
1041         * dom/ScriptExecutionContext.h:
1042
1043 2016-06-21  Dean Jackson  <dino@apple.com>
1044
1045         DumpRenderTree crashed in com.apple.WebCore: WebCore::HTMLSelectElement::updateSelectedState
1046         https://bugs.webkit.org/show_bug.cgi?id=159009
1047         <rdar://problem/23454623>
1048
1049         Reviewed by Jon Lee.
1050
1051         It seems we can get bogus indices from UIKit's implementation
1052         of UIWebSelectMultiplePicker. Guard against this situation.
1053
1054         Covered by running the existing tests in WebKit1 with Guard Malloc,
1055         such as fast/spatial-navigation/snav-multiple-select-optgroup.html
1056
1057         * html/HTMLSelectElement.cpp:
1058         (WebCore::HTMLSelectElement::updateSelectedState): Early return
1059         if we get an index out of range.
1060
1061 2016-06-21  Chris Dumez  <cdumez@apple.com>
1062
1063         Pass ScriptExecutionContext::Task as rvalue reference
1064         https://bugs.webkit.org/show_bug.cgi?id=159007
1065
1066         Reviewed by Anders Carlsson.
1067
1068         Pass ScriptExecutionContext::Task as rvalue reference since its non-copyable
1069         and has to be moved in.
1070
1071         * workers/WorkerLoaderProxy.h:
1072         * workers/WorkerMessagingProxy.cpp:
1073         (WebCore::WorkerMessagingProxy::postTaskToLoader):
1074         (WebCore::WorkerMessagingProxy::postTaskForModeToWorkerGlobalScope):
1075         * workers/WorkerMessagingProxy.h:
1076         * workers/WorkerRunLoop.cpp:
1077         (WebCore::WorkerRunLoop::postTask):
1078         (WebCore::WorkerRunLoop::postTaskAndTerminate):
1079         (WebCore::WorkerRunLoop::postTaskForMode):
1080         (WebCore::WorkerRunLoop::Task::Task):
1081         * workers/WorkerRunLoop.h:
1082
1083 2016-06-21  Anders Carlsson  <andersca@apple.com>
1084
1085         Include IdentifierInlines.h.
1086
1087         * bindings/js/JSApplePayShippingMethodSelectedEventCustom.cpp:
1088
1089 2016-06-21  Anders Carlsson  <andersca@apple.com>
1090
1091         Add PaymentHeaders.h file.
1092
1093         * Modules/applepay/PaymentHeaders.h: Added.
1094         * WebCore.xcodeproj/project.pbxproj:
1095
1096 2016-06-21  Anders Carlsson  <andersca@apple.com>
1097
1098         Make a bunch of Apple Pay headers private instead of project.
1099
1100         * WebCore.xcodeproj/project.pbxproj:
1101
1102 2016-06-21  Anders Carlsson  <andersca@apple.com>
1103
1104         Move the last Apple Pay WebCore files to the open source repository
1105         https://bugs.webkit.org/show_bug.cgi?id=159005
1106
1107         Reviewed by Tim Horton.
1108
1109         * DerivedSources.make:
1110         * Modules/applepay/ApplePayPaymentAuthorizedEvent.cpp: Added.
1111         * Modules/applepay/ApplePayPaymentAuthorizedEvent.h: Added.
1112         * Modules/applepay/ApplePayPaymentAuthorizedEvent.idl: Added.
1113         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.cpp: Added.
1114         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.h: Added.
1115         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.idl: Added.
1116         * Modules/applepay/ApplePaySession.cpp: Added.
1117         * Modules/applepay/ApplePaySession.h: Added.
1118         * Modules/applepay/ApplePaySession.idl: Added.
1119         * Modules/applepay/ApplePayShippingContactSelectedEvent.cpp: Added.
1120         * Modules/applepay/ApplePayShippingContactSelectedEvent.h: Added.
1121         * Modules/applepay/ApplePayShippingContactSelectedEvent.idl: Added.
1122         * Modules/applepay/ApplePayShippingMethodSelectedEvent.cpp: Added.
1123         * Modules/applepay/ApplePayShippingMethodSelectedEvent.h: Added.
1124         * Modules/applepay/ApplePayShippingMethodSelectedEvent.idl: Added.
1125         * Modules/applepay/ApplePayValidateMerchantEvent.cpp: Added.
1126         * Modules/applepay/ApplePayValidateMerchantEvent.h: Added.
1127         * Modules/applepay/ApplePayValidateMerchantEvent.idl: Added.
1128         * Modules/applepay/Payment.h: Added.
1129         * Modules/applepay/PaymentAuthorizationStatus.h: Added.
1130         * Modules/applepay/PaymentContact.h: Added.
1131         * Modules/applepay/PaymentMerchantSession.h: Added.
1132         * Modules/applepay/PaymentMethod.h: Added.
1133         * Modules/applepay/PaymentRequestValidator.cpp: Added.
1134         * Modules/applepay/PaymentRequestValidator.h: Added.
1135         * Modules/applepay/cocoa/PaymentContactCocoa.mm: Added.
1136         * Modules/applepay/cocoa/PaymentMethodCocoa.mm: Added.
1137         * WebCore.xcodeproj/project.pbxproj:
1138         * bindings/js/JSApplePayPaymentAuthorizedEventCustom.cpp: Added.
1139         * bindings/js/JSApplePayPaymentMethodSelectedEventCustom.cpp: Added.
1140         * bindings/js/JSApplePaySessionCustom.cpp: Added.
1141         * bindings/js/JSApplePayShippingContactSelectedEventCustom.cpp: Added.
1142         * bindings/js/JSApplePayShippingMethodSelectedEventCustom.cpp: Added.
1143         * dom/EventNames.in:
1144         * dom/EventTargetFactory.in:
1145
1146 2016-06-21  Anders Carlsson  <andersca@apple.com>
1147
1148         Fix build.
1149
1150         * Configurations/FeatureDefines.xcconfig:
1151
1152 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
1153
1154         Unreviewed, rolling out r202302, r202303, r202305, and
1155         r202306.
1156
1157         Roll out the rollouts because of breaking the build.
1158
1159         Reverted changesets:
1160
1161         "Unreviewed, rolling out r200678."
1162         https://bugs.webkit.org/show_bug.cgi?id=157453
1163         http://trac.webkit.org/changeset/202302
1164
1165         "Unreviewed, rolling out r200619."
1166         https://bugs.webkit.org/show_bug.cgi?id=131443
1167         http://trac.webkit.org/changeset/202303
1168
1169         "Unreviewed, attempt to fix the build after r202303."
1170         http://trac.webkit.org/changeset/202305
1171
1172         "Unreviewed, attempt to fix the build after r202303."
1173         http://trac.webkit.org/changeset/202306
1174
1175 2016-06-21  Chris Dumez  <cdumez@apple.com>
1176
1177         Unreviewed, attempt to fix the build after r202303.
1178
1179         * bindings/js/JSDOMIterator.h:
1180         (WebCore::IteratorInspector::decltype):
1181         (WebCore::IteratorInspector::test):
1182
1183 2016-06-21  Chris Dumez  <cdumez@apple.com>
1184
1185         Unreviewed, attempt to fix the build after r202303.
1186
1187         * bindings/js/JSDOMIterator.h:
1188         (WebCore::toJS):
1189
1190 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
1191
1192         Unreviewed, rolling out r200619.
1193
1194         This incompleted feature broke http://m.yahoo.co.jp. Roll it
1195         out together with r200678.
1196
1197         Reverted changeset:
1198
1199         "NodeList should be iterable"
1200         https://bugs.webkit.org/show_bug.cgi?id=131443
1201         http://trac.webkit.org/changeset/200619
1202
1203 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
1204
1205         Unreviewed, rolling out r200678.
1206
1207         This incompleted feature broke http://m.yahoo.co.jp. Roll it
1208         out together with r200619.
1209
1210         Reverted changeset:
1211
1212         "Ensure DOM iterators remain done"
1213         https://bugs.webkit.org/show_bug.cgi?id=157453
1214         http://trac.webkit.org/changeset/200678
1215
1216 2016-06-21  Anders Carlsson  <andersca@apple.com>
1217
1218         Begin moving the Apple Pay code to the open source repository
1219         https://bugs.webkit.org/show_bug.cgi?id=158998
1220
1221         Reviewed by Tim Horton.
1222
1223         * Configurations/FeatureDefines.xcconfig:
1224         Add ENABLE_APPLE_PAY.
1225
1226         * Modules/applepay/PaymentCoordinator.cpp: Added.
1227         * Modules/applepay/PaymentCoordinator.h: Added.
1228         * Modules/applepay/PaymentCoordinatorClient.h: Added.
1229         * Modules/applepay/PaymentRequest.cpp: Added.
1230         * Modules/applepay/PaymentRequest.h: Added.
1231         * Modules/applepay/cocoa/PaymentCocoa.mm: Added.
1232         * WebCore.xcodeproj/project.pbxproj:
1233         Add new files.
1234
1235         * dom/EventNames.h:
1236         Add new event names.
1237
1238         * page/MainFrame.h:
1239         Use a forward declaration.
1240
1241 2016-06-21  Said Abou-Hallawa  <sabouhallawa@apple,com>
1242
1243         Add system tracing points for requestAnimationFrame() workflow
1244         https://bugs.webkit.org/show_bug.cgi?id=158723
1245
1246         Reviewed by Simon Fraser.
1247
1248         Add trace points for requestAnimationFrame().
1249
1250         * dom/ScriptedAnimationController.cpp:
1251         (WebCore::ScriptedAnimationController::requestAnimationFrameEnabled):
1252         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
1253         (WebCore::ScriptedAnimationController::windowScreenDidChange):
1254         (WebCore::ScriptedAnimationController::scheduleAnimation):
1255         * dom/ScriptedAnimationController.h:
1256         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
1257         (WebCore::DisplayRefreshMonitorIOS::requestRefreshCallback):
1258         (WebCore::DisplayRefreshMonitorIOS::displayLinkFired):
1259
1260 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
1261
1262         [iOS] Typing text into a text field or text area causes screen to scroll down (hiding text entry)
1263         https://bugs.webkit.org/show_bug.cgi?id=158970
1264
1265         Reviewed by Ryosuke Niwa.
1266
1267         insertTextWithoutSendingTextEvent() should only reveal the selection up to the main frame on iOS,
1268         since the UI process can zoom and scroll the view to the text input.
1269
1270         Test: fast/forms/ios/typing-in-input-in-iframe.html
1271
1272         * editing/Editor.cpp:
1273         (WebCore::Editor::insertTextWithoutSendingTextEvent):
1274
1275 2016-06-21  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1276
1277         WebRTC: Remove unused MediaEndpointClient::gotRemoteSource function
1278         https://bugs.webkit.org/show_bug.cgi?id=158986
1279
1280         Reviewed by Eric Carlson.
1281
1282         Remote sources are explicitly created with MediaEndpoint::createMutedRemoteSource so the
1283         MediaEndpointClient::gotRemoteSource can be removed.
1284
1285         No change in behavior.
1286
1287         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1288         (WebCore::MediaEndpointPeerConnection::gotRemoteSource): Deleted.
1289         * Modules/mediastream/MediaEndpointPeerConnection.h:
1290         * platform/mediastream/MediaEndpoint.h:
1291
1292 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
1293
1294         Focus event dispatched in iframe causes parent document to scroll incorrectly
1295         https://bugs.webkit.org/show_bug.cgi?id=158629
1296         rdar://problem/26521616
1297
1298         Reviewed by Tim Horton.
1299
1300         When focussing elements in iframes, the page could scroll to an incorrect location.
1301         This happened because code in Element::focus() tried to disable scrolling on focus,
1302         but did so only for the current frame, so ancestor frames got programmatically scrolled.
1303         On iOS we handle the scrolling in the UI process, so never want the web process to
1304         do programmatic scrolling.
1305
1306         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
1307         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
1308         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
1309
1310         Tests: fast/forms/ios/focus-input-in-iframe.html
1311                fast/forms/ios/programmatic-focus-input-in-iframe.html
1312
1313         * dom/Document.h:
1314         * dom/Element.cpp:
1315         (WebCore::Element::scrollIntoView):
1316         (WebCore::Element::scrollIntoViewIfNeeded):
1317         (WebCore::Element::scrollIntoViewIfNotVisible):
1318         (WebCore::Element::focus):
1319         (WebCore::Element::updateFocusAppearance):
1320         * dom/Element.h:
1321         * editing/Editor.cpp:
1322         (WebCore::Editor::insertTextWithoutSendingTextEvent):
1323         (WebCore::Editor::revealSelectionAfterEditingOperation):
1324         (WebCore::Editor::findStringAndScrollToVisible):
1325         * editing/FrameSelection.cpp:
1326         (WebCore::FrameSelection::updateAndRevealSelection):
1327         (WebCore::FrameSelection::revealSelection):
1328         (WebCore::FrameSelection::FrameSelection): Deleted.
1329         * editing/FrameSelection.h:
1330         * html/HTMLInputElement.cpp:
1331         (WebCore::HTMLInputElement::updateFocusAppearance):
1332         * html/HTMLTextAreaElement.cpp:
1333         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
1334         * page/ContextMenuController.cpp:
1335         (WebCore::ContextMenuController::contextMenuItemSelected):
1336         * page/FrameView.cpp:
1337         (WebCore::FrameView::scrollToAnchor):
1338         * rendering/RenderLayer.cpp:
1339         (WebCore::RenderLayer::scrollRectToVisible):
1340         (WebCore::RenderLayer::autoscroll):
1341         * rendering/RenderLayer.h:
1342         * rendering/RenderObject.cpp:
1343         (WebCore::RenderObject::scrollRectToVisible):
1344         * rendering/RenderObject.h:
1345
1346 2016-06-21  Frederic Wang  <fwang@igalia.com>
1347
1348         Implement RenderMathMLOperator::layoutBlock
1349         https://bugs.webkit.org/show_bug.cgi?id=157521
1350
1351         Reviewed by Brent Fulgham.
1352
1353         No new tests, already covered by existing tests.
1354
1355         Add an initial implementation of RenderMathMLOperator::layoutBlock, which will perform
1356         special layout when the MathOperator is used. We also improved how the logical height is
1357         calculated and avoid updating the style when stretchTo is called.
1358
1359         * rendering/mathml/RenderMathMLOperator.cpp:
1360         (WebCore::RenderMathMLOperator::stretchTo):
1361         (WebCore::RenderMathMLOperator::layoutBlock):
1362         (WebCore::RenderMathMLOperator::computeLogicalHeight): Deleted.
1363         * rendering/mathml/RenderMathMLOperator.h:
1364
1365 2016-06-21  Chris Dumez  <cdumez@apple.com>
1366
1367         Unreviewed, roll out r202268 as it looks like it was a ~50% regression on Dromaeo DOM Core
1368
1369         * bindings/scripts/CodeGeneratorJS.pm:
1370         (GenerateImplementation):
1371         (GeneratePrototypeDeclaration):
1372         * bindings/scripts/test/JS/JSInterfaceName.cpp:
1373         (WebCore::JSInterfaceNamePrototype::finishCreation):
1374         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1375         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
1376         (WebCore::JSTestActiveDOMObject::createPrototype): Deleted.
1377         (WebCore::JSTestActiveDOMObject::prototype): Deleted.
1378         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
1379         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
1380         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
1381         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
1382         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
1383         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
1384         (WebCore::JSTestCustomNamedGetter::JSTestCustomNamedGetter): Deleted.
1385         (WebCore::JSTestCustomNamedGetter::createPrototype): Deleted.
1386         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1387         (WebCore::JSTestEventConstructorPrototype::finishCreation):
1388         (WebCore::JSTestEventConstructor::createPrototype): Deleted.
1389         (WebCore::JSTestEventConstructor::prototype): Deleted.
1390         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1391         (WebCore::JSTestEventTargetPrototype::finishCreation):
1392         (WebCore::JSTestEventTarget::JSTestEventTarget): Deleted.
1393         (WebCore::JSTestEventTarget::createPrototype): Deleted.
1394         * bindings/scripts/test/JS/JSTestException.cpp:
1395         (WebCore::JSTestExceptionPrototype::finishCreation):
1396         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
1397         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
1398         * bindings/scripts/test/JS/JSTestInterface.cpp:
1399         (WebCore::JSTestInterfacePrototype::finishCreation):
1400         (WebCore::jsTestInterfaceImplementsStr2): Deleted.
1401         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1402         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
1403         (WebCore::JSTestJSBuiltinConstructor::JSTestJSBuiltinConstructor): Deleted.
1404         (WebCore::JSTestJSBuiltinConstructor::createPrototype): Deleted.
1405         (WebCore::JSTestJSBuiltinConstructor::destroy): Deleted.
1406         (WebCore::jsTestJSBuiltinConstructorTestAttributeCustom): Deleted.
1407         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1408         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
1409         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener): Deleted.
1410         (WebCore::JSTestMediaQueryListListener::createPrototype): Deleted.
1411         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
1412         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
1413         * bindings/scripts/test/JS/JSTestNode.cpp:
1414         (WebCore::JSTestNodePrototype::finishCreation):
1415         (WebCore::JSTestNode::JSTestNode): Deleted.
1416         (WebCore::JSTestNode::prototype): Deleted.
1417         (WebCore::jsTestNodeName): Deleted.
1418         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1419         (WebCore::JSTestNondeterministicPrototype::finishCreation):
1420         (WebCore::JSTestNondeterministic::JSTestNondeterministic): Deleted.
1421         (WebCore::JSTestNondeterministic::prototype): Deleted.
1422         (WebCore::JSTestNondeterministic::destroy): Deleted.
1423         * bindings/scripts/test/JS/JSTestObj.cpp:
1424         (WebCore::JSTestObjPrototype::finishCreation):
1425         (WebCore::JSTestObj::JSTestObj): Deleted.
1426         (WebCore::JSTestObj::createPrototype): Deleted.
1427         (WebCore::JSTestObj::prototype): Deleted.
1428         (WebCore::JSTestObj::destroy): Deleted.
1429         (WebCore::JSTestObj::getOwnPropertySlot): Deleted.
1430         (WebCore::JSTestObj::getOwnPropertySlotByIndex): Deleted.
1431         (WebCore::jsTestObjReadOnlyLongAttr): Deleted.
1432         (WebCore::jsTestObjReadOnlyStringAttr): Deleted.
1433         (WebCore::jsTestObjReadOnlyTestObjAttr): Deleted.
1434         (WebCore::jsTestObjConstructorStaticReadOnlyLongAttr): Deleted.
1435         (WebCore::jsTestObjConstructorStaticStringAttr): Deleted.
1436         (WebCore::jsTestObjConstructorTestSubObj): Deleted.
1437         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor): Deleted.
1438         (WebCore::jsTestObjEnumAttr): Deleted.
1439         (WebCore::jsTestObjByteAttr): Deleted.
1440         (WebCore::jsTestObjOctetAttr): Deleted.
1441         (WebCore::jsTestObjShortAttr): Deleted.
1442         (WebCore::jsTestObjClampedShortAttr): Deleted.
1443         (WebCore::jsTestObjEnforceRangeShortAttr): Deleted.
1444         (WebCore::jsTestObjUnsignedShortAttr): Deleted.
1445         (WebCore::jsTestObjLongAttr): Deleted.
1446         (WebCore::jsTestObjLongLongAttr): Deleted.
1447         (WebCore::jsTestObjReflectedCustomBooleanAttr): Deleted.
1448         (WebCore::jsTestObjReflectedCustomURLAttr): Deleted.
1449         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
1450         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
1451         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
1452         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
1453         (WebCore::JSTestOverrideBuiltins::JSTestOverrideBuiltins): Deleted.
1454         (WebCore::JSTestOverrideBuiltins::createPrototype): Deleted.
1455         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1456         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
1457         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface): Deleted.
1458         (WebCore::JSTestSerializedScriptValueInterface::prototype): Deleted.
1459         (WebCore::JSTestSerializedScriptValueInterface::destroy): Deleted.
1460         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1461         (WebCore::JSTestTypedefsPrototype::finishCreation):
1462         (WebCore::JSTestTypedefs::JSTestTypedefs): Deleted.
1463         (WebCore::JSTestTypedefs::createPrototype): Deleted.
1464         (WebCore::JSTestTypedefs::prototype): Deleted.
1465         (WebCore::JSTestTypedefs::destroy): Deleted.
1466         (WebCore::jsTestTypedefsUnsignedLongLongAttr): Deleted.
1467         (WebCore::jsTestTypedefsImmutableSerializedScriptValue): Deleted.
1468         (WebCore::jsTestTypedefsAttrWithGetterException): Deleted.
1469         * bindings/scripts/test/JS/JSattribute.cpp:
1470         (WebCore::JSattributePrototype::finishCreation):
1471         * bindings/scripts/test/JS/JSreadonly.cpp:
1472         (WebCore::JSreadonlyPrototype::finishCreation):
1473
1474 2016-06-21  Keith Miller  <keith_miller@apple.com>
1475
1476         It should be easy to add a private global helper function for builtins
1477         https://bugs.webkit.org/show_bug.cgi?id=158893
1478
1479         Reviewed by Mark Lam.
1480
1481         Add JSCJSValueInlines.h to fix build issues.
1482
1483         * platform/mock/mediasource/MockBox.cpp:
1484
1485 2016-06-21  Amir Alavi  <aalavi@apple.com>
1486
1487         Upstream WKHTTPCookiesForURL from WebKitSystemInterface to OpenSource
1488         https://bugs.webkit.org/show_bug.cgi?id=158967
1489
1490         Reviewed by Brent Fulgham.
1491
1492         * platform/ios/WebCoreSystemInterfaceIOS.mm:
1493         * platform/mac/WebCoreSystemInterface.h:
1494         * platform/mac/WebCoreSystemInterface.mm:
1495         * platform/network/mac/CookieJarMac.mm:
1496         (WebCore::httpCookiesForURL): Upstreamed from WebKitSystemInterface.
1497         (WebCore::cookiesForURL): Changed to call httpCookiesForURL.
1498         (WebCore::deleteCookie): Ditto.
1499         * platform/spi/cf/CFNetworkSPI.h:
1500
1501 2016-06-21  Chris Dumez  <cdumez@apple.com>
1502
1503         Unreviewed, rolling out r202231.
1504
1505         Seems to have regressed PLT on both iOS and Mac (very obvious
1506         on iOS Warm PLT)
1507
1508         Reverted changeset:
1509
1510         "When navigating, discard decoded image data that is only live
1511         due to page cache."
1512         https://bugs.webkit.org/show_bug.cgi?id=158941
1513         http://trac.webkit.org/changeset/202231
1514
1515 2016-06-21  Youenn Fablet  <youennf@gmail.com>
1516
1517         Add bindings generator support to add a native JS function to both a 'name' and a private '@name' slot
1518         https://bugs.webkit.org/show_bug.cgi?id=158777
1519
1520         Reviewed by Eric Carlson.
1521
1522         Adding a new PublicIdentifier keyword to cover the case of the same function exposed publicly and privately.
1523         Renaming Private keyword to PrivateIdentifier.
1524         Functions exposed both publicly and privately should set both keywords.
1525         By default, functions are publically exposed.
1526
1527         Updated binding generator to generate public exposure except if PrivateIdentifer is set and PublicIdentifier is
1528         not set.
1529
1530         Keeping skipping of ObjC/GObject binding for PrivateIdentifier-only functions.
1531
1532         Covered by rebased binding tests.
1533
1534         * Modules/fetch/FetchHeaders.idl:
1535         * Modules/fetch/FetchResponse.idl:
1536         * Modules/mediastream/MediaDevices.idl:
1537         * Modules/mediastream/RTCPeerConnection.idl:
1538         * bindings/scripts/CodeGeneratorGObject.pm:
1539         (SkipFunction):
1540         * bindings/scripts/CodeGeneratorJS.pm:
1541         (GeneratePropertiesHashTable):
1542         (GenerateImplementation):
1543         * bindings/scripts/CodeGeneratorObjC.pm:
1544         (SkipFunction):
1545         * bindings/scripts/IDLAttributes.txt:
1546         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1547         (webkit_dom_test_obj_private_also_method):
1548         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
1549         * bindings/scripts/test/JS/JSTestObj.cpp:
1550         (WebCore::JSTestObjPrototype::finishCreation):
1551         (WebCore::jsTestObjPrototypeFunctionPrivateMethod):
1552         (WebCore::jsTestObjPrototypeFunctionPrivateAlsoMethod):
1553         * bindings/scripts/test/ObjC/DOMTestObj.h:
1554         * bindings/scripts/test/ObjC/DOMTestObj.mm:
1555         (-[DOMTestObj privateAlsoMethod:]):
1556         * bindings/scripts/test/TestObj.idl:
1557
1558 2016-06-21  Dan Bernstein  <mitz@apple.com>
1559
1560         Inlined some picture-in-picture code.
1561         https://bugs.webkit.org/show_bug.cgi?id=158977
1562
1563         Reviewed by Eric Carlsson.
1564
1565         This code was written primarily by Ada Chan, and originally reviewed by Alex Christensen,
1566         Anders Carlsson, Conrad Shultz, Dan Bernstein, Eric Carlson, Jer Noble, Jeremy Jones,
1567         Jon Lee, Remy Demarest, and Zach Li.
1568
1569         * English.lproj/Localizable.strings:
1570           Updated using update-webkit-localizable-strings.
1571
1572         * Modules/mediacontrols/mediaControlsApple.css:
1573         (video:-webkit-full-screen::-webkit-media-controls-panel .picture-in-picture-button):
1574
1575         * Modules/mediacontrols/mediaControlsApple.js:
1576         (Controller.prototype.configureFullScreenControls):
1577
1578         * WebCore.xcodeproj/project.pbxproj: Added PIPSPI.h.
1579
1580         * html/HTMLMediaElement.cpp: Inlined code from HTMLMediaElementAdditions.cpp.
1581
1582         * html/HTMLVideoElement.cpp: Inlined code from HTMLVideoElementSupportsFullscreenAdditions.cpp.
1583
1584         * platform/LocalizedStrings.cpp:
1585         (WebCore::contextMenuItemTagEnterVideoEnhancedFullscreen): Brought in from ContextMenuLocalizedStringsAdditions.cpp.
1586         (WebCore::contextMenuItemTagExitVideoEnhancedFullscreen): Ditto.
1587         (WebCore::AXARIAContentGroupText): Made updates that should have been part of r198543.
1588
1589         * platform/mac/WebVideoFullscreenInterfaceMac.h: Removed USE(APPLE_INTERNAL_SDK) guards.
1590         * platform/mac/WebVideoFullscreenInterfaceMac.mm: Inlined WebVideoFullscreenInterfaceMacAdditions.mm.
1591
1592         * platform/spi/mac/PIPSPI.h: Added.
1593
1594         * rendering/HitTestResult.cpp: Inlined HitTestResultAdditions.cpp.
1595
1596         * rendering/RenderThemeMac.mm:
1597         (WebCore::RenderThemeMac::mediaControlsStyleSheet): Removed include of
1598           RenderThemeMacMediaControlsStyleSheetAdditions.mm now that the content is in
1599           mediaControlsApple.css.
1600         (WebCore::RenderThemeMac::mediaControlsScript): Removed include of
1601           RenderThemeMacMediaControlsScriptAdditions.mm now that the content is in mediaControlsApple.js.
1602
1603 2016-06-21  Miguel Gomez  <magomez@igalia.com>
1604
1605         [GStreamer] video orientation support
1606         https://bugs.webkit.org/show_bug.cgi?id=148524
1607
1608         Reviewed by Philippe Normand.
1609
1610         Rotate video frames to follow the orientation metadata in the video file.
1611         When accelerated compositing is disabled, the rotation is performed by a videoflip element added
1612         to the playbin.
1613         When accelerated compositing is enabled, the rotation is peformed by the TextureMapper in response
1614         to a rotation flag set on the frame buffers.
1615
1616         Test: media/video-orientation.html
1617
1618         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1619         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1620         Handle the GST_MESSAGE_TAG message from the bin.
1621         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
1622         Add the videflip element to the bin when accelerated compositing is disabled.
1623         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1624         (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
1625         Receive and use extra flags for the TextureMapper.
1626         (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
1627         (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
1628         When using accelerated compositing, transpose the video size if the rotation is 90 or 270 degrees.
1629         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
1630         Add rotation flag to frame holder and layer buffer.
1631         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1632         Use rotation flag when requesting the TextureMapper to draw.
1633         (WebCore::MediaPlayerPrivateGStreamerBase::setVideoSourceRotation):
1634         Function to store the video rotation.
1635         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
1636         Add bits to store the video rotation.
1637         * platform/graphics/texmap/TextureMapperGL.cpp:
1638         (WebCore::TextureMapperGL::drawTexturedQuadWithProgram):
1639         Modify the patternTransform according to the rotation flag passed.
1640         * platform/graphics/texmap/TextureMapperGL.h:
1641         Add new flags to handle the video souce rotation.
1642         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
1643         (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
1644         Change the drawTexture method used so custom flags can be passed.
1645         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
1646         (WebCore::TextureMapperPlatformLayerBuffer::setExtraFlags):
1647         New method to set TextureMapper flags.
1648
1649 2016-06-20  Frederic Wang  <fwang@igalia.com>
1650
1651         Use the MathOperator to handle some non-stretchy operators
1652         https://bugs.webkit.org/show_bug.cgi?id=157519
1653
1654         Reviewed by Brent Fulgham.
1655
1656         To prepare for the removal of anonymous text node from the render classes of token elements
1657         we use MathOperator to handle two cases where the actual text to display may not be
1658         available in the DOM: mfenced and minus operators. This change removes support for the
1659         case of mfenced operators with multiple characters since that it is not supported by
1660         MathOperator. It is a edge case that is not used in practice since fences and separators are
1661         only made of a single character. However, it would still be possible to duplicate some
1662         code/logic to add it back if that turns out to be necessary.
1663
1664         No new tests, already covered by existing tests.
1665
1666         * rendering/mathml/MathOperator.cpp:
1667         (WebCore::MathOperator::MathOperator): Rename UndefinedOperator.
1668         (WebCore::RenderMathMLOperator::firstLineBaseline): Improve rounding of ascent so that mfenced operators are correctly aligned.
1669         * rendering/mathml/MathOperator.h: Rename UndefinedOperator, since it can now be used to draw non-stretchy operators.
1670         (WebCore::MathOperator::isStretched): Deleted. This function is no longer used by RenderMathMLOperator.
1671         (WebCore::MathOperator::unstretch): Deleted. This function is no longer used by RenderMathMLOperator.
1672         * rendering/mathml/RenderMathMLOperator.cpp:
1673         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Use useMathOperator.
1674         (WebCore::RenderMathMLOperator::rebuildTokenContent): Set the MathOperator when useMathOperator() is true.
1675         When the operator is not likely to stretch we just leave its type as NormalOperator.
1676         (WebCore::RenderMathMLOperator::useMathOperator): Helper function to determine when MathOperator should be used.
1677         (WebCore::RenderMathMLOperator::firstLineBaseline): Use useMathOperator.
1678         (WebCore::RenderMathMLOperator::computeLogicalHeight): Ditto.
1679         (WebCore::RenderMathMLOperator::paint): Ditto.
1680         (WebCore::RenderMathMLOperator::paintChildren): Ditto.
1681         * rendering/mathml/RenderMathMLOperator.h: Declare useMathOperator.
1682
1683 2016-06-19  Gavin & Ellie Barraclough  <barraclough@apple.com>
1684
1685         Don't eagerly reify DOM Prototype properties
1686         https://bugs.webkit.org/show_bug.cgi?id=158557
1687
1688         Reviewed by Andreas Kling.
1689
1690         We were eagerly reifying these properties to avoid virtualizing getOwnPropertySlot,
1691         but since bug #158059 this does not require a method table call in any case.
1692         Eagerly reifying these values likely has some CPU and memory cost on page load.
1693
1694         * bindings/scripts/CodeGeneratorJS.pm:
1695         (GenerateImplementation):
1696             - should generate compressed index for hashtable,
1697               prototype object ClassInfo should contain static table,
1698               don't reifyStaticProperties for prototype objects.
1699         (GeneratePrototypeDeclaration):
1700             - Set HasStaticPropertyTable for DOM prototype objects.
1701         * bindings/scripts/test/JS/JSInterfaceName.cpp:
1702         (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype):
1703         (WebCore::JSInterfaceNamePrototype::finishCreation):
1704         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1705         (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
1706         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
1707         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
1708         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype):
1709         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
1710         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
1711         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::JSTestCustomConstructorWithNoInterfaceObjectPrototype):
1712         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
1713         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
1714         (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype):
1715         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
1716         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1717         (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
1718         (WebCore::JSTestEventConstructorPrototype::finishCreation):
1719         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1720         (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
1721         (WebCore::JSTestEventTargetPrototype::finishCreation):
1722         * bindings/scripts/test/JS/JSTestException.cpp:
1723         (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
1724         (WebCore::JSTestExceptionPrototype::finishCreation):
1725         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
1726         (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype):
1727         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
1728         * bindings/scripts/test/JS/JSTestInterface.cpp:
1729         (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
1730         (WebCore::JSTestInterfacePrototype::finishCreation):
1731         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1732         (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype):
1733         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
1734         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1735         (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
1736         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
1737         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
1738         (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
1739         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
1740         * bindings/scripts/test/JS/JSTestNode.cpp:
1741         (WebCore::JSTestNodePrototype::JSTestNodePrototype):
1742         (WebCore::JSTestNodePrototype::finishCreation):
1743         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1744         (WebCore::JSTestNondeterministicPrototype::JSTestNondeterministicPrototype):
1745         (WebCore::JSTestNondeterministicPrototype::finishCreation):
1746         * bindings/scripts/test/JS/JSTestObj.cpp:
1747         (WebCore::JSTestObjPrototype::JSTestObjPrototype):
1748         (WebCore::JSTestObjPrototype::finishCreation):
1749         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
1750         (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
1751         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
1752         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
1753         (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype):
1754         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
1755         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1756         (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
1757         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
1758         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1759         (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):
1760         (WebCore::JSTestTypedefsPrototype::finishCreation):
1761         * bindings/scripts/test/JS/JSattribute.cpp:
1762         (WebCore::JSattributePrototype::JSattributePrototype):
1763         (WebCore::JSattributePrototype::finishCreation):
1764         * bindings/scripts/test/JS/JSreadonly.cpp:
1765         (WebCore::JSreadonlyPrototype::JSreadonlyPrototype):
1766         (WebCore::JSreadonlyPrototype::finishCreation):
1767
1768 2016-06-20  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1769
1770         WebRTC: RTCIceCandidate init dictionary don't handle explicit null or undefined values correctly
1771         https://bugs.webkit.org/show_bug.cgi?id=158873
1772
1773         Reviewed by Alejandro G. Castro.
1774
1775         Prevent explicit null and undefined values from being converted to "null" and "undefined"
1776         strings.
1777
1778         Test: Extended fast/mediastream/RTCIceCandidate.html
1779
1780         * Modules/mediastream/RTCIceCandidate.cpp:
1781         (WebCore::RTCIceCandidate::create):
1782
1783 2016-06-20  Commit Queue  <commit-queue@webkit.org>
1784
1785         Unreviewed, rolling out r202252.
1786         https://bugs.webkit.org/show_bug.cgi?id=158974
1787
1788         See rdar://problem/26867866 for details (Requested by ap on
1789         #webkit).
1790
1791         Reverted changeset:
1792
1793         "Adopt commitPriority to get rid of the 2 AVPL solution for
1794         PiP"
1795         https://bugs.webkit.org/show_bug.cgi?id=158949
1796         http://trac.webkit.org/changeset/202252
1797
1798 2016-06-20  Commit Queue  <commit-queue@webkit.org>
1799
1800         Unreviewed, rolling out r202243.
1801         https://bugs.webkit.org/show_bug.cgi?id=158972
1802
1803         Broke Windows build and iOS tests (Requested by ap on
1804         #webkit).
1805
1806         Reverted changeset:
1807
1808         "Focus event dispatched in iframe causes parent document to
1809         scroll incorrectly"
1810         https://bugs.webkit.org/show_bug.cgi?id=158629
1811         http://trac.webkit.org/changeset/202243
1812
1813 2016-06-20  Chris Dumez  <cdumez@apple.com>
1814
1815         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks()
1816         https://bugs.webkit.org/show_bug.cgi?id=158968
1817
1818         Reviewed by Ryosuke Niwa.
1819
1820         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks():
1821         - Use modern ancestorsOfType<HTMLAnchorElement>() to traverse anchor ancestors
1822           instead of traversing by hand.
1823         - Use NodeTraversal::next() to traverse the tree until we find endNode and
1824           use a for loop instead of a while loop. Previously, the logic the determine
1825           the next node was at the end of the loop and was identical behavior-wise
1826           to NodeTraversal::next(). However, the previous code for a lot less efficient
1827           because it was calling Node::childNodes() to get a NodeList of the children,
1828           then calling length() on it to check if we had children and finally use
1829           the first item in the list as next node. This was very inefficient because
1830           NodeList::length() would need to traverse all children to figure out the
1831           length and would cache all the children in a Vector in CollectionIndexCache.
1832
1833         * dom/ElementAncestorIterator.h:
1834         (WebCore::ancestorsOfType):
1835         * dom/ElementIterator.h:
1836         (WebCore::findElementAncestorOfType):
1837         (WebCore::findElementAncestorOfType<Element>):
1838         Update ancestorsOfType() to take a Node instead of an Element. There are no
1839         performance benefits to taking an Element here and it is a valid use case to
1840         want an Element ancestor of a non-Element node.
1841
1842         * editing/cocoa/DataDetection.mm:
1843         (WebCore::searchForLinkRemovingExistingDDLinks):
1844         (WebCore::dataDetectorTypeForCategory): Deleted.
1845
1846 2016-06-20  Commit Queue  <commit-queue@webkit.org>
1847
1848         Unreviewed, rolling out r202248.
1849         https://bugs.webkit.org/show_bug.cgi?id=158960
1850
1851         breaks builds on the simulator (Requested by keith_mi_ on
1852         #webkit).
1853
1854         Reverted changeset:
1855
1856         "It should be easy to add a private global helper function for
1857         builtins"
1858         https://bugs.webkit.org/show_bug.cgi?id=158893
1859         http://trac.webkit.org/changeset/202248
1860
1861 2016-06-20  Jeremy Jones  <jeremyj@apple.com>
1862
1863         Adopt commitPriority to get rid of the 2 AVPL solution for PiP
1864         https://bugs.webkit.org/show_bug.cgi?id=158949
1865         rdar://problem/26867866
1866
1867         Reviewed by Simon Fraser.
1868
1869         No new tests because there is no behavior change. This reverts changes from 
1870         https://bugs.webkit.org/show_bug.cgi?id=158148 and instead uses -[CAContext commitPriority:]
1871         to prevent flicker when moving a layer between contexts. 
1872         commitPriority allows the layer to be added to the destination context before it is 
1873         removed from the source context.
1874
1875         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: remove m_secondaryVideoLayer.
1876         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
1877         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): ditto.
1878         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds): ditto.
1879         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto.
1880         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity): ditto.
1881         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: ditto
1882         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): ditto
1883         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: ditto
1884         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):ditto
1885         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: ditto
1886         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm: ditto
1887         (WebCore::VideoFullscreenLayerManager::setVideoLayer): ditto
1888         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer): ditto and adopt commitPriority.
1889         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenFrame): ditto
1890         (WebCore::VideoFullscreenLayerManager::setVideoLayers): Deleted. 
1891         (WebCore::VideoFullscreenLayerManager::didDestroyVideoLayer): remove m_secondaryVideoLayer.
1892         * platform/spi/cocoa/QuartzCoreSPI.h: Add commitPriority.
1893
1894 2016-06-20  Zalan Bujtas  <zalan@apple.com>
1895
1896         Set the end position on the placeholder BidiRun properly.
1897         https://bugs.webkit.org/show_bug.cgi?id=158958
1898
1899         Reviewed by Myles C. Maxfield.
1900         rdar://problem/26609266
1901
1902         The second paramenter for BidiRun indicates the end position and not the length of the run.
1903         This was regressed at r102875 where only the start position was changed from 0 to pos.
1904
1905         Test: fast/text/international/bidi-style-in-isolate-crash.html
1906
1907         * rendering/InlineIterator.h:
1908         (WebCore::addPlaceholderRunForIsolatedInline):
1909
1910 2016-06-20  Fujii Hironori  <Hironori.Fujii@sony.com>
1911
1912         A composition underline is placed to wrong position in RTL
1913         https://bugs.webkit.org/show_bug.cgi?id=158602
1914
1915         Reviewed by Myles C. Maxfield.
1916
1917         InlineTextBox::paintCompositionUnderline does not take RTL into
1918         account.  The position of composition underline should be
1919         mirrored in RTL.
1920
1921         Test: editing/input/composition-underline-rtl.html
1922
1923         * rendering/InlineTextBox.cpp:
1924         (WebCore::mirrorRTLSegment): New helper function to convert RTL start position to LTR.
1925         (WebCore::InlineTextBox::paintDecoration): Use mirrorRTLSegment.
1926         (WebCore::InlineTextBox::paintCompositionUnderline): Ditto.
1927
1928 2016-06-20  Keith Miller  <keith_miller@apple.com>
1929
1930         It should be easy to add a private global helper function for builtins
1931         https://bugs.webkit.org/show_bug.cgi?id=158893
1932
1933         Reviewed by Mark Lam.
1934
1935         Add JSCJSValueInlines.h to fix build issues.
1936
1937         * platform/mock/mediasource/MockBox.cpp:
1938
1939 2016-06-20  Benjamin Poulain  <benjamin@webkit.org>
1940
1941         :default CSS pseudo-class should match checkboxes+radios with a `checked` attribute
1942         https://bugs.webkit.org/show_bug.cgi?id=156230
1943
1944         Reviewed by Alex Christensen.
1945
1946         This patch update the :default pseudo class matching to be closer to the spec:
1947         https://html.spec.whatwg.org/multipage/scripting.html#selector-default
1948
1949         The main remaining difference with the spec is the definition of "default button".
1950         This is an unrelated problem that should be addressed separately.
1951
1952         The implementation was missing support for:
1953         -input elements of type "checkbox" or "radio" with the "checked" attribute defined.
1954         -option elements with the "selected" attribute defined.
1955
1956         The existing support for default button was pretty bad, I fixed that too.
1957         The owner form now has a resetDefaultButton() API. When a Form Associated Element
1958         becomes a submit button or loses that property, the element calls its form
1959         to update the style as needed.
1960
1961         Whenever the submit button changes, 2 elements needs to have their style invalidated:
1962         -The former default button.
1963         -The new default button.
1964         To invalidate the former button, FormElement now caches the computed
1965         default button. When the default button changes, the cached value is invalidated
1966         in addition to the new value.
1967
1968         Computing the new default button takes linear time in the number of form associated element.
1969         To mitigate that, resetDefaultButton() is only called when changes are related
1970         to submit buttons. Since those changes are rare, I don't expect the invalidation
1971         to be a problem.
1972
1973         Tests: fast/css/pseudo-default-basics.html
1974                fast/selectors/default-style-update.html
1975
1976         * css/SelectorChecker.cpp:
1977         (WebCore::SelectorChecker::checkOne):
1978         * css/SelectorCheckerTestFunctions.h:
1979         (WebCore::matchesDefaultPseudoClass):
1980         (WebCore::isDefaultButtonForForm): Deleted.
1981         * cssjit/SelectorCompiler.cpp:
1982         (WebCore::SelectorCompiler::addPseudoClassType):
1983         * dom/Element.cpp:
1984         (WebCore::Element::matchesValidPseudoClass):
1985         (WebCore::Element::matchesInvalidPseudoClass):
1986         (WebCore::Element::matchesDefaultPseudoClass):
1987         * dom/Element.h:
1988         (WebCore::Element::matchesValidPseudoClass): Deleted.
1989         (WebCore::Element::matchesInvalidPseudoClass): Deleted.
1990         (WebCore::Element::isDefaultButtonForForm): Deleted.
1991         * html/HTMLButtonElement.cpp:
1992         (WebCore::HTMLButtonElement::parseAttribute):
1993         (WebCore::HTMLButtonElement::matchesDefaultPseudoClass):
1994         * html/HTMLButtonElement.h:
1995         * html/HTMLFormControlElement.cpp:
1996         (WebCore::HTMLFormControlElement::isDefaultButtonForForm): Deleted.
1997         * html/HTMLFormControlElement.h:
1998         * html/HTMLFormElement.cpp:
1999         (WebCore::HTMLFormElement::~HTMLFormElement):
2000         (WebCore::HTMLFormElement::registerFormElement):
2001         (WebCore::HTMLFormElement::removeFormElement):
2002         (WebCore::HTMLFormElement::defaultButton):
2003         (WebCore::HTMLFormElement::resetDefaultButton):
2004         * html/HTMLFormElement.h:
2005         * html/HTMLInputElement.cpp:
2006         (WebCore::HTMLInputElement::updateType):
2007         (WebCore::HTMLInputElement::parseAttribute):
2008         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
2009         * html/HTMLInputElement.h:
2010         * html/HTMLOptionElement.cpp:
2011         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
2012         (WebCore::HTMLOptionElement::parseAttribute):
2013         * html/HTMLOptionElement.h:
2014         * style/StyleSharingResolver.cpp:
2015         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2016         (WebCore::Style::canShareStyleWithControl): Deleted.
2017
2018 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
2019
2020         Focus event dispatched in iframe causes parent document to scroll incorrectly
2021         https://bugs.webkit.org/show_bug.cgi?id=158629
2022         rdar://problem/26521616
2023
2024         Reviewed by Tim Horton.
2025
2026         When focussing elements in iframes, the page could scroll to an incorrect location.
2027         This happened because code in Element::focus() tried to disable scrolling on focus,
2028         but did so only for the current frame, so ancestor frames got programmatically scrolled.
2029         On iOS we handle the scrolling in the UI process, so never want the web process to
2030         do programmatic scrolling.
2031
2032         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
2033         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
2034         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
2035
2036         Tests: fast/forms/ios/focus-input-in-iframe.html
2037                fast/forms/ios/programmatic-focus-input-in-iframe.html
2038
2039         * dom/Document.h:
2040         * dom/Element.cpp:
2041         (WebCore::Element::scrollIntoView):
2042         (WebCore::Element::scrollIntoViewIfNeeded):
2043         (WebCore::Element::scrollIntoViewIfNotVisible):
2044         (WebCore::Element::focus):
2045         (WebCore::Element::updateFocusAppearance):
2046         * dom/Element.h:
2047         * editing/Editor.cpp:
2048         (WebCore::Editor::insertTextWithoutSendingTextEvent):
2049         (WebCore::Editor::revealSelectionAfterEditingOperation):
2050         (WebCore::Editor::findStringAndScrollToVisible):
2051         * editing/FrameSelection.cpp:
2052         (WebCore::FrameSelection::updateAndRevealSelection):
2053         (WebCore::FrameSelection::revealSelection):
2054         (WebCore::FrameSelection::FrameSelection): Deleted.
2055         * editing/FrameSelection.h:
2056         * html/HTMLInputElement.cpp:
2057         (WebCore::HTMLInputElement::updateFocusAppearance):
2058         * html/HTMLTextAreaElement.cpp:
2059         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
2060         * page/ContextMenuController.cpp:
2061         (WebCore::ContextMenuController::contextMenuItemSelected):
2062         * page/FrameView.cpp:
2063         (WebCore::FrameView::scrollToAnchor):
2064         * rendering/RenderLayer.cpp:
2065         (WebCore::RenderLayer::scrollRectToVisible):
2066         (WebCore::RenderLayer::autoscroll):
2067         * rendering/RenderLayer.h:
2068         * rendering/RenderObject.cpp:
2069         (WebCore::RenderObject::scrollRectToVisible):
2070         * rendering/RenderObject.h:
2071
2072 2016-06-20  Keith Rollin  <krollin@apple.com>
2073
2074         Remove RefPtr::release() and change calls sites to use WTFMove()
2075         https://bugs.webkit.org/show_bug.cgi?id=158369
2076
2077         Reviewed by Chris Dumez.
2078
2079         RefPtr::release() releases its managed pointer awkwardly. It's more
2080         direct and clearer to use WTFMove to transfer ownership of the managed
2081         pointer.
2082
2083         As part of this cleanup, also change a lot of explicit data types to
2084         'auto'.
2085
2086         No new tests: there's no new functionality, just a refactoring of
2087         existing code.
2088
2089         * Modules/mediasource/SourceBuffer.cpp:
2090         (WebCore::removeSamplesFromTrackBuffer):
2091         (WebCore::SourceBuffer::provideMediaData):
2092         * Modules/mediastream/UserMediaRequest.cpp:
2093         (WebCore::UserMediaRequest::start):
2094         * Modules/webdatabase/SQLCallbackWrapper.h:
2095         (WebCore::SQLCallbackWrapper::clear):
2096         * bindings/js/JSDOMWindowCustom.cpp:
2097         (WebCore::handlePostMessage):
2098         * bindings/js/JSHistoryCustom.cpp:
2099         (WebCore::JSHistory::pushState):
2100         (WebCore::JSHistory::replaceState):
2101         * bindings/js/JSMessagePortCustom.h:
2102         (WebCore::handlePostMessage):
2103         * bindings/js/ScriptControllerMac.mm:
2104         (WebCore::ScriptController::createScriptInstanceForWidget):
2105         * bindings/js/SerializedScriptValue.cpp:
2106         (WebCore::CloneDeserializer::readTerminal):
2107         * css/CSSComputedStyleDeclaration.cpp:
2108         (WebCore::ComputedStyleExtractor::copyPropertiesInSet):
2109         * css/SVGCSSParser.cpp:
2110         (WebCore::CSSParser::parseSVGValue):
2111         * css/StyleBuilderConverter.h:
2112         (WebCore::StyleBuilderConverter::convertShapeValue):
2113         * css/StyleProperties.cpp:
2114         (WebCore::StyleProperties::copyPropertiesInSet):
2115         * css/StyleResolver.cpp:
2116         (WebCore::StyleResolver::loadPendingImages):
2117         * dom/InlineStyleSheetOwner.cpp:
2118         (WebCore::InlineStyleSheetOwner::clearSheet):
2119         * editing/ApplyStyleCommand.cpp:
2120         (WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
2121         * editing/CompositeEditCommand.cpp:
2122         (WebCore::CompositeEditCommand::removeChildrenInRange):
2123         (WebCore::CompositeEditCommand::removeNodeAndPruneAncestors):
2124         (WebCore::CompositeEditCommand::prune):
2125         (WebCore::CompositeEditCommand::replaceSelectedTextInNode):
2126         (WebCore::CompositeEditCommand::rebalanceWhitespaceOnTextSubstring):
2127         * editing/CreateLinkCommand.cpp:
2128         (WebCore::CreateLinkCommand::doApply):
2129         * editing/EditingStyle.cpp:
2130         (WebCore::EditingStyle::mergeStyle):
2131         (WebCore::EditingStyle::mergeStyleFromRulesForSerialization):
2132         * editing/Editor.cpp:
2133         (WebCore::ClearTextCommand::CreateAndApply):
2134         (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
2135         * editing/EditorCommand.cpp:
2136         (WebCore::executeInsertNode):
2137         * editing/InsertTextCommand.cpp:
2138         (WebCore::InsertTextCommand::performOverwrite):
2139         (WebCore::InsertTextCommand::insertTab):
2140         * editing/RemoveNodePreservingChildrenCommand.cpp:
2141         (WebCore::RemoveNodePreservingChildrenCommand::doApply):
2142         * editing/ReplaceSelectionCommand.cpp:
2143         (WebCore::ReplacementFragment::removeNodePreservingChildren):
2144         (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
2145         * html/FTPDirectoryDocument.cpp:
2146         (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate):
2147         * html/HTMLFontElement.cpp:
2148         (WebCore::HTMLFontElement::collectStyleForPresentationAttribute):
2149         * html/HTMLFormElement.cpp:
2150         (WebCore::HTMLFormElement::prepareForSubmission):
2151         * html/HTMLTableElement.cpp:
2152         (WebCore::leakBorderStyle):
2153         (WebCore::leakGroupBorderStyle):
2154         * html/parser/HTMLDocumentParser.cpp:
2155         (WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder):
2156         * html/track/InbandDataTextTrack.cpp:
2157         (WebCore::InbandDataTextTrack::addDataCue):
2158         * html/track/InbandGenericTextTrack.cpp:
2159         (WebCore::InbandGenericTextTrack::newCuesParsed):
2160         * html/track/InbandWebVTTTextTrack.cpp:
2161         (WebCore::InbandWebVTTTextTrack::newCuesParsed):
2162         * html/track/TextTrackCueList.cpp:
2163         (WebCore::TextTrackCueList::add):
2164         * inspector/InspectorCSSAgent.cpp:
2165         (WebCore::InspectorCSSAgent::getInlineStylesForNode):
2166         * inspector/InspectorDOMAgent.cpp:
2167         (WebCore::InspectorDOMAgent::pushChildNodesToFrontend):
2168         * inspector/InspectorIndexedDBAgent.cpp:
2169         * inspector/InspectorNetworkAgent.cpp:
2170         (WebCore::InspectorNetworkAgent::loadResource):
2171         * inspector/InspectorStyleSheet.cpp:
2172         (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
2173         * loader/FormSubmission.cpp:
2174         (WebCore::FormSubmission::create):
2175         * loader/FrameLoader.cpp:
2176         (WebCore::FrameLoader::loadURLIntoChildFrame):
2177         (WebCore::FrameLoader::loadURL):
2178         (WebCore::FrameLoader::loadPostRequest):
2179         * loader/ProgressTracker.cpp:
2180         (WebCore::ProgressTracker::finalProgressComplete):
2181         * loader/appcache/ApplicationCacheGroup.cpp:
2182         (WebCore::ApplicationCacheGroup::disassociateDocumentLoader):
2183         (WebCore::ApplicationCacheGroup::didFinishLoading):
2184         (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
2185         * loader/appcache/ApplicationCacheStorage.cpp:
2186         (WebCore::ApplicationCacheStorage::loadCacheGroup):
2187         (WebCore::ApplicationCacheStorage::cacheGroupForURL):
2188         (WebCore::ApplicationCacheStorage::fallbackCacheGroupForURL):
2189         (WebCore::ApplicationCacheStorage::loadCache):
2190         * loader/archive/ArchiveResourceCollection.cpp:
2191         (WebCore::ArchiveResourceCollection::popSubframeArchive):
2192         * loader/archive/cf/LegacyWebArchive.cpp:
2193         (WebCore::LegacyWebArchive::extract):
2194         (WebCore::LegacyWebArchive::create):
2195         (WebCore::LegacyWebArchive::createFromSelection):
2196         * loader/cache/CachedImage.cpp:
2197         (WebCore::CachedImage::createImage):
2198         * loader/icon/IconDatabase.cpp:
2199         (WebCore::IconDatabase::setIconDataForIconURL):
2200         (WebCore::IconDatabase::getOrCreateIconRecord):
2201         (WebCore::IconDatabase::readFromDatabase):
2202         (WebCore::IconDatabase::getImageDataForIconURLFromSQLDatabase):
2203         * page/DOMWindow.cpp:
2204         (WebCore::DOMWindow::sessionStorage):
2205         (WebCore::DOMWindow::localStorage):
2206         * page/EventHandler.cpp:
2207         (WebCore::EventHandler::updateDragAndDrop):
2208         * page/animation/CompositeAnimation.cpp:
2209         (WebCore::CompositeAnimation::updateTransitions):
2210         * page/csp/ContentSecurityPolicy.cpp:
2211         (WebCore::ContentSecurityPolicy::reportViolation):
2212         * page/mac/ServicesOverlayController.mm:
2213         (WebCore::ServicesOverlayController::createOverlayIfNeeded):
2214         (WebCore::ServicesOverlayController::determineActiveHighlight):
2215         * page/scrolling/AsyncScrollingCoordinator.h:
2216         (WebCore::AsyncScrollingCoordinator::releaseScrollingTree):
2217         * page/scrolling/ScrollingStateNode.cpp:
2218         (WebCore::ScrollingStateNode::cloneAndReset):
2219         * page/scrolling/ScrollingStateTree.cpp:
2220         (WebCore::ScrollingStateTree::attachNode):
2221         * platform/audio/HRTFElevation.cpp:
2222         (WebCore::getConcatenatedImpulseResponsesForSubject):
2223         * platform/graphics/DisplayRefreshMonitorManager.cpp:
2224         (WebCore::DisplayRefreshMonitorManager::createMonitorForClient):
2225         * platform/graphics/FontCascadeFonts.cpp:
2226         (WebCore::FontCascadeFonts::glyphDataForSystemFallback):
2227         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2228         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings):
2229         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
2230         (WebCore::MediaSelectionGroupAVFObjC::updateOptions):
2231         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
2232         (WebCore::SourceBufferPrivateAVFObjC::processCodedFrame):
2233         * platform/graphics/ca/GraphicsLayerCA.cpp:
2234         * platform/graphics/ca/PlatformCALayer.cpp:
2235         (WebCore::PlatformCALayer::createCompatibleLayerOrTakeFromPool):
2236         * platform/graphics/cg/ImageBufferDataCG.cpp:
2237         (WebCore::ImageBufferData::getData):
2238         * platform/graphics/filters/FilterEffect.cpp:
2239         (WebCore::FilterEffect::asUnmultipliedImage):
2240         (WebCore::FilterEffect::asPremultipliedImage):
2241         * platform/graphics/mac/ImageMac.mm:
2242         (WebCore::Image::loadPlatformResource):
2243         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2244         (WebCore::GraphicsContext3D::createForCurrentGLContext):
2245         (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
2246         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
2247         (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
2248         * platform/mock/MockRealtimeMediaSourceCenter.cpp:
2249         (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints):
2250         (WebCore::MockRealtimeMediaSourceCenter::createMediaStream):
2251         * platform/network/BlobRegistryImpl.cpp:
2252         (WebCore::BlobRegistryImpl::registerBlobURL):
2253         (WebCore::BlobRegistryImpl::registerBlobURLForSlice):
2254         * platform/network/ResourceHandle.cpp:
2255         (WebCore::ResourceHandle::create):
2256         * platform/network/cf/FormDataStreamCFNet.cpp:
2257         (WebCore::formCreate):
2258         * platform/text/BidiContext.cpp:
2259         (WebCore::BidiContext::copyStackRemovingUnicodeEmbeddingContexts):
2260         * rendering/FilterEffectRenderer.cpp:
2261         (WebCore::FilterEffectRenderer::build):
2262         * rendering/RenderLayer.cpp:
2263         (WebCore::RenderLayer::createScrollbar):
2264         * rendering/RenderListBox.cpp:
2265         (WebCore::RenderListBox::createScrollbar):
2266         * rendering/RenderMenuList.cpp:
2267         (RenderMenuList::createScrollbar):
2268         * rendering/RenderSearchField.cpp:
2269         (WebCore::RenderSearchField::createScrollbar):
2270         * replay/ReplayController.cpp:
2271         (WebCore::ReplayController::unloadSegment):
2272         * svg/SVGFEDiffuseLightingElement.cpp:
2273         (WebCore::SVGFEDiffuseLightingElement::build):
2274         * svg/SVGFESpecularLightingElement.cpp:
2275         (WebCore::SVGFESpecularLightingElement::build):
2276         * svg/properties/SVGListProperty.h:
2277         (WebCore::SVGListProperty::getItemValuesAndWrappers):
2278         (WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
2279         (WebCore::SVGListProperty::removeItemValuesAndWrappers):
2280         * workers/WorkerThread.cpp:
2281         (WebCore::WorkerThread::workerThread):
2282         * xml/XMLHttpRequest.cpp:
2283         (WebCore::XMLHttpRequest::internalAbort):
2284         * xml/XPathStep.cpp:
2285         (WebCore::XPath::Step::nodesInAxis):
2286
2287 2016-06-20  Eric Carlson  <eric.carlson@apple.com>
2288
2289         Crash in PlatformMediaSession::clientWillPausePlayback
2290         https://bugs.webkit.org/show_bug.cgi?id=158953
2291         <rdar://problem/26121125>
2292
2293         Reviewed by Jer Noble.
2294
2295         No new tests, I have not been able to reproduce this in a test.
2296
2297         * html/HTMLMediaElement.cpp:
2298         (WebCore::HTMLMediaElement::stop): Ref the element before calling stopWithoutDestroyingMediaPlayer
2299           because updatePlaybackControlsManager can release the last reference and cause the
2300           destructor to be called.
2301         (WebCore::HTMLMediaElement::suspend): Ditto.
2302
2303 2016-06-20  Alex Christensen  <achristensen@webkit.org>
2304
2305         Clean up ResourceResponseBase after r201943
2306         https://bugs.webkit.org/show_bug.cgi?id=158706
2307
2308         Reviewed by Michael Catanzaro.
2309
2310         * platform/network/ResourceResponseBase.cpp:
2311         (WebCore::ResourceResponseBase::ResourceResponseBase):
2312         (WebCore::ResourceResponseBase::asResourceResponse): Deleted.
2313         * platform/network/ResourceResponseBase.h:
2314         (WebCore::ResourceResponseBase::platformCompare):
2315
2316 2016-06-20  Joseph Pecoraro  <pecoraro@apple.com>
2317
2318         Web Inspector: console.profile should use the new Sampling Profiler
2319         https://bugs.webkit.org/show_bug.cgi?id=153499
2320         <rdar://problem/24352431>
2321
2322         Reviewed by Timothy Hatcher.
2323
2324         Test: inspector/timeline/setInstruments-programmatic-capture.html
2325
2326         * inspector/InspectorTimelineAgent.cpp:
2327         (WebCore::InspectorTimelineAgent::startFromConsole):
2328         (WebCore::InspectorTimelineAgent::stopFromConsole):
2329         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
2330         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
2331         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
2332         (WebCore::InspectorTimelineAgent::toggleInstruments):
2333         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
2334         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
2335         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
2336         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
2337         * inspector/InspectorTimelineAgent.h:
2338         Web implementation of console.profile/profileEnd.
2339         Make helpers for startings / stopping instruments.
2340
2341 2016-06-20  Andreas Kling  <akling@apple.com>
2342
2343         When navigating, discard decoded image data that is only live due to page cache.
2344         <https://webkit.org/b/158941>
2345
2346         Reviewed by Antti Koivisto.
2347
2348         A resource is "live" if it's currently in use by a web page, and "dead" if it's
2349         only kept alive by the memory cache.
2350
2351         This patch adds a mechanism that looks at CachedImage resources to see if all the
2352         clients that make them appear "live" are actually pages in the page cache.
2353
2354         If so, we let the "jettison expensive objects on top-level navigation" mechanism
2355         discard the decoded data for such half-live images. This can reduce the peak
2356         memory usage during navigations quite a bit.
2357
2358         * loader/FrameLoader.cpp:
2359         (WebCore::FrameLoader::commitProvisionalLoad): Move the call to MemoryPressureHandler
2360         before we add the outgoing page to the page cache. This allows the jettisoning code
2361         to make decisions based on which pages were cached *before* the navigation.
2362
2363         * loader/cache/CachedImageClient.h:
2364         (WebCore::CachedImageClient::inPageCache):
2365         * loader/ImageLoader.h:
2366         * loader/ImageLoader.cpp:
2367         (WebCore::ImageLoader::inPageCache):
2368         * rendering/RenderObject.h:
2369         (WebCore::RenderObject::inPageCache): Added a CachedImageClient::inPageCache() virtual
2370         to determine which clients are currently in page cache (answered by their Document.)
2371
2372         * loader/cache/CachedImage.h:
2373         * loader/cache/CachedImage.cpp:
2374         (WebCore::CachedImage::areAllClientsInPageCache): Walks all CachedImageClient clients
2375         and returns true if all of them are inPageCache().
2376
2377         * platform/MemoryPressureHandler.cpp:
2378         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
2379         Walk all the known CachedImages and nuke decoded data for those that have some but
2380         are only considered live due to clients in the page cache.
2381
2382 2016-06-20  Chris Dumez  <cdumez@apple.com>
2383
2384         Unreviewed, fix post-landing review comment from Darin on r202188.
2385
2386         * platform/network/CacheValidation.cpp:
2387         (WebCore::parseCacheHeader):
2388
2389 2016-06-19  Antti Koivisto  <antti@apple.com>
2390
2391         Updating class name of a shadow host does not update the style applied by :host()
2392         https://bugs.webkit.org/show_bug.cgi?id=158900
2393         <rdar://problem/26883707>
2394
2395         Reviewed by Simon Fraser.
2396
2397         Test: fast/shadow-dom/shadow-host-style-update.html
2398
2399         Teach style invalidation optimization code about :host.
2400
2401         * style/AttributeChangeInvalidation.cpp:
2402         (WebCore::Style::mayBeAffectedByHostStyle):
2403         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
2404         * style/ClassChangeInvalidation.cpp:
2405         (WebCore::Style::computeClassChange):
2406         (WebCore::Style::mayBeAffectedByHostStyle):
2407         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
2408         * style/IdChangeInvalidation.cpp:
2409         (WebCore::Style::mayBeAffectedByHostStyle):
2410         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
2411
2412 2016-06-19  Gavin & Ellie Barraclough  <barraclough@apple.com>
2413
2414         Remove hasStaticPropertyTable (part 5: done!)
2415         https://bugs.webkit.org/show_bug.cgi?id=158431
2416
2417         Reviewed by Chris Dumez.
2418
2419         * bindings/scripts/CodeGeneratorJS.pm:
2420         (GenerateHeader):
2421             - remove hasStaticPropertyTable.
2422         * bindings/scripts/test/JS/JSInterfaceName.h:
2423         (WebCore::JSInterfaceName::create):
2424         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
2425         (WebCore::JSTestActiveDOMObject::create):
2426         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
2427         (WebCore::JSTestClassWithJSBuiltinConstructor::create):
2428         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
2429         (WebCore::JSTestCustomConstructorWithNoInterfaceObject::create):
2430         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
2431         (WebCore::JSTestCustomNamedGetter::create):
2432         * bindings/scripts/test/JS/JSTestEventConstructor.h:
2433         (WebCore::JSTestEventConstructor::create):
2434         * bindings/scripts/test/JS/JSTestEventTarget.h:
2435         (WebCore::JSTestEventTarget::create):
2436         * bindings/scripts/test/JS/JSTestException.h:
2437         (WebCore::JSTestException::create):
2438         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
2439         (WebCore::JSTestGenerateIsReachable::create):
2440         * bindings/scripts/test/JS/JSTestGlobalObject.h:
2441         * bindings/scripts/test/JS/JSTestInterface.h:
2442         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
2443         (WebCore::JSTestJSBuiltinConstructor::create):
2444         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
2445         (WebCore::JSTestMediaQueryListListener::create):
2446         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
2447         (WebCore::JSTestNamedConstructor::create):
2448         * bindings/scripts/test/JS/JSTestNode.h:
2449         * bindings/scripts/test/JS/JSTestNondeterministic.h:
2450         (WebCore::JSTestNondeterministic::create):
2451         * bindings/scripts/test/JS/JSTestObj.h:
2452         (WebCore::JSTestObj::create):
2453         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
2454         (WebCore::JSTestOverloadedConstructors::create):
2455         * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
2456         (WebCore::JSTestOverrideBuiltins::create):
2457         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
2458         (WebCore::JSTestSerializedScriptValueInterface::create):
2459         * bindings/scripts/test/JS/JSTestTypedefs.h:
2460         (WebCore::JSTestTypedefs::create):
2461         * bindings/scripts/test/JS/JSattribute.h:
2462         (WebCore::JSattribute::create):
2463         * bindings/scripts/test/JS/JSreadonly.h:
2464         (WebCore::JSreadonly::create):
2465
2466 2016-06-19  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2467
2468         The JSBuiltinConstructor feature can't handle a JS interface extending an other JS interface
2469         https://bugs.webkit.org/show_bug.cgi?id=158834
2470
2471         Reviewed by Eric Carlson.
2472
2473         No change of behavior.
2474
2475         * bindings/scripts/CodeGeneratorJS.pm:
2476         (GenerateHeader): Explicitly setting DOMWrapped type definition from
2477         JSXX class deriving from another JSYY class.
2478         * bindings/scripts/test/JS/JSTestEventTarget.h: Rebased.
2479         * bindings/scripts/test/JS/JSTestNode.h: Ditto.
2480
2481 2016-06-18  Antti Koivisto  <antti@apple.com>
2482
2483         Use time literals in WebCore
2484         https://bugs.webkit.org/show_bug.cgi?id=158905
2485
2486         Reviewed by Andreas Kling.
2487
2488         std::chrono::milliseconds(1) -> 1ms etc.
2489
2490         * dom/Document.cpp:
2491         (WebCore::Document::minimumLayoutDelay):
2492         (WebCore::Document::elapsedTime):
2493         * fileapi/FileReader.cpp:
2494         (WebCore::FileReader::create):
2495         * inspector/InspectorOverlay.cpp:
2496         (WebCore::InspectorOverlay::showPaintRect):
2497         * loader/CrossOriginPreflightResultCache.cpp:
2498         (WebCore::CrossOriginPreflightResultCache::CrossOriginPreflightResultCache):
2499         * loader/ProgressTracker.cpp:
2500         (WebCore::ProgressTracker::progressStarted):
2501         * loader/cache/CachedResource.cpp:
2502         (WebCore::CachedResource::freshnessLifetime):
2503         * page/ChromeClient.h:
2504         * page/DOMTimer.cpp:
2505         (WebCore::DOMTimer::intervalClampedToMinimum):
2506         (WebCore::DOMTimer::alignedFireTime):
2507         * page/DOMTimer.h:
2508         * page/FrameView.cpp:
2509         (WebCore::FrameView::scrollPositionChanged):
2510         * page/ResourceUsageThread.cpp:
2511         (WebCore::ResourceUsageThread::threadBody):
2512         * page/Settings.cpp:
2513         (WebCore::Settings::Settings):
2514         * page/mac/ServicesOverlayController.mm:
2515         (WebCore::ServicesOverlayController::remainingTimeUntilHighlightShouldBeShown):
2516         * platform/graphics/FontCache.cpp:
2517         (WebCore::FontCache::fontForFamily):
2518         * platform/network/CacheValidation.cpp:
2519         (WebCore::computeCurrentAge):
2520         (WebCore::computeFreshnessLifetimeForHTTPFamily):
2521
2522 2016-06-17  Benjamin Poulain  <benjamin@webkit.org>
2523
2524         :indeterminate pseudo-class should match radios whose group has no checked radio
2525         https://bugs.webkit.org/show_bug.cgi?id=156270
2526
2527         Reviewed by Simon Fraser.
2528
2529         The pseudo-class ":indeterminate" is supposed to match radio buttons
2530         for which the entire group has no checked button.
2531         Spec: https://html.spec.whatwg.org/#pseudo-classes:selector-indeterminate
2532
2533         The change is straightforward with one non-obvious choice:
2534         I added matchesIndeterminatePseudoClass() in addition to shouldAppearIndeterminate().
2535
2536         The reason is shouldAppearIndeterminate() is used for styling and AX of elements
2537         with an indeterminate states (check boxes and progress element). There is no such
2538         UI for radio boxes.
2539         I could have extended shouldAppearIndeterminate() to radio box
2540         then filter out this case in RenderTheme. The problem is doing that would also requires
2541         changes to the repaint logic to match :indeterminate. It seemed overkill to me to
2542         change repaint() for a case that is never used in practice.
2543
2544         Tests: fast/css/pseudo-indeterminate-radio-buttons-basics.html
2545                fast/css/pseudo-indeterminate-with-radio-buttons-style-invalidation.html
2546                fast/selectors/detached-radio-button-checked-and-indeterminate-states.html
2547                fast/selectors/pseudo-indeterminate-with-radio-buttons-style-update.html
2548
2549         * css/SelectorCheckerTestFunctions.h:
2550         (WebCore::shouldAppearIndeterminate):
2551         * dom/Element.cpp:
2552         (WebCore::Element::matchesIndeterminatePseudoClass):
2553         * dom/Element.h:
2554         * dom/RadioButtonGroups.cpp:
2555         (WebCore::RadioButtonGroup::setCheckedButton):
2556         (WebCore::RadioButtonGroup::updateCheckedState):
2557         (WebCore::RadioButtonGroup::remove):
2558         (WebCore::RadioButtonGroup::setNeedsStyleRecalcForAllButtons):
2559         (WebCore::RadioButtonGroups::hasCheckedButton):
2560         * dom/RadioButtonGroups.h:
2561         * html/CheckboxInputType.cpp:
2562         (WebCore::CheckboxInputType::matchesIndeterminatePseudoClass):
2563         (WebCore::CheckboxInputType::shouldAppearIndeterminate):
2564         (WebCore::CheckboxInputType::supportsIndeterminateAppearance): Deleted.
2565         * html/CheckboxInputType.h:
2566         * html/HTMLInputElement.cpp:
2567         (WebCore::HTMLInputElement::setChecked):
2568         (WebCore::HTMLInputElement::matchesIndeterminatePseudoClass):
2569         (WebCore::HTMLInputElement::shouldAppearIndeterminate):
2570         (WebCore::HTMLInputElement::radioButtonGroups):
2571         * html/HTMLInputElement.h:
2572         * html/InputType.cpp:
2573         (WebCore::InputType::matchesIndeterminatePseudoClass):
2574         (WebCore::InputType::shouldAppearIndeterminate):
2575         (WebCore::InputType::supportsIndeterminateAppearance): Deleted.
2576         * html/InputType.h:
2577         * html/RadioInputType.cpp:
2578         (WebCore::RadioInputType::matchesIndeterminatePseudoClass):
2579         (WebCore::RadioInputType::willDispatchClick): Deleted.
2580         (WebCore::RadioInputType::didDispatchClick): Deleted.
2581         (WebCore::RadioInputType::supportsIndeterminateAppearance): Deleted.
2582         The iOS specific code is just plain wrong.
2583         It was changing the indeterminate state of the input element.
2584         The spec clearly says that state is only used by checkbox:
2585         https://html.spec.whatwg.org/#dom-input-indeterminate
2586
2587         Moreover, the style update would not change the indeterminate state
2588         of other buttons in the Button Group, which is just bizarre.
2589         RenderThemeIOS does not make use of any of this with the current style.
2590
2591         * html/RadioInputType.h:
2592         * style/StyleSharingResolver.cpp:
2593         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2594         (WebCore::Style::canShareStyleWithControl): Deleted.
2595         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes): Deleted.
2596         Style sharing is unified behind the selector matching which is neat.
2597
2598 2016-06-17  Commit Queue  <commit-queue@webkit.org>
2599
2600         Unreviewed, rolling out r202152.
2601         https://bugs.webkit.org/show_bug.cgi?id=158897
2602
2603         The new test is very unstable, timing out frequently
2604         (Requested by ap on #webkit).
2605
2606         Reverted changeset:
2607
2608         "Web Inspector: console.profile should use the new Sampling
2609         Profiler"
2610         https://bugs.webkit.org/show_bug.cgi?id=153499
2611         http://trac.webkit.org/changeset/202152
2612
2613 2016-06-17  Commit Queue  <commit-queue@webkit.org>
2614
2615         Unreviewed, rolling out r202068, r202115, and r202128.
2616         https://bugs.webkit.org/show_bug.cgi?id=158896
2617
2618         The new test is very unstable, timing out frequently
2619         (Requested by ap on #webkit).
2620
2621         Reverted changesets:
2622
2623         "decompose4 return value is unchecked, leading to potentially
2624         uninitialized data."
2625         https://bugs.webkit.org/show_bug.cgi?id=158761
2626         http://trac.webkit.org/changeset/202068
2627
2628         "[mac] LayoutTest transforms/undecomposable.html is a flaky
2629         timeout"
2630         https://bugs.webkit.org/show_bug.cgi?id=158816
2631         http://trac.webkit.org/changeset/202115
2632
2633         "[mac] LayoutTest transforms/undecomposable.html is a flaky
2634         timeout"
2635         https://bugs.webkit.org/show_bug.cgi?id=158816
2636         http://trac.webkit.org/changeset/202128
2637
2638 2016-06-17  Chris Fleizach  <cfleizach@apple.com>
2639
2640         AX: HTML indeterminate IDL attribute not mapped to checkbox value=2 for native checkboxes
2641         https://bugs.webkit.org/show_bug.cgi?id=158876
2642         <rdar://problem/26842619>
2643
2644         Reviewed by Joanmarie Diggs.
2645
2646         The indeterminate state was not being reported for native checkboxes. 
2647
2648         Also the isIndeterminate() method was relying on whether the appearance changed, which does not happen on Mac, so that
2649         was not being reported correctly. Changed that to check the actual attribute.
2650
2651         Test: accessibility/checkbox-mixed-value.html
2652
2653         * accessibility/AccessibilityNodeObject.cpp:
2654         (WebCore::AccessibilityNodeObject::isIndeterminate):
2655         (WebCore::AccessibilityNodeObject::isPressed):
2656         (WebCore::AccessibilityNodeObject::checkboxOrRadioValue):
2657         * accessibility/AccessibilityObject.cpp:
2658         (WebCore::AccessibilityObject::checkboxOrRadioValue):
2659
2660 2016-06-17  Dean Jackson  <dino@apple.com>
2661
2662         REGRESSION (r199819): CrashTracer: [GraphicsContext3D::getInternalFramebufferSize
2663         https://bugs.webkit.org/show_bug.cgi?id=158895
2664         <rdar://problem/26423617>
2665
2666         Reviewed by Zalan Bujtas.
2667
2668         In r199819 we started resetting contexts if the page had too
2669         many. Unfortunately there were entry points in the WebGL context
2670         that didn't check for the validity of the object before trying
2671         to access the lower level objects.
2672
2673         Test: webgl/many-contexts-access-after-loss.html
2674
2675         * html/canvas/WebGLRenderingContextBase.cpp:
2676         (WebCore::WebGLRenderingContextBase::drawingBufferWidth): Return 0 if we're lost.
2677         (WebCore::WebGLRenderingContextBase::drawingBufferHeight): Ditto.
2678
2679 2016-06-17  Daniel Bates  <dabates@apple.com>
2680
2681         Unreviewed, rolling out r202186.
2682
2683         Broke the Apple Windows, Apple Yosemite, GTK, and WinCairo
2684         builds.
2685
2686         Reverted changeset:
2687
2688         "File scheme should not allow access of a resource on a
2689         different volume."
2690         https://bugs.webkit.org/show_bug.cgi?id=158552
2691         http://trac.webkit.org/changeset/202186
2692
2693 2016-06-17  Daniel Bates  <dabates@apple.com>
2694
2695         Unreviewed, rolling out r202187.
2696
2697         202186
2698
2699         Reverted changeset:
2700
2701         "Unreviewed clean-up after r202186."
2702         http://trac.webkit.org/changeset/202187
2703
2704 2016-06-17  Chris Dumez  <cdumez@apple.com>
2705
2706         Optimize parseCacheHeader() by using StringView
2707         https://bugs.webkit.org/show_bug.cgi?id=158891
2708
2709         Reviewed by Darin Adler.
2710
2711         Optimize parseCacheHeader() and avoid some temporary String allocations
2712         by using StringView. We now strip the whitespaces in the input string
2713         at the beginning of the function, at the same as as we strip the
2714         control characters. We are then able to leverage StringView in the
2715         rest of the function to get substrings without the need for extra
2716         String allocations.
2717
2718         * platform/network/CacheValidation.cpp:
2719         (WebCore::isControlCharacterOrSpace):
2720         (WebCore::trimToNextSeparator):
2721         (WebCore::parseCacheHeader):
2722
2723 2016-06-17  Brent Fulgham  <bfulgham@apple.com>
2724
2725         Unreviewed clean-up after r202186.
2726
2727         * platform/FileSystem.cpp:
2728         (WebCore::filesHaveSameVolume): Don't use C-style formatting.
2729
2730 2016-06-17  Pranjal Jumde  <pjumde@apple.com>
2731
2732         File scheme should not allow access of a resource on a different volume.
2733         https://bugs.webkit.org/show_bug.cgi?id=158552
2734         <rdar://problem/15307582>
2735
2736         Reviewed by Brent Fulgham.
2737
2738         Tests: Tools/TestWebKitAPI/Tests/mac/CrossPartitionFileSchemeAccess.mm
2739
2740         * page/SecurityOrigin.cpp:
2741         (WebCore::SecurityOrigin::canDisplay):
2742         * platform/FileSystem.cpp:
2743         (WebCore::platformFileStat):
2744         (WebCore::filesHaveSameVolume):
2745         Returns true if the files are on the same volume
2746         * platform/FileSystem.h:
2747
2748 2016-06-17  Antoine Quint  <graouts@apple.com>
2749
2750         Web video playback controls should have RTL volume slider
2751         https://bugs.webkit.org/show_bug.cgi?id=158856
2752         <rdar://problem/25971769>
2753
2754         Reviewed by Tim Horton.
2755
2756         We reproduce the system used to propagate the page scale factor from the WebPage to the media controls to
2757         propagate the user interface layout direction.
2758
2759         The Page exposes a new setUserInterfaceLayoutDirection() method which is set by the WebPage. The Page
2760         then notifies the Document of a change, which propagates down to registered media elements, and finally sets
2761         the usesLTRUserInterfaceLayoutDirection property on the media controller object in the injected JavaScript.
2762         Based on the value of that property we toggle a new .uses-ltr-user-interface-layout-direction CSS class on the
2763         .volume-box which applies a translate to the right and flips the volume controls on the x axis.
2764
2765         Since we're setting a new JS property from HTMLMediaController, we refactor much of the code out of the existing
2766         pageScaleFactorChanged() and setPageScaleFactorProperty() into the new setControllerJSProperty() method so that
2767         can easily set a named JS property with a given JSValue.
2768
2769         For testing purposes, we expose the WebCore::Page::setUserInterfaceLayoutDirection() method through Internals.
2770
2771         Test: fullscreen/video-controls-rtl.html
2772
2773         * Modules/mediacontrols/mediaControlsApple.css:
2774         (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box:not(.uses-ltr-user-interface-layout-direction)):
2775         * Modules/mediacontrols/mediaControlsApple.js:
2776         (Controller.prototype.set usesLTRUserInterfaceLayoutDirection):
2777         * WebCore.xcodeproj/project.pbxproj:
2778         * dom/Document.cpp:
2779         (WebCore::Document::registerForUserInterfaceLayoutDirectionChangedCallbacks):
2780         (WebCore::Document::unregisterForUserInterfaceLayoutDirectionChangedCallbacks):
2781         (WebCore::Document::userInterfaceLayoutDirectionChanged):
2782         * dom/Document.h:
2783         * html/HTMLMediaElement.cpp:
2784         (WebCore::HTMLMediaElement::registerWithDocument):
2785         (WebCore::HTMLMediaElement::unregisterWithDocument):
2786         (WebCore::HTMLMediaElement::updatePageScaleFactorJSProperty):
2787         (WebCore::HTMLMediaElement::updateUsesLTRUserInterfaceLayoutDirectionJSProperty):
2788         (WebCore::HTMLMediaElement::setControllerJSProperty):
2789         (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
2790         (WebCore::HTMLMediaElement::pageScaleFactorChanged):
2791         (WebCore::HTMLMediaElement::userInterfaceLayoutDirectionChanged):
2792         (WebCore::setPageScaleFactorProperty): Deleted.
2793         * html/HTMLMediaElement.h:
2794         * page/Page.cpp:
2795         (WebCore::Page::setUserInterfaceLayoutDirection):
2796         * page/Page.h:
2797         (WebCore::Page::userInterfaceLayoutDirection):
2798         * platform/UserInterfaceLayoutDirection.h: Renamed from Source/WebKit2/UIProcess/UserInterfaceLayoutDirection.h.
2799         * testing/Internals.cpp:
2800         (WebCore::Internals::setUserInterfaceLayoutDirection):
2801         * testing/Internals.h:
2802         * testing/Internals.idl:
2803
2804 2016-06-17  Chris Dumez  <cdumez@apple.com>
2805
2806         TouchEvent should have a constructor
2807         https://bugs.webkit.org/show_bug.cgi?id=158883
2808         <rdar://problem/26063585>
2809
2810         Reviewed by Benjamin Poulain.
2811
2812         TouchEvent should have a constructor:
2813         - https://w3c.github.io/touch-events/#touchevent-interface
2814
2815         Chrome already ships this:
2816         - https://bugs.chromium.org/p/chromium/issues/detail?id=508675
2817
2818         Test: fast/events/touch/touch-event-constructor.html
2819
2820         * bindings/js/JSDictionary.cpp:
2821         (WebCore::JSDictionary::convertValue):
2822         * bindings/js/JSDictionary.h:
2823         * dom/TouchEvent.cpp:
2824         (WebCore::TouchEvent::TouchEvent):
2825         * dom/TouchEvent.h:
2826         * dom/TouchEvent.idl:
2827
2828 2016-06-17  Zalan Bujtas  <zalan@apple.com>
2829
2830         Potential null dereferencing on a detached positioned renderer.
2831         https://bugs.webkit.org/show_bug.cgi?id=158879
2832
2833         Reviewed by Simon Fraser.
2834
2835         This patch fixes the case when the while loop to search for the absolute positioned ancestor
2836         returns null (it happens when positioned renderer has been detached from the render tree).
2837
2838         Speculative fix.
2839
2840         * rendering/RenderBlock.cpp:
2841         (WebCore::RenderBlock::markFixedPositionObjectForLayoutIfNeeded):
2842         * rendering/RenderBlock.h:
2843
2844 2016-06-17  Chris Dumez  <cdumez@apple.com>
2845
2846         URL hash setter does not remove fragment identifier if argument is an empty string
2847         https://bugs.webkit.org/show_bug.cgi?id=158869
2848         <rdar://problem/26863430>
2849
2850         Reviewed by Darin Adler.
2851
2852         URL hash setter and URLUtils hash setter should remove the fragment identifier
2853         if set to "#" or "":
2854         - https://url.spec.whatwg.org/#dom-url-hash
2855         - https://html.spec.whatwg.org/multipage/semantics.html#dom-hyperlink-hash
2856
2857         This patch aligns our behavior with the specification and with other browsers
2858         (tested Firefox and Chrome).
2859
2860         This patch also updates HTMLAnchorElement to inherit URLUtils to avoid code
2861         duplication. HTMLAnchorElement already implements URLUtils in the IDL, as per
2862         the specification:
2863         - https://html.spec.whatwg.org/multipage/semantics.html#htmlanchorelement
2864
2865         No new tests, rebaselined existing tests.
2866
2867         * html/HTMLAnchorElement.cpp:
2868         (WebCore::HTMLAnchorElement::origin): Deleted.
2869         (WebCore::HTMLAnchorElement::text): Deleted.
2870         (WebCore::HTMLAnchorElement::setText): Deleted.
2871         (WebCore::HTMLAnchorElement::toString): Deleted.
2872         (WebCore::HTMLAnchorElement::isLiveLink): Deleted.
2873         (WebCore::HTMLAnchorElement::sendPings): Deleted.
2874         (WebCore::HTMLAnchorElement::handleClick): Deleted.
2875         (WebCore::HTMLAnchorElement::eventType): Deleted.
2876         (WebCore::HTMLAnchorElement::treatLinkAsLiveForEventType): Deleted.
2877         (WebCore::isEnterKeyKeydownEvent): Deleted.
2878         (WebCore::shouldProhibitLinks): Deleted.
2879         (WebCore::HTMLAnchorElement::willRespondToMouseClickEvents): Deleted.
2880         (WebCore::rootEditableElementMap): Deleted.
2881         (WebCore::HTMLAnchorElement::rootEditableElementForSelectionOnMouseDown): Deleted.
2882         (WebCore::HTMLAnchorElement::clearRootEditableElementForSelectionOnMouseDown): Deleted.
2883         (WebCore::HTMLAnchorElement::setRootEditableElementForSelectionOnMouseDown): Deleted.
