2011-01-30 Simon Fraser <simon.fraser@apple.com>
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
2
3         Reviewed by Sam Weinig.
4
5         Make ContextShadow code cross-platform
6         https://bugs.webkit.org/show_bug.cgi?id=51312
7
8         Add a new class, ShadowBlur, that contains most of the
9         code from ContextShadow, but is fully cross-platform.
10         It depends on one new method, GraphicsContext::clipBounds(),
11         which platforms will have to implement.
12         
13         Add ShadowBlur to the Mac Xcode project, but don't use it
14         anywhere yet.
15
16         * WebCore.xcodeproj/project.pbxproj:
17         * platform/graphics/GraphicsContext.cpp:
18         (WebCore::GraphicsContext::clipBounds):
19         * platform/graphics/GraphicsContext.h:
20         * platform/graphics/ShadowBlur.cpp: Added.
21         (WebCore::roundUpToMultipleOf32):
22         (WebCore::ScratchBuffer::ScratchBuffer):
23         (WebCore::ScratchBuffer::getScratchBuffer):
24         (WebCore::ScratchBuffer::scheduleScratchBufferPurge):
25         (WebCore::ScratchBuffer::timerFired):
26         (WebCore::ScratchBuffer::clearScratchBuffer):
27         (WebCore::ScratchBuffer::shared):
28         (WebCore::ShadowBlur::ShadowBlur):
29         (WebCore::ShadowBlur::blurLayerImage):
30         (WebCore::ShadowBlur::adjustBlurDistance):
31         (WebCore::ShadowBlur::calculateLayerBoundingRect):
32         (WebCore::ShadowBlur::beginShadowLayer):
33         (WebCore::ShadowBlur::endShadowLayer):
34         (WebCore::ShadowBlur::drawRectShadow):
35         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
36         (WebCore::ShadowBlur::drawRectShadowWithTiling):
37         (WebCore::ShadowBlur::clipBounds):
38         * platform/graphics/ShadowBlur.h: Added.
39         (WebCore::ShadowBlur::setShadowsIgnoreTransforms):
40         (WebCore::ShadowBlur::shadowsIgnoreTransforms):
41         * platform/graphics/cg/GraphicsContextCG.cpp:
42         (WebCore::GraphicsContext::clipBounds):
43
44 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
45
46         Reviewed by Dan Bernstein.
47
48         CSS3 gradients with em-based stops fail to repaint when font size changes
49         https://bugs.webkit.org/show_bug.cgi?id=51845
50         
51         Mark as uncacheable gradidients whose color stops depend on font size,
52         and don't attempt to put these into CSSImageGeneratorValue's image cache.
53         This means we return a new gradient each time, which is fairly cheap, and
54         fixes repaint issues under changing font size.
55
56         Test: fast/repaint/gradients-em-stops-repaint.html
57
58         * css/CSSGradientValue.cpp:
59         (WebCore::CSSGradientValue::image):
60         (WebCore::CSSGradientValue::isCacheable):
61         * css/CSSGradientValue.h:
62
63 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
64
65         Undo try to fix the Qt build.
66         
67         My guess didn't work.
68
69         * WebCore.pro:
70
71 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
72
73         Try to fix the Qt build.
74
75         * WebCore.pro: Added platform/text/CharacterNames.h.
76
77 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
78
79         Reviewed by Maciej Stachowiak.
80
81         Some more Heap cleanup.
82         https://bugs.webkit.org/show_bug.cgi?id=53357
83         
84         Updated for JavaScriptCore changes.
85
86         * bindings/js/ScriptGCEvent.cpp:
87         (WebCore::ScriptGCEvent::getHeapSize):
88
89 2011-01-29  Adam Barth  <abarth@webkit.org>
90
91         Reviewed by Daniel Bates.
92
93         Fix XSSFilter crash when extracting the source for a token twice
94         https://bugs.webkit.org/show_bug.cgi?id=53368
95
96         Previously, it was unsafe to extract the source for the same token
97         twice because the HTMLSourceTracker would advance its internal
98         representation of the SegmentedString.  This patch introduces a cache
99         to make calling HTMLSourceTracker::sourceForToken multiple times safe.
100
101         * html/parser/HTMLSourceTracker.cpp:
102         (WebCore::HTMLSourceTracker::end):
103         (WebCore::HTMLSourceTracker::sourceForToken):
104         * html/parser/HTMLSourceTracker.h:
105
106 2011-01-29  Maciej Stachowiak  <mjs@apple.com>
107
108         Reviewed by Dan Bernstein.
109
110         Fix fat build for both 32-bit and 64-bit under llvm-gcc 4.2
111         https://bugs.webkit.org/show_bug.cgi?id=53386
112
113         * platform/mac/ScrollAnimatorMac.mm:
114         (WebCore::elasticDeltaForReboundDelta):
115         (WebCore::scrollWheelMultiplier):
116         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
117         (WebCore::ScrollAnimatorMac::beginScrollGesture):
118         (WebCore::roundTowardZero):
119         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
120
121 2011-01-29  Daniel Bates  <dbates@rim.com>
122
123         Reviewed by Maciej Stachowiak.
124
125         Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
126         https://bugs.webkit.org/show_bug.cgi?id=53382
127
128         Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
129         So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
130         Therefore, we should remove such references.
131
132         * CMakeLists.txt:
133
134 2011-01-29  Sam Weinig  <sam@webkit.org>
135
136         Reviewed by Jon Honeycutt.
137
138         Fix 32-bit build on the Mac.
139
140         * platform/mac/ScrollAnimatorMac.mm:
141         (WebCore::roundTowardZero):
142         (WebCore::roundToDevicePixelTowardZero):
143         Use floats instead of doubles to avoid double-to-float conversion
144         issues.
145
146 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
147
148         Reviewed by Adam Barth.
149
150         Use clampToInteger() functions in a few places
151         https://bugs.webkit.org/show_bug.cgi?id=53363
152         
153         * css/CSSStyleSelector.cpp:
154         (WebCore::CSSStyleSelector::applyProperty): Use clampToInteger() for z-index.
155         (WebCore::CSSStyleSelector::createTransformOperations): Use clampToPositiveInteger().
156         * platform/graphics/transforms/PerspectiveTransformOperation.cpp: Ditto.
157         (WebCore::PerspectiveTransformOperation::blend): Ditto.
158
159 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
160
161         Reviewed by David Kilzer.
162
163         Move CharacterNames.h into WTF directory
164         https://bugs.webkit.org/show_bug.cgi?id=49618
165
166         * ForwardingHeaders/wtf/unicode/CharacterNames.h: Added.
167         * GNUmakefile.am:
168         * WebCore.gypi:
169         * WebCore.vcproj/WebCore.vcproj:
170         * WebCore.xcodeproj/project.pbxproj:
171         * accessibility/AccessibilityObject.cpp:
172         * accessibility/AccessibilityRenderObject.cpp:
173         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
174         * bindings/js/JSHTMLDocumentCustom.cpp:
175         * dom/Position.cpp:
176         * dom/SelectElement.cpp:
177         * editing/CompositeEditCommand.cpp:
178         * editing/Editor.cpp:
179         * editing/HTMLInterchange.cpp:
180         * editing/InsertTextCommand.cpp:
181         * editing/MarkupAccumulator.cpp:
182         * editing/TextIterator.cpp:
183         * editing/VisibleSelection.cpp:
184         * editing/htmlediting.cpp:
185         * editing/htmlediting.h:
186         * editing/markup.cpp:
187         * html/FTPDirectoryDocument.cpp:
188         * html/HTMLFormControlElement.cpp:
189         * html/parser/HTMLTreeBuilder.cpp:
190         * loader/appcache/ManifestParser.cpp:
191         * platform/chromium/PopupMenuChromium.cpp:
192         * platform/graphics/Font.h:
193         * platform/graphics/FontFastPath.cpp:
194         * platform/graphics/GlyphPageTreeNode.cpp:
195         * platform/graphics/StringTruncator.cpp:
196         * platform/graphics/mac/ComplexTextController.cpp:
197         * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
198         * platform/graphics/wince/GraphicsContextWinCE.cpp:
199         * platform/mac/PasteboardMac.mm:
200         * platform/text/TextCodecICU.cpp:
201         * platform/text/mac/TextCodecMac.cpp:
202         * platform/text/transcoder/FontTranscoder.cpp:
203         * rendering/RenderBlockLineLayout.cpp:
204         * rendering/RenderFlexibleBox.cpp:
205         * rendering/RenderListMarker.cpp:
206         * rendering/RenderText.cpp:
207         * rendering/RenderTextControl.cpp:
208         * rendering/RenderTreeAsText.cpp:
209         * rendering/break_lines.cpp:
210         * rendering/mathml/RenderMathMLOperator.h:
211         * websockets/WebSocketHandshake.cpp:
212         * wml/WMLTableElement.cpp:
213
214 2011-01-29  Dan Winship  <danw@gnome.org>
215
216         Reviewed by Xan Lopez.
217
218         [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
219         libsoup 2.33.1 now.
220         https://bugs.webkit.org/show_bug.cgi?id=50675
221
222         * platform/network/soup/CookieJarSoup.cpp:
223         (WebCore::defaultCookieJar):
224         (WebCore::setCookies):
225         * platform/network/soup/ResourceHandleSoup.cpp:
226         (WebCore::ResourceHandle::prepareForURL):
227         (WebCore::restartedCallback):
228         (WebCore::startHttp):
229         * platform/network/soup/ResourceRequestSoup.cpp:
230         (WebCore::ResourceRequest::updateSoupMessage):
231         (WebCore::ResourceRequest::toSoupMessage):
232         (WebCore::ResourceRequest::updateFromSoupMessage):
233
234 2011-01-29  Adam Barth  <abarth@webkit.org>
235
236         Reviewed by Daniel Bates.
237
238         XSSFilter should replace URLs with about:blank instead of the empty string
239         https://bugs.webkit.org/show_bug.cgi?id=53370
240
241         Using the empty string will make the URL complete to the current
242         document's URL, which isn't really what we want.  Instead, we want to
243         use about:blank, which is safe.
244
245         * html/parser/XSSFilter.cpp:
246         (WebCore::XSSFilter::filterObjectToken):
247         (WebCore::XSSFilter::filterEmbedToken):
248
249 2011-01-29  Adam Barth  <abarth@webkit.org>
250
251         Reviewed by Daniel Bates.
252
253         XSSFilter should pass xssAuditor/script-tag-addslashes*
254         https://bugs.webkit.org/show_bug.cgi?id=53365
255
256         We need to canonicalize strings to avoid being tricked by addslashes.
257
258         * html/parser/XSSFilter.cpp:
259         (WebCore::HTMLNames::isNonCanonicalCharacter):
260             - This function is copied from the XSSAuditor (with some tweaks).
261               We'll eventually remove the XSSAuditor once we've got XSSFilter
262               working properly.
263         (WebCore::HTMLNames::canonicalize):
264         (WebCore::HTMLNames::decodeURL):
265         (WebCore::XSSFilter::isContainedInRequest):
266
267 2011-01-29  Adam Barth  <abarth@webkit.org>
268
269         Reviewed by Daniel Bates.
270
271         XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
272         and xssAuditor/script-tag-post-*
273         https://bugs.webkit.org/show_bug.cgi?id=53364
274
275         We're supposed to allow loading same-origin resources even if they
276         appear as part of the request.
277
278         Also, we're supposed to look at the POST data too.  :)
279
280         * html/parser/XSSFilter.cpp:
281         (WebCore::XSSFilter::eraseAttributeIfInjected):
282         (WebCore::XSSFilter::isSameOriginResource):
283             - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
284               eventually remove the XSSAuditor version when XSSFilter is done.
285         * html/parser/XSSFilter.h:
286
287 2011-01-29  Adam Barth  <abarth@webkit.org>
288
289         Reviewed by Daniel Bates.
290
291         XSSFilter should pass 16 of the xssAuditor/script-tag* tests
292         https://bugs.webkit.org/show_bug.cgi?id=53362
293
294         Turns out we need to replace the src attribute of script tags with
295         about:blank to avoid loading the main document URL as a script.  Also,
296         move misplaced return statement that was triggering the console message
297         too often.
298
299         * html/parser/HTMLToken.h:
300         (WebCore::HTMLToken::appendToAttributeValue):
301         * html/parser/XSSFilter.cpp:
302         (WebCore::XSSFilter::filterScriptToken):
303         (WebCore::XSSFilter::eraseAttributeIfInjected):
304         * html/parser/XSSFilter.h:
305
306 2011-01-28  Jon Honeycutt  <jhoneycutt@apple.com>
307
308         Downloads in WK2 on Windows should write resume data to bundle
309         https://bugs.webkit.org/show_bug.cgi?id=53282
310         <rdar://problem/8753077>
311
312         Reviewed by Alice Liu.
313
314         * WebCore.vcproj/WebCore.vcproj:
315         Added new files to project.
316
317         * platform/network/cf/DownloadBundle.h: Added.
318         * platform/network/win/DownloadBundleWin.cpp: Added.
319         (WebCore::DownloadBundle::magicNumber):
320         Moved from WebKit's WebDownload so that WebKit and WebKit2 can share
321         it.
322         (WebCore::DownloadBundle::fileExtension):
323         Ditto.
324         (WebCore::DownloadBundle::appendResumeData):
325         Ditto - but modified to return bool rather than HRESULT and to clean up
326         whitespace.
327         (WebCore::DownloadBundle::extractResumeData):
328         Ditto - modified to clean up whitespace.
329
330 2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>
331
332         Unreviewed, rolling out r77050.
333         http://trac.webkit.org/changeset/77050
334         https://bugs.webkit.org/show_bug.cgi?id=53371
335
336         Caused a crash in Chromium's test_shell_tests (Requested by
337         rniwa on #webkit).
338
339         * html/parser/HTMLTreeBuilder.cpp:
340         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
341         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
342         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
343         * html/parser/HTMLTreeBuilder.h:
344
345 2011-01-28  Eric Seidel  <eric@webkit.org>
346
347         Reviewed by Darin Adler.
348
349         HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
350         https://bugs.webkit.org/show_bug.cgi?id=48719
351
352         It's unclear exactly what the Peacekeeper benchmark is testing,
353         because I haven't found a way to run it myself.
354
355         However, I constructed a benchmark which shows at least one possible slow point.
356         The HTML5 spec talks about creating a new document for every time we use
357         the fragment parsing algorithm.  Document() it turns out, it a huge bloated
358         mess, and the constructor and destructor do a huge amount of work.
359         To avoid constructing (or destructing) documents for each innerHTML call,
360         this patch adds a shared dummy document used by all innerHTML calls.
361
362         This patch brings us from 7x slower than Safari 5 on tiny-innerHTML
363         to only 1.5x slower than Safari 5.  I'm sure there is more work to do here.
364
365         Saving a shared Document like this is error prone.  Currently
366         DummyDocumentFactory::releaseDocument() calls removeAllChildren()
367         in an attempt to clear the Document's state. However it's possible
368         that that call is not sufficient and we'll have future bugs here.
369
370         * html/parser/HTMLTreeBuilder.cpp:
371         (WebCore::DummyDocumentFactory::createDummyDocument):
372         (WebCore::DummyDocumentFactory::releaseDocument):
373         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
374         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
375         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
376         * html/parser/HTMLTreeBuilder.h:
377
378 2011-01-28  Johnny Ding  <jnd@chromium.org>
379
380         Reviewed by Adam Barth.
381
382         Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
383         The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
384         https://bugs.webkit.org/show_bug.cgi?id=53244
385
386         Test: fast/events/popup-blocked-from-iframe-src.html
387
388         * bindings/ScriptControllerBase.cpp:
389         (WebCore::ScriptController::executeIfJavaScriptURL):
390
391 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
392
393         Reviewed by Gavin Barraclough.
394
395         Add various clampToInt() methods to MathExtras.h
396         https://bugs.webkit.org/show_bug.cgi?id=52910
397
398         Use clampToInteger() from MathExtras.h
399
400         * css/CSSParser.cpp:
401         (WebCore::CSSParser::parseCounter):
402
403 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
404
405         Unreviewed, rolling out r77006 and r77020.
406         http://trac.webkit.org/changeset/77006
407         http://trac.webkit.org/changeset/77020
408         https://bugs.webkit.org/show_bug.cgi?id=53360
409
410         "Broke Windows tests" (Requested by rniwa on #webkit).
411
412         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
413         * WebCore.exp.in:
414         * bindings/js/DOMWrapperWorld.h:
415         * bindings/js/JSAudioConstructor.cpp:
416         (WebCore::JSAudioConstructor::JSAudioConstructor):
417         * bindings/js/JSDOMBinding.cpp:
418         (WebCore::markDOMNodesForDocument):
419         (WebCore::markDOMObjectWrapper):
420         (WebCore::markDOMNodeWrapper):
421         * bindings/js/JSDOMGlobalObject.cpp:
422         (WebCore::JSDOMGlobalObject::markChildren):
423         (WebCore::JSDOMGlobalObject::setInjectedScript):
424         (WebCore::JSDOMGlobalObject::injectedScript):
425         * bindings/js/JSDOMGlobalObject.h:
426         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
427         (WebCore::getDOMConstructor):
428         * bindings/js/JSDOMWindowCustom.cpp:
429         (WebCore::JSDOMWindow::setLocation):
430         (WebCore::DialogHandler::dialogCreated):
431         * bindings/js/JSDOMWindowShell.cpp:
432         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
433         (WebCore::JSDOMWindowShell::setWindow):
434         (WebCore::JSDOMWindowShell::markChildren):
435         (WebCore::JSDOMWindowShell::unwrappedObject):
436         * bindings/js/JSDOMWindowShell.h:
437         (WebCore::JSDOMWindowShell::window):
438         (WebCore::JSDOMWindowShell::setWindow):
439         * bindings/js/JSDeviceMotionEventCustom.cpp:
440         (WebCore::createAccelerationObject):
441         (WebCore::createRotationRateObject):
442         * bindings/js/JSEventListener.cpp:
443         (WebCore::JSEventListener::JSEventListener):
444         (WebCore::JSEventListener::markJSFunction):
445         * bindings/js/JSEventListener.h:
446         (WebCore::JSEventListener::jsFunction):
447         * bindings/js/JSHTMLDocumentCustom.cpp:
448         (WebCore::JSHTMLDocument::setAll):
449         * bindings/js/JSImageConstructor.cpp:
450         (WebCore::JSImageConstructor::JSImageConstructor):
451         * bindings/js/JSImageDataCustom.cpp:
452         (WebCore::toJS):
453         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
454         (WebCore::JSJavaScriptCallFrame::scopeChain):
455         (WebCore::JSJavaScriptCallFrame::scopeType):
456         * bindings/js/JSNodeFilterCondition.cpp:
457         (WebCore::JSNodeFilterCondition::markAggregate):
458         (WebCore::JSNodeFilterCondition::acceptNode):
459         * bindings/js/JSNodeFilterCondition.h:
460         * bindings/js/JSNodeFilterCustom.cpp:
461         * bindings/js/JSOptionConstructor.cpp:
462         (WebCore::JSOptionConstructor::JSOptionConstructor):
463         * bindings/js/JSSQLResultSetRowListCustom.cpp:
464         (WebCore::JSSQLResultSetRowList::item):
465         * bindings/js/ScriptCachedFrameData.cpp:
466         (WebCore::ScriptCachedFrameData::restore):
467         * bindings/js/ScriptObject.cpp:
468         (WebCore::ScriptGlobalObject::set):
469         * bindings/js/SerializedScriptValue.cpp:
470         (WebCore::CloneDeserializer::putProperty):
471         * bindings/scripts/CodeGeneratorJS.pm:
472         * bridge/qt/qt_runtime.cpp:
473         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
474         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
475         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
476         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
477         * bridge/qt/qt_runtime.h:
478         * bridge/runtime_root.cpp:
479         (JSC::Bindings::RootObject::invalidate):
480         * bridge/runtime_root.h:
481         * dom/Document.h:
482
483 2011-01-28  Adam Barth  <abarth@webkit.org>
484
485         Reviewed by Eric Seidel.
486
487         XSSFilter should log to the console when it blocks something
488         https://bugs.webkit.org/show_bug.cgi?id=53354
489
490         This patch refactors a bunch of methods in XSSFilter to return a bool
491         indicating whether they blocked anything.  Using this bool, we decide
492         whether to log to the console.  We're using the same log message as the
493         XSSAuditor, but it seems likely we can improve this message in the
494         future (especially by piping in the correct line number, which is now
495         accessible via the parser).
496
497         * html/parser/XSSFilter.cpp:
498         (WebCore::HTMLNames::isNameOfInlineEventHandler):
499         (WebCore::XSSFilter::filterToken):
500         (WebCore::XSSFilter::filterTokenInitial):
501         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
502         (WebCore::XSSFilter::filterScriptToken):
503         (WebCore::XSSFilter::filterObjectToken):
504         (WebCore::XSSFilter::filterEmbedToken):
505         (WebCore::XSSFilter::filterAppletToken):
506         (WebCore::XSSFilter::filterMetaToken):
507         (WebCore::XSSFilter::filterBaseToken):
508         (WebCore::XSSFilter::eraseInlineEventHandlersIfInjected):
509         * html/parser/XSSFilter.h:
510
511 2011-01-28  Adam Barth  <abarth@webkit.org>
512
513         Reviewed by Daniel Bates.
514
515         Wire up settings->xssAuditorEnabled to XSSFilter
516         https://bugs.webkit.org/show_bug.cgi?id=53345
517
518         * html/parser/XSSFilter.cpp:
519         (WebCore::XSSFilter::XSSFilter):
520         (WebCore::XSSFilter::filterToken):
521         * html/parser/XSSFilter.h:
522
523 2011-01-28  Adam Barth  <abarth@webkit.org>
524
525         Reviewed by Daniel Bates.
526
527         Teach XSSFilter about <meta> and <base> tags
528         https://bugs.webkit.org/show_bug.cgi?id=53339
529
530         I'm not 100% sure we need to block <meta http-equiv>, but it seems
531         prudent given how powerful that attribute is.  We definitely need to
532         block injection of <base href> because that can redirect script tags
533         that use relative URLs.
534
535         * html/parser/XSSFilter.cpp:
536         (WebCore::XSSFilter::filterToken):
537         (WebCore::XSSFilter::filterMetaToken):
538         (WebCore::XSSFilter::filterBaseToken):
539         * html/parser/XSSFilter.h:
540
541 2011-01-28  Adam Barth  <abarth@webkit.org>
542
543         Reviewed by Daniel Bates.
544
545         Teach XSSFilter about <applet>
546         https://bugs.webkit.org/show_bug.cgi?id=53338
547
548         HTML5 is pretty light on information about how the <applet> tag works.
549         According to this site:
550
551         http://download.oracle.com/javase/1.4.2/docs/guide/misc/applet.html
552
553         The "code" and "object" attributes are the essential attributes for
554         determining which piece of Java to run.  We might need to expand to the
555         codebase and archive attributes at some point, but hopefully code and
556         object will be sufficient.
557
558         * html/parser/XSSFilter.cpp:
559         (WebCore::XSSFilter::filterToken):
560         (WebCore::XSSFilter::filterAppletToken):
561         * html/parser/XSSFilter.h:
562
563 2011-01-28  Adam Barth  <abarth@webkit.org>
564
565         Reviewed by Daniel Bates.
566
567         Teach the XSSFilter about object and embed tags
568         https://bugs.webkit.org/show_bug.cgi?id=53336
569
570         For <object> and <embed>, we filter out attribute values that either
571         indicate which piece of media to load or which plugin to load.  In a
572         perfect world, we'd only need to filter out the URLs of the media, but
573         some plug-ins (like Flash) have lots of fun places you can hide the
574         URL (e.g., the "movie" <param>).
575
576         * html/parser/XSSFilter.cpp:
577         (WebCore::XSSFilter::filterToken):
578         (WebCore::XSSFilter::filterScriptToken):
579         (WebCore::XSSFilter::filterObjectToken):
580         (WebCore::XSSFilter::filterEmbedToken):
581         (WebCore::XSSFilter::eraseAttributeIfInjected):
582         * html/parser/XSSFilter.h:
583
584 2011-01-28  Oliver Hunt  <oliver@apple.com>
585
586         Fix Qt build.
587
588         * bridge/qt/qt_runtime.cpp:
589         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
590         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
591         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
592         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
593         * bridge/qt/qt_runtime.h:
594
595 2011-01-28  Antti Koivisto  <antti@apple.com>
596
597         Reviewed by Simon Fraser.
598
599         CSS styles are shared based on uninitialized property values
600         https://bugs.webkit.org/show_bug.cgi?id=53285
601         
602         Null test.
603
604         * dom/NamedNodeMap.cpp:
605         (WebCore::NamedNodeMap::mappedMapsEquivalent):
606
607 2011-01-27  Oliver Hunt  <oliver@apple.com>
608
609         Reviewed by Geoffrey Garen.
610
611         Convert markstack to a slot visitor API
612         https://bugs.webkit.org/show_bug.cgi?id=53219
613
614         Update WebCore to the new marking apis, correct bindings
615         codegen. 
616
617         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
618         * WebCore.exp.in:
619         * bindings/js/DOMWrapperWorld.h:
620         (WebCore::DOMWrapperWorld::globalData):
621         * bindings/js/JSAudioConstructor.cpp:
622         (WebCore::JSAudioConstructor::JSAudioConstructor):
623         * bindings/js/JSDOMBinding.cpp:
624         (WebCore::markDOMNodesForDocument):
625         (WebCore::markDOMObjectWrapper):
626         (WebCore::markDOMNodeWrapper):
627         * bindings/js/JSDOMGlobalObject.cpp:
628         (WebCore::JSDOMGlobalObject::markChildren):
629         (WebCore::JSDOMGlobalObject::setInjectedScript):
630         (WebCore::JSDOMGlobalObject::injectedScript):
631         * bindings/js/JSDOMGlobalObject.h:
632         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
633         (WebCore::getDOMConstructor):
634         * bindings/js/JSDOMWindowCustom.cpp:
635         (WebCore::JSDOMWindow::setLocation):
636         (WebCore::DialogHandler::dialogCreated):
637         * bindings/js/JSDOMWindowShell.cpp:
638         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
639         (WebCore::JSDOMWindowShell::setWindow):
640         (WebCore::JSDOMWindowShell::markChildren):
641         (WebCore::JSDOMWindowShell::unwrappedObject):
642         * bindings/js/JSDOMWindowShell.h:
643         (WebCore::JSDOMWindowShell::window):
644         (WebCore::JSDOMWindowShell::setWindow):
645         * bindings/js/JSEventListener.cpp:
646         (WebCore::JSEventListener::JSEventListener):
647         (WebCore::JSEventListener::markJSFunction):
648         * bindings/js/JSEventListener.h:
649         (WebCore::JSEventListener::jsFunction):
650         * bindings/js/JSHTMLDocumentCustom.cpp:
651         (WebCore::JSHTMLDocument::setAll):
652         * bindings/js/JSImageConstructor.cpp:
653         (WebCore::JSImageConstructor::JSImageConstructor):
654         * bindings/js/JSImageDataCustom.cpp:
655         (WebCore::toJS):
656         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
657         (WebCore::JSJavaScriptCallFrame::scopeChain):
658         (WebCore::JSJavaScriptCallFrame::scopeType):
659         * bindings/js/JSNodeFilterCondition.cpp:
660         (WebCore::JSNodeFilterCondition::markAggregate):
661         (WebCore::JSNodeFilterCondition::acceptNode):
662         * bindings/js/JSNodeFilterCondition.h:
663         * bindings/js/JSNodeFilterCustom.cpp:
664         * bindings/js/JSOptionConstructor.cpp:
665         (WebCore::JSOptionConstructor::JSOptionConstructor):
666         * bindings/js/JSSQLResultSetRowListCustom.cpp:
667         (WebCore::JSSQLResultSetRowList::item):
668         * bindings/js/ScriptCachedFrameData.cpp:
669         (WebCore::ScriptCachedFrameData::restore):
670         * bindings/js/ScriptObject.cpp:
671         (WebCore::ScriptGlobalObject::set):
672         * bindings/js/SerializedScriptValue.cpp:
673         (WebCore::CloneDeserializer::putProperty):
674         * bindings/scripts/CodeGeneratorJS.pm:
675         * dom/Document.h:
676
677 2011-01-28  Sam Weinig  <sam@webkit.org>
678
679         Reviewed by Anders Carlsson.
680
681         Keyboard scrolling doesn’t work in WebKit2
682         <rdar://problem/8909672>
683
684         * platform/mac/ScrollAnimatorMac.mm:
685         (-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
686         (-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
687         Add additional necessary delegate methods.
688
689 2011-01-29  Darin Adler  <darin@apple.com>
690
691         Reviewed by Dan Bernstein.
692
693         Re-land this patch with the missing null check that caused crashes in layout tests.
694
695         Changing cursor style has no effect until the mouse moves
696         https://bugs.webkit.org/show_bug.cgi?id=14344
697         rdar://problem/7563712
698
699         No tests added because we don't have infrastructure for testing actual cursor
700         changes (as opposed to cursor style computation) at this time. We might add it later.
701
702         * page/EventHandler.cpp:
703         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
704         * page/EventHandler.h: Ditto.
705
706         * rendering/RenderObject.cpp:
707         (WebCore::areNonIdenticalCursorListsEqual): Added.
708         (WebCore::areCursorsEqual): Added.
709         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
710         cursor styles changed.
711
712 2011-01-28  Justin Schuh  <jschuh@chromium.org>
713
714         Reviewed by Eric Seidel.
715
716         We should hold RefPtrs to SVG font faces
717         https://bugs.webkit.org/show_bug.cgi?id=53270
718
719         Test: svg/custom/use-multiple-on-nested-disallowed-font.html
720
721         * css/CSSFontFaceSource.cpp:
722         (WebCore::CSSFontFaceSource::getFontData):
723         * css/CSSFontFaceSource.h:
724         * svg/SVGFontFaceElement.cpp:
725         (WebCore::SVGFontFaceElement::associatedFontElement):
726         * svg/SVGFontFaceElement.h:
727
728 2011-01-28  Zhenyao Mo  <zmo@google.com>
729
730         Reviewed by Kenneth Russell.
731
732         uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
733         https://bugs.webkit.org/show_bug.cgi?id=53306
734
735         * html/canvas/WebGLRenderingContext.cpp:
736         (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
737
738 2011-01-28  Tom Sepez  <tsepez@chromium.org>
739
740         Reviewed by Eric Seidel.
741
742         NULL pointer crash in TextIterator::handleTextBox()
743         https://bugs.webkit.org/show_bug.cgi?id=53267
744
745         Test: fast/css/rtl-nth-child-first-letter-crash.html
746
747         * editing/TextIterator.cpp:
748         (WebCore::TextIterator::handleTextBox):
749
750 2011-01-28  Adrienne Walker  <enne@google.com>
751
752         Reviewed by Kenneth Russell.
753
754         [chromium] Remove a spurious diagnostic CRASH check.
755         https://bugs.webkit.org/show_bug.cgi?id=52379
756
757         * platform/graphics/chromium/LayerTilerChromium.cpp:
758         (WebCore::LayerTilerChromium::invalidateRect):
759
760 2011-01-28  Dan Bernstein  <mitz@apple.com>
761
762         Reviewed by Sam Weinig.
763
764         <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
765         https://bugs.webkit.org/show_bug.cgi?id=19785
766
767         Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
768         direction corresponding to the writing direction of the <select> element, with the checkmarks
769         on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
770         pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
771         which returns true for this pop-up behavior.
772
773         * loader/EmptyClients.h:
774         (WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
775         * manual-tests/pop-up-alignment-and-direction.html: Added.
776         * page/Chrome.cpp:
777         (WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
778         client.
779         * page/Chrome.h:
780         * page/ChromeClient.h:
781         * platform/PopupMenuStyle.h:
782         (WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
783         variable initialization.
784         (WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
785         * platform/mac/PopupMenuMac.mm:
786         (WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
787         to match the menu's writing direction. Set items' writing direction and direction override
788         according to their styles.
789         * rendering/RenderMenuList.cpp:
790         (WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
791         (WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
792         menu's writing direction, use that alignment for the button as well. Also in this mode, use the
793         item's writing direction and override setting.
794         (WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
795         (WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
796         (WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
797         * rendering/RenderMenuList.h:
798         * rendering/RenderTextControlSingleLine.cpp:
799         (WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.
800
801 2011-01-28  Adam Barth  <abarth@webkit.org>
802
803         Reviewed by Daniel Bates.
804
805         Teach XSSFilter how to filter <script> elements
806         https://bugs.webkit.org/show_bug.cgi?id=53279
807
808         This patch adds the ability for the XSSFilter to block injected
809         <script> elements.  Handling script elements is slightly subtle because
810         these elements act very differently depending on whether they have a
811         src attribute.
812         
813         In the "src case", which check whether the src attribute was present in
814         the request.  In the "non-src case", we check whether the start tag and
815         the body of the script element was included in the request.  Checking
816         for the whole start tag means we miss out on some attribute splitting
817         attacks inside of script tags, but that doesn't seem like that big a
818         deal.
819
820         This patch also introduces some amount of state into the XSSFilter
821         because inline script elements span multiple tokens.  There's a lot of
822         tuning and optimization left in these cases, some of which I've noted
823         with FIXMEs.
824
825         To test this patch, I played around with some of the existing
826         XSSAuditor tests.  Hopefully I'll be able to run the test suite more
827         systematically in the future.
828
829         * html/parser/HTMLToken.h:
830         (WebCore::HTMLToken::eraseCharacters):
831         (WebCore::HTMLToken::eraseValueOfAttribute):
832         * html/parser/XSSFilter.cpp:
833         (WebCore::HTMLNames::hasName):
834         (WebCore::HTMLNames::findAttributeWithName):
835         (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
836         (WebCore::XSSFilter::XSSFilter):
837         (WebCore::XSSFilter::filterToken):
838         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
839         (WebCore::XSSFilter::filterScriptToken):
840         (WebCore::XSSFilter::snippetForRange):
841         (WebCore::XSSFilter::snippetForAttribute):
842         * html/parser/XSSFilter.h:
843
844 2011-01-28  Adam Barth  <abarth@webkit.org>
845
846         Reviewed by Daniel Bates.
847
848         Sketch out new XSS filter design (disabled by default)
849         https://bugs.webkit.org/show_bug.cgi?id=53205
850
851         This patch adds a basic sketch of the new XSS filter design.  Rather
852         than watching scripts as they execute, in this design, we watch tokens
853         emitted by the tokenizer.  We then map the tokens directly back into
854         input characters, which lets us skip all the complicated logic related
855         to HTML entities and double-decoding of JavaScript URLs.
856
857         This patch contains only the bare essentially machinery.  I'll add more
858         in future patches and eventually remove the previous code once this
859         code is up and running correctly.
860
861         * Android.mk:
862         * CMakeLists.txt:
863         * GNUmakefile.am:
864         * WebCore.gypi:
865         * WebCore.pro:
866         * WebCore.vcproj/WebCore.vcproj:
867         * WebCore.xcodeproj/project.pbxproj:
868         * html/parser/HTMLDocumentParser.cpp:
869         (WebCore::HTMLDocumentParser::HTMLDocumentParser):
870         (WebCore::HTMLDocumentParser::pumpTokenizer):
871         (WebCore::HTMLDocumentParser::sourceForToken):
872         * html/parser/HTMLDocumentParser.h:
873         * html/parser/XSSFilter.cpp: Added.
874         * html/parser/XSSFilter.h: Added.
875
876 2011-01-28  Michael Saboff  <msaboff@apple.com>
877
878         Reviewed by Geoffrey Garen.
879
880         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
881         https://bugs.webkit.org/show_bug.cgi?id=53271
882
883         Reapplying this patch with the change that the second ASSERT in 
884         RootObject::removeRuntimeObject was changed to use
885         .uncheckedGet() instead of the failing .get().  The object in question
886         could be in the process of being GC'ed.  The get() call will not return
887         such an object while the uncheckedGet() call will return the (unsafe) 
888         object.  This is the behavior we want.
889
890         Precautionary change.
891         Changed RootObject to use WeakGCMap instead of HashSet.
892         Found will looking for another issue, but can't produce a test case
893         that is problematic.  THerefore there aren't any new tests.
894
895         * bridge/runtime_root.cpp:
896         (JSC::Bindings::RootObject::invalidate):
897         (JSC::Bindings::RootObject::addRuntimeObject):
898         (JSC::Bindings::RootObject::removeRuntimeObject):
899         * bridge/runtime_root.h:
900
901 2011-01-28  Adam Roben  <aroben@apple.com>
902
903         Notify CACFLayerTreeHost when the context is flushed
904
905         LegacyCACFLayerTreeHost was keeping this a secret, which meant that WebCore's animation
906         timers were never starting.
907
908         Fixes <http://webkit.org/b/53302> [Windows 7 Release Tests] changesets 76853, 76856, and
909         76858 broke ~36 animations, compositing, and transitions tests
910
911         Reviewed by Sam Weinig.
912
913         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
914         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): Call up to the base class after we
915         start our render timer.
916
917 2011-01-28  Antti Koivisto  <antti@apple.com>
918
919         Reviewed by Dan Bernstein.
920
921         Remove dead code that tried to map from CSS values to parser values
922         https://bugs.webkit.org/show_bug.cgi?id=53318
923
924         * css/CSSFunctionValue.cpp:
925         * css/CSSFunctionValue.h:
926         * css/CSSPrimitiveValue.cpp:
927         * css/CSSPrimitiveValue.h:
928         * css/CSSValue.h:
929         * css/CSSValueList.cpp:
930         * css/CSSValueList.h:
931
932 2011-01-28  Enrica Casucci  <enrica@apple.com>
933
934         Reviewed by Adam Roben.
935
936         Some drag and drop tests fail since r76824
937         https://bugs.webkit.org/show_bug.cgi?id=53304
938
939         There were '||' instead of '&&' in the checks for valid
940         clipboard content.
941         
942         * platform/win/ClipboardWin.cpp:
943         (WebCore::ClipboardWin::getData):
944         (WebCore::ClipboardWin::types):
945         (WebCore::ClipboardWin::files):
946
947 2011-01-28  Martin Robinson  <mrobinson@igalia.com>
948
949         [GTK] AudioProcessingEvent.h and JSJavaScriptAudioNode.h: No such file or directory
950         https://bugs.webkit.org/show_bug.cgi?id=52889
951
952         Build fix for WebAudio. Include WebAudio source files on the source
953         list when WebAudio is enabled.
954
955         * GNUmakefile.am: Include missing source files.
956
957 2011-01-28  Sam Weinig  <sam@webkit.org>
958
959         Reviewed by Maciej Stachowiak.
960
961         Add basic rubber banding support
962         <rdar://problem/8219429>
963         https://bugs.webkit.org/show_bug.cgi?id=53277
964
965         * page/EventHandler.cpp:
966         (WebCore::EventHandler::handleGestureEvent):
967         Pass gesture events to the FrameView.
968
969         * platform/ScrollAnimator.cpp:
970         (WebCore::ScrollAnimator::handleGestureEvent):
971         * platform/ScrollAnimator.h:
972         Add stubbed out implementation.
973
974         * platform/ScrollView.cpp:
975         (WebCore::ScrollView::ScrollView):
976         (WebCore::ScrollView::overhangAmount):
977         (WebCore::ScrollView::wheelEvent):
978         * platform/ScrollView.h:
979         * platform/ScrollableArea.cpp:
980         (WebCore::ScrollableArea::ScrollableArea):
981         (WebCore::ScrollableArea::handleGestureEvent):
982         * platform/ScrollableArea.h:
983         (WebCore::ScrollableArea::constrainsScrollingToContentEdge):
984         (WebCore::ScrollableArea::setConstrainsScrollingToContentEdge):
985         Move constrains scrolling bit to ScrollableArea from ScrollView.
986
987         (WebCore::ScrollableArea::contentsSize):
988         (WebCore::ScrollableArea::overhangAmount):
989         Add additional virtual functions for information needed by the animator.
990
991         * platform/mac/ScrollAnimatorMac.h:
992         * platform/mac/ScrollAnimatorMac.mm:
993         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
994         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaX):
995         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaY):
996         (WebCore::elasticDeltaForTimeDelta):
997         (WebCore::elasticDeltaForReboundDelta):
998         (WebCore::reboundDeltaForElasticDelta):
999         (WebCore::scrollWheelMultiplier):
1000         (WebCore::ScrollAnimatorMac::handleWheelEvent):
1001         (WebCore::ScrollAnimatorMac::handleGestureEvent):
1002         (WebCore::ScrollAnimatorMac::pinnedInDirection):
1003         (WebCore::ScrollAnimatorMac::allowsVerticalStretching):
1004         (WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
1005         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
1006         (WebCore::ScrollAnimatorMac::beginScrollGesture):
1007         (WebCore::ScrollAnimatorMac::endScrollGesture):
1008         (WebCore::ScrollAnimatorMac::snapRubberBand):
1009         (WebCore::roundTowardZero):
1010         (WebCore::roundToDevicePixelTowardZero):
1011         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
1012         Implement basic rubber banding.
1013
1014 2011-01-28  Dan Bernstein  <mitz@apple.com>
1015
1016         Reviewed by Anders Carlsson.
1017
1018         Changing unicode-bidi doesn’t force layout
1019         https://bugs.webkit.org/show_bug.cgi?id=53311
1020
1021         Test: fast/dynamic/unicode-bidi.html
1022
1023         * rendering/style/RenderStyle.cpp:
1024         (WebCore::RenderStyle::diff): Return a layout difference if unicode-bidi values differ.
1025
1026 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
1027
1028         Reviewed by Kent Tamura.
1029
1030         Change HTMLInputElement-derived parts of media element shadow DOM to use shadowPseudoId.
1031         https://bugs.webkit.org/show_bug.cgi?id=53122
1032
1033         This is the first step in converting HTMLMediaElement to the new shadow DOM.
1034
1035         Should not regress any existing tests. No observable change in behavior.
1036
1037         * css/CSSSelector.cpp:
1038         (WebCore::CSSSelector::pseudoId): Removed now-unnecessary hard-coded pseudo-element selectors.
1039         (WebCore::nameToPseudoTypeMap): Ditto.
1040         (WebCore::CSSSelector::extractPseudoType): Ditto.
1041         * css/CSSSelector.h: Ditto.
1042         * css/mediaControls.css: Added proper initial values, now that elements use the proper selector pipeline.
1043         * rendering/MediaControlElements.cpp:
1044         (WebCore::MediaControlInputElement::MediaControlInputElement): Removed the switch statement,
1045             which is now replaced with virtual shadowPseudoId on each corresponding class.
1046         (WebCore::MediaControlInputElement::styleForElement): Changed to use element pipeline.
1047         (WebCore::MediaControlMuteButtonElement::MediaControlMuteButtonElement): Changed to set
1048             display type in constructor.
1049         (WebCore::MediaControlMuteButtonElement::create): Changed to not take PseudoId as
1050             constructor argument.
1051         (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Added.
1052         (WebCore::MediaControlVolumeSliderMuteButtonElement::MediaControlVolumeSliderMuteButtonElement): Added
1053             to disambiguate from the MediaControlMuteButtonElement.
1054         (WebCore::MediaControlVolumeSliderMuteButtonElement::create): Added.
1055         (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Added.
1056         (WebCore::MediaControlPlayButtonElement::MediaControlPlayButtonElement): Changed to not take PseudoId as
1057             constructor argument.
1058         (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Added.
1059         (WebCore::MediaControlSeekButtonElement::MediaControlSeekButtonElement): Changed to not take PseudoId as
1060             constructor argument.
1061         (WebCore::MediaControlSeekForwardButtonElement::MediaControlSeekForwardButtonElement): Added.
1062         (WebCore::MediaControlSeekForwardButtonElement::create): Added.
1063         (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Added.
1064         (WebCore::MediaControlSeekBackButtonElement::MediaControlSeekBackButtonElement): Added.
1065         (WebCore::MediaControlSeekBackButtonElement::create): Added.
1066         (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Added.
1067         (WebCore::MediaControlRewindButtonElement::MediaControlRewindButtonElement): Added.
1068         (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Added.
1069         (WebCore::MediaControlReturnToRealtimeButtonElement::MediaControlReturnToRealtimeButtonElement): Changed to not take PseudoId as
1070             constructor argument.
1071         (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Added.
1072         (WebCore::MediaControlToggleClosedCaptionsButtonElement::MediaControlToggleClosedCaptionsButtonElement): Changed to not take PseudoId as
1073             constructor argument.
1074         (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Added.
1075         (WebCore::MediaControlTimelineElement::MediaControlTimelineElement): Changed to not take PseudoId as
1076             constructor argument.
1077         (WebCore::MediaControlTimelineElement::shadowPseudoId): Added.
1078         (WebCore::MediaControlVolumeSliderElement::MediaControlVolumeSliderElement): Changed to not take PseudoId as
1079             constructor argument.
1080         (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Added.
1081         (WebCore::MediaControlFullscreenButtonElement::MediaControlFullscreenButtonElement): Changed to not take PseudoId as
1082             constructor argument.
1083         (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Added.
1084         * rendering/MediaControlElements.h:
1085         (WebCore::MediaControlSeekForwardButtonElement::isForwardButton): Added.
1086         (WebCore::MediaControlSeekBackButtonElement::isForwardButton): Added.
1087         * rendering/RenderMedia.cpp:
1088         (WebCore::RenderMedia::createMuteButton): Changed to use new constructor.
1089         (WebCore::RenderMedia::createSeekBackButton): Ditto.
1090         (WebCore::RenderMedia::createSeekForwardButton): Ditto.
1091         (WebCore::RenderMedia::createVolumeSliderMuteButton): Ditto.
1092         * rendering/style/RenderStyleConstants.h: Removed constants that are no longer used.
1093
1094 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
1095
1096         Reviewed by Eric Carlson.
1097
1098         Split MediaControls out of RenderMedia.
1099         https://bugs.webkit.org/show_bug.cgi?id=53252
1100
1101         Near-mechanical moving of stuff, no change in behavior, thus no new tests.
1102
1103         * Android.mk: Added MediaControls to build system.
1104         * CMakeLists.txt: Ditto.
1105         * GNUmakefile.am: Ditto.
1106         * WebCore.gypi: Ditto.
1107         * WebCore.pro: Ditto.
1108         * WebCore.vcproj/WebCore.vcproj: Ditto.
1109         * WebCore.xcodeproj/project.pbxproj: Ditto.
1110         * html/HTMLMediaElement.cpp:
1111         (WebCore::HTMLMediaElement::defaultEventHandler): Changed to forward events to MediaControls.
1112         * html/shadow/MediaControls.cpp: Copied all controls-related methods from
1113             Source/WebCore/rendering/RenderMedia.cpp, pulled them into their own class called MediaControls. 
1114         * html/shadow/MediaControls.h: Ditto from Source/WebCore/rendering/RenderMedia.h.
1115         * rendering/MediaControlElements.cpp:
1116         (WebCore::MediaControlTimelineElement::defaultEventHandler): Changed to use MediaControls.
1117         * rendering/RenderMedia.cpp:
1118         (WebCore::RenderMedia::RenderMedia): Moved relevant constructor initializers out to MediaControls.
1119         (WebCore::RenderMedia::destroy): Changed to use MediaControls.
1120         (WebCore::RenderMedia::styleDidChange): Ditto.
1121         (WebCore::RenderMedia::layout): Ditto.
1122         (WebCore::RenderMedia::updateFromElement): Ditto.
1123         * rendering/RenderMedia.h: Updated defs accordingly and removed player() accessor, which
1124             is only used by sub-class RenderVideo.
1125         (WebCore::RenderMedia::controls): Added.
1126         * rendering/RenderVideo.cpp:
1127         (WebCore::RenderVideo::~RenderVideo): Changed to access MediaPlayer* directly from mediaElement().
1128         (WebCore::RenderVideo::calculateIntrinsicSize): Ditto.
1129         (WebCore::RenderVideo::paintReplaced): Ditto.
1130         (WebCore::RenderVideo::updatePlayer): Ditto.
1131         (WebCore::RenderVideo::supportsAcceleratedRendering): Ditto.
1132         (WebCore::RenderVideo::acceleratedRenderingStateChanged): Ditto.
1133
1134 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
1135
1136         Reviewed by Yury Semikhatsky.
1137
1138         Web Inspector: allow remote debugging with front-end
1139         served from the cloud.
1140         https://bugs.webkit.org/show_bug.cgi?id=53303
1141
1142         * inspector/front-end/inspector.js:
1143
1144 2011-01-28  Aparna Nandyal  <aparna.nand@wipro.com>
1145
1146         Reviewed by Andreas Kling.
1147
1148         Setting value of m_PressedPos to make scrolling smooth
1149
1150         Page scroll popup menu "Scroll here" option not working when cliking above scroll slider/handler.
1151         https://bugs.webkit.org/show_bug.cgi?id=51349
1152
1153         The value of m_PressedPos was getting set before moveThumb() call
1154         in all other scenarios except when "Scroll Here" option is used.
1155         Hence scrolling with this option was not as expected even in cases
1156         where scrolling was happening. The thumb would move in unexpected
1157         direction. m_PressedPos is now set to pressed position so delta is
1158         calculated.
1159         Unable to write a test case as the test needs to click on "Scroll
1160         Here" option of context sensitive menu and QTest is unable to do it.
1161         Besides no new functionality introduced.
1162
1163         * platform/qt/ScrollbarQt.cpp:
1164         (WebCore::Scrollbar::contextMenu):
1165
1166 2011-01-28  Andrey Kosyakov  <caseq@chromium.org>
1167
1168         Reviewed by Pavel Feldman.
1169
1170         Web Inspector: [Extensions API] add JSON schema for extensions API
1171         https://bugs.webkit.org/show_bug.cgi?id=53236
1172
1173         * inspector/front-end/ExtensionAPISchema.json: Added.
1174
1175 2011-01-27  Zhenyao Mo  <zmo@google.com>
1176
1177         Reviewed by Kenneth Russell.
1178
1179         Remove _LENGTH enumerants
1180         https://bugs.webkit.org/show_bug.cgi?id=53259
1181
1182         * html/canvas/WebGLRenderingContext.cpp: Remove queries for *LENGTH.
1183         (WebCore::WebGLRenderingContext::getProgramParameter):
1184         (WebCore::WebGLRenderingContext::getShaderParameter):
1185         * html/canvas/WebGLRenderingContext.idl: Remove *LENGTH.
1186
1187 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
1188
1189         Reviewed by Yury Semikhatsky.
1190
1191         Web Inspector: syntax highlight inline JS and CSS in HTML resources
1192         https://bugs.webkit.org/show_bug.cgi?id=30831
1193
1194         * inspector/front-end/SourceHTMLTokenizer.js:
1195         (WebInspector.SourceHTMLTokenizer):
1196         (WebInspector.SourceHTMLTokenizer.prototype.set line):
1197         (WebInspector.SourceHTMLTokenizer.prototype.nextToken):
1198         * inspector/front-end/SourceHTMLTokenizer.re2js:
1199
1200 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
1201
1202         Reviewed by Yury Semikhatsky.
1203
1204         Web Inspector: [STYLES] Up/Down-suggestion breaks an existing keyword
1205         https://bugs.webkit.org/show_bug.cgi?id=53295
1206
1207         Select the current word suffix before switching to the next suggestion.
1208
1209         * inspector/front-end/StylesSidebarPane.js:
1210         ():
1211
1212 2011-01-28  Alejandro G. Castro  <alex@igalia.com>
1213
1214         Reviewed by Xan Lopez.
1215
1216         [GTK] Fix dist compilation for the release
1217         https://bugs.webkit.org/show_bug.cgi?id=53290
1218
1219         * GNUmakefile.am: Added inspector files to the extra dist.
1220
1221 2011-01-28  Ilya Sherman  <isherman@chromium.org>
1222
1223         Reviewed by Andreas Kling.
1224
1225         Const-correct HTMLSelectElement and WebSelectElement
1226         https://bugs.webkit.org/show_bug.cgi?id=53293
1227
1228         * html/HTMLSelectElement.cpp:
1229         (WebCore::HTMLSelectElement::value): const.
1230         * html/HTMLSelectElement.h:
1231
1232 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1233
1234         Unreviewed, rolling out r76893.
1235         http://trac.webkit.org/changeset/76893
1236         https://bugs.webkit.org/show_bug.cgi?id=53287
1237
1238         It made some tests crash on GTK and Qt debug bots (Requested
1239         by Ossy on #webkit).
1240
1241         * bridge/runtime_root.cpp:
1242         (JSC::Bindings::RootObject::invalidate):
1243         (JSC::Bindings::RootObject::addRuntimeObject):
1244         (JSC::Bindings::RootObject::removeRuntimeObject):
1245         * bridge/runtime_root.h:
1246
1247 2011-01-27  Greg Coletta  <greg.coletta@nokia.com>
1248
1249         Reviewed by Laszlo Gombos.
1250
1251         Get rid of prefix header dependency for WebKit2 build system
1252         https://bugs.webkit.org/show_bug.cgi?id=50174
1253
1254         Guard EmptyProtocalDefinitions.h to make sure it's not included twice.
1255
1256         * platform/mac/EmptyProtocolDefinitions.h:
1257
1258 2011-01-27  Abhishek Arya  <inferno@chromium.org>
1259
1260         Reviewed by Dan Bernstein.
1261
1262         Recalc table sections if needed before calculating the first line
1263         box baseline.
1264         https://bugs.webkit.org/show_bug.cgi?id=53265
1265
1266         When we try to calculate the baseline position of a table cell,
1267         we recurse through all the child sibling boxes (when children are
1268         non inline) and add their first linebox baseline values. If one of
1269         the children is a table with pending section recalc, we will access
1270         wrong table section values. We recalc table sections if it is needed.
1271
1272         Test: fast/table/recalc-section-first-body-crash-main.html
1273
1274         * rendering/RenderTable.cpp:
1275         (WebCore::RenderTable::firstLineBoxBaseline):
1276
1277 2011-01-27  Adrienne Walker  <enne@google.com>
1278
1279         Reviewed by Kenneth Russell.
1280
1281         [chromium] Add CRASH calls to further debug tiled compositor memcpy crash.
1282         https://bugs.webkit.org/show_bug.cgi?id=52379
1283
1284         Test: LayoutTests/compositing (to verify these weren't triggered)
1285
1286         * platform/graphics/chromium/LayerTilerChromium.cpp:
1287         (WebCore::LayerTilerChromium::invalidateRect):
1288         (WebCore::LayerTilerChromium::update):
1289
1290 2011-01-27  Alexander Pavlov  <apavlov@chromium.org>
1291
1292         Reviewed by Pavel Feldman.
1293
1294         Web Inspector: [STYLES] Cancelled suggestion of a property name results in a visual artifact
1295         https://bugs.webkit.org/show_bug.cgi?id=53242
1296
1297         * inspector/front-end/StylesSidebarPane.js:
1298         (WebInspector.StylePropertyTreeElement.prototype):
1299
1300 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
1301
1302         Unreviewed, rolling out r76891.
1303         http://trac.webkit.org/changeset/76891
1304         https://bugs.webkit.org/show_bug.cgi?id=53280
1305
1306         Makes every layout test crash (Requested by othermaciej on
1307         #webkit).
1308
1309         * page/EventHandler.cpp:
1310         * page/EventHandler.h:
1311         * rendering/RenderObject.cpp:
1312         (WebCore::RenderObject::styleDidChange):
1313
1314 2011-01-27  Ryosuke Niwa  <rniwa@webkit.org>
1315
1316         Unreviewed, rolling out r76839.
1317         http://trac.webkit.org/changeset/76839
1318         https://bugs.webkit.org/show_bug.cgi?id=49744
1319
1320         broke pixel tests
1321
1322         * rendering/RenderBox.cpp:
1323         (WebCore::RenderBox::localCaretRect):
1324
1325 2011-01-27  Emil A Eklund  <eae@chromium.org>
1326
1327         Reviewed by Darin Adler.
1328
1329         contentEditable formatBlock crashes on divs with contenteditable="false"
1330         https://bugs.webkit.org/show_bug.cgi?id=53263
1331
1332         Check if editableRootForPosition returns null for position.
1333
1334         Test: editing/execCommand/format-block-contenteditable-false.html
1335
1336         * editing/FormatBlockCommand.cpp:
1337         (WebCore::FormatBlockCommand::formatRange):
1338
1339 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
1340
1341         Reviewed by Darin Adler.
1342
1343         Remove RenderMedia members that aren't used.
1344         https://bugs.webkit.org/show_bug.cgi?id=53245
1345
1346         Refactoring, no change in behavior, so no new tests.
1347
1348         * rendering/RenderMedia.h: Removed unused member variables.
1349
1350 2011-01-27  Michael Saboff  <msaboff@apple.com>
1351
1352         Reviewed by Darin Adler.
1353
1354         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1355         https://bugs.webkit.org/show_bug.cgi?id=53271
1356
1357         Precautionary change.
1358         Changed RootObject to use WeakGCMap instead of HashSet.
1359         Found will looking for another issue, but can't produce a test case
1360         that is problematic.  THerefore there aren't any new tests.
1361
1362         * bridge/runtime_root.cpp:
1363         (JSC::Bindings::RootObject::invalidate):
1364         (JSC::Bindings::RootObject::addRuntimeObject):
1365         (JSC::Bindings::RootObject::removeRuntimeObject):
1366         * bridge/runtime_root.h:
1367
1368 2011-01-27  Kenneth Russell  <kbr@google.com>
1369
1370         Reviewed by James Robinson.
1371
1372         Rename Typed Array slice() to subset()
1373         https://bugs.webkit.org/show_bug.cgi?id=53273
1374
1375         * bindings/js/JSArrayBufferViewHelper.h:
1376         (WebCore::constructArrayBufferView):
1377         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
1378         (WebCore::constructWebGLArray):
1379         * html/canvas/Float32Array.cpp:
1380         (WebCore::Float32Array::subset):
1381         * html/canvas/Float32Array.h:
1382         * html/canvas/Float32Array.idl:
1383         * html/canvas/Int16Array.cpp:
1384         (WebCore::Int16Array::subset):
1385         * html/canvas/Int16Array.h:
1386         * html/canvas/Int16Array.idl:
1387         * html/canvas/Int32Array.cpp:
1388         (WebCore::Int32Array::subset):
1389         * html/canvas/Int32Array.h:
1390         * html/canvas/Int32Array.idl:
1391         * html/canvas/Int8Array.cpp:
1392         (WebCore::Int8Array::subset):
1393         * html/canvas/Int8Array.h:
1394         * html/canvas/Int8Array.idl:
1395         * html/canvas/TypedArrayBase.h:
1396         (WebCore::TypedArrayBase::subsetImpl):
1397         * html/canvas/Uint16Array.cpp:
1398         (WebCore::Uint16Array::subset):
1399         * html/canvas/Uint16Array.h:
1400         * html/canvas/Uint16Array.idl:
1401         * html/canvas/Uint32Array.cpp:
1402         (WebCore::Uint32Array::subset):
1403         * html/canvas/Uint32Array.h:
1404         * html/canvas/Uint32Array.idl:
1405         * html/canvas/Uint8Array.cpp:
1406         (WebCore::Uint8Array::subset):
1407         * html/canvas/Uint8Array.h:
1408         * html/canvas/Uint8Array.idl:
1409
1410 2011-01-27  Darin Adler  <darin@apple.com>
1411
1412         Reviewed by Dan Bernstein.
1413
1414         Changing cursor style has no effect until the mouse moves
1415         https://bugs.webkit.org/show_bug.cgi?id=14344
1416         rdar://problem/7563712
1417
1418         No tests added because we don't have infrastructure for testing actual cursor
1419         changes (as opposed to cursor style computation) at this time. We might add it later.
1420
1421         * page/EventHandler.cpp:
1422         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
1423         * page/EventHandler.h: Ditto.
1424
1425         * rendering/RenderObject.cpp:
1426         (WebCore::areNonIdenticalCursorListsEqual): Added.
1427         (WebCore::areCursorsEqual): Added.
1428         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
1429         cursor styles changed.
1430
1431 2011-01-27  Leo Yang  <leo.yang@torchmobile.com.cn>
1432
1433         Reviewed by Dirk Schulze.
1434
1435         SVG Use Cycle is not detected
1436         https://bugs.webkit.org/show_bug.cgi?id=52544
1437
1438         We should check if SVGUseElement::buildInstanceTree finds problem
1439         for every child node. If it finds problem for any children we must
1440         return immediately because otherwise the foundProblem variable may
1441         be rewritten to false.
1442
1443         Test: svg/custom/recursive-use2.svg
1444
1445         * svg/SVGUseElement.cpp:
1446         (WebCore::SVGUseElement::buildInstanceTree):
1447
1448 2011-01-27  Zhenyao Mo  <zmo@google.com>
1449
1450         Reviewed by Kenneth Russell.
1451
1452         texSubImage2D's format/type needs to match the internalformat/type from the previous texImage2D call
1453         https://bugs.webkit.org/show_bug.cgi?id=53054
1454
1455         Test: fast/canvas/webgl/tex-sub-image-2d-bad-args.html
1456
1457         * html/canvas/WebGLRenderingContext.cpp:
1458         (WebCore::WebGLRenderingContext::texSubImage2DBase): Check format/type match.
1459
1460 2011-01-27  Yi Shen  <yi.4.shen@nokia.com>, Tor Arne Vestbø <tor.arne.vestbo@nokia.com>
1461
1462         Reviewed by Andreas Kling.
1463
1464         [Qt] Add fullscreen media control button for html video
1465         https://bugs.webkit.org/show_bug.cgi?id=51543
1466
1467         Implement media control fullscreen button for QtWebKit html5 video.
1468
1469         * css/mediaControlsQt.css:
1470         (video::-webkit-media-controls-fullscreen-button):
1471         * platform/qt/RenderThemeQt.cpp:
1472         (WebCore::RenderThemeQt::paintMediaFullscreenButton):
1473
1474 2011-01-27  Nate Chapin  <japhet@chromium.org>
1475
1476         Reviewed by Adam Barth.
1477
1478         Remove FrameLoader::url() and update callers to use
1479         Document::url().
1480         https://bugs.webkit.org/show_bug.cgi?id=41165
1481
1482         Refactor, no new tests.
1483
1484         * WebCore.exp.in:
1485         * dom/Document.cpp:
1486         (WebCore::Document::processHttpEquiv):
1487         (WebCore::Document::removePendingSheet):
1488         * history/CachedFrame.cpp:
1489         (WebCore::CachedFrameBase::CachedFrameBase):
1490         * history/PageCache.cpp:
1491         (WebCore::logCanCacheFrameDecision):
1492         (WebCore::PageCache::canCachePageContainingThisFrame):
1493         * html/HTMLFrameElementBase.cpp:
1494         (WebCore::HTMLFrameElementBase::isURLAllowed):
1495         * html/HTMLPlugInImageElement.cpp:
1496         (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
1497         * inspector/InspectorAgent.cpp:
1498         (WebCore::InspectorAgent::inspectedURL):
1499         * inspector/InspectorResourceAgent.cpp:
1500         (WebCore::buildObjectForFrame):
1501         * loader/DocumentWriter.cpp:
1502         (WebCore::DocumentWriter::replaceDocument):
1503         (WebCore::DocumentWriter::deprecatedFrameEncoding):
1504         * loader/FrameLoader.cpp:
1505         * loader/FrameLoader.h:
1506         * loader/HistoryController.cpp:
1507         (WebCore::HistoryController::updateForStandardLoad):
1508         (WebCore::HistoryController::updateForRedirectWithLockedBackForwardList):
1509         (WebCore::HistoryController::updateForSameDocumentNavigation):
1510         * loader/NavigationScheduler.cpp:
1511         (WebCore::ScheduledHistoryNavigation::fire):
1512         (WebCore::NavigationScheduler::scheduleLocationChange):
1513         (WebCore::NavigationScheduler::scheduleRefresh):
1514         * page/FrameView.cpp:
1515         (WebCore::FrameView::updateControlTints):
1516         * page/Location.cpp:
1517         (WebCore::Location::url):
1518         (WebCore::Location::setProtocol):
1519         (WebCore::Location::setHost):
1520         (WebCore::Location::setHostname):
1521         (WebCore::Location::setPort):
1522         (WebCore::Location::setPathname):
1523         (WebCore::Location::setSearch):
1524         (WebCore::Location::setHash):
1525         (WebCore::Location::reload):
1526         * page/Page.cpp:
1527         (WebCore::Page::goToItem):
1528
1529 2011-01-27  Stephen White  <senorblanco@chromium.org>
1530
1531         Reviewed by Darin Adler.
1532
1533         Fix performance regression in ImageQualityController::objectDestroyed().
1534         https://bugs.webkit.org/show_bug.cgi?id=52645
1535
1536         In r72282, I inadvertently introduced this regression by using a
1537         linear search through the hash map on object destruction.  This was
1538         because the hash key consisted of both object pointer and layer id,
1539         but on object destruction we only know the object pointer, requiring
1540         a search to find all the layers. 
1541         By replacing the hash map with two nested hash maps, where the outer key
1542         is the object and the inner key is the layer, we can find all the
1543         relevant data for an object in one hash lookup.
1544
1545         * rendering/RenderBoxModelObject.cpp:
1546         Replace the (object,layer)->size HashMap with object->layer and
1547         layer->size HashMaps.
1548         (WebCore::ImageQualityController::isEmpty):
1549         Implement isEmpty() for the outer HashMap.
1550         (WebCore::ImageQualityController::removeLayer):
1551         When a layer is removed, remove it from the inner hash map.
1552         (WebCore::ImageQualityController::set):
1553         Implement set():  if the inner map exists, set the layer->size tuple
1554         directly.  If not, create a new inner map, set the tuple, and insert
1555         it in the outer map.
1556         (WebCore::ImageQualityController::objectDestroyed):
1557         Look up the object in the outer map only.
1558         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
1559         Cosmetic changes for the renamed now-outer hash map.
1560         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
1561         Do both outer and inner hash map lookups.  Call set() to add/update
1562         entries to the hash maps.  keyDestroyed() is now removeLayer().
1563         (WebCore::imageQualityController):
1564         Make the ImageQualityController a file-static global, so it can be
1565         created and destroyed on the fly.
1566         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
1567         If there is no ImageQualityController, don't call objectDestroyed().
1568         If it's empty, delete it.
1569         * rendering/RenderImage.cpp:
1570         (WebCore::RenderImage::paintIntoRect):
1571         Also pass the Image* as the (void*) layer, since 0 is not a valid
1572         HashMap key.
1573
1574 2011-01-27  Adrienne Walker  <enne@google.com>
1575
1576         Reviewed by James Robinson.
1577
1578         [chromium] Tiled compositor crashes if compositing turned off mid-paint
1579         https://bugs.webkit.org/show_bug.cgi?id=53198
1580
1581         * platform/graphics/chromium/LayerRendererChromium.cpp:
1582         (WebCore::LayerRendererChromium::drawLayers):
1583         * platform/graphics/chromium/LayerTilerChromium.cpp:
1584         (WebCore::LayerTilerChromium::update):
1585         (WebCore::LayerTilerChromium::draw):
1586
1587 2011-01-27  Carol Szabo <carol.szabo@nokia.com>
1588
1589         Reviewed by David Hyatt.
1590
1591         A corrupted counter tree is created when renderers are added to the
1592         tree bypassing RenderObject::addChild
1593         https://bugs.webkit.org/show_bug.cgi?id=51270
1594
1595         No new tests. This patch reimplements the fix for bugs 43812 and
1596         51637 and hence all tests are already there as part of the original
1597         fixes for those bugs.
1598
1599         * rendering/RenderCounter.cpp:
1600         (WebCore::findPlaceForCounter):
1601         Removed old workaround as this patch hopefully fixes the real
1602         problem.
1603         * rendering/RenderObject.cpp:
1604         (WebCore::RenderObject::addChild):
1605         Removed call to counter updater as it was moved to a lower level.
1606         (WebCore::RenderObject::destroy):
1607         Moved attached counter nodes destruction to after the node is
1608         removed from the tree.
1609         * rendering/RenderObjectChildList.cpp:
1610         (WebCore::RenderObjectChildList::removeChildNode):
1611         (WebCore::RenderObjectChildList::appendChildNode):
1612         (WebCore::RenderObjectChildList::insertChildNode):
1613         Added notifications to the Counter system such that the
1614         CounterForest reflects the changes to the RendererTree.
1615         * rendering/RenderWidget.cpp:
1616         (WebCore::RenderWidget::destroy):
1617         Applied the same changes as for RenderObject::destroy()
1618         since RenderObject::destroy() is not called from here.
1619
1620 2011-01-27  Adam Roben  <aroben@apple.com>
1621
1622         Add WKCACFViewLayerTreeHost
1623
1624         This is a class that derives from CACFLayerTreeHost and uses a WKCACFView to render.
1625
1626         Fixes <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost should use
1627         WKCACFView for rendering
1628
1629         * WebCore.vcproj/WebCore.vcproj: Added WKCACFViewLayerTreeHost.{cpp,h}.
1630
1631         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
1632         (WebCore::CACFLayerTreeHost::acceleratedCompositingAvailable): Make the test window have a
1633         non-zero size. WKCACFView will always say it can't render if you pass it a 0-sized window,
1634         so we need a non-empty window to perform a valid test.
1635         (WebCore::CACFLayerTreeHost::create): First try to create a WKCACFViewLayerTreeHost, then
1636         fall back to a LegacyCACFLayerTreeHost.
1637         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Moved code to react to the
1638         context flush from here...
1639         (WebCore::CACFLayerTreeHost::contextDidChange): ...to here. Derived classes are required to
1640         call this function whenever changes are flushed to the context.
1641
1642         * platform/graphics/ca/win/CACFLayerTreeHost.h: Added contextDidChange.
1643
1644         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
1645         (WebCore::LegacyCACFLayerTreeHost::createRenderer):
1646         (WebCore::LegacyCACFLayerTreeHost::resize):
1647         Changed to use flushContext instead of flushing the context manually so that we will always
1648         notify the base class when the context gets flushed.
1649
1650         (WebCore::LegacyCACFLayerTreeHost::flushContext): Added a call to contextDidChange so the
1651         base class will know what happened. Moved code to schedule a render from here...
1652         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): ...to here.
1653
1654         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h: Added contextDidChange.
1655
1656         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp: Added.
1657         (WebCore::WKCACFViewLayerTreeHost::create): If WebKitQuartzCoreAdditions, which provides
1658         WKCACFView, isn't present, bail. Otherwise allocate and return a new host.
1659         (WebCore::WKCACFViewLayerTreeHost::WKCACFViewLayerTreeHost): Initialize members.
1660         (WebCore::WKCACFViewLayerTreeHost::updateViewIfNeeded): Update the view if we previously
1661         marked that we needed to do so, and flush the context if our layer's bounds have changed.
1662         (WebCore::WKCACFViewLayerTreeHost::contextDidChangeCallback): Call through to
1663         contextDidChange.
1664         (WebCore::WKCACFViewLayerTreeHost::contextDidChange): Tell the WKCACFView to start rendering
1665         (if we didn't already), then call up to the base class.
1666         (WebCore::WKCACFViewLayerTreeHost::initializeContext): Set the context's user data, the
1667         view's layer, and hook up our "context did change" callback.
1668         (WebCore::WKCACFViewLayerTreeHost::resize): Mark that the view needs to be updated the next
1669         time we paint.
1670         (WebCore::WKCACFViewLayerTreeHost::createRenderer): Update our view and return whether it is
1671         able to render or not.
1672         (WebCore::WKCACFViewLayerTreeHost::destroyRenderer): Clear out all the info we passed down
1673         to the view.
1674         (WebCore::WKCACFViewLayerTreeHost::lastCommitTime): Call through to the view.
1675         (WebCore::WKCACFViewLayerTreeHost::flushContext): Ditto.
1676         (WebCore::WKCACFViewLayerTreeHost::paint): Update the view so it will draw at the right
1677         size, then call up to the base class.
1678         (WebCore::WKCACFViewLayerTreeHost::render): Invalidate the view using the passed-in dirty
1679         rects, then ask it to draw.
1680
1681         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h: Copied from Source/WebCore/platform/graphics/ca/win/LegacyCACFLayerTreeHost.h.
1682
1683 2011-01-27  Adam Roben  <aroben@apple.com>
1684
1685         Move LegacyCACFLayerTreeHost into its own files
1686
1687         More preparation for <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost
1688         should use WKCACFView for rendering
1689
1690         Reviewed by Simon Fraser.
1691
1692         * WebCore.vcproj/WebCore.vcproj: Added LegacyCACFLayerTreeHost.{cpp,h}.
1693
1694         * platform/graphics/ca/win/CACFLayerTreeHost.cpp: Moved code from here to new files.
1695
1696         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp: Added.
1697         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h: Added.
1698
1699 2011-01-27  Patrick Gansterer  <paroga@webkit.org>
1700
1701         Unreviewed WinCE build fix for r76824.
1702
1703         * platform/wince/DragDataWinCE.cpp:
1704         (WebCore::DragData::dragDataMap):
1705
1706 2011-01-27  Adam Roben  <aroben@apple.com>
1707
1708         Split CACFLayerTreeHost into base and derived classes
1709
1710         The derived class, LegacyCACFLayerTreeHost, contains all the D3D-related code. A later patch
1711         will add a new derived class that replaces the D3D code with a different rendering API.
1712
1713         For now, LegacyCACFLayerTreeHost lives in CACFLayerTreeHost.cpp. This keeps the diff a
1714         little smaller. A later patch will move it to its own source files.
1715
1716         Preparation for <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost
1717         should use WKCACFView for rendering
1718
1719         Reviewed by Simon Fraser.
1720
1721         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
1722         (WebCore::CACFLayerTreeHost::acceleratedCompositingAvailable): Clear the window before
1723         destroying the host, as that is now the API contract that clients must fulfill.
1724         (WebCore::LegacyCACFLayerTreeHost::create): Added. Simple creator.
1725         (WebCore::CACFLayerTreeHost::create): Now instantiates a LegacyCACFLayerTreeHost. Calls the
1726         new initialize function to perform initialization that has to happen after the vtable has
1727         been set up.
1728
1729         (WebCore::LegacyCACFLayerTreeHost::LegacyCACFLayerTreeHost):
1730         (WebCore::CACFLayerTreeHost::CACFLayerTreeHost):
1731         (WebCore::LegacyCACFLayerTreeHost::initializeContext):
1732         (WebCore::CACFLayerTreeHost::initialize):
1733         Moved some initialization code from the CACFLayerTreeHost constructor into these new
1734         functions.
1735
1736         (WebCore::LegacyCACFLayerTreeHost::~LegacyCACFLayerTreeHost): Added. Moved code here from
1737         ~CACFLayerTreeHost.
1738         (WebCore::CACFLayerTreeHost::~CACFLayerTreeHost): Rather than clearing the window at this
1739         point (which would be too late, since we won't be able to call into the derived class's
1740         virtual functions), just assert that it has already been cleared (or was never set in the
1741         first place).
1742         (WebCore::LegacyCACFLayerTreeHost::createRenderer): Renamed from
1743         CACFLayerTreeHost::createRenderer, and changed to use getters instead of accessing
1744         CACFLayerTreeHost's data members directly.
1745
1746         (WebCore::LegacyCACFLayerTreeHost::destroyRenderer):
1747         (WebCore::CACFLayerTreeHost::destroyRenderer):
1748         Moved some code to the new LegacyCACFLayerTreeHost function.
1749
1750         (WebCore::LegacyCACFLayerTreeHost::resize):
1751         (WebCore::LegacyCACFLayerTreeHost::renderTimerFired):
1752         Moved these functions to LegacyCACFLayerTreeHost.
1753
1754         (WebCore::LegacyCACFLayerTreeHost::paint):
1755         (WebCore::CACFLayerTreeHost::paint):
1756         Moved some code to the new LegacyCACFLayerTreeHost function.
1757
1758         (WebCore::LegacyCACFLayerTreeHost::render):
1759         (WebCore::LegacyCACFLayerTreeHost::renderSoon):
1760         Moved these functions to LegacyCACFLayerTreeHost.
1761
1762         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Moved code to flush the context
1763         from here...
1764         (WebCore::LegacyCACFLayerTreeHost::flushContext): ...to this new function.
1765
1766         (WebCore::LegacyCACFLayerTreeHost::lastCommitTime): Moved code to get the last commit time
1767         to this new function...
1768         (WebCore::CACFLayerTreeHost::notifyAnimationsStarted): ...from here.
1769
1770         (WebCore::LegacyCACFLayerTreeHost::initD3DGeometry):
1771         (WebCore::LegacyCACFLayerTreeHost::resetDevice):
1772         Moved these functions to LegacyCACFLayerTreeHost.
1773
1774         * platform/graphics/ca/win/CACFLayerTreeHost.h: Made some functions virtual, removed some
1775         members that have moved to LegacyCACFLayerTreeHost, grouped remaining members more
1776         logically, and added some getters used by LegacyCACFLayerTreeHost.
1777
1778 2011-01-27  Adam Roben  <aroben@apple.com>
1779
1780         Move CACFLayerTreeHostClient to its own header file
1781
1782         Rubber-stamped by Steve Falkenburg.
1783
1784         * WebCore.vcproj/WebCore.vcproj: Added CACFLayerTreeHostClient.h. Also let VS have its way
1785         with the file.
1786
1787         * platform/graphics/ca/win/CACFLayerTreeHost.cpp: Added new #include.
1788
1789         * platform/graphics/ca/win/CACFLayerTreeHost.h: Removed CACFLayerTreeHostClient.
1790
1791         * platform/graphics/ca/win/CACFLayerTreeHostClient.h: Added.
1792
1793         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp: Moved some #includes here
1794         from the header file.
1795
1796         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h: Replaced broader #includes
1797         with more specific ones, plus a forward-declaration.
1798
1799 2011-01-27  James Simonsen  <simonjam@chromium.org>
1800
1801         Reviewed by Tony Chang.
1802
1803         [Chromium] Simplify small caps logic in complex text on linux
1804         https://bugs.webkit.org/show_bug.cgi?id=53207
1805
1806         Test: fast/text/atsui-multiple-renderers.html
1807               fast/text/atsui-small-caps-punctuation-size.html
1808
1809         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
1810         (WebCore::ComplexTextController::nextScriptRun): Remove redundant logic. Case changes in a text run imply FontData changes.
1811         (WebCore::ComplexTextController::setupFontForScriptRun): Update comment to reflect above.
1812
1813 2011-01-27  Adam Barth  <abarth@webkit.org>
1814
1815         In which I attempt to fix the EFL build.
1816
1817         * CMakeLists.txt:
1818
1819 2011-01-25  Levi Weintraub  <leviw@chromium.org>
1820
1821         Reviewed by Darin Adler.
1822
1823         Adding border and padding to the calculation of the local caret rect for RenderBoxes.
1824         Corrected for mistake in r76625
1825
1826         Undo moves caret to invalid position
1827         https://bugs.webkit.org/show_bug.cgi?id=49744
1828
1829         Tests: editing/selection/caret-painting-after-paste-undo-rtl.html
1830                editing/selection/caret-painting-after-paste-undo.html
1831
1832         * rendering/RenderBox.cpp:
1833         (WebCore::RenderBox::localCaretRect):
1834
1835 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
1836
1837         Unreviewed, rolling out r76825.
1838         http://trac.webkit.org/changeset/76825
1839         https://bugs.webkit.org/show_bug.cgi?id=53256
1840
1841         "caused crashes on GTK and chromium" (Requested by rniwa on
1842         #webkit).
1843
1844         * rendering/RenderBoxModelObject.cpp:
1845         (WebCore::ImageQualityController::keyDestroyed):
1846         (WebCore::ImageQualityController::objectDestroyed):
1847         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
1848         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
1849         (WebCore::imageQualityController):
1850         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
1851
1852 2011-01-27  Adam Barth  <abarth@webkit.org>
1853
1854         Reviewed by Eric Seidel.
1855
1856         Generalize the mechanism view-source uses to remember the source for an HTMLToken
1857         https://bugs.webkit.org/show_bug.cgi?id=53200
1858
1859         Currently view-source tracks the source associated with each HTMLToken.
1860         We want to re-use this mechanism for the new XSS auditor.  This patch
1861         moves this code into its own class so it can be shared between the
1862         view-source parser and the general HTML parser.  This patch also add
1863         support for tracking the source of tokens that span document.write
1864         boundaries.
1865
1866         No functional change.  This code change is somewhat tested by our
1867         view-source layout tests.
1868
1869         * Android.mk:
1870         * GNUmakefile.am:
1871         * WebCore.gypi:
1872         * WebCore.pro:
1873         * WebCore.vcproj/WebCore.vcproj:
1874         * WebCore.xcodeproj/project.pbxproj:
1875             - Fun with updating build files.
1876         * html/parser/HTMLDocumentParser.cpp:
1877         (WebCore::HTMLDocumentParser::pumpTokenizer):
1878             - Teach HTMLDocumentParser to track the source for HTMLTokens.
1879               Currently, this information isn't used, but it will be shortly.
1880               I ran the HTML parser benchmark and this change didn't have a
1881               measurable effect.
1882         * html/parser/HTMLDocumentParser.h:
1883             - Composite in the HTMLSourceTracker.
1884         * html/parser/HTMLSourceTracker.cpp: Added.
1885         (WebCore::HTMLSourceTracker::HTMLSourceTracker):
1886         (WebCore::HTMLSourceTracker::start):
1887         (WebCore::HTMLSourceTracker::end):
1888             - This function should eventualy be folded into HTMLTokenizer.
1889         (WebCore::HTMLSourceTracker::sourceForToken):
1890         * html/parser/HTMLSourceTracker.h: Added.
1891         * html/parser/HTMLToken.h:
1892             - Now HTMLTokens always have a start index of zero.  To do the job
1893               of the old start index, this patch introduces the notion of a
1894               baseOffset.  Unlike the start index (which was used as the base
1895               offset for all the other indicies), the baseOffset can change
1896               over the lifetime of the token.  We need the flexibility to
1897               change the offset for tokens that span document.write boundaries.
1898               Values are now normalized to zero-offset when stored.
1899         (WebCore::HTMLToken::clear):
1900         (WebCore::HTMLToken::setBaseOffset):
1901         (WebCore::HTMLToken::end):
1902         (WebCore::HTMLToken::beginAttributeName):
1903         (WebCore::HTMLToken::endAttributeName):
1904         (WebCore::HTMLToken::beginAttributeValue):
1905         (WebCore::HTMLToken::endAttributeValue):
1906         * html/parser/HTMLViewSourceParser.cpp:
1907             - Updates the HTMLViewSourceParser to use the new
1908               HTMLSourceTracker.
1909         (WebCore::HTMLViewSourceParser::pumpTokenizer):
1910         (WebCore::HTMLViewSourceParser::append):
1911         (WebCore::HTMLViewSourceParser::sourceForToken):
1912             - This function now just calls through to HTMLSourceTracker.
1913         * html/parser/HTMLViewSourceParser.h:
1914         * platform/text/SegmentedString.cpp:
1915         (WebCore::SegmentedString::currentColumn):
1916         (WebCore::SegmentedString::setCurrentPosition):
1917         * platform/text/SegmentedString.h:
1918         (WebCore::SegmentedString::numberOfCharactersConsumed):
1919             - We need to handle the general case now.  The "slow" version
1920               doesn't turn out to be any slower in practice anyway.
1921
1922 2011-01-27  Sam Weinig  <sam@webkit.org>
1923
1924         Fix all the builds.
1925
1926         * platform/ScrollView.cpp:
1927         (WebCore::ScrollView::paintOverhangAreas): Add parameters.
1928
1929 2011-01-27  Sam Weinig  <sam@webkit.org>
1930
1931         Reviewed by Dave Hyatt.
1932
1933         Add ability to do an unconstrained scroll on a ScrollView
1934         https://bugs.webkit.org/show_bug.cgi?id=53249
1935
1936         * platform/ScrollView.cpp:
1937         (WebCore::ScrollView::ScrollView):
1938         Initialize m_constrainsScrollingToContentEdge to true.
1939
1940         (WebCore::ScrollView::setScrollOffset):
1941         Only constrain the offset if the m_constrainsScrollingToContentEdge is set.
1942
1943         (WebCore::ScrollView::updateScrollbars):
1944         Simplify expression converting an IntSize to an IntPoint.
1945         
1946         (WebCore::ScrollView::paint):
1947         Paint the overhang if there is any.
1948         
1949         (WebCore::ScrollView::calculateOverhangAreasForPainting):
1950         Calculate the overhang in viewport coordinates for painting.
1951
1952         * platform/ScrollView.h:
1953         (WebCore::ScrollView::constrainsScrollingToContentEdge):
1954         (WebCore::ScrollView::setConstrainsScrollingToContentEdge):
1955         Add bit to control whether the scroll position should be constrained
1956         to the content edge when set.
1957
1958         * platform/ScrollbarThemeComposite.cpp:
1959         (WebCore::usedTotalSize):
1960         (WebCore::ScrollbarThemeComposite::thumbPosition):
1961         (WebCore::ScrollbarThemeComposite::thumbLength):
1962         * platform/mac/ScrollbarThemeMac.mm:
1963         (WebCore::ScrollbarThemeMac::paint):
1964         Improve calculations of thumb size and position to take overhang into account.
1965
1966 2011-01-27  Dirk Schulze  <krit@webkit.org>
1967
1968         Reviewed by Nikolas Zimmermann.
1969
1970         SVG animation of Paths with segments of different coordinate modes on begin and end
1971         https://bugs.webkit.org/show_bug.cgi?id=52984
1972
1973         At the moment we just support SVG path animations, if the number of segments on the given start path
1974         is the same as the number of segments on the given end path. But a segment on a given position must be identical
1975         on both paths as well. Not only the segment type, also the coordinate mode of the segments must be identical.
1976         If MoveToRel is on the second position on the start path a MoveToRel must be on the second position
1977         of the end path too. According to the SVG spec, at least the coordinate mode can differ. Means, if we have MoveToRel
1978         in the start path, we can use MoveToAbs on the same position in the end path.
1979
1980         This patch fixes the blending code to follow the spec here. It was necessary to track the current position of
1981         both paths, transform coordinates to the same coordinate mode and transform the resulting animation coordinate back
1982         to the coordinate mode of either the start or the end path. Which mode is taken depends on the progress of the
1983         animation.
1984
1985         Tests: svg/animations/animate-path-animation-Cc-Ss.html
1986                svg/animations/animate-path-animation-Ll-Vv-Hh.html
1987                svg/animations/animate-path-animation-Qq-Tt.html
1988                svg/animations/animate-path-animation-cC-sS-inverse.html
1989                svg/animations/animate-path-animation-lL-vV-hH-inverse.html
1990                svg/animations/animate-path-animation-qQ-tT-inverse.html
1991
1992         * svg/SVGPathBlender.cpp:
1993         (WebCore::blendFloatPoint):
1994         (WebCore::blendAnimatedFloat):
1995         (WebCore::SVGPathBlender::blendAnimatedDimensionalFloat):
1996         (WebCore::SVGPathBlender::blendAnimatedFloatPoint):
1997         (WebCore::SVGPathBlender::blendMoveToSegment):
1998         (WebCore::SVGPathBlender::blendLineToSegment):
1999         (WebCore::SVGPathBlender::blendLineToHorizontalSegment):
2000         (WebCore::SVGPathBlender::blendLineToVerticalSegment):
2001         (WebCore::SVGPathBlender::blendCurveToCubicSegment):
2002         (WebCore::SVGPathBlender::blendCurveToCubicSmoothSegment):
2003         (WebCore::SVGPathBlender::blendCurveToQuadraticSegment):
2004         (WebCore::SVGPathBlender::blendCurveToQuadraticSmoothSegment):
2005         (WebCore::SVGPathBlender::blendArcToSegment):
2006         (WebCore::coordinateModeOfCommand):
2007         (WebCore::isSegmentEqual):
2008         (WebCore::SVGPathBlender::blendAnimatedPath):
2009         (WebCore::SVGPathBlender::cleanup):
2010         * svg/SVGPathBlender.h:
2011
2012 2011-01-27  Cris Neckar  <cdn@chromium.org>
2013
2014         Reviewed by Dimitri Glazkov.
2015
2016         Clear the parent on a css keyframe's m_style when removing it from the stylesheet.
2017         https://bugs.webkit.org/show_bug.cgi?id=52320
2018
2019         Test: fast/css/css-keyframe-style-crash.html
2020
2021         * css/CSSRuleList.cpp:
2022         (WebCore::CSSRuleList::deleteRule):
2023         * css/WebKitCSSKeyframesRule.cpp:
2024         (WebCore::WebKitCSSKeyframesRule::~WebKitCSSKeyframesRule):
2025
2026 2011-01-27  Rob Buis  <rwlbuis@gmail.com>
2027
2028         Reviewed by Kent Tamura.
2029
2030         Color changes to option elements in a select multiple aren't drawn immediately
2031         https://bugs.webkit.org/show_bug.cgi?id=49790
2032
2033         Redirect style changes on <option> element to the owner <select> element.
2034
2035         Test: fast/repaint/select-option-background-color.html
2036
2037         * html/HTMLOptionElement.cpp:
2038         (WebCore::HTMLOptionElement::setRenderStyle):
2039
2040 2011-01-19  Stephen White  <senorblanco@chromium.org>
2041
2042         Reviewed by Darin Adler.
2043
2044         Fix performance regression in ImageQualityController::objectDestroyed().
2045         https://bugs.webkit.org/show_bug.cgi?id=52645
2046
2047         In r72282, I inadvertently introduced this regression by using a
2048         linear search through the hash map on object destruction.  This was
2049         because the hash key consisted of both object pointer and layer id,
2050         but on object destruction we only know the object pointer, requiring
2051         a search to find all the layers. 
2052         By replacing the hash map with two nested hash maps, where the outer key
2053         is the object and the inner key is the layer, we can find all the
2054         relevant data for an object in one hash lookup.
2055
2056         * rendering/RenderBoxModelObject.cpp:
2057         Replace the (object,layer)->size HashMap with object->layer and
2058         layer->size HashMaps.
2059         (WebCore::ImageQualityController::isEmpty):
2060         Implement isEmpty() for the outer HashMap.
2061         (WebCore::ImageQualityController::removeLayer):
2062         When a layer is removed, remove it from the inner hash map.
2063         (WebCore::ImageQualityController::set):
2064         Implement set():  if the inner map exists, set the layer->size tuple
2065         directly.  If not, create a new inner map, set the tuple, and insert
2066         it in the outer map.
2067         (WebCore::ImageQualityController::objectDestroyed):
2068         Look up the object in the outer map only.
2069         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
2070         Cosmetic changes for the renamed now-outer hash map.
2071         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
2072         Do both outer and inner hash map lookups.  Call set() to add/update
2073         entries to the hash maps.  keyDestroyed() is now removeLayer().
2074         (WebCore::imageQualityController):
2075         Make the ImageQualityController a file-static global, so it can be
2076         created and destroyed on the fly.
2077         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
2078         If there is no ImageQualityController, don't call objectDestroyed().
2079         If it's empty, delete it.
2080
2081
2082 2011-01-26  Enrica Casucci  <enrica@apple.com>
2083
2084         Reviewed by Darin Adler and Adam Roben.
2085
2086         WebKit2: add support for drag and drop on Windows
2087         https://bugs.webkit.org/show_bug.cgi?id=52775
2088         <rdar://problem/8514409>
2089         
2090         On Windows the access to the content being dragged is
2091         provided via the IDataObject interface that is made available
2092         to the window that registers itself as drop target.
2093         Since this interface cannot be accessed from the WebProcess,
2094         in every call to one of the methods of the IDropTarget interface
2095         we serialize the content of the drag clipboard and send it over to
2096         the WebProcess.
2097         The bulk of this patch consists in the refactoring needed in DragData
2098         and ClipboardWin classes to extract the data from the serialized object.
2099         
2100         * platform/DragData.cpp:
2101         * platform/DragData.h:
2102         * platform/win/ClipboardUtilitiesWin.cpp:
2103         (WebCore::getWebLocData):
2104         (WebCore::getURL):
2105         (WebCore::getPlainText):
2106         (WebCore::getTextHTML):
2107         (WebCore::getCFHTML):
2108         (WebCore::fragmentFromFilenames):
2109         (WebCore::containsFilenames):
2110         (WebCore::fragmentFromHTML):
2111         (WebCore::containsHTML):
2112         (WebCore::getClipboardData):
2113         * platform/win/ClipboardUtilitiesWin.h:
2114         * platform/win/ClipboardWin.cpp:
2115         (WebCore::Clipboard::create):
2116         (WebCore::ClipboardWin::ClipboardWin):
2117         (WebCore::ClipboardWin::getData):
2118         (WebCore::ClipboardWin::types):
2119         (WebCore::ClipboardWin::files):
2120         (WebCore::ClipboardWin::hasData):
2121         * platform/win/ClipboardWin.h:
2122         (WebCore::ClipboardWin::create):
2123         * platform/win/DragDataWin.cpp:
2124         (WebCore::DragData::DragData):
2125         (WebCore::DragData::containsURL):
2126         (WebCore::DragData::dragDataMap):
2127         (WebCore::DragData::asURL):
2128         (WebCore::DragData::containsFiles):
2129         (WebCore::DragData::asFilenames):
2130         (WebCore::DragData::containsPlainText):
2131         (WebCore::DragData::asPlainText):
2132         (WebCore::DragData::canSmartReplace):
2133         (WebCore::DragData::containsCompatibleContent):
2134         (WebCore::DragData::asFragment):
2135
2136 2011-01-27  Mario Sanchez Prada  <msanchez@igalia.com>
2137
2138         Reviewed by Martin Robinson.
2139
2140         [GTK] Space characters in source document interfere with reported caret offset
2141         https://bugs.webkit.org/show_bug.cgi?id=53033
2142
2143         Calculate caret offset from rendered text instead of from node contents.
2144
2145         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
2146         (objectAndOffsetUnignored): Calculate the caret offset based only
2147         on positions and ranges, instead of using the computed offset in
2148         the container node.
2149
2150 2011-01-26  Alexey Proskuryakov  <ap@apple.com>
2151
2152         Reviewed by Darin Adler.
2153
2154         https://bugs.webkit.org/show_bug.cgi?id=53197
2155         <rdar://problem/8895682> Make WebKit2 printing asynchronous
2156
2157         * WebCore.exp.in: Export more PrintContext methods that we didn't use on Mac before.
2158
2159         * page/PrintContext.cpp: (WebCore::PrintContext::spoolRect): Changed to make the same
2160         transformation as spoolPages does for consistency.
2161
2162 2011-01-27  David Grogan  <dgrogan@google.com>
2163
2164         Reviewed by Jeremy Orlow.
2165
2166         initial support for close() in indexeddb backend
2167         https://bugs.webkit.org/show_bug.cgi?id=53150
2168
2169         Test: storage/indexeddb/transaction-after-close.html
2170
2171         * storage/IDBDatabase.cpp:
2172         (WebCore::IDBDatabase::IDBDatabase):
2173         (WebCore::IDBDatabase::transaction):
2174         (WebCore::IDBDatabase::close):
2175         * storage/IDBDatabase.h:
2176         * storage/IDBDatabase.idl:
2177         * storage/IDBDatabaseBackendImpl.cpp:
2178         (WebCore::IDBDatabaseBackendImpl::transaction):
2179         (WebCore::IDBDatabaseBackendImpl::close):
2180
2181 2011-01-27  Dirk Schulze  <krit@webkit.org>
2182
2183         Reviewed by Nikolas Zimmermann.
2184
2185         SVG animation doesn't support calcMode discrete for number and color values.
2186         https://bugs.webkit.org/show_bug.cgi?id=53189
2187
2188         Add support for calcMode discrete on number and color animation.
2189
2190         Tests: svg/animations/animate-color-calcMode-discrete.html
2191                svg/animations/animate-number-calcMode-discrete.html
2192
2193         * svg/SVGAnimateElement.cpp:
2194         (WebCore::SVGAnimateElement::calculateAnimatedValue):
2195
2196 2011-01-26  Zhenyao Mo  <zmo@google.com>
2197
2198         Reviewed by Kenneth Russell.
2199
2200         shaderSource needs to preserve original source
2201         https://bugs.webkit.org/show_bug.cgi?id=52833
2202
2203         Test: fast/canvas/webgl/gl-getshadersource.html
2204
2205         * html/canvas/WebGLRenderingContext.cpp:
2206         (WebCore::WebGLRenderingContext::getShaderParameter): Intercept SHADER_SOURCE_LENGTH.
2207         (WebCore::WebGLRenderingContext::getShaderSource): Intercept the call.
2208         (WebCore::WebGLRenderingContext::shaderSource): Cache the source.
2209         * html/canvas/WebGLShader.cpp: Cache shader source.
2210         (WebCore::WebGLShader::WebGLShader):
2211         * html/canvas/WebGLShader.h: Ditto.
2212         (WebCore::WebGLShader::getSource):
2213         (WebCore::WebGLShader::setSource):
2214
2215 2011-01-27  Patrick Gansterer  <paroga@webkit.org>
2216
2217         Unreviewed WinCE build fix for r76743.
2218
2219         * platform/graphics/wince/FontWinCE.cpp:
2220         (WebCore::TextRunComponent::TextRunComponent):
2221
2222 2011-01-27  Pavel Podivilov  <podivilov@chromium.org>
2223
2224         Reviewed by Pavel Feldman.
2225
2226         Web Inspector: Closure and Global variable details automatically collapsing on each step through JavaScript code.
2227         https://bugs.webkit.org/show_bug.cgi?id=53234
2228
2229         * inspector/front-end/ScopeChainSidebarPane.js:
2230         (WebInspector.ScopeChainSidebarPane):
2231         (WebInspector.ScopeChainSidebarPane.prototype.update):
2232
2233 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
2234
2235         Unreviewed, rolling out r76789.
2236         http://trac.webkit.org/changeset/76789
2237         https://bugs.webkit.org/show_bug.cgi?id=53238
2238
2239         Broke GTK layout tests (Requested by podivilov on #webkit).
2240
2241         * inspector/front-end/ScopeChainSidebarPane.js:
2242         (WebInspector.ScopeChainSidebarPane):
2243         (WebInspector.ScopeChainSidebarPane.prototype.update):
2244
2245 2011-01-27  Yury Semikhatsky  <yurys@chromium.org>
2246
2247         Reviewed by Pavel Feldman.
2248
2249         Web Inspector: store all settings related to the agents on the frontend side
2250         https://bugs.webkit.org/show_bug.cgi?id=53174
2251
2252         * CMakeLists.txt:
2253         * GNUmakefile.am:
2254         * WebCore.exp.in:
2255         * WebCore.gypi:
2256         * WebCore.pro:
2257         * WebCore.vcproj/WebCore.vcproj:
2258         * WebCore.xcodeproj/project.pbxproj:
2259         * bindings/js/ScriptDebugServer.cpp:
2260         * bindings/js/ScriptDebugServer.h:
2261         * bindings/js/ScriptProfiler.cpp:
2262         * bindings/js/ScriptProfiler.h:
2263         * bindings/v8/ScriptDebugServer.cpp:
2264         * bindings/v8/ScriptDebugServer.h:
2265         * bindings/v8/ScriptProfiler.cpp:
2266         * bindings/v8/ScriptProfiler.h:
2267         * inspector/Inspector.idl:
2268         * inspector/InspectorAgent.cpp: profiler and debugger enablement state is now stored
2269         on the front-end side and will be pushed to the backend when the frontend is loaded.
2270         (WebCore::InspectorAgent::InspectorAgent):
2271         (WebCore::InspectorAgent::disconnectFrontend):
2272         (WebCore::InspectorAgent::restoreDebugger):
2273         (WebCore::InspectorAgent::restoreProfiler):
2274         (WebCore::InspectorAgent::enableProfiler):
2275         (WebCore::InspectorAgent::disableProfiler):
2276         (WebCore::InspectorAgent::showAndEnableDebugger):
2277         (WebCore::InspectorAgent::enableDebugger):
2278         (WebCore::InspectorAgent::disableDebugger):
2279         * inspector/InspectorAgent.h:
2280         * inspector/InspectorConsoleAgent.cpp: XHR failures will be logged to the console only
2281         if the front-end was opened during current browser session and XHR logging is turned on
2282         there.
2283         (WebCore::InspectorConsoleAgent::setMonitoringXHREnabled):
2284         (WebCore::InspectorConsoleAgent::setConsoleMessagesEnabled):
2285         * inspector/InspectorDebuggerAgent.cpp:
2286         * inspector/InspectorDebuggerAgent.h:
2287         * inspector/InspectorInstrumentation.cpp:
2288         (WebCore::InspectorInstrumentation::identifierForInitialRequestImpl):
2289         (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
2290         * inspector/InspectorProfilerAgent.cpp:
2291         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2292         (WebCore::InspectorProfilerAgent::startUserInitiatedProfiling):
2293         * inspector/InspectorSettings.cpp: Removed.
2294         * inspector/InspectorSettings.h: Removed.
2295         * inspector/InspectorState.cpp:
2296         (WebCore::InspectorState::InspectorState):
2297         * inspector/InspectorState.h:
2298         * inspector/front-end/ConsoleView.js:
2299         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher.dispatcher.consoleMessagesCleared):
2300         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher):
2301         (WebInspector.ConsoleView.prototype._handleContextMenuEvent.itemAction):
2302         (WebInspector.ConsoleView.prototype._handleContextMenuEvent):
2303         * inspector/front-end/ProfilesPanel.js:
2304         (WebInspector.ProfilesPanel.prototype._toggleProfiling):
2305         * inspector/front-end/ScriptsPanel.js:
2306         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
2307         * inspector/front-end/Settings.js:
2308         (WebInspector.Settings):
2309         * inspector/front-end/inspector.js:
2310
2311 2011-01-27  Pavel Podivilov  <podivilov@chromium.org>
2312
2313         Reviewed by Pavel Feldman.
2314
2315         Web Inspector: Closure and Global variable details automatically collapsing on each step through JavaScript code.
2316         https://bugs.webkit.org/show_bug.cgi?id=53234
2317
2318         * inspector/front-end/ScopeChainSidebarPane.js:
2319         (WebInspector.ScopeChainSidebarPane):
2320         (WebInspector.ScopeChainSidebarPane.prototype.update):
2321
2322 2011-01-27  Alexander Pavlov  <apavlov@chromium.org>
2323
2324         Reviewed by Pavel Feldman.
2325
2326         Web Inspector: [Elements panel] Tooltip for relative links incorrectly identifies current URL
2327         https://bugs.webkit.org/show_bug.cgi?id=53171
2328
2329         * inspector/front-end/inspector.js:
2330         (WebInspector.completeURL): Taught to understand partial href's that start with "?" (contain GET parameters only)
2331
2332 2011-01-27  Yury Semikhatsky  <yurys@chromium.org>
2333
2334         Reviewed by Pavel Feldman.
2335
2336         [V8] Crash in WebCore::addMessageToConsole
2337         https://bugs.webkit.org/show_bug.cgi?id=53227
2338
2339         * bindings/v8/V8Proxy.cpp: check that the Frame where the error
2340         occured still has a page before getting a console object from it.
2341         (WebCore::V8Proxy::reportUnsafeAccessTo):
2342
2343 2011-01-27  Hans Wennborg  <hans@chromium.org>
2344
2345         Reviewed by Jeremy Orlow.
2346
2347         IndexedDB: Remove IDBCallbacks::onSuccess() used for null values.
2348         https://bugs.webkit.org/show_bug.cgi?id=53178
2349
2350         Remove the IDBCallbacks::onSuccess() function that was used for
2351         null values, and replace such calls with calls to
2352         IDBCallBacks::onSuccess(SerializedScriptValue::nullValue())
2353         instead.
2354
2355         No new functionality, so no new tests.
2356
2357         * storage/IDBCallbacks.h:
2358         * storage/IDBCursorBackendImpl.cpp:
2359         (WebCore::IDBCursorBackendImpl::updateInternal):
2360         (WebCore::IDBCursorBackendImpl::continueFunctionInternal):
2361         * storage/IDBIndexBackendImpl.cpp:
2362         (WebCore::IDBIndexBackendImpl::openCursorInternal):
2363         * storage/IDBObjectStoreBackendImpl.cpp:
2364         (WebCore::IDBObjectStoreBackendImpl::deleteInternal):
2365         (WebCore::IDBObjectStoreBackendImpl::openCursorInternal):
2366         * storage/IDBRequest.cpp:
2367         * storage/IDBRequest.h:
2368
2369 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
2370
2371         Unreviewed, rolling out r76773.
2372         http://trac.webkit.org/changeset/76773
2373         https://bugs.webkit.org/show_bug.cgi?id=53230
2374
2375         breaks multiple GTK media tests (Requested by philn-tp on
2376         #webkit).
2377
2378         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2379         (WebCore::mimeTypeCache):
2380
2381 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
2382
2383         Unreviewed, rolling out r76770.
2384         http://trac.webkit.org/changeset/76770
2385         https://bugs.webkit.org/show_bug.cgi?id=53229
2386
2387         Some inspector tests fail (Requested by yurys on #webkit).
2388
2389         * CMakeLists.txt:
2390         * GNUmakefile.am:
2391         * WebCore.exp.in:
2392         * WebCore.gypi:
2393         * WebCore.pro:
2394         * WebCore.vcproj/WebCore.vcproj:
2395         * WebCore.xcodeproj/project.pbxproj:
2396         * bindings/js/ScriptDebugServer.cpp:
2397         (WebCore::ScriptDebugServer::isDebuggerAlwaysEnabled):
2398         * bindings/js/ScriptDebugServer.h:
2399         * bindings/js/ScriptProfiler.cpp:
2400         (WebCore::ScriptProfiler::isProfilerAlwaysEnabled):
2401         * bindings/js/ScriptProfiler.h:
2402         * bindings/v8/ScriptDebugServer.cpp:
2403         (WebCore::ScriptDebugServer::isDebuggerAlwaysEnabled):
2404         * bindings/v8/ScriptDebugServer.h:
2405         * bindings/v8/ScriptProfiler.cpp:
2406         (WebCore::ScriptProfiler::isProfilerAlwaysEnabled):
2407         * bindings/v8/ScriptProfiler.h:
2408         * inspector/Inspector.idl:
2409         * inspector/InspectorAgent.cpp:
2410         (WebCore::InspectorAgent::InspectorAgent):
2411         (WebCore::InspectorAgent::disconnectFrontend):
2412         (WebCore::InspectorAgent::restoreDebugger):
2413         (WebCore::InspectorAgent::restoreProfiler):
2414         (WebCore::InspectorAgent::ensureSettingsLoaded):
2415         (WebCore::InspectorAgent::enableProfiler):
2416         (WebCore::InspectorAgent::disableProfiler):
2417         (WebCore::InspectorAgent::showAndEnableDebugger):
2418         (WebCore::InspectorAgent::enableDebugger):
2419         (WebCore::InspectorAgent::disableDebugger):
2420         * inspector/InspectorAgent.h:
2421         (WebCore::InspectorAgent::settings):
2422         * inspector/InspectorConsoleAgent.cpp:
2423         (WebCore::InspectorConsoleAgent::setMonitoringXHREnabled):
2424         (WebCore::InspectorConsoleAgent::setConsoleMessagesEnabled):
2425         * inspector/InspectorDebuggerAgent.cpp:
2426         (WebCore::InspectorDebuggerAgent::isDebuggerAlwaysEnabled):
2427         * inspector/InspectorDebuggerAgent.h:
2428         * inspector/InspectorInstrumentation.cpp:
2429         (WebCore::InspectorInstrumentation::identifierForInitialRequestImpl):
2430         (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
2431         * inspector/InspectorProfilerAgent.cpp:
2432         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2433         (WebCore::InspectorProfilerAgent::startUserInitiatedProfiling):
2434         * inspector/InspectorSettings.cpp: Added.
2435         (WebCore::InspectorSettings::InspectorSettings):
2436         (WebCore::InspectorSettings::getBoolean):
2437         (WebCore::InspectorSettings::setBoolean):
2438         (WebCore::InspectorSettings::getLong):
2439         (WebCore::InspectorSettings::setLong):
2440         (WebCore::InspectorSettings::registerBoolean):
2441         (WebCore::InspectorSettings::registerLong):
2442         * inspector/InspectorSettings.h: Copied from Source/WebCore/bindings/v8/ScriptProfiler.h.
2443         * inspector/InspectorState.cpp:
2444         (WebCore::InspectorState::InspectorState):
2445         * inspector/InspectorState.h:
2446         * inspector/front-end/ConsoleView.js:
2447         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher.dispatcher.monitoringXHRStateChanged):
2448         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher):
2449         (WebInspector.ConsoleView.prototype._handleContextMenuEvent):
2450         * inspector/front-end/ProfilesPanel.js:
2451         (WebInspector.ProfilesPanel.prototype._toggleProfiling):
2452         * inspector/front-end/ScriptsPanel.js:
2453         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
2454         * inspector/front-end/Settings.js:
2455         (WebInspector.Settings):
2456         * inspector/front-end/inspector.js:
2457
2458 2011-01-26  Philippe Normand  <pnormand@igalia.com>
2459
2460         Reviewed by Martin Robinson.
2461
2462         [GTK] LayoutTests/media/audio-mpeg4-supported.html fails
2463         https://bugs.webkit.org/show_bug.cgi?id=53125
2464
2465         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2466         (WebCore::mimeTypeCache): Add audio/x-m4a mimetype in the cache.
2467
2468 2011-01-26  Yury Semikhatsky  <yurys@chromium.org>
2469
2470         Reviewed by Pavel Feldman.
2471
2472         Web Inspector: store all settings related to the agents on the frontend side
2473         https://bugs.webkit.org/show_bug.cgi?id=53174
2474
2475         * CMakeLists.txt:
2476         * GNUmakefile.am:
2477         * WebCore.exp.in:
2478         * WebCore.gypi:
2479         * WebCore.pro:
2480         * WebCore.vcproj/WebCore.vcproj:
2481         * WebCore.xcodeproj/project.pbxproj:
2482         * inspector/Inspector.idl:
2483         * inspector/InspectorAgent.cpp: profiler and debugger enablement state is now stored
2484         on the front-end side and will be pushed to the backend when the frontend is loaded.
2485         (WebCore::InspectorAgent::InspectorAgent):
2486         (WebCore::InspectorAgent::disconnectFrontend):
2487         (WebCore::InspectorAgent::restoreDebugger):
2488         (WebCore::InspectorAgent::restoreProfiler):
2489         (WebCore::InspectorAgent::enableProfiler):
2490         (WebCore::InspectorAgent::disableProfiler):
2491         (WebCore::InspectorAgent::showAndEnableDebugger):
2492         (WebCore::InspectorAgent::enableDebugger):
2493         (WebCore::InspectorAgent::disableDebugger):
2494         * inspector/InspectorAgent.h:
2495         * inspector/InspectorConsoleAgent.cpp: XHR failures will be logged to the console only
2496         if the front-end was opened during current browser session and XHR logging is turned on
2497         there.
2498         (WebCore::InspectorConsoleAgent::setMonitoringXHREnabled):
2499         (WebCore::InspectorConsoleAgent::setConsoleMessagesEnabled):
2500         * inspector/InspectorInstrumentation.cpp:
2501         (WebCore::InspectorInstrumentation::identifierForInitialRequestImpl):
2502         (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
2503         * inspector/InspectorProfilerAgent.cpp:
2504         (WebCore::InspectorProfilerAgent::enable):
2505         (WebCore::InspectorProfilerAgent::startUserInitiatedProfiling):
2506         * inspector/InspectorProfilerAgent.h:
2507         * inspector/InspectorSettings.cpp: Removed.
2508         * inspector/InspectorSettings.h: Removed.
2509         * inspector/InspectorState.cpp:
2510         (WebCore::InspectorState::InspectorState):
2511         * inspector/InspectorState.h:
2512         * inspector/front-end/ConsoleView.js:
2513         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher.dispatcher.consoleMessagesCleared):
2514         (WebInspector.ConsoleView.prototype._registerConsoleDomainDispatcher):
2515         (WebInspector.ConsoleView.prototype._handleContextMenuEvent.itemAction):
2516         (WebInspector.ConsoleView.prototype._handleContextMenuEvent):
2517         * inspector/front-end/ProfilesPanel.js:
2518         (WebInspector.ProfilesPanel.prototype._toggleProfiling):
2519         * inspector/front-end/ScriptsPanel.js:
2520         (WebInspector.ScriptsPanel.prototype._toggleDebugging):
2521         * inspector/front-end/Settings.js:
2522         (WebInspector.Settings):
2523         * inspector/front-end/inspector.js:
2524
2525 2011-01-27  Dan Bernstein  <mitz@apple.com>
2526
2527         Reviewed by Sam Weinig.
2528
2529         REGRESSION (r76743): Uneven spacing in right-to-left justified text
2530         https://bugs.webkit.org/show_bug.cgi?id=53225
2531
2532         Fixes failure in fast/text/atsui-spacing-features.html
2533
2534         There was an inconsistency between rendering code and font code in the interpretation of
2535         'after expansion' and 'trailing expansion'. Changed all code to interpret these in terms of
2536         visual order rather than logical.
2537
2538         * platform/graphics/Font.cpp:
2539         (WebCore::Font::expansionOpportunityCount): Added a text direction parameter and changed to
2540         iterate in visual order accordingly.
2541         * platform/graphics/Font.h:
2542         * platform/graphics/WidthIterator.cpp:
2543         (WebCore::WidthIterator::WidthIterator): Pass the run direction to expansionOpportunityCount().
2544         (WebCore::WidthIterator::advance): For right-to-left runs, evaluate the trailing expansion
2545         condition with respect to the first character, which is the trailing character in visual order.
2546         * platform/graphics/mac/ComplexTextController.cpp:
2547         (WebCore::ComplexTextController::ComplexTextController): Pass the run direction to
2548         expansionOpportunityCount().
2549         * rendering/RenderBlockLineLayout.cpp:
2550         (WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Ditto.
2551
2552 2011-01-26  Adam Roben  <aroben@apple.com>
2553
2554         Don't create the Direct3D device before it's first needed
2555
2556         We only need the device once we decide to render. There's no point in creating it before
2557         then.
2558
2559         Reviewed by Sam Weinig.
2560
2561         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
2562         (WebCore::CACFLayerTreeHost::setWindow): Removed the call to createRenderer() from here.
2563         We already have code to create it when we first try to draw.
2564         (WebCore::CACFLayerTreeHost::createRenderer): Flush the context after we set our layer's
2565         bounds so that the bounds will take effect the next time we render (which could be just
2566         after this function returns).
2567
2568 2011-01-26  Adam Roben  <aroben@apple.com>
2569
2570         Add assertions that CACFLayerTreeHost gains and loses an HWND only once
2571
2572         CACFLayerTreeHost doesn't support any other use pattern.
2573
2574         Reviewed by Sam Weinig.
2575
2576         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
2577         (WebCore::CACFLayerTreeHost::CACFLayerTreeHost): Initialize new member.
2578         (WebCore::CACFLayerTreeHost::setWindow): Assert that we transition from not having a window,
2579         to having a window, to not having a window just once over the lifetime of this object.
2580
2581         * platform/graphics/ca/win/CACFLayerTreeHost.h: Added m_state.
2582
2583 2011-01-26  Adam Roben  <aroben@apple.com>
2584
2585         Notify layers that their animations have started when we flush the context, not when we
2586         render
2587
2588         r76372 separated context flushing from rendering, but this bit of code got left behind.
2589
2590         Reviewed by Sam Weinig.
2591
2592         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
2593         (WebCore::CACFLayerTreeHost::render): Moved code to notify the layers from here to
2594         notifyAnimationsStarted.
2595         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Added a call to
2596         notifyAnimationsStarted after we flush the context.
2597         (WebCore::CACFLayerTreeHost::notifyAnimationsStarted): Added. Code came from render. Changed
2598         to call PlatformCALayer::animationStarted rather than calling through to the client
2599         directly.
2600
2601         * platform/graphics/ca/win/CACFLayerTreeHost.h: Added notifyAniamtionsStarted.
2602
2603 2011-01-26  Adam Roben  <aroben@apple.com>
2604
2605         Small cleanup in MediaPlayerPrivateFullscreenWindow
2606
2607         Reviewed by Sam Weinig.
2608
2609         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp:
2610         (WebCore::MediaPlayerPrivateFullscreenWindow::~MediaPlayerPrivateFullscreenWindow): Moved
2611         code here from close(), since this was the only place that called it after the following
2612         change to createWindow.
2613         (WebCore::MediaPlayerPrivateFullscreenWindow::createWindow): Replaced code that handled the
2614         case where we had already created the window with an assertion that we have not already done
2615         so. Our single caller (FullscreenVideoController) did not require this behavior.
2616
2617         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h: Removed layerView.
2618
2619 2011-01-26  Sam Weinig  <sam@webkit.org>
2620
2621         Reviewed by Adam Roben.
2622
2623         Move ScrollView scroll wheel code to ScrollAnimator.
2624
2625         * platform/ScrollAnimator.cpp:
2626         (WebCore::ScrollAnimator::handleWheelEvent):
2627         * platform/ScrollAnimator.h:
2628         Moved implementation of handleWheelEvent from ScrollView::wheelEvent.
2629
2630         * platform/ScrollView.cpp:
2631         (WebCore::ScrollView::wheelEvent):
2632         Call down to the ScrollableArea.
2633
2634         * platform/ScrollableArea.cpp:
2635         (WebCore::ScrollableArea::handleWheelEvent):
2636         Call down to the ScrollAnimator.
2637
2638         * platform/ScrollableArea.h:
2639         (WebCore::ScrollableArea::scrollPosition):
2640         (WebCore::ScrollableArea::minimumScrollPosition):
2641         (WebCore::ScrollableArea::maximumScrollPosition):
2642         (WebCore::ScrollableArea::visibleContentRect):
2643         (WebCore::ScrollableArea::visibleHeight):
2644         (WebCore::ScrollableArea::visibleWidth):
2645         Add functions needed to implement wheel event in the animator.
2646
2647 2011-01-26  David Kilzer  <ddkilzer@apple.com>
2648
2649         <http://webkit.org/b/53192> Add experimental support for HTTP pipelining in CFNetwork
2650         <rdar://problem/8821760>
2651
2652         Reviewed by Antti Koivisto.
2653
2654         This adds support for HTTP pipelining in CFNetwork, but does not
2655         enable it.  To enable it post-SnowLeopard, use this command:
2656
2657             defaults write BUNDLE.ID WebKitEnableHTTPPipelining -bool YES
2658
2659         Once enabled, it is possible to force the same load priority
2660         (high) to be sent to CFNetwork to allow WebCore to handle the
2661         scheduling:
2662
2663             defaults write BUNDLE.ID WebKitForceHTTPPipeliningPriorityHigh -bool YES
2664
2665         * WebCore.exp.in: Export _wkGetHTTPPipeliningPriority and
2666         _wkSetHTTPPipeliningPriority.
2667
2668         * loader/DocumentThreadableLoader.cpp:
2669         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight):
2670         Copy the priority to preflightRequest.
2671
2672         * loader/ResourceLoadScheduler.cpp:
2673         (WebCore::ResourceLoadScheduler::scheduleLoad): Refactored code
2674         at the end of the method to use an early return.
2675
2676         * loader/cache/CachedResourceRequest.cpp:
2677         (WebCore::CachedResourceRequest::load): Set the priority on the
2678         ResourceRequest object based on the priority of the
2679         CachedResourceRequest before calling
2680         ResourceLoadScheduler::scheduleSubresourceLoad().
2681
2682         * loader/icon/IconLoader.cpp:
2683         (WebCore::IconLoader::startLoading): Create a ResourceRequest
2684         object and set its priority to ResourceLoadPriorityLow before
2685         passing it to ResourceLoadScheduler::scheduleSubresourceLoad().
2686
2687         * platform/mac/WebCoreSystemInterface.h:
2688         (wkGetHTTPPipeliningPriority): Added.
2689         (wkSetHTTPPipeliningPriority): Added.
2690         * platform/mac/WebCoreSystemInterface.mm:
2691         (wkGetHTTPPipeliningPriority): Added.
2692         (wkSetHTTPPipeliningPriority): Added.
2693
2694         * platform/network/ResourceRequestBase.cpp:
2695         (WebCore::ResourceRequestBase::adopt): Set m_priority when
2696         adopting a CrossThreadResourceRequestData.
2697         (WebCore::ResourceRequestBase::copyData): Set m_priority when
2698         creating a CrossThreadResourceRequestData.
2699         (WebCore::ResourceRequestBase::priority): Added.
2700         (WebCore::ResourceRequestBase::setPriority): Added.
2701         (WebCore::equalIgnoringHeaderFields): Priorities must match when
2702         comparing two ResourceRequest objects.
2703
2704         * platform/network/ResourceRequestBase.h:
2705         (WebCore::ResourceRequestBase::ResourceRequestBase): Set default
2706         priority of new objects to ResourceLoadPriorityLow.
2707         (WebCore::ResourceRequestBase::priority): Added declaration.
2708         (WebCore::ResourceRequestBase::setPriority): Added declaration.
2709         (WebCore::isHTTPPipeliningEnabled): Added.
2710         (WebCore::shouldUseHTTPPipeliningPriority): Added.
2711
2712         * platform/network/cf/ResourceRequestCFNet.cpp: Updated so that
2713         Mac OS X and Windows share code.
2714         (WebCore::initializeMaximumHTTPConnectionCountPerHost): Always
2715         set the HTTP connection count per host, but return an
2716         'unlimited' value when using HTTP pipelining.  This method used
2717         to be defined in ResourceRequestMac.mm for Mac OS X.
2718         (WebCore::readBooleanPreference): Added.  Helper method for
2719         reading boolean user defaults.
2720         (WebCore::isHTTPPipeliningEnabled): Returns value of user
2721         default key WebKitEnableHTTPPipelining, or false if not set.
2722         (WebCore::shouldUseHTTPPipeliningPriority): Returns value of
2723         user default key WebKitForceHTTPPipeliningPriorityHigh, or false
2724         if not set.
2725         * platform/network/cf/ResourceRequestCFNet.h: Updated so that
2726         Mac OS X and Windows share code.  Fixed indentation.
2727         (WebCore::mapHTTPPipeliningPriorityToResourceLoadPriority): Added.
2728         (WebCore::mapResourceLoadPriorityToHTTPPipeliningPriority): Added.
2729
2730         * platform/network/mac/ResourceRequestMac.mm:
2731         (WebCore::ResourceRequest::doUpdatePlatformRequest): Update
2732         HTTP pipelining priority on NSMutableFURLRequest object.
2733         (WebCore::ResourceRequest::doUpdateResourceRequest): Update
2734         m_priority from the NSURLRequest object.
2735         (WebCore::initializeMaximumHTTPConnectionCountPerHost): Removed.
2736         Code is now shared with Windows in ResourceRequestCFNet.cpp.
2737
2738 2011-01-26  Beth Dakin  <bdakin@apple.com>
2739
2740         Reviewed by Darin Adler.
2741
2742         Fix for <rdar://problem/8895140> Adopt WKScrollbar metrics 
2743         when using WKScrollbars.
2744
2745         New WebKitSystemInterface Functionality.
2746         * WebCore.exp.in:
2747         * platform/mac/WebCoreSystemInterface.h:
2748         * platform/mac/WebCoreSystemInterface.mm:
2749
2750         Some of the terrible static arrays are now only needed in the 
2751         old non-WK code, so they are if-def'd now.
2752         * platform/mac/ScrollbarThemeMac.mm:
2753         
2754         Just patching this function in a better way than I did
2755         before.
2756         (WebCore::updateArrowPlacement):
2757         
2758         Call into WK for the right values.
2759         (WebCore::ScrollbarThemeMac::scrollbarThickness):
2760         (WebCore::ScrollbarThemeMac::hasThumb):
2761         (WebCore::ScrollbarThemeMac::minimumThumbLength):
2762         
2763         Return false if there are no buttons.
2764         (WebCore::ScrollbarThemeMac::hasButtons):
2765
2766         Return an empty IntRect if there are not buttons.
2767         (WebCore::buttonRepaintRect):
2768
2769 2011-01-26  Sam Weinig  <sam@webkit.org>
2770
2771         Reviewed by Maciej Stachowiak.
2772
2773         Add events to represent the start/end of a gesture scroll
2774         https://bugs.webkit.org/show_bug.cgi?id=53215
2775
2776         * WebCore.exp.in: 
2777         Add new file.
2778
2779         * WebCore.xcodeproj/project.pbxproj:
2780         Add new file.
2781
2782         * page/EventHandler.cpp:
2783         (WebCore::EventHandler::handleGestureEvent):
2784         * page/EventHandler.h:
2785         Add entry point for handling gesture events.
2786
2787         * platform/PlatformGestureEvent.h: Added.
2788         (WebCore::PlatformGestureEvent::PlatformGestureEvent):
2789         (WebCore::PlatformGestureEvent::type):
2790         (WebCore::PlatformGestureEvent::position):
2791         (WebCore::PlatformGestureEvent::globalPosition):
2792         (WebCore::PlatformGestureEvent::timestamp):
2793         Add platform agnostic representation of a gesture event.
2794
2795 2011-01-26  Dan Bernstein  <mitz@apple.com>
2796
2797         Reviewed by Dave Hyatt.
2798
2799         <rdar://problem/8446709> Allow inter-ideograph justification for CJK
2800         https://bugs.webkit.org/show_bug.cgi?id=53184
2801
2802         Tests: fast/text/justify-ideograph-complex.html
2803                fast/text/justify-ideograph-simple.html
2804                fast/text/justify-ideograph-vertical.html
2805
2806         * html/canvas/CanvasRenderingContext2D.cpp:
2807         (WebCore::CanvasRenderingContext2D::drawTextInternal): Corrected the type of the third parameter
2808         passed to the TextRun constructor and added the trailingExpansionBehavior parameter.
2809         * platform/graphics/Font.cpp:
2810         (WebCore::Font::expansionOpportunityCount): Added. Returns the number of expansion opportunities
2811         for text justification. On entry, isAfterExpansion says whether an expansion opportunity exists
2812         before the first character. On return, isAfterExpansion says whether an expansion opportunity
2813         exists after the last character.
2814         * platform/graphics/Font.h: 
2815         * platform/graphics/GlyphBuffer.h:
2816         (WebCore::GlyphBuffer::expandLastAdvance): Added.
2817         * platform/graphics/TextRun.h:
2818         (WebCore::TextRun::TextRun): Added a TrailingExpansionBehavior parameter to the constructors.
2819         Renamed padding to expansion.
2820         (WebCore::TextRun::expansion): Renamed padding() to this.
2821         (WebCore::TextRun::allowsTrailingExpansion): Added this accessor.
2822         * platform/graphics/WidthIterator.cpp:
2823         (WebCore::WidthIterator::WidthIterator): Initialize m_isAfterExpansion. Use Font::expansionOpportunityCount()
2824         and adjust the count if it includes a trailing expansion opportunity but the run disallows trailing
2825         expansion.
2826         (WebCore::WidthIterator::advance): Apply expansion before and after CJK ideographs.
2827         (WebCore::WidthIterator::advanceOneCharacter): Changed to not clear the GlyphBuffer so that advance()
2828         can expand the last advance if it is followed by a CJK ideograph.
2829         * platform/graphics/WidthIterator.h: Renamed m_padding to m_expansion and m_padPerSpace
2830         to m_expansionPerOpportunity.
2831         * platform/graphics/chromium/FontChromiumWin.cpp:
2832         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2833         * platform/graphics/chromium/FontLinux.cpp:
2834         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2835         * platform/graphics/efl/FontEfl.cpp:
2836         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2837         * platform/graphics/gtk/FontGtk.cpp:
2838         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2839         * platform/graphics/haiku/FontHaiku.cpp:
2840         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2841         * platform/graphics/mac/ComplexTextController.cpp:
2842         (WebCore::ComplexTextController::ComplexTextController): Initialize m_isAfterExpansion. Use
2843         Font::expansionOpportunityCount() and adjust the count if it includes a trailing expansion
2844         opportunity but the run disallows trailing expansion.
2845         (WebCore::ComplexTextController::adjustGlyphsAndAdvances): Moved the definition and initialization
2846         of hasExtraSpacing outside the loop. Apply expansion before and after CJK ideographs.
2847         * platform/graphics/mac/ComplexTextController.h: Renamed m_padding to m_expansion and m_padPerSpace
2848         to m_expansionPerOpportunity.
2849         * platform/graphics/mac/FontMac.mm:
2850         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2851         * platform/graphics/qt/FontQt.cpp:
2852         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2853         * platform/graphics/win/FontWin.cpp:
2854         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2855         * platform/graphics/win/UniscribeController.cpp:
2856         (WebCore::UniscribeController::UniscribeController): Updated for rename.
2857         * platform/graphics/wince/FontWinCE.cpp:
2858         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2859         * platform/graphics/wx/FontWx.cpp:
2860         (WebCore::Font::canExpandAroundIdeographsInComplexText): Added.
2861         * rendering/EllipsisBox.cpp:
2862         (WebCore::EllipsisBox::paint): Pass a TrailingExpansionBehavior to the TextRun constructor.
2863         (WebCore::EllipsisBox::selectionRect): Ditto.
2864         (WebCore::EllipsisBox::paintSelection): Ditto.
2865         * rendering/InlineBox.h:
2866         (WebCore::InlineBox::InlineBox): Renamed m_toAdd to m_expansion.
2867         (WebCore::InlineBox::expansion): Renamed toAdd() to this.
2868         * rendering/InlineTextBox.cpp:
2869         (WebCore::InlineTextBox::selectionRect): Pass a TrailingExpansionBehavior to the TextRun constructor.
2870         (WebCore::InlineTextBox::paint): Ditto.
2871         (WebCore::InlineTextBox::paintSelection): Ditto.
2872         (WebCore::InlineTextBox::paintCompositionBackground): Ditto.
2873         (WebCore::InlineTextBox::paintSpellingOrGrammarMarker): Ditto.
2874         (WebCore::InlineTextBox::paintTextMatchMarker): Ditto.
2875         (WebCore::InlineTextBox::computeRectForReplacementMarker): Ditto.
2876         (WebCore::InlineTextBox::offsetForPosition): Ditto.
2877         (WebCore::InlineTextBox::positionForOffset): Ditto.
2878         * rendering/InlineTextBox.h:
2879         (WebCore::InlineTextBox::setExpansion): Renamed setSpaceAdd() to this.
2880         (WebCore::InlineTextBox::trailingExpansionBehavior): Added. Trailing expansion is allowed if this
2881         is not the last leaf box on the line.
2882         * rendering/RenderBlockLineLayout.cpp:
2883         (WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Keep expansion opportunity counts
2884         in a vector instead of computing them twice. Discard the trailing expansion opportunity in the
2885         last text box.
2886         * rendering/RenderFileUploadControl.cpp:
2887         (WebCore::RenderFileUploadControl::paintObject): Pass a TrailingExpansionBehavior to the TextRun constructor.
2888         (WebCore::RenderFileUploadControl::computePreferredLogicalWidths): Ditto.
2889         * rendering/RenderListBox.cpp:
2890         (WebCore::RenderListBox::updateFromElement): Ditto.
2891         (WebCore::RenderListBox::paintItemForeground): Ditto. Also corrected the type of the second parameter.
2892         * rendering/RenderTextControl.cpp:
2893         (WebCore::RenderTextControl::getAvgCharWidth): Ditto.
2894         (WebCore::RenderTextControl::paintPlaceholder): Ditto.
2895         * rendering/svg/SVGInlineTextBox.cpp:
2896         (WebCore::SVGInlineTextBox::constructTextRun): Ditto.
2897
2898 2011-01-26  Andy Estes  <aestes@apple.com>
2899
2900         Rubber-stamped by Darin Adler.
2901
2902         Inline HTMLObjectElement::hasValidClassId().
2903
2904         * html/HTMLObjectElement.cpp:
2905         (WebCore::HTMLObjectElement::hasValidClassId):
2906
2907 2011-01-26  Evan Martin  <evan@chromium.org>
2908
2909         Reviewed by Tony Chang.
2910
2911         [chromium] crash on getBoundingClientRect in complex text
2912         https://bugs.webkit.org/show_bug.cgi?id=53199
2913
2914         Use the correct array bound; we want the number of characters processed by
2915         the shaper, not the longest continuous script run length.
2916
2917         Test: platform/chromium-linux/fast/text/international/complex-text-rectangle.html
2918
2919         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
2920         (WebCore::ComplexTextController::nextScriptRun):
2921         * platform/graphics/chromium/ComplexTextControllerLinux.h:
2922         (WebCore::ComplexTextController::numCodePoints):
2923
2924 2011-01-26  Emil A Eklund  <eae@chromium.org>
2925
2926         Reviewed by Alexey Proskuryakov.
2927
2928         Remove cached document reference from CSSStyleSheet and XSLStyleSheet.
2929         https://bugs.webkit.org/show_bug.cgi?id=52084
2930
2931         Test: fast/dom/css-delete-doc.html
2932
2933         * css/CSSMediaRule.cpp:
2934         (WebCore::CSSMediaRule::insertRule):
2935         (WebCore::CSSMediaRule::deleteRule):
2936         * css/CSSStyleSheet.cpp:
2937         (WebCore::CSSStyleSheet::CSSStyleSheet):
2938         (WebCore::CSSStyleSheet::document):
2939         * css/CSSStyleSheet.h:
2940         * xml/XSLStyleSheet.h:
2941         (WebCore::XSLStyleSheet::parentStyleSheet):
2942         * xml/XSLStyleSheetLibxslt.cpp:
2943         (WebCore::XSLStyleSheet::XSLStyleSheet):
2944         (WebCore::XSLStyleSheet::cachedResourceLoader):
2945         (WebCore::XSLStyleSheet::setParentStyleSheet):
2946         (WebCore::XSLStyleSheet::ownerDocument):
2947         * xml/XSLStyleSheetQt.cpp:
2948         (WebCore::XSLStyleSheet::XSLStyleSheet):
2949         (WebCore::XSLStyleSheet::cachedResourceLoader):
2950         (WebCore::XSLStyleSheet::ownerDocument):
2951
2952 2011-01-25  Dimitri Glazkov  <dglazkov@chromium.org>
2953
2954         Reviewed by Kent Tamura.
2955
2956         Reduce ref-count churn in shadowPseudoId.
2957         https://bugs.webkit.org/show_bug.cgi?id=53136
2958
2959         Refactoring, so no new tests.
2960
2961         * dom/Element.h:
2962         (WebCore::Element::shadowPseudoId): Changed signature to use const AtomicString&
2963         * html/ValidationMessage.cpp:
2964         (WebCore::ElementWithPseudoId::shadowPseudoId): Ditto.
2965         * html/shadow/SliderThumbElement.cpp:
2966         (WebCore::SliderThumbElement::shadowPseudoId): Ditto, plus moved from the header file.
2967         * html/shadow/SliderThumbElement.h: Ditto.
2968         * rendering/MediaControlElements.cpp:
2969         (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Ditto.
2970         (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Ditto.
2971         (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Ditto.
2972         (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Ditto.
2973         (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Ditto.
2974         (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Ditto.
2975         (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Ditto.
2976         (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Ditto.
2977         (WebCore::MediaControlTimelineElement::shadowPseudoId): Ditto.
2978         (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Ditto.
2979         (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Ditto.
2980         * rendering/MediaControlElements.h: Ditto.
2981
2982 2011-01-26  Dave Hyatt  <hyatt@apple.com>
2983
2984         Reviewed by Dan Bernstein.
2985
2986         https://bugs.webkit.org/show_bug.cgi?id=46421, make multi-column layout work with vertical text.
2987
2988         Added new tests in fast/multicol/vertical-lr and fast/multicol/vertical-rl.
2989
2990         * css/html.css:
2991         Update p, blockquote and h1-h6 to respect directionality so that column layout tests that use those
2992         elements work properly.
2993
2994         * rendering/InlineFlowBox.cpp:
2995         (WebCore::InlineFlowBox::placeBoxesInBlockDirection):
2996         Fix a flipping bug with the computation of lineTopIncludingMargins where it could be incorrectly shrunk
2997         in some cases (causing lines to all stack on top of one another).
2998
2999         * rendering/InlineTextBox.h:
3000         (WebCore::InlineTextBox::calculateBoundaries):
3001         Fix calculateBoundaries to be physical rather than logical.
3002
3003         * rendering/LayoutState.cpp:
3004         (WebCore::LayoutState::addForcedColumnBreak):
3005         * rendering/LayoutState.h:
3006         Rename childY to childLogicalOffset.
3007
3008         * rendering/RenderBlock.cpp:
3009         (WebCore::RenderBlock::layoutBlock):
3010         (WebCore::RenderBlock::addOverflowFromChildren):
3011         (WebCore::RenderBlock::addOverflowFromFloats):
3012         (WebCore::RenderBlock::collapseMargins):
3013         (WebCore::RenderBlock::estimateLogicalTopPosition):
3014         (WebCore::RenderBlock::layoutBlockChild):
3015         (WebCore::RenderBlock::markForPaginationRelayoutIfNeeded):
3016         (WebCore::RenderBlock::paintColumnRules):
3017         (WebCore::RenderBlock::paintColumnContents):
3018         (WebCore::RenderBlock::paintFloats):
3019         (WebCore::RenderBlock::selectionGaps):
3020         (WebCore::RenderBlock::removeFloatingObjectsBelow):
3021         (WebCore::RenderBlock::addOverhangingFloats):
3022         (WebCore::RenderBlock::hitTestFloats):
3023         (WebCore::RenderBlock::hitTestColumns):
3024         (WebCore::RenderBlock::calcColumnWidth):
3025         (WebCore::RenderBlock::desiredColumnWidth):
3026         (WebCore::RenderBlock::columnRectAt):
3027         (WebCore::RenderBlock::layoutColumns):
3028         (WebCore::RenderBlock::adjustPointToColumnContents):
3029         (WebCore::RenderBlock::adjustRectForColumns):
3030         (WebCore::RenderBlock::flipForWritingModeIncludingColumns):
3031         (WebCore::RenderBlock::adjustForColumns):
3032         (WebCore::RenderBlock::adjustForBorderFit):
3033         (WebCore::RenderBlock::nextPageLogicalTop):
3034         (WebCore::RenderBlock::applyBeforeBreak):
3035         (WebCore::RenderBlock::applyAfterBreak):
3036         (WebCore::RenderBlock::adjustForUnsplittableChild):
3037         (WebCore::RenderBlock::adjustLinePositionForPagination):
3038         * rendering/RenderBlock.h:
3039         (WebCore::RenderBlock::logicalRightOffsetForContent):
3040         (WebCore::RenderBlock::logicalLeftOffsetForContent):
3041         (WebCore::RenderBlock::leftForFloatIncludingMargin):
3042         (WebCore::RenderBlock::topForFloatIncludingMargin):
3043         * rendering/RenderBlockLineLayout.cpp:
3044         (WebCore::RenderBlock::layoutInlineChildren):
3045         (WebCore::RenderBlock::determineStartPosition):
3046         Reworking of all the RenderBlock column functions to support flipping and vertical modes.
3047
3048         * rendering/RenderBox.cpp:
3049         (WebCore::RenderBox::offsetFromContainer):
3050         (WebCore::RenderBox::flipForWritingModeIncludingColumns):
3051         Patch offsetFromContainer to be aware of flipped block writing modes when dealing with column layouts.
3052
3053         * rendering/RenderBox.h:
3054         (WebCore::RenderBox::clientLogicalBottom):
3055         Fix a bug in clientLogicalBottom where it didn't add in the right border/padding.
3056         
3057         * rendering/RenderFlexibleBox.cpp:
3058         (WebCore::RenderFlexibleBox::layoutBlock):
3059         Better terminology for pagination.
3060
3061         * rendering/RenderInline.cpp:
3062         (WebCore::RenderInline::offsetFromContainer):
3063         (WebCore::RenderInline::mapLocalToContainer):
3064         * rendering/RenderLayer.cpp:
3065         (WebCore::RenderLayer::paintChildLayerIntoColumns):
3066         (WebCore::RenderLayer::hitTestChildLayerColumns):
3067         (WebCore::RenderLayer::localBoundingBox):
3068         (WebCore::RenderLayer::boundingBox):
3069         Patch painting in RenderLayers to be vertical-text-aware.
3070     
3071         * rendering/RenderObject.cpp:
3072         (WebCore::RenderObject::mapLocalToContainer):
3073         Add code to be flipped block-aware with columns.
3074
3075         * rendering/RenderTable.cpp:
3076         (WebCore::RenderTable::layout):
3077         * rendering/RenderTableRow.cpp:
3078         (WebCore::RenderTableRow::layout):
3079         * rendering/RenderTableSection.cpp:
3080         (WebCore::RenderTableSection::layoutRows):
3081         Fix pagination to use better terminology.
3082         
3083         * rendering/RenderText.cpp:
3084         (WebCore::RenderText::absoluteQuads):
3085         (WebCore::RenderText::absoluteQuadsForRange):
3086         Fix a bug where vertical text wasn't taken into account.
3087
3088 2011-01-26  Dimitri Glazkov  <dglazkov@chromium.org>
3089
3090         Unreviewed, rolling out r76719.
3091         http://trac.webkit.org/changeset/76719
3092         https://bugs.webkit.org/show_bug.cgi?id=53122
3093
3094         Broke a bunch of media tests in Chromium/Qt/GTK.
3095
3096 2011-01-26  Tony Chang  <tony@chromium.org>
3097
3098         Reviewed by Ryosuke Niwa.
3099
3100         [gtk] strip NUL characters when copying text/html on GTK+
3101         https://bugs.webkit.org/show_bug.cgi?id=52508
3102
3103         Putting NUL characters in the text/html clipboard doesn't work in
3104         WebKit GTK+ (the pasted value is truncated at the NUL).  Since we're
3105         already stripping this character for plain text (for Windows), strip
3106         it in text/html too.
3107
3108         * editing/MarkupAccumulator.h: mark function as virtual
3109         * editing/markup.cpp:
3110         (WebCore::StyledMarkupAccumulator::appendString):
3111         (WebCore::StyledMarkupAccumulator::takeResults): strip nulls
3112
3113 2011-01-26  Mario Sanchez Prada  <msanchez@igalia.com>
3114
3115         Reviewed by Martin Robinson.
3116
3117         [GTK] Reliable crash with getTextAtOffset()
3118         https://bugs.webkit.org/show_bug.cgi?id=53131
3119
3120         Properly calculate length in bytes for a UTF8 substring.
3121
3122         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
3123         (utf8Substr): Use character instead of bytes as units to
3124         calculate the length in bytes for the UTF8 string.
3125
3126 2011-01-25  Dimitri Glazkov  <dglazkov@chromium.org>
3127
3128         Reviewed by Kent Tamura.
3129
3130         Change HTMLInputElement-derived parts of media element shadow DOM to use shadowPseudoId.
3131         https://bugs.webkit.org/show_bug.cgi?id=53122
3132
3133         This is the first step in converting HTMLMediaElement to the new shadow DOM.
3134
3135         Should not regress any existing tests. No observable change in behavior.
3136
3137         * css/CSSSelector.cpp:
3138         (WebCore::CSSSelector::pseudoId): Removed now-unnecessary hard-coded pseudo-element selectors.
3139         (WebCore::nameToPseudoTypeMap): Ditto.
3140         (WebCore::CSSSelector::extractPseudoType): Ditto.
3141         * css/CSSSelector.h: Ditto.
3142         * css/mediaControls.css: Added proper initial values, now that elements use the proper selector pipeline.
3143         * rendering/MediaControlElements.cpp:
3144         (WebCore::MediaControlInputElement::MediaControlInputElement): Removed the switch statement,
3145             which is now replaced with virtual shadowPseudoId on each corresponding class.
3146         (WebCore::MediaControlInputElement::styleForElement): Changed to use element pipeline.
3147         (WebCore::MediaControlMuteButtonElement::MediaControlMuteButtonElement): Changed to set
3148             display type in constructor.
3149         (WebCore::MediaControlMuteButtonElement::create): Changed to not take PseudoId as
3150             constructor argument.
3151         (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Added.
3152         (WebCore::MediaControlVolumeSliderMuteButtonElement::MediaControlVolumeSliderMuteButtonElement): Added
3153             to disambiguate from the MediaControlMuteButtonElement.
3154         (WebCore::MediaControlVolumeSliderMuteButtonElement::create): Added.
3155         (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Added.
3156         (WebCore::MediaControlPlayButtonElement::MediaControlPlayButtonElement): Changed to not take PseudoId as
3157             constructor argument.
3158         (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Added.
3159         (WebCore::MediaControlSeekButtonElement::MediaControlSeekButtonElement): Changed to not take PseudoId as
3160             constructor argument.
3161         (WebCore::MediaControlSeekForwardButtonElement::MediaControlSeekForwardButtonElement): Added.
3162         (WebCore::MediaControlSeekForwardButtonElement::create): Added.
3163         (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Added.
3164         (WebCore::MediaControlSeekBackButtonElement::MediaControlSeekBackButtonElement): Added.
3165         (WebCore::MediaControlSeekBackButtonElement::create): Added.
3166         (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Added.
3167         (WebCore::MediaControlRewindButtonElement::MediaControlRewindButtonElement): Added.
3168         (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Added.
3169         (WebCore::MediaControlReturnToRealtimeButtonElement::MediaControlReturnToRealtimeButtonElement): Changed to not take PseudoId as
3170             constructor argument.
3171         (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Added.
3172         (WebCore::MediaControlToggleClosedCaptionsButtonElement::MediaControlToggleClosedCaptionsButtonElement): Changed to not take PseudoId as
3173             constructor argument.
3174         (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Added.
3175         (WebCore::MediaControlTimelineElement::MediaControlTimelineElement): Changed to not take PseudoId as
3176             constructor argument.
3177         (WebCore::MediaControlTimelineElement::shadowPseudoId): Added.
3178         (WebCore::MediaControlVolumeSliderElement::MediaControlVolumeSliderElement): Changed to not take PseudoId as
3179             constructor argument.
3180         (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Added.
3181         (WebCore::MediaControlFullscreenButtonElement::MediaControlFullscreenButtonElement): Changed to not take PseudoId as
3182             constructor argument.
3183         (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Added.
3184         * rendering/MediaControlElements.h:
3185         (WebCore::MediaControlSeekForwardButtonElement::isForwardButton): Added.
3186         (WebCore::MediaControlSeekBackButtonElement::isForwardButton): Added.
3187         * rendering/RenderMedia.cpp:
3188         (WebCore::RenderMedia::createMuteButton): Changed to use new constructor.
3189         (WebCore::RenderMedia::createSeekBackButton): Ditto.
3190         (WebCore::RenderMedia::createSeekForwardButton): Ditto.
3191         (WebCore::RenderMedia::createVolumeSliderMuteButton): Ditto.
3192         * rendering/style/RenderStyleConstants.h: Removed constants that are no longer used.
3193
3194 2011-01-26  Kenneth Russell  <kbr@google.com>
3195
3196         Reviewed by James Robinson.
3197
3198         Fix multisampling support in DrawingBuffer
3199         https://bugs.webkit.org/show_bug.cgi?id=53154
3200
3201         In DrawingBuffer's multisampling code path, fixed enum usage and a
3202         bug where it would incorrectly redefine the depth and stencil
3203         buffers. Hooked up multisampling code path in Chromium port.
3204
3205         Tested manually with some accelerated 2D canvas content.
3206         Multisampling isn't being switched on for the accelerated 2D
3207         canvas at the current time because it will increase fill rate
3208         requirements and cause a large number of rebaselines.
3209
3210         * platform/graphics/Extensions3D.h:
3211         * platform/graphics/chromium/DrawingBufferChromium.cpp:
3212         (WebCore::DrawingBuffer::publishToPlatformLayer):
3213         * platform/graphics/chromium/Extensions3DChromium.h:
3214         * platform/graphics/gpu/DrawingBuffer.cpp:
3215         (WebCore::DrawingBuffer::create):
3216         (WebCore::DrawingBuffer::reset):
3217         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
3218         (WebCore::Extensions3DOpenGL::supports):
3219
3220 2011-01-26  Tony Chang  <tony@chromium.org>
3221
3222         Unreviewed.
3223
3224         [chromium] revert r68310 because of race conditions detected by tsans
3225         https://bugs.webkit.org/show_bug.cgi?id=53185
3226
3227         Causes stability problems for Chromium, http://crbug.com/70589
3228
3229         * platform/sql/chromium/SQLiteFileSystemChromiumPosix.cpp:
3230         (WebCore::SQLiteFileSystem::registerSQLiteVFS):
3231
3232 2011-01-26  Justin Schuh  <jschuh@chromium.org>
3233
3234         Reviewed by Adam Barth.
3235
3236         Make fireEventsAndUpdateStyle use stack local vectors. 
3237         https://bugs.webkit.org/show_bug.cgi?id=46760
3238
3239         Test: animations/animation-add-events-in-handler.html
3240
3241         * page/animation/AnimationController.cpp:
3242         (WebCore::AnimationControllerPrivate::fireEventsAndUpdateStyle):
3243
3244 2011-01-26  Nate Chapin  <japhet@chromium.org>
3245
3246         Reviewed by Adam Barth.
3247
3248         Remove m_URL from FrameLoader and depend on Document::url()
3249         instead. FrameLoader::url() will be removed in a followup patch.
3250         https://bugs.webkit.org/show_bug.cgi?id=41165
3251
3252         Refactor only, no new tests.
3253
3254         * WebCore.exp.in:
3255         * dom/Document.cpp:
3256         (WebCore::Document::Document):
3257         (WebCore::Document::updateURLForPushOrReplaceState):
3258         * loader/DocumentWriter.cpp:
3259         (WebCore::DocumentWriter::begin):
3260         * loader/FrameLoader.cpp:
3261         (WebCore::FrameLoader::iconURL):
3262         (WebCore::FrameLoader::didOpenURL):
3263         (WebCore::FrameLoader::didExplicitOpen):
3264         (WebCore::FrameLoader::receivedFirstData):
3265         (WebCore::FrameLoader::url):
3266         (WebCore::FrameLoader::setOutgoingReferrer):
3267         (WebCore::FrameLoader::startIconLoader):
3268         (WebCore::FrameLoader::commitIconURLToIconDatabase):
3269         (WebCore::FrameLoader::finishedParsing):
3270         (WebCore::FrameLoader::checkIfDisplayInsecureContent):
3271         (WebCore::FrameLoader::checkIfRunInsecureContent):
3272         (WebCore::FrameLoader::updateFirstPartyForCookies):
3273         (WebCore::FrameLoader::loadInSameDocument):
3274         (WebCore::FrameLoader::commitProvisionalLoad):
3275         (WebCore::FrameLoader::open):
3276         (WebCore::FrameLoader::shouldScrollToAnchor):
3277         * loader/FrameLoader.h: Rename setURL() to setOutgoingReferrer().
3278
3279 2011-01-25  Brian Weinstein  <bweinstein@apple.com>
3280
3281         Reviewed by Antti Koivisto.
3282
3283         Crashes loading pages when cancelling subresource loads through WebKit
3284         https://bugs.webkit.org/show_bug.cgi?id=53123
3285         <rdar://problem/8914361>
3286         
3287         Fix a crash that happened when cancelling subresource loads through WebKit.
3288         
3289         When a load is cancelled synchronously (via the WebKit client), CachedResourceLoader::requestResource 
3290         can be called recursively on the same function, either leading to infinite recursion, or deleting 
3291         an object when it is not done being used.
3292         
3293         The fix for this was to call checkForPendingPreloads and servePendingRequests asynchronously when 
3294         CachedResourceLoader::loadDone was called synchronously (due to the load being cancelled synchronously).
3295
3296         Test: fast/loader/willSendRequest-null-for-preload.html
3297
3298         * loader/DocumentLoader.cpp:
3299         (WebCore::DocumentLoader::setRequest): Only dispatch didReceiveServerRedirectForProvisionalLoadForFrame 
3300             if our new URL is non-null.
3301         * loader/cache/CachedResourceLoader.cpp:
3302         (WebCore::CachedResourceLoader::CachedResourceLoader): Initialize our timer.
3303         (WebCore::CachedResourceLoader::loadDone): If the CachedResource we were passed in was 0, that means this 
3304             function was called synchronously
3305             from CachedResourceRequest::load, and we don't want to call into checkForPendingPreloads synchronously, 
3306             so put it on a 0-delay timer to make the calls to checkForPendingPreloads and servePendingRequests asynchronous.
3307         (WebCore::CachedResourceLoader::loadDonePendingActionTimerFired): Call checkForPendingPreloads and servePendingRequests.
3308         (WebCore::CachedResourceLoader::checkForPendingPreloads): m_pendingPreloads is now a Deque instead of a Vector, 
3309             so use Deque methods.
3310         * loader/cache/CachedResourceLoader.h: Add the timer, the timer callback function, and make m_pendingPreloads a Deque.
3311
3312 2011-01-25  Pavel Podivilov  <podivilov@chromium.org>
3313
3314         Reviewed by Pavel Feldman.
3315
3316         Web Inspector: evaluate in console may not work when window.console is substituted or deleted.
3317         https://bugs.webkit.org/show_bug.cgi?id=53072
3318
3319         Test: inspector/console-substituted.html
3320
3321         * inspector/InjectedScriptSource.js:
3322         (.):
3323
3324 2011-01-26  Carlos Garcia Campos  <cgarcia@igalia.com>
3325
3326         Reviewed by Martin Robinson.
3327
3328         [cairo] Use CAIRO_OPERATOR_DARKEN when available
3329         https://bugs.webkit.org/show_bug.cgi?id=53084
3330
3331         Use CAIRO_OPERATOR_DARKEN for CompositePlusDarker instead of
3332         CAIRO_OPERATOR_SATURATE when building with cairo version >= 1.10.
3333
3334         * platform/graphics/cairo/CairoUtilities.cpp:
3335         (WebCore::toCairoOperator):
3336
3337 2011-01-26  Pavel Feldman  <pfeldman@chromium.org>
3338
3339         Reviewed by Yury Semikhatsky.
3340
3341         Web Inspector: visualize \n in strings as unicode cr
3342         symbol in stack variables sidebar.
3343         https://bugs.webkit.org/show_bug.cgi?id=53162
3344
3345         * inspector/front-end/ObjectPropertiesSection.js:
3346         (WebInspector.ObjectPropertyTreeElement.prototype.update):
3347
3348 2011-01-26  Andrey Kosyakov  <caseq@chromium.org>
3349
3350         Reviewed by Pavel Feldman.
3351
3352         Web Inspector: size is wrong for cached resources in Network panel
3353         - Set the size for 304/not modified resources from cached resource.
3354         - Add response headers size to resource transfer size.
3355         https://bugs.webkit.org/show_bug.cgi?id=52886
3356
3357         * inspector/InspectorResourceAgent.cpp:
3358         (WebCore::InspectorResourceAgent::didReceiveResponse):
3359         * inspector/front-end/Resource.js:
3360         (WebInspector.Resource):
3361         (WebInspector.Resource.prototype.get transferSize):
3362         (WebInspector.Resource.prototype.set responseHeaders):
3363         (WebInspector.Resource.prototype._headersSize):
3364         (WebInspector.Resource.prototype._mimeTypeIsConsistentWithType):
3365
3366 2011-01-26  Carol Szabo  <carol.szabo@nokia.com>
3367
3368         Reviewed by Simon Hausmann.
3369
3370         Fixed TiledBacking store to take into account new dirty regions caused by
3371         paint time layouts.
3372
3373         Flawed rendering design for QtWebKit resulting in artifacts being displayed
3374         https://bugs.webkit.org/show_bug.cgi?id=49184
3375
3376         There are no new tests as this patch aims at fixing flicker that
3377         happen randomly, mostly on slow hardware, thus are hard to reproduce
3378         consistently in an automated test.
3379
3380         This patch does not fully address the said bug but it is a step in the
3381         right direction. A full solution to the bug, as currently perceived,
3382         requires either a Qt GUI API change, a performance hit for QtWebKit,
3383         or a hack, until a full solution is provided this patch is progress.
3384
3385         * platform/graphics/TiledBackingStore.cpp:
3386         (WebCore::TiledBackingStore::updateTileBuffers):
3387         Changed to take into account newly dirtied areas created during
3388         tile update initiated layouts during the same update.
3389
3390 2011-01-26  Patrick Gansterer  <paroga@webkit.org>
3391
3392         Reviewed by Andreas Kling.
3393
3394         [SKIA] Remove "current path" of GraphicsContext
3395         https://bugs.webkit.org/show_bug.cgi?id=53124
3396
3397         * platform/graphics/GraphicsContext.h:
3398         * platform/graphics/skia/GraphicsContextSkia.cpp:
3399         (WebCore::GraphicsContext::clipPath):
3400         (WebCore::GraphicsContext::fillPath):
3401         (WebCore::GraphicsContext::strokePath):
3402         * platform/graphics/skia/PathSkia.cpp:
3403         (WebCore::Path::strokeBoundingRect):
3404         * platform/graphics/skia/PlatformContextSkia.cpp:
3405         * platform/graphics/skia/PlatformContextSkia.h:
3406
3407 2011-01-26  Zalan Bujtas <zbujtas@gmail.com>
3408
3409         Reviewed by Andreas Kling.
3410
3411         [Qt] Path::normalAngleAtLength() returns incorrect value on ACID3.
3412
3413         QPainterPath returns angle values with the origo being at the top left corner,
3414         we need to account for this in normalAngleAtLength().
3415         This Regressed with r66979.
3416
3417         No new tests as this is already covered by ACID3.
3418
3419         * platform/graphics/qt/PathQt.cpp:
3420         (WebCore::Path::normalAngleAtLength):
3421
3422 2011-01-26  Pavel Feldman  <pfeldman@chromium.org>
3423
3424         Reviewed by Yury Semikhatsky.
3425
3426         Web Inspector: live edit does not update source snippet.
3427         https://bugs.webkit.org/show_bug.cgi?id=53097
3428
3429         * inspector/front-end/ScriptsPanel.js:
3430         (WebInspector.ScriptsPanel.prototype._scriptSourceChanged):
3431
3432 2011-01-26  Pavel Feldman  <pfeldman@chromium.org>
3433
3434         Reviewed by Yury Semikhatsky.
3435
3436         Web Inspector: Incorrect on-hover evaluation of a variable named 'profile'.
3437         https://bugs.webkit.org/show_bug.cgi?id=53018
3438
3439         * inspector/InjectedScript.cpp:
3440         (WebCore::InjectedScript::evaluate):
3441         (WebCore::InjectedScript::evaluateOnCallFrame):
3442         (WebCore::InjectedScript::getCompletions):
3443         (WebCore::InjectedScript::getCompletionsOnCallFrame):
3444         * inspector/InjectedScript.h:
3445         * inspector/InjectedScriptSource.js:
3446         (.):
3447         * inspector/Inspector.idl:
3448         * inspector/InspectorDebuggerAgent.cpp:
3449         (WebCore::InspectorDebuggerAgent::evaluateOnCallFrame):
3450         (WebCore::InspectorDebuggerAgent::getCompletionsOnCallFrame):
3451         * inspector/InspectorDebuggerAgent.h:
3452         * inspector/InspectorRuntimeAgent.cpp:
3453         (WebCore::InspectorRuntimeAgent::evaluate):
3454         (WebCore::InspectorRuntimeAgent::getCompletions):
3455         * inspector/InspectorRuntimeAgent.h:
3456         * inspector/front-end/ConsoleView.js:
3457         (WebInspector.ConsoleView.prototype.completions):