Touch properties should be on the prototype
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-25  Chris Dumez  <cdumez@apple.com>
2
3         Touch properties should be on the prototype
4         https://bugs.webkit.org/show_bug.cgi?id=160174
5
6         Reviewed by Ryosuke Niwa.
7
8         Touch properties should be on the prototype:
9         - https://w3c.github.io/touch-events/#idl-def-touch
10
11         Chrome agrees with the specification.
12
13         Test: platform/ios-simulator/ios/touch/Touch-attributes-prototype.html
14
15         * bindings/scripts/CodeGeneratorJS.pm:
16         (InterfaceRequiresAttributesOnInstanceForCompatibility): Deleted.
17
18 2016-07-25  Jeremy Jones  <jeremyj@apple.com>
19
20         Set MediaRemote playback state based on MediaSession playback state.
21         https://bugs.webkit.org/show_bug.cgi?id=160177
22
23         Reviewed by Eric Carlson.
24
25         Use playback session state to update media remote playback state instead of 
26         unconditionally setting it to playing.
27
28         * platform/audio/mac/MediaSessionManagerMac.mm:
29         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):
30
31 2016-07-25  Zalan Bujtas  <zalan@apple.com>
32
33         RenderBox::haveSameDirection is used only by table items.
34         https://bugs.webkit.org/show_bug.cgi?id=160141
35
36         Reviewed by Simon Fraser.
37
38         Remove RenderBox::haveSameDirection() since it's used only by RenderTable*
39         classes. The new stand alone function (with 2 arguments) now checks if both of
40         the objects are valid. 
41
42         No change in functionality.
43
44         * rendering/RenderBox.h:
45         (WebCore::RenderBox::hasSameDirectionAs): Deleted.
46         * rendering/RenderTable.cpp:
47         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
48         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
49         * rendering/RenderTable.h:
50         (WebCore::haveSameDirection):
51         * rendering/RenderTableCell.cpp:
52         (WebCore::RenderTableCell::hasStartBorderAdjoiningTable):
53         (WebCore::RenderTableCell::hasEndBorderAdjoiningTable):
54         * rendering/RenderTableCell.h:
55         (WebCore::RenderTableCell::borderAdjoiningTableStart):
56         (WebCore::RenderTableCell::borderAdjoiningTableEnd):
57         * rendering/RenderTableRow.h:
58         (WebCore::RenderTableRow::borderAdjoiningTableStart):
59         (WebCore::RenderTableRow::borderAdjoiningTableEnd):
60         * rendering/RenderTableSection.cpp:
61         (WebCore::RenderTableSection::borderAdjoiningStartCell):
62         (WebCore::RenderTableSection::borderAdjoiningEndCell):
63         (WebCore::RenderTableSection::firstRowCellAdjoiningTableStart):
64         (WebCore::RenderTableSection::firstRowCellAdjoiningTableEnd):
65         * rendering/RenderTableSection.h:
66         (WebCore::RenderTableSection::borderAdjoiningTableStart):
67         (WebCore::RenderTableSection::borderAdjoiningTableEnd):
68
69 2016-07-25  Chris Dumez  <cdumez@apple.com>
70
71         ClientRect properties should be on the prototype
72         https://bugs.webkit.org/show_bug.cgi?id=160165
73
74         Reviewed by Geoffrey Garen.
75
76         Move ClientRect properties from the instance to the prototype. This
77         matches the specification, Firefox and Chrome.
78
79         Also add a serializer to ClientRect in order to match the specification:
80         - https://drafts.fxtf.org/geometry/Overview.html#domrectreadonly
81         - https://heycam.github.io/webidl/#es-serializer
82
83         This avoids breaking content that relies on JSON.stringify() to
84         serialize ClientRect objects.
85
86         Tests: fast/css/ClientRect-attributes-prototype.html
87                fast/css/ClientRect-serialization.html
88
89         * CMakeLists.txt:
90         * WebCore.xcodeproj/project.pbxproj:
91         * bindings/js/JSBindingsAllInOne.cpp:
92         * bindings/js/JSClientRectCustom.cpp: Added.
93         (WebCore::JSClientRect::toJSON):
94         * bindings/scripts/CodeGeneratorJS.pm:
95         * dom/ClientRect.idl:
96
97 2016-07-25  Chris Dumez  <cdumez@apple.com>
98
99         Parameters to DOMImplementation.createDocumentType() should be mandatory and non-nullable
100         https://bugs.webkit.org/show_bug.cgi?id=160167
101
102         Reviewed by Ryosuke Niwa.
103
104         Parameters to DOMImplementation.createDocumentType() should be mandatory
105         and non-nullable:
106         - https://dom.spec.whatwg.org/#domimplementation
107
108         Firefox and Chrome both agree with the specification. However, those
109         parameters were nullable and optional in WebKit.
110
111         Test: fast/dom/DOMImplementation/createDocumentType-parameters.html
112
113         * dom/DOMImplementation.idl:
114
115 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
116
117         Media controls should not be displayed for a video until it starts playing
118         https://bugs.webkit.org/show_bug.cgi?id=160092
119         <rdar://problem/26986673>
120
121         Reviewed by Beth Dakin.
122
123         For videos that have never played back yet, we should not show media controls. To ensure this
124         behavior, we ensure that the playback behavior restriction is set upon creating the media
125         element. This restriction is then removed when the media element begins to play.
126
127         Added two new WebKit API tests.
128
129         * html/HTMLMediaElement.cpp:
130         (WebCore::HTMLMediaElement::HTMLMediaElement):
131
132 2016-07-25  Jiewen Tan  <jiewen_tan@apple.com>
133
134         Rename SubtleCrypto to WebKitSubtleCrypto
135         https://bugs.webkit.org/show_bug.cgi?id=160067
136         <rdar://problem/27483617>
137
138         Reviewed by Brent Fulgham.
139
140         Tests: crypto/webkitSubtle/gc-2.html
141                crypto/webkitSubtle/gc-3.html
142                crypto/webkitSubtle/gc.html
143
144         Rename Class SubtleCrypto to WebKitSubtleCrypto, and Crypto.subtle to Crypto.webkitSubtle in order
145         to let the new implementation to reuse the name SubtleCrypto. This renaming should match what our
146         current JSBindings use, and therefore should not introduce any change of behavoir.
147
148         * CMakeLists.txt:
149         Revise project files for for new file names.
150         * DerivedSources.cpp:
151         * DerivedSources.make:
152         * PlatformEfl.cmake:
153         * PlatformGTK.cmake:
154         * PlatformMac.cmake:
155         * WebCore.xcodeproj/project.pbxproj:
156         Revise project files for for new file names.
157         * bindings/js/JSWebKitSubtleCryptoCustom.cpp: Renamed from Source/WebCore/bindings/js/JSSubtleCryptoCustom.cpp.
158         * crypto/WebKitSubtleCrypto.cpp: Renamed from Source/WebCore/crypto/SubtleCrypto.cpp.
159         * crypto/WebKitSubtleCrypto.h: Renamed from Source/WebCore/crypto/SubtleCrypto.h.
160         * crypto/WebKitSubtleCrypto.idl: Renamed from Source/WebCore/crypto/SubtleCrypto.idl.
161         * page/Crypto.cpp:
162         (WebCore::Crypto::webkitSubtle):
163         (WebCore::Crypto::subtle): Deleted.
164         * page/Crypto.h:
165         * page/Crypto.idl:
166
167 2016-07-25  Brady Eidson  <beidson@apple.com>
168
169         Allow LocalStorage by default for file URLs.
170         https://bugs.webkit.org/show_bug.cgi?id=160169
171
172         Reviewed by Brent Fulgham.
173
174         Test: storage/domstorage/localstorage/file-can-access.html
175
176         * page/SecurityOrigin.cpp:
177         (WebCore::SecurityOrigin::canAccessStorage): Remove the m_universalAccess check for local URLs.
178
179 2016-07-25  Nan Wang  <n_wang@apple.com>
180
181         AX: AccessibilityRenderObject is adding duplicated children when CSS first-letter is being used.
182         https://bugs.webkit.org/show_bug.cgi?id=160155
183
184         Reviewed by Chris Fleizach.
185
186         We were adding the same text node twice if CSS first-letter selector was being used. Added a
187         check for the inline continuation so that we only add it once. 
188
189         Test: accessibility/mac/css-first-letter-children.html
190
191         * accessibility/AccessibilityRenderObject.cpp:
192         (WebCore::firstChildConsideringContinuation):
193
194 2016-07-25  Wenson Hsieh  <wenson_hsieh@apple.com>
195
196         Media controls on apple.com don't disappear when movie finishes playing
197         https://bugs.webkit.org/show_bug.cgi?id=160068
198         <rdar://problem/26668526>
199
200         Reviewed by Darin Adler.
201
202         When a video ends, it should cause media controls to hide. While current logic
203         mostly accounts for this, it does not account for programmatic seeks causing
204         the video to lose its 'ended' status before querying for whether or not to
205         show media controls.
206
207         Three new API tests: large-video-seek-after-ending.html
208         large-video-hides-controls-after-seek-to-end.html
209         large-video-seek-to-beginning-and-play-after-ending.html
210
211         * html/HTMLMediaElement.cpp:
212         (WebCore::HTMLMediaElement::mediaPlayerTimeChanged):
213         (WebCore::HTMLMediaElement::setPlaying):
214         * html/MediaElementSession.cpp:
215         (WebCore::MediaElementSession::canControlControlsManager):
216         * html/MediaElementSession.h:
217
218 2016-07-25  Frederic Wang  <fwang@igalia.com>
219
220         Introduce a MathMLOperatorElement class
221         https://bugs.webkit.org/show_bug.cgi?id=160034
222
223         Reviewed by Darin Adler.
224
225         No new tests, rendering is unchaned.
226
227         * CMakeLists.txt: Add MathMLOperatorElement to the build file.
228         * WebCore.xcodeproj/project.pbxproj: Ditto.
229         * mathml/MathMLAllInOne.cpp: Ditto.
230         * mathml/MathMLOperatorElement.cpp: New DOM class for <mo> element.
231         (WebCore::MathMLOperatorElement::MathMLOperatorElement):
232         (WebCore::MathMLOperatorElement::create):
233         (WebCore::MathMLOperatorElement::parseAttribute): Handle mo attributes.
234         (WebCore::MathMLOperatorElement::createElementRenderer): Create RenderMathMLOperator.
235         * mathml/MathMLOperatorElement.h: Declare a class deriving from MathMLTextElement.
236         * mathml/MathMLTextElement.cpp: Remove all the RenderMathMLOperator parts.
237         (WebCore::MathMLTextElement::MathMLTextElement): Remove inline keyword so that the class can
238         be overriden.
239         (WebCore::MathMLTextElement::parseAttribute): Remove code handled in MathMLOperatorElement.
240         (WebCore::MathMLTextElement::createElementRenderer): Ditto.
241         * mathml/MathMLTextElement.h: Make class and members overridable.
242         * mathml/mathtags.in: Map mo to MathMLOperatorElement.
243         * rendering/mathml/RenderMathMLOperator.cpp:
244         (WebCore::RenderMathMLOperator::RenderMathMLOperator): Make the constructor take a
245         MathMLOperatorElement.
246         * rendering/mathml/RenderMathMLOperator.h: Ditto.
247
248 2016-07-25  Darin Adler  <darin@apple.com>
249
250         Speed up make process slightly by improving "list of files" idiom
251         https://bugs.webkit.org/show_bug.cgi?id=160164
252
253         Reviewed by Mark Lam.
254
255         * DerivedSources.make: Change rules that build lists of files to only run when
256         DerivedSources.make has been modified since the last time they were run. Since the
257         list of files are inside this file, this is safe, and this is faster than always
258         comparing and regenerating the file containing the list of files each time.
259
260 2016-07-24  Wenson Hsieh  <wenson_hsieh@apple.com>
261
262         The web process hangs when computing elements-based snap points for a container with large max scroll offset
263         https://bugs.webkit.org/show_bug.cgi?id=152605
264         <rdar://problem/25353661>
265
266         Reviewed by Simon Fraser.
267
268         Fixes a bug in the computation of axis snap points. The ScrollSnapPoints object, which tracks
269         snap points along a particular axis, has two flags, hasRepeat and usesElements. For elements-
270         based snapping, both flags would be turned on, since StyleBuilderConverter::convertScrollSnapPoints
271         short-circuits for elements-based snapping and does not default usesRepeat to false. To address this,
272         we make ScrollSnapPoints not repeat(100%) by default.
273
274         Test: css3/scroll-snap/scroll-snap-elements-container-larger-than-children.html
275
276         * css/StyleBuilderConverter.h:
277         (WebCore::StyleBuilderConverter::convertScrollSnapPoints): Deleted.
278         * rendering/style/StyleScrollSnapPoints.cpp:
279         (WebCore::ScrollSnapPoints::ScrollSnapPoints):
280
281 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
282
283         REGRESSION(r200931): Invalid cast in highestAncestorToWrapMarkup()
284         https://bugs.webkit.org/show_bug.cgi?id=160163
285
286         Reviewed by Michael Catanzaro.
287
288         Since r200931 the result of enclosingNodeOfType() in highestAncestorToWrapMarkup() is downcasted to Element, but
289         the result of enclosingNodeOfType() can be a Node that is not an Element, in this case is Text. The cast is not
290         needed at all since that node is passed to editingIgnoresContent() and selectionFromContentsOfNode() and both
291         receive a Node not an Element.
292
293         * editing/markup.cpp:
294         (WebCore::highestAncestorToWrapMarkup): Remove invalid cast.
295
296 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
297
298         [Coordinated Graphics] ASSERTION FAILED: m_coordinator->isFlushingLayerChanges() in fast/repaint/animation-after-layer-scroll.html
299         https://bugs.webkit.org/show_bug.cgi?id=160156
300
301         Reviewed by Michael Catanzaro.
302
303         So, we fixed an assertion in r203663, but now is hitting the next one. As explained in bug #160142, flush
304         compositing state can be triggered in tests by RenderLayerCompositor::layerTreeAsText(), without the coordinator
305         even noticing it, so the assert can be just removed.
306
307         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
308         (WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly): Remove incorrect assert.
309
310 2016-07-25  Zalan Bujtas  <zalan@apple.com>
311
312         EllipsisBox ctor's isVertical parameter should read isHorizontal.
313         https://bugs.webkit.org/show_bug.cgi?id=160153
314
315         Reviewed by Andreas Kling.
316
317         It indicates whether the ellipsis box is horizontal. (both the callsites
318         and the parent class use isHorizontal)
319
320         No change in functionality.
321
322         * rendering/EllipsisBox.cpp:
323         (WebCore::EllipsisBox::EllipsisBox):
324         * rendering/EllipsisBox.h:
325
326 2016-07-25  Sergio Villar Senin  <svillar@igalia.com>
327
328         [css-grid] Implement repeat(auto-fit)
329         https://bugs.webkit.org/show_bug.cgi?id=159771
330
331         Reviewed by Darin Adler.
332
333         The auto-fit keyword works exactly as the already implemented auto-fill except that all
334         empty tracks collapse (became 0px). Absolutely positioned items do not participate on the
335         layout of the grid so they are not considered (a grid with only absolutely positioned items
336         is considered an empty grid).
337
338         Whenever a track collapses the gutters on either side do also collapse. When a collapsed
339         track's gutters collapse, they coincide exactly. If one side of a collapsed track does not
340         have a gutter then collapsing its gutters results in no gutter on either "side" of the
341         collapsed track.
342
343         In practice this means that is not possible to know the gap between 2 consecutive auto
344         repeat tracks without examining some others whenever there are collapsed tracks.
345
346         Uncommented the auto-fit cases from Mozilla tests. They have to be adapted as the reftest
347         machinery requires all the content to be rendered in the original 800x600 viewport.
348
349         Tests: fast/css-grid-layout/grid-auto-fit-columns.html
350         fast/css-grid-layout/grid-auto-fit-rows.html
351         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-1.html
352         fast/css-grid-layout/mozilla/grid-repeat-auto-fill-fit-005-part-2.html
353
354         * css/CSSComputedStyleDeclaration.cpp:
355         (WebCore::valueForGridTrackList): Use the newly added trackSizesForComputedStyle().
356         * rendering/RenderGrid.cpp:
357         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
358         (WebCore::RenderGrid::computeTrackSizesForDirection):
359         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
360         (WebCore::RenderGrid::gridGapForDirection): Returns the gap directly from the style.
361         (WebCore::RenderGrid::guttersSize): Computes the gap between a startLine and an
362         endLine. This method may need to inspect some other surrounding tracks to compute the gap.
363         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
364         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
365         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
366         (WebCore::RenderGrid::gridTrackSize):
367         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
368         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
369         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat): Returns a Vector with the auto
370         repeat tracks that are going to be collapsed because they're empty.
371         (WebCore::RenderGrid::placeItemsOnGrid):
372         (WebCore::RenderGrid::trackSizesForComputedStyle): Used by ComputedStyle logic to print the
373         size of tracks. Added in order to hide the actual contents of m_columnPositions and
374         m_rowPositions to the outter world.
375         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
376         (WebCore::RenderGrid::gridAreaBreadthForChild):
377         (WebCore::RenderGrid::populateGridPositionsForDirection): Added some extra code to compute
378         gaps as they cannot be directly added between tracks in case of having collapsed tracks.
379         (WebCore::RenderGrid::columnAxisOffsetForChild):
380         (WebCore::RenderGrid::rowAxisOffsetForChild):
381         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
382         * rendering/RenderGrid.h: Made some API private. Added new required methods/attributes.
383
384         * css/CSSComputedStyleDeclaration.cpp:
385         (WebCore::valueForGridTrackList):
386         * rendering/RenderGrid.cpp:
387         (WebCore::RenderGrid::computeTrackBasedLogicalHeight):
388         (WebCore::RenderGrid::computeTrackSizesForDirection):
389         (WebCore::RenderGrid::hasAutoRepeatEmptyTracks):
390         (WebCore::RenderGrid::isEmptyAutoRepeatTrack):
391         (WebCore::RenderGrid::gridGapForDirection):
392         (WebCore::RenderGrid::guttersSize):
393         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
394         (WebCore::RenderGrid::computeIntrinsicLogicalHeight):
395         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
396         (WebCore::RenderGrid::gridTrackSize):
397         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
398         (WebCore::RenderGrid::computeAutoRepeatTracksCount):
399         (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat):
400         (WebCore::RenderGrid::placeItemsOnGrid):
401         (WebCore::RenderGrid::trackSizesForComputedStyle):
402         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
403         (WebCore::RenderGrid::assumedRowsSizeForOrthogonalChild):
404         (WebCore::RenderGrid::gridAreaBreadthForChild):
405         (WebCore::RenderGrid::populateGridPositionsForDirection):
406         (WebCore::RenderGrid::columnAxisOffsetForChild):
407         (WebCore::RenderGrid::rowAxisOffsetForChild):
408         (WebCore::RenderGrid::offsetBetweenTracks): Deleted.
409         * rendering/RenderGrid.h:
410
411 2016-07-24  Frederic Wang  <fwang@igalia.com>
412
413         Move parsing of display, displaystyle and mathvariant attributes into MathML element classes
414         https://bugs.webkit.org/show_bug.cgi?id=159623
415
416         Reviewed by Brent Fulgham.
417
418         No new tests, already covered by existing tests.
419
420         * mathml/MathMLElement.cpp:
421         (WebCore::MathMLElement::parseMathVariantAttribute): Move helper function to parse the
422         mathvariant attribute.
423         (WebCore::MathMLElement::getSpecifiedDisplayStyle): Helper function to set the displaystyle
424         value from the attribute specified on the MathML element.
425         (WebCore::MathMLElement::getSpecifiedMathVariant): Helper function to set the mathvariant
426         value from the attribute specified on the MathML element.
427         * mathml/MathMLElement.h: Move the enum for mathvariant values and declare new members.
428         (WebCore::MathMLElement::acceptsDisplayStyleAttribute): Indicate whether the element accepts
429         displaystyle attribute (false for most of them).
430         (WebCore::MathMLElement::acceptsMathVariantAttribute): Indicate whether the element accepts
431         mathvariant attribute (false for most of them).
432         * mathml/MathMLInlineContainerElement.cpp:
433         (WebCore::MathMLInlineContainerElement::acceptsDisplayStyleAttribute): Add mstyle and mtable
434         to the list of elements accepting the displaystyle attribute.
435         (WebCore::MathMLInlineContainerElement::acceptsMathVariantAttribute): Add mstyle to the list
436         of elements accepting the mathvariant attribute.
437         (WebCore::MathMLInlineContainerElement::parseAttribute): Mark displaystyle and mathvariant
438         dirty if necessary. Also use the new accepts*Attribute function.
439         * mathml/MathMLInlineContainerElement.h: Declare overridden accepts*Attribute members.
440         * mathml/MathMLMathElement.cpp:
441         (WebCore::MathMLMathElement::getSpecifiedDisplayStyle): Override acceptsDisplayStyleAttribute
442         so that the display attribute is also used to set the default value if the displaystyle
443         attribute is absent.
444         (WebCore::MathMLMathElement::parseAttribute): Mark displaystyle and mathvariant dirty if
445         necessary. We directly MathMLElement::parseAttribute to avoid duplicate work.
446         * mathml/MathMLMathElement.h: Add the math tag to the list of elements accepting the
447         displaystyle and mathvariant attributes. Declare overridden getSpecifiedDisplayStyle.
448         * mathml/MathMLTextElement.cpp:
449         (WebCore::MathMLTextElement::parseAttribute): Mark mathvariant as dirty.
450         * mathml/MathMLTextElement.h: Add token elements to the list of elements accepting the
451         mathvariant attribute.
452         * rendering/mathml/MathMLStyle.cpp:
453         (WebCore::MathMLStyle::updateStyleIfNeeded): Use the new MathMLElement::MathVariant enum.
454         (WebCore::MathMLStyle::resolveMathMLStyle):  We no longer parse the display value to
455         initialize the default value on the math tag, because this is handled in
456         getSpecifiedDisplayStyle. In general, we also just call getSpecifiedDisplayStyle and
457         getSpecifiedMathVariant on the MathML elements instead of parsing the displaystyle and
458         mathvariant attributes here.
459         (WebCore::MathMLStyle::parseMathVariant): Deleted. This is moved into MathMLElement.
460         * rendering/mathml/MathMLStyle.h: Use the new MathMLElement::MathVariant enum.
461         * rendering/mathml/RenderMathMLToken.cpp: Ditto.
462         (WebCore::mathVariant): Ditto.
463         (WebCore::RenderMathMLToken::updateMathVariantGlyph): Ditto.
464
465 2016-07-25  Carlos Garcia Campos  <cgarcia@igalia.com>
466
467         Unreviewed. Remove unneeded header includes from CoordinatedGraphicsLayer.
468
469         Not only thjey are not needed, they are a layer violation, CoordinatedGraphicsLayer shouldn't know anything
470         about Page, Frame and FrameView.
471
472         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
473         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
474
475 2016-07-24  Youenn Fablet  <youenn@apple.com>
476
477         [Fetch API] Request should be created with any HeadersInit data
478         https://bugs.webkit.org/show_bug.cgi?id=159672
479
480         Reviewed by Sam Weinig.
481
482         Made Request use JSBuiltinConstructor.
483         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
484         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
485         Future effort should be made to migrate more initialization code in initializeFetchRequest.
486
487         Made window and worker fetch function as a JS built-in.
488         This becomes more handy as these new functions can construct the Request object.
489         They can then call a single private function that takes a Request object as input.
490         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
491
492         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
493         private functions atttached to global objects.
494
495         Covered by existing and modified tests.
496         Binding generator test covered by updated binding tests.
497
498         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
499         * DerivedSources.make: Ditto.
500         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
501         (WebCore::DOMWindowFetch::fetch):
502         * Modules/fetch/DOMWindowFetch.h: Ditto.
503         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
504         * Modules/fetch/DOMWindowFetch.js: Added.
505         (fetch):
506         * Modules/fetch/FetchHeaders.h:
507         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
508         * Modules/fetch/FetchRequest.cpp: 
509         (WebCore::buildHeaders): Removed as implemented in JS.
510         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
511         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
512         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
513         (WebCore::buildBody): Deleted.
514         * Modules/fetch/FetchRequest.h:
515         * Modules/fetch/FetchRequest.idl:
516         * Modules/fetch/FetchRequest.js: Added.
517         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
518         * Modules/fetch/FetchResponse.cpp:
519         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
520         * Modules/fetch/FetchResponse.h:
521         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
522         (WebCore::WorkerGlobalScopeFetch::fetch):
523         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
524         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
525         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
526         (fetch):
527         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
528         * bindings/scripts/CodeGenerator.pm:
529         (WK_lcfirst): Replacing dOM by dom.
530         * bindings/scripts/CodeGeneratorJS.pm:
531         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
532         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
533         (WebCore::JSTestGlobalObject::finishCreation):
534         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
535         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
536         (-[DOMTestGlobalObject testJSBuiltinFunction]):
537         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
538
539 2016-07-24  Nan Wang  <n_wang@apple.com>
540
541         AX: Video Controls: Volume cannot be adjusted using VO.
542         https://bugs.webkit.org/show_bug.cgi?id=160107
543
544         Reviewed by Dean Jackson.
545
546         The volume slider in video tag had 0.01 step which caused the screen reader adjusting it slowly.
547         Changed the step to 0.05 and added the aria-valuetext attribute to the slider, so that the value
548         is spoken in percentage. 
549
550         Test: accessibility/mac/video-volume-slider-accessibility.html
551
552         * Modules/mediacontrols/mediaControlsApple.js:
553         (Controller.prototype.createControls):
554         (Controller.prototype.handleVolumeSliderInput):
555         (Controller.prototype.updateVolume):
556
557 2016-07-24  David Kilzer  <ddkilzer@apple.com>
558
559         REGRESSION (r203106): Crash in WebCore::MathMLElement::parseMathMLLength()
560         <https://webkit.org/b/160111>
561         <rdar://problem/27506489>
562
563         Reviewed by Chris Dumez.
564
565         Test: mathml/mpadded-crash.html
566
567         * mathml/MathMLElement.cpp:
568         (WebCore::skipLeadingAndTrailingWhitespace): Change to take
569         StringView parameter instead of String to avoid creating a
570         temporary String that's released on return.
571
572 2016-07-24  Carlos Garcia Campos  <cgarcia@igalia.com>
573
574         [Coordinated Graphics] ASSERTION FAILED: !m_flushingLayers in fast/repaint/animation-after-layer-scroll.html
575         https://bugs.webkit.org/show_bug.cgi?id=160142
576
577         Reviewed by Michael Catanzaro.
578
579         This only happens in layout tests, because it happens when RenderLayerCompositor::layerTreeAsText() is
580         called. The thing is that CoordinatedGraphicsLayer::flushCompositingState() calls notifyFlushRequired() that
581         checks if the coordinator is flusing layers and if not it calls RenderLayerCompositor::notifyFlushRequired() and
582         returns early. This normally works because the coodinator is the one starting the layer flush, so that when
583         RenderLayerCompositor::flushPendingLayerChanges() is called the coordinator is always flusing layers. But
584         RenderLayerCompositor::layerTreeAsText() calls RenderLayerCompositor::flushPendingLayerChanges() directly, so at
585         that moment the coordinator is not flusing layers, what causes that
586         CoordinatedGraphicsLayer::flushCompositingState() ends up calling RenderLayerCompositor::notifyFlushRequired()
587         that schedules a new flush while flusing layers causing the
588         assertion. CoordinatedGraphicsLayer::flushCompositingState() is always called from
589         CompositingCoordinator::flushPendingLayerChanges() or RenderLayerCompositor::flushPendingLayerChanges() so we
590         never need to call RenderLayerCompositor::notifyFlushRequired() from there.
591
592         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
593         (WebCore::CoordinatedGraphicsLayer::notifyFlushRequired): This is void now since the return value is not checked anywhere.
594         (WebCore::CoordinatedGraphicsLayer::flushCompositingState): Remove the call to notifyFlushRequired().
595         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
596
597 2016-07-24  Darin Adler  <darin@apple.com>
598
599         Adding a new WebCore JavaScript built-in source file does not trigger rebuild of WebCoreJSBuiltins*
600         https://bugs.webkit.org/show_bug.cgi?id=160115
601
602         Reviewed by Youenn Fablet.
603
604         * DerivedSources.make: Added a missing dependency so the rule that builds WebCore_BUILTINS_WRAPPERS
605         kicks in when the list of WebCore_BUILTINS_SOURCES is modified. Also added another missing dependency
606         so that changes to the JavaScript built-ins Python scripts will also trigger WebCore_BUILTINS_WRAPPERS.
607
608         * make-generated-sources.sh: Removed. Was unused.
609
610 2016-07-23  Zalan Bujtas  <zalan@apple.com>
611
612         Stop isEmpty() from leaking out of SVG.
613         https://bugs.webkit.org/show_bug.cgi?id=160121
614
615         Reviewed by Simon Fraser.
616
617         It's unclear what isEmpty() actually means and it doesn't bring any value to Render* classes.
618
619         No change in functionality.
620
621         * editing/CompositeEditCommand.cpp:
622         (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
623         * rendering/RenderElement.h:
624         * rendering/RenderListItem.cpp:
625         (WebCore::RenderListItem::isEmpty): Deleted.
626         * rendering/RenderListItem.h:
627         * rendering/RenderObject.h:
628         (WebCore::RenderObject::isEmpty): Deleted.
629         * rendering/RenderRubyRun.cpp:
630         (WebCore::RenderRubyRun::removeChild):
631         (WebCore::RenderRubyRun::isEmpty): Deleted.
632         * rendering/RenderRubyRun.h:
633         * rendering/mathml/RenderMathMLFenced.cpp:
634         (WebCore::RenderMathMLFenced::updateFromElement):
635         (WebCore::RenderMathMLFenced::addChild):
636         * rendering/mathml/RenderMathMLRoot.cpp:
637         (WebCore::RenderMathMLRoot::paint):
638         * rendering/svg/RenderSVGShape.h:
639
640 2016-07-23  Zalan Bujtas  <zalan@apple.com>
641
642         table*BorderAdjoiningCell and borderAdjoiningCell* should take reference instead of RenderTableCell*.
643         https://bugs.webkit.org/show_bug.cgi?id=160123
644
645         Reviewed by Simon Fraser.
646
647         No change in functionality.
648
649         * rendering/RenderTable.cpp:
650         (WebCore::RenderTable::tableStartBorderAdjoiningCell):
651         (WebCore::RenderTable::tableEndBorderAdjoiningCell):
652         * rendering/RenderTable.h:
653         * rendering/RenderTableCell.cpp:
654         (WebCore::RenderTableCell::computeCollapsedStartBorder):
655         (WebCore::RenderTableCell::computeCollapsedEndBorder):
656         * rendering/RenderTableCell.h:
657         (WebCore::RenderTableCell::borderAdjoiningCellBefore):
658         (WebCore::RenderTableCell::borderAdjoiningCellAfter):
659         * rendering/RenderTableCol.cpp:
660         (WebCore::RenderTableCol::borderAdjoiningCellStartBorder):
661         (WebCore::RenderTableCol::borderAdjoiningCellEndBorder):
662         (WebCore::RenderTableCol::borderAdjoiningCellBefore):
663         (WebCore::RenderTableCol::borderAdjoiningCellAfter):
664         * rendering/RenderTableCol.h:
665         * rendering/RenderTableRow.cpp:
666         (WebCore::RenderTableRow::borderAdjoiningStartCell):
667         (WebCore::RenderTableRow::borderAdjoiningEndCell):
668         * rendering/RenderTableRow.h:
669         * rendering/RenderTableSection.cpp:
670         (WebCore::RenderTableSection::borderAdjoiningStartCell):
671         (WebCore::RenderTableSection::borderAdjoiningEndCell):
672         * rendering/RenderTableSection.h:
673
674 2016-07-23  Zalan Bujtas  <zalan@apple.com>
675
676         Remove unused enum and stale comment from RenderObject.
677         https://bugs.webkit.org/show_bug.cgi?id=160122
678
679         Reviewed by Simon Fraser.
680
681         No change in functionality.
682
683         * rendering/RenderBox.h:
684
685 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
686
687         [Coordinated Graphics] Lots of flaky tests
688         https://bugs.webkit.org/show_bug.cgi?id=160118
689
690         Reviewed by Michael Catanzaro.
691
692         Since the GTK+ ported to threaded compositor (coordinated graphics) there are a lot of flaky tests in the
693         bots. In manu of the cases the diff shows a different size in the FrameView layer.
694
695         This happens for tests run in the same WTR after fast/fixed-layout/fixed-layout.html. This is what happens:
696
697          1.- Test fast/fixed-layout/fixed-layout.html runs and sets fixed layout to true and fixed layout size to 400x400
698          2.- When it finishes TestController::resetStateToConsistentValues() is called.
699          3.- Blank URL is loaded after state has been updated
700          4.- Then Reset message is handled in the web process and Internals::resetToConsistentState() resets the fixed
701              layout state and size.
702          5.- onresize happens and the handler set in fast/fixed-layout/fixed-layout.html is invoked setting the fixed
703              layout to true and size to 400x400 again.
704          6.- about_blank is then loaded with the fixed layout enabled, as well as other tests after this one.
705
706         In addition to this, coordinated graphics uses a fixedVisibleContentRect in ScrollView that is never reset.
707
708         * platform/ScrollView.cpp:
709         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Only use m_fixedVisibleContentRect when
710         fixed layout is enabled.
711         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Ditto.
712         (WebCore::ScrollView::visibleContentRectInternal): Ditto.
713         * testing/Internals.cpp:
714         (WebCore::Internals::resetToConsistentState): Reset also the m_fixedVisibleContentRect.
715
716 2016-07-23  Carlos Garcia Campos  <cgarcia@igalia.com>
717
718         [Coordinated Graphics] Test imported/blink/svg/custom/svg-image-layers-crash.html crashes
719         https://bugs.webkit.org/show_bug.cgi?id=160078
720
721         Reviewed by Michael Catanzaro.
722
723         This is a merge of Blink r155373.
724         https://chromiumcodereview.appspot.com/20789004
725
726         Disable accelerated compositing for SVGImage content layers. SVGImageChromeClient does not support it.
727
728         Fixes imported/blink/svg/custom/svg-image-layers-crash.html.
729
730         * svg/graphics/SVGImage.cpp:
731         (WebCore::SVGImage::dataChanged):
732
733 2016-07-23  Commit Queue  <commit-queue@webkit.org>
734
735         Unreviewed, rolling out r203641.
736         https://bugs.webkit.org/show_bug.cgi?id=160116
737
738         It broke make-based builds (Requested by youenn on #webkit).
739
740         Reverted changeset:
741
742         "[Fetch API] Request should be created with any HeadersInit
743         data"
744         https://bugs.webkit.org/show_bug.cgi?id=159672
745         http://trac.webkit.org/changeset/203641
746
747 2016-07-23  Youenn Fablet  <youenn@apple.com>
748
749         [Fetch API] Request should be created with any HeadersInit data
750         https://bugs.webkit.org/show_bug.cgi?id=159672
751
752         Reviewed by Sam Weinig.
753
754         Made Request use JSBuiltinConstructor.
755         This allows initializing newly created Request with a JS built-in function, initializeFetchRequest.
756         initializeFetchRequest can call @fillFetchHeaders internal built-in to handle any HeadersInit data.
757         Future effort should be made to migrate more initialization code in initializeFetchRequest.
758
759         Made window and worker fetch function as a JS built-in.
760         This becomes more handy as these new functions can construct the Request object.
761         They can then call a single private function that takes a Request object as input.
762         Updated DOMWindowFetch and WorkerGlobalScopeFetch code accordingly.
763
764         To enable this, the binding generator is updated to support runtime-enabled JS built-in functions and
765         private functions atttached to global objects.
766
767         Covered by existing and modified tests.
768         Binding generator test covered by updated binding tests.
769
770         * CMakeLists.txt: Adding DOMWindowFetch.js, FetchRequest.js and WorkerGlobalScopeFetch.js built-in files.
771         * DerivedSources.make: Ditto.
772         * Modules/fetch/DOMWindowFetch.cpp: Removed overloaded fetch and updated according new signature.
773         (WebCore::DOMWindowFetch::fetch):
774         * Modules/fetch/DOMWindowFetch.h: Ditto.
775         * Modules/fetch/DOMWindowFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
776         * Modules/fetch/DOMWindowFetch.js: Added.
777         (fetch):
778         * Modules/fetch/FetchHeaders.h:
779         (WebCore::FetchHeaders::setGuard): Used by FetchRequest when initializing headers.
780         * Modules/fetch/FetchRequest.cpp: 
781         (WebCore::buildHeaders): Removed as implemented in JS.
782         (WebCore::FetchRequest::initializeOptions): Added to handle most of the dictionary initialization.
783         (WebCore::FetchRequest::initializeWith): Method called from built-in constructor function.
784         (WebCore::FetchRequest::setBody): Corresponding to @setBody private method.
785         (WebCore::buildBody): Deleted.
786         * Modules/fetch/FetchRequest.h:
787         * Modules/fetch/FetchRequest.idl:
788         * Modules/fetch/FetchRequest.js: Added.
789         (initializeFetchRequest): Implements fetch Request(input, init) constructor.
790         * Modules/fetch/FetchResponse.cpp:
791         (WebCore::FetchResponse::fetch): Removed the construction of FetchRequest in fetch method since it is done by JS built-in code.
792         * Modules/fetch/FetchResponse.h:
793         * Modules/fetch/WorkerGlobalScopeFetch.cpp: Removed overloaded fetch and updated according new signature.
794         (WebCore::WorkerGlobalScopeFetch::fetch):
795         * Modules/fetch/WorkerGlobalScopeFetch.h: Ditto.
796         * Modules/fetch/WorkerGlobalScopeFetch.idl: Making fetch a JS built-in and adding a @fetchRequest private function.
797         * Modules/fetch/WorkerGlobalScopeFetch.js: Added.
798         (fetch):
799         * bindings/js/WebCoreBuiltinNames.h: Adding fetchRequest, setBody and Request private identifiers.
800         * bindings/scripts/CodeGenerator.pm:
801         (WK_lcfirst): Replacing dOM by dom.
802         * bindings/scripts/CodeGeneratorJS.pm:
803         (GenerateImplementation): Adding support for runtime-enabled built-in methods and private methods.
804         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
805         (WebCore::JSTestGlobalObject::finishCreation):
806         (WebCore::jsTestGlobalObjectInstanceFunctionTestPrivateFunction):
807         * bindings/scripts/test/ObjC/DOMTestGlobalObject.mm:
808         (-[DOMTestGlobalObject testJSBuiltinFunction]):
809         * bindings/scripts/test/TestGlobalObject.idl: Adding tests for runtime-enabled global built-in methods and private methods.
810
811 2016-07-23  Frederic Wang  <fwang@igalia.com>
812
813         Reset font-style on the <math> element
814         https://bugs.webkit.org/show_bug.cgi?id=160074
815
816         Reviewed by Darin Adler.
817
818         Mathematical formulas with italic font-style render poorly (slanted operators, mathvariant
819         italic etc). We align on Gecko and make the user agent stylesheet reset the font-style to
820         'normal' by default. This addresses the concrete use case of formula inside theorem or
821         proposition statements, which are often written in italic.
822
823         Test: mathml/presentation/math-font-style.html
824
825         * css/mathml.css:
826         (math): Reset the font-style to normal.
827
828 2016-07-23  Frederic Wang  <fwang@igalia.com>
829
830         [MathML] PaintInfo state is not properly restored after applyTransform.
831         https://bugs.webkit.org/show_bug.cgi?id=160077
832
833         Reviewed by Simon Fraser.
834
835         PaintInfo::applyTransform modifies PaintInfo::rect and the original state is not properly
836         restored by GraphicsContextStateSaver. To avoid some weird rendering bugs in MathOperator
837         and RenderMathMLMenclose, we follow what is done in SVG renderers and make a copy of the
838         original PaintInfo before applying the transform.
839
840         Test: mathml/presentation/bug160077.html
841
842         * rendering/mathml/MathOperator.cpp:
843         (WebCore::MathOperator::paint):
844         * rendering/mathml/RenderMathMLMenclose.cpp:
845         (WebCore::RenderMathMLMenclose::paint):
846
847 2016-07-23  Youenn Fablet  <youenn@apple.com>
848
849         [Fetch API] Fetch response stream should enqueue Uint8Array
850         https://bugs.webkit.org/show_bug.cgi?id=160083
851
852         Reviewed by Sam Weinig.
853
854         Covered by updated tests.
855
856         Before enqueuing, ReadableStreamController::enqueue will convert ArrayBuffer as Uint8Array.
857         It also returns a boolean whether the operation is successful or not.
858
859         If returned value is false, calling code will stop loading or if everything is loaded it will refrain from closing the stream.
860         The enqueuing should be succesful except in OutOfMemory cases. This case is not yet handled in test cases.
861
862         Updated the code to remove templated enqueuing as Fetch has no use of it.
863
864         * Modules/fetch/FetchBody.cpp:
865         (WebCore::FetchBody::consumeAsStream): Do not close the stream if enqueuing failed.
866         * Modules/fetch/FetchBodyOwner.cpp:
867         (WebCore::FetchBodyOwner::blobChunk): Stop blob loading if enqueuing failed.
868         * Modules/fetch/FetchResponse.cpp:
869         (WebCore::FetchResponse::BodyLoader::didReceiveData): Stop resource loading if enqueuing failed.
870         (WebCore::FetchResponse::consumeBodyAsStream): Ditto.
871         * Modules/fetch/FetchResponseSource.h:
872         * bindings/js/ReadableStreamController.h:
873         (WebCore::ReadableStreamController::enqueue):
874         (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>): Deleted.
875
876 2016-07-22  Youenn Fablet  <youenn@apple.com>
877
878         Use a private property to implement FetchResponse.body getter
879         https://bugs.webkit.org/show_bug.cgi?id=159808
880
881         Reviewed by Sam Weinig.
882
883         Covered by existing test sets.
884
885         Previously, body was handled as a CachedAttribute.
886         Using a private property will allow direct use of this property from JS built-ins which will allow easier
887         handling of ReadableStream cloning in Response.clone.
888         Also, this allows removing some binding custom code.
889
890         Updated redirect and error static methods to take NewObject keyword, as this removes a search into cached wrappers.
891         Ditto for createReadableStreamSource.
892
893         * CMakeLists.txt: Removing JSFetchResponseCustom.cpp.
894         * Modules/fetch/FetchResponse.idl: Adding createReadableStreamSource and isDisturbed private functions.
895         Making body getter a JSBuiltin.
896         * Modules/fetch/FetchResponse.js:
897         (body): Adding getter which will call createReadableStreamSource if needed.
898         * WebCore.xcodeproj/project.pbxproj: Removing JSFetchResponseCustom.cpp.
899         * bindings/js/JSFetchResponseCustom.cpp: Removed.
900         * bindings/js/ReadableStreamController.cpp:
901         (WebCore::createReadableStream): Deleted.
902         (WebCore::getReadableStreamReader): Deleted.
903         * bindings/js/ReadableStreamController.h: Removing unneeded ReadableStream helper routine now that they can be
904         handled within JS built-in code.
905         * bindings/js/WebCoreBuiltinNames.h: Adding @createReadableStreamSource, @isDisturbed  and @Response identifiers.
906
907 2016-07-22  Zalan Bujtas  <zalan@apple.com>
908
909         Handle cases when IOSurface initialization fails.
910         https://bugs.webkit.org/show_bug.cgi?id=160006
911         <rdar://problem/27495102>
912
913         Reviewed by Tim Horton and Simon Fraser.
914
915         This is an additional fix to r203514 to check if IOSurface initialization was successful.
916
917         Unable to test.
918
919         * platform/graphics/cg/ImageBufferCG.cpp:
920         (WebCore::ImageBuffer::ImageBuffer):
921         * platform/graphics/cocoa/IOSurface.h: Merge 2 c'tors.
922         * platform/graphics/cocoa/IOSurface.mm: Remove redundant IOSurface::create() code.  
923         (WebCore::IOSurface::create):
924         (WebCore::IOSurface::createFromImage):
925         (WebCore::IOSurface::IOSurface):
926         (WebCore::IOSurface::convertToFormat):
927
928 2016-07-22  Wenson Hsieh  <wenson_hsieh@apple.com>
929
930         Media controls should be displayed for media in media documents
931         https://bugs.webkit.org/show_bug.cgi?id=160104
932         <rdar://problem/27438936>
933
934         Reviewed by Myles C. Maxfield.
935
936         Make videos that would otherwise not have been large enough or have the right
937         aspect ratio cause media controls to appear. This is because media elements in
938         a media document are implied to be main content.
939
940         Added a new API test.
941
942         * html/MediaElementSession.cpp:
943         (WebCore::MediaElementSession::canControlControlsManager):
944
945 2016-07-22  Myles C. Maxfield  <mmaxfield@apple.com>
946
947         All dancers with bunny ears are female
948         https://bugs.webkit.org/show_bug.cgi?id=160102
949         <rdar://problem/27453479>
950
951         Reviewed by Simon Fraser.
952
953         In r203330 I added support for new emoji group candidates. I accidentally
954         missed one of the new emoji code points.
955
956         Tests: editing/deleting/delete-emoji.html:
957                fast/text/emoji-gender-2-9.html:
958                fast/text/emoji-gender-9.html:
959                fast/text/emoji-gender-fe0f-9.html:
960
961         * platform/text/CharacterProperties.h:
962         (WebCore::isEmojiGroupCandidate):
963
964 2016-07-22  Chris Dumez  <cdumez@apple.com>
965
966         Parameter to HTMLCollection.item() / namedItem() should be mandatory
967         https://bugs.webkit.org/show_bug.cgi?id=160099
968
969         Reviewed by Sam Weinig.
970
971         Parameter to HTMLCollection.item() / namedItem() should be mandatory:
972         - https://dom.spec.whatwg.org/#interface-htmlcollection
973         - https://html.spec.whatwg.org/multipage/infrastructure.html#htmlformcontrolscollection
974         - https://html.spec.whatwg.org/multipage/infrastructure.html#the-htmloptionscollection-interface
975
976         Firefox and Chrome agree with the specification.
977
978         No new tests, rebaselined existing tests.
979
980         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
981         (WebCore::JSHTMLFormControlsCollection::namedItem):
982         * html/HTMLCollection.idl:
983         * html/HTMLFormControlsCollection.idl:
984         * html/HTMLOptionsCollection.idl:
985
986 2016-07-22  Chris Dumez  <cdumez@apple.com>
987
988         First parameter to Window.getComputedStyle() should be mandatory and non-nullable
989         https://bugs.webkit.org/show_bug.cgi?id=160097
990
991         Reviewed by Ryosuke Niwa.
992
993         First parameter to Window.getComputedStyle() should be mandatory and
994         non-nullable:
995         - https://drafts.csswg.org/cssom/#extensions-to-the-window-interface
996
997         Firefox and Chrome agree with the specification.
998
999         Test: fast/dom/Window/getComputedStyle-missing-parameter.html
1000
1001         * css/CSSComputedStyleDeclaration.cpp:
1002         (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):
1003         (WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration):
1004         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1005         (WebCore::CSSComputedStyleDeclaration::copyProperties):
1006         (WebCore::CSSComputedStyleDeclaration::length):
1007         (WebCore::CSSComputedStyleDeclaration::item):
1008         (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
1009         * css/CSSComputedStyleDeclaration.h:
1010         * dom/Document.idl:
1011         * inspector/InspectorCSSAgent.cpp:
1012         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
1013         * page/DOMWindow.cpp:
1014         (WebCore::DOMWindow::getComputedStyle):
1015         * page/DOMWindow.h:
1016         * page/DOMWindow.idl:
1017         * testing/Internals.cpp:
1018         (WebCore::Internals::computedStyleIncludingVisitedInfo):
1019         * testing/Internals.h:
1020         * testing/Internals.idl:
1021
1022 2016-07-22  Brady Eidson  <beidson@apple.com>
1023
1024         Removing IndexedDatabases that have stored blobs doesn't remove the blob files.
1025         https://bugs.webkit.org/show_bug.cgi?id=160089
1026
1027         Reviewed by Darin Adler.
1028
1029         Tested by API test IndexedDB.StoreBlobThenDelete.
1030
1031         Blob filenames exist in the IDB directory with the name "[0-9]+.blob".
1032         
1033         That is, one or more digits, followed by ".blob".
1034         
1035         So when we delete an IndexedDB.sqlite3 and related files, we should delete those blob files as well.
1036         
1037         * Modules/indexeddb/server/IDBServer.cpp:
1038         (WebCore::IDBServer::removeAllDatabasesForOriginPath):
1039
1040 2016-07-22  Chris Dumez  <cdumez@apple.com>
1041
1042         Fix default parameter values for window.alert() / prompt() / confirm()
1043         https://bugs.webkit.org/show_bug.cgi?id=160085
1044
1045         Reviewed by Ryosuke Niwa.
1046
1047         Fix default parameter values for window.alert() / prompt() / confirm() to
1048         match the specification:
1049         - https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
1050
1051         They should default to the empty string, not the string "undefined".
1052
1053         Firefox and chrome agree with the specification.
1054
1055         No new tests, updated existing test.
1056
1057         * page/DOMWindow.h:
1058         * page/DOMWindow.idl:
1059
1060 2016-07-22  Daniel Bates  <dabates@apple.com>
1061
1062         CSP: object-src and plugin-types directives are not respected for plugin replacements
1063         https://bugs.webkit.org/show_bug.cgi?id=159761
1064         <rdar://problem/27365724>
1065
1066         Reviewed by Brent Fulgham.
1067
1068         Apply the Content Security Policy (CSP) object-src and plugin-types directives to content that will
1069         load with a plugin replacement.
1070
1071         Tests: security/contentSecurityPolicy/object-src-none-blocks-quicktime-plugin-replacement.html
1072                security/contentSecurityPolicy/object-src-none-blocks-youtube-plugin-replacement.html
1073                security/contentSecurityPolicy/plugins-types-allows-quicktime-plugin-replacement.html
1074                security/contentSecurityPolicy/plugins-types-allows-youtube-plugin-replacement.html
1075                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement-without-mime-type.html
1076                security/contentSecurityPolicy/plugins-types-blocks-quicktime-plugin-replacement.html
1077                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement-without-mime-type.html
1078                security/contentSecurityPolicy/plugins-types-blocks-youtube-plugin-replacement.html
1079
1080         * html/HTMLPlugInImageElement.cpp:
1081         (WebCore::HTMLPlugInImageElement::allowedToLoadPluginContent): Added.
1082         (WebCore::HTMLPlugInImageElement::requestObject): Only request loading plugin content if we
1083         are allowed to load such content.
1084         * html/HTMLPlugInImageElement.h:
1085         * loader/SubframeLoader.cpp:
1086         (WebCore::SubframeLoader::pluginIsLoadable): Removed code to check CSP as we will check CSP
1087         earlier in HTMLPlugInImageElement::requestObject().
1088         (WebCore::SubframeLoader::requestPlugin): Ditto.
1089         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy): Deleted; moved implementation
1090         to HTMLPlugInImageElement::allowedToLoadPluginContent().
1091         (WebCore::SubframeLoader::requestObject): Deleted.
1092         * loader/SubframeLoader.h:
1093         * page/csp/ContentSecurityPolicy.cpp:
1094         (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded): Changed signature from a non-const
1095         function to a const function since these functions do not modify |this|.
1096         * page/csp/ContentSecurityPolicy.h: 
1097
1098 2016-07-22  Chris Dumez  <cdumez@apple.com>
1099
1100         Parameters to Node.replaceChild() / insertBefore() should be mandatory
1101         https://bugs.webkit.org/show_bug.cgi?id=160091
1102
1103         Reviewed by Darin Adler.
1104
1105         Parameters to Node.replaceChild() / insertBefore() should be mandatory:
1106         - https://dom.spec.whatwg.org/#node
1107
1108         The compatibility risk should be low since Firefox and Chrome both agree
1109         with the specification and because it does not make much sense to omit
1110         parameters when using this API.
1111
1112         No new tests, rebaselined existing tests.
1113
1114         * bindings/js/JSNodeCustom.cpp:
1115         (WebCore::JSNode::insertBefore):
1116         (WebCore::JSNode::replaceChild):
1117
1118 2016-07-22  Chris Dumez  <cdumez@apple.com>
1119
1120         Parameter to Node.contains() should be mandatory
1121         https://bugs.webkit.org/show_bug.cgi?id=160084
1122
1123         Reviewed by Darin Adler.
1124
1125         Parameter to Node.contains() should be mandatory as per the
1126         specification:
1127         - https://dom.spec.whatwg.org/#node
1128
1129         The compatibility risk should be low because both Firefox and Chrome
1130         both agree with the specification. Also, it does not make much sense
1131         to call this API without parameter.
1132
1133         No new tests, rebaselined existing tests.
1134
1135         * dom/Node.idl:
1136
1137 2016-07-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
1138
1139         [iOS] REGRESSION(203378): PDFDocumentImage::updateCachedImageIfNeeded() uses the unscaled size when deciding whether to cache the PDF image
1140         https://bugs.webkit.org/show_bug.cgi?id=159933
1141
1142         Reviewed by Simon Fraser.
1143
1144         We need to use the scaled size when deciding whether to cache the PDF image
1145         or not. This is because ImageBuffer takes the display resolution into account
1146         which gives higher resolution for the image when zooming.
1147
1148         * platform/graphics/cg/PDFDocumentImage.cpp:
1149         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
1150
1151 2016-07-22  Chris Dumez  <cdumez@apple.com>
1152
1153         First parameter to getElementById() should be mandatory
1154         https://bugs.webkit.org/show_bug.cgi?id=160087
1155
1156         Reviewed by Darin Adler.
1157
1158         First parameter to getElementById() should be mandatory:
1159         - https://dom.spec.whatwg.org/#nonelementparentnode
1160         - https://www.w3.org/TR/SVG/struct.html#InterfaceSVGSVGElement
1161
1162         Both Firefox and Chrome agree with the specification.
1163
1164         Test: svg/dom/SVGSVGElement-getElementById.html
1165
1166         * dom/NonElementParentNode.idl:
1167         * svg/SVGSVGElement.idl:
1168
1169 2016-07-22  Chris Dumez  <cdumez@apple.com>
1170
1171         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace() should be mandatory
1172         https://bugs.webkit.org/show_bug.cgi?id=160086
1173
1174         Reviewed by Darin Adler.
1175
1176         Parameter to Node.lookupPrefix() / lookupNamespaceURI() / isDefaultNamespace()
1177         should be mandatory:
1178         - https://dom.spec.whatwg.org/#node
1179
1180         Firefox and Chrome both agree with the specification.
1181
1182         No new tests, rebaselined existing tests.
1183
1184         * dom/Node.idl:
1185
1186 2016-07-22  Chris Dumez  <cdumez@apple.com>
1187
1188         Parameter to Node.compareDocumentPosition() should be mandatory and non-nullable
1189         https://bugs.webkit.org/show_bug.cgi?id=160071
1190
1191         Reviewed by Ryosuke Niwa.
1192
1193         
1194         Parameter to Node.compareDocumentPosition() should be mandatory and
1195         non-nullable:
1196         - https://dom.spec.whatwg.org/#interface-node
1197
1198         Firefox and Chrome agree with the specification so the compatibility
1199         risk should be low. Also, it does not make much sense to call this
1200         operation without parameter.
1201
1202         No new tests, rebaselined existing tests.
1203
1204         * accessibility/AccessibilityObject.cpp:
1205         (WebCore::rangeClosestToRange):
1206         * dom/AuthorStyleSheets.cpp:
1207         (WebCore::AuthorStyleSheets::addStyleSheetCandidateNode):
1208         * dom/Node.cpp:
1209         (WebCore::compareDetachedElementsPosition):
1210         (WebCore::Node::compareDocumentPosition):
1211         * dom/Node.h:
1212         * dom/Node.idl:
1213         * dom/Position.h:
1214         (WebCore::operator<):
1215         * html/HTMLFormElement.cpp:
1216         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
1217         (WebCore::HTMLFormElement::formElementIndex):
1218         * rendering/RenderNamedFlowThread.cpp:
1219         (WebCore::RenderNamedFlowThread::nextRendererForElement):
1220         (WebCore::compareRenderNamedFlowFragments):
1221         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
1222
1223 2016-07-22  Konstantin Tokarev  <annulen@yandex.ru>
1224
1225         [cmake] Removed obsolete plugins/win directory
1226         https://bugs.webkit.org/show_bug.cgi?id=160081
1227
1228         Reviewed by Per Arne Vollan.
1229
1230         It was removed in r178219.
1231
1232         No new tests needed.
1233
1234         * PlatformWin.cmake:
1235
1236 2016-07-22  Youenn Fablet  <youenn@apple.com>
1237
1238         run-builtins-generator-tests should be able to test WebCore builtins wrapper with more than one file
1239         https://bugs.webkit.org/show_bug.cgi?id=159921
1240
1241         Reviewed by Brian Burg.
1242
1243         Covered by existing and added built-ins tests.
1244
1245         Updating built system according ---wrappers-only new meaning.
1246         builtin generator is now called for each individual built-in file plus once for WebCore wrapper files.
1247         WebCore wrapper files allow handling things like conditionally guarded features.
1248         They also remove the need to use built-ins macros outside generated code.
1249
1250         * CMakeLists.txt:
1251         * DerivedSources.make:
1252
1253 2016-07-21  Frederic Wang  <fwang@igalia.com>
1254
1255         Move parsing of accentunder and accent attributes from renderer to element classes
1256         https://bugs.webkit.org/show_bug.cgi?id=159625
1257
1258         Reviewed by Brent Fulgham.
1259
1260         We introduce a new MathMLUnderOverElement that is used for elements munder, mover and
1261         munderover in order to create RenderMathMLUnderOver and parse and expose the values of the
1262         accent and accentunder attributes. This is one more step toward moving MathML attribute
1263         parsing to the DOM (bug 156536). We also do minor clean-up for this and previous renderer
1264         classes that no longer do attribute parsing: the MathMLNames namespace is no longer necessary
1265         and constructors can take a more accurate element type.
1266
1267         No new tests, already covered by existing test.
1268
1269         * CMakeLists.txt: Add MathMLUnderOverElement files.
1270         * WebCore.xcodeproj/project.pbxproj: Ditto.
1271         * mathml/MathMLAllInOne.cpp: Ditto.
1272         * mathml/MathMLElement.cpp:
1273         (WebCore::MathMLElement::cachedBooleanAttribute): Add parsing of boolean attributes.
1274         * mathml/MathMLElement.h: New type and helper functions for boolean attributes.
1275         * mathml/MathMLInlineContainerElement.cpp:
1276         (WebCore::MathMLInlineContainerElement::createElementRenderer): Remove handling of
1277         under/over/underover elements.
1278         * mathml/MathMLScriptsElement.cpp:
1279         (WebCore::MathMLScriptsElement::MathMLScriptsElement): Remove inline keyword to avoid link
1280         errors now that MathMLUnderOverElement overrides that class.
1281         * mathml/MathMLScriptsElement.h: Allow MathMLUnderOverElement to override this class.
1282         * mathml/MathMLUnderOverElement.cpp:
1283         (WebCore::MathMLUnderOverElement::MathMLUnderOverElement):
1284         (WebCore::MathMLUnderOverElement::create):
1285         (WebCore::MathMLUnderOverElement::accent): Helper function to access the accent value.
1286         (WebCore::MathMLUnderOverElement::accentUnder): Helper function to access the accentunder value.
1287         (WebCore::MathMLUnderOverElement::parseAttribute): Make accent and accentunder dirty.
1288         (WebCore::MathMLUnderOverElement::createElementRenderer): Create RenderMathMLUnderOver
1289         * mathml/MathMLUnderOverElement.h:
1290         * mathml/mathtags.in: Map under/over/underover to MathMLUnderOverElement.
1291         * rendering/mathml/RenderMathMLFraction.cpp: Remove MathMLNames and make the constructor
1292         take a MathMLFractionElement.
1293         (WebCore::RenderMathMLFraction::RenderMathMLFraction):
1294         * rendering/mathml/RenderMathMLFraction.h:
1295         * rendering/mathml/RenderMathMLPadded.cpp: Remove MathMLNames and make the constructor
1296         take a MathMLPaddedElement.
1297         (WebCore::RenderMathMLPadded::RenderMathMLPadded):
1298         * rendering/mathml/RenderMathMLPadded.h:
1299         * rendering/mathml/RenderMathMLScripts.cpp: Remove MathMLNames and make the constructor
1300         take a MathMLScriptsElement. Also rename scriptsElement() to element().
1301         (WebCore::RenderMathMLScripts::RenderMathMLScripts):
1302         (WebCore::RenderMathMLScripts::element):
1303         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
1304         (WebCore::RenderMathMLScripts::scriptsElement): Deleted.
1305         * rendering/mathml/RenderMathMLScripts.h:
1306         * rendering/mathml/RenderMathMLUnderOver.cpp: Remove MathMLNames and make the constructor
1307         take a RenderMathMLUnderOver.
1308         (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
1309         (WebCore::RenderMathMLUnderOver::element):
1310         (WebCore::RenderMathMLUnderOver::hasAccent): Use the helper functions for accent and accentunder.
1311         * rendering/mathml/RenderMathMLUnderOver.h:
1312
1313 2016-07-21  Chris Dumez  <cdumez@apple.com>
1314
1315         Parameter to Node.isSameNode() / isEqualNode() should be mandatory
1316         https://bugs.webkit.org/show_bug.cgi?id=160070
1317
1318         Reviewed by Ryosuke Niwa.
1319
1320         Parameter to Node.isSameNode() / isEqualNode() should be mandatory as
1321         per the specification:
1322         - https://dom.spec.whatwg.org/#interface-node
1323
1324         Chrome and Firefox agree with the specification (although Firefox does
1325         not support isSameNode()).
1326
1327         No new tests, rebaselined existing tests.
1328
1329         * dom/Node.idl:
1330
1331 2016-07-21  Chris Dumez  <cdumez@apple.com>
1332
1333         Parameter to Document.createEvent() should be mandatory
1334         https://bugs.webkit.org/show_bug.cgi?id=160065
1335
1336         Reviewed by Darin Adler.
1337
1338         Parameter to Document.createEvent() should be mandatory as per the
1339         specification:
1340         - https://dom.spec.whatwg.org/#document
1341
1342         We already throw anyway when the parameter is omitted because we use
1343         "undefined" as event type, which is invalid. However, we throw the
1344         wrong exception.
1345
1346         Firefox and Chrome agree with the specification here.
1347
1348         No new tests, rebaselined existing tests.
1349
1350         * dom/Document.idl:
1351
1352 2016-07-21  Brian Burg  <bburg@apple.com>
1353
1354         REGRESSION(r62549): Objective-C DOM bindings sometimes fail to regenerate when CodeGenerator.pm is modified
1355         https://bugs.webkit.org/show_bug.cgi?id=160031
1356
1357         Reviewed by Darin Adler.
1358
1359         This bug was caused by a refactoring 6 years ago. Not all uses of a variable
1360         were renamed, so the ObjC bindings target pattern was not specifying any
1361         build scripts as target dependencies.
1362
1363         * DerivedSources.make: Standardize on {COMMON,JS,DOM}_BINDINGS_SCRIPTS.
1364
1365 2016-07-21  Darin Adler  <darin@apple.com>
1366
1367         Remove unneeded content attribute name "playsinline"
1368         https://bugs.webkit.org/show_bug.cgi?id=160069
1369
1370         Reviewed by Chris Dumez.
1371
1372         * html/HTMLVideoElement.idl: Removed explicit content attribute name on Reflect
1373         attribute since it is the same as the name that the code generator will generate.
1374
1375 2016-07-21  Chris Dumez  <cdumez@apple.com>
1376
1377         Make parameters to Element.getElementsBy*() operations mandatory
1378         https://bugs.webkit.org/show_bug.cgi?id=160060
1379
1380         Reviewed by Darin Adler.
1381
1382         Make parameters to Element.getElementsBy*() operations mandatory to
1383         match the specification:
1384         - https://dom.spec.whatwg.org/#interface-element
1385
1386         Firefox and Chrome agree with the specification so the compatibility
1387         risk should be low.
1388
1389         It makes very little sense to call these operations without parameter,
1390         especially considering WebKit uses the string "undefined" if the
1391         parameter is omitted.
1392
1393         No new tests, rebaselined existing tests.
1394
1395         * dom/Element.idl:
1396
1397 2016-07-21  Chris Dumez  <cdumez@apple.com>
1398
1399         Make parameters mandatory for attribute-related API on Element
1400         https://bugs.webkit.org/show_bug.cgi?id=160059
1401
1402         Reviewed by Ryosuke Niwa.
1403
1404         Make parameters mandatory for attribute-related API on Element to match
1405         the specification:
1406         - https://dom.spec.whatwg.org/#element
1407
1408         Firefox and Chrome agree with the specification. Calling this API
1409         without the parameters does not make much sense, especially considering
1410         WebKit uses the string "undefined" when the parameter is omitted.
1411
1412         No new tests, rebaselined existing tests.
1413
1414         * dom/Element.idl:
1415
1416 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1417
1418         Remove support for deprecated SPI inlineMediaPlaybackRequiresPlaysInlineAttribute
1419         https://bugs.webkit.org/show_bug.cgi?id=160066
1420
1421         Reviewed by Dean Jackson.
1422
1423         r203520 deprecated inlineMediaPlaybackRequiresPlaysInlineAttribute in favor of
1424         allowsInlineMediaPlaybackWithPlaysInlineAttribute and
1425         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute. The old
1426         inlineMediaPlaybackRequiresPlaysInlineAttribute is SPI and was never released
1427         to the public. Therefore, it can be removed safely.
1428
1429         No new tests because there is no behavior change.
1430
1431         * page/Settings.cpp:
1432         * page/Settings.in:
1433         * testing/InternalSettings.cpp:
1434         (WebCore::InternalSettings::Backup::Backup): Deleted.
1435         (WebCore::InternalSettings::Backup::restoreTo): Deleted.
1436         (WebCore::InternalSettings::setInlineMediaPlaybackRequiresPlaysInlineAttribute): Deleted.
1437         * testing/InternalSettings.h:
1438         * testing/InternalSettings.idl:
1439
1440 2016-07-21  Dean Jackson  <dino@apple.com>
1441
1442         REGRESSION (r202927): The internal size of the ImageBuffer is scaled twice by the context scaleFactor
1443         https://bugs.webkit.org/show_bug.cgi?id=159981
1444         <rdar://problem/27429465>
1445
1446         Reviewed by Myles Maxfield.
1447
1448         The change to propagate color spaces through ImageBuffers created an
1449         alternate version of createCompatibleBuffer. This version accidentally
1450         attempted to take the display resolution (i.e. hidpi) into account
1451         when creating the buffer, which meant it was being applied twice.
1452
1453         The fix is simply to remove that logic. The caller of the method
1454         will take the resolution into account, the same way they did
1455         with the old createCompatibleBuffer method.
1456
1457         Test: fast/hidpi/pdf-image-scaled.html
1458
1459         * platform/graphics/cg/ImageBufferCG.cpp:
1460         (WebCore::ImageBuffer::createCompatibleBuffer): Don't calculate
1461         a resolution - just use the value of 1.0.
1462
1463 2016-07-21  John Wilander  <wilander@apple.com>
1464
1465         Block mixed content synchronous XHR
1466         https://bugs.webkit.org/show_bug.cgi?id=105462
1467         <rdar://problem/13666424>
1468
1469         Reviewed by Brent Fulgham.
1470
1471         Test: http/tests/security/mixedContent/insecure-xhr-sync-in-main-frame.html
1472
1473         * loader/DocumentThreadableLoader.cpp:
1474         (WebCore::DocumentThreadableLoader::loadRequest):
1475
1476 2016-07-21  Chris Dumez  <cdumez@apple.com>
1477
1478         Make parameters to Document.getElementsBy*() operations mandatory
1479         https://bugs.webkit.org/show_bug.cgi?id=160050
1480
1481         Reviewed by Daniel Bates.
1482
1483         Make parameters to Document.getElementsBy*() operations mandatory to
1484         match the specification:
1485         - https://dom.spec.whatwg.org/#interface-document
1486
1487         Firefox and Chrome agree with the specification so the compatibility
1488         risk should be low.
1489
1490         It makes very little sense to call these operations without parameter,
1491         especially considering WebKit uses the string "undefined" if the
1492         parameter is omitted.
1493
1494         No new tests, rebaselined existing tests.
1495
1496         * dom/Document.idl:
1497
1498 2016-07-21  Nan Wang  <n_wang@apple.com>
1499
1500         AX: aria-label not being used correctly in accessible name calculation of heading
1501         https://bugs.webkit.org/show_bug.cgi?id=160009
1502
1503         Reviewed by Chris Fleizach.
1504
1505         Actually we are exposing the correct information for heading objects. On macOS, 
1506         VoiceOver should handle the logic that picks the right information to speak.
1507         On iOS, VoiceOver is speaking the static text child instead of the heading object.
1508         So we should set the accessibilityLabel of the static text based on the parent's 
1509         alternate label.
1510
1511         Test: accessibility/ios-simulator/heading-with-aria-label.html
1512
1513         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1514         (-[WebAccessibilityObjectWrapper _accessibilityTraitsFromAncestors]):
1515
1516 2016-07-21  Saam Barati  <sbarati@apple.com>
1517
1518         op_add/ValueAdd should be an IC in all JIT tiers
1519         https://bugs.webkit.org/show_bug.cgi?id=159649
1520
1521         Reviewed by Benjamin Poulain.
1522
1523         * ForwardingHeaders/jit/JITMathICForwards.h: Added.
1524
1525 2016-07-21  Chris Dumez  <cdumez@apple.com>
1526
1527         Make parameters mandatory for Document.create*() operations
1528         https://bugs.webkit.org/show_bug.cgi?id=160047
1529
1530         Reviewed by Ryosuke Niwa.
1531
1532         Make parameters mandatory for Document.create*() operations:
1533         createTextNode(), createComment(), createCDataSection(),
1534         createAttribute() and createProcessingInstruction().
1535
1536         This matches the specification:
1537         - https://dom.spec.whatwg.org/#interface-document
1538
1539         Firefox and Chrome both agree with the specification so the
1540         compatibility risk should be low. Also WebKit uses the string
1541         "undefined" when the parameter is omitted, which is not very
1542         helpful.
1543
1544         No new tests, rebaselined existing tests.
1545
1546         * dom/Document.idl:
1547
1548 2016-07-21  Chris Dumez  <cdumez@apple.com>
1549
1550         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1551         https://bugs.webkit.org/show_bug.cgi?id=160025
1552
1553         Reviewed by Ryosuke Niwa.
1554
1555         Fix null handling of SVGAngle/SVGLength.valueAsString attribute
1556         to match the specification:
1557         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGAngle
1558         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGLength
1559
1560         In particular, this patch drops [TreatNullAs=EmptyString] IDL
1561         extended attribute from this attribute. This is not supposed
1562         to change behavior given that both "" and "null" are invalid
1563         numbers and the specification says to throw a SYNTAX_ERR in
1564         this case.
1565
1566         However, WebKit currently ignores assignments to "" instead
1567         of throwing. As a result, assigning to null will now throw
1568         instead of being ignored. The compatibility risk should be
1569         low because both Firefox and Chrome throw when assigning
1570         null.
1571
1572         I did not change the behavior when assigning to "" because
1573         it is a bit out of scope for this patch and browsers to not
1574         seem to agree:
1575         - Firefox throws
1576         - Chrome set value to "0"
1577         - WebKit ignores the assignment
1578
1579         The specification seems to agree with Firefox as far as I
1580         can tell given that "" is not a valid number as per:
1581         - https://www.w3.org/TR/css3-values/#numbers
1582
1583         Test: svg/dom/valueAsString-null.html
1584
1585         * svg/SVGAngle.idl:
1586         * svg/SVGLength.idl:
1587
1588 2016-07-21  Chris Dumez  <cdumez@apple.com>
1589
1590         Fix null handling of HTMLFontElement.color
1591         https://bugs.webkit.org/show_bug.cgi?id=160036
1592
1593         Reviewed by Ryosuke Niwa.
1594
1595         Fix null handling of HTMLFontElement.color to match the specification:
1596         - https://html.spec.whatwg.org/#htmlfontelement
1597
1598         We are supposed to treat null as the empty string. Both Firefox and
1599         Chrome agree with the specification.
1600
1601         No new tests, rebaselined existing tests.
1602
1603         * html/HTMLFontElement.idl:
1604
1605 2016-07-21  Chris Dumez  <cdumez@apple.com>
1606
1607         Fix null handling for several HTMLTableElement attributes
1608         https://bugs.webkit.org/show_bug.cgi?id=160041
1609
1610         Reviewed by Ryosuke Niwa.
1611
1612         Fix null handling for several HTMLTableElement attributes to match the
1613         specification:
1614         - https://html.spec.whatwg.org/#HTMLTableElement-partial
1615
1616         The attributes in question are 'bicolor', 'cellSpacing' and
1617         'cellPadding'. We are supposed to treat null as the empty string for
1618         these attributes.
1619
1620         Firefox and Chrome both agree with the specification.
1621
1622         No new tests, rebaselined existing tests.
1623
1624         * html/HTMLTableElement.idl:
1625
1626 2016-07-21  Chris Dumez  <cdumez@apple.com>
1627
1628         Fix null handling for HTMLObjectElement.border
1629         https://bugs.webkit.org/show_bug.cgi?id=160040
1630
1631         Reviewed by Ryosuke Niwa.
1632
1633         Fix null handling for HTMLObjectElement.border to match the specification:
1634         - https://html.spec.whatwg.org/#HTMLObjectElement-partial
1635
1636         We are supposed to treat null as the empty string.
1637
1638         Both Firefox and Chrome agree with the specification.
1639
1640         No new tests, rebaselined existing tests.
1641
1642         * html/HTMLObjectElement.idl:
1643
1644 2016-07-21  Chris Dumez  <cdumez@apple.com>
1645
1646         Fix null handling for td.bgColor / tr.bgColor
1647         https://bugs.webkit.org/show_bug.cgi?id=160043
1648
1649         Reviewed by Ryosuke Niwa.
1650
1651         Fix null handling for td.bgColor / tr.bgColor to match the
1652         specification:
1653         - https://html.spec.whatwg.org/#HTMLTableCellElement-partial
1654         - https://html.spec.whatwg.org/#HTMLTableRowElement-partial
1655
1656         We are supposed to treat null as the empty string.
1657
1658         Firefox and Chrome both agree with the specification.
1659
1660         No new tests, rebaselined existing tests.
1661
1662         * html/HTMLTableCellElement.idl:
1663         * html/HTMLTableRowElement.idl:
1664
1665 2016-07-21  Chris Dumez  <cdumez@apple.com>
1666
1667         Fix null handling for several HTMLBodyElement attributes
1668         https://bugs.webkit.org/show_bug.cgi?id=160044
1669
1670         Reviewed by Ryosuke Niwa.
1671
1672         Fix null handling for several HTMLBodyElement attributes to match the
1673         specification:
1674         - https://html.spec.whatwg.org/#HTMLBodyElement-partial
1675
1676         The attributes in question are: 'text', 'link', 'vlink', 'alink' and
1677         'bgcolor'.
1678
1679         We are supposed to treat null as the empty string for these attributes.
1680
1681         Firefox and Chrome both agree with the specification.
1682
1683         No new tests, rebaselined existing tests.
1684
1685         * html/HTMLBodyElement.idl:
1686
1687 2016-07-21  Chris Dumez  <cdumez@apple.com>
1688
1689         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight
1690         https://bugs.webkit.org/show_bug.cgi?id=160037
1691
1692         Reviewed by Ryosuke Niwa.
1693
1694         Fix null handling for HTMLIFrameElement.marginWidth / marginHeight to
1695         match the specification:
1696         - https://html.spec.whatwg.org/#HTMLIFrameElement-partial
1697
1698         We are supposed to treat null as the empty string. Both Firefox and
1699         Chrome agree with the specification.
1700
1701         No new tests, rebaselined existing tests.
1702
1703         * html/HTMLIFrameElement.idl:
1704
1705 2016-07-21  Chris Dumez  <cdumez@apple.com>
1706
1707         Fix null handling for HTMLImageElement.border
1708         https://bugs.webkit.org/show_bug.cgi?id=160039
1709
1710         Reviewed by Ryosuke Niwa.
1711
1712         Fix null handling for HTMLImageElement.border to match the specification:
1713         - https://html.spec.whatwg.org/#HTMLImageElement-partial
1714
1715         We are supposed to treat null as the empty string.
1716
1717         Both Firefox and Chrome agree with the specification.
1718
1719         No new tests, rebaselined existing tests.
1720
1721         * html/HTMLImageElement.idl:
1722
1723 2016-07-21  Daniel Bates  <dabates@apple.com>
1724
1725         REGRESSION: Plugin replaced YouTube Flash videos always have the same width
1726         https://bugs.webkit.org/show_bug.cgi?id=159998
1727         <rdar://problem/27462285>
1728
1729         Reviewed by Simon Fraser.
1730
1731         Fixes an issue where the width of a plugin replaced YouTube video loaded via an HTML embed
1732         element would always have the same width regardless of value of the width attribute.
1733
1734         For YouTube Flash videos the YouTube plugin replacement substitutes a shadow DOM subtree
1735         for the default renderer of an HTML embed element. The root of this shadow DOM subtree
1736         is an HTML div element. Currently we set inline styles on this <div> when it is instantiated.
1737         In particular, we set inline display and position to "inline-block" and "relative", respectively,
1738         and set an invalid height and width (we specify a font weight value instead of a CSS length value
1739         - this causes an ASSERT_NOT_REACHED() assertion failure in StyleBuilderConverter::convertLengthSizing()
1740         in a debug build). These styles never worked as intended and we ultimately created an inline
1741         renderer (ignoring display "inline-block") that had auto width and height. Instead it is sufficient
1742         to remove all these inline styles and create a RenderBlockFlow renderer for this <div> so that it
1743         renders as a block, non-replaced element to achieve the intended illusion that the <embed> is a
1744         single element.
1745
1746         * html/shadow/YouTubeEmbedShadowElement.cpp: Remove unused header HTMLEmbedElement.h and include
1747         header RenderBlockFlow.h. Also update copyright in license block.
1748         (WebCore::YouTubeEmbedShadowElement::YouTubeEmbedShadowElement): Remove inline styles as these
1749         never worked as intended.
1750         (WebCore::YouTubeEmbedShadowElement::createElementRenderer): Override; create a block-flow
1751         renderer for us so that we layout as a block, non-replaced element.
1752         * html/shadow/YouTubeEmbedShadowElement.h:
1753
1754 2016-07-21  Myles C. Maxfield  <mmaxfield@apple.com>
1755
1756         [iPhone] Playing a video on tudou.com plays only sound, no video
1757         https://bugs.webkit.org/show_bug.cgi?id=159967
1758         <rdar://problem/26964090>
1759
1760         Reviewed by Jon Lee, Jeremy Jones, and Anders Carlsson.
1761
1762         WebKit recently starting honoring the playsinline and webkit-playsinline
1763         attribute on iPhones. However, because these attributes previously did
1764         nothing, some sites (such as Todou) were setting them on their content
1765         and expecting that they are not honored. In this specific case, the
1766         video is absolutely positioned to be 1 pixel x 1 pixel.
1767
1768         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
1769         property on their WKWebView, which would honor the webkit-playsinline
1770         attribute. Safari on iPhones didn't do this.
1771
1772         In order to not break these existing apps, it's important that the
1773         allowsInlineMediaPlayback preference still allows webkit-playsinline
1774         videos to play inline in apps using WKWebView. However, in Safari, these
1775         videos should play fullscreen. (Todou videos have webkit-playsinline
1776         but not playsinline.)
1777
1778         Therefore, in Safari, videos with playsinline should be inline, but
1779         videos with webkit-playsinline should be fullscreen. In apps using
1780         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
1781         playsinline should be inline, and videos with webkit-playsinline should
1782         also be inline. Videos on iPad and Mac should all be inline by default.
1783
1784         We can create some truth tables for the cases which need to be covered:
1785
1786         All apps on Mac / iPad:
1787         Presence of playsinline | Presence of webkit-playsinline | Result
1788         ========================|================================|===========
1789         Not present             | Not present                    | Inline
1790         Present                 | Not present                    | Inline
1791         Not Present             | Present                        | Inline
1792         Present                 | Present                        | Inline
1793
1794         Safari on iPhone:
1795         Presence of playsinline | Presence of webkit-playsinline | Result
1796         ========================|================================|===========
1797         Not present             | Not present                    | Fullscreen
1798         Present                 | Not present                    | Inline
1799         Not Present             | Present                        | Fullscreen
1800         Present                 | Present                        | Inline
1801
1802         App on iPhone which sets allowsInlineMediaPlayback:
1803         Presence of playsinline | Presence of webkit-playsinline | Result
1804         ========================|================================|===========
1805         Not present             | Not present                    | Fullscreen
1806         Present                 | Not present                    | Inline
1807         Not Present             | Present                        | Inline
1808         Present                 | Present                        | Inline
1809
1810         The way to distinguish Safari from another app is to create an SPI
1811         boolean preference which Safari can set. This is already how the
1812         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
1813         which Safari sets but other apps don't. However, this preference is
1814         no longer sufficient because Safari should now be discriminating
1815         between the playsinline and webkit-playsinline attributes. Therefore,
1816         this preference should be extended to two boolean preferences, which
1817         this patch adds:
1818
1819         allowsInlineMediaPlaybackWithPlaysInlineAttribute
1820         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
1821
1822         Safari on iPhone will set
1823         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
1824         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
1825         false. Other apps on iPhone will get their defaults values (because they
1826         are SPI) which means they will both be true. On iPad and Mac, apps will
1827         use the defaults values where both are false.
1828
1829         This patch adds support for these two preferences, but does not remove
1830         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
1831         I will remove the exising preference as soon as I update Safari to migrate
1832         off of it.
1833
1834         Test: media/video-playsinline.html
1835
1836         * html/MediaElementSession.cpp:
1837         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1838         * page/Settings.cpp:
1839         * page/Settings.in:
1840         * testing/InternalSettings.cpp:
1841         (WebCore::InternalSettings::Backup::Backup):
1842         (WebCore::InternalSettings::Backup::restoreTo):
1843         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
1844         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
1845         * testing/InternalSettings.h:
1846         * testing/InternalSettings.idl:
1847
1848 2016-07-21  Ryosuke Niwa  <rniwa@webkit.org>
1849
1850         Crash accessing null renderer inside WebCore::DeleteSelectionCommand::doApply
1851         https://bugs.webkit.org/show_bug.cgi?id=160011
1852
1853         Reviewed by Chris Dumez.
1854
1855         Add a null pointer check for renderer() call.
1856
1857         Unfortunately no new tests since we don't have a reproduction.
1858
1859         * editing/DeleteSelectionCommand.cpp:
1860         (WebCore::DeleteSelectionCommand::doApply):
1861
1862 2016-07-21  Chris Dumez  <cdumez@apple.com>
1863
1864         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1865         https://bugs.webkit.org/show_bug.cgi?id=160030
1866
1867         Reviewed by Sam Weinig.
1868
1869         The 2 first parameters to DOMImplementation.createDocument() should be mandatory
1870         as per the specification:
1871         - https://dom.spec.whatwg.org/#domimplementation
1872
1873         Firefox and Chrome both agree with the specification. However, those
1874         parameters were marked as optional in WebKit. Calling this function
1875         without parameters would create a document element whose tag is the
1876         string "undefined", which does not seem helpful. This patch thus
1877         aligns our behavior with the specification and other browsers.
1878
1879         No new tests, rebaselined existing tests.
1880
1881         * dom/DOMImplementation.idl:
1882
1883 2016-07-21  Chris Dumez  <cdumez@apple.com>
1884
1885         Kill legacy valueToStringWithNullCheck() utility function
1886         https://bugs.webkit.org/show_bug.cgi?id=159991
1887
1888         Reviewed by Sam Weinig.
1889
1890         Kill legacy valueToStringWithNullCheck() utility function. Treating null as
1891         a null string is legacy behavior so drop this function so that people are
1892         not tempted to use it. We should be using either:
1893         1. JSValue::toWTFString() for non-nullable DOMStrings
1894         2. valueToStringWithUndefinedOrNullCheck() for nullable DOMStrings
1895         3. valueToStringTreatingNullAsEmptyString() for strings with [TreatNullAs=EmptyString]
1896
1897         No new tests, no web-exposed behavior change.
1898
1899         * bindings/js/JSDOMBinding.cpp:
1900         (WebCore::valueToStringWithNullCheck): Deleted.
1901         * bindings/js/JSDOMBinding.h:
1902         * bindings/js/JSHTMLFrameElementCustom.cpp:
1903         (WebCore::JSHTMLFrameElement::setLocation):
1904         * html/HTMLFrameElement.idl:
1905
1906 2016-07-21  Zalan Bujtas  <zalan@apple.com>
1907
1908         Do not keep invalid IOSurface in ImageBufferData.
1909         https://bugs.webkit.org/show_bug.cgi?id=160005
1910         <rdar://problem/27208636>
1911
1912         Reviewed by Simon Fraser.
1913
1914         When we fail to initialize the IOSurface for the accelerated context, we switch over to
1915         the non-accelerated code path. Since ImageBufferData::surface is used to indicate whether
1916         the graphics context is in accelerated mode, we need to reset it when the initialization fails.
1917
1918         Unable to create a test case.
1919
1920         * platform/graphics/cg/ImageBufferCG.cpp:
1921         (WebCore::ImageBuffer::ImageBuffer):
1922
1923 2016-07-21  Chris Dumez  <cdumez@apple.com>
1924
1925         playsInline IDL attribute has the wrong casing
1926         https://bugs.webkit.org/show_bug.cgi?id=160029
1927         <rdar://problem/27474031>
1928
1929         Reviewed by Jon Lee.
1930
1931         Fix case from video.playsinline to video.playsInline in order to match
1932         the specification:
1933         - https://html.spec.whatwg.org/multipage/embedded-content.html#the-video-element:dom-video-playsinline
1934
1935         It still reflects the "playsinline" content attribute though, as per
1936         the specification:
1937         - https://html.spec.whatwg.org/multipage/embedded-content.html#dom-video-playsinline
1938
1939         No new tests, updated existing test.
1940
1941         * html/HTMLVideoElement.idl:
1942
1943 2016-07-21  Chris Dumez  <cdumez@apple.com>
1944
1945         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1946         https://bugs.webkit.org/show_bug.cgi?id=160026
1947
1948         Reviewed by Sam Weinig.
1949
1950         Drop [TreatNullAs=EmptyString] from CanvasRenderingContext2D.globalCompositeOperation
1951         attribute as it does not match the specification:
1952         - https://html.spec.whatwg.org/multipage/scripting.html#canvascompositing
1953
1954         It does not change web-exposed behavior because assigning to "" or "null"
1955         gets ignored as those are not valid operations.
1956
1957         Test: fast/canvas/context-globalCompositeOperation-null.html
1958
1959         * html/canvas/CanvasRenderingContext2D.idl:
1960
1961 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1962
1963         [GTK][Threaded Compositor] Overlay scrollbars shouldn't be a requirement of the threaded compositor
1964         https://bugs.webkit.org/show_bug.cgi?id=160020
1965
1966         Reviewed by Michael Catanzaro.
1967
1968         It has been a requirement only because we didn't really know why frame scrollbars were not rendered when using
1969         the threaded compositor. The reason is that RenderView doesn't use layers for FrameView scrollbars by default,
1970         unless using overlay scrollbars. When using the threaded compositor we really need layers for the FrameView
1971         scrollbars even when not using overlay scrollbars.
1972
1973         * platform/gtk/ScrollbarThemeGtk.cpp:
1974         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk): Stop enforcing overlay scrollbars when threaded compositor is enabled.
1975         * rendering/RenderLayerCompositor.cpp:
1976         (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls): Always use layers for scrollbars when
1977         threaded compositor is enabled.
1978
1979 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
1980
1981         [Cairo] Fix a crash in fast/canvas/canvas-getImageData-invalid-result-buffer-crash.html
1982         https://bugs.webkit.org/show_bug.cgi?id=160014
1983
1984         Reviewed by Michael Catanzaro.
1985
1986         In r202887 some null checks were added for JSArray::createUninitialized (and related) but not for the
1987         ImageBuffer cairo implementation.
1988
1989         * platform/graphics/cairo/ImageBufferCairo.cpp:
1990         (WebCore::getImageData): Return early if Uint8ClampedArray::createUninitialized() returns nullptr.
1991
1992 2016-07-21  Miguel Gomez  <magomez@igalia.com>
1993
1994         [GTK] The GSTREAMER_GL path in MediaPlayerPrivateGStreamerBase::paintToTextureMapper() is missing a mutex lock
1995         https://bugs.webkit.org/show_bug.cgi?id=160018
1996
1997         Reviewed by Philippe Normand.
1998
1999         Lock the video sample mutex while accessing it.
2000
2001         Covered by existent tests.
2002
2003         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2004         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
2005
2006 2016-07-21  Miguel Gomez  <magomez@igalia.com>
2007
2008         [Threaded Compositor] Flickering when zooming in/out in maps.google.com
2009         https://bugs.webkit.org/show_bug.cgi?id=154069
2010
2011         Reviewed by Carlos Garcia Campos.
2012
2013         Add a new extra buffer to GraphicsContext3D when using the Threaded Compositor,
2014         so it doesn't have to reuse the buffers that are still waiting for composition.
2015
2016         Covered by existing tests.
2017
2018         * platform/graphics/GraphicsContext3D.h:
2019         Add a new texture to use for the rendering. Remove the compositor fbo we were using.
2020         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
2021         (WebCore::GraphicsContext3D::GraphicsContext3D):
2022         Initialize the new texture and remove the previous fbo related code.
2023         (WebCore::GraphicsContext3D::~GraphicsContext3D):
2024         Properly destroy the new texture and remove the previous fbo related code.
2025         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
2026         (WebCore::GraphicsContext3D::reshapeFBOs):
2027         Allocate the new texture and remove the previous fbo allocation.
2028         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2029         (WebCore::GraphicsContext3D::prepareTexture):
2030         Use a single fbo with three textures instead of two fbos with a texture each.
2031         Rotate the three textures usage so:
2032         - m_texture becomes m_compositorTexture to be pushed to the compositor.
2033         - m_intermediateTexture becomes m_texture to receive the next rendering.
2034         - m_compositorTexture becomes m_intermediateTexture.
2035         And add a glFlush() to ensure that the gl commands are sent to the pipeline.
2036         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
2037         (WebCore::GraphicsContext3D::reshapeFBOs):
2038         Allocate the new texture.
2039
2040 2016-07-21  Carlos Garcia Campos  <cgarcia@igalia.com>
2041
2042         [GTK][Threaded Compositor] Web view background colors don't work
2043         https://bugs.webkit.org/show_bug.cgi?id=159465
2044
2045         Reviewed by Michael Catanzaro.
2046
2047         * rendering/RenderLayerBacking.cpp:
2048         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Initialize frame view layer opacity for platforms not
2049         using the tiled cache layer.
2050
2051 2016-07-20  Youenn Fablet  <youenn@apple.com>
2052
2053         [XHR] Cache response JS object in case of arraybuffer and blob response types
2054         https://bugs.webkit.org/show_bug.cgi?id=128903
2055
2056         Reviewed by Alex Christensen.
2057
2058         Covered by existing and modified tests.
2059
2060         Making response getter a JS builtin that caches response in @response private slot.
2061         Handling invalidation of cached response with @responseCacheIsValid new private method.
2062         Handling creation of cached response with @retrieveResponse new private method which reuses most of
2063         JSXMLHttpRequest::response previous code.
2064
2065         Caching of responses is activated whenever load ended without any error for blob and arraybuffer response types.
2066
2067         Caching of response for document is also activated in case the response getter is used but not if responseXML getter is used.
2068
2069         * CMakeLists.txt: Adding XMLHttpRequest.js.
2070         * DerivedSources.make: Ditto.
2071         * bindings/js/JSXMLHttpRequestCustom.cpp:
2072         (WebCore::JSXMLHttpRequest::retrieveResponse): Implements creation of to-be-cached response.
2073         (WebCore::JSXMLHttpRequest::response): Deleted.
2074         * bindings/js/WebCoreBuiltinNames.h: Adding new private names.
2075         * xml/XMLHttpRequest.cpp:
2076         (WebCore::XMLHttpRequest::didCacheResponse): Renamed from didCacheResponseJSON as all response types are now cached.
2077         (WebCore::XMLHttpRequest::didCacheResponseJSON): Deleted.
2078         * xml/XMLHttpRequest.h:
2079         * xml/XMLHttpRequest.idl:
2080
2081 2016-07-20  Youenn Fablet  <youenn@apple.com>
2082
2083         Remove crossOriginRequestPolicy from ThreadableLoaderOptions
2084         https://bugs.webkit.org/show_bug.cgi?id=159417
2085
2086         Reviewed by Alex Christensen.
2087
2088         No observable change.
2089
2090         * Modules/fetch/FetchLoader.cpp:
2091         (WebCore::FetchLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2092         * fileapi/FileReaderLoader.cpp:
2093         (WebCore::FileReaderLoader::start): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2094         * inspector/InspectorNetworkAgent.cpp:
2095         (WebCore::InspectorNetworkAgent::loadResource): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2096         * loader/DocumentThreadableLoader.cpp:
2097         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Ditto.
2098         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest): UseAccessControl -> FetchOptions::Mode::Cors.
2099         (WebCore::DocumentThreadableLoader::redirectReceived): Ditto.
2100         (WebCore::DocumentThreadableLoader::didReceiveResponse): Ditto.
2101         (WebCore::DocumentThreadableLoader::loadRequest): Use NoCors as option passed to ResourceLoader. This allows
2102         desactivating ResourceLoader CORS checks as they are done in DocumentThreadableLoader right now. In the future,
2103         these checks should be moved to ResourceLoader and DocumentThreadableLoader should directly pass the fetch mode
2104         option.
2105         (WebCore::DocumentThreadableLoader::isAllowedRedirect): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2106         * loader/ThreadableLoader.cpp:
2107         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Removing CrossOriginRequestPolicy.
2108         * loader/ThreadableLoader.h: Ditto.
2109         * loader/WorkerThreadableLoader.cpp:
2110         (WebCore::LoaderTaskOptions::LoaderTaskOptions): Ditto.
2111         * page/EventSource.cpp:
2112         (WebCore::EventSource::connect): UseAccessControl -> FetchOptions::Mode::Cors.
2113         * workers/Worker.cpp:
2114         (WebCore::Worker::create): DenyCrossOriginRequests -> FetchOptions::Mode::SameOrigin.
2115         * workers/WorkerGlobalScope.cpp:
2116         (WebCore::WorkerGlobalScope::importScripts): AllowCrossOriginRequests -> FetchOptions::Mode::NoCors.
2117         * workers/WorkerScriptLoader.cpp:
2118         (WebCore::WorkerScriptLoader::loadSynchronously):
2119         (WebCore::WorkerScriptLoader::loadAsynchronously):
2120         * workers/WorkerScriptLoader.h:
2121         * xml/XMLHttpRequest.cpp:
2122         (WebCore::XMLHttpRequest::createRequest):
2123
2124 2016-07-20  Chris Dumez  <cdumez@apple.com>
2125
2126         Fix null handling of several Document attributes
2127         https://bugs.webkit.org/show_bug.cgi?id=159997
2128
2129         Reviewed by Ryosuke Niwa.
2130
2131         Fix null handling of the following Document attributes: title, cookie
2132         and domain.
2133
2134         In WebKit, they were all marked as [TreatNullAs=EmptyString], which
2135         does not match the specification:
2136         - https://html.spec.whatwg.org/multipage/dom.html#document
2137
2138         Details for each attribute:
2139         - title: null is now treated as the string "null", thus setting the
2140           document title to "null". This matches Firefox and Chrome.
2141         - cookie: adds a "null" cookie instead of being a no-op. This matches
2142                   both Firefox and Chrome.
2143         - domain: Calls setDomain(String("null")) instead of
2144                   setDomain(String()). This throws an exception because "null"
2145                   is not a suffix of the effective domain name. The behavior
2146                   is the same in Firefox and Chrome. Previously, we were
2147                   already throwing an exception since setting the domain to
2148                   the empty string throws, as per the specification.
2149
2150         Test: http/tests//dom/document-attributes-null-handling.html
2151
2152         * dom/Document.idl:
2153
2154 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2155
2156         Unreviewed, rolling out r203471.
2157         https://bugs.webkit.org/show_bug.cgi?id=160003
2158
2159         many iOS-simulator tests are failing (Requested by litherum on
2160         #webkit).
2161
2162         Reverted changeset:
2163
2164         "[iPhone] Playing a video on tudou.com plays only sound, no
2165         video"
2166         https://bugs.webkit.org/show_bug.cgi?id=159967
2167         http://trac.webkit.org/changeset/203471
2168
2169 2016-07-19  Ryosuke Niwa  <rniwa@webkit.org>
2170
2171         iOS: Cannot paste images in RTF content
2172         https://bugs.webkit.org/show_bug.cgi?id=159964
2173         <rdar://problem/27442806>
2174
2175         Reviewed by Enrica Casucci.
2176
2177         The bug was caused by setDefersLoading(true) not deferring image loading for the parsed fragment.
2178         Worked around this bug by disabling image loading while parsing the document fragment.
2179
2180         * editing/ios/EditorIOS.mm:
2181         (WebCore::Editor::createFragmentAndAddResources):
2182
2183 2016-07-20  Brady Eidson  <beidson@apple.com>
2184
2185         Address a small FIXME in IDB code.
2186         https://bugs.webkit.org/show_bug.cgi?id=159999
2187
2188         Reviewed by Andy Estes.
2189
2190         No new tests (No behavior change).
2191
2192         * Modules/indexeddb/IDBRequest.cpp:
2193         (WebCore::IDBRequest::IDBRequest):
2194         
2195         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
2196         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier): Deleted.
2197         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
2198
2199 2016-07-20  Brady Eidson  <beidson@apple.com>
2200
2201         Remove some "modernFoo"s from IndexedDB code.
2202         https://bugs.webkit.org/show_bug.cgi?id=159985
2203
2204         Reviewed by Andy Estes.
2205
2206         No new tests (No known behavior change).
2207
2208         * Modules/indexeddb/IDBCursor.cpp:
2209         (WebCore::IDBCursor::IDBCursor):
2210         (WebCore::IDBCursor::~IDBCursor):
2211         (WebCore::IDBCursor::sourcesDeleted):
2212         (WebCore::IDBCursor::effectiveObjectStore):
2213         (WebCore::IDBCursor::transaction):
2214         (WebCore::IDBCursor::direction):
2215         (WebCore::IDBCursor::update):
2216         (WebCore::IDBCursor::advance):
2217         (WebCore::IDBCursor::continueFunction):
2218         (WebCore::IDBCursor::uncheckedIterateCursor):
2219         (WebCore::IDBCursor::deleteFunction):
2220         (WebCore::IDBCursor::setGetResult):
2221         
2222         * Modules/indexeddb/IDBIndex.cpp:
2223         (WebCore::IDBIndex::IDBIndex):
2224         (WebCore::IDBIndex::~IDBIndex):
2225         (WebCore::IDBIndex::hasPendingActivity):
2226         (WebCore::IDBIndex::name):
2227         (WebCore::IDBIndex::objectStore):
2228         (WebCore::IDBIndex::keyPath):
2229         (WebCore::IDBIndex::unique):
2230         (WebCore::IDBIndex::multiEntry):
2231         (WebCore::IDBIndex::openCursor):
2232         (WebCore::IDBIndex::doCount):
2233         (WebCore::IDBIndex::openKeyCursor):
2234         (WebCore::IDBIndex::doGet):
2235         (WebCore::IDBIndex::doGetKey):
2236         (WebCore::IDBIndex::markAsDeleted):
2237         * Modules/indexeddb/IDBIndex.h:
2238         
2239         * Modules/indexeddb/IDBObjectStore.cpp:
2240         (WebCore::IDBObjectStore::transaction):
2241         (WebCore::IDBObjectStore::deleteFunction): Deleted.
2242         (WebCore::IDBObjectStore::modernDelete): Deleted.
2243         * Modules/indexeddb/IDBObjectStore.h:
2244         
2245         * bindings/js/JSIDBIndexCustom.cpp:
2246         (WebCore::JSIDBIndex::visitAdditionalChildren):
2247
2248 2016-07-20  Chris Dumez  <cdumez@apple.com>
2249
2250         Stop using valueToStringWithNullCheck() in JSCSSStyleDeclaration::putDelegate()
2251         https://bugs.webkit.org/show_bug.cgi?id=159982
2252
2253         Reviewed by Ryosuke Niwa.
2254
2255         valueToStringWithNullCheck() treats null as the null String() which is
2256         legacy / non standard behavior. The specification says we should treat
2257         null as the empty string:
2258         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2259
2260         Therefore, we should be using valueToStringTreatingNullAsEmptyString() instead.
2261
2262         In practice, there is no web-exposed behavior change because
2263         MutableStyleProperties::setProperty() removes the property wether the
2264         value is the null String or the empty String.
2265
2266         This behavior is correct since the specification says that we should
2267         remove the property if the value is the empty string:
2268         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty (step 4)
2269
2270         I added test coverage to make sure we behave according to specification.
2271         This test is passing in Firefox, Chrome and in WebKit (before and after
2272         my change).
2273
2274         Test: fast/css/CSSStyleDeclaration-property-setter.html
2275
2276         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
2277         (WebCore::JSCSSStyleDeclaration::putDelegate):
2278
2279 2016-07-20  Chris Dumez  <cdumez@apple.com>
2280
2281         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
2282         https://bugs.webkit.org/show_bug.cgi?id=159987
2283
2284         Reviewed by Ryosuke Niwa.
2285
2286         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
2287         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
2288
2289         We are supposed to treat null as the empty string but we treat it as
2290         the string "null".
2291
2292         Firefox and Chrome both match the specification.
2293
2294         No new tests, updated existing tests.
2295
2296         * html/HTMLFrameElement.idl:
2297
2298 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2299
2300         Pausing autoplayed media should not remove all restrictions for that media element
2301         https://bugs.webkit.org/show_bug.cgi?id=159988
2302
2303         Reviewed by Jon Lee.
2304
2305         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
2306         autoplaying video to just affect the hiding or showing of the media controller. This
2307         prevents pages from using Javascript to start playing autoplaying videos that have
2308         been paused by the user.
2309
2310         * html/HTMLMediaElement.cpp:
2311         (WebCore::HTMLMediaElement::pause):
2312
2313 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
2314
2315         [iPhone] Playing a video on tudou.com plays only sound, no video
2316         https://bugs.webkit.org/show_bug.cgi?id=159967
2317         <rdar://problem/26964090>
2318
2319         Reviewed by Jon Lee.
2320
2321         WebKit recently starting honoring the playsinline and webkit-playsinline
2322         attribute on iPhones. However, because these attributes previously did
2323         nothing, some sites (such as Todou) were setting them on their content
2324         and expecting that they are not honored. In this specific case, the
2325         video is absolutely positioned to be 1 pixel x 1 pixel.
2326
2327         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
2328         property on their WKWebView, which would honor the webkit-playsinline
2329         attribute. Safari on iPhones didn't do this.
2330
2331         In order to not break these existing apps, it's important that the
2332         allowsInlineMediaPlayback preference still allows webkit-playsinline
2333         videos to play inline in apps using WKWebView. However, in Safari, these
2334         videos should play fullscreen. (Todou videos have webkit-playsinline
2335         but not playsinline.)
2336
2337         Therefore, in Safari, videos with playsinline should be inline, but
2338         videos with webkit-playsinline should be fullscreen. In apps using
2339         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
2340         playsinline should be inline, and videos with webkit-playsinline should
2341         also be inline. Videos on iPad and Mac should all be inline by default.
2342
2343         We can create some truth tables for the cases which need to be covered:
2344
2345         All apps on Mac / iPad:
2346         Presence of playsinline | Presence of webkit-playsinline | Result
2347         ========================|================================|===========
2348         Not present             | Not present                    | Inline
2349         Present                 | Not present                    | Inline
2350         Not Present             | Present                        | Inline
2351         Present                 | Present                        | Inline
2352
2353         Safari on iPhone:
2354         Presence of playsinline | Presence of webkit-playsinline | Result
2355         ========================|================================|===========
2356         Not present             | Not present                    | Fullscreen
2357         Present                 | Not present                    | Inline
2358         Not Present             | Present                        | Fullscreen
2359         Present                 | Present                        | Inline
2360
2361         App on iPhone which sets allowsInlineMediaPlayback:
2362         Presence of playsinline | Presence of webkit-playsinline | Result
2363         ========================|================================|===========
2364         Not present             | Not present                    | Fullscreen
2365         Present                 | Not present                    | Inline
2366         Not Present             | Present                        | Inline
2367         Present                 | Present                        | Inline
2368
2369         The way to distinguish Safari from another app is to create an SPI
2370         boolean preference which Safari can set. This is already how the
2371         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
2372         which Safari sets but other apps don't. However, this preference is
2373         no longer sufficient because Safari should now be discriminating
2374         between the playsinline and webkit-playsinline attributes. Therefore,
2375         this preference should be extended to two boolean preferences, which
2376         this patch adds:
2377
2378         allowsInlineMediaPlaybackWithPlaysInlineAttribute
2379         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
2380
2381         Safari on iPhone will set
2382         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
2383         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
2384         false. Other apps on iPhone will get their defaults values (because they
2385         are SPI) which means they will both be true. On iPad and Mac, apps will
2386         use the defaults values where both are false.
2387
2388         This patch adds support for these two preferences, but does not remove
2389         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
2390         I will remove the exising preference as soon as I update Safari to migrate
2391         off of it.
2392
2393         Test: media/video-playsinline.html
2394
2395         * html/MediaElementSession.cpp:
2396         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
2397         * page/Settings.cpp:
2398         * page/Settings.in:
2399         * testing/InternalSettings.cpp:
2400         (WebCore::InternalSettings::Backup::Backup):
2401         (WebCore::InternalSettings::Backup::restoreTo):
2402         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
2403         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
2404         * testing/InternalSettings.h:
2405         * testing/InternalSettings.idl:
2406
2407 2016-07-20  Chris Dumez  <cdumez@apple.com>
2408
2409         Get rid of custom bindings code for XMLHttpRequest.open()
2410         https://bugs.webkit.org/show_bug.cgi?id=159984
2411
2412         Reviewed by Ryosuke Niwa.
2413
2414         Get rid of custom bindings code for XMLHttpRequest.open() as the
2415         bindings generator is able to generate it.
2416
2417         Relevant specification:
2418         - https://xhr.spec.whatwg.org/#xmlhttprequest
2419
2420         The issue is that legacy content prevents treating the 'async' argument
2421         being undefined identical from it being omitted. However, this can be
2422         achieved by using overloading in IDL, like in the specification.
2423
2424         No new tests, already covered by the following tests:
2425         - http/tests/xmlhttprequest/basic-auth.html
2426         - http/tests/xmlhttprequest/open-async-overload.html
2427
2428         * bindings/js/JSXMLHttpRequestCustom.cpp:
2429         (WebCore::SendFunctor::SendFunctor): Deleted.
2430         (WebCore::SendFunctor::line): Deleted.
2431         (WebCore::SendFunctor::column): Deleted.
2432         (WebCore::SendFunctor::url): Deleted.
2433         (WebCore::SendFunctor::operator()): Deleted.
2434         * xml/XMLHttpRequest.cpp:
2435         (WebCore::XMLHttpRequest::open):
2436         * xml/XMLHttpRequest.h:
2437         * xml/XMLHttpRequest.idl:
2438
2439 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
2440
2441         Mark overriden methods in WebCore/svg final classes as final
2442         https://bugs.webkit.org/show_bug.cgi?id=159966
2443
2444         Reviewed by Michael Catanzaro.
2445
2446         Update WebCore/svg classes so that overriden methods in final classes are marked final.
2447
2448         * svg/SVGAElement.h:
2449         * svg/SVGAltGlyphDefElement.h:
2450         * svg/SVGAltGlyphItemElement.h:
2451         * svg/SVGAnimateTransformElement.h:
2452         * svg/SVGAnimatedColor.h:
2453         * svg/SVGCircleElement.h:
2454         * svg/SVGClipPathElement.h:
2455         * svg/SVGCursorElement.h:
2456         * svg/SVGDefsElement.h:
2457         * svg/SVGDescElement.h:
2458         * svg/SVGEllipseElement.h:
2459         * svg/SVGFEMergeNodeElement.h:
2460         * svg/SVGFilterElement.h:
2461         * svg/SVGFontElement.h:
2462         * svg/SVGFontFaceElement.h:
2463         * svg/SVGFontFaceFormatElement.h:
2464         * svg/SVGFontFaceNameElement.h:
2465         * svg/SVGFontFaceSrcElement.h:
2466         * svg/SVGFontFaceUriElement.h:
2467         * svg/SVGForeignObjectElement.h:
2468         * svg/SVGGElement.h:
2469         * svg/SVGGlyphElement.h:
2470         * svg/SVGGlyphRefElement.h:
2471         * svg/SVGHKernElement.h:
2472         * svg/SVGImageElement.h:
2473         * svg/SVGLineElement.h:
2474         * svg/SVGMPathElement.h:
2475         * svg/SVGMaskElement.h:
2476         * svg/SVGMetadataElement.h:
2477         * svg/SVGMissingGlyphElement.h:
2478         * svg/SVGPathBuilder.h:
2479         * svg/SVGPathByteStreamBuilder.h:
2480         * svg/SVGPathByteStreamSource.h:
2481         * svg/SVGPathElement.h:
2482         * svg/SVGPathSegArcAbs.h:
2483         * svg/SVGPathSegArcRel.h:
2484         * svg/SVGPathSegClosePath.h:
2485         * svg/SVGPathSegCurvetoCubicAbs.h:
2486         * svg/SVGPathSegCurvetoCubicRel.h:
2487         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
2488         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
2489         * svg/SVGPathSegCurvetoQuadraticAbs.h:
2490         * svg/SVGPathSegCurvetoQuadraticRel.h:
2491         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
2492         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
2493         * svg/SVGPathSegLinetoAbs.h:
2494         * svg/SVGPathSegLinetoHorizontalAbs.h:
2495         * svg/SVGPathSegLinetoHorizontalRel.h:
2496         * svg/SVGPathSegLinetoRel.h:
2497         * svg/SVGPathSegLinetoVerticalAbs.h:
2498         * svg/SVGPathSegLinetoVerticalRel.h:
2499         * svg/SVGPathSegListBuilder.h:
2500         * svg/SVGPathSegListSource.h:
2501         * svg/SVGPathSegMovetoAbs.h:
2502         * svg/SVGPathSegMovetoRel.h:
2503         * svg/SVGPathStringSource.h:
2504         * svg/SVGPathTraversalStateBuilder.h:
2505         * svg/SVGPatternElement.h:
2506         * svg/SVGRectElement.h:
2507         * svg/SVGScriptElement.h:
2508         * svg/SVGStopElement.h:
2509         * svg/SVGStyleElement.h:
2510         * svg/SVGSwitchElement.h:
2511         * svg/SVGTRefElement.cpp:
2512         * svg/SVGTitleElement.h:
2513         * svg/SVGToOTFFontConversion.cpp:
2514         * svg/SVGUnknownElement.h:
2515         * svg/SVGVKernElement.h:
2516         * svg/SVGViewElement.h:
2517         * svg/SVGZoomEvent.h:
2518         * svg/animation/SVGSMILElement.cpp:
2519         * svg/graphics/SVGImage.h:
2520         * svg/graphics/SVGImageClients.h:
2521         * svg/graphics/SVGImageForContainer.h:
2522         * svg/graphics/filters/SVGFEImage.h:
2523         * svg/graphics/filters/SVGFilter.h:
2524         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
2525         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
2526         * svg/properties/SVGAnimatedPropertyTearOff.h:
2527         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
2528         * svg/properties/SVGMatrixTearOff.h:
2529         * svg/properties/SVGPathSegListPropertyTearOff.h:
2530
2531 2016-07-20  Brady Eidson  <beidson@apple.com>
2532
2533         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
2534         https://bugs.webkit.org/show_bug.cgi?id=159975
2535
2536         Reviewed by Alex Christensen.
2537
2538         No new tests (No known behavior change).
2539
2540         * Modules/indexeddb/IDBCursor.cpp:
2541         (WebCore::IDBCursor::continueFunction):
2542         (WebCore::IDBCursor::deleteFunction):
2543         * Modules/indexeddb/IDBCursor.h:
2544         * Modules/indexeddb/IDBCursor.idl:
2545
2546         * Modules/indexeddb/IDBDatabase.idl:
2547
2548         * Modules/indexeddb/IDBFactory.cpp:
2549         (WebCore::IDBFactory::cmp):
2550         * Modules/indexeddb/IDBFactory.h:
2551         * Modules/indexeddb/IDBFactory.idl:
2552
2553         * Modules/indexeddb/IDBIndex.cpp:
2554         (WebCore::IDBIndex::openCursor):
2555         (WebCore::IDBIndex::count):
2556         (WebCore::IDBIndex::doCount):
2557         (WebCore::IDBIndex::openKeyCursor):
2558         (WebCore::IDBIndex::get):
2559         (WebCore::IDBIndex::doGet):
2560         (WebCore::IDBIndex::getKey):
2561         (WebCore::IDBIndex::doGetKey):
2562         * Modules/indexeddb/IDBIndex.h:
2563         * Modules/indexeddb/IDBIndex.idl:
2564
2565         * Modules/indexeddb/IDBKeyRange.cpp:
2566         (WebCore::IDBKeyRange::only): Deleted.
2567         * Modules/indexeddb/IDBKeyRange.h:
2568
2569         * Modules/indexeddb/IDBObjectStore.cpp:
2570         (WebCore::IDBObjectStore::openCursor):
2571         (WebCore::IDBObjectStore::get):
2572         (WebCore::IDBObjectStore::putOrAdd):
2573         (WebCore::IDBObjectStore::deleteFunction):
2574         (WebCore::IDBObjectStore::doDelete):
2575         (WebCore::IDBObjectStore::modernDelete):
2576         (WebCore::IDBObjectStore::clear):
2577         (WebCore::IDBObjectStore::createIndex):
2578         (WebCore::IDBObjectStore::count):
2579         (WebCore::IDBObjectStore::doCount):
2580         * Modules/indexeddb/IDBObjectStore.h:
2581         * Modules/indexeddb/IDBObjectStore.idl:
2582
2583         * Modules/indexeddb/IDBTransaction.cpp:
2584         (WebCore::IDBTransaction::requestOpenCursor):
2585         (WebCore::IDBTransaction::doRequestOpenCursor):
2586         (WebCore::IDBTransaction::requestGetRecord):
2587         (WebCore::IDBTransaction::requestGetValue):
2588         (WebCore::IDBTransaction::requestGetKey):
2589         (WebCore::IDBTransaction::requestIndexRecord):
2590         (WebCore::IDBTransaction::requestCount):
2591         (WebCore::IDBTransaction::requestDeleteRecord):
2592         (WebCore::IDBTransaction::requestClearObjectStore):
2593         (WebCore::IDBTransaction::requestPutOrAdd):
2594         * Modules/indexeddb/IDBTransaction.h:
2595
2596         * inspector/InspectorIndexedDBAgent.cpp:
2597
2598 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
2599
2600         Media controls don't appear when pausing a small autoplaying video
2601         https://bugs.webkit.org/show_bug.cgi?id=159972
2602         <rdar://problem/27180657>
2603
2604         Reviewed by Beth Dakin.
2605
2606         When pausing an autoplaying video, remove behavior restrictions for the
2607         initial user gesture and show media controls.
2608
2609         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
2610
2611         * html/HTMLMediaElement.cpp:
2612         (WebCore::HTMLMediaElement::pause):
2613
2614 2016-07-20  Chris Dumez  <cdumez@apple.com>
2615
2616         Fix null handling of HTMLMediaElement.mediaGroup
2617         https://bugs.webkit.org/show_bug.cgi?id=159974
2618
2619         Reviewed by Eric Carlson.
2620
2621         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
2622         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
2623
2624         null is supposed to be treated as the String "null". This patch aligns
2625         our behavior with the specification. I tested Firefox and Chrome but both
2626         do not have this attribute on HTMLMediaElement.
2627
2628         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
2629         generator as HTMLMediaElement.mediaGroup was the last user.
2630
2631         No new tests, rebaselined existing test.
2632
2633         * bindings/scripts/CodeGeneratorJS.pm:
2634         (JSValueToNative):
2635         * bindings/scripts/IDLAttributes.txt:
2636         * html/HTMLMediaElement.idl:
2637
2638 2016-07-20  Chris Dumez  <cdumez@apple.com>
2639
2640         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
2641         https://bugs.webkit.org/show_bug.cgi?id=159959
2642
2643         Reviewed by Alexey Proskuryakov.
2644
2645         CSSStyleDeclaration.setProperty() should be able to unsert "important"
2646         on a property as per the latest specification:
2647         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
2648         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
2649
2650         Firefox and Chrome match the specification here but WebKit was ignoring calls
2651         to setProperty() if there is already an "important" property wit this name
2652         and if the new property does not have the "important" flag set.
2653
2654         This behavior was added a long time ago via Bug 60007. However, it does not
2655         match the latest specification or other browsers.
2656
2657         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
2658
2659         * css/StyleProperties.cpp:
2660         (WebCore::MutableStyleProperties::addParsedProperty):
2661         Drop code that was added via Bug 60007 as this behavior no longer matches the
2662         specification or other browsers. The layout test added in Bug 60007 fails in
2663         other browsers and was updated in this patch to match the specification.
2664
2665 2016-07-20  Commit Queue  <commit-queue@webkit.org>
2666
2667         Unreviewed, rolling out r203423.
2668         https://bugs.webkit.org/show_bug.cgi?id=159977
2669
2670         The test for this change is failing on Mac Release WK2
2671         (Requested by ryanhaddad on #webkit).
2672
2673         Reverted changeset:
2674
2675         "HTMLVideoElement frames do not update on iOS when src is a
2676         MediaStream blob"
2677         https://bugs.webkit.org/show_bug.cgi?id=159833
2678         http://trac.webkit.org/changeset/203423
2679
2680 2016-07-20  Chris Dumez  <cdumez@apple.com>
2681
2682         Fix null handling of HTMLSelectElement.value attribute
2683         https://bugs.webkit.org/show_bug.cgi?id=159925
2684
2685         Reviewed by Benjamin Poulain.
2686
2687         Fix null handling of HTMLSelectElement.value attribute:
2688         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
2689
2690         We were treating null as the null String which would end up setting
2691         selectedIndex to -1. However, we should treat null as the String "null"
2692         which would set the selectedIndex to the index of the <option> element
2693         whose value is "null".
2694
2695         Firefox and Chrome match the specification.
2696
2697         Test: fast/dom/HTMLSelectElement/value-null-handling.html
2698
2699         * html/HTMLSelectElement.cpp:
2700         (WebCore::HTMLSelectElement::setValue):
2701         * html/HTMLSelectElement.idl:
2702
2703 2016-07-20  Chris Dumez  <cdumez@apple.com>
2704
2705         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
2706         https://bugs.webkit.org/show_bug.cgi?id=159962
2707         <rdar://problem/21439264>
2708
2709         Reviewed by David Kilzer.
2710
2711         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
2712         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
2713         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
2714         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
2715         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
2716         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
2717         ResourceLoadSuspender object is alive.
2718
2719         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
2720         the style resolver.
2721
2722         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
2723         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
2724         is better because it manages a resolutionNestingDepth counter internally to make sure
2725         it only calls LoaderStrategy::resumePendingRequests() once all
2726         PostResolutionCallbackDisabler instances are destroyed.
2727
2728         No new tests, there is no easy way to reproduce the crashes.
2729
2730         * dom/Document.cpp:
2731         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
2732         * loader/LoaderStrategy.cpp:
2733         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
2734         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
2735         * loader/LoaderStrategy.h:
2736
2737 2016-07-19  Youenn Fablet  <youenn@apple.com>
2738
2739         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
2740         https://bugs.webkit.org/show_bug.cgi?id=159932
2741
2742         Reviewed by Alex Christensen.
2743
2744         Covered by existing tests.
2745
2746         Refactoring Headers initializeWith to use the new built-in internal that implements
2747         https://fetch.spec.whatwg.org/#concept-headers-fill.
2748
2749         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
2750         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
2751
2752         * CMakeLists.txt: Adding FetchHeadersInternals.js
2753         * DerivedSources.make: Ditto.
2754         * Modules/fetch/FetchHeaders.js:
2755         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
2756         * Modules/fetch/FetchInternals.js: Added.
2757         (fillFetchHeaders):
2758         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
2759         that the checks are done in the order defined by the spec.
2760         (WebCore::FetchResponse::setStatus):
2761         (WebCore::FetchResponse::initializeWith):
2762         (WebCore::isNullBodyStatus): Deleted.
2763         * Modules/fetch/FetchResponse.h:
2764         * Modules/fetch/FetchResponse.idl:
2765         * Modules/fetch/FetchResponse.js:
2766         (initializeFetchResponse): New built-in internal.
2767         * WebCore.xcodeproj/project.pbxproj:
2768         * bindings/js/WebCoreBuiltinNames.h:
2769
2770 2016-07-19  Chris Dumez  <cdumez@apple.com>
2771
2772         Fix null handling of SVGScriptElement.type attribute
2773         https://bugs.webkit.org/show_bug.cgi?id=159927
2774
2775         Reviewed by Benjamin Poulain.
2776
2777         Fix null handling of SVGScriptElement.type attribute:
2778         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
2779
2780         We were treating null as the null String which would end up removing
2781         the 'type' content attribute. However, we should treat null as the
2782         String "null".
2783
2784         Firefox and Chrome match the specification.
2785
2786         No new tests, updated existing test.
2787
2788         * svg/SVGScriptElement.idl:
2789
2790 2016-07-19  Chris Dumez  <cdumez@apple.com>
2791
2792         Fix null handling of several HTMLDocument attributes
2793         https://bugs.webkit.org/show_bug.cgi?id=159923
2794
2795         Reviewed by Benjamin Poulain.
2796
2797         Fix null handling of several HTMLDocument attributes:
2798         - https://html.spec.whatwg.org/multipage/dom.html#document
2799         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
2800
2801         In particular, null handling was incorrect in WebKit for 'dir',
2802         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
2803
2804         Firefox and Chrome match the specification.
2805
2806         Test: fast/dom/HTMLDocument/null-handling.html
2807
2808         * html/HTMLDocument.idl:
2809
2810 2016-07-19  Chris Dumez  <cdumez@apple.com>
2811
2812         Document.createElementNS() / createAttributeNS() parameters should be mandatory
2813         https://bugs.webkit.org/show_bug.cgi?id=159938
2814
2815         Reviewed by Benjamin Poulain.
2816
2817         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
2818         - https://dom.spec.whatwg.org/#document
2819
2820         They were optional in WebKit. However, Firefox and Chrome both match the
2821         specification.
2822
2823         No new tests, rebaselined existing tests.
2824
2825         * dom/Document.idl:
2826
2827 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
2828
2829         Use getElementById for attribute matching if the attribute name is html's id
2830         https://bugs.webkit.org/show_bug.cgi?id=159960
2831
2832         Reviewed by Chris Dumez.
2833
2834         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
2835         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
2836
2837         If we are not in quirks mode, IdForStyleResolution has the same value
2838         as the Id attribute. We can use the same optimization for both cases.
2839
2840         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
2841                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
2842
2843         * dom/SelectorQuery.cpp:
2844         (WebCore::canBeUsedForIdFastPath):
2845         (WebCore::findIdMatchingType):
2846         (WebCore::SelectorDataList::SelectorDataList):
2847         (WebCore::selectorForIdLookup):
2848         (WebCore::filterRootById):
2849
2850 2016-07-19  Chris Dumez  <cdumez@apple.com>
2851
2852         Drop SVGElement.xmlbase attribute
2853         https://bugs.webkit.org/show_bug.cgi?id=159926
2854
2855         Reviewed by Benjamin Poulain.
2856
2857         Drop SVGElement.xmlbase attribute as it is no longer part of the
2858         specification:
2859         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
2860
2861         Both Firefox and Chrome have already dropped support for
2862         SVGElement.xmlbase.
2863
2864         Chrome's intent to remove:
2865         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
2866
2867         Test: svg/dom/SVGElement-xmlbase.html
2868
2869         * svg/SVGElement.cpp:
2870         (WebCore::SVGElement::removedFrom): Deleted.
2871         * svg/SVGElement.h:
2872         * svg/SVGElement.idl:
2873
2874 2016-07-19  Chris Dumez  <cdumez@apple.com>
2875
2876         Align CSSStyleDeclaration.setProperty() with the specification
2877         https://bugs.webkit.org/show_bug.cgi?id=159955
2878
2879         Reviewed by Benjamin Poulain.
2880
2881         Align CSSStyleDeclaration.setProperty() with the specification:
2882         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
2883
2884         In particular, the following changes were needed:
2885         1. The 'value' parameter should not be optional
2886         2. The 'priority' parameter should treat null as the empty string
2887            rather than the string "null".
2888         3. The 'priority' parameter's default value should be the empty string,
2889            not the string "undefined".
2890         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
2891            is not the empty string and is not an ASCII case-insensitive match
2892            for the string "important".
2893
2894         Chrome matches the specification entirely.
2895         Firefox matches the specification with the exception that it does a
2896         case-sensitive match for "important".
2897
2898         Test: fast/css/CSSStyleDeclaration-setProperty.html
2899
2900         * css/CSSStyleDeclaration.idl:
2901         * css/PropertySetCSSStyleDeclaration.cpp:
2902         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
2903
2904 2016-07-19  Daniel Bates  <dabates@apple.com>
2905
2906         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
2907         https://bugs.webkit.org/show_bug.cgi?id=159841
2908         <rdar://problem/27381684>
2909
2910         Reviewed by Brent Fulgham.
2911
2912         Implement a first pass at sending multiple violation reports so as to more closely
2913         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
2914         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
2915
2916         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
2917                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2918                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2919                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2920                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2921                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2922                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2923                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2924                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2925                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2926                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2927                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
2928                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2929                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
2930                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
2931                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2932                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2933                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
2934                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
2935                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
2936                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
2937                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
2938                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
2939                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
2940                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
2941                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
2942
2943         * page/csp/ContentSecurityPolicy.cpp:
2944         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
2945         is allowed by all of the policies with the specified disposition.
2946         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
2947         all of the enforced policies.
2948         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
2949         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
2950         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
2951         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2952         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
2953         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
2954         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
2955         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
2956         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
2957         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
2958         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
2959         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
2960         report-only policies so that we only allow the resource for the former. As a side effect of this change
2961         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
2962         for more details.
2963         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
2964         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
2965         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
2966         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
2967         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
2968         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
2969         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
2970         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
2971         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
2972         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
2973         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
2974         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
2975         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
2976         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
2977         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
2978         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
2979         * page/csp/ContentSecurityPolicy.h:
2980         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
2981
2982 2016-07-19  Chris Dumez  <cdumez@apple.com>
2983
2984         Fix null handling of HTMLScriptElement.text attribute
2985         https://bugs.webkit.org/show_bug.cgi?id=159943
2986
2987         Reviewed by Benjamin Poulain.
2988
2989         Fix null handling of HTMLScriptElement.text attribute:
2990         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
2991
2992         We should treat null as the "null" String but we were treating it as
2993         the empty string.
2994
2995         Firefox and Chrome match the specification.
2996
2997         No new tests, rebaselined existing test.
2998
2999         * html/HTMLScriptElement.idl:
3000
3001 2016-07-19  Chris Dumez  <cdumez@apple.com>
3002
3003         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
3004         https://bugs.webkit.org/show_bug.cgi?id=159934
3005
3006         Reviewed by Benjamin Poulain.
3007
3008         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
3009         non-standard and we want to drop support for it from the bindings generator.
3010
3011         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
3012         given that both a missing/empty attribute result in using the default
3013         autocapitalization mode and that autocapitalize returns the empty string by
3014         default.
3015
3016         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
3017
3018         * html/HTMLFormElement.idl:
3019         * html/HTMLInputElement.idl:
3020         * html/HTMLTextAreaElement.idl:
3021
3022 2016-07-19  Zalan Bujtas  <zalan@apple.com>
3023
3024         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
3025         https://bugs.webkit.org/show_bug.cgi?id=159952
3026
3027         Reviewed by Simon Fraser.
3028
3029         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
3030         where the container (RenderView) of one of the dirty subtrees is dirty.
3031         See r203415.
3032  
3033         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
3034
3035         * page/FrameView.cpp:
3036         (WebCore::FrameView::scheduleRelayoutOfSubtree):
3037
3038 2016-07-19  Dean Jackson  <dino@apple.com>
3039
3040         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
3041         https://bugs.webkit.org/show_bug.cgi?id=159948
3042         <rdar://problem/27391012>
3043
3044         Reviewed by Simon Fraser.
3045
3046         There is an iOS bug (<rdar://problem/27416744>) that is causing us
3047         to not always get a color space on CGContextRefs. Investigation of this
3048         exposed some optimizations we can take when we are creating ImageBuffers.
3049         In particular, if we have a bitmap context or an IOSurfaceContext we
3050         can simply copy their color space using API. Otherwise we stick with
3051         the existing CGContextCopyDeviceColorSpace.
3052
3053         Lastly, if for some reason we are unable to copy the device color space,
3054         we should fall back to sRGB.
3055
3056         * platform/graphics/cg/ImageBufferCG.cpp:
3057         (WebCore::ImageBuffer::createCompatibleBuffer):
3058         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
3059
3060
3061 2016-07-19  George Ruan  <gruan@apple.com>
3062
3063         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
3064         https://bugs.webkit.org/show_bug.cgi?id=159833
3065         <rdar://problem/27379487>
3066
3067         Reviewed by Eric Carlson.
3068
3069         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
3070
3071         * WebCore.xcodeproj/project.pbxproj:
3072         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
3073         of RefPtr<T>
3074         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
3075         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
3076         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
3077         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
3078         observers and AVSampleBufferDisplayLayer
3079         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
3080         is available.
3081         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
3082         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
3083         for enqueuing sample buffers to the active video track.
3084         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
3085         exists.
3086         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
3087         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
3088         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
3089         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
3090         new SampleBuffer is available.
3091         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
3092         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
3093         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
3094         MediaPlayerPrivateMediaSourceAVFObjC.mm
3095         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
3096         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
3097         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
3098         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
3099         * platform/mediastream/MediaStreamPrivate.cpp:
3100         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
3101         * platform/mediastream/MediaStreamTrackPrivate.cpp:
3102         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
3103         is available.
3104         * platform/mediastream/MediaStreamTrackPrivate.h:
3105         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
3106         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
3107         * platform/mediastream/RealtimeMediaSource.cpp:
3108         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
3109         * platform/mediastream/RealtimeMediaSource.h:
3110         * platform/mediastream/mac/AVVideoCaptureSource.mm:
3111         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
3112
3113 2016-07-19  Anders Carlsson  <andersca@apple.com>
3114
3115         Get rid of a #define private public hack in WebCore
3116         https://bugs.webkit.org/show_bug.cgi?id=159953
3117
3118         Reviewed by Dan Bernstein.
3119
3120         Use @package instead.
3121
3122         * bindings/objc/DOMInternal.h:
3123         * bindings/objc/DOMObject.h:
3124
3125 2016-07-19  Andreas Kling  <akling@apple.com>
3126
3127         Fix SharedBuffer leak in MockContentFilter::replacementData().
3128         <https://webkit.org/b/159945>
3129
3130         Reviewed by Andy Estes.
3131
3132         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
3133         Since this is in the mock filter, it only affected layout tests.
3134
3135         * testing/MockContentFilter.cpp:
3136         (WebCore::MockContentFilter::replacementData):
3137
3138 2016-07-19  Zalan Bujtas  <zalan@apple.com>
3139
3140         theguardian.co.uk crossword puzzles are sometimes not displaying text
3141         https://bugs.webkit.org/show_bug.cgi?id=159924
3142         <rdar://problem/27409483>
3143
3144         Reviewed by Simon Fraser.
3145
3146         This patch fixes the case when
3147         - 2 disjoint subtrees are dirty
3148         - RenderView is also dirty.
3149         and we end up not laying out one of the 2 subtrees.
3150
3151         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
3152         we already have a pending full layout which means that any previous subtree layouts have already been
3153         converted to full layouts.
3154         However this assumption is incorrect. RenderView can get dirty without checking if there's
3155         already a pending subtree layout.
3156         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
3157         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
3158         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
3159         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
3160         This patch implements the second option.
3161
3162         Test: fast/misc/subtree-layouts.html
3163
3164         * page/FrameView.cpp:
3165         (WebCore::FrameView::scheduleRelayoutOfSubtree):
3166
3167 2016-07-19  Anders Carlsson  <andersca@apple.com>
3168
3169         Some payment authorization status values should keep the sheet active
3170         https://bugs.webkit.org/show_bug.cgi?id=159936
3171         rdar://problem/26756701
3172
3173         Reviewed by Tim Horton.
3174
3175         * Modules/applepay/ApplePaySession.cpp:
3176         (WebCore::ApplePaySession::completePayment):
3177         Keep the sheet active if the status isn't a final state status.
3178
3179         * Modules/applepay/PaymentAuthorizationStatus.h:
3180         (WebCore::isFinalStateStatus):
3181         Add a new helper function that returns whether a given payment authorization status is "final",
3182         meaning that once that status has been passed to completePayment, the session is finished.
3183
3184 2016-07-19  Nan Wang  <n_wang@apple.com>
3185
3186         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
3187         https://bugs.webkit.org/show_bug.cgi?id=159910
3188
3189         Reviewed by Chris Fleizach.
3190
3191         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
3192         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
3193         fixed a word navigation issue based on that.
3194
3195         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
3196
3197         * accessibility/AXObjectCache.cpp:
3198         (WebCore::AXObjectCache::traverseToOffsetInRange):
3199         (WebCore::AXObjectCache::rangeForNodeContents):
3200         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
3201         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
3202         (WebCore::AXObjectCache::rightWordRange):
3203         (WebCore::AXObjectCache::previousBoundary):
3204         * accessibility/AXObjectCache.h:
3205         (WebCore::AXObjectCache::isNodeInUse):
3206
3207 2016-07-19  Youenn Fablet  <youenn@apple.com>
3208
3209         [Streams API] ReadableStreamController methods should throw if its stream is not readable
3210         https://bugs.webkit.org/show_bug.cgi?id=159871
3211
3212         Reviewed by Xabier Rodriguez-Calvar.
3213
3214         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
3215         Covered by rebased and/or modified tests.
3216
3217         * Modules/streams/ReadableStreamController.js:
3218         (enqueue): Throwing a TypeError if controlled stream is not readable.
3219         (close): Ditto.
3220
3221 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
3222
3223         Bubbles appear split for a brief moment in Messages
3224         https://bugs.webkit.org/show_bug.cgi?id=159915
3225         rdar://problem/27182267
3226
3227         Reviewed by David Hyatt.
3228
3229         RenderView::repaintRootContents() had a long-standing bug in WebView when the
3230         view is scrolled. repaint() uses visualOverflowRect() but, for the 
3231         RenderView, the visualOverflowRect() is the initial containing block
3232         which is anchored at 0,0. When the view is scrolled it's clipped out and
3233         calls to repaintRootContents() have no effect.
3234         
3235         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
3236         will clip it to the view if necessary.
3237
3238         Test: fast/repaint/scrolled-view-full-repaint.html
3239
3240         * rendering/RenderView.cpp:
3241         (WebCore::RenderView::repaintRootContents):
3242
3243 2016-07-19  Dan Bernstein  <mitz@apple.com>
3244
3245         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
3246
3247         * bindings/js/JSDOMGlobalObject.cpp:
3248         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
3249
3250 2016-07-19  Youenn Fablet  <youenn@apple.com>
3251
3252         [Streams API] Make ReadableStream properties not enumerable
3253         https://bugs.webkit.org/show_bug.cgi?id=159868
3254
3255         Reviewed by Darin Adler.
3256
3257         Covered by rebased tests.
3258
3259         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
3260         Updating IDL constructor definitions to correctly compute constructor length.
3261         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
3262
3263         * Modules/streams/ReadableStream.idl:
3264         * Modules/streams/ReadableStream.js:
3265         * Modules/streams/ReadableStreamController.idl:
3266         * Modules/streams/ReadableStreamReader.idl:
3267
3268 2016-07-19  Chris Dumez  <cdumez@apple.com>
3269
3270         form.enctype / encoding / method should treat null as "null" string
3271         https://bugs.webkit.org/show_bug.cgi?id=159916
3272
3273         Reviewed by Ryosuke Niwa.
3274
3275         form.enctype / encoding / method should treat null as "null" string:
3276         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
3277
3278         Previously, WebKit would treat null as the null String, which would
3279         end up removing the existing attribute.
3280
3281         Firefox and Chrome match the specification.
3282
3283         Test: fast/dom/HTMLFormElement/null-handling.html
3284
3285         * html/HTMLFormElement.h:
3286         * html/HTMLFormElement.idl:
3287
3288 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
3289
3290         All-in-one buildfix after r202439
3291         https://bugs.webkit.org/show_bug.cgi?id=159877
3292
3293         Reviewed by Chris Dumez.
3294
3295         * Modules/webaudio/AudioDestinationNode.h:
3296         (WebCore::AudioDestinationNode::resume):
3297         (WebCore::AudioDestinationNode::suspend):
3298         (WebCore::AudioDestinationNode::close):
3299
3300 2016-07-18  Frederic Wang  <fwang@igalia.com>
3301
3302         Move parsing of subscriptshift and superscriptshift from rendering to element classes
3303         https://bugs.webkit.org/show_bug.cgi?id=159622
3304
3305         Reviewed by Darin Adler.
3306
3307         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
3308         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
3309         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
3310         attribute parsing to the DOM (bug 156536).
3311
3312         No new tests, rendering is unchanged.
3313
3314         * CMakeLists.txt: Add MathMLScriptsElement files.
3315         * WebCore.xcodeproj/project.pbxproj: Ditto.
3316         * mathml/MathMLAllInOne.cpp: Ditto.
3317         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
3318         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
3319         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
3320         parsing for the subscriptshift and superscriptshift MathML lengths.
3321         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
3322         (WebCore::MathMLScriptsElement::create):
3323         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
3324         parsing the attribute again if necessary.
3325         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
3326         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
3327         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
3328         * mathml/MathMLScriptsElement.h: Ditto.
3329         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
3330         * rendering/mathml/RenderMathMLScripts.cpp:
3331         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
3332         MathMLScriptsElement.
3333         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
3334         using the functions from the MathMLScriptsElement class.
3335         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
3336
3337 2016-07-18  Frederic Wang  <fwang@igalia.com>
3338
3339         Do not store gap and shift parameters on RenderMathMLFraction
3340         https://bugs.webkit.org/show_bug.cgi?id=159876
3341
3342         Reviewed by Darin Adler.
3343
3344         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
3345         do not need to store them on the class. We remove them and split updateLayoutParameters into
3346         three functions: one to update the linethickness and two others to retrieve the fraction and
3347         stack respectively.
3348
3349         No new tests, rendering is unchanged.
3350
3351         * rendering/mathml/RenderMathMLFraction.cpp:
3352         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
3353         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
3354         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
3355         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
3356         for fraction and stack parameters.
3357         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
3358         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
3359         for stack and fraction parameters.
3360
3361 2016-07-18  Chris Dumez  <cdumez@apple.com>
3362
3363         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
3364         https://bugs.webkit.org/show_bug.cgi?id=159908
3365
3366         Reviewed by Alex Christensen.
3367
3368         input.formEnctype / formMethod and button.formEnctype / formMethod / type
3369         should treat null as "null" String:
3370         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
3371         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
3372
3373         In WebKit, we would treat null as a null String which would end up
3374         removing the corresponding attribute. This does not match the
3375         specification. Firefox and Chrome match the specification here.
3376
3377         Tests:
3378         - fast/dom/HTMLButtonElement/null-handling.html
3379         - fast/dom/HTMLInputElement/null-handling.html
3380
3381         * html/HTMLButtonElement.idl:
3382         * html/HTMLInputElement.idl:
3383
3384 2016-07-18  Alex Christensen  <achristensen@webkit.org>
3385
3386         webbookmarksd needs to use the same AppCache directory as MobileSafari
3387         https://bugs.webkit.org/show_bug.cgi?id=159912
3388
3389         Reviewed by Alexey Proskuryakov.
3390
3391         No new tests.  This only changes behavior for webbookmarksd.
3392
3393         * platform/RuntimeApplicationChecks.h:
3394         * platform/RuntimeApplicationChecks.mm:
3395         (WebCore::IOSApplication::isWebBookmarksD): Added.
3396
3397 2016-07-18  Chris Dumez  <cdumez@apple.com>
3398
3399         EventTarget.dispatchEvent() parameter should not be nullable
3400         https://bugs.webkit.org/show_bug.cgi?id=159897
3401
3402         Reviewed by Benjamin Poulain.
3403
3404         EventTarget.dispatchEvent() parameter should not be nullable:
3405         - https://dom.spec.whatwg.org/#interface-eventtarget