2884         * html/HTMLAnchorElement.h:
2885         (WebCore::HTMLAnchorElement::invalidateCachedVisitedLinkHash): Deleted.
2886         * html/URLUtils.h:
2887         (WebCore::URLUtils<T>::setHash):
2888
2889 2016-06-17  John Wilander  <wilander@apple.com>
2890
2891         Ignore case in the check for security origin inheritance
2892         https://bugs.webkit.org/show_bug.cgi?id=158878
2893
2894         Reviewed by Alex Christensen.
2895
2896         Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
2897         "Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII 
2898         case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for 
2899         those two lines instead of using ==. URL::parse normalizes letters in the scheme 
2900         and host by using toASCIILower, but does not normalize letters elsewhere in the 
2901         URL, such as in the "blank" or "srcdoc" in the above URLs."
2902
2903         Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
2904
2905         * platform/URL.cpp:
2906         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
2907
2908 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
2909
2910         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
2911         https://bugs.webkit.org/show_bug.cgi?id=158868
2912
2913         Reviewed by Alex Christensen.
2914
2915         Fix compilation errors in Node.cpp when we enable DUMP_NODE_STATISTICS
2916
2917         * dom/Node.cpp:
2918         (WebCore::Node::dumpStatistics):
2919
2920 2016-06-17  Per Arne Vollan  <pvollan@apple.com>
2921
2922         [Win] Scrolling in popup menu scrolls past last entry.
2923         https://bugs.webkit.org/show_bug.cgi?id=158870
2924
2925         Reviewed by Brent Fulgham.
2926
2927         When the popup has a scrollbar, the content size is not equal to the popup window size.
2928   
2929         * platform/win/PopupMenuWin.cpp:
2930         (WebCore::PopupMenuWin::contentsSize):
2931
2932 2016-06-17  Frederic Wang  <fwang@igalia.com>
2933
2934         Refactor RenderMathMLRoot layout function to avoid using flexbox
2935         https://bugs.webkit.org/show_bug.cgi?id=153987
2936
2937         Reviewed by Brent Fulgham.
2938
2939         No new tests, already covered by existing tests.
2940         A case for RTL root has been added to roots.xhtml.
2941
2942         We reimplement RenderMathMLRoot without any flexbox or anonymous.
2943         The anonymous RenderMathMLRadicalOperator used to draw the radical sign is replaced with
2944         the MathOperator class introduced in bug 152244.
2945         msqrt (row of children under a square root) is now implemented directly in RenderMathMLRoot,
2946         so RenderMathMLSquareRoot is removed and RenderMathMLRoot now inherits from RenderMathMLRow.
2947
2948         * CMakeLists.txt: Remove files for RenderMathMLRadicalOperator and RenderMathMLSquareRoot.
2949         * WebCore.xcodeproj/project.pbxproj: ditto.
2950         * accessibility/AccessibilityRenderObject.cpp: Update code now that we do not use any
2951         radical wrappers.
2952         (WebCore::AccessibilityRenderObject::isMathRow): Now that RenderMathMLRoot inherits from
2953         RenderMathMLRow, we must exclude MathRoot or otherwise some accessibility code may treat
2954         roots as rows.
2955         (WebCore::AccessibilityRenderObject::mathRadicandObject): Return the first child for
2956         Root/SquareRoot or nullptr.
2957         (WebCore::AccessibilityRenderObject::mathRootIndexObject): Return the second child for
2958         Root and nullptr for SquareRoot.
2959         * mathml/MathMLInlineContainerElement.cpp:
2960         (WebCore::MathMLInlineContainerElement::childrenChanged): We no longer need a special case
2961         for msqrt, it is treated as a normal RenderMathMLRow.
2962         (WebCore::MathMLInlineContainerElement::createElementRenderer): Make msqrt create a
2963         RenderMathMLRoot object.
2964         * rendering/RenderObject.h:
2965         (WebCore::RenderObject::isRenderMathMLRadicalOperator): Deleted.
2966         * rendering/mathml/RenderMathMLBlock.cpp:
2967         (WebCore::RenderMathMLBlock::mirrorIfNeeded): New function to mirror a child horizontal
2968         offset according to the parent width.
2969         (WebCore::RenderMathMLBlock::renderName):
2970         * rendering/mathml/RenderMathMLBlock.h:
2971         (WebCore::RenderMathMLBlock::mirrorIfNeeded): Moved from RenderMathMLScripts, just forward
2972         call to the other mirrorIfNeeded function.
2973         * rendering/mathml/RenderMathMLOperator.cpp: We no longer need this trailingSpaceError hack.
2974         (WebCore::RenderMathMLOperator::trailingSpaceError): Deleted.
2975         * rendering/mathml/RenderMathMLOperator.h: ditto.
2976         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Removed. The radical sign is now drawn
2977         with a MathOperator.
2978         * rendering/mathml/RenderMathMLRadicalOperator.h: Removed.
2979         * rendering/mathml/RenderMathMLRoot.cpp: Complete refactoring to avoid using flexbox and
2980         anonymous wrappers.
2981         (WebCore::RenderMathMLRoot::RenderMathMLRoot): Set m_kind parameters to distinguish between
2982         square root and general root and set the MathOperator member to draw the radical sign.
2983         (WebCore::RenderMathMLRoot::isValid): Helper function to verify whether the child list is valid.
2984         (WebCore::RenderMathMLRoot::getBase): Get the base of an mroot.
2985         (WebCore::RenderMathMLRoot::getIndex): Get the index of an mroot.
2986         (WebCore::RenderMathMLRoot::styleDidChange): Be sure to keep the style of the
2987         MathOperator in sync with ours ; no need to skip empty roots.
2988         (WebCore::RenderMathMLRoot::updateFromElement): Call the function from the new parent class ;
2989         no need to skip empty roots.
2990         (WebCore::RenderMathMLRoot::updateStyle): Remove the isEmpty ASSERT as it is valid to have
2991         empty square root. Set the m_kernBeforeDegree, m_kernBeforeDegree members.
2992         No need to set style for anonymous.
2993         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths): Implement this function.
2994         (WebCore::RenderMathMLRoot::layoutBlock): Implement this function.
2995         (WebCore::RenderMathMLRoot::paintChildren): Implement this function.
2996         (WebCore::RenderMathMLRoot::paint): Remove the trailingSpaceError hack ;
2997         paint the radical sign via MathOperator::paint
2998         (WebCore::RenderMathMLRoot::baseWrapper): Deleted.
2999         (WebCore::RenderMathMLRoot::radicalWrapper): Deleted.
3000         (WebCore::RenderMathMLRoot::indexWrapper): Deleted.
3001         (WebCore::RenderMathMLRoot::radicalOperator): Deleted.
3002         (WebCore::RenderMathMLRoot::restructureWrappers): Deleted.
3003         (WebCore::RenderMathMLRoot::addChild): Deleted.
3004         (WebCore::RenderMathMLRoot::firstLineBaseline): Deleted.
3005         (WebCore::RenderMathMLRoot::layout): Deleted.
3006         (WebCore::RenderMathMLRootWrapper::createAnonymousWrapper): Deleted.
3007         (WebCore::RenderMathMLRootWrapper::removeChildWithoutRestructuring): Deleted.
3008         (WebCore::RenderMathMLRootWrapper::removeChild): Deleted.
3009         * rendering/mathml/RenderMathMLRoot.h: Make RenderMathMLRoot inherit from RenderMathMLRow.
3010         Make RenderMathMLRoot support <msqrt>.
3011         Remove all the anonymous wrapper stuff and instead use a MathOperator for the radical symbol.
3012         Update function declaration to implement layout without flexbox and add some helper functions.
3013         * rendering/mathml/RenderMathMLRow.cpp: Allow to get the exact metrics of the chid row,
3014         for use in RenderMathMLRoot.
3015         (WebCore::RenderMathMLRow::computeLineVerticalStretch): rename parameters.
3016         (WebCore::RenderMathMLRow::layoutRowItems): Set parameters to the final ascent, descent and
3017         logical width of the chid row. Set the temporary logical width for RenderMathRoot before
3018         laying the children out.
3019         (WebCore::RenderMathMLRow::layoutBlock): Rename parameters ; add a dummy logicalWidth
3020         parameter.
3021         * rendering/mathml/RenderMathMLRow.h: Make some functions accessible or overridable by
3022         RenderMathMLRoot. Make layoutRowItems return the final ascent, descent and logical width
3023         after the chid row is laid out.
3024         * rendering/mathml/RenderMathMLScripts.cpp: Move mirrorIfNeeded to RenderMathMLBlock.
3025         (WebCore::RenderMathMLScripts::mirrorIfNeeded): Deleted.
3026         * rendering/mathml/RenderMathMLScripts.h: Move mirrorIfNeeded to RenderMathMLBlock.
3027         * rendering/mathml/RenderMathMLSquareRoot.cpp: Removed.
3028         * rendering/mathml/RenderMathMLSquareRoot.h: Removed.
3029         * rendering/mathml/MathOperator.cpp:
3030         (WebCore::MathOperator::paint): Apply a mirroring scale transform to radical symbol
3031         in RTL direction.
3032
3033 2016-06-17  Chris Dumez  <cdumez@apple.com>
3034
3035         Drop some unnecessary header includes
3036         https://bugs.webkit.org/show_bug.cgi?id=158864
3037
3038         Reviewed by Alexey Proskuryakov.
3039
3040         Drop some unnecessary header includes to try and reduce build times.
3041
3042         * WebCore.xcodeproj/project.pbxproj:
3043         * accessibility/AccessibilityList.cpp:
3044         * css/CSSComputedStyleDeclaration.cpp:
3045         * css/MediaQueryMatcher.cpp:
3046         * css/StyleMedia.cpp:
3047         * css/TransformFunctions.cpp:
3048         * dom/NodeRenderStyle.h:
3049         * dom/PseudoElement.h:
3050         (isType): Deleted.
3051         * html/HTMLTitleElement.cpp:
3052         * html/shadow/MediaControlElementTypes.h:
3053         * html/shadow/MediaControls.cpp:
3054         * inspector/InspectorDOMAgent.h:
3055         * inspector/InspectorLayerTreeAgent.h:
3056         * inspector/InspectorPageAgent.cpp:
3057         * page/scrolling/AsyncScrollingCoordinator.cpp:
3058         * page/scrolling/ScrollingCoordinator.h:
3059         * rendering/BidiRun.h:
3060         * rendering/BorderEdge.h:
3061         * rendering/RenderElement.h:
3062         * rendering/RenderObject.h:
3063         (WebCore::AnnotatedRegionValue::operator==): Deleted.
3064         (WebCore::AnnotatedRegionValue::operator!=): Deleted.
3065         * rendering/RenderObjectEnums.h: Added.
3066         * rendering/RenderTheme.h:
3067         * rendering/SimpleLineLayoutFlowContents.h:
3068         * rendering/SimpleLineLayoutTextFragmentIterator.h:
3069         * rendering/TextPainter.h:
3070         * rendering/style/RenderStyle.h:
3071         (WebCore::pseudoElementRendererIsNeeded):
3072         * rendering/style/ShapeValue.cpp:
3073         * rendering/style/ShapeValue.h:
3074         * style/ClassChangeInvalidation.cpp:
3075         * style/ClassChangeInvalidation.h:
3076         * style/InlineTextBoxStyle.h:
3077         * style/StyleUpdate.cpp:
3078
3079 2016-06-17  Andreas Kling  <akling@apple.com>
3080
3081         [iOS] Throw away linked code when navigating to a new page.
3082         <https://webkit.org/b/153851>
3083
3084         Reviewed by Antti Koivisto.
3085
3086         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
3087         Linked code is tied to a specific global object, and as we're creating a new one for the
3088         new page, none of it is useful to us here.
3089
3090         In the event that the user navigates back, the cost of relinking some code will be far
3091         lower than the memory cost of keeping all of it around.
3092
3093         This was in-tree before but was rolled out due to regressing JSBench. It was a slowdown
3094         due to the benchmark harness using top-level navigations to drive the tests.
3095         This new version avoids that problem by only throwing out code if we haven't navigated
3096         in the last 2 seconds. This also prevents excessive work in response to redirects.
3097
3098         I've also moved this into MemoryPressureHandler so we don't make a mess in FrameLoader.
3099
3100         * loader/FrameLoader.cpp:
3101         (WebCore::FrameLoader::commitProvisionalLoad):
3102         * platform/MemoryPressureHandler.cpp:
3103         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
3104         * platform/MemoryPressureHandler.h:
3105
3106 2016-06-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
3107
3108         CORS preflight with a non-200 response should be a preflight failure
3109         https://bugs.webkit.org/show_bug.cgi?id=111008
3110
3111         Reviewed by Darin Adler.
3112
3113         Covered by rebased tests.
3114
3115         * Modules/fetch/FetchResponse.h: Making use of ResourceResponse::isSuccessful.
3116         * loader/CrossOriginPreflightChecker.cpp:
3117         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Checking that response status is code is
3118         successful. If not, calling preflight failure callback.
3119         (WebCore::CrossOriginPreflightChecker::startPreflight): Putting in manual redirection mode so that redirection
3120         responses are processed as other responses.
3121         * loader/ResourceLoaderOptions.h:
3122         (WebCore::ResourceLoaderOptions::fetchOptions): Adding a non-const getter and fixing const getter to return a
3123         const reference.
3124         (WebCore::ResourceLoaderOptions::setFetchOptions): Passing options by reference.
3125         * platform/network/ResourceResponseBase.cpp:
3126         (WebCore::ResourceResponseBase::isSuccessful): Utility function.
3127         * platform/network/ResourceResponseBase.h:
3128
3129 2016-06-17  Frederic Wang  <fwang@igalia.com>
3130
3131         MathOperator: Add fallback mechanisms for stretching and mirroring radical symbols
3132         https://bugs.webkit.org/show_bug.cgi?id=156836
3133
3134         Reviewed by Sergio Villar Senin.
3135
3136         Some platforms do not have OpenType MATH fonts pre-installed and thus can not draw stretchy
3137         operators using size variants or glyph assembly. This is especially problematic for the
3138         radical symbol which is used to write roots. Currently, we have some fallback code to draw
3139         that symbol using graphical primitives but it is a bit complex and makes the style of radical
3140         inconsistent with the font used. We solve these issues by just scaling the base glyph via a
3141         scale transform. Such scale transform is also used to mirror the radical symbol so that we
3142         have some support for right-to-left roots until we can do glyph-level mirroring
3143         via the OpenType rtlm feature.
3144
3145         Test: mathml/radical-fallback.html
3146
3147         * rendering/mathml/MathOperator.cpp: Add a constant for the code point U+221A of the radical.
3148         (WebCore::MathOperator::reset): In general, we don't need any vertical scaling for radical
3149         symbols so m_radicalVerticalScale is initialized to 1.
3150         (WebCore::MathOperator::calculateStretchyData): If we don't have a font with a MATH table and we
3151         try streching a radical, then we update the vertical metrics to match the target size and
3152         set m_radicalVerticalScale to the value necessary to make the base glyph scaled to that size.
3153         (WebCore::MathOperator::paint): For a radical operator, we may apply a scale transform of
3154         parameters (radicalHorizontalScale, m_radicalVerticalScale) in order to support RTL
3155         mirroring or vertical stretching.
3156         * rendering/mathml/MathOperator.h: We add a m_radicalVerticalScale member to indicate the
3157         scaling to apply to the base radical glyph when the stretchy fallback is necessary.
3158         (WebCore::MathOperator::isStretched): The operator is also considered stretched when the
3159         m_radicalVerticalScale is applied to the base size.
3160         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Remove code specific to the old fallback mechanism.
3161         * rendering/mathml/RenderMathMLRadicalOperator.h: Ditto.
3162
3163 2016-06-16  Commit Queue  <commit-queue@webkit.org>
3164
3165         Unreviewed, rolling out r202147.
3166         https://bugs.webkit.org/show_bug.cgi?id=158867
3167
3168         Broke scrolling tests on iOS Simulator (Requested by ap on
3169         #webkit).
3170
3171         Reverted changeset:
3172
3173         "Focus event dispatched in iframe causes parent document to
3174         scroll incorrectly"
3175         https://bugs.webkit.org/show_bug.cgi?id=158629
3176         http://trac.webkit.org/changeset/202147
3177
3178 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
3179
3180         :in-range & :out-of-range CSS pseudo-classes shouldn't match disabled or readonly inputs
3181         https://bugs.webkit.org/show_bug.cgi?id=156530
3182
3183         Reviewed by Simon Fraser.
3184
3185         Elements should only match :in-range and :out-of-range
3186         when they are candidate for constraint validation.
3187
3188         Tests: fast/css/pseudo-in-range-on-disabled-input-basics.html
3189                fast/css/pseudo-in-range-on-readonly-input-basics.html
3190                fast/css/pseudo-in-range-out-of-range-on-disabled-input-trivial.html
3191                fast/css/pseudo-out-of-range-on-disabled-input-basics.html
3192                fast/css/pseudo-out-of-range-on-readonly-input-basics.html
3193                fast/selectors/in-range-out-of-range-style-update.html
3194
3195         * html/BaseDateAndTimeInputType.cpp:
3196         (WebCore::BaseDateAndTimeInputType::minOrMaxAttributeChanged):
3197         * html/NumberInputType.cpp:
3198         (WebCore::NumberInputType::minOrMaxAttributeChanged):
3199         I forgot to handle style update in r202143.
3200         This is covered by the new style invalidation test.
3201
3202         * html/BaseDateAndTimeInputType.h:
3203         * html/HTMLInputElement.cpp:
3204         (WebCore::HTMLInputElement::isInRange):
3205         (WebCore::HTMLInputElement::isOutOfRange):
3206
3207 2016-06-16  Frederic Wang  <fwang@igalia.com>
3208
3209         Add separate MathOperator for selection/measuring/drawing of stretchy operators
3210         https://bugs.webkit.org/show_bug.cgi?id=152244
3211
3212         Reviewed by Brent Fulgham.
3213
3214         We complete the class to select, measure and draw stretchy operators that is independent
3215         from RenderMathMLOperator. That way, we will be able use stretchy operator without having
3216         to introduce & manage anonymous RenderMathMLOperator's
3217         (e.g for <mroot>, <msqrt> and <mfenced>).
3218
3219         No new tests, already covered by existing tests.
3220
3221         * rendering/mathml/MathOperator.cpp:
3222         (WebCore::ascentForGlyph): Add this helper function to get glyph ascent.
3223         (WebCore::descentForGlyph): Add this helper function to get glyph descent.
3224         (WebCore::MathOperator::reset): Initialize all the data and calculate ascent/descent of the
3225         base glyph.
3226         (WebCore::MathOperator::setSizeVariant): Set the width/ascent/descent.
3227         (WebCore::MathOperator::setGlyphAssembly): Ditto.
3228         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Remove the STIX Word hack and
3229         change m_maxPreferredWidth to use the actual width instead.
3230         (WebCore::MathOperator::stretchTo): New functions to execute the actual operator streching.
3231         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Add a FIXME for bug 155434.
3232         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Align all the glyph baselines on
3233         the same axis, given by m_ascent.
3234         Add a FIXME for bug 155434.
3235         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
3236         (WebCore::MathOperator::paint): Public function to do the painting.
3237         (WebCore::MathOperator::paintVerticalGlyphAssembly): Deleted.
3238         * rendering/mathml/MathOperator.h: Update declarations and make most of the members private.
3239         (WebCore::MathOperator::ascent): Function to expose m_ascent.
3240         (WebCore::MathOperator::descent): Function to expose m_descent.
3241         * rendering/mathml/RenderMathMLOperator.cpp:
3242         (WebCore::RenderMathMLOperator::stretchTo): Forward the stretching call to MathOperator.
3243         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Unfold advanceForGlyph
3244         since we delete RenderMathMLOperator::advanceForGlyph. Just rely on
3245         MathOperator::maxPreferredWidth to determine the preferred width of stretchy operators.
3246         For horizontal operators, we just use the width of the base glyph.
3247         Finally, we remove the dirty flag on preferred logical width.
3248         (WebCore::RenderMathMLOperator::rebuildTokenContent): Reinit the MathOperator instance.
3249         (WebCore::RenderMathMLOperator::updateFromElement): Force more updates of
3250         RenderMathMLOperator to avoid test breakage.
3251         (WebCore::RenderMathMLOperator::styleDidChange): Call MathOperator::reset to take into
3252         account style change.
3253         (WebCore::RenderMathMLOperator::updateStyle): Remove unused code.
3254         (WebCore::RenderMathMLOperator::firstLineBaseline): Use MathOperator::ascent() function.
3255         (WebCore::RenderMathMLOperator::computeLogicalHeight): Use MathOperator::ascent() and
3256         MathOperator::descent() functions to calculate the height.
3257         (WebCore::RenderMathMLOperator::paint): Only stretched operators are treated specially.
3258         We center horizontal operator and forward the paint() call to MathOperator.
3259         (WebCore::RenderMathMLOperator::trailingSpaceError): The error is now just the difference
3260         between the values returned by MathOperator::maxPreferredWidth() and
3261         MathOperator::width().
3262         (WebCore::boundsForGlyph): Deleted.
3263         (WebCore::heightForGlyph): Deleted.
3264         (WebCore::advanceWidthForGlyph): Deleted.
3265         (WebCore::RenderMathMLOperator::updateStyle): Deleted.
3266
3267 2016-06-16  Jiewen Tan  <jiewen_tan@apple.com>
3268
3269         CSP: Content Security Policy should allow '*' to match the originating page's scheme
3270         https://bugs.webkit.org/show_bug.cgi?id=158811
3271         <rdar://problem/26819568>
3272
3273         Reviewed by Daniel Bates.
3274
3275         Tests: security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star.html
3276                security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star.html
3277                security/contentSecurityPolicy/script-with-file-url-allowed-by-script-src-star.html
3278                security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star.html
3279
3280         * page/csp/ContentSecurityPolicySourceList.cpp:
3281         (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):
3282
3283 2016-06-16  Chris Dumez  <cdumez@apple.com>
3284
3285         Add HTTPHeaderMap::set() overload taking a NSString*
3286         https://bugs.webkit.org/show_bug.cgi?id=158857
3287
3288         Reviewed by Darin Adler.
3289
3290         Add HTTPHeaderMap::set() overloading taking a NSString* in addition to
3291         the one taking a CFStringRef. It is useful for the Cocoa implementation
3292         of ResourceRequest::doUpdateResourceRequest().
3293
3294         * platform/network/HTTPHeaderMap.h:
3295         (WebCore::HTTPHeaderMap::set):
3296
3297 2016-06-16  Joseph Pecoraro  <pecoraro@apple.com>
3298
3299         Web Inspector: console.profile should use the new Sampling Profiler
3300         https://bugs.webkit.org/show_bug.cgi?id=153499
3301         <rdar://problem/24352431>
3302
3303         Reviewed by Timothy Hatcher.
3304
3305         Test: inspector/timeline/setInstruments-programmatic-capture.html
3306
3307         * inspector/InspectorTimelineAgent.cpp:
3308         (WebCore::InspectorTimelineAgent::startFromConsole):
3309         (WebCore::InspectorTimelineAgent::stopFromConsole):
3310         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
3311         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
3312         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
3313         (WebCore::InspectorTimelineAgent::toggleInstruments):
3314         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
3315         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
3316         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
3317         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
3318         * inspector/InspectorTimelineAgent.h:
3319         Web implementation of console.profile/profileEnd.
3320         Make helpers for startings / stopping instruments.
3321
3322 2016-06-16  John Wilander  <wilander@apple.com>
3323
3324         Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
3325         https://bugs.webkit.org/show_bug.cgi?id=158855
3326         <rdar://problem/26142632>
3327
3328         Reviewed by Alex Christensen.
3329
3330         Tests: http/tests/dom/window-open-about-blank-and-access-document.html
3331                http/tests/dom/window-open-about-webkit-org-and-access-document.html
3332
3333         Document.cpp previously checked whether a document should inherit its owner's 
3334         security origin by checking if the URL is either empty or blank. URL.cpp in 
3335         turn only checks if the protocol is "about:" in the isBlankURL() function. 
3336         Thus all about:* URLs inherited security origin. This patch restricts 
3337         security origin inheritance to empty, about:blank, and about:srcdoc URLs.
3338
3339         Quotes and links from the WHATWG spec regarding about:srcdoc:
3340
3341         7.1 Browsing contexts
3342         A browsing context can have a creator browsing context, the browsing context 
3343         that was responsible for its creation. If a browsing context has a parent 
3344         browsing context, then that is its creator browsing context. Otherwise, if the 
3345         browsing context has an opener browsing context, then that is its creator 
3346         browsing context. Otherwise, the browsing context has no creator browsing 
3347         context.
3348         https://html.spec.whatwg.org/multipage/browsers.html#concept-document-bc
3349
3350         7.1.1 Nested browsing contexts
3351         Certain elements (for example, iframe elements) can instantiate further 
3352         browsing contexts. These are called nested browsing contexts. If a browsing 
3353         context P has a Document D with an element E that nests another browsing 
3354         context C inside it, then C is said to be nested through D, and E is said to 
3355         be the browsing context container of C. If the browsing context container 
3356         element E is in the Document D, then P is said to be the parent browsing 
3357         context of C and C is said to be a child browsing context of P. Otherwise, 
3358         the nested browsing context C has no parent browsing context.
3359         https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-context
3360
3361         4.8.5 The iframe element
3362         The iframe element represents a nested browsing context.
3363         ...
3364         If the srcdoc attribute is specified
3365             Navigate the element's child browsing context to a new response whose 
3366             url list consists of about:srcdoc ...
3367         https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-srcdoc
3368
3369         * dom/Document.cpp:
3370         (WebCore::Document::initSecurityContext):
3371             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
3372         (WebCore::Document::initContentSecurityPolicy):
3373             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
3374         (WebCore::shouldInheritSecurityOriginFromOwner): Deleted.
3375             Moved to URL::shouldInheritSecurityOriginFromOwner() and restricted the check.
3376         * platform/URL.cpp:
3377         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
3378         * platform/URL.h:
3379             Moved the function from Document and restricted the check to only allow
3380             security origin inheritance for empty, about:blank, and about:srcdoc URLs.
3381
3382 2016-06-16  Simon Fraser  <simon.fraser@apple.com>
3383
3384         [iOS] Focus event dispatched in iframe causes parent document to scroll incorrectly
3385         https://bugs.webkit.org/show_bug.cgi?id=158629
3386         rdar://problem/26521616
3387
3388         Reviewed by Enrica Casucci.
3389
3390         When focussing elements in iframes, the page could scroll to an incorrect location.
3391         This happened because code in Element::focus() tried to disable scrolling on focus,
3392         but did so only for the current frame, so ancestor frames got programmatically scrolled.
3393         On iOS we handle the scrolling in the UI process, so never want the web process to
3394         do programmatic scrolling.
3395
3396         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
3397         rather than manually prohibiting frame scrolling.
3398
3399         Tests: fast/forms/ios/focus-input-in-iframe.html
3400                fast/forms/ios/programmatic-focus-input-in-iframe.html
3401
3402         * dom/Element.cpp:
3403         (WebCore::Element::focus):
3404         * history/CachedPage.cpp:
3405         (WebCore::CachedPage::restore):
3406
3407 2016-06-16  Zalan Bujtas  <zalan@apple.com>
3408
3409         [New Block-Inside-Inline Model] Do not attempt to re-run margin collapsing on the block sequence.
3410         https://bugs.webkit.org/show_bug.cgi?id=158854
3411
3412         Reviewed by David Hyatt.
3413
3414         Test: fast/block/inside-inlines/crash-on-first-line-change.html
3415
3416         * rendering/RenderBlockLineLayout.cpp:
3417         (WebCore::RenderBlockFlow::marginCollapseLinesFromStart):
3418
3419 2016-06-16  Ting-Wei Lan  <lantw44@gmail.com>
3420
3421         Include cstdlib before using std::atexit
3422         https://bugs.webkit.org/show_bug.cgi?id=158681
3423
3424         Reviewed by Brent Fulgham.
3425
3426         * platform/graphics/PlatformDisplay.cpp:
3427
3428 2016-06-16  Chris Dumez  <cdumez@apple.com>
3429
3430         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
3431         https://bugs.webkit.org/show_bug.cgi?id=158853
3432
3433         Reviewed by Brent Fulgham.
3434
3435         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
3436         as m_bestFitImageURL data member is an AtomicString. This avoids constructing a String and
3437         then atomizing it.
3438
3439         * html/HTMLImageElement.cpp:
3440         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
3441
3442 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
3443
3444         :in-range & :out-of-range CSS pseudo-classes shouldn't match inputs without range limitations
3445         https://bugs.webkit.org/show_bug.cgi?id=156558
3446
3447         Reviewed by Simon Fraser.
3448
3449         The pseudo selectors :in-range and :out-of-range should only
3450         apply if:
3451         -minimum/maximum are defined for the input type
3452         -the input value is/is-not suffering from underflow/overflow.
3453
3454         Only certain types have a valid minimum and maximum:
3455         -number
3456         -range
3457         -date
3458         -month
3459         -week
3460         -time
3461         -datetime-local
3462
3463         Of those, only one has a default minimum and maximum: range.
3464         For all the others, the minimum or maximum is only defined
3465         if the min/max attribute is defined and valid.
3466
3467         This patch addresses these constraints for number and range.
3468         The date types range validation is severely broken and is
3469         left untouched. It really needs a clean rewrite.
3470
3471         Tests: fast/css/pseudo-in-range-basics.html
3472                fast/css/pseudo-in-range-out-of-range-trivial.html
3473                fast/css/pseudo-out-of-range-basics.html
3474
3475         * html/DateInputType.cpp:
3476         (WebCore::DateInputType::createStepRange):
3477         * html/DateTimeInputType.cpp:
3478         (WebCore::DateTimeInputType::createStepRange):
3479         * html/DateTimeLocalInputType.cpp:
3480         (WebCore::DateTimeLocalInputType::createStepRange):
3481         * html/InputType.cpp:
3482         (WebCore::InputType::isInRange):
3483         (WebCore::InputType::isOutOfRange):
3484         Notice the isEmpty() shortcut.
3485         A value can only overflow/underflow if it is not empty.
3486
3487         * html/MonthInputType.cpp:
3488         (WebCore::MonthInputType::createStepRange):
3489         * html/NumberInputType.cpp:
3490         (WebCore::NumberInputType::createStepRange):
3491         * html/RangeInputType.cpp:
3492         (WebCore::RangeInputType::createStepRange):
3493         * html/StepRange.cpp:
3494         (WebCore::StepRange::StepRange):
3495         * html/StepRange.h:
3496         (WebCore::StepRange::hasRangeLimitations):
3497         * html/WeekInputType.cpp:
3498         (WebCore::WeekInputType::createStepRange):
3499
3500 2016-06-16  Anders Carlsson  <andersca@apple.com>
3501
3502         Fix macOS Sierra build
3503         https://bugs.webkit.org/show_bug.cgi?id=158849
3504
3505         Reviewed by Tim Horton.
3506
3507         Add WebCore:: qualifiers for IOSurface, to avoid conflicts with the IOSurface Objective-C class.
3508         
3509         Also, add an asLayerContents() getter that will return an id that's suitable for setting 
3510         as the contents of a CALayer.
3511
3512         * platform/graphics/cocoa/IOSurface.h:
3513         * platform/graphics/cocoa/IOSurface.mm:
3514
3515 2016-06-16  Andreas Kling  <akling@apple.com>
3516
3517         REGRESSION(r196217): 3% JSBench regression on iPhone 5.
3518         <https://webkit.org/b/158848>
3519         <rdar://problem/26609622>
3520
3521         Unreviewed rollout.
3522
3523         Don't jettison linked code on every top-level navigation as that was hurting JSBench on iPhone 5.
3524
3525         * loader/FrameLoader.cpp:
3526         (WebCore::FrameLoader::commitProvisionalLoad):
3527
3528 2016-06-16  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3529
3530         WebRTC: Check type of this in RTCPeerConnection JS built-in functions
3531         https://bugs.webkit.org/show_bug.cgi?id=151303
3532
3533         Reviewed by Youenn Fablet.
3534
3535         Check type of 'this' in RTCPeerConnection JS built-in functions.
3536
3537         Test: fast/mediastream/RTCPeerConnection-js-built-ins-check-this.html
3538
3539         * Modules/mediastream/RTCPeerConnection.js:
3540         (createOffer):
3541         (createAnswer):
3542         (setLocalDescription):
3543         (setRemoteDescription):
3544         (addIceCandidate):
3545         (getStats):
3546         Reject if 'this' isn't of type RTCPeerConnection.
3547         * Modules/mediastream/RTCPeerConnectionInternals.js:
3548         (isRTCPeerConnection):
3549         Add helper function to perform type check. Needs further robustifying.
3550
3551 2016-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
3552
3553         Sporadic crash in HashTableAddResult following CSSValuePool::createFontFamilyValue
3554         https://bugs.webkit.org/show_bug.cgi?id=158297
3555
3556         Reviewed by Darin Adler.
3557
3558         In an effort to reduce the flash of unstyled content, we force all elements
3559         to have display: none during an external stylesheet load. We do this by
3560         ignoring the CSS cascade and forcing all elements to have a placeholder style
3561         which hardcodes display: none. (This is necessary to make elements created by
3562         script during the stylesheet load not flash.)
3563
3564         This style is exposed to web content via getComputedStyle(), which means it
3565         needs to maintain the invariant that font-families can never be null strings.
3566         We enforce this by forcing the font-family to be the standard font name.
3567
3568         Test: fast/text/placeholder-renderstyle-null-font.html
3569
3570         * style/StyleTreeResolver.cpp:
3571         (WebCore::Style::ensurePlaceholderStyle):
3572
3573 2016-06-16  Chris Dumez  <cdumez@apple.com>
3574
3575         Avoid some temporary String allocations for common HTTP headers in ResourceResponse::platformLazyInit()
3576         https://bugs.webkit.org/show_bug.cgi?id=158827
3577
3578         Reviewed by Darin Adler.
3579
3580         Add a HTTPHeaderMap::set() overload taking in a CFStringRef. The
3581         implementation has a fast path which gets the internal characters
3582         of the CFStringRef when possible and constructs a StringView for
3583         it in order to call findHTTPHeaderName(). As a result, we avoid
3584         allocating a temporary String when findHTTPHeaderName() succeeds.
3585
3586         This new HTTPHeaderMap::set() overload is called from both the
3587         CF and Cocoa implementations of ResourceResponse::platformLazyInit().
3588
3589         I have confirmed locally on both Mac and iOS that the fast path
3590         is used ~93% of the time. CFStringGetCStringPtr() returns null in
3591         rare cases, causing the regular code path to be used.
3592
3593         * platform/network/HTTPHeaderMap.cpp:
3594         (WebCore::HTTPHeaderMap::set):
3595         * platform/network/HTTPHeaderMap.h:
3596
3597 2016-06-15  Zalan Bujtas  <zalan@apple.com>
3598
3599         Decouple the percent height and positioned descendants maps.
3600         https://bugs.webkit.org/show_bug.cgi?id=158773
3601
3602         Reviewed by David Hyatt and Chris Dumez.
3603
3604         We track renderers with percent height across multiple containers using
3605         HashMap<const RenderBox*, std::unique_ptr<HashSet<const RenderBlock*>>>.
3606         We also use the same data structure to track positioned descendants.
3607         However a positioned renderer can have only one containing block so tracking it
3608         with a 1:many type is defective.
3609         It allows multiple inserts for positioned descendants, which could lead to
3610         inconsistent layout state as the rendering logic expects these type of renderers
3611         with only one containing block.
3612         This patch decouples percent height and positioned tracking by introducing
3613         the PositionedDescendantsMap class. This class is responsible for tracking
3614         the positioned descendants inbetween layouts.
3615
3616         No change in functionality.
3617
3618         Tests: fast/block/positioning/change-containing-block-for-absolute-positioned.html
3619                fast/block/positioning/change-containing-block-for-fixed-positioned.html
3620
3621         * rendering/RenderBlock.cpp:
3622         (WebCore::insertIntoTrackedRendererMaps):
3623         (WebCore::removeFromTrackedRendererMaps):
3624         (WebCore::PositionedDescendantsMap::addDescendant): Add more defensive ASSERT_NOT_REACHED
3625         to the double insert branch when webkit.org/b/158772 gets fixed.
3626         (WebCore::PositionedDescendantsMap::removeDescendant):
3627         (WebCore::PositionedDescendantsMap::removeContainingBlock):
3628         (WebCore::PositionedDescendantsMap::positionedRenderers):
3629         (WebCore::positionedDescendantsMap):
3630         (WebCore::removeBlockFromPercentageDescendantAndContainerMaps):
3631         (WebCore::RenderBlock::~RenderBlock):
3632         (WebCore::RenderBlock::positionedObjects):
3633         (WebCore::RenderBlock::insertPositionedObject):
3634         (WebCore::RenderBlock::removePositionedObject):
3635         (WebCore::RenderBlock::addPercentHeightDescendant):
3636         (WebCore::RenderBlock::removePercentHeightDescendant):
3637         (WebCore::RenderBlock::percentHeightDescendants):
3638         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
3639         (WebCore::removeBlockFromDescendantAndContainerMaps): Deleted.
3640         * rendering/RenderBlock.h:
3641
3642 2016-06-15  David Kilzer  <ddkilzer@apple.com>
3643
3644         Move SoftLinking.h to platform/cococa from platform/mac
3645         <https://webkit.org/b/158825>
3646
3647         Reviewed by Andy Estes.
3648
3649         * PlatformMac.cmake: Update for new directory.
3650         * WebCore.xcodeproj/project.pbxproj: Ditto.
3651         * platform/cocoa/SoftLinking.h: Renamed from Source/WebCore/platform/mac/SoftLinking.h.
3652
3653 2016-06-15  Chris Dumez  <cdumez@apple.com>
3654
3655         [Cocoa] Clean up / optimize ResourceResponse::platformLazyInit(InitLevel)
3656         https://bugs.webkit.org/show_bug.cgi?id=158809
3657
3658         Reviewed by Darin Adler.
3659
3660         Clean up / optimize ResourceResponse::platformLazyInit(InitLevel).
3661
3662         * platform/network/HTTPParsers.cpp:
3663         (WebCore::extractReasonPhraseFromHTTPStatusLine):
3664         * platform/network/HTTPParsers.h:
3665         Have extractReasonPhraseFromHTTPStatusLine() return an AtomicString as the
3666         Reason is stored as an AtomicString on ResourceResponse. Have the
3667         implementation use StringView::subString()::toAtomicString().
3668
3669         * platform/network/cocoa/ResourceResponseCocoa.mm:
3670         (WebCore::stripLeadingAndTrailingDoubleQuote):
3671         Move the stripLeadingAndTrailingDoubleQuote logic from platformLazyInit()
3672         to its own function. Have it use StringView::subString()::toAtomicString()
3673         to avoid unnecessarily atomizing the textEncodingName that has surrounding
3674         double-quotes.
3675
3676         (WebCore::initializeHTTPHeaders):
3677         Move HTTP headers initialization to its own function for clarity.
3678
3679         (WebCore::extractHTTPStatusText):
3680         Move HTTP status Text extraction to its own function for clarity.
3681
3682         (WebCore::ResourceResponse::platformLazyInit):
3683         - The function is streamlined a bit because most of the logic was moved
3684           into separate functions.
3685         - Drop unnecessary (initLevel >= CommonFieldsOnly) check in the first
3686           if case and replace with an assertion. This function is always called
3687           with CommonFieldsOnly or above (AllFields).
3688         - Drop unnecessary (m_initLevel < AllFields) check in the second if
3689           case as this is always true. If not, we would have returned early
3690           at the beginning of the function when checking
3691           m_initLevel >= initLevel.
3692         - Use AutodrainedPool instead of NSAutoreleasePool for convenience and have
3693           only 1 pool instead of 2.
3694         - Drop unnecessary copyNSURLResponseStatusLine() function and call directly
3695           CFHTTPMessageCopyResponseStatusLine() since we already have a
3696           CFHTTPMessageRef at the call site.
3697
3698 2016-06-15  Tim Horton  <timothy_horton@apple.com>
3699
3700         <attachment> elements jump around a lot around when subtitle text changes slightly
3701         https://bugs.webkit.org/show_bug.cgi?id=158818
3702         <rdar://problem/24450270>
3703
3704         Reviewed by Simon Fraser.
3705
3706         Test: fast/attachment/attachment-subtitle-resize.html
3707
3708         * rendering/RenderAttachment.cpp:
3709         (WebCore::RenderAttachment::layout):
3710         * rendering/RenderAttachment.h:
3711         * rendering/RenderThemeMac.mm:
3712         (WebCore::AttachmentLayout::AttachmentLayout):
3713         (WebCore::RenderThemeMac::paintAttachment):
3714         In order to avoid changes to the centered subtitle text causing the whole
3715         attachment to bounce around a lot, make it so that attachment width can only
3716         increase, never decrease, and round the subtitle's width up to the nearest
3717         increment of 10px when determining its affect on the whole element's width.
3718         Also, center the attachment in its element, instead of left-aligning it,
3719         so that the extra width we may have is evenly distributed between the two sides.
3720
3721 2016-06-15  Ryan Haddad  <ryanhaddad@apple.com>
3722
3723         Reset bindings test results after r202105
3724
3725         Unreviewed test gardening.
3726
3727         * bindings/scripts/test/JS/JSTestObj.cpp:
3728
3729 2016-06-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3730
3731         WebRTC: (Refactor) Align the structure of RTCPeerConnection.idl with the header file
3732         https://bugs.webkit.org/show_bug.cgi?id=158779
3733
3734         Reviewed by Eric Carlson.
3735
3736         Restructure RTCPeerConnection.idl to make it easer to read and extend in the future.
3737
3738         No change in behavior.
3739
3740         * Modules/mediastream/RTCPeerConnection.idl:
3741
3742 2016-06-15  Chris Dumez  <cdumez@apple.com>
3743
3744         Drop some unnecessary header includes
3745         https://bugs.webkit.org/show_bug.cgi?id=158788
3746
3747         Reviewed by Alexey Proskuryakov.
3748
3749         Drop some unnecessary header includes in headers to speed up build time.
3750
3751         * Modules/encryptedmedia/MediaKeySession.cpp:
3752         * Modules/gamepad/GamepadManager.cpp:
3753         * Modules/indexeddb/IDBDatabase.cpp:
3754         * Modules/indexeddb/IDBOpenDBRequest.cpp:
3755         * Modules/indexeddb/IDBRequest.cpp:
3756         * Modules/indexeddb/IDBTransaction.cpp:
3757         * Modules/mediasource/MediaSource.cpp:
3758         * Modules/mediasource/SourceBuffer.cpp:
3759         * Modules/mediasource/SourceBufferList.cpp:
3760         * Modules/mediastream/MediaStream.cpp:
3761         * Modules/mediastream/MediaStreamTrack.cpp:
3762         * Modules/speech/SpeechSynthesis.cpp:
3763         * Modules/webaudio/AudioScheduledSourceNode.cpp:
3764         * Modules/webaudio/ScriptProcessorNode.cpp:
3765         * bindings/scripts/CodeGeneratorJS.pm:
3766         (GenerateImplementation):
3767         * dom/CharacterData.cpp:
3768         * dom/ContainerNode.cpp:
3769         * dom/DOMNamedFlowCollection.cpp:
3770         * dom/DeviceMotionController.cpp:
3771         * dom/DeviceOrientationController.cpp:
3772         * dom/Document.cpp:
3773         * dom/Document.h:
3774         * dom/DocumentEventQueue.cpp:
3775         * dom/DocumentOrderedMap.h:
3776         * dom/Element.cpp:
3777         * dom/Event.cpp:
3778         * dom/EventDispatcher.cpp:
3779         * dom/EventTarget.cpp:
3780         * dom/EventTarget.h:
3781         * dom/KeyboardEvent.cpp:
3782         * dom/MessageEvent.cpp:
3783         * dom/MessagePort.cpp:
3784         * dom/ScriptElement.cpp:
3785         * dom/ScriptExecutionContext.cpp:
3786         * dom/ScriptExecutionContext.h:
3787         * dom/SecurityContext.h:
3788         * dom/SimulatedClick.cpp:
3789         * dom/TextEvent.cpp:
3790         * dom/WebKitNamedFlow.cpp:
3791         * editing/FrameSelection.cpp:
3792         * fileapi/FileReader.cpp:
3793         * html/HTMLLinkElement.cpp:
3794         * html/HTMLPlugInImageElement.cpp:
3795         * html/HTMLStyleElement.cpp:
3796         * html/HTMLSummaryElement.cpp:
3797         * html/HTMLTrackElement.cpp:
3798         * html/HTMLVideoElement.cpp:
3799         * html/InputType.cpp:
3800         * html/MediaController.cpp:
3801         * html/TextFieldInputType.cpp:
3802         * html/canvas/WebGLRenderingContextBase.cpp:
3803         * html/parser/HTMLScriptRunner.cpp:
3804         * html/shadow/MediaControlElementTypes.cpp:
3805         * html/shadow/MediaControls.cpp:
3806         * html/shadow/MediaControlsApple.cpp:
3807         * html/shadow/SliderThumbElement.cpp:
3808         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
3809         * inspector/InspectorIndexedDBAgent.cpp:
3810         * loader/DocumentLoader.cpp:
3811         * loader/ImageLoader.cpp:
3812         * loader/PolicyChecker.cpp:
3813         * mathml/MathMLSelectElement.cpp:
3814         * page/DOMWindow.h:
3815         * page/EventSource.cpp:
3816         * page/FrameView.cpp:
3817         * page/Performance.cpp:
3818         * page/csp/ContentSecurityPolicy.cpp:
3819         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
3820         * platform/network/HTTPHeaderMap.h:
3821         * platform/network/ResourceHandle.cpp:
3822         * rendering/RenderEmbeddedObject.cpp:
3823         * rendering/RenderSnapshottedPlugIn.cpp:
3824         * svg/SVGSVGElement.cpp:
3825         * svg/SVGUseElement.cpp:
3826         * svg/animation/SVGSMILElement.cpp:
3827         * workers/WorkerGlobalScope.h:
3828         * xml/XMLHttpRequest.cpp:
3829         * xml/XMLHttpRequestProgressEventThrottle.cpp:
3830         * xml/XMLHttpRequestUpload.cpp:
3831
3832 2016-06-15  Antti Koivisto  <antti@apple.com>
3833
3834         GoogleMaps transit schedule explorer comes up blank initially
3835         https://bugs.webkit.org/show_bug.cgi?id=158803
3836         rdar://problem/25818080
3837
3838         Reviewed by Andreas Kling.
3839
3840         In case we had something like
3841
3842         .foo bar { ... }
3843
3844         and later a new stylesheet was added dynamically that contained
3845
3846         .foo baz { ... }
3847
3848         we would fail to add the new rules to the descendant invalidation rule sets for ".foo". This could
3849         cause some style invalidations to be missed.
3850
3851         * css/DocumentRuleSets.cpp:
3852         (WebCore::DocumentRuleSets::collectFeatures):
3853
3854         Reset the ancestorClassRules and ancestorAttributeRulesForHTML rule set caches when new style sheets
3855         are added (==collectFeatures is called).
3856
3857 2016-06-15  Javier Fernandez  <jfernandez@igalia.com>
3858
3859         [css-sizing] Item borders are missing with 'min-width:-webkit-fill-available' and zero available width
3860         https://bugs.webkit.org/show_bug.cgi?id=158258
3861
3862         Reviewed by Darin Adler.
3863
3864         The "fill-available" size is defined as the containing block's size less
3865         the box's border and padding size. However, when used for min-width we
3866         should ensure we don't get negative values as result of logical width
3867         computation.
3868
3869         http://www.w3.org/TR/css-sizing-3/#fill-available-sizing
3870
3871         This patch ensure fill-available value computed value will be always
3872         greater than box's boder and padding width.
3873
3874         Test: fast/css-intrinsic-dimensions/fill-available-with-zero-width.html
3875
3876         * rendering/RenderBox.cpp:
3877         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
3878
3879 2016-06-15  Alex Christensen  <achristensen@webkit.org>
3880
3881         Fix 2d canvas transform after r192900
3882         https://bugs.webkit.org/show_bug.cgi?id=158725
3883         rdar://problem/26774230
3884
3885         Reviewed by Dean Jackson.
3886
3887         Test: fast/canvas/canvas-transform-inverse.html
3888
3889         * html/canvas/CanvasRenderingContext2D.cpp:
3890         (WebCore::CanvasRenderingContext2D::transform):
3891         r192900 was intended to have no change in behavior, but I made a typo.
3892         We need to apply the inverse of the original transform to the path to be correct.
3893         This affects transforms applied to the canvas during the creation of a path.
3894
3895 2016-06-15  Eric Carlson  <eric.carlson@apple.com>
3896
3897         [iOS] Make HTMLMediaElement.muted mutable
3898         https://bugs.webkit.org/show_bug.cgi?id=158787
3899         <rdar://problem/24452567>
3900
3901         Reviewed by Dean Jackson.
3902
3903         Tests: media/audio-playback-restriction-removed-muted.html
3904                media/audio-playback-restriction-removed-track-enabled.html
3905
3906         * html/HTMLMediaElement.cpp:
3907         (WebCore::HTMLMediaElement::audioTrackEnabledChanged): Remove most behavior restrictions if
3908           the track state was changed as a result of a user gesture.
3909         (WebCore::HTMLMediaElement::setMuted): Ditto.
3910         (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Add mask 
3911           parameter so caller can choose which restrictions are removed.
3912         * html/HTMLMediaElement.h:
3913
3914         * html/MediaElementSession.cpp:
3915         (WebCore::restrictionName): Drive-by fix: remove duplicate label.
3916         * html/MediaElementSession.h:
3917
3918         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
3919         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3920         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Set muted on AVPlayer if setMuted
3921           was called before the player was created.
3922         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Drive-by fix: return early if there
3923           is no AVPlayer, not if we won't have metadata yet.
3924         (WebCore::MediaPlayerPrivateAVFoundationObjC::setMuted): New.
3925
3926 2016-06-15  Romain Bellessort  <romain.bellessort@crf.canon.fr>
3927
3928         Enabling Shadow DOM for all platforms
3929         https://bugs.webkit.org/show_bug.cgi?id=158738
3930
3931         Reviewed by Ryosuke Niwa.
3932
3933         No new tests (no new behavior to be tested).
3934
3935         Removed Shadow DOM from options (enabled by default)
3936         (comprises removal of corresponding preprocessor directives)
3937
3938         * Configurations/FeatureDefines.xcconfig:
3939         * DerivedSources.make:
3940         * bindings/generic/RuntimeEnabledFeatures.h:
3941         * bindings/js/JSDocumentFragmentCustom.cpp:
3942         * bindings/js/JSNodeCustom.cpp:
3943         * css/CSSGrammar.y.in:
3944         * css/CSSParser.cpp:
3945         * css/CSSParserValues.cpp:
3946         * css/CSSParserValues.h:
3947         * css/CSSSelector.cpp:
3948         * css/CSSSelector.h:
3949         * css/ElementRuleCollector.cpp:
3950         * css/ElementRuleCollector.h:
3951         * css/RuleSet.cpp:
3952         * css/RuleSet.h:
3953         * css/SelectorChecker.cpp:
3954         * css/SelectorChecker.h:
3955         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
3956         * css/StyleResolver.cpp:
3957         * cssjit/SelectorCompiler.cpp:
3958         * dom/ComposedTreeAncestorIterator.h:
3959         * dom/ComposedTreeIterator.cpp:
3960         * dom/ComposedTreeIterator.h:
3961         * dom/ContainerNode.cpp:
3962         * dom/Document.cpp:
3963         * dom/Document.h:
3964         * dom/Element.cpp:
3965         * dom/Element.h:
3966         * dom/Element.idl:
3967         * dom/Event.idl:
3968         * dom/EventPath.cpp:
3969         * dom/Node.cpp:
3970         * dom/Node.h:
3971         * dom/NonDocumentTypeChildNode.idl:
3972         * dom/ShadowRoot.cpp:
3973         * dom/ShadowRoot.h:
3974         * dom/ShadowRoot.idl:
3975         * dom/SlotAssignment.cpp:
3976         * dom/SlotAssignment.h:
3977         * html/HTMLSlotElement.cpp:
3978         * html/HTMLSlotElement.h:
3979         * html/HTMLSlotElement.idl:
3980         * html/HTMLTagNames.in:
3981         * page/FocusController.cpp:
3982         * style/StyleSharingResolver.cpp:
3983         * style/StyleTreeResolver.cpp:
3984
3985 2016-06-15  Andreas Kling  <akling@apple.com>
3986
3987         [Cocoa] Add two notify listeners for poking the garbage collector.
3988         <https://webkit.org/b/158783>
3989
3990         Reviewed by Antti Koivisto.
3991
3992         Add two new notify listeners:
3993
3994         - com.apple.WebKit.fullGC
3995