Fix null handling of HTMLFrameElement.marginWidth / marginHeight
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-07-20  Chris Dumez  <cdumez@apple.com>
2
3         Fix null handling of HTMLFrameElement.marginWidth / marginHeight
4         https://bugs.webkit.org/show_bug.cgi?id=159987
5
6         Reviewed by Ryosuke Niwa.
7
8         Fix null handling of HTMLFrameElement.marginWidth / marginHeight:
9         - https://html.spec.whatwg.org/multipage/obsolete.html#htmlframeelement
10
11         We are supposed to treat null as the empty string but we treat it as
12         the string "null".
13
14         Firefox and Chrome both match the specification.
15
16         No new tests, updated existing tests.
17
18         * html/HTMLFrameElement.idl:
19
20 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
21
22         Pausing autoplayed media should not remove all restrictions for that media element
23         https://bugs.webkit.org/show_bug.cgi?id=159988
24
25         Reviewed by Jon Lee.
26
27         Localizes the removal of behavior restrictions introduced in r203464 upon pausing an
28         autoplaying video to just affect the hiding or showing of the media controller. This
29         prevents pages from using Javascript to start playing autoplaying videos that have
30         been paused by the user.
31
32         * html/HTMLMediaElement.cpp:
33         (WebCore::HTMLMediaElement::pause):
34
35 2016-07-20  Myles C. Maxfield  <mmaxfield@apple.com>
36
37         [iPhone] Playing a video on tudou.com plays only sound, no video
38         https://bugs.webkit.org/show_bug.cgi?id=159967
39         <rdar://problem/26964090>
40
41         Reviewed by Jon Lee.
42
43         WebKit recently starting honoring the playsinline and webkit-playsinline
44         attribute on iPhones. However, because these attributes previously did
45         nothing, some sites (such as Todou) were setting them on their content
46         and expecting that they are not honored. In this specific case, the
47         video is absolutely positioned to be 1 pixel x 1 pixel.
48
49         Previously, with iOS 9, apps could set the allowsInlineMediaPlayback
50         property on their WKWebView, which would honor the webkit-playsinline
51         attribute. Safari on iPhones didn't do this.
52
53         In order to not break these existing apps, it's important that the
54         allowsInlineMediaPlayback preference still allows webkit-playsinline
55         videos to play inline in apps using WKWebView. However, in Safari, these
56         videos should play fullscreen. (Todou videos have webkit-playsinline
57         but not playsinline.)
58
59         Therefore, in Safari, videos with playsinline should be inline, but
60         videos with webkit-playsinline should be fullscreen. In apps using
61         WKWebViews, if the app sets allowsInlineMediaPlayback, then videos with
62         playsinline should be inline, and videos with webkit-playsinline should
63         also be inline. Videos on iPad and Mac should all be inline by default.
64
65         We can create some truth tables for the cases which need to be covered:
66
67         All apps on Mac / iPad:
68         Presence of playsinline | Presence of webkit-playsinline | Result
69         ========================|================================|===========
70         Not present             | Not present                    | Inline
71         Present                 | Not present                    | Inline
72         Not Present             | Present                        | Inline
73         Present                 | Present                        | Inline
74
75         Safari on iPhone:
76         Presence of playsinline | Presence of webkit-playsinline | Result
77         ========================|================================|===========
78         Not present             | Not present                    | Fullscreen
79         Present                 | Not present                    | Inline
80         Not Present             | Present                        | Fullscreen
81         Present                 | Present                        | Inline
82
83         App on iPhone which sets allowsInlineMediaPlayback:
84         Presence of playsinline | Presence of webkit-playsinline | Result
85         ========================|================================|===========
86         Not present             | Not present                    | Fullscreen
87         Present                 | Not present                    | Inline
88         Not Present             | Present                        | Inline
89         Present                 | Present                        | Inline
90
91         The way to distinguish Safari from another app is to create an SPI
92         boolean preference which Safari can set. This is already how the
93         iPhone and iPad are differentiated using the requiresPlayInlineAttribute
94         which Safari sets but other apps don't. However, this preference is
95         no longer sufficient because Safari should now be discriminating
96         between the playsinline and webkit-playsinline attributes. Therefore,
97         this preference should be extended to two boolean preferences, which
98         this patch adds:
99
100         allowsInlineMediaPlaybackWithPlaysInlineAttribute
101         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute
102
103         Safari on iPhone will set
104         allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to true,
105         and allowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute to
106         false. Other apps on iPhone will get their defaults values (because they
107         are SPI) which means they will both be true. On iPad and Mac, apps will
108         use the defaults values where both are false.
109
110         This patch adds support for these two preferences, but does not remove
111         the existing inlineMediaPlaybackRequiresPlaysInlineAttribute preference.
112         I will remove the exising preference as soon as I update Safari to migrate
113         off of it.
114
115         Test: media/video-playsinline.html
116
117         * html/MediaElementSession.cpp:
118         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
119         * page/Settings.cpp:
120         * page/Settings.in:
121         * testing/InternalSettings.cpp:
122         (WebCore::InternalSettings::Backup::Backup):
123         (WebCore::InternalSettings::Backup::restoreTo):
124         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithPlaysInlineAttribute):
125         (WebCore::InternalSettings::setAllowsInlineMediaPlaybackWithWebKitPlaysInlineAttribute):
126         * testing/InternalSettings.h:
127         * testing/InternalSettings.idl:
128
129 2016-07-20  Chris Dumez  <cdumez@apple.com>
130
131         Get rid of custom bindings code for XMLHttpRequest.open()
132         https://bugs.webkit.org/show_bug.cgi?id=159984
133
134         Reviewed by Ryosuke Niwa.
135
136         Get rid of custom bindings code for XMLHttpRequest.open() as the
137         bindings generator is able to generate it.
138
139         Relevant specification:
140         - https://xhr.spec.whatwg.org/#xmlhttprequest
141
142         The issue is that legacy content prevents treating the 'async' argument
143         being undefined identical from it being omitted. However, this can be
144         achieved by using overloading in IDL, like in the specification.
145
146         No new tests, already covered by the following tests:
147         - http/tests/xmlhttprequest/basic-auth.html
148         - http/tests/xmlhttprequest/open-async-overload.html
149
150         * bindings/js/JSXMLHttpRequestCustom.cpp:
151         (WebCore::SendFunctor::SendFunctor): Deleted.
152         (WebCore::SendFunctor::line): Deleted.
153         (WebCore::SendFunctor::column): Deleted.
154         (WebCore::SendFunctor::url): Deleted.
155         (WebCore::SendFunctor::operator()): Deleted.
156         * xml/XMLHttpRequest.cpp:
157         (WebCore::XMLHttpRequest::open):
158         * xml/XMLHttpRequest.h:
159         * xml/XMLHttpRequest.idl:
160
161 2016-07-20  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
162
163         Mark overriden methods in WebCore/svg final classes as final
164         https://bugs.webkit.org/show_bug.cgi?id=159966
165
166         Reviewed by Michael Catanzaro.
167
168         Update WebCore/svg classes so that overriden methods in final classes are marked final.
169
170         * svg/SVGAElement.h:
171         * svg/SVGAltGlyphDefElement.h:
172         * svg/SVGAltGlyphItemElement.h:
173         * svg/SVGAnimateTransformElement.h:
174         * svg/SVGAnimatedColor.h:
175         * svg/SVGCircleElement.h:
176         * svg/SVGClipPathElement.h:
177         * svg/SVGCursorElement.h:
178         * svg/SVGDefsElement.h:
179         * svg/SVGDescElement.h:
180         * svg/SVGEllipseElement.h:
181         * svg/SVGFEMergeNodeElement.h:
182         * svg/SVGFilterElement.h:
183         * svg/SVGFontElement.h:
184         * svg/SVGFontFaceElement.h:
185         * svg/SVGFontFaceFormatElement.h:
186         * svg/SVGFontFaceNameElement.h:
187         * svg/SVGFontFaceSrcElement.h:
188         * svg/SVGFontFaceUriElement.h:
189         * svg/SVGForeignObjectElement.h:
190         * svg/SVGGElement.h:
191         * svg/SVGGlyphElement.h:
192         * svg/SVGGlyphRefElement.h:
193         * svg/SVGHKernElement.h:
194         * svg/SVGImageElement.h:
195         * svg/SVGLineElement.h:
196         * svg/SVGMPathElement.h:
197         * svg/SVGMaskElement.h:
198         * svg/SVGMetadataElement.h:
199         * svg/SVGMissingGlyphElement.h:
200         * svg/SVGPathBuilder.h:
201         * svg/SVGPathByteStreamBuilder.h:
202         * svg/SVGPathByteStreamSource.h:
203         * svg/SVGPathElement.h:
204         * svg/SVGPathSegArcAbs.h:
205         * svg/SVGPathSegArcRel.h:
206         * svg/SVGPathSegClosePath.h:
207         * svg/SVGPathSegCurvetoCubicAbs.h:
208         * svg/SVGPathSegCurvetoCubicRel.h:
209         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
210         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
211         * svg/SVGPathSegCurvetoQuadraticAbs.h:
212         * svg/SVGPathSegCurvetoQuadraticRel.h:
213         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
214         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
215         * svg/SVGPathSegLinetoAbs.h:
216         * svg/SVGPathSegLinetoHorizontalAbs.h:
217         * svg/SVGPathSegLinetoHorizontalRel.h:
218         * svg/SVGPathSegLinetoRel.h:
219         * svg/SVGPathSegLinetoVerticalAbs.h:
220         * svg/SVGPathSegLinetoVerticalRel.h:
221         * svg/SVGPathSegListBuilder.h:
222         * svg/SVGPathSegListSource.h:
223         * svg/SVGPathSegMovetoAbs.h:
224         * svg/SVGPathSegMovetoRel.h:
225         * svg/SVGPathStringSource.h:
226         * svg/SVGPathTraversalStateBuilder.h:
227         * svg/SVGPatternElement.h:
228         * svg/SVGRectElement.h:
229         * svg/SVGScriptElement.h:
230         * svg/SVGStopElement.h:
231         * svg/SVGStyleElement.h:
232         * svg/SVGSwitchElement.h:
233         * svg/SVGTRefElement.cpp:
234         * svg/SVGTitleElement.h:
235         * svg/SVGToOTFFontConversion.cpp:
236         * svg/SVGUnknownElement.h:
237         * svg/SVGVKernElement.h:
238         * svg/SVGViewElement.h:
239         * svg/SVGZoomEvent.h:
240         * svg/animation/SVGSMILElement.cpp:
241         * svg/graphics/SVGImage.h:
242         * svg/graphics/SVGImageClients.h:
243         * svg/graphics/SVGImageForContainer.h:
244         * svg/graphics/filters/SVGFEImage.h:
245         * svg/graphics/filters/SVGFilter.h:
246         * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
247         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
248         * svg/properties/SVGAnimatedPropertyTearOff.h:
249         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
250         * svg/properties/SVGMatrixTearOff.h:
251         * svg/properties/SVGPathSegListPropertyTearOff.h:
252
253 2016-07-20  Brady Eidson  <beidson@apple.com>
254
255         Transition most IDB interfaces from ScriptExecutionContext to ExecState.
256         https://bugs.webkit.org/show_bug.cgi?id=159975
257
258         Reviewed by Alex Christensen.
259
260         No new tests (No known behavior change).
261
262         * Modules/indexeddb/IDBCursor.cpp:
263         (WebCore::IDBCursor::continueFunction):
264         (WebCore::IDBCursor::deleteFunction):
265         * Modules/indexeddb/IDBCursor.h:
266         * Modules/indexeddb/IDBCursor.idl:
267
268         * Modules/indexeddb/IDBDatabase.idl:
269
270         * Modules/indexeddb/IDBFactory.cpp:
271         (WebCore::IDBFactory::cmp):
272         * Modules/indexeddb/IDBFactory.h:
273         * Modules/indexeddb/IDBFactory.idl:
274
275         * Modules/indexeddb/IDBIndex.cpp:
276         (WebCore::IDBIndex::openCursor):
277         (WebCore::IDBIndex::count):
278         (WebCore::IDBIndex::doCount):
279         (WebCore::IDBIndex::openKeyCursor):
280         (WebCore::IDBIndex::get):
281         (WebCore::IDBIndex::doGet):
282         (WebCore::IDBIndex::getKey):
283         (WebCore::IDBIndex::doGetKey):
284         * Modules/indexeddb/IDBIndex.h:
285         * Modules/indexeddb/IDBIndex.idl:
286
287         * Modules/indexeddb/IDBKeyRange.cpp:
288         (WebCore::IDBKeyRange::only): Deleted.
289         * Modules/indexeddb/IDBKeyRange.h:
290
291         * Modules/indexeddb/IDBObjectStore.cpp:
292         (WebCore::IDBObjectStore::openCursor):
293         (WebCore::IDBObjectStore::get):
294         (WebCore::IDBObjectStore::putOrAdd):
295         (WebCore::IDBObjectStore::deleteFunction):
296         (WebCore::IDBObjectStore::doDelete):
297         (WebCore::IDBObjectStore::modernDelete):
298         (WebCore::IDBObjectStore::clear):
299         (WebCore::IDBObjectStore::createIndex):
300         (WebCore::IDBObjectStore::count):
301         (WebCore::IDBObjectStore::doCount):
302         * Modules/indexeddb/IDBObjectStore.h:
303         * Modules/indexeddb/IDBObjectStore.idl:
304
305         * Modules/indexeddb/IDBTransaction.cpp:
306         (WebCore::IDBTransaction::requestOpenCursor):
307         (WebCore::IDBTransaction::doRequestOpenCursor):
308         (WebCore::IDBTransaction::requestGetRecord):
309         (WebCore::IDBTransaction::requestGetValue):
310         (WebCore::IDBTransaction::requestGetKey):
311         (WebCore::IDBTransaction::requestIndexRecord):
312         (WebCore::IDBTransaction::requestCount):
313         (WebCore::IDBTransaction::requestDeleteRecord):
314         (WebCore::IDBTransaction::requestClearObjectStore):
315         (WebCore::IDBTransaction::requestPutOrAdd):
316         * Modules/indexeddb/IDBTransaction.h:
317
318         * inspector/InspectorIndexedDBAgent.cpp:
319
320 2016-07-20  Wenson Hsieh  <wenson_hsieh@apple.com>
321
322         Media controls don't appear when pausing a small autoplaying video
323         https://bugs.webkit.org/show_bug.cgi?id=159972
324         <rdar://problem/27180657>
325
326         Reviewed by Beth Dakin.
327
328         When pausing an autoplaying video, remove behavior restrictions for the
329         initial user gesture and show media controls.
330
331         New WebKit API test. See VideoControlsManagerSingleSmallAutoplayingVideo.
332
333         * html/HTMLMediaElement.cