[WebKit-https.git] / Source / WebCore / ChangeLog

2016-04-21  Brady Eidson  <beidson@apple.com>

        Modern IDB (Workers): Get the IDBConnectionProxy from the Document to the WorkerGlobalScope.
        https://bugs.webkit.org/show_bug.cgi?id=156877

        Reviewed by Tim Horton.

        No new tests (Covered by changes to existing tests).

        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::startWorkerGlobalScope): This is the point on the main thread
          where we can get the IDBConnectionProxy from the Document and pass it down through Worker
          machinery so it can end up at the WorkerGlobalScope.
        
        Everything else is this patch is just passing it along as needed.

        And cleaning up header style for neglected headers.

        * workers/DedicatedWorkerGlobalScope.cpp:
        (WebCore::DedicatedWorkerGlobalScope::create):
        (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope):
        * workers/DedicatedWorkerGlobalScope.h:

        * workers/DedicatedWorkerThread.cpp:
        (WebCore::DedicatedWorkerThread::DedicatedWorkerThread):
        (WebCore::DedicatedWorkerThread::createWorkerGlobalScope):
        * workers/DedicatedWorkerThread.h:
        (WebCore::DedicatedWorkerThread::create):
        (WebCore::DedicatedWorkerThread::workerObjectProxy):

        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::WorkerGlobalScope):
        (WebCore::WorkerGlobalScope::idbConnectionProxy):
        * workers/WorkerGlobalScope.h:

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::WorkerThread):
        (WebCore::WorkerThread::idbConnectionProxy):
        * workers/WorkerThread.h:
        (WebCore::WorkerThread::threadID):
        (WebCore::WorkerThread::runLoop):
        (WebCore::WorkerThread::workerLoaderProxy):
        (WebCore::WorkerThread::workerReportingProxy):
        (WebCore::WorkerThread::getNotificationClient):
        (WebCore::WorkerThread::setNotificationClient):
        (WebCore::WorkerThread::workerGlobalScope):

2016-04-21  Anders Carlsson  <andersca@apple.com>

        Fix crashes when loading SVG images.

        * loader/EmptyClients.cpp:
        (WebCore::fillWithEmptyClients):
        Give the SVG page its own application cache storage.

2016-04-21  Anders Carlsson  <andersca@apple.com>

        Get rid of ApplicationCacheStorage::singleton
        https://bugs.webkit.org/show_bug.cgi?id=156882

        Reviewed by Tim Horton.

        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::setCacheDirectory): Deleted.
        (WebCore::ApplicationCacheStorage::singleton): Deleted.
        * loader/appcache/ApplicationCacheStorage.h:
        * page/Page.cpp:
        (WebCore::Page::Page):

2016-04-21  Simon Fraser  <simon.fraser@apple.com>

        ASSERTION FAILED: accumulation == TransformState::FlattenTransform in WebCore::GraphicsLayerCA::computeVisibleAndCoverageRect
        https://bugs.webkit.org/show_bug.cgi?id=155362

        Reviewed by Zalan Bujtas.

        A particular configuration of composited RenderLayers with preserve-3d and clipping
        caused assertions because an ancestor clipping layer had masksToBounds() set, but
        a preserves3D() parent, triggering an assertion in GraphicsLayerCA::computeVisibleAndCoverageRect().
        Make two changes to address this:

        First, CSS clip: and clip-path: should force flattening and override preserve-3d in
        the RenderStyle.

        Second, don't accumulate transforms in GraphicsLayerCA through layers with masksToBounds().

        Tests: compositing/clipping/preserve3d-flatten-assertion-nested.html
               compositing/clipping/preserve3d-flatten-assertion.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::accumulatesTransform):

2016-04-21  Chris Dumez  <cdumez@apple.com>

        Element::idForStyleResolution() is a foot-gun
        https://bugs.webkit.org/show_bug.cgi?id=156852

        Reviewed by Darin Adler.

        Element::idForStyleResolution() is a foot-gun. It requires the caller to check
        Element::hasID() first or it may end up crashing when dereferencing elementData()
        (e.g. see Bug 156806).

        This patch updates Element::idForStyleResolution() to return nullAtom is the
        Element does not have an ID. I did not see a performance impact on Speedometer,
        Dromaeo DOM Core, Dromaeo CSS Selectors and our local performanceTests/.

        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::collectMatchingRules):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorFilter.cpp:
        (WebCore::collectElementIdentifierHashes):
        * dom/Element.h:
        (WebCore::Element::idForStyleResolution):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::needsAppleMailPaginationQuirk):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::writeRenderRegionList):
        * style/StyleSharingResolver.cpp:
        (WebCore::Style::SharingResolver::canShareStyleWithElement):

2016-04-21  Brady Eidson  <beidson@apple.com>

        Modern IDB (Workers): Move IDBConnectionProxy into IDBRequest and IDBDatabase.
        https://bugs.webkit.org/show_bug.cgi?id=156868

        Reviewed by Tim Horton.

        No new tests (No behavior change).

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::create):
        (WebCore::IDBDatabase::IDBDatabase):
        (WebCore::IDBDatabase::~IDBDatabase):
        (WebCore::IDBDatabase::transaction):
        (WebCore::IDBDatabase::maybeCloseInServer):
        * Modules/indexeddb/IDBDatabase.h:
        (WebCore::IDBDatabase::connectionProxy):
        (WebCore::IDBDatabase::serverConnection):

        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::createDeleteRequest):
        (WebCore::IDBOpenDBRequest::createOpenRequest):
        (WebCore::IDBOpenDBRequest::IDBOpenDBRequest):
        (WebCore::IDBOpenDBRequest::onSuccess):
        (WebCore::IDBOpenDBRequest::onUpgradeNeeded):
        (WebCore::IDBOpenDBRequest::requestCompleted):
        (WebCore::IDBOpenDBRequest::maybeCreateDeleteRequest): Deleted.
        (WebCore::IDBOpenDBRequest::maybeCreateOpenRequest): Deleted.
        * Modules/indexeddb/IDBOpenDBRequest.h:

        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest):
        (WebCore::IDBRequest::connectionToServer): Deleted.
        * Modules/indexeddb/IDBRequest.h:
        (WebCore::IDBRequest::connectionProxy):

        * Modules/indexeddb/IDBTransaction.h:

        * Modules/indexeddb/client/IDBConnectionProxy.cpp:
        (WebCore::IDBClient::IDBConnectionProxy::openDatabase):
        (WebCore::IDBClient::IDBConnectionProxy::deleteDatabase):

2016-04-21  Jiewen Tan  <jiewen_tan@apple.com>

        [iOS] DumpRenderTree crashed in com.apple.WebCore: WebCore::ResourceLoadNotifier::didFailToLoad
        https://bugs.webkit.org/show_bug.cgi?id=156829
        <rdar://problem/23348217>

        Reviewed by Daniel Bates.

        Ensure that the frame associated with the ResourceLoadNotifier is kept alive when notifying the Web Inspector.

        Covered by existing tests.

        * loader/ResourceLoadNotifier.cpp:
        (WebCore::ResourceLoadNotifier::didFailToLoad):
        (WebCore::ResourceLoadNotifier::dispatchWillSendRequest):
        (WebCore::ResourceLoadNotifier::dispatchDidReceiveResponse):
        (WebCore::ResourceLoadNotifier::dispatchDidReceiveData):
        (WebCore::ResourceLoadNotifier::dispatchDidFinishLoading):
        (WebCore::ResourceLoadNotifier::dispatchDidFailLoading):

2016-04-21  Brady Eidson  <beidson@apple.com>

        Modern IDB (Workers): More IDBConnectionProxy refactoring.
        https://bugs.webkit.org/show_bug.cgi?id=156855

        Reviewed by Darin Adler.

        No new tests (Covered by changes to existing tests).

        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
        (WebCore::DOMWindowIndexedDatabase::indexedDB):

        Hang on to the IDBConnectionProxy passed in at creation time, as it should never change:
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::create):
        (WebCore::IDBFactory::IDBFactory):
        (WebCore::IDBFactory::openInternal):
        (WebCore::IDBFactory::deleteDatabase):
        * Modules/indexeddb/IDBFactory.h:

        Hang on to the IDBConnectionProxy passed in at creation time, as it should never change:
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.cpp:
        (WebCore::WorkerGlobalScopeIndexedDatabase::WorkerGlobalScopeIndexedDatabase):
        (WebCore::WorkerGlobalScopeIndexedDatabase::from):
        (WebCore::WorkerGlobalScopeIndexedDatabase::indexedDB):
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.h:

        Make IDBConnectionProxy ThreadSafeRefCounted:
        * Modules/indexeddb/client/IDBConnectionProxy.cpp:
        (WebCore::IDBClient::IDBConnectionProxy::create):
        * Modules/indexeddb/client/IDBConnectionProxy.h:

        * dom/Document.cpp:
        (WebCore::Document::idbConnectionProxy):
        * dom/Document.h:

2016-04-21  Keith Miller  <keith_miller@apple.com>

        WebScriptObject description swizzler should work in a multi-threaded world
        https://bugs.webkit.org/show_bug.cgi?id=156808

        Reviewed by Geoffrey Garen.

        A WebKit legacy API user might be running Objective-C code on another thread.
        Since we don't want to corrupt other thread's NSObject description method
        we use TLS to record if we are in the stringValue function. As an attempt to
        preserve any user swizzling we update the non-stringValue NSObject description
        method on each call to stringValue if it has changed. Additionally, the TLS
        needs to be a int because the user might call into stringValue, back into JS,
        then back into stringValue. If the TLS was a boolean then it would be unset
        at that point so when we return into the first stringValue call we would call
        the original NSObject description method rather than our override.

        Test added to API tests: WebKit1.WebScriptObjectDescription

        * bridge/objc/objc_instance.mm:
        (-[NSObject _web_description]):
        (ObjcInstance::stringValue):
        (swizzleNSObjectDescription): Deleted.

2016-04-21  Beth Dakin  <bdakin@apple.com>

        Build fix.

        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (WebCore::WebPlaybackSessionInterfaceMac::setAudioMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceMac::setLegibleMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceMac::invalidate):

2016-04-21  Beth Dakin  <bdakin@apple.com>

        32 bit build fix.

        * platform/mac/WebPlaybackSessionInterfaceMac.mm:

2016-04-21  Konstantin Tokarev  <annulen@yandex.ru>

        Fixed compilation with !ENABLE(SVG_FONTS).
        https://bugs.webkit.org/show_bug.cgi?id=156850

        Reviewed by Michael Catanzaro.

        No new tests needed.

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::CSSFontFaceSource):
        Added missing ENABLE(SVG_FONTS) guards.
        * css/CSSFontFaceSource.h: Ditto.
        * platform/graphics/FontCascade.cpp: Ditto.
        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::FontCascade::drawGlyphBuffer): Deleted extraneous
        !ENABLE(SVG_FONTS) guard.

2016-04-21  Beth Dakin  <bdakin@apple.com>

        Remove reliance on WebAVMediaSelectionOptionMac for the 
        WebPlaybackControlsManager
        https://bugs.webkit.org/show_bug.cgi?id=156811
        -and corresponding-
        rdar://problem/25760523

        Reviewed by Jer Noble.

        * platform/mac/WebPlaybackSessionInterfaceMac.mm:
        (-[WebPlaybackControlsManager setSeekableTimeRanges:]):
        (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:withSelectedIndex:]):
        (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:withSelectedIndex:]):
        (WebCore::WebPlaybackSessionInterfaceMac::~WebPlaybackSessionInterfaceMac):
        (WebCore::WebPlaybackSessionInterfaceMac::setSeekableRanges):
        (WebCore::WebPlaybackSessionInterfaceMac::setAudioMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceMac::setLegibleMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceMac::invalidate):
        (-[WebAVMediaSelectionOptionMac localizedDisplayName]): Deleted.
        (-[WebAVMediaSelectionOptionMac setLocalizedDisplayName:]): Deleted.
        (-[WebPlaybackControlsManager isSeeking]): Deleted.
        (-[WebPlaybackControlsManager seekToTime:toleranceBefore:toleranceAfter:]): Deleted.
        (-[WebPlaybackControlsManager audioMediaSelectionOptions]): Deleted.
        (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:]): Deleted.
        (-[WebPlaybackControlsManager currentAudioMediaSelectionOption]): Deleted.
        (-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]): Deleted.
        (-[WebPlaybackControlsManager legibleMediaSelectionOptions]): Deleted.
        (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:]): Deleted.
        (-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]): Deleted.
        (-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]): Deleted.
        (-[WebPlaybackControlsManager cancelThumbnailAndAudioAmplitudeSampleGeneration]): Deleted.
        (WebCore::mediaSelectionOptions): Deleted.

2016-04-21  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION(198782): ImageSource::subsamplingLevelForScale() does not cache the MaximumSubsamplingLevel for this ImageSource
        https://bugs.webkit.org/show_bug.cgi?id=156766

        Reviewed by Darin Adler.

        Ensure the MaximumSubsamplingLevel for the ImageSource is calculated
        only once and is cached for subsequent uses. 
        
        The image subsampling is on by default only for iOS. So the and this
        patch currently affects the iOS port.

        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::cacheMetadata): Cache m_maximumSubsamplingLevel.
        Use m_frameCount as a flag for having_the_cache_done.
        (WebCore::ImageSource::subsamplingLevelForScale): Call cacheMetadata()
        before using m_maximumSubsamplingLevel.
        (WebCore::ImageSource::frameCount): Call cacheMetadata() before returning
        m_frameCount.
        * platform/graphics/ImageSource.h:

2016-04-21  Antoine Quint  <graouts@apple.com>

        Creating a large number of WebGL contexts should recycle older contexts
        https://bugs.webkit.org/show_bug.cgi?id=156689
        <rdar://problem/19535330>

        Reviewed by Dean Jackson.

        We used to stop creating WebGL contexts once a maximum of 64 WebGL contexts had been
        created on a page. Other browsers have a limit of 16 concurrent active WebGL contexts
        and they lose older contexts when the developer creates a new context, logging a warning
        to the console. We now follow the same approach.

        Tests: webgl/max-active-contexts-console-warning.html
               webgl/max-active-contexts-gc.html
               webgl/max-active-contexts-oldest-context-lost.html
               webgl/max-active-contexts-webglcontextlost-prevent-default.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::recycleContext):

        Prints a warning message to the console indicating that an older WebGL context
        will be lost to accomodate for the active contexts limit being reached and loses
        the provided context in a way that it may not be recovered by calling `event.preventDefault()`
        in the `webglcontextlost` event handler. Finally, we destroy the associated GraphicsContext3D
        since it will no longer be useful and it may hold large Open GL resources.

        * html/canvas/WebGLRenderingContextBase.h:
        * platform/graphics/GraphicsContext3D.h:

        Changed GraphicsContext3D::create to return RefPtr instead of PassRefPtr.

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::create):
        * platform/graphics/efl/GraphicsContext3DEfl.cpp:
        (WebCore::GraphicsContext3D::create):
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::activeContexts):
        (WebCore::GraphicsContext3D::create):

        Check if we are at the active contexts limit (16) and recycle the oldest context
        in our active contexts list. Calling recycleContext() on a context will call the
        GraphicsContext3D destructor and remove it from the active contexts list there.

        (WebCore::GraphicsContext3D::~GraphicsContext3D):

        Remove the deconstructed context from the active contexts list.

        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::recycleContext):
        * platform/graphics/win/GraphicsContext3DWin.cpp:
        (WebCore::GraphicsContext3D::create):

2016-04-21  Dave Hyatt  <hyatt@apple.com>

        Don't hyphenate the last word in a paragraph of text.
        https://bugs.webkit.org/show_bug.cgi?id=156803

        Reviewed by Simon Fraser.

        Added fast/text/hyphenate-avoid-orphaned-word.html

        * rendering/RenderText.h:
        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleText):

2016-04-21  Chris Dumez  <cdumez@apple.com>

        Drop [UsePointersEvenForNonNullableObjectArguments] from Range
        https://bugs.webkit.org/show_bug.cgi?id=156805

        Reviewed by Youenn Fablet.

        No new tests, no web-exposed behavior change.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::rangeForNodeContents):
        (WebCore::characterOffsetsInOrder):
        (WebCore::setRangeStartOrEndWithCharacterOffset):
        (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
        (WebCore::AXObjectCache::previousBoundary):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::selectText):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::documentBasedSelectedTextRange):
        * dom/Node.cpp:
        (WebCore::Node::textRects):
        * dom/Range.cpp:
        (WebCore::Range::Range):
        (WebCore::Range::setDocument):
        (WebCore::Range::setStart):
        (WebCore::Range::setEnd):
        (WebCore::Range::isPointInRange):
        (WebCore::Range::comparePoint):
        (WebCore::Range::compareNode):
        (WebCore::Range::compareBoundaryPoints):
        (WebCore::Range::compareBoundaryPointsForBindings):
        (WebCore::Range::intersectsNode):
        (WebCore::Range::processContents):
        (WebCore::Range::insertNode):
        (WebCore::Range::checkNodeWOffset):
        (WebCore::Range::setStartAfter):
        (WebCore::Range::setEndBefore):
        (WebCore::Range::setEndAfter):
        (WebCore::Range::selectNode):
        (WebCore::Range::selectNodeContents):
        (WebCore::Range::surroundContents):
        (WebCore::Range::setStartBefore):
        (WebCore::Range::contains):
        (WebCore::rangesOverlap):
        (WebCore::rangeOfContents):
        (WebCore::boundaryNodeChildrenWillBeRemoved):
        (WebCore::boundaryTextNodesMerged):
        (WebCore::boundaryTextNodesSplit):
        (WebCore::Range::expand):
        (WebCore::checkForDifferentRootContainer): Deleted.
        (WebCore::highestAncestorUnderCommonRoot): Deleted.
        (WebCore::childOfCommonRootBeforeOffset): Deleted.
        (WebCore::deleteCharacterData): Deleted.
        (WebCore::Range::toString): Deleted.
        (WebCore::Range::toHTML): Deleted.
        (WebCore::Range::text): Deleted.
        (WebCore::Range::cloneRange): Deleted.
        (WebCore::Range::absoluteTextRects): Deleted.
        (WebCore::Range::absoluteTextQuads): Deleted.
        (WebCore::boundaryNodeChildrenChanged): Deleted.
        (WebCore::boundaryNodeWillBeRemoved): Deleted.
        (WebCore::Range::nodeWillBeRemoved): Deleted.
        (WebCore::boundaryTextRemoved): Deleted.
        (WebCore::Range::getBoundingClientRect): Deleted.
        (WebCore::Range::getBorderAndTextQuads): Deleted.
        * dom/Range.h:
        * dom/Range.idl:
        * dom/RangeBoundaryPoint.h:
        (WebCore::RangeBoundaryPoint::set):
        (WebCore::RangeBoundaryPoint::setToStartOfNode):
        (WebCore::RangeBoundaryPoint::setToEndOfNode):
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::fixRangeAndApplyInlineStyle):
        * editing/Editor.cpp:
        (WebCore::Editor::advanceToNextMisspelling):
        (WebCore::Editor::rangeOfString):
        (WebCore::isFrameInRange):
        (WebCore::Editor::countMatchesForText):
        * editing/EditorCommand.cpp:
        (WebCore::unionDOMRanges):
        (WebCore::executeDeleteToMark):
        (WebCore::executeSelectToMark):
        * editing/FormatBlockCommand.cpp:
        (WebCore::FormatBlockCommand::formatRange):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::respondToNodeModification):
        * editing/InsertListCommand.cpp:
        (WebCore::InsertListCommand::doApplyForSingleParagraph):
        * editing/TextCheckingHelper.cpp:
        (WebCore::TextCheckingParagraph::offsetTo):
        * editing/TextIterator.cpp:
        (WebCore::CharacterIterator::range):
        (WebCore::BackwardsCharacterIterator::range):
        (WebCore::TextIterator::rangeFromLocationAndLength):
        (WebCore::TextIterator::getLocationAndLengthFromRange):
        (WebCore::findPlainText):
        * editing/VisiblePosition.cpp:
        (WebCore::setStart):
        (WebCore::setEnd):
        * editing/VisibleSelection.cpp:
        (WebCore::makeSearchRange):
        * editing/VisibleUnits.cpp:
        (WebCore::previousBoundary):
        (WebCore::nextBoundary):
        * editing/htmlediting.cpp:
        (WebCore::visiblePositionForIndexUsingCharacterIterator):
        (WebCore::isNodeVisiblyContainedWithin):
        * editing/htmlediting.h:
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::adjustedSelectionRange):
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::contextMenuItemSelected):
        * page/DOMSelection.cpp:
        (WebCore::DOMSelection::addRange):
        * page/DragController.cpp:
        (WebCore::selectElement):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::dispatchMouseEvent):
        * page/Page.cpp:
        (WebCore::Page::findStringMatchingRanges):
        * page/TextIndicator.cpp:
        (WebCore::hasNonInlineOrReplacedElements):
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::getRanges):

2016-04-21  Chris Dumez  <cdumez@apple.com>

        Drop [UsePointersEvenForNonNullableObjectArguments] from DOMURL
        https://bugs.webkit.org/show_bug.cgi?id=156797

        Reviewed by Youenn Fablet.

        * html/DOMURL.cpp:
        (WebCore::DOMURL::create):
        * html/DOMURL.h:
        * html/DOMURL.idl:

2016-04-21  Claudio Saavedra  <csaavedra@igalia.com>

        [GTK][EFL] Move non-glib/gtk platform implementations out of platform/gtk
        https://bugs.webkit.org/show_bug.cgi?id=156847

        Reviewed by Carlos Garcia Campos.

        The Language and Logging implementation don't really need glib, so
        rework them and move them to a new platform/unix directory so that
        they can be shared among Unix ports.

        * PlatformEfl.cmake: Use the unix version.
        * PlatformGTK.cmake: Same.
        * platform/efl/LanguageEfl.cpp: Removed.
        * platform/efl/LoggingEfl.cpp: Removed.
        * platform/unix/LanguageUnix.cpp: Renamed from Source/WebCore/platform/gtk/LanguageGtk.cpp.
        (WebCore::platformLanguage):
        (WebCore::platformUserPreferredLanguages):
        * platform/unix/LoggingUnix.cpp: Renamed from Source/WebCore/platform/gtk/LoggingGtk.cpp.
        (WebCore::logLevelString):

2016-04-21  Nan Wang  <n_wang@apple.com>

        AX: stringForTextMarkerRange returning empty string for document range
        https://bugs.webkit.org/show_bug.cgi?id=156819

        Reviewed by Chris Fleizach.

        Set text marker data with CharacterOffset when VisiblePosition is having PositionIsAfterAnchor
        or PositionIsAfterChildren anchor type, so that the character offset corresponds to the anchored
        node.

        Test: accessibility/mac/text-marker-string-for-document-range.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):

2016-04-20  Chris Dumez  <cdumez@apple.com>

        Crash under WebCore::TextIterator::subrange()
        https://bugs.webkit.org/show_bug.cgi?id=156809
        <rdar://problem/21102730>

        Reviewed by Ryosuke Niwa.

        TextIterator::rangeFromLocationAndLength() may return null. However, we
        failed to do a null check before calling TextIterator::subrange() with
        that range.

        No new tests, do not know how to reproduce.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):

2016-04-20  Brady Eidson  <beidson@apple.com>

        Modern IDB (Workers): Remove IDBRequest/IDBOpenDBRequest's requirement to get an IDBServerConnection around.
        https://bugs.webkit.org/show_bug.cgi?id=156826

        Reviewed by Alex Christensen.

        No new tests (No behavior change, existing tests pass).

        This doesn't appear to do much but make things a little more complicated, but it's the first of a few 
        small pushes in the right direction.
        
        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::maybeCreateDeleteRequest):
        (WebCore::IDBOpenDBRequest::maybeCreateOpenRequest):
        (WebCore::IDBOpenDBRequest::IDBOpenDBRequest):
        (WebCore::IDBOpenDBRequest::onSuccess):
        (WebCore::IDBOpenDBRequest::onUpgradeNeeded):
        (WebCore::IDBOpenDBRequest::requestCompleted):
        (WebCore::IDBOpenDBRequest::createDeleteRequest): Deleted.
        (WebCore::IDBOpenDBRequest::createOpenRequest): Deleted.
        * Modules/indexeddb/IDBOpenDBRequest.h:
        
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest):
        (WebCore::IDBRequest::connectionToServer):
        * Modules/indexeddb/IDBRequest.h:
        (WebCore::IDBRequest::connection): Deleted.
        
        * Modules/indexeddb/client/IDBConnectionProxy.cpp:
        (WebCore::IDBClient::IDBConnectionProxy::IDBConnectionProxy):
        (WebCore::IDBClient::IDBConnectionProxy::connectionToServer):
        (WebCore::IDBClient::IDBConnectionProxy::openDatabase):
        (WebCore::IDBClient::IDBConnectionProxy::deleteDatabase):
        * Modules/indexeddb/client/IDBConnectionProxy.h:
        (WebCore::IDBClient::IDBConnectionProxy::serverConnectionIdentifier):
        
        * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
        (WebCore::IDBResourceIdentifier::IDBResourceIdentifier):
        * Modules/indexeddb/shared/IDBResourceIdentifier.h:

2016-04-20  John Wilander  <wilander@apple.com>

        Add Subresource Integrity as "Under consideration".
        https://bugs.webkit.org/show_bug.cgi?id=156800

        Reviewed by Alexey Proskuryakov.

        No new tests needed.

        * features.json:
            Added an entry for Subresource Integrity.

2016-04-20  Anders Carlsson  <andersca@apple.com>

        Get rid of a couple of uses of ApplicationCacheStorage::singleton()
        https://bugs.webkit.org/show_bug.cgi?id=156818

        Reviewed by Geoffrey Garen.

        * loader/appcache/ApplicationCache.cpp:
        (WebCore::ApplicationCache::addResource):
        * loader/appcache/ApplicationCacheGroup.h:
        (WebCore::ApplicationCacheGroup::storage):
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        (WebCore::Internals::setApplicationCacheOriginQuota):

2016-04-20  Brady Eidson  <beidson@apple.com>

        Modern IDB (Workers): Introduce "IDBConnectionProxy" for future threading abstraction, and adopt it in IDBFactory.
        https://bugs.webkit.org/show_bug.cgi?id=156810

        Reviewed by Alex Christensen.

        No new tests (Covered by changes to existing tests).

        Add the IDBConnectionProxy object, including the ability to replicate IDBFactory functionality:
        * Modules/indexeddb/client/IDBConnectionProxy.cpp: Added.
        (WebCore::IDBClient::IDBConnectionProxy::IDBConnectionProxy):
        (WebCore::IDBClient::IDBConnectionProxy::openDatabase):
        (WebCore::IDBClient::IDBConnectionProxy::deleteDatabase):
        * Modules/indexeddb/client/IDBConnectionProxy.h: 
        
        Add pure virtual IDBConnectionProxy accessor:
        * dom/ScriptExecutionContext.h: 

        Implement it:
        * dom/Document.cpp:
        (WebCore::Document::idbConnectionProxy):
        * dom/Document.h:
        
        Implement it:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::idbConnectionProxy):
        * workers/WorkerGlobalScope.h:
        
        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
        (WebCore::DOMWindowIndexedDatabase::indexedDB):


        Don't keep a reference to IDBConnectionToServer, but rather get at the context's IDBConnectionProxy:
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::create):
        (WebCore::IDBFactory::IDBFactory):
        (WebCore::IDBFactory::open):
        (WebCore::IDBFactory::openInternal):
        (WebCore::IDBFactory::deleteDatabase):
        * Modules/indexeddb/IDBFactory.h:
        * Modules/indexeddb/IDBFactory.idl:

        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.cpp:
        (WebCore::WorkerGlobalScopeIndexedDatabase::indexedDB):

        * Modules/indexeddb/client/IDBConnectionToServer.h:

        * inspector/InspectorIndexedDBAgent.cpp:

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:

2016-04-20  Chris Dumez  <cdumez@apple.com>

        Use Optional<size_t> for OrderIterator::m_orderIndex instead of int
        https://bugs.webkit.org/show_bug.cgi?id=156796

        Reviewed by Anders Carlsson.

        Use Optional<size_t> for OrderIterator::m_orderIndex instead of int
        (with invalid value of -1). m_orderIndex a vector index and therefore
        is in the range of an unsigned (type used internally by Vector, even
        though the index is exposed as size_t). Therefore, assigning it to an
        int is unsafe as it may overflow.

        This may fix <rdar://problem/23410338> which is a top crasher.

        * rendering/OrderIterator.cpp:
        (WebCore::OrderIterator::next):
        (WebCore::OrderIterator::reset):
        * rendering/OrderIterator.h:

2016-04-20  Chris Dumez  <cdumez@apple.com>

        Crash under needsAppleMailPaginationQuirk()
        https://bugs.webkit.org/show_bug.cgi?id=156806
        <rdar://problem/23323479>

        Reviewed by Simon Fraser.

        Add check for element()->hasID() before calling element()->idForStyleResolution()
        so that we don't dereference a potentially null element()->elementData().
        Also stop repeatedly atomizing "messageContentContainer" and leverage
        the operator==(const AtomicString&, const char*) instead for performance.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::needsAppleMailPaginationQuirk):

2016-04-20  Brady Eidson  <beidson@apple.com>

        Attempt to fix non-INDEXED_DATABASE_IN_WORKERS builds after r199779

        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setIndexedDBWorkersEnabled):
        * testing/InternalSettings.h:

2016-04-20  Chris Dumez  <cdumez@apple.com>

        Potential overflow in RenderLayer::hitTestList()
        https://bugs.webkit.org/show_bug.cgi?id=156804

        Reviewed by Simon Fraser.

        Use size_t type instead of int to iterate over the Vector to make sure
        we don't overflow. This is a speculative fix for <rdar://problem/23249479>.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hitTestList):

2016-04-20  Brady Eidson  <beidson@apple.com>

        Modern IDB (Workers): Enable INDEXED_DATABASE_IN_WORKERS compile time flag, but disabled in RuntimeEnabledFeatures.
        https://bugs.webkit.org/show_bug.cgi?id=156782

        Reviewed by Alex Christensen.

        Test: storage/indexeddb/modern/workers-disabled.html
              storage/indexeddb/modern/workers-enable.html

        * Configurations/FeatureDefines.xcconfig:

        ScriptExecutionContext shouldn't really be supplementable:
        * dom/ScriptExecutionContext.h:

        WorkerGlobalScope should be supplementable.
        Also modernize this archaic header (pragma once, and re-indent):
        * workers/WorkerGlobalScope.h:
        
        Update for WorkerGlobalScope now being directly supplementable:
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.cpp:
        (WebCore::WorkerGlobalScopeIndexedDatabase::WorkerGlobalScopeIndexedDatabase):
        (WebCore::WorkerGlobalScopeIndexedDatabase::from):
        (WebCore::WorkerGlobalScopeIndexedDatabase::indexedDB):
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.h:
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.idl:
        * Modules/notifications/WorkerGlobalScopeNotifications.cpp:
        (WebCore::WorkerGlobalScopeNotifications::WorkerGlobalScopeNotifications):
        (WebCore::WorkerGlobalScopeNotifications::from):
        (WebCore::WorkerGlobalScopeNotifications::webkitNotifications):
        * Modules/notifications/WorkerGlobalScopeNotifications.h:
        
        Expose IndexedDBWorkers to RuntimeEnabledFeatures:
        * bindings/generic/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):
        * bindings/generic/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setIndexedDBWorkersEnabled):
        (WebCore::RuntimeEnabledFeatures::indexedDBWorkersEnabled):

        Expose IndexedDBWorkers to InternalSettings:
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setIndexedDBWorkersEnabled):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2016-04-20  Dave Hyatt  <hyatt@apple.com>

        Hangable punctuation measurement using the wrong indices.
        https://bugs.webkit.org/show_bug.cgi?id=155899

        Reviewed by Simon Fraser.

        New tests in fast/text.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::hangablePunctuationStartWidth):
        (WebCore::RenderText::hangablePunctuationEndWidth):
        (WebCore::RenderText::isHangableStopOrComma):

2016-04-20  Chris Dumez  <cdumez@apple.com>

        Drop [UsePointersEvenForNonNullableObjectArguments] from several Canvas interfaces
        https://bugs.webkit.org/show_bug.cgi?id=156781

        Reviewed by Darin Adler.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::fill):
        (WebCore::CanvasRenderingContext2D::stroke):
        (WebCore::CanvasRenderingContext2D::clip):
        (WebCore::CanvasRenderingContext2D::isPointInPath):
        (WebCore::CanvasRenderingContext2D::isPointInStroke):
        (WebCore::size):
        (WebCore::CanvasRenderingContext2D::drawImage):
        (WebCore::CanvasRenderingContext2D::drawImageFromRect):
        (WebCore::CanvasRenderingContext2D::drawFocusIfNeeded):
        * html/canvas/CanvasRenderingContext2D.h:
        * html/canvas/CanvasRenderingContext2D.idl:
        * html/canvas/DOMPath.h:
        * html/canvas/DOMPath.idl:
        * html/canvas/WebGLDebugShaders.cpp:
        (WebCore::WebGLDebugShaders::getTranslatedShaderSource):
        * html/canvas/WebGLDebugShaders.h:
        * html/canvas/WebGLDebugShaders.idl:

2016-04-20  Chris Dumez  <cdumez@apple.com>

        Drop [UsePointersEvenForNonNullableObjectArguments] from WebAudio
        https://bugs.webkit.org/show_bug.cgi?id=156777

        Reviewed by Darin Adler.

        Drop [UsePointersEvenForNonNullableObjectArguments] from WebAudio and
        modernize the interface a bit.

        There is no major Web-exposed behavioral change except for
        the exception type thrown when passing null (now always TypeError).
        Tests were updated to add coverage for this.

        * Modules/webaudio/AsyncAudioDecoder.cpp:
        (WebCore::AsyncAudioDecoder::decodeAsync):
        (WebCore::AsyncAudioDecoder::DecodingTask::DecodingTask):
        (WebCore::AsyncAudioDecoder::DecodingTask::decode): Deleted.
        * Modules/webaudio/AsyncAudioDecoder.h:
        (WebCore::AsyncAudioDecoder::DecodingTask::audioData):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::lazyInitialize):
        (WebCore::AudioContext::createBuffer):
        (WebCore::AudioContext::decodeAudioData):
        (WebCore::AudioContext::createBufferSource):
        (WebCore::AudioContext::createMediaElementSource):
        (WebCore::AudioContext::createMediaStreamSource):
        (WebCore::AudioContext::createMediaStreamDestination):
        (WebCore::AudioContext::createScriptProcessor):
        (WebCore::AudioContext::createBiquadFilter):
        (WebCore::AudioContext::createWaveShaper):
        (WebCore::AudioContext::createPanner):
        (WebCore::AudioContext::createConvolver):
        (WebCore::AudioContext::createDynamicsCompressor):
        (WebCore::AudioContext::createAnalyser):
        (WebCore::AudioContext::createGain):
        (WebCore::AudioContext::createDelay):
        (WebCore::AudioContext::createChannelSplitter):
        (WebCore::AudioContext::createChannelMerger):
        (WebCore::AudioContext::createOscillator):
        (WebCore::AudioContext::createPeriodicWave):
        (WebCore::AudioContext::derefFinishedSourceNodes):
        (WebCore::AudioContext::refNode):
        (WebCore::AudioContext::derefNode):
        (WebCore::AudioContext::notifyNodeFinishedProcessing): Deleted.
        (WebCore::AudioContext::derefUnfinishedSourceNodes): Deleted.
        (WebCore::AudioContext::lock): Deleted.
        * Modules/webaudio/AudioContext.h:
        * Modules/webaudio/AudioContext.idl:
        * Modules/webaudio/MediaElementAudioSourceNode.cpp:
        (WebCore::MediaElementAudioSourceNode::create):
        (WebCore::MediaElementAudioSourceNode::MediaElementAudioSourceNode):
        (WebCore::MediaElementAudioSourceNode::process):
        * Modules/webaudio/MediaElementAudioSourceNode.h:
        (WebCore::MediaElementAudioSourceNode::mediaElement):
        * Modules/webaudio/OscillatorNode.idl:

2016-04-20  Brady Eidson  <beidson@apple.com>

        Addressing additional review feedback for:
        Modern IDB: Lots of IDB bindings cleanup (including making IDBVersionChangeEvent constructible).
        https://bugs.webkit.org/show_bug.cgi?id=156760

        * Modules/indexeddb/IDBVersionChangeEvent.h:

2016-04-20  Frederic Wang  <fwang@igalia.com>

        Use OpenType MATH fonts by default
        https://bugs.webkit.org/show_bug.cgi?id=133603

        Reviewed by Alejandro G. Castro.

        No new tests. This is already tested by pixel tests like roots.xhtml.
        However, new math fonts are not used during test execution.

        * css/mathml.css:
        (math): We use only a list of known OpenType fonts with a MATH table but keep some pre-installed fallback fonts for OS X and iOS.

2016-04-20  Claudio Saavedra  <csaavedra@igalia.com>

        [GTK] Move GTK+-independent platform code to platform/glib
        https://bugs.webkit.org/show_bug.cgi?id=156787

        Reviewed by Carlos Garcia Campos.

        There is plenty of code in platform/gtk that is independent from the GTK+ library.
        Move those files to platform/glib so that they can be reused by other GLib-based ports.

        Also clean some style warnings in those files.

        * PlatformGTK.cmake: Move the files.
        * platform/glib/EventLoopGlib.cpp: Renamed from Source/WebCore/platform/gtk/EventLoopGtk.cpp.
        (WebCore::EventLoop::cycle):
        * platform/glib/FileSystemGlib.cpp: Renamed from Source/WebCore/platform/gtk/FileSystemGtk.cpp.
        (WebCore::filenameToString):
        (WebCore::unescapedFilename):
        (WebCore::fileSystemRepresentation):
        (WebCore::filenameForDisplay):
        (WebCore::fileExists):
        (WebCore::deleteFile):
        (WebCore::deleteEmptyDirectory):
        (WebCore::getFileStat):
        (WebCore::getFileSize):
        (WebCore::getFileCreationTime):
        (WebCore::getFileModificationTime):
        (WebCore::getFileMetadata):
        (WebCore::pathByAppendingComponent):
        (WebCore::makeAllDirectories):
        (WebCore::homeDirectoryPath):
        (WebCore::pathGetFileName):
        (WebCore::applicationDirectoryPath):
        (WebCore::sharedResourcesPath):
        (WebCore::getVolumeFreeSizeForPath):
        (WebCore::directoryName):
        (WebCore::listDirectory):
        (WebCore::openTemporaryFile):
        (WebCore::openFile):
        (WebCore::closeFile):
        (WebCore::seekFile):
        (WebCore::writeToFile):
        (WebCore::readFromFile):
        (WebCore::unloadModule):
        (WebCore::hardLinkOrCopyFile):
        * platform/glib/GamepadsGlib.cpp: Renamed from Source/WebCore/platform/gtk/GamepadsGtk.cpp.
        (WebCore::GamepadDeviceGlib::GamepadDeviceGlib):
        (WebCore::GamepadDeviceGlib::~GamepadDeviceGlib):
        (WebCore::GamepadDeviceGlib::readCallback):
        (WebCore::GamepadsGlib::GamepadsGlib):
        (WebCore::GamepadsGlib::~GamepadsGlib):
        (WebCore::GamepadsGlib::registerDevice):
        (WebCore::GamepadsGlib::unregisterDevice):
        (WebCore::GamepadsGlib::updateGamepadList):
        (WebCore::GamepadsGlib::onUEventCallback):
        (WebCore::GamepadsGlib::isGamepadDevice):
        (WebCore::sampleGamepads):
        * platform/glib/SharedBufferGlib.cpp: Renamed from Source/WebCore/platform/gtk/SharedBufferGtk.cpp.
        (WebCore::SharedBuffer::createFromReadingFile):

2016-04-20  Frederic Wang  <fwang@igalia.com>

        Refactor RenderMathMLSpace to avoid using flexbox
        https://bugs.webkit.org/show_bug.cgi?id=155168

        Reviewed by Martin Robinson.

        No new tests, already covered by existing tests. The behavior of mspace-prefered-width-expected is not specified by the MathML recommendation, we update that test to match our new behavior.

        * rendering/mathml/RenderMathMLSpace.cpp: Implement layout functions without passing by flebox.
        (WebCore::RenderMathMLSpace::computePreferredLogicalWidths): Implement this function.
        (WebCore::RenderMathMLSpace::layoutBlock): Implement this function.
        (WebCore::RenderMathMLSpace::computeIntrinsicLogicalWidths): Deleted.
        (WebCore::RenderMathMLSpace::updateLogicalWidth): Deleted.
        (WebCore::RenderMathMLSpace::updateLogicalHeight): Deleted.
        * rendering/mathml/RenderMathMLSpace.h: Update function declarations.

2016-04-20  Carlos Garcia Campos  <cgarcia@igalia.com>

        [Cairo] Crash in GraphicsContext::drawFocusRing when painting is disabled
        https://bugs.webkit.org/show_bug.cgi?id=156785

        Reviewed by Žan Doberšek.

        This happens for example when view state changes to focus and paint is called from
        FrameView::updateControlTints() with a graphics context that doesn't have a platform context. Layout test
        fast/images/image-map-outline-with-scale-transform.html sometimes crashes because of this.

        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::drawFocusRing): Return early if painting is disabled.

2016-04-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r198782): SHOULD NEVER BE REACHED failure in ImageSource::setData since r198782
        https://bugs.webkit.org/show_bug.cgi?id=156690

        Reviewed by Michael Catanzaro.

        The assertion is wrong, because it assumes that ImageDecoder::create() always returns a valid pointer, which is
        only true for the CG implementation. The non CG implementation can return nullptr if there isn't enough data to
        figure out the image format or if the image format is not supported. This is causing several crashes in the
        debug bots.

        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::setData): Remove the invalid ASSERT and return early if we fail to create the decoder.
        (WebCore::ImageSource::ensureDecoderIsCreated): Deleted.
        * platform/graphics/ImageSource.h:

2016-04-19  Brent Fulgham  <bfulgham@apple.com>

        Remove remaining bits of dynamic <link> rel='icon' loading
        https://bugs.webkit.org/show_bug.cgi?id=156727

        Reviewed by Darin Adler.

        Don't call 'shouldLoadLink' for 'icon' link types. It performs no
        useful checks for 'icon' types, and emits the non-standard
        'onbeforeload' event.

        This work finishes up https://webkit.org/b/153151, where we removed
        FrameLoaderClient::dispatchDidChangeIcons() and related code.

        Test: webarchive/test-link-rel-subresource-beforeload.html

        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLink): Remove unneeded call to 'shouldLoadLink'.

2016-04-19  Chris Dumez  <cdumez@apple.com>

        AudioBufferSourceNode.buffer should be nullable
        https://bugs.webkit.org/show_bug.cgi?id=156769

        Reviewed by Darin Adler.

        AudioBufferSourceNode.buffer should be nullable as per the
        specification:
        https://webaudio.github.io/web-audio-api/#AudioBufferSourceNode

        Our implementation was initially returning null when getting
        AudioBufferSourceNode.buffer, which is correct. However, it would
        throw a TypeError when trying to set the attribute to null. Our
        implementation setter actually supported setting the buffer to
        null but the custom bindings for the setter would not.

        This patch does the following:
        - Get rid of the custom bindings for the AudioBufferSourceNode.buffer
          setter. We can have the bindings generator generate the same code
          by using [StrictTypeChecking]. The custom bindinds were also throwing
          a TypeError if the input AudioBuffer had too many channels but this
          does not seem to be possible.
        - Mark AudioBufferSourceNode.buffer as nullable in the IDL so that
          we no longer throw when the JS tries to assign null, but instead
          calls AudioBufferSourceNode::setBuffer(nullptr)

        No new test, updated webaudio/audiobuffersource-channels.html

        * CMakeLists.txt:
        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::setBuffer):
        * Modules/webaudio/AudioBufferSourceNode.h:
        * Modules/webaudio/AudioBufferSourceNode.idl:
        * Modules/webaudio/AudioContext.h:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSAudioBufferSourceNodeCustom.cpp: Removed.

2016-04-19  Brady Eidson  <beidson@apple.com>

        Modern IDB: Lots of IDB bindings cleanup (including making IDBVersionChangeEvent constructible).
        https://bugs.webkit.org/show_bug.cgi?id=156760

        Reviewed by Darin Adler (and looked over by Chris Dumez and Alex Christensen).

        Test: storage/indexeddb/modern/idbversionchangeevent-constructor.html

        Add WorkerGlobalScopeConstructors to the xcodeproj:
        * WebCore.xcodeproj/project.pbxproj:

        Remove the completely irrelevant webkit* prefixed constructors from DOMWindow:
        * page/DOMWindow.idl:

        Remove the poor way most objects were exposed on the WorkerGlobalScope:
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.idl:

        Expose most of the objects on the WorkerGlobalScope the correct way:
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBCursorWithValue.idl:
        * Modules/indexeddb/IDBDatabase.idl:
        * Modules/indexeddb/IDBFactory.idl:
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBKeyRange.idl:
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/indexeddb/IDBOpenDBRequest.idl:
        * Modules/indexeddb/IDBRequest.idl:
        * Modules/indexeddb/IDBTransaction.idl:

        Make IDBVersionChangeEvent constructible:        
        * Modules/indexeddb/IDBVersionChangeEvent.cpp:
        (WebCore::IDBVersionChangeEvent::IDBVersionChangeEvent):
        (WebCore::IDBVersionChangeEvent::newVersion): Deleted.
        * Modules/indexeddb/IDBVersionChangeEvent.h:
        * Modules/indexeddb/IDBVersionChangeEvent.idl:

        * bindings/js/JSDictionary.h:
        (WebCore::JSDictionary::convertValue): Add a templated form of convertValue that
          handles Optional<>s.

2016-04-19  Alex Christensen  <achristensen@webkit.org>

        Build fix after r199738

        * platform/graphics/efl/GraphicsContext3DEfl.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        * platform/graphics/win/GraphicsContext3DWin.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D):

2016-04-19  Keith Miller  <keith_miller@apple.com>

        ObjcInstance::stringValue should not call NSObject's description method
        https://bugs.webkit.org/show_bug.cgi?id=156758

        Reviewed by Geoffrey Garen.

        This patch makes it so that we no longer call NSObject's description method without first
        swizzling the implementation for WebScriptObjects. We restore the incomming NSObject's
        description method once we have finished generating the string.

        Test: platform/mac/fast/objc/webScriptObject-does-not-call-description-on-nsobject.html

        * bridge/objc/objc_instance.mm:
        (swizzleNSObjectDescription):
        (ObjcInstance::stringValue):

2016-04-19  Alex Christensen  <achristensen@webkit.org>

        Update ANGLE
        https://bugs.webkit.org/show_bug.cgi?id=156755

        Reviewed by Dean Jackson.

        * CMakeLists.txt:
        * platform/graphics/ANGLEWebKitBridge.h:
        (WebCore::ANGLEWebKitBridge::getResources):
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        Continue to compile successfully with new ANGLE.

2016-04-19  Chris Dumez  <cdumez@apple.com>

        Mark more classes as WTF_MAKE_FAST_ALLOCATED
        https://bugs.webkit.org/show_bug.cgi?id=156732

        Reviewed by Darin Adler.

        * css/CSSImageGeneratorValue.h:
        * css/DocumentRuleSets.h:
        * css/MediaQueryMatcher.h:
        * css/RuleFeature.h:
        * css/StyleResolver.h:
        * dom/ActiveDOMCallbackMicrotask.h:
        * dom/DocumentSharedObjectPool.h:
        * dom/MutationObserver.cpp:
        * dom/MutationObserverInterestGroup.h:
        * dom/MutationObserverRegistration.h:
        * dom/ScriptExecutionContext.cpp:
        * dom/SlotAssignment.h:
        * html/HTMLCollection.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        * html/parser/HTMLToken.h:
        * html/parser/XSSAuditorDelegate.h:
        * loader/FrameLoader.cpp:
        * loader/SubframeLoader.h:
        * page/AutoscrollController.h:
        * page/csp/ContentSecurityPolicySource.h:
        * platform/cf/RunLoopObserver.h:
        * platform/graphics/FloatQuad.h:
        * platform/graphics/FloatRoundedRect.h:
        * platform/graphics/IntSize.h:
        * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
        * platform/graphics/cg/ImageDecoderCG.h:
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/displaylists/DisplayList.h:
        * platform/graphics/mac/ComplexTextController.h:
        * platform/graphics/mac/FontCustomPlatformData.h:
        * platform/mac/PowerObserverMac.h:
        * platform/network/DataURLDecoder.cpp:
        * platform/text/PlatformLocale.h:
        * rendering/TextAutosizer.h:
        * style/StyleUpdate.h:
        * xml/XMLHttpRequestUpload.h:

2016-04-18  Ada Chan  <adachan@apple.com>

        Context menu items related to fullscreen should be specific to standard fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=156723
        <rdar://problem/25452632>

        Reviewed by Darin Adler.

        Introduce HTMLMediaElement::isStandardFullscreen() that the HitTestResult code can use
        when handling the validation and selection of fullscreen-related context menu items.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::isStandardFullscreen):
        (WebCore::HTMLMediaElement::toggleStandardFullscreenState):
        Renamed to make it clear that it's for toggling standard fullscreen. Call the new
        HTMLMediaElement::isStandardFullscreen().
        * html/HTMLMediaElement.h:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::mediaIsInFullscreen):
        Use HTMLMediaElement::isStandardFullscreen().
        (WebCore::HitTestResult::toggleMediaFullscreenState):
        Call the renamed HTMLMediaElement::toggleStandardFullscreenState().

2016-04-19  Brady Eidson  <beidson@apple.com>

        Modern IDB: ObjectStore Blob Support.
        https://bugs.webkit.org/show_bug.cgi?id=143193

        Reviewed by Alex Christensen.

        Tests: imported/blink/storage/indexeddb/blob-basics-metadata.html
               imported/blink/storage/indexeddb/blob-delete-objectstore-db.html
               imported/blink/storage/indexeddb/blob-valid-after-deletion.html
               imported/blink/storage/indexeddb/blob-valid-before-commit.html
               imported/blink/storage/indexeddb/empty-blob-file.html
               storage/indexeddb/modern/blob-simple.html

        Most of the work has been done already.
        
        Besides a handful of tweaks to that work, all this really does is remove the clause
        that prevents blob URLs from going into the database.

        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::putOrAdd): Only disallow blobs if private browsing is enabled
          (Making that work is already covered by another bug)
          
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::putOrAddOnServer):

        * Modules/indexeddb/IDBValue.cpp:
        (WebCore::IDBValue::IDBValue):

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::deleteUnusedBlobFileRecords):
        (WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):

        * Modules/indexeddb/server/SQLiteIDBTransaction.cpp:
        (WebCore::IDBServer::SQLiteIDBTransaction::deleteBlobFilesIfNecessary):

        * platform/network/BlobRegistryImpl.cpp:
        (WebCore::BlobRegistryImpl::writeBlobsToTemporaryFiles):

        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::deleteDatabaseFile): Delete all database-related files 
          now that we use WAL mode.

2016-04-19  Sergio Villar Senin  <svillar@igalia.com>

        [css-grid] Use the margin box for non-auto minimum sizes
        https://bugs.webkit.org/show_bug.cgi?id=156711

        Reviewed by Darin Adler.

        When computing the min-size of items with non-auto minimum height/width we are incorrectly
        returning the size of the border box, and thus incorrectly ignoring the margins of the item.

        This is a follow up patch of r199153 were we added the missing border and paddings for
        heights. Contrary to that, we were not including margins for both axis.

        This CL requires 3 different interrelated changes:
        - Add the margins to the min-size returned by minSizeForChild (might require a layout).
        - Refactor and extract width computations from logicalHeightForChild(); not totally
        mandatory but pretty logical and helpful.
        - Use a new update function to isolate the computation of the override width.

        Test: fast/css-grid-layout/min-width-margin-box.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeInlineDirectionMargins): Added const to a parameter.
        * rendering/RenderBox.h:
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeTrackSizesForDirection): Initialize the sizingOperation.
        (WebCore::RenderGrid::computeIntrinsicLogicalWidths): Ditto.
        (WebCore::RenderGrid::computeIntrinsicLogicalHeight): Ditto.
        (WebCore::RenderGrid::logicalHeightForChild): Renamed from logicalContentHeightForChild as
        it no longer returns the content size but the outer size.
        (WebCore::RenderGrid::minSizeForChild):
        (WebCore::RenderGrid::updateOverrideContainingBlockContentLogicalWidthForChild): Extracted
        from logicalHeightForChild().
        (WebCore::RenderGrid::minContentForChild): Update override width if needed.
        (WebCore::RenderGrid::maxContentForChild): Ditto.
        (WebCore::RenderGrid::computeMarginLogicalSizeForChild): Generalized from
        computeMarginLogicalHeightForChild(), it can now compute also margins for the inline
        direction.
        (WebCore::RenderGrid::availableAlignmentSpaceForChildBeforeStretching):
        (WebCore::RenderGrid::logicalContentHeightForChild): Deleted.
        (WebCore::RenderGrid::computeMarginLogicalHeightForChild): Deleted.
        * rendering/RenderGrid.h:

2016-04-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [Cairo] GraphicsContext::drawFocusRing methods are not consistent to each other
        https://bugs.webkit.org/show_bug.cgi?id=156742

        Reviewed by Martin Robinson.

        We are rendering the focus ring differently depending on whether a path is used or a vector of rectangles. This
        is causing that some reftests fail because they assume we always render the focus ring the same way. For example
        fast/images/image-map-outline-in-positioned-container.html, when rendering the test
        GraphicsContext::drawFocusRing is called with a path, and when rendering the reference it's called with a vector
        of rectangles, producing different results.

        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::drawFocusRing): When receiving a vector of rectangles, build a Path from the given
        rectangles and call drawFocusRing() with the built path to ensure consistency.

2016-04-19  Antti Koivisto  <antti@apple.com>

        Move FontSelectorClient to a file of its own
        https://bugs.webkit.org/show_bug.cgi?id=156738

        Reviewed by Carlos Garcia Campos.

        So modifying FontSelector does not trigger world rebuild via Document.h.

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSFontSelector.cpp:
        * dom/Document.h:
        * html/canvas/CanvasRenderingContext2D.h:
        * platform/graphics/FontSelector.h:
        (WebCore::FontSelectorClient::~FontSelectorClient): Deleted.
        * platform/graphics/FontSelectorClient.h: Added.
        (WebCore::FontSelectorClient::~FontSelectorClient):

2016-04-19  Joanmarie Diggs  <jdiggs@igalia.com>

        [GTK] accessibility/gtk/entry-and-password.html is failing since r194847
        https://bugs.webkit.org/show_bug.cgi?id=153062

        Reviewed by Carlos Garcia Campos.

        The changes in r194847 include using WebCore's rendering for the CapsLock indicator.
        As a side effect, password inputs gained a TextControlInnerTextElement child from
        the Shadow DOM. If we include that child in the accessibility tree, the child will
        emit focus and text notifications that suggest the user is no longer in the control.
        This can be especially problematic for screen reader users with key echo enabled
        when typing in a password input. To fix this, prune TextControlInnerTextElement
        children from the accessibility tree for ATK.

        No new tests as existing coverage caught this regression. Also modified the
        auto-fill-crash.html test whose expectations include the children count for
        a text input.

        * accessibility/atk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):

2016-04-18  Brady Eidson  <beidson@apple.com>

        Modern IDB (Blob support): When reading Blobs from the database, grant the Networking process sandbox access to the files.
        https://bugs.webkit.org/show_bug.cgi?id=156640

        Reviewed by Alex Christensen.

        No new tests (No change in behavior, as blobs in IDB are not yet enabled,
                      but when they are enabled testing will cover this).

        * Modules/indexeddb/shared/IDBResultData.h: Export some stuff
        
        * fileapi/ThreadableBlobRegistry.cpp:
        (WebCore::ThreadableBlobRegistry::registerBlobURLOptionallyFileBacked): Account for 
          BlobRegistry change described below.
        
        * platform/network/BlobRegistry.h: Change registerBlobURLOptionallyFileBacked to take a 
          BlobDataFileReference instead of a raw path, to allow WK2 to include a sandbox extension.
        
        * platform/network/BlobRegistryImpl.cpp:
        (WebCore::BlobRegistryImpl::registerBlobURL): Account for BlobRegistry change described above.
        (WebCore::BlobRegistryImpl::registerBlobURLOptionallyFileBacked): Use the passed in 
          BlobDataFileHandle, and also register the BlobResourceHandle constructor.
        * platform/network/BlobRegistryImpl.h:

2016-04-18  Alex Christensen  <achristensen@webkit.org>

        Fix iOS build after r199701

        * platform/ios/WebAVPlayerController.mm:

2016-04-18  Darin Adler  <darin@apple.com>

        Updated binding test result to reflect the change to not use Deprecated::ScriptValue.

        * bindings/scripts/test/JS/JSTestObj.cpp: Regenerated with new script.

2016-04-18  Darin Adler  <darin@apple.com>

        Remove all use of Deprecated::ScriptValue in generated bindings
        https://bugs.webkit.org/show_bug.cgi?id=156706

        Reviewed by Brady Eidson.

        * Modules/indexeddb/IDBCursor.idl: Removed unneeded [ImplementationReturnType=JSValue].
        * Modules/indexeddb/IDBCursorWithValue.idl: Ditto.

        * Modules/indexeddb/IDBKeyRange.cpp:
        (WebCore::IDBKeyRange::lowerValue): Deleted.
        (WebCore::IDBKeyRange::upperValue): Deleted.
        (WebCore::IDBKeyRange::only): Changed to take ExecState since the old code just used
        the ScriptExecutionContext to get back to the (potentially wrong) ExecState. Also kept
        one overload that takes ScriptExecutionContext because I could not change all callers.
        (WebCore::IDBKeyRange::lowerBound): Ditto.
        (WebCore::IDBKeyRange::upperBound): Ditto.
        (WebCore::IDBKeyRange::bound): Ditto.

        * Modules/indexeddb/IDBKeyRange.h: Updated for above.

        * Modules/indexeddb/IDBKeyRange.idl: Use [ImplementationReturnType=IDBKey].
        Use ScriptState instead of ScriptExecutionContext.

        * Modules/streams/ReadableStreamSource.h: Take JSValue instead of Deprecated::ScriptValue
        for the ignored argument to the cancel function.

        * bindings/js/IDBBindingUtilities.cpp:
        (WebCore::toJS): Renamed idbKeyToJSValue to this, the traditional name used in the
        bindings generator for all these functions. Also changed to take references.
        (WebCore::injectIDBKeyIntoScriptValue): Updated to call with the new name and types.
        (WebCore::idbKeyDataToScriptValue): Ditto.

        * bindings/js/IDBBindingUtilities.h: Added declaration of toJS for IDBKey.

        * bindings/scripts/CodeGeneratorJS.pm: Use JSC::JSValue instead of Deprecated::ScriptValue
        for the "any" type.
        (JSValueToNative): Just return the value with no transformation when type is "any".
        (NativeToJSValue): Changed default behavior for "any" to just pass the value as is with
        no transfomration. Removed unused ImplementationReturnType case for inside Document.
        Removed JSValue case since it's the default now. Added IDBKey case that matches the
        IDBKeyPath case (still wondering if we can do those without an attribute). Removed bogus
        second check for type "any".

2016-04-18  Martin Robinson  <mrobinson@igalia.com>

        [GTK] Possible off-by-one in hyphenation code
        https://bugs.webkit.org/show_bug.cgi?id=156661

        Reviewed by Michael Catanzaro.

        No new tests. This is covered by older tests.

        * platform/text/hyphen/HyphenationLibHyphen.cpp:
        (WebCore::lastHyphenLocation): Fix an off by one error in hyphen location.

2016-04-18  Eric Carlson  <eric.carlson@apple.com>

        [OSX] AVKit is not available on all systems
        https://bugs.webkit.org/show_bug.cgi?id=156724
        <rdar://problem/25501587>

        Reviewed by Dean Jackson.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm: Add _OPTIONAL to all
          AVKit softlink macros.
        * platform/ios/WebAVPlayerController.mm: Ditto.
        * platform/ios/WebPlaybackSessionInterfaceAVKit.mm: Ditto.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: Ditto.
        * platform/mac/WebPlaybackSessionInterfaceMac.mm: Ditto.
        * platform/mac/WebVideoFullscreenInterfaceMac.mm: Ditto.

2016-04-18  Gavin Barraclough  <barraclough@apple.com>

        WebKit should adopt journal_mode=wal for all SQLite databases.
        https://bugs.webkit.org/show_bug.cgi?id=133496

        Reviewed by Brady Eidson.

        Enabling sqlite3 WAL mode on iOS causes a test failure, but appears just be something that should fail still failing, only in a different way.
        Enabling & marking test as failing for now. Tracking test failure here:
            https://bugs.webkit.org/show_bug.cgi?id=156718

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::open):
            - enable on iOS.

2016-04-18  Brent Fulgham  <bfulgham@apple.com>

        Remove support for X-Frame-Options in `<meta>`
        https://bugs.webkit.org/show_bug.cgi?id=156625
        <rdar://problem/25748714>

        Rubberstamped by Darin Adler.

        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv): Revise messaging based on Darin's comments.

2016-04-18  Chris Dumez  <cdumez@apple.com>

        Crash in ElementDescendantIterator::operator--() when calling m_ancestorSiblingStack.last()
        https://bugs.webkit.org/show_bug.cgi?id=156715
        <rdar://problem/25750864>

        Reviewed by Antti Koivisto.

        Fix correctness of ElementDescendantIterator::operator--(). The last element
        in the m_ancestorSiblingStack stack is nullptr. However, if our parent does
        not have a sibling, m_current->nextSibling() == m_ancestorSiblingStack.last()
        would be true and we would end up removing the nullptr element from
        m_ancestorSiblingStack. We would crash on a follow-up call to operator--()
        because m_ancestorSiblingStack.last() would do an out-of-bound access, given
        that m_ancestorSiblingStack is empty.

        Test: fast/dom/collection-backward-traversal-crash.html

        * dom/ElementDescendantIterator.h:
        (WebCore::ElementDescendantIterator::operator--):

2016-04-18  Anders Carlsson  <andersca@apple.com>

        Fix build with newer versions of clang.
        rdar://problem/25749769

        Forward declare performClose:.

        * platform/mac/WebCoreFullScreenWindow.mm:

2016-04-18  Tina Liu  <iting_liu@apple.com>

        Declare a virtual function in PluginStrategy to be implemented by subclasses.
        https://bugs.webkit.org/show_bug.cgi?id=156540

        Reviewed by Anders Carlsson.

        * plugins/PluginStrategy.h:

2016-04-18  Eric Carlson  <eric.carlson@apple.com>

        [iOS] don't toggle playback when media engine rate changes
        https://bugs.webkit.org/show_bug.cgi?id=156705
        <rdar://problem/25779175>

        Reviewed by Jer Noble.

        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::rateChanged): Don't send the play/pause command
          unless the player item state is >= MediaPlayerAVPlayerItemStatusPlaybackBufferFull and
          the rate change is unexpected.

2016-04-18  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix iOS9 build after r199682.

        * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):

2016-04-18  Chris Dumez  <cdumez@apple.com>

        [WK2][iOS] Only adjust network responses' MIME type for QuickLook in the context of a main resource load
        https://bugs.webkit.org/show_bug.cgi?id=156639
        <rdar://problem/25765848>

        Reviewed by Alex Christensen.

        Only adjust network responses' MIME type for QuickLook in the context of a main
        resource load since we can only preview main resources with QuickLook. This
        avoids doing unnecessary work during page load. Also, this makes it a lot less
        likely to dlopen() the QuickLook library during page load since we now only
        adjust MIME type for QuickLook for main resources, and main resources usually
        have the well-known 'text/html' MIME type for which we know we will not use
        QuickLook.

        After this change, we no longer need to dlopen() the QuickLook library in the
        NetworkProcess in the context of the PLT. We would previously dlopen() the
        library during the first page load, thus significantly slowing it down. As a
        result, we see a ~22% speed up in the PLT's first page load and a 0.9-1% overall
        PLT progression.

        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
        Pass flag to adjustMIMETypeIfNecessary() indicated if this is a main resource load.

        * platform/network/ios/WebCoreURLResponseIOS.mm:
        (WebCore::adjustMIMETypeIfNecessary):
        Only adjust the MIME type for QuickLook if the isMainResourceLoad parameter is true.

        * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
        (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
        * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
        (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
        Only adjust the MIME type for QuickLook if the isMainResourceLoad parameter is true.

        * platform/network/mac/WebCoreURLResponse.h:
        * platform/network/mac/WebCoreURLResponse.mm:
        (WebCore::adjustMIMETypeIfNecessary):

2016-04-18  Brent Fulgham  <bfulgham@apple.com>

        CSP: Remove stubs for dynamically-added favicons (via link rel="icon")
        https://bugs.webkit.org/show_bug.cgi?id=153151
        <rdar://problem/24383176>

        Reviewed by Darin Adler.

        Remove the unused dynamic favicon code and tests.

        * loader/EmptyClients.h:
        * loader/FrameLoaderClient.h:
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLink):

2016-04-15  Jer Noble  <jer.noble@apple.com>

        [Mac][EME] Protected content over HLS is not notified when a HDCP violation occurs.
        https://bugs.webkit.org/show_bug.cgi?id=156633

        Reviewed by Eric Carlson.

        Pass through the existing "outputObscuredDueToInsufficientExternalProtection" status as an
        error, similarly to what we do for CDMSessionMediaSourceAVFObjC.

        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.h:
        (WebCore::CDMSessionAVFoundationObjC::~CDMSessionAVFoundationObjC): Deleted.
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
        (SOFT_LINK_CLASS):
        (-[WebCDMSessionAVFoundationObjCListener initWithParent:player:]):
        (-[WebCDMSessionAVFoundationObjCListener invalidate]):
        (-[WebCDMSessionAVFoundationObjCListener observeValueForKeyPath:ofObject:change:context:]):
        (WebCore::CDMSessionAVFoundationObjC::CDMSessionAVFoundationObjC):
        (WebCore::CDMSessionAVFoundationObjC::~CDMSessionAVFoundationObjC):
        (WebCore::CDMSessionAVFoundationObjC::generateKeyRequest):
        (WebCore::CDMSessionAVFoundationObjC::playerDidReceiveError):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::avPlayer):

2016-04-18  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rolling out r199644.

        Seems to have caused a 1-2% regression on warm PLT

        Reverted changeset:

        "[WK2][iOS] Do not dlopen() QuickLook in the NetworkProcess"
        https://bugs.webkit.org/show_bug.cgi?id=156639
        http://trac.webkit.org/changeset/199644

2016-04-17  Darin Adler  <darin@apple.com>

        Get rid of IDBAny
        https://bugs.webkit.org/show_bug.cgi?id=156681

        Reviewed by Brady Eidson.

        IDBAny is not part of the public interface of Indexed Database.
        It was an implementation technique used to help create language bindings for
        functions that have to deal with types that aren't easly expressed with the
        normal IDL and C++ type system.

        What was particularly dangerous about IDBAny is that it can be used to store
        arbitrary JavaScript objects and it's not easy to handle garbage collection and
        reference cycles when they are hidden behind this class's abstraction. It's also
        a needless extra layer, a reference counted object just to carry the types from
        the bindings to the C++ DOM implementation.

        Ths patch also does many small style tweaks.

        * CMakeLists.txt: Removed IDBAny source files. Added JSIDBRequestCustom.cpp.
        * DerivedSources.cpp: Ditto.
        * DerivedSources.make: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * Modules/indexeddb/IDBAny.cpp: Removed.
        * Modules/indexeddb/IDBAny.h: Removed.
        * Modules/indexeddb/IDBAny.idl: Removed.

        * Modules/indexeddb/IDBCursor.cpp: Added includes needed now that headers don't
        include as much.
        (WebCore::IDBCursor::stringToDirection): Removed unneeded IDBCursor namespacing.
        (WebCore::IDBCursor::directionToString): Ditto.
        (WebCore::IDBCursor::IDBCursor): Removed creation of IDBAny object.
        (WebCore::IDBCursor::direction): Removed unneeded IDBCursor namespacing.
        (WebCore::IDBCursor::key): Moved this function to the header.
        (WebCore::IDBCursor::primaryKey): Ditto.
        (WebCore::IDBCursor::value): Ditto.
        (WebCore::IDBCursor::source): Deleted this function; replaced with multiple
        type-specific functions; all but one will return null.
        (WebCore::IDBCursor::update): Take JSValue instead of Deprecated::ScriptValue.
        (WebCore::IDBCursor::advance): Take unsigned instead of unsigned long.
        Fell prey to the confusion because "unsigned long" in IDL means "unsigned" in C++.
        (WebCore::IDBCursor::continueFunction): Take JSValue instead of Deprecated::ScriptValue.
        (WebCore::IDBCursor::uncheckedIterateCursor): Take unsigned instead of unsigned long.
        (WebCore::IDBCursor::setGetResult): Rewrote to get the VM pointer from the
        ScriptExecutionContext here instead of inside the binding utilities functions.

        * Modules/indexeddb/IDBCursor.h: Removed many unneeded includes.
        Changed key, primaryKey, and value to no longer take an unneeded ExecState.
        Made more functions private.

        * Modules/indexeddb/IDBCursor.idl: Changed type of "source" to "any", which matches
        the IDB specification, rather than "IDBAny". Added [CustomGetter] so we can write the
        getter that understands the multiple possible values. Removed unneeded
        [CallWith=ScriptState] from key and primaryKey attributes.

        * Modules/indexeddb/IDBCursorWithValue.h: Marked the class final.
        * Modules/indexeddb/IDBCursorWithValue.idl: Removed unneeded [CallWith=ScriptState]
        from the value attribute.

        * Modules/indexeddb/IDBDatabase.cpp: Added now-needed include.
        * Modules/indexeddb/IDBDatabase.h: Removed this header's include of itself!

        * Modules/indexeddb/IDBFactory.cpp: Added some now-needed includes.
        (WebCore::IDBFactory::~IDBFactory): Moved this out of the header file.
        (WebCore::IDBFactory::getDatabaseNames): Removed function that always returns nullptr.
        (WebCore::IDBFactory::open): Removed unneeded release() calls when returning a RefPtr.
        (WebCore::IDBFactory::cmp): Take JSValue instead of Deprecated::ScriptValue.
        Also removed unneeded typecast.

        * Modules/indexeddb/IDBFactory.h: Removed many unneeded includes.
        Removed the getDatabaseNames function. We still need a solution here, but there is
        no reason to keep the placeholder function that returns nullptr here.

        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::keyPathAny): Removed.
        (WebCore::IDBIndex::openCursor): Take JSValue instead of Deprecated::ScriptValue.
        (WebCore::IDBIndex::count): Ditto.
        (WebCore::IDBIndex::openKeyCursor): Ditto.
        (WebCore::IDBIndex::get): Ditto.
        (WebCore::IDBIndex::getKey): Ditto.

        * Modules/indexeddb/IDBIndex.h: Removed many unneeded includes, including this file
        including itself. Marked class final. Updated for above changes.

        * Modules/indexeddb/IDBIndex.idl: Changed type of "keyPath" to "any", which matches
        the IDB specification, rather than "IDBAny". Specified [ImplementationReturnType=IDBKeyPath]
        so the code generator creates the appropriate code to convert from an IDBKeyPath.
        In the future, we may find a way to do this without an explicit attribute in the IDL
        file but this is fine for now.

        * Modules/indexeddb/IDBKeyRange.cpp:
        (WebCore::IDBKeyRange::create): Moved this here from the header. Use booleans instead
        of enums because all the call sites outside this class are using booleans.
        (WebCore::IDBKeyRange::IDBKeyRange): Updated to use booleans.
        (WebCore::IDBKeyRange::~IDBKeyRange): Moved here from the header.
        (WebCore::IDBKeyRange::lowerValue): Removed now-unneeded get().
        (WebCore::IDBKeyRange::upperValue): Ditto.
        (WebCore::IDBKeyRange::only): Take JSValue instead of Deprecated::ScriptValue.
        (WebCore::IDBKeyRange::lowerBound): Updated for above changes.
        (WebCore::IDBKeyRange::upperBound): Ditto.
        (WebCore::IDBKeyRange::bound): Ditto.
        (WebCore::IDBKeyRange::isOnlyKey): Removed assertions that lower and upper are not null;
        there is no real guarantee of this! Rewrote and streamlined and it handles the null case now.

        * Modules/indexeddb/IDBKeyRange.h: Removed unneeded includes. Changed class to use booleans
        instead of enums for m_isLowerOpen and m_isUpperOpen. Moved functions into the cpp file.

        * Modules/indexeddb/IDBKeyRangeData.cpp:
        (WebCore::IDBKeyRangeData::maybeCreateIDBKeyRange): Updated to use booleans instead of enums.

        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::name): Changed return type to const String& to cut down on
        reference count churn.
        (WebCore::IDBObjectStore::keyPathAny): Deleted.
        (WebCore::IDBObjectStore::keyPath): Changed return type to const IDBKeyPath& to cut down on
        unnecessary copies.
        (WebCore::IDBObjectStore::openCursor): Take JSValue instead of Deprecated::SCriptValue.
        (WebCore::IDBObjectStore::get): Ditto.
        (WebCore::IDBObjectStore::putOrAdd): Ditto. Removed peculiar adoptRef/leakRef that was not needed.
        (WebCore::IDBObjectStore::deleteFunction): Ditto.
        (WebCore::IDBObjectStore::modernDelete): Ditto. Use releaseNonNull for better efficiency.
        (WebCore::IDBObjectStore::count): Ditto.

        * Modules/indexeddb/IDBObjectStore.h: Removed unneeded includes and changed types as mentioned
        above in the cpp file function descriptions.

        * Modules/indexeddb/IDBObjectStore.idl: Changed type of "keyPath" to "any" and
        specified [ImplementationReturnType=IDBKeyPath] as above in IDBIndex.idl.

        * Modules/indexeddb/IDBOpenDBRequest.cpp: Added now-needed includes.
        (WebCore::IDBOpenDBRequest::fireSuccessAfterVersionChangeCommit): Removed unneeded assertions
        that depend on how m_result is implemented, which changed.
        (WebCore::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion): Call setResultToUndefined
        instead of setting m_result directly.
        (WebCore::IDBOpenDBRequest::onSuccess): Call setResult instead of setting m_result and
        m_readyState directly.
        (WebCore::IDBOpenDBRequest::onUpgradeNeeded):: Ditto. Also use WTFMove to set
        m_transaction instead of peculiar adoptRef/leakRef.
        (WebCore::IDBOpenDBRequest::onDeleteDatabaseSuccess): Call setResultToUndefined
        instead of setting m_result directly.

        * Modules/indexeddb/IDBOpenDBRequest.h: Marked the class final. Removed some unneeded headers
        and made more things private.

        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest): Don't initialize m_source any more. Instead initialize
        m_objectStoreSource and m_indexSource, preserving the old behavior and not setting m_cursorSource
        even when passed an IDBCursor.
        (WebCore::IDBRequest::~IDBRequest): Simplify the code that calls clearRequest on the result
        if it's a cursor. The logic is now simply a null check.
        (WebCore::IDBRequest::result): Deleted. The logic is now in a custom binding.
        (WebCore::IDBRequest::error): Updated to use m_isDone instead of m_readyState.
        (WebCore::IDBRequest::source): Deleted. The logic is now in a custom binding.
        (WebCore::IDBRequest::setSource): Set m_objectStoreSource, m_indexSource, and m_cursorSource
        instead of setting m_source.
        (WebCore::IDBRequest::readyState): Updated to use m_isDone instead of m_readyState.
        (WebCore::IDBRequest::sourceObjectStoreIdentifier): Use m_objectStoreSource and
        m_indexSource instead of using m_source. To preserve current behavior, this this does not
        use m_cursorSource since the old code did not handle IDBCursor.
        (WebCore::IDBRequest::sourceIndexIdentifier): Use m_indexSource instead of m_source, preserving
        current behavior.
        (WebCore::IDBRequest::requestedIndexRecordType): Ditto.
        (WebCore::IDBRequest::dispatchEvent): Updated to use m_isDone instead of m_readyState.
        (WebCore::IDBRequest::setResult): Rewrote to use the clearResult function so we don't
        have to repeat the code to clear result pointers. Also take a reference.
        (WebCore::IDBRequest::setResultToStructuredClone): Ditto.
        (WebCore::IDBRequest::clearResult): Clear out m_scriptResult, m_cursorResult, and m_databaseResult
        instead of m_result.
        (WebCore::IDBRequest::setResultToUndefined): Set m_scriptResult instead of m_result.
        (WebCore::IDBRequest::resultCursor): Use m_cursorResult instead of m_result.
        (WebCore::IDBRequest::willIterateCursor): Updated to use m_isDone instead of m_readyState.
        Also call setResultToUndefined instead of setting m_result.
        (WebCore::IDBRequest::didOpenOrIterateCursor): Call setResultToUndefined and set m_cursorResult
        instead of setting m_result.
        (WebCore::IDBRequest::requestCompleted): Updated to use m_isDone instead of m_readyState.
        (WebCore::IDBRequest::setResult): Added for use by the derived class; sets m_databaseResult.

        * Modules/indexeddb/IDBRequest.h: Removed unneeded includes. Removed unused IDBRequestReadyState,
        since that's now done with strings. Added cursorResult, databaseResult, scriptResult,
        objectStoreSource, indexSource, and cursorSource function members and corresponding data members.
        Later we might re-cast this as some sort of union, but for now these separate functions seem fine.
        Removed unused modernResult function. Made more things private.

        * Modules/indexeddb/IDBRequest.idl: Use "any" instead of "IDBAny" for "result" and "source".

        * Modules/indexeddb/IDBTransaction.cpp: Added now-needed includes.
        (WebCore::IDBTransaction::didGetRecordOnServer): Updated to call the version of setResult that takes
        a reference.
        (WebCore::IDBTransaction::didPutOrAddOnServer): Ditto.
        * Modules/indexeddb/IDBTransaction.h: Removed unneeded includes, derive privately from ActiveDOMObject.
        Removed some unneeded WebCore prefixes.

        * Modules/indexeddb/server/MemoryIndex.h: Added now-needed include.

        * Modules/indexeddb/server/MemoryObjectStore.cpp: Added now-needed includes.
        (WebCore::IDBServer::MemoryObjectStore::updateIndexesForPutRecord): Remove unneeded get() call.
        (WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords): Ditto.

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: Added now-needed includes.
        (WebCore::IDBServer::SQLiteIDBBackingStore::updateOneIndexForAddRecord): Remove unneeded get() call.
        (WebCore::IDBServer::SQLiteIDBBackingStore::updateAllIndexesForAddRecord): Ditto.

        * Modules/indexeddb/server/SQLiteIDBCursor.cpp: Added now-needed include.

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp: Added now-needed includes.
        (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): Updated to use JSValue.

        * Modules/indexeddb/server/UniqueIDBDatabase.h: Added now-needed forward declaration of JSC::VM.

        * bindings/js/IDBBindingUtilities.cpp: Added now-needed includes.
        (WebCore::deserializeIDBValueToJSValue): Return JSValue instead of Strong<Unknown>.
        (WebCore::deserializeIDBValueDataToJSValue): Ditto.
        (WebCore::idbKeyDataToScriptValue): Ditto.
        (WebCore::toJS): Added an overload of toJS for IDBKeyPath here. Moved here from JSIDBAnyCustom.cpp.

        * bindings/js/IDBBindingUtilities.h: Removed unneeded include. Changed return types to JSValue.
        Added the toJS function for IDBKeyPath.

        * bindings/js/JSIDBAnyCustom.cpp: Removed.

        * bindings/js/JSIDBCursorCustom.cpp: Added some now-needed includes.
        (WebCore::JSIDBCursor::visitAdditionalChildren): Removed ann unneeded type cast.
        (WebCore::JSIDBCursor::source): Added. Converts either the index source or the object source into
        a JSValue.

        * bindings/js/JSIDBRequestCustom.cpp: Added.
        (WebCore::JSIDBRequest::result): Added. Throws an exception if isDone is false and then converts
        cursor result, database result, or script result into a JSValue.
        (WebCore::JSIDBRequest::source): Added. Converts the cursor source, index source, or object store
        source into a JSValue.

        * bindings/scripts/CodeGeneratorJS.pm:
        (NativeToJSValue): Tweaked the code for array slightly. Added an ImplementationReturnType case
        for IDBKeyPath. The code that's generated is pretty generic, just a call to toJS with the conventional
        arguments, so at some point we may be able to do this with C++ overloading and not require a
        special case in the code generator.

        * inspector/InspectorIndexedDBAgent.cpp: Put #if 0 around the getDatabaseNames code, which was
        dormant and not working.
        (WebCore::OpenDatabaseCallback::handleEvent): Changed this to use IDBOpenDBRequest::databaseResult
        instead of calling the result function checking for an exception and then doing type checking.
        (WebCore::idbKeyRangeFromKeyRange): Updated to use booleans for key range bound open state.
        (WebCore::OpenCursorCallback::handleEvent): Same kind of change as for OpenDatabaseCallback above.
        Also use simpler interface to key, primaryKey, and value.
        (WebCore::InspectorIndexedDBAgent::requestDatabaseNames): Put #if 0 around the getDatabaseNames
        code, which was dormant and not working. Needs to be re-implemented.

2016-04-18  Eric Carlson  <eric.carlson@apple.com>

        Media element "user gesture for fullscreen" restriction is never lifted
        https://bugs.webkit.org/show_bug.cgi?id=156547
        <rdar://problem/25707814>

        Reviewed by Jer Noble.

        Test: media/video-fullscreen-restriction-removed.html

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::playbackPermitted): Check fullscreenPermitted rather than
          checking for a user gesture because the restriction can be removed.

2016-04-18  Frederic Wang  <fwang@igalia.com>

        Refactor RenderMathMLScripts layout to avoid using flexbox
        https://bugs.webkit.org/show_bug.cgi?id=153917

        Reviewed by Martin Robinson.

        Tests: mathml/mathml-in-html5/subsup-parameters-1.html
               mathml/opentype/large-operators-italic-correction.html

        Reimplement RenderMathMLScripts without any flexbox or anonymous.
        We also rely on parameters from the MATH table to improve rendering.

        * css/mathml.css:
        (msub > * + * + *, msup > * + * + *, msubsup > * + * + * + *, msub > mprescripts, msup > mprescripts, msubsup > mprescripts, msub > none, msup > none, msubsup > none, mmultiscripts > mprescripts ~ mprescripts, mmultiscripts > mprescripts ~ mprescripts ~ *): Deleted.
        Invalid markup for scripts is now just hidden.
        * rendering/mathml/RenderMathMLOperator.h: ditto.
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::unembellishedOperator): Reimplemented.
        (WebCore::RenderMathMLScripts::getBaseAndScripts): Helper function to verify whether the
        child list is valid and retrieve pointers on important children.
        (WebCore::RenderMathMLScripts::spaceAfterScript): Helper function to get the
        space after a script.
        (WebCore::RenderMathMLScripts::italicCorrection): Helper function to read the
        italic correction of a largeop base.
        (WebCore::RenderMathMLScripts::computePreferredLogicalWidths): Implement this function.
        (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Helper function to get
        the maximum ascent/descent of all the scripts and determine the minimal
        sub/sup shifts to apply.
        (WebCore::RenderMathMLScripts::mirrorIfNeeded): Helper function to calculate the horizontal
        offset depending on the directionality.
        (WebCore::RenderMathMLScripts::layoutBlock): Implement this function.
        (WebCore::RenderMathMLScripts::firstLineBaseline): Implement this function.
        (WebCore::RenderMathMLScripts::paintChildren): Implement this function.
        (WebCore::RenderMathMLScripts::RenderMathMLScripts): Deleted.
        (WebCore::RenderMathMLScripts::base): Deleted.
        (WebCore::RenderMathMLScripts::fixAnonymousStyleForSubSupPair): Deleted.
        (WebCore::RenderMathMLScripts::fixAnonymousStyles): Deleted.
        (WebCore::RenderMathMLScripts::addChildInternal): Deleted.
        (WebCore::RenderMathMLScripts::removeChildInternal): Deleted.
        (WebCore::RenderMathMLScripts::addChild): Deleted.
        (WebCore::RenderMathMLScripts::removeChild): Deleted.
        (WebCore::RenderMathMLScripts::styleDidChange): Deleted.
        (WebCore::RenderMathMLScripts::layout): Deleted.
        (WebCore::RenderMathMLScriptsWrapper::createAnonymousWrapper): Deleted.
        (WebCore::RenderMathMLScriptsWrapper::addChildInternal): Deleted.
        (WebCore::RenderMathMLScriptsWrapper::addChild): Deleted.
        (WebCore::RenderMathMLScriptsWrapper::removeChildInternal): Deleted.
        (WebCore::RenderMathMLScriptsWrapper::removeChild): Deleted.
        * rendering/mathml/RenderMathMLScripts.h: Update definitions and remove classes
        for anonymous wrappers.

2016-04-18  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Use grid-template-areas to determine the explicit grid
        https://bugs.webkit.org/show_bug.cgi?id=156575

        Reviewed by Darin Adler.

        From the spec (https://drafts.csswg.org/css-grid/#grid-definition):
        "The size of the explicit grid is determined by the larger of the number
        of rows/columns defined by grid-template-areas and the number
        of rows/columns sized by grid-template-rows/grid-template-columns."

        So we need to take into account the rows/columns defined by
        grid-template-areas to determine the size of the explicit grid.

        Test: fast/css-grid-layout/explicit-grid-size.html

        * rendering/style/GridPositionsResolver.cpp:
        (WebCore::GridPositionsResolver::explicitGridColumnCount):
        (WebCore::GridPositionsResolver::explicitGridRowCount):

2016-04-18  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Menu list button doesn't use the text color from the theme
        https://bugs.webkit.org/show_bug.cgi?id=118234

        Reviewed by Darin Adler.

        Set the combo box color accroding to the theme when adjusting the menu list style like Mac port does.

        * rendering/RenderThemeGtk.cpp:
        (WebCore::menuListColor):
        (WebCore::RenderThemeGtk::adjustMenuListStyle):

2016-04-18  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Fix positioned items with content alignment
        https://bugs.webkit.org/show_bug.cgi?id=156597

        Reviewed by Darin Adler.

        Like for the case of gaps we need to take into account
        the content alignment in order to properly place and size
        the positioned items.

        Regarding content alignment we need to care about 2 values:
        the position offset and the distribution offset.
        The position offset can be extracted from m_column|rowPositions,
        but the distribution offset is stored in 2 new variables called
        m_offsetBetweenColumns|Rows.

        Tests: fast/css-grid-layout/grid-positioned-items-content-alignment.html
               fast/css-grid-layout/grid-positioned-items-content-alignment-rtl.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
        (WebCore::RenderGrid::populateGridPositions):
        (WebCore::RenderGrid::columnAxisOffsetForChild):
        (WebCore::RenderGrid::rowAxisOffsetForChild):
        (WebCore::RenderGrid::rowAxisPositionForChild): Deleted.
        * rendering/RenderGrid.h:

2016-04-18  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Add method to translate RTL coordinates
        https://bugs.webkit.org/show_bug.cgi?id=156589

        Reviewed by Antonio Gomes.

        This is just a small refactoring adding a new function
        LayoutGrid::translateRTLCoordinate().
        This method translates to physical coordinates the information
        stored in m_columnPositions when you're using RTL direction.

        No new tests, no change of behavior.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::offsetAndBreadthForPositionedChild): Use the new
        method translateRTLCoordinate().
        (WebCore::RenderGrid::translateRTLCoordinate): New method that converts
        a coordinate from m_columnPositions in RTL into a physical coordinate.
        (WebCore::RenderGrid::findChildLogicalPosition): Use the new method
        translateRTLCoordinate().
        * rendering/RenderGrid.h: Add method signature.

2016-04-18  Yusuke Suzuki  <utatane.tea@gmail.com>

        [Fetch] Use @isArray instead of `instanceof @Array`
        https://bugs.webkit.org/show_bug.cgi?id=156682

        Reviewed by Alex Christensen.

        Currently, we query whether the given value is Array by using `instanceof @Array`.
        But it is not enough; Array from the other realm should be accepted. And Array
        not inheriting @Array should be also accepted.

        Test: fetch/header-constructor-is-array.html

        * Modules/fetch/FetchHeaders.js:
        (initializeFetchHeaders):

2016-04-17  Yoav Weiss  <yoav@yoav.ws>

        Initial Link preload support
        https://bugs.webkit.org/show_bug.cgi?id=156334

        Added basic `<link rel=preload>` functionality that enables preloading
        of resources according to their type.

        Reviewed by Darin Adler.

        Tests: http/tests/preload/download_resources.html
               http/tests/preload/dynamic_adding_preload.html
               http/tests/preload/dynamic_remove_preload_href.html
               http/tests/preload/dynamic_removing_preload.html

        * bindings/generic/RuntimeEnabledFeatures.cpp: Added a runtime flag for the feature.
        (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):
        * bindings/generic/RuntimeEnabledFeatures.h: Added a runtime flag for the feature.
        (WebCore::RuntimeEnabledFeatures::setLinkPreloadEnabled):
        (WebCore::RuntimeEnabledFeatures::linkPreloadEnabled):
        * html/HTMLAttributeNames.in: Added an `as` attribute.
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process): Added `as` and `crossorigin` attribute values to the loadLink() call.
        (WebCore::HTMLLinkElement::setCrossOrigin): Setter for crossOrigin.
        (WebCore::HTMLLinkElement::crossOrigin): Getter for crossOrigin.
        * html/HTMLLinkElement.idl: Added `as` and `crossorigin` to HTMLLinkElement.
        * html/HTMLLinkElement.h: Added getter and setter for crossorigin.
        * html/LinkRelAttribute.cpp:
        (WebCore::LinkRelAttribute::LinkRelAttribute): Added "preload" as a potential value.
        * html/LinkRelAttribute.h: Added isLinkPreload.
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::resourceTypeFromAsAttribute): Translates an `as` value into a resource type.
        (WebCore::preloadIfNeeded): Triggers a resource preload when link element is a preload one.
        (WebCore::LinkLoader::loadLink): Added a call to preloadIfNeeded.
        * loader/LinkLoader.h: Added signatures.
        * loader/ResourceLoadInfo.cpp:
        (WebCore::toResourceType): Added LinkPreload as a possible CachedResource::type.
        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoaded): Added LinkPreload as a possible CachedResource::type.
        * loader/cache/CachedResource.cpp: Turned defaultPriorityForResourceType into a static member, as it's now also called from LinkLoader.
        (WebCore::CachedResource::defaultPriorityForResourceType): Added LinkPreload as a possible CachedResource::type, giving it low priority.
        (WebCore::defaultPriorityForResourceType): Deleted.
        * loader/cache/CachedResource.h: Added LinkPreload as a possible CachedResource::type. Added defaultPriorityForResourceType as static.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::contentTypeFromResourceType): Added LinkPreload as a possible CachedResource::type.
        (WebCore::createResource): Added creation of a LinkPreload resource if needed.
        (WebCore::CachedResourceLoader::checkInsecureContent): Added LinkPreload as a possible CachedResource::type.
        (WebCore::CachedResourceLoader::canRequest): Added LinkPreload as a possible CachedResource::type.
        * testing/Internals.cpp: Added function to turn on the link preload feature.
        (WebCore::setLinkPreloadSupport):
        * testing/Internals.idl: Added function to turn on the link preload feature.
        * testing/Internals.h: Added function signature to turn on the link preload feature.

2016-04-17  Conrad Shultz  <conrad_shultz@apple.com>

        Try (again) to fix debug builds after r199643.

        Unreviewed.

        * dom/ScriptExecutionContext.cpp:
        Add another missing include.

2016-04-17  Conrad Shultz  <conrad_shultz@apple.com>

        Try to fix debug builds after r199643.

        Unreviewed.

        * Modules/indexeddb/IDBObjectStore.cpp:
        Add a missing include.

2016-04-17  Chris Dumez  <cdumez@apple.com>

        [WK2][iOS] Do not dlopen() QuickLook in the NetworkProcess
        https://bugs.webkit.org/show_bug.cgi?id=156639

        Reviewed by Darin Adler.

        Do not unnecessarily dlopen() QuickLook in the NetworkProcess on iOS, as
        we already dlopen() this library in the WebContent process. This patch
        moves the resource response MIME type adjusting code for QuickLook from
        adjustMIMETypeIfNecessary() to a new adjustMIMETypeForQuickLook() function.
        adjustMIMETypeIfNecessary() is called in didReceiveResponse() in the Network
        process side, for *every* resource response, even though QuickLook can only
        be used to preview main resources. The new adjustMIMETypeForQuickLook()
        function is called in the QuickLookHandle::createIfNecessary() factory
        function, right before checking the MIME type to determine if we need to
        use QuickLook, and after checking that the load is for a main resource.
        In the WebKit2 case, the factory function is called from
        WebResourceLoader::didReceiveResponse(), on the WebContent process side.

        This patch speeds up the first page load during PLT by ~22%, because the
        first load no longer triggers a dlopen() to QuickLook in the NetworkProcess.
        The overall PLT score seems to be progressed by 0.9-1% as well. The change
        should also be memory-positive as we no longer need to dlopen() the
        QuickLook library in the NetworkProcess at all (and we would already dlopen()
        it on the WebContent process side anyway). Sadly, PLUM benchmark does not
        show the memory benefit because it does not measure the memory used by the
        Network process.

        * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
        Refactor the code a bit for clarity, so that we only
        ResourceHandle::setQuickLookHandle() when QuickLookHandle::createIfNecessary()
        returns a non-null pointer.

        * platform/network/ios/QuickLook.h:
        - Rename the factories from create() to createIfNecessary() given that they
          return nullptr when it is unnecessary to create such handle (i.e. this is not
          a main resource loader, or it is unecessary given the response's MIME type.
        - Make shouldCreateForMIMEType() private now that this is always called inside
          the factory functions.

        * platform/network/ios/QuickLook.mm:
        (adjustMIMETypeForQuickLook):
        Extracted code for adjusting the MIME type for QuickLook from the generic
        adjustMIMETypeIfNecessary() in WebCoreURLResponseIOS.mm to its own function
        here.

        (WebCore::QuickLookHandle::createIfNecessary):
        Call adjustMIMETypeForQuickLook() before checking the MIME type.

        * platform/network/ios/WebCoreURLResponseIOS.mm:
        (WebCore::adjustMIMETypeIfNecessary):
        Extracted QuickLook-specific code to QuickLook.mm.

        * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
        (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
        Refactor the code a bit for clarity, so that we only
        ResourceHandle::setQuickLookHandle() when QuickLookHandle::createIfNecessary()
        returns a non-null pointer.

2016-04-17  Brady Eidson  <beidson@apple.com>

        Clean up IDBBindingUtilities.
        https://bugs.webkit.org/show_bug.cgi?id=156472

        Reviewed by Alex Christensen.

        No new tests (No change in behavior).

        - Get rid of a whole bunch of unused functions (since we got rid of Legacy IDB).
        - Make more functions deal in ExecState/ScriptExecutionContexts instead of DOMRequestState.
        - Make more functions deal in JSValue (as JSC::Strong<JSC::Unknown>) instead of Deprecated::ScriptValue.

        * bindings/scripts/IDLAttributes.txt: Add a new attribute to signify that an implementation returns
          JSValues instead of Deprecated::ScriptState
        * bindings/scripts/CodeGeneratorJS.pm:
        (NativeToJSValue): Use that new attribute.
        
        * Modules/indexeddb/IDBAny.cpp:
        (WebCore::IDBAny::IDBAny):
        (WebCore::IDBAny::scriptValue):
        * Modules/indexeddb/IDBAny.h:
        (WebCore::IDBAny::create):
        
        * Modules/indexeddb/IDBCursor.cpp:
        (WebCore::IDBCursor::key):
        (WebCore::IDBCursor::primaryKey):
        (WebCore::IDBCursor::value):
        (WebCore::IDBCursor::update):
        (WebCore::IDBCursor::continueFunction):
        (WebCore::IDBCursor::deleteFunction):
        (WebCore::IDBCursor::setGetResult):
        * Modules/indexeddb/IDBCursor.h:
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBCursorWithValue.idl:
        
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::cmp):
        
        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::count):
        (WebCore::IDBIndex::get):
        (WebCore::IDBIndex::getKey):
        
        * Modules/indexeddb/IDBKeyRange.cpp:
        (WebCore::IDBKeyRange::lowerValue):
        (WebCore::IDBKeyRange::upperValue):
        (WebCore::IDBKeyRange::only):
        (WebCore::IDBKeyRange::lowerBound):
        (WebCore::IDBKeyRange::upperBound):
        (WebCore::IDBKeyRange::bound):
        * Modules/indexeddb/IDBKeyRange.h:
        * Modules/indexeddb/IDBKeyRange.idl:
        
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::get):
        (WebCore::IDBObjectStore::modernDelete):
        (WebCore::IDBObjectStore::count):
        
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::setResult):
        (WebCore::IDBRequest::setResultToStructuredClone):
        
        * Modules/indexeddb/server/MemoryObjectStore.cpp:
        (WebCore::IDBServer::MemoryObjectStore::updateIndexesForPutRecord):
        (WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords):
        
        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::updateOneIndexForAddRecord):
        (WebCore::IDBServer::SQLiteIDBBackingStore::updateAllIndexesForAddRecord):
        
        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd):
        
        * bindings/js/IDBBindingUtilities.cpp:
        (WebCore::idbKeyPathFromValue):
        (WebCore::internalCreateIDBKeyFromScriptValueAndKeyPath):
        (WebCore::injectIDBKeyIntoScriptValue):
        (WebCore::maybeCreateIDBKeyFromScriptValueAndKeyPath):
        (WebCore::canInjectIDBKeyIntoScriptValue):
        (WebCore::deserializeIDBValueToJSValue):
        (WebCore::deserializeIDBValueDataToJSValue):
        (WebCore::scriptValueToIDBKey):
        (WebCore::idbKeyDataToScriptValue):
        (WebCore::idbKeyDataToJSValue): Deleted.
        (WebCore::createIDBKeyFromScriptValueAndKeyPath): Deleted.
        (WebCore::deserializeIDBValue): Deleted.
        (WebCore::deserializeIDBValueData): Deleted.
        (WebCore::deserializeIDBValueBuffer): Deleted.
        (WebCore::idbValueDataToJSValue): Deleted.
        (WebCore::idbKeyToScriptValue): Deleted.
        * bindings/js/IDBBindingUtilities.h:

        * bindings/js/JSIDBAnyCustom.cpp:
        (WebCore::toJS):

        * bindings/js/JSIDBDatabaseCustom.cpp:
        (WebCore::JSIDBDatabase::createObjectStore):

        * bindings/js/JSIDBObjectStoreCustom.cpp:
        (WebCore::JSIDBObjectStore::createIndex):

        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::execState):
        * dom/ScriptExecutionContext.h:

        * inspector/InspectorIndexedDBAgent.cpp:

2016-04-17  Darin Adler  <darin@apple.com>

        Remove more uses of Deprecated::ScriptXXX
        https://bugs.webkit.org/show_bug.cgi?id=156660

        Reviewed by Antti Koivisto.

        * Modules/mediacontrols/MediaControlsHost.h: Removed unneeded include.

        * Modules/plugins/PluginReplacement.h: Removed unneeded include.
        Changed argument to installReplacement into a reference. Changed return
        value for creation function from PassRefPtr to Ref.

        * Modules/plugins/QuickTimePluginReplacement.h: Removed unneeded includes and
        forward declarations. Marked class final. Made almost everything private.

        * Modules/plugins/QuickTimePluginReplacement.mm:
        (WebCore::QuickTimePluginReplacement::create): Changed to return Ref.
        (WebCore::QuickTimePluginReplacement::installReplacement): Changed to take
        a reference.

        * Modules/plugins/YouTubePluginReplacement.cpp:
        (WebCore::YouTubePluginReplacement::create): Changed to return Ref.
        (WebCore::YouTubePluginReplacement::installReplacement): Changed to take
        a reference.

        * Modules/plugins/YouTubePluginReplacement.h: Removed unneeded includes and
        forward declarations. Marked class final. Changed return type of create.

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::didReceiveBinaryData): Removed local variable so the
        MessageEvent::create function gets a Ref&& instead of a RefPtr without having
        to add explicit WTFMove.

        * bindings/js/DOMRequestState.h: Removed code that set m_exec twice.

        * bindings/js/Dictionary.h: Reformatted function templates to use a single
        line so they are easier to look at.
        (WebCore::Dictionary::getEventListener): Rewrote this so it no longer uses
        a Deprecated::ScriptValue and also make it a little more compact and terse.

        * bindings/js/JSCommandLineAPIHostCustom.cpp:
        (WebCore::JSCommandLineAPIHost::inspect): Rewrote to use JSValue instead of
        Deprecated::ScriptValue. Considerably more efficient.

        * bindings/js/JSMessageEventCustom.cpp:
        (WebCore::JSMessageEvent::data): Streamlined to use Deprecated::ScriptValue
        a little bit less.

        * bindings/js/JSNodeCustom.cpp: Moved include here from header.
        * bindings/js/JSNodeCustom.h: Moved include from here to cpp file.

        * bindings/js/JSPopStateEventCustom.cpp:
        (WebCore::JSPopStateEvent::state): Updated for changes to return value of the
        state() and serializedState functions.

        * bindings/js/ScriptState.h: Removed the ScriptState typedef.

        * bindings/js/SerializedScriptValue.cpp: Moved include here from header.
        * bindings/js/SerializedScriptValue.h: Moved include from here to cpp file.

        * css/FontFace.cpp:
        (WebCore::FontFace::create): Changed argument to JSValue instead of ScriptValue.
        * css/FontFace.h: Ditto.

        * dom/MessageEvent.cpp: Moved create functions in here from header file.
        Removed some unused ones including one that took a Deprecated::ScriptValue.
        * dom/MessageEvent.h: Streamlined create functions, removing unused functions,
        unused arguments, and unused default values for arguments. Also moved them all
        into the cpp file instead of inlining them. Also changed the return type of
        dataAsScriptValue to JSValue.

        * dom/NodeFilterCondition.h: Removed unneeded include. Tweaked formatting.

        * dom/PopStateEvent.h: Changed return value of state to be a JSValue and of
        serializedState to be a raw pointer, not a PassRefPtr.

        * dom/Traversal.h: Removed unneeded include. Removed unnecessary use of
        unsigned long instead of unsigned. Fixed indentation.

        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::didAddUserAgentShadowRoot): Pass reference.

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForEventListener): Pass JSValue instead
        of constructing a Deprecated::ScriptValue.

        * inspector/InspectorFrontendHost.cpp:
        (WebCore::FrontendMenuProvider::disconnect): Initialize without explicitly
        mentioning the Deprecated::ScriptObject type.

        * inspector/InspectorIndexedDBAgent.cpp: Removed unneeded include.

        * inspector/InspectorInstrumentation.h: Removed unneeded include and also
        declaration of two non-existent functions.

        * page/DOMWindow.cpp:
        (WebCore::PostMessageTimer::PostMessageTimer): Tweaked types a little bit to
        match what is used in MessageEvent now.
        (WebCore::PostMessageTimer::event): Streamlined a bit and changed type to
        reference.
        (WebCore::DOMWindow::postMessage): Updated for changes above.
        (WebCore::DOMWindow::postMessageTimerFired): Ditto.

        * page/EventSource.cpp:
        (WebCore::EventSource::createMessageEvent): Removed now-unneeded
        "false, false" from MessageEvent::create function call.

        * page/csp/ContentSecurityPolicy.h: Removed unneeded include.

        * page/csp/ContentSecurityPolicyDirectiveList.h: Removed unneeded
        include and also unneeded non-copyable, since the class has a reference as
        a data member and so is automatically non-copyable.

        * testing/Internals.cpp:
        (WebCore::Internals::description): Changed to take JSValue.
        (WebCore::Internals::parserMetaData): Ditto.
        (WebCore::Internals::serializeObject): Removed unnecessary copying of vector.
        (WebCore::Internals::isFromCurrentWorld): Changed to take JSValue.
        (WebCore::Internals::isReadableStreamDisturbed): Changed to not rely on the
        ScriptState typedef and call it JSC::ExecState.

        * testing/Internals.h: Removed unneeded includes. Removed unneeded and
        inappropriate use of ASSERT_NO_EXCEPTION.

2016-04-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Fetch API] Consume HTTP data as a ReadableStream
        https://bugs.webkit.org/show_bug.cgi?id=138968

        Reviewed by Alex Christensen.

        This patch introduces ReadableStreamSource and ReadableStreamController which allow feeding a ReadableStream from DOM classes.
        ReadableStreamSource is a base class for all DOM ReadableStream sources.
        ReadableStreamController is a wrapper around JSReadableStreamController that can be invoked by DOM code to enqueue/close/error a ReadableStream.
        A createReadableStream function is introduced to allow DOM classes creating ReadableStream.

        Added support for a FetchResponse ReadableStream source.
        Both synthetic FetchResponse and loading FetchResponse are supported.
        A new "Stream" FetchLoader::Type is introduced to allow receiving data as chunks and feeding them to a ReadableStream through ReadableStreamSource.

        Currently, FetchResponse is consumed and marked as disturbed as soon as a ReadableStreamSource is created.
        This should be changed so that consumption happens on the first read call to the ReadableStreamReader, i.e. when stream gets disturbed.

        FetchResponseSource never fulfills the start promise, which allows to enqueue, error or close the stream at any time.
        FetchResponseSource must therefore always ensure to close or error the stream.
        Added support for locked check in FetchResponse.

        Tests: imported/w3c/web-platform-tests/fetch/api/response/response-cancel-stream.html
               imported/w3c/web-platform-tests/fetch/api/response/response-consume-stream.html
               imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-1.html
               imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-2.html
               imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-3.html
               imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-4.html
               imported/w3c/web-platform-tests/fetch/api/response/response-stream-disturbed-5.html
        Also covered by rebased tests.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/fetch/FetchBody.cpp:
        (WebCore::FetchBody::consumeAsStream): Fill stream with body data.
        * Modules/fetch/FetchBody.h:
        (WebCore::FetchBody::type): Added accessor to body type, used for assertions.
        * Modules/fetch/FetchBodyOwner.cpp:
        (WebCore::FetchBodyOwner::isDisturbed): Adding stream isLocked check.
        (WebCore::FetchBodyOwner::blobLoadingSucceeded): Added assertion that body type is blob. Closing stream if created.
        (WebCore::FetchBodyOwner::blobLoadingFailed): Erroring the stream if created and not cancelled.
        (WebCore::FetchBodyOwner::blobChunk): Filling stream with chunk.
        (WebCore::FetchBodyOwner::stop): Rmoved call to finishBlobLoading as it should be called as part of FetchLoaderCLient::didFail callbacki.
        * Modules/fetch/FetchBodyOwner.h:
        * Modules/fetch/FetchLoader.cpp: Fixing the case of cancel being called when creating the ThreadableLoader by introducing FetchLoader::m_isStarted.
        (WebCore::FetchLoader::start): Setting m_isStarted at the end of the start method.
        (WebCore::FetchLoader::stop): Fixing the case that FetchLoader can be destroyed when cancelling its loader.
        (WebCore::FetchLoader::startStreaming): Introduced to switch the loading type from ArayBuffer to Stream. Already buffered data is returned.
        (WebCore::FetchLoader::didReceiveData): Handling of the new Stream type.
        (WebCore::FetchLoader::didFinishLoading):
        * Modules/fetch/FetchLoader.h:
        * Modules/fetch/FetchLoaderClient.h:
        (WebCore::FetchLoaderClient::didReceiveData): Callback to get data as chunks if loader is of type Stream.
        * Modules/fetch/FetchResponse.cpp:
        (WebCore::FetchResponse::clone): Removed m_isLocked as it is handled within isDisturbed().
        (WebCore::FetchResponse::isDisturbed): Checking whether related ReadableStream is locked.
        (WebCore::FetchResponse::BodyLoader::didSucceed): Introduced to handle ReadableStream case.
        (WebCore::FetchResponse::BodyLoader::didFail): Ditto.
        (WebCore::FetchResponse::BodyLoader::didReceiveData): Ditto.
        (WebCore::FetchResponse::BodyLoader::startStreaming): Ditto.
        (WebCore::FetchResponse::consumeBodyAsStream): Start filling the ReadableStream with data. Changing loader to Stream if there is one.
        (WebCore::FetchResponse::createReadableStreamSource): Called by custom binding to create the source.
        (WebCore::FetchResponse::stop): Fixing potential crash in case of cancelling the ibody stream.
        (WebCore::FetchResponse::startFetching):
        (WebCore::FetchResponse::BodyLoader::didFinishLoadingAsArrayBuffer):
        * Modules/fetch/FetchResponse.h:
        * Modules/fetch/FetchResponse.idl:
        * Modules/fetch/FetchResponseSource.cpp: Specialization of ReadableStreamSource for FetchResponse. It is a push source that never resolves the start promise.
        (WebCore::FetchResponseSource::FetchResponseSource):
        (WebCore::FetchResponseSource::isReadableStreamLocked):
        (WebCore::FetchResponseSource::setActive):
        (WebCore::FetchResponseSource::setInactive):
        (WebCore::FetchResponseSource::doStart):
        (WebCore::FetchResponseSource::doCancel):
        (WebCore::FetchResponseSource::close):
        (WebCore::FetchResponseSource::error):
        * Modules/fetch/FetchResponseSource.h: Added.
        * Modules/streams/ReadableStreamController.js:
        (error):
        * Modules/streams/ReadableStreamSource.h: Added (base class for ReadableStream DOM sources).
        (WebCore::ReadableStreamSource::~ReadableStreamSource):
        (WebCore::ReadableStreamSource::isStarting):
        (WebCore::ReadableStreamSource::isPulling):
        (WebCore::ReadableStreamSource::isCancelling):
        (WebCore::ReadableStreamSource::controller):
        (WebCore::ReadableStreamSource::doStart):
        (WebCore::ReadableStreamSource::doCancel):
        (WebCore::ReadableStreamSource::start):
        (WebCore::ReadableStreamSource::cancel):
        (WebCore::ReadableStreamSource::startFinished):
        (WebCore::ReadableStreamSource::clean):
        * Modules/streams/ReadableStreamSource.idl: Added.
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSFetchResponseCustom.cpp: In case body is not created, call createReadableStreamSource.
        (WebCore::JSFetchResponse::body):
        * bindings/js/JSReadableStreamSourceCustom.cpp: Added.
        (WebCore::JSReadableStreamSource::start):
        (WebCore::JSReadableStreamSource::pull):
        (WebCore::JSReadableStreamSource::controller):
        * bindings/js/ReadableStreamController.cpp: Added.
        (WebCore::callFunction):
        (WebCore::ReadableStreamController::invoke):
        (WebCore::ReadableStreamController::isControlledReadableStreamLocked):
        (WebCore::createReadableStream):
        * bindings/js/ReadableStreamController.h: The DOM wrapper for JSReadableStreamController.
        (WebCore::ReadableStreamController::ReadableStreamController):
        (WebCore::ReadableStreamController::close):
        (WebCore::ReadableStreamController::error):
        (WebCore::ReadableStreamController::enqueue):
        (WebCore::ReadableStreamController::globalObject):
        (WebCore::ReadableStreamController::enqueue<RefPtr<JSC::ArrayBuffer>>):
        (WebCore::ReadableStreamController::error<String>):

2016-04-16  Antti Koivisto  <antti@apple.com>

        Element should be const in StyleResolver
        https://bugs.webkit.org/show_bug.cgi?id=156672

        Reviewed by Darin Adler.

        Resolving element style shouldn't mutate it.

        This patch just does Element* -> const Element*, all the groundwork has been done already.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::sweepMatchedPropertiesCache):
        (WebCore::StyleResolver::State::State):
        (WebCore::StyleResolver::State::setStyle):
        (WebCore::isAtShadowBoundary):
        (WebCore::StyleResolver::styleForElement):
        (WebCore::doesNotInheritTextDecoration):
        (WebCore::StyleResolver::adjustStyleForInterCharacterRuby):
        (WebCore::StyleResolver::adjustRenderStyle):
        (WebCore::StyleResolver::checkRegionStyle):
        (WebCore::StyleResolver::updateFont):
        (WebCore::StyleResolver::styleRulesForElement):
        (WebCore::StyleResolver::pseudoStyleRulesForElement):
        (WebCore::StyleResolver::applyMatchedProperties):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::style):
        (WebCore::StyleResolver::parentStyle):
        (WebCore::StyleResolver::rootElementStyle):
        (WebCore::StyleResolver::element):
        (WebCore::StyleResolver::document):
        (WebCore::StyleResolver::documentSettings):
        (WebCore::StyleResolver::usesFirstLineRules):
        (WebCore::StyleResolver::usesFirstLetterRules):
        (WebCore::StyleResolver::State::State):
        (WebCore::StyleResolver::State::document):
        (WebCore::StyleResolver::State::element):
        (WebCore::StyleResolver::State::style):
        (WebCore::StyleResolver::hasSelectorForId):
        (WebCore::checkRegionSelector):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::RenderTheme):
        (WebCore::RenderTheme::adjustStyle):
        (WebCore::RenderTheme::adjustCheckboxStyle):
        (WebCore::RenderTheme::adjustRadioStyle):
        (WebCore::RenderTheme::adjustButtonStyle):
        (WebCore::RenderTheme::adjustInnerSpinButtonStyle):
        (WebCore::RenderTheme::adjustTextFieldStyle):
        (WebCore::RenderTheme::adjustTextAreaStyle):
        (WebCore::RenderTheme::adjustMenuListStyle):
        (WebCore::RenderTheme::adjustMeterStyle):
        (WebCore::RenderTheme::paintMeter):
        (WebCore::RenderTheme::adjustCapsLockIndicatorStyle):
        (WebCore::RenderTheme::paintCapsLockIndicator):
        (WebCore::RenderTheme::adjustAttachmentStyle):
        (WebCore::RenderTheme::animationDurationForProgressBar):
        (WebCore::RenderTheme::adjustProgressBarStyle):
        (WebCore::RenderTheme::shouldHaveCapsLockIndicator):
        (WebCore::RenderTheme::adjustMenuListButtonStyle):
        (WebCore::RenderTheme::adjustMediaControlStyle):
        (WebCore::RenderTheme::adjustSliderTrackStyle):
        (WebCore::RenderTheme::adjustSliderThumbStyle):
        (WebCore::RenderTheme::adjustSliderThumbSize):
        (WebCore::RenderTheme::adjustSearchFieldStyle):
        (WebCore::RenderTheme::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderTheme::adjustSearchFieldDecorationPartStyle):
        (WebCore::RenderTheme::adjustSearchFieldResultsDecorationPartStyle):
        (WebCore::RenderTheme::adjustSearchFieldResultsButtonStyle):
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::minimumMenuListSize):
        (WebCore::RenderTheme::popupInternalPaddingBox):
        (WebCore::RenderTheme::popupOptionSupportsTextIndent):
        (WebCore::RenderTheme::paintRadioDecorations):
        (WebCore::RenderTheme::paintButtonDecorations):
        (WebCore::RenderTheme::paintTextField):
        (WebCore::RenderTheme::paintTextFieldDecorations):
        (WebCore::RenderTheme::paintTextArea):
        (WebCore::RenderTheme::paintTextAreaDecorations):
        (WebCore::RenderTheme::paintMenuList):
        (WebCore::RenderTheme::paintMenuListDecorations):
        (WebCore::RenderTheme::paintMenuListButtonDecorations):
        (WebCore::RenderTheme::paintPushButtonDecorations):
        (WebCore::RenderTheme::paintSquareButtonDecorations):
        (WebCore::RenderTheme::paintProgressBar):
        (WebCore::RenderTheme::paintSliderTrack):
        (WebCore::RenderTheme::paintSliderThumb):
        (WebCore::RenderTheme::paintSliderThumbDecorations):
        (WebCore::RenderTheme::paintSearchField):
        (WebCore::RenderTheme::paintSearchFieldDecorations):
        (WebCore::RenderTheme::paintSearchFieldCancelButton):
        (WebCore::RenderTheme::paintSearchFieldDecorationPart):
        (WebCore::RenderTheme::paintSearchFieldResultsDecorationPart):
        (WebCore::RenderTheme::paintSearchFieldResultsButton):
        (WebCore::RenderTheme::paintMediaFullscreenButton):
        (WebCore::RenderTheme::paintMediaPlayButton):
        (WebCore::RenderTheme::paintMediaOverlayPlayButton):
        * rendering/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::paintSliderTrack):
        (WebCore::RenderThemeEfl::adjustSliderTrackStyle):
        (WebCore::RenderThemeEfl::adjustSliderThumbStyle):
        (WebCore::RenderThemeEfl::adjustSliderThumbSize):
        (WebCore::RenderThemeEfl::paintSliderThumb):
        (WebCore::RenderThemeEfl::adjustCheckboxStyle):
        (WebCore::RenderThemeEfl::paintCheckbox):
        (WebCore::RenderThemeEfl::adjustRadioStyle):
        (WebCore::RenderThemeEfl::paintRadio):
        (WebCore::RenderThemeEfl::adjustButtonStyle):
        (WebCore::RenderThemeEfl::paintButton):
        (WebCore::RenderThemeEfl::adjustMenuListStyle):
        (WebCore::RenderThemeEfl::paintMenuList):
        (WebCore::RenderThemeEfl::adjustMenuListButtonStyle):
        (WebCore::RenderThemeEfl::paintMenuListButtonDecorations):
        (WebCore::RenderThemeEfl::adjustTextFieldStyle):
        (WebCore::RenderThemeEfl::paintTextField):
        (WebCore::RenderThemeEfl::adjustTextAreaStyle):
        (WebCore::RenderThemeEfl::paintTextArea):
        (WebCore::RenderThemeEfl::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeEfl::paintSearchFieldResultsButton):
        (WebCore::RenderThemeEfl::adjustSearchFieldResultsDecorationPartStyle):
        (WebCore::RenderThemeEfl::paintSearchFieldResultsDecorationPart):
        (WebCore::RenderThemeEfl::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeEfl::paintSearchFieldCancelButton):
        (WebCore::RenderThemeEfl::adjustSearchFieldStyle):
        (WebCore::RenderThemeEfl::paintSearchField):
        (WebCore::RenderThemeEfl::adjustInnerSpinButtonStyle):
        (WebCore::RenderThemeEfl::updateCachedSystemFontDescription):
        (WebCore::RenderThemeEfl::adjustProgressBarStyle):
        * rendering/RenderThemeEfl.h:
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::adjustRepaintRect):
        (WebCore::RenderThemeGtk::adjustButtonStyle):
        (WebCore::RenderThemeGtk::paintButton):
        (WebCore::RenderThemeGtk::adjustMenuListStyle):
        (WebCore::RenderThemeGtk::adjustMenuListButtonStyle):
        (WebCore::RenderThemeGtk::paintMenuListButtonDecorations):
        (WebCore::RenderThemeGtk::adjustTextFieldStyle):
        (WebCore::RenderThemeGtk::paintTextField):
        (WebCore::RenderThemeGtk::paintTextArea):
        (WebCore::RenderThemeGtk::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeGtk::paintSearchFieldResultsButton):
        (WebCore::RenderThemeGtk::adjustSearchFieldResultsDecorationPartStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
        (WebCore::RenderThemeGtk::adjustSearchFieldStyle):
        (WebCore::RenderThemeGtk::shouldHaveCapsLockIndicator):
        (WebCore::RenderThemeGtk::adjustSliderTrackStyle):
        (WebCore::RenderThemeGtk::adjustSliderThumbStyle):
        (WebCore::RenderThemeGtk::paintSliderTrack):
        (WebCore::RenderThemeGtk::adjustSliderThumbSize):
        (WebCore::RenderThemeGtk::innerSpinButtonLayout):
        (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
        (WebCore::spinButtonArrowSize):
        (WebCore::RenderThemeGtk::paintMediaCurrentTime):
        (WebCore::RenderThemeGtk::adjustProgressBarStyle):
        * rendering/RenderThemeGtk.h:
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::addRoundedBorderClip):
        (WebCore::RenderThemeIOS::adjustCheckboxStyle):
        (WebCore::RenderThemeIOS::isControlStyled):
        (WebCore::RenderThemeIOS::adjustRadioStyle):
        (WebCore::adjustInputElementButtonStyle):
        (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
        (WebCore::RenderThemeIOS::adjustSliderTrackStyle):
        (WebCore::RenderThemeIOS::paintSliderTrack):
        (WebCore::RenderThemeIOS::adjustSliderThumbSize):
        (WebCore::RenderThemeIOS::sliderTickOffsetFromTrackCenter):
        (WebCore::RenderThemeIOS::adjustSearchFieldStyle):
        (WebCore::RenderThemeIOS::paintSearchFieldDecorations):
        (WebCore::RenderThemeIOS::adjustButtonStyle):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintTextField):
        (WebCore::RenderThemeMac::adjustTextFieldStyle):
        (WebCore::RenderThemeMac::paintTextArea):
        (WebCore::RenderThemeMac::adjustTextAreaStyle):
        (WebCore::RenderThemeMac::animationDurationForProgressBar):
        (WebCore::RenderThemeMac::adjustProgressBarStyle):
        (WebCore::menuListButtonSizes):
        (WebCore::RenderThemeMac::adjustMenuListStyle):
        (WebCore::RenderThemeMac::popupMenuSize):
        (WebCore::RenderThemeMac::adjustMenuListButtonStyle):
        (WebCore::RenderThemeMac::adjustSliderTrackStyle):
        (WebCore::RenderThemeMac::paintSliderTrack):
        (WebCore::RenderThemeMac::adjustSliderThumbStyle):
        (WebCore::RenderThemeMac::setSearchFieldSize):
        (WebCore::RenderThemeMac::adjustSearchFieldStyle):
        (WebCore::RenderThemeMac::cancelButtonSizes):
        (WebCore::RenderThemeMac::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeMac::resultsButtonSizes):
        (WebCore::RenderThemeMac::adjustSearchFieldDecorationPartStyle):
        (WebCore::RenderThemeMac::paintSearchFieldDecorationPart):
        (WebCore::RenderThemeMac::adjustSearchFieldResultsDecorationPartStyle):
        (WebCore::RenderThemeMac::paintSearchFieldResultsDecorationPart):
        (WebCore::RenderThemeMac::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeMac::adjustSliderThumbSize):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::paintButton):
        (WebCore::RenderThemeWin::adjustInnerSpinButtonStyle):
        (WebCore::RenderThemeWin::paintMenuList):
        (WebCore::RenderThemeWin::adjustMenuListStyle):
        (WebCore::RenderThemeWin::adjustMenuListButtonStyle):
        (WebCore::RenderThemeWin::adjustSliderThumbSize):
        (WebCore::RenderThemeWin::paintSearchField):
        (WebCore::RenderThemeWin::adjustSearchFieldStyle):
        (WebCore::RenderThemeWin::paintSearchFieldCancelButton):
        (WebCore::RenderThemeWin::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldDecorationPartStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsDecorationPartStyle):
        (WebCore::RenderThemeWin::paintSearchFieldResultsDecorationPart):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeWin::adjustMeterStyle):
        * rendering/RenderThemeWin.h:

2016-04-16  Antti Koivisto  <antti@apple.com>

        CSSCursorImageValue shouldn't mutate element during style resolution
        https://bugs.webkit.org/show_bug.cgi?id=156659

        Reviewed by Darin Adler.

        CSSCursorImageValue::updateIfSVGCursorIsUsed may mutate the argument element.

        This patch removes the code that caches cursor element and image to SVGElement rare data.
        The whole things is basically unused. CSSCursorImageValue now maintains a weak map to
        SVGCursorElements directly instead of indirectly via the using SVGElements.

        * css/CSSCursorImageValue.cpp:
        (WebCore::CSSCursorImageValue::CSSCursorImageValue):
        (WebCore::CSSCursorImageValue::~CSSCursorImageValue):
        (WebCore::CSSCursorImageValue::customCSSText):
        (WebCore::CSSCursorImageValue::updateCursorElement):

            We no longer rely on SVGElement rare data so no need to test for SVGElement.

        (WebCore::CSSCursorImageValue::cursorElementRemoved):
        (WebCore::CSSCursorImageValue::cursorElementChanged):

            Factor to a function.

        (WebCore::CSSCursorImageValue::cachedImage):
        (WebCore::CSSCursorImageValue::clearCachedImage):
        (WebCore::CSSCursorImageValue::equals):
        (WebCore::CSSCursorImageValue::removeReferencedElement): Deleted.

            Don't track client elements anymore. Just track referenced SVGCursorElements.

        * css/CSSCursorImageValue.h:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueCursor):

            No need to make style unique. Initialization is now done in updateSVGCursorElement.

        * svg/SVGCursorElement.cpp:
        (WebCore::SVGCursorElement::~SVGCursorElement):
        (WebCore::SVGCursorElement::isSupportedAttribute):
        (WebCore::SVGCursorElement::parseAttribute):
        (WebCore::SVGCursorElement::addClient):
        (WebCore::SVGCursorElement::removeClient):

            Client is now an CSSCursorImageValue rather than SVGElement.

        (WebCore::SVGCursorElement::svgAttributeChanged):

            Instead of invalidating element style just invalidate the CSSCursorImageValue directly.

        (WebCore::SVGCursorElement::addSubresourceAttributeURLs):
        (WebCore::SVGCursorElement::removeReferencedElement): Deleted.
        * svg/SVGCursorElement.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::~SVGElement):
        (WebCore::SVGElement::getBoundingBox):
        (WebCore::SVGElement::correspondingElement):
        (WebCore::SVGElement::setCursorElement): Deleted.
        (WebCore::SVGElement::cursorElementRemoved): Deleted.
        (WebCore::SVGElement::setCursorImageValue): Deleted.
        (WebCore::SVGElement::cursorImageValueRemoved): Deleted.

            SVGElements no longer need to know about their cursors.

        * svg/SVGElement.h:
        * svg/SVGElementRareData.h:
        (WebCore::SVGElementRareData::instanceUpdatesBlocked):
        (WebCore::SVGElementRareData::setInstanceUpdatesBlocked):
        (WebCore::SVGElementRareData::correspondingElement):
        (WebCore::SVGElementRareData::setCorrespondingElement):
        (WebCore::SVGElementRareData::animatedSMILStyleProperties):
        (WebCore::SVGElementRareData::ensureAnimatedSMILStyleProperties):
        (WebCore::SVGElementRareData::cursorElement): Deleted.
        (WebCore::SVGElementRareData::setCursorElement): Deleted.
        (WebCore::SVGElementRareData::cursorImageValue): Deleted.
        (WebCore::SVGElementRareData::setCursorImageValue): Deleted.

2016-04-15  Darin Adler  <darin@apple.com>

        Reduce use of Deprecated::ScriptXXX classes
        https://bugs.webkit.org/show_bug.cgi?id=156632

        Reviewed by Alex Christensen.

        * Modules/mediastream/SDPProcessor.cpp: Removed unneeded include.

        * bindings/js/JSCommandLineAPIHostCustom.cpp:
        (WebCore::JSCommandLineAPIHost::inspectedObject): Use JSValue.
        * bindings/js/JSCustomEventCustom.cpp:
        (WebCore::JSCustomEvent::detail): Ditto.
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld): Ditto.
        (WebCore::ScriptController::evaluate): Ditto.
        (WebCore::ScriptController::executeScriptInWorld): Ditto.
        (WebCore::ScriptController::executeScript): Ditto.
        (WebCore::ScriptController::executeIfJavaScriptURL): Ditto.
        * bindings/js/ScriptController.h: Ditto.

        * bindings/js/ScriptGlobalObject.cpp: Removed unused overload of set,
        and unused remove and folded handleException function into its one call site.
        (WebCore::ScriptGlobalObject::set): Take references instead of pointers.
        (WebCore::ScriptGlobalObject::get): Use JSObject instead of Deprecated::ScriptObject.
        * bindings/js/ScriptGlobalObject.h: Updated for the above.

        * dom/CustomEvent.cpp:
        (WebCore::CustomEvent::initCustomEvent): Take JSValue and ExecState instead of
        Deprecated::ScriptValue.
        (WebCore::CustomEvent::trySerializeDetail): Take a reference instead of a pointer.
        Also removed an unneeded null check.
        * dom/CustomEvent.h: Use JSValue.
        * dom/CustomEvent.idl: Updated for the above.

        * html/HTMLMediaElement.cpp: Remove unneeded include.

        * inspector/CommandLineAPIHost.cpp:
        (WebCore::CommandLineAPIHost::InspectableObject::get): Take reference instead of
        pointer and return JSValue.
        * inspector/CommandLineAPIHost.h: Updated for the above.

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::setDocument): Use "document" instead of "doc".
        (WebCore::InspectorDOMAgent::setAttributesAsText): Omit redundant class name.
        (WebCore::InspectorDOMAgent::focusNode): Ditto. Pass reference instead of pointer.
        (WebCore::InspectorDOMAgent::undo): Ditto.
        (WebCore::InspectorDOMAgent::redo): Ditto.
        (WebCore::InspectorDOMAgent::nodeForObjectId): Stop using Deprecated::ScriptValue.
        (WebCore::InspectorDOMAgent::resolveNode): Ditto.
        (WebCore::InspectorDOMAgent::scriptValueAsNode): Removed unneeded isObject check,
        which is already done by JSNode::toWrapped. Use JSValue.
        (WebCore::InspectorDOMAgent::nodeAsScriptValue): Use JSValue.
        * inspector/InspectorDOMAgent.h: Updated for the above.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::windowObjectCleared): Use references instead of
        pointers and removed unneeded local.
        (WebCore::InspectorFrontendClientLocal::evaluateAsBoolean): More of the same.
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::showContextMenu): Ditto.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::breakpointActionProbe): Updated to take
        reference instead of pointer and JSValue instead of ScriptValue.
        * inspector/InspectorTimelineAgent.h: Ditto.
        * inspector/PageConsoleAgent.cpp: Ditto.
        * inspector/PageDebuggerAgent.cpp:
        (WebCore::PageDebuggerAgent::breakpointActionLog): Ditto.
        * inspector/PageDebuggerAgent.h: Ditto.

2016-04-15  Daniel Bates  <dabates@apple.com>

        CSP: Ignore paths in CSP matching after redirects
        https://bugs.webkit.org/show_bug.cgi?id=153154
        <rdar://problem/24383215>

        Reviewed by Brent Fulgham.

        For sub-resources that redirect, match the URL that is the result of the redirect against
        the source expressions in Content Security Policy ignoring any paths in those source
        expressions as per section Paths and Redirects of the Content Security Policy Level 2 spec.,
        <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 29 August 2015).

        Tests: http/tests/security/contentSecurityPolicy/audio-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/embed-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/embed-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/embed-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/embed-redirect-blocked2.html
               http/tests/security/contentSecurityPolicy/embed-redirect-blocked3.html
               http/tests/security/contentSecurityPolicy/font-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/form-action-src-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/form-action-src-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-child-src.html
               http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-child-src2.html
               http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-frame-src.html
               http/tests/security/contentSecurityPolicy/iframe-redirect-allowed-by-frame-src2.html
               http/tests/security/contentSecurityPolicy/iframe-redirect-blocked-by-child-src.html
               http/tests/security/contentSecurityPolicy/iframe-redirect-blocked-by-frame-src.html
               http/tests/security/contentSecurityPolicy/image-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/object-redirect-allowed.html
               http/tests/security/contentSecurityPolicy/object-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/object-redirect-blocked.html
               http/tests/security/contentSecurityPolicy/object-redirect-blocked2.html
               http/tests/security/contentSecurityPolicy/object-redirect-blocked3.html
               http/tests/security/contentSecurityPolicy/script-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/stylesheet-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/svg-font-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/svg-image-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/track-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/video-redirect-allowed2.html
               http/tests/security/contentSecurityPolicy/xsl-redirect-allowed2.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest): Define a local variable didReceiveRedirectResponse as
        to whether this request follows from having received a redirect response from the server. Pass this
        information to FrameLoader::checkIfFormActionAllowedByCSP() and PolicyChecker::checkNavigationPolicy()
        for its consideration.
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::redirectReceived): Pass whether we have a non-null redirect
        response (i.e. received a redirect response from the server) to DocumentThreadableLoader::isAllowedByContentSecurityPolicy()
        for its consideration.
        (WebCore::DocumentThreadableLoader::loadRequest): Pass whether we performed a redirect to
        DocumentThreadableLoader::isAllowedByContentSecurityPolicy() for its consideration.
        (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Modified to take a boolean
        argument as to whether a redirect was performed. We pass this information to the appropriate
        ContentSecurityPolicy method.
        * loader/DocumentThreadableLoader.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkIfFormActionAllowedByCSP): Modified to take a boolean argument as to whether
        a redirect response was received and passes this information to ContentSecurityPolicy::allowFormAction()
        for its consideration.
        (WebCore::FrameLoader::loadURL): Modified to tell PolicyChecker::checkNavigationPolicy() that the navigation
        is not in response to having received a redirect response from the server.
        (WebCore::FrameLoader::loadWithDocumentLoader): Ditto.
        * loader/FrameLoader.h:
        * loader/PolicyChecker.cpp:
        (WebCore::isAllowedByContentSecurityPolicy): Modified to take a boolean argument as to whether
        a redirect response was received and passes this information to the appropriate ContentSecurityPolicy member
        function for consideration.
        (WebCore::PolicyChecker::checkNavigationPolicy): Modified to take a boolean argument as to whether a redirect
        response was received and passes this information through to WebCore::isAllowedByContentSecurityPolicy().
        * loader/PolicyChecker.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequestInternal): Modified to tell CachedResourceLoader::canRequest() that
        the request is in response to having received a redirect response from the server.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::canRequest): Modified to take a boolean argument as to whether a redirect
        response was received and passes this information through to the appropriate ContentSecurityPolicy member
        function for consideration.
        * loader/cache/CachedResourceLoader.h:
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::allowScriptFromSource): Modified to take an argument as to whether a
        redirect response was received and passes this information through to ContentSecurityPolicyDirectiveList.
        (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
        * page/csp/ContentSecurityPolicy.h:
        * page/csp/ContentSecurityPolicyDirectiveList.cpp:
        (WebCore::checkSource):
        (WebCore::checkFrameAncestors):
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForChildContext): Modified to take an argument
        as to whether a redirect response was received and passes this information through to the CSP directive.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForConnectSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFont): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFormAction): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrame): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForImage): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForMedia): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForObjectSource): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScript): Ditto.
        (WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyle): Ditto.
        * page/csp/ContentSecurityPolicyDirectiveList.h:
        * page/csp/ContentSecurityPolicySource.cpp:
        (WebCore::ContentSecurityPolicySource::matches): Modified to take an argument as to whether a redirect response
        was received. When the specified URL follows from having received a redirect response then ignore the path
        component of the source expression when checking for a match. Otherwise, consider the path component of the
        source expression when performing the match.
        * page/csp/ContentSecurityPolicySource.h:
        * page/csp/ContentSecurityPolicySourceList.cpp:
        (WebCore::ContentSecurityPolicySourceList::matches): Modified to take an argument as to whether a redirect
        response was received and pass this information through to ContentSecurityPolicySource::matches().
        * page/csp/ContentSecurityPolicySourceList.h:
        * page/csp/ContentSecurityPolicySourceListDirective.cpp:
        (WebCore::ContentSecurityPolicySourceListDirective::allows): Modified to take an argument as to whether a
        redirect response was received and pass this information through to ContentSecurityPolicySourceList::matches().
        * page/csp/ContentSecurityPolicySourceListDirective.h:

2016-04-15  Myles C. Maxfield  <mmaxfield@apple.com>

        [CSS Font Loading] FontFace's promise may never be resolved/rejected if Content Security Policy blocks all the URLs
        https://bugs.webkit.org/show_bug.cgi?id=156605

        Reviewed by Daniel Bates.

        If all the fonts are blocked, we will create a FontFace with no FontFaceSources.
        Loading such a FontFace should reject the promise.

        Test: fast/text/font-loading-csp-block-all.html

        * css/CSSFontFace.cpp:
        (WebCore::CSSFontFace::pump):

2016-04-15  Alex Christensen  <achristensen@webkit.org>

        [WinCairo] Another unreviewed build fix.

        * platform/network/curl/MultipartHandle.cpp:
        (WebCore::MultipartHandle::parseHeadersIfPossible):

2016-04-15  Brent Fulgham  <bfulgham@apple.com>

        [WinCairo] Unreviewed build fix.,

        * platform/network/curl/MultipartHandle.cpp:
        (WebCore::MultipartHandle::parseHeadersIfPossible): Correct for new method signature.

2016-04-15  Myles C. Maxfield  <mmaxfield@apple.com>

        ASSERT when loading github.com
        https://bugs.webkit.org/show_bug.cgi?id=156604
        <rdar://problem/19890634>

        Reviewed by Darin Adler.

        HTMLFormControlElement::m_isValid is a cache of the results of the valid() function.
        When cloning the node, we were preserving each individual item, but not the state
        of the cache. Therefore, the cache and the attributes didn't agree with each other.

        Test: fast/forms/checkValidity-cloneNode-crash.html

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::copyNonAttributePropertiesFromElement):

2016-04-15  Brent Fulgham  <bfulgham@apple.com>

        Remove support for X-Frame-Options in `<meta>`
        https://bugs.webkit.org/show_bug.cgi?id=156625
        <rdar://problem/25748714>

        Reviewed by Darin Adler.

        Follow RFC7034 (Section 4), which recommends that 'X-Frame-Options' be ignored when delivered as part of
        a '<meta http-equiv="...">' tag. This brings us in line with Firefox, Edge, and Blink.

        Tests: http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-in-body.html
               http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-parent-same-origin-allow.html
               http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag-parent-same-origin-deny.html
               http/tests/security/XFrameOptions/x-frame-options-ignore-deny-meta-tag.html
               http/tests/security/xssAuditor/meta-tag-http-refresh-x-frame-options-ignored.html

        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv): Log error message instead of blocking the load.

2016-04-15  Jer Noble  <jer.noble@apple.com>

        Audio elements should be able to have a controls manager.
        https://bugs.webkit.org/show_bug.cgi?id=156630

        Reviewed by Beth Dakin.

        Now that there is no longer a architectural restriction about what kind of media elements
        can be used with WebPlaybackSessionManager, allow audio elements to create a controls
        manager.

        Drive-by fix: clear the controls manager when destroying the media player due to entering
        the page cache, and when destroying the media element.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        (WebCore::HTMLMediaElement::updatePlayState):
        (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::canControlControlsManager):

2016-04-15  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Calling SVGAnimatedPropertyTearOff::animationEnded() will crash if the SVG property is not animating
        https://bugs.webkit.org/show_bug.cgi?id=156549

        Reviewed by Darin Adler.

        A speculative fix for a crash which may happen when calling animationEnded()
        of any SVGAnimatedProperty while it is not animating.

        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::executeAction):

2016-04-15  Jer Noble  <jer.noble@apple.com>

        Unreviewed build fix for iOS simulator. Assert the correct variable.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerLayer layoutSublayers]):
        (-[WebAVPlayerLayer resolveBounds]):
        (-[WebAVPlayerLayer setVideoGravity:]):

2016-04-14  Jer Noble  <jer.noble@apple.com>

        Allow WebVideoFullscreenManager and Proxy to be used by audio elements.
        https://bugs.webkit.org/show_bug.cgi?id=156564

        Reviewed by Beth Dakin.

        No new tests; this refactors existing functionality into new classes.

        Tease apart the various WebVideoFullscreen{Interface,Model}{AVKit,Mac,VideoElement} into new
        WebPlaybackSession… classes dealing exclusively with playback state and commands, leaving
        fullscreen state and commands in the WebVideoFullscreen… classes. Specifically, create the
        following new classes:

        - WebPlaybackSessionInterface (copied from WebVideoFullscreenInterface)
        - WebPlaybackSessionModelMediaElement (copied from WebVideoFullscreenModelMediaElement)
        - WebPlaybackSessionModel (copied from WebVideoFullscreenModel)
        - WebPlaybackSessionInterfaceAVKit (copied from WebVideoFullscreenInterfaceAVKit)
        - WebPlaybackSessionInterfaceMac (copied from WebVideoFullscreenInterfaceMac)

        WebVideoFullscreenInterface and WebVideoFullscreenModel now inherit from
        WebPlaybackSessionInterface and WebPlaybackSessionModel, respectively. The concrete
        WebVideoFullscreen… subclasses each take their respective WebPlaybackSession… subclasses and
        fulfill their WebPlaybackSession interfaces through composition.

        As part of this big tease-apart, the WebAVPlayerController class needs to be exposed in a
        header (as it's accessed by two different classes now), so that class is moved into its own
        implementation and header files.

        The one case where a change in a WebPlaybackSession… class needs to be reflected in a
        WebVideoFullscreen… class is in WebPlaybackSessionInterfaceAVKit, where
        WebVideoFullscreenInterfaceAVKit needs to be notified when external playback becomes dis/en-
        abled, so a new WebPlaybackSessionInterfaceAVKitClient interface has been added to allow the
        WebPlaybackSession… to notify the WebVideoFullscreen….

        The responsibility for the "controls manager" has moved from the WebVideoFullscreen… classes
        to the WebPlaybackSession… classes, so the ChromeClient interface for creating and destroying
        those controls is similarly renamed from setUpVideoControlsManager() to
        setUpPlaybackControlsManager().

        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updatePlayState):
        * page/ChromeClient.h:
        * platform/cocoa/WebPlaybackSessionInterface.h: Copied from Source/WebCore/platform/cocoa/WebVideoFullscreenInterface.h.
        (WebCore::WebPlaybackSessionInterface::~WebPlaybackSessionInterface):
        * platform/cocoa/WebPlaybackSessionModel.h: Added.
        (WebCore::WebPlaybackSessionModel::~WebPlaybackSessionModel):
        * platform/cocoa/WebPlaybackSessionModelMediaElement.h: Added.
        (WebCore::WebPlaybackSessionModelMediaElement::create):
        (WebCore::WebPlaybackSessionModelMediaElement::mediaElement):
        * platform/cocoa/WebPlaybackSessionModelMediaElement.mm: Added.
        (WebPlaybackSessionModelMediaElement::WebPlaybackSessionModelMediaElement):
        (WebPlaybackSessionModelMediaElement::~WebPlaybackSessionModelMediaElement):
        (WebPlaybackSessionModelMediaElement::setWebPlaybackSessionInterface):
        (WebPlaybackSessionModelMediaElement::setMediaElement):
        (WebPlaybackSessionModelMediaElement::handleEvent):
        (WebPlaybackSessionModelMediaElement::updateForEventName):
        (WebPlaybackSessionModelMediaElement::play):
        (WebPlaybackSessionModelMediaElement::pause):
        (WebPlaybackSessionModelMediaElement::togglePlayState):
        (WebPlaybackSessionModelMediaElement::beginScrubbing):
        (WebPlaybackSessionModelMediaElement::endScrubbing):
        (WebPlaybackSessionModelMediaElement::seekToTime):
        (WebPlaybackSessionModelMediaElement::fastSeek):
        (WebPlaybackSessionModelMediaElement::beginScanningForward):
        (WebPlaybackSessionModelMediaElement::beginScanningBackward):
        (WebPlaybackSessionModelMediaElement::endScanning):
        (WebPlaybackSessionModelMediaElement::selectAudioMediaOption):
        (WebPlaybackSessionModelMediaElement::selectLegibleMediaOption):
        (WebPlaybackSessionModelMediaElement::updateLegibleOptions):
        (WebPlaybackSessionModelMediaElement::observedEventNames):
        (WebPlaybackSessionModelMediaElement::eventNameAll):
        * platform/cocoa/WebPlaybackSessionModelVideoElement.cpp: Copied from Source/WebCore/platform/cocoa/WebVideoFullscreenModelVideoElement.mm.
        (WebPlaybackSessionModelVideoElement::WebPlaybackSessionModelVideoElement):
        (WebPlaybackSessionModelVideoElement::~WebPlaybackSessionModelVideoElement):
        (WebPlaybackSessionModelVideoElement::setWebVideoFullscreenInterface):
        (WebPlaybackSessionModelVideoElement::setVideoElement):
        (WebPlaybackSessionModelVideoElement::handleEvent):
        (WebPlaybackSessionModelVideoElement::updateForEventName):
        (WebPlaybackSessionModelVideoElement::play):
        (WebPlaybackSessionModelVideoElement::pause):
        (WebPlaybackSessionModelVideoElement::togglePlayState):
        (WebPlaybackSessionModelVideoElement::beginScrubbing):
        (WebPlaybackSessionModelVideoElement::endScrubbing):
        (WebPlaybackSessionModelVideoElement::seekToTime):
        (WebPlaybackSessionModelVideoElement::fastSeek):
        (WebPlaybackSessionModelVideoElement::beginScanningForward):
        (WebPlaybackSessionModelVideoElement::beginScanningBackward):
        (WebPlaybackSessionModelVideoElement::endScanning):
        (WebPlaybackSessionModelVideoElement::selectAudioMediaOption):
        (WebPlaybackSessionModelVideoElement::selectLegibleMediaOption):
        (WebPlaybackSessionModelVideoElement::updateLegibleOptions):
        (WebPlaybackSessionModelVideoElement::observedEventNames):
        (WebPlaybackSessionModelVideoElement::eventNameAll):
        * platform/cocoa/WebVideoFullscreenInterface.h:
        * platform/cocoa/WebVideoFullscreenModel.h:
        (WebCore::WebVideoFullscreenModel::~WebVideoFullscreenModel): Deleted.
        * platform/cocoa/WebVideoFullscreenModelVideoElement.h:
        (WebCore::WebVideoFullscreenModelVideoElement::create):
        * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::WebVideoFullscreenModelVideoElement):
        (WebVideoFullscreenModelVideoElement::setWebVideoFullscreenInterface):
        (WebVideoFullscreenModelVideoElement::setVideoElement):
        (WebVideoFullscreenModelVideoElement::play):
        (WebVideoFullscreenModelVideoElement::pause):
        (WebVideoFullscreenModelVideoElement::togglePlayState):
        (WebVideoFullscreenModelVideoElement::beginScrubbing):
        (WebVideoFullscreenModelVideoElement::endScrubbing):
        (WebVideoFullscreenModelVideoElement::seekToTime):
        (WebVideoFullscreenModelVideoElement::fastSeek):
        (WebVideoFullscreenModelVideoElement::beginScanningForward):
        (WebVideoFullscreenModelVideoElement::beginScanningBackward):
        (WebVideoFullscreenModelVideoElement::endScanning):
        (WebVideoFullscreenModelVideoElement::selectAudioMediaOption):
        (WebVideoFullscreenModelVideoElement::selectLegibleMediaOption):
        (WebVideoFullscreenModelVideoElement::handleEvent): Deleted.
        (WebVideoFullscreenModelVideoElement::setVideoFullscreenLayer): Deleted.
        (WebVideoFullscreenModelVideoElement::setVideoLayerFrame): Deleted.
        (WebVideoFullscreenModelVideoElement::setVideoLayerGravity): Deleted.
        (WebVideoFullscreenModelVideoElement::observedEventNames): Deleted.
        (WebVideoFullscreenModelVideoElement::eventNameAll): Deleted.
        (WebVideoFullscreenModelVideoElement::fullscreenModeChanged): Deleted.
        (WebVideoFullscreenModelVideoElement::isVisible): Deleted.
        * platform/ios/WebAVPlayerController.h: Added.
        * platform/ios/WebAVPlayerController.mm: Added.
        (-[WebAVPlayerController dealloc]):
        (-[WebAVPlayerController resetState]):
        (-[WebAVPlayerController player]):
        (-[WebAVPlayerController forwardingTargetForSelector:]):
        (-[WebAVPlayerController play:]):
        (-[WebAVPlayerController pause:]):
        (-[WebAVPlayerController togglePlayback:]):
        (-[WebAVPlayerController togglePlaybackEvenWhenInBackground:]):
        (-[WebAVPlayerController isPlaying]):
        (-[WebAVPlayerController setPlaying:]):
        (+[WebAVPlayerController keyPathsForValuesAffectingPlaying]):
        (-[WebAVPlayerController beginScrubbing:]):
        (-[WebAVPlayerController endScrubbing:]):
        (-[WebAVPlayerController seekToTime:]):
        (-[WebAVPlayerController currentTimeWithinEndTimes]):
        (-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
        (+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):
        (-[WebAVPlayerController hasLiveStreamingContent]):
        (+[WebAVPlayerController keyPathsForValuesAffectingHasLiveStreamingContent]):
        (-[WebAVPlayerController skipBackwardThirtySeconds:]):
        (-[WebAVPlayerController gotoEndOfSeekableRanges:]):
        (-[WebAVPlayerController canScanForward]):
        (+[WebAVPlayerController keyPathsForValuesAffectingCanScanForward]):
        (-[WebAVPlayerController beginScanningForward:]):
        (-[WebAVPlayerController endScanningForward:]):
        (-[WebAVPlayerController beginScanningBackward:]):
        (-[WebAVPlayerController endScanningBackward:]):
        (-[WebAVPlayerController canSeekToBeginning]):
        (+[WebAVPlayerController keyPathsForValuesAffectingCanSeekToBeginning]):
        (-[WebAVPlayerController seekToBeginning:]):
        (-[WebAVPlayerController seekChapterBackward:]):
        (-[WebAVPlayerController canSeekToEnd]):
        (+[WebAVPlayerController keyPathsForValuesAffectingCanSeekToEnd]):
        (-[WebAVPlayerController seekToEnd:]):
        (-[WebAVPlayerController seekChapterForward:]):
        (-[WebAVPlayerController hasMediaSelectionOptions]):
        (+[WebAVPlayerController keyPathsForValuesAffectingHasMediaSelectionOptions]):
        (-[WebAVPlayerController hasAudioMediaSelectionOptions]):
        (+[WebAVPlayerController keyPathsForValuesAffectingHasAudioMediaSelectionOptions]):
        (-[WebAVPlayerController hasLegibleMediaSelectionOptions]):
        (+[WebAVPlayerController keyPathsForValuesAffectingHasLegibleMediaSelectionOptions]):
        (-[WebAVPlayerController currentAudioMediaSelectionOption]):
        (-[WebAVPlayerController setCurrentAudioMediaSelectionOption:]):
        (-[WebAVPlayerController currentLegibleMediaSelectionOption]):
        (-[WebAVPlayerController setCurrentLegibleMediaSelectionOption:]):
        (-[WebAVPlayerController isPlayingOnExternalScreen]):
        (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):
        (-[WebAVPlayerController isPictureInPictureInterrupted]):
        (-[WebAVPlayerController setPictureInPictureInterrupted:]):
        * platform/ios/WebPlaybackSessionInterfaceAVKit.h: Added.
        (WebCore::WebPlaybackSessionInterfaceAVKitClient::~WebPlaybackSessionInterfaceAVKitClient):
        * platform/ios/WebPlaybackSessionInterfaceAVKit.mm: Added.
        (WebCore::WebPlaybackSessionInterfaceAVKit::WebPlaybackSessionInterfaceAVKit):
        (WebCore::WebPlaybackSessionInterfaceAVKit::~WebPlaybackSessionInterfaceAVKit):
        (WebCore::WebPlaybackSessionInterfaceAVKit::resetMediaState):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setWebPlaybackSessionModel):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setDuration):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setCurrentTime):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setBufferedTime):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setRate):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setSeekableRanges):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setCanPlayFastReverse):
        (WebCore::mediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setAudioMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setLegibleMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setExternalPlayback):
        (WebCore::WebPlaybackSessionInterfaceAVKit::setWirelessVideoPlaybackDisabled):
        (WebCore::WebPlaybackSessionInterfaceAVKit::wirelessVideoPlaybackDisabled):
        (WebCore::WebPlaybackSessionInterfaceAVKit::invalidate):
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::setUpFullscreen):
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerViewControllerDelegate fullscreenInterface]):
        (-[WebAVPlayerViewControllerDelegate setFullscreenInterface:]):
        (-[WebAVPlayerLayer fullscreenInterface]):
        (-[WebAVPlayerLayer setFullscreenInterface:]):
        (-[WebAVPlayerLayer layoutSublayers]):
        (-[WebAVPlayerLayer resolveBounds]):
        (-[WebAVPlayerLayer setVideoGravity:]):
        (WebVideoFullscreenInterfaceAVKit::create):
        (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit):
        (WebVideoFullscreenInterfaceAVKit::~WebVideoFullscreenInterfaceAVKit):
        (WebVideoFullscreenInterfaceAVKit::playerController):
        (WebVideoFullscreenInterfaceAVKit::resetMediaState):
        (WebVideoFullscreenInterfaceAVKit::setDuration):
        (WebVideoFullscreenInterfaceAVKit::setCurrentTime):
        (WebVideoFullscreenInterfaceAVKit::setBufferedTime):
        (WebVideoFullscreenInterfaceAVKit::setRate):
        (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
        (WebVideoFullscreenInterfaceAVKit::setSeekableRanges):
        (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse):
        (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions):
        (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions):
        (WebVideoFullscreenInterfaceAVKit::setExternalPlayback):
        (WebVideoFullscreenInterfaceAVKit::externalPlaybackEnabledChanged):
        (WebVideoFullscreenInterfaceAVKit::setWirelessVideoPlaybackDisabled):
        (WebVideoFullscreenInterfaceAVKit::wirelessVideoPlaybackDisabled):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::mayAutomaticallyShowVideoPictureInPicture):
        (-[WebAVPlayerViewControllerDelegate playerViewControllerWillStartPictureInPicture:]): Deleted.
        (-[WebAVPlayerViewControllerDelegate playerViewControllerDidStartPictureInPicture:]): Deleted.
        (-[WebAVPlayerViewControllerDelegate playerViewControllerFailedToStartPictureInPicture:withError:]): Deleted.
        (-[WebAVPlayerViewControllerDelegate playerViewControllerWillStopPictureInPicture:]): Deleted.
        (-[WebAVPlayerViewControllerDelegate playerViewControllerDidStopPictureInPicture:]): Deleted.
        (convertToExitFullScreenReason): Deleted.
        (-[WebAVPlayerViewControllerDelegate playerViewController:shouldExitFullScreenWithReason:]): Deleted.
        (-[WebAVPlayerViewControllerDelegate playerViewController:restoreUserInterfaceForPictureInPictureStopWithCompletionHandler:]): Deleted.
        (-[WebAVPlayerLayer init]): Deleted.
        (-[WebAVPlayerLayer dealloc]): Deleted.
        (-[WebAVPlayerLayer videoGravity]): Deleted.
        (-[WebAVPlayerLayer videoRect]): Deleted.
        (+[WebAVPlayerLayer keyPathsForValuesAffectingVideoRect]): Deleted.
        (WebAVPictureInPicturePlayerLayerView_layerClass): Deleted.
        (getWebAVPictureInPicturePlayerLayerViewClass): Deleted.
        (WebAVPlayerLayerView_layerClass): Deleted.
        (WebAVPlayerLayerView_playerController): Deleted.
        (WebAVPlayerLayerView_setPlayerController): Deleted.
        (WebAVPlayerLayerView_videoView): Deleted.
        (WebAVPlayerLayerView_setVideoView): Deleted.
        (WebAVPlayerLayerView_startRoutingVideoToPictureInPicturePlayerLayerView): Deleted.
        (WebAVPlayerLayerView_stopRoutingVideoToPictureInPicturePlayerLayerView): Deleted.
        (WebAVPlayerLayerView_pictureInPicturePlayerLayerView): Deleted.
        (WebAVPlayerLayerView_dealloc): Deleted.
        (getWebAVPlayerLayerViewClass): Deleted.
        (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenModel): Deleted.
        (WebVideoFullscreenInterfaceAVKit::setWebVideoFullscreenChangeObserver): Deleted.
        (WebVideoFullscreenInterfaceAVKit::applicationDidBecomeActive): Deleted.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Deleted.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): Deleted.
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Deleted.
        (WebVideoFullscreenInterfaceAVKit::didStartPictureInPicture): Deleted.
        (WebVideoFullscreenInterfaceAVKit::failedToStartPictureInPicture): Deleted.
        (WebVideoFullscreenInterfaceAVKit::willStopPictureInPicture): Deleted.
        (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture): Deleted.
        (WebVideoFullscreenInterfaceAVKit::prepareForPictureInPictureStopWithCompletionHandler): Deleted.
        (WebVideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason): Deleted.
        (WebVideoFullscreenInterfaceAVKit::watchdogTimerFired): Deleted.
        (WebVideoFullscreenInterfaceAVKit::setMode): Deleted.
        (WebVideoFullscreenInterfaceAVKit::clearMode): Deleted.
        (WebCore::supportsPictureInPicture): Deleted.
        * platform/mac/WebPlaybackSessionInterfaceMac.h: Added.
        * platform/mac/WebPlaybackSessionInterfaceMac.mm: Copied from Source/WebCore/platform/mac/WebVideoFullscreenInterfaceMac.mm.
        (-[WebAVMediaSelectionOptionMac localizedDisplayName]):
        (-[WebAVMediaSelectionOptionMac setLocalizedDisplayName:]):
        (-[WebPlaybackControlsManager initWithWebPlaybackSessionInterfaceMac:]):
        (-[WebPlaybackControlsManager timing]):
        (-[WebPlaybackControlsManager setTiming:]):
        (-[WebPlaybackControlsManager seekableTimeRanges]):
        (-[WebPlaybackControlsManager setSeekableTimeRanges:]):
        (-[WebPlaybackControlsManager isSeeking]):
        (-[WebPlaybackControlsManager seekToTime:toleranceBefore:toleranceAfter:]):
        (-[WebPlaybackControlsManager audioMediaSelectionOptions]):
        (-[WebPlaybackControlsManager setAudioMediaSelectionOptions:]):
        (-[WebPlaybackControlsManager currentAudioMediaSelectionOption]):
        (-[WebPlaybackControlsManager setCurrentAudioMediaSelectionOption:]):
        (-[WebPlaybackControlsManager legibleMediaSelectionOptions]):
        (-[WebPlaybackControlsManager setLegibleMediaSelectionOptions:]):
        (-[WebPlaybackControlsManager currentLegibleMediaSelectionOption]):
        (-[WebPlaybackControlsManager setCurrentLegibleMediaSelectionOption:]):
        (-[WebPlaybackControlsManager cancelThumbnailAndAudioAmplitudeSampleGeneration]):
        (WebCore::WebPlaybackSessionInterfaceMac::~WebPlaybackSessionInterfaceMac):
        (WebCore::WebPlaybackSessionInterfaceMac::setWebPlaybackSessionModel):
        (WebCore::WebPlaybackSessionInterfaceMac::setDuration):
        (WebCore::WebPlaybackSessionInterfaceMac::setCurrentTime):
        (WebCore::WebPlaybackSessionInterfaceMac::setRate):
        (WebCore::WebPlaybackSessionInterfaceMac::setSeekableRanges):
        (WebCore::mediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceMac::setAudioMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceMac::setLegibleMediaSelectionOptions):
        (WebCore::WebPlaybackSessionInterfaceMac::invalidate):
        (WebCore::WebPlaybackSessionInterfaceMac::ensureControlsManager):
        (WebCore::WebPlaybackSessionInterfaceMac::playBackControlsManager):
        * platform/mac/WebVideoFullscreenInterfaceMac.h:
        * platform/mac/WebVideoFullscreenInterfaceMac.mm:
        (WebCore::WebVideoFullscreenInterfaceMac::WebVideoFullscreenInterfaceMac):
        (WebCore::WebVideoFullscreenInterfaceMac::setWebVideoFullscreenModel):
        (WebCore::WebVideoFullscreenInterfaceMac::setDuration):
        (WebCore::WebVideoFullscreenInterfaceMac::setCurrentTime):
        (WebCore::WebVideoFullscreenInterfaceMac::setRate):
        (WebCore::WebVideoFullscreenInterfaceMac::setSeekableRanges):
        (WebCore::WebVideoFullscreenInterfaceMac::setAudioMediaSelectionOptions):
        (WebCore::WebVideoFullscreenInterfaceMac::setLegibleMediaSelectionOptions):
        (WebCore::WebVideoFullscreenInterfaceMac::ensureControlsManager):
        (WebCore::WebVideoFullscreenInterfaceMac::~WebVideoFullscreenInterfaceMac): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::setWebVideoFullscreenChangeObserver): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::setMode): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::clearMode): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::setupFullscreen): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::enterFullscreen): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreen): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::exitFullscreenWithoutAnimationToMode): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::cleanupFullscreen): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::invalidate): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::preparedToReturnToInline): Deleted.
        (WebCore::WebVideoFullscreenInterfaceMac::setVideoDimensions): Deleted.
        (WebCore::supportsPictureInPicture): Deleted.

2016-04-15  Chris Dumez  <cdumez@apple.com>

        [COCOA] Do not unnecessarily initialize ResourceResponse::m_httpVersion as part of common fields
        https://bugs.webkit.org/show_bug.cgi?id=156606

        Reviewed by Darin Adler.

        Do not unnecessarily initialize ResourceResponse::m_httpVersion as part of common fields.

        We previously initialized m_httpVersion when calling platformLazyInit(CommonFieldsOnly),
        even though this is not a common field. The corresponding getter/setter in
        HTTPResponseBase call lazyInit(AllFields).

        * platform/network/cf/ResourceResponseCFNet.cpp:
        (WebCore::ResourceResponse::platformLazyInit):
        * platform/network/cocoa/ResourceResponseCocoa.mm:
        (WebCore::ResourceResponse::platformLazyInit):

2016-04-15  John Wilander  <wilander@apple.com>

        Refactor WebSockets handshake to use StringView instead of String for header validation.
        https://bugs.webkit.org/show_bug.cgi?id=155602

        Reviewed by Darin Adler.

        No new tests. Existing test have been augmented.

        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::readServerHandshake):
            Made sure failure reason was set consistently with makeString().
        (WebCore::headerHasValidHTTPVersion):
            Now operates on the HTTP status line with StringView.
        (WebCore::WebSocketHandshake::readStatusLine):
            Now operates on the HTTP status line with StringView.
        (WebCore::WebSocketHandshake::readHTTPHeaders):
            Now operates on header names with StringView.
            Made sure failure reason was set consistently with makeString() and ASCIILiteral().
        (WebCore::WebSocketHandshake::checkResponseHeaders):
            Made sure failure reason was set consistently with ASCIILiteral().
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseHTTPRequestLine):
            Made sure failure reason was set consistently with ASCIILiteral().
        (WebCore::isValidHeaderNameCharacter):
            Inlined function to check if a character is allowed in an HTTP header name according to RFC 7230.
            https://tools.ietf.org/html/rfc7230 (June 2014)
        (WebCore::parseHTTPHeader):
        * platform/network/HTTPParsers.h:
            Now receives the HTTP header name as a StringView.
            Checks that header names only contain valid characters according to RFC 7230 (see above).
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::addHTTPHeaderField):
        * platform/network/ResourceRequestBase.h:
             Now has an overloaded function which receives the HTTP header name as an HTTPHeaderName enum value.
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::addHTTPHeaderField):
        * platform/network/ResourceResponseBase.h:
             Now has an overloaded function which receives the HTTP header name as an HTTPHeaderName enum value.

2016-04-15  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Presentational role on SVG elements is trumped by child 'title' and 'desc' elements
        https://bugs.webkit.org/show_bug.cgi?id=156519

        Reviewed by Chris Fleizach.

        Override the presentational role on SVG elements which have a child 'title' or 'desc'
        element. As a result of this change, AccessibilitySVGRoot objects would be exposed
        with an AccessibilityRole of UnknownRole. Therefore map included AccessibilitySVGRoot
        objects to GroupRole as per the SVG Accessibility API Mapping specification.

        Also use indexOfBestMatchingLanguageInList() to identify which child 'title' or 'desc'
        element is the best match for the parent element.

        New Test: accessibility/w3c-svg-content-language-attribute.html

        Also: Update w3c-svg-presentational-role.html expectations because there are test cases
        in which elements are now being included in the accessibility tree as a result of this
        change. Also add new test cases which lack child 'title' and 'desc' elements.

        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilitySVGElement.cpp:
        (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
        (WebCore::AccessibilitySVGElement::accessibilityDescription):
        (WebCore::AccessibilitySVGElement::helpText):
        (WebCore::AccessibilitySVGElement::computeAccessibilityIsIgnored):
        (WebCore::AccessibilitySVGElement::determineAriaRoleAttribute):
        * accessibility/AccessibilitySVGElement.h:
        * accessibility/AccessibilitySVGRoot.h:

2016-04-15  Chris Dumez  <cdumez@apple.com>

        Rename [GlobalContext] extended attribute to [Exposed] and align with WebIDL
        https://bugs.webkit.org/show_bug.cgi?id=156615

        Reviewed by Youenn Fablet.

        Rename [GlobalContext] extended attribute to [Exposed] and align with WebIDL:
        - http://heycam.github.io/webidl/#Exposed

        * bindings/scripts/IDLAttributes.txt:
        Stop recognizing [GlobalContext] and start recognizing [Exposed].

        * bindings/scripts/IDLParser.pm:
        (parseIdentifierList):
        (parseExtendedAttributeRest2):
        Add IDL parser support for having a list of identifiers as value
        for an IDL extended attribute, e.g. Exposed=(Window, Worker).

        * bindings/scripts/preprocess-idls.pl:
        Tweak existing support for [GlobalContext] to use [Exposed] instead
        and support the new syntax.

        (getInterfaceExtendedAttributesFromIDL):
        Do not split on commas that are within brackets.

        * Modules/fetch/FetchBody.idl:
        * Modules/fetch/FetchHeaders.idl:
        * Modules/fetch/FetchRequest.idl:
        * Modules/fetch/FetchResponse.idl:
        * Modules/streams/ByteLengthQueuingStrategy.idl:
        * Modules/streams/CountQueuingStrategy.idl:
        * Modules/streams/ReadableStream.idl:
        * Modules/streams/ReadableStreamController.idl:
        * Modules/streams/ReadableStreamReader.idl:
        * Modules/websockets/WebSocket.idl:
        * dom/MessageChannel.idl:
        * dom/MessageEvent.idl:
        * fileapi/Blob.idl:
        * fileapi/FileReader.idl:
        * fileapi/FileReaderSync.idl:
        * html/DOMURL.idl:
        * html/ImageData.idl:
        * page/EventSource.idl:
        * workers/DedicatedWorkerGlobalScope.idl:
        * workers/WorkerGlobalScope.idl:
        * workers/WorkerLocation.idl:
        * xml/XMLHttpRequest.idl:
        * xml/XMLHttpRequestEventTarget.idl:
        Use [Exposed] instead of [GlobalContext] to match their respective
        specifications.

2016-04-15  Carlos Garcia Campos  <cgarcia@igalia.com>

        Selection.deleteFromDocument should not leave a selection character
        https://bugs.webkit.org/show_bug.cgi?id=151442

        Reviewed by Michael Catanzaro.

        This is a merge of Blink r172511:
        https://codereview.chromium.org/255453003

        Let Selection.deleteFromDocument not delete a character when the
        selection is a caret.

        Selection.deleteFromDocument delete a character when the selection
        is a caret.
        However, current standard says that Selection.deleteFromDocument
        does nothing when the selection is a caret:
        https://dvcs.w3.org/hg/editing/raw-file/tip/editing.html#dom-selection-deletefromdocument
        Both IE10 and FireFox seem following the spec.

        Test: imported/blink/editing/selection/deleteFromDocument-undo-crash.html

        * page/DOMSelection.cpp:
        (WebCore::DOMSelection::deleteFromDocument): Deleted.

2016-04-15  Antti Koivisto  <antti@apple.com>

        Fix return value nullptr -> false.

        * style/StyleSharingResolver.cpp:
        (WebCore::Style::SharingResolver::canShareStyleWithElement):

2016-04-14  Antti Koivisto  <antti@apple.com>

        AffectsNextSibling style relation marking is inefficient
        https://bugs.webkit.org/show_bug.cgi?id=156593

        Reviewed by Benjamin Poulain.

        We currently add a Style::Relation entry for each sibling to mark. With long sibling lists this can be inefficient
        in terms of both memory and speed. Instead make a single entry that includes the sibling count to mark.

        * css/SelectorChecker.cpp:
        (WebCore::addStyleRelation):

            When adding AffectsNextSibling entry check if the last entry in the style relation vector has the
            same type and is part of the same sibling chain. If so just update the existing entry.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateAddStyleRelation):

            The same thing in hand-crafted macro assembler.

        * cssjit/SelectorCompiler.h:

            Stop lying about the constness of the CheckingContext.

        * style/StyleRelations.cpp:
        (WebCore::Style::commitRelations):

            Mark as many sibling elements as the value indicates.

        * style/StyleRelations.h:
        (WebCore::Style::Relation::Relation):

            Make element a pointer so we can udpate it.

2016-04-15  Brady Eidson  <beidson@apple.com>

        Add the message property to DOMError.
        https://bugs.webkit.org/show_bug.cgi?id=139173

        Reviewed by Alex Christensen.

        No new tests (Updated existing tests).
        
        Adding this property brings us up to date with other browsers, and will help
        test the few web features that still use DOMError.

        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::onError):
        (WebCore::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion):

        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::uncaughtExceptionInEventHandler):
        (WebCore::IDBRequest::onError):

        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::didCreateIndexOnServer):

        * Modules/mediastream/NavigatorUserMediaError.h:
        (WebCore::NavigatorUserMediaError::NavigatorUserMediaError):

        * dom/DOMError.cpp:
        (WebCore::DOMError::DOMError):

        * dom/DOMError.h:
        (WebCore::DOMError::create):
        (WebCore::DOMError::message):
        * dom/DOMError.idl:

2016-04-14  Brent Fulgham  <bfulgham@apple.com>

        Make <a download> a runtime enabled option
        https://bugs.webkit.org/show_bug.cgi?id=156583
        <rdar://problem/25733449>

        Reviewed by Alex Christensen.

        Mark the download attribute interface as EnabledAtRuntime=DownloadAttribute.
        Add DownloadAttribute runtime flag getter and setter.

        * bindings/generic/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::fetchAPIEnabled):
        (WebCore::RuntimeEnabledFeatures::setDownloadAttributeEnabled):
        (WebCore::RuntimeEnabledFeatures::downloadAttributeEnabled):
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::handleClick):
        * html/HTMLAnchorElement.idl:

2016-04-14  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r158956): Remove vestigial range code in FileReaderLoader class after removing ENABLE(STREAM)
        <http://webkit.org/b/156609>

        Reviewed by Brent Fulgham.

        This code was left behind when ENABLE(STREAM) was removed in
        November 2013.

        * fileapi/FileReaderLoader.cpp:
        (WebCore::FileReaderLoader::FileReaderLoader): Remove
        initializers.
        (WebCore::FileReaderLoader::start): Remove code that uses
        m_hasRange, which is always false.
        (WebCore::FileReaderLoader::didReceiveResponse): Ditto.
        * fileapi/FileReaderLoader.h:
        (WebCore::FileReaderLoader): Remove unused instance variables.

2016-04-14  Alex Christensen  <achristensen@webkit.org>

        Build fix after r199549.
        https://bugs.webkit.org/show_bug.cgi?id=156580

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformWin.cmake:
        KillRingNone.cpp is indeed platform-specific. KillRingMac.mm is used instead only on Mac.

2016-04-14  Dean Jackson  <dino@apple.com>

        CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::CachedResource::addClientToSet + 27
        https://bugs.webkit.org/show_bug.cgi?id=156602
        <rdar://problem/18921091>

        Reviewed by Simon Fraser.

        The CSS property list-style-image is inherited, so a transition on a parent
        might cause a transition on a child. On that child, the value might be between
        two generated crossfade images which haven't yet resolved, causing a crash.

        Test: transitions/crossfade-transition.html

        * css/CSSCrossfadeValue.cpp:
        (WebCore::CSSCrossfadeValue::blend): Return null if there are no cached images.
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc): If we don't have an actual image to blend between, fall
        out to the default case.

2016-04-14  Antonio Gomes  <tonikitoo@webkit.org>

        Allow listbox content and scrollbar to intrude padding area.
        https://bugs.webkit.org/show_bug.cgi?id=128489

        Reviewed by Myles C. Maxfield.

        Originally when the RenderListBox::controlClipRect method was implemented (see [1]), it used
        to allow its content (<option>'s) to intrude padding to get rendered. Overlay scrollbars were also
        allowed to paint over the padding area, if necessary.

        [2] changed this behavior to restrict list-box'es content within the content box rect (excluding padding and border).

        This had two consequences:
        1) it made WebKit disallow list-box' content to intrude the padding area, diverging from other vendors.
        like Firefox and Chrome.
        2) Since overlay scrollbar might get painted over the padding area, if any, [2] could result
        in the scrollbar being clipped out if padding-right is set (or padding-left in case of RTL content).

        Patch changed WebKit back so that it allows list-box' content and overlay scrollbars to intrude the
        padding area, matching other browsers vendors

        [1] https://trac.webkit.org/changeset/18819/trunk/WebCore/rendering/RenderListBox.cpp
        [2] https://trac.webkit.org/changeset/19037/trunk/WebCore/rendering/RenderListBox.cpp

        Tests: fast/forms/listbox-selection-3.html
               fast/forms/listbox-padding-clip-selected.html
               fast/forms/listbox-padding-clip-expected-mismatch.html (renamed from listbox-padding-clip-overlay-expected.html)
               fast/forms/listbox-padding-clip-overlay-expected-mismatch.html (renamed from listbox-padding-clip-expected.html)

        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::numVisibleItems): changed to allow list-box items to get rendered on the padding-bottom area.
        This matches Firefox and Chrome.
        (WebCore::RenderListBox::listIndexAtOffset): relax the check for a given list-box item at a specific offset in the vertical axis.
        This means if an list-box item has its content painted into the padding-bottom area, it will be actionable by mouse clicking.
        This matches Firefox and Chrome.
        (WebCore::RenderListBox::controlClipRect): clips list-box content against the padding box rect rather than the content box rect,
        to allow its list-box items' content intrude the padding area.
        This matches Firefox and Chrome.

2016-04-14  Antti Koivisto  <antti@apple.com>

        Collapsed border cache invalidation can lead to O(n^2) during style resolve
        https://bugs.webkit.org/show_bug.cgi?id=156570

        Reviewed by Darin Adler.

        RenderTable::invalidateCollapsedBorders traverses all cells. It is called when table cell border changes.
        This can result in O(n^2) during style resolve.

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::layout):
        (WebCore::RenderTable::invalidateCollapsedBorders):

            For cell border style change invalidate the hasEmptyCollapsedBorder bits only for the neighbouring cells.
            They are the only ones that can be affected.

        * rendering/RenderTable.h:
        (WebCore::RenderTable::collapsedBordersAreValid):
        (WebCore::RenderTable::collapsedEmptyBorderIsPresent):
        (WebCore::RenderTable::currentBorderValue):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::styleDidChange):

2016-04-14  Manuel Rego Casasnovas  <rego@igalia.com>

        [css-grid] Implement CSSGridTemplateAreasValue::equals
        https://bugs.webkit.org/show_bug.cgi?id=156578

        Reviewed by Darin Adler.

        This was causing an infinite loop setting grid-template-areas
        from JavaScript.

        The reason was that CSSGridTemplateAreasValue needs
        an specific implementation of equals() method.

        Test: fast/css-grid-layout/grid-template-areas-infinite-loop.html

        * css/CSSGridTemplateAreasValue.cpp:
        (WebCore::CSSGridTemplateAreasValue::equals):
        * css/CSSGridTemplateAreasValue.h:

2016-04-14  Brent Fulgham  <bfulgham@apple.com>

        [CMake] Clean up CMake files
        https://bugs.webkit.org/show_bug.cgi?id=156580

        Reviewed by Alex Christensen.

        Revise the various CMake input files to reduce the amount of duplicated file references in
        the various ports.

        * CMakeLists.txt:
        * PlatformAppleWin.cmake:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformWin.cmake:
        * PlatformWinCairo.cmake:

2016-04-14  Frederic Wang  <fred.wang@free.fr>

        RenderMathMLOperator: Add helper function to retrieve italic correction
        https://bugs.webkit.org/show_bug.cgi?id=156572

        Reviewed by Darin Adler.

        No new tests, the helper function will only be used in bug 153918.

        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::italicCorrection): Return the italic correction from the MATH table if it's a large operator.
        * rendering/mathml/RenderMathMLOperator.h: Declare italicCorrection.

2016-04-14  Frederic Wang  <fwang@igalia.com>

        RenderMathMLOperator: Move glyph measuring helper functions outside the class
        https://bugs.webkit.org/show_bug.cgi?id=156571

        Reviewed by Darin Adler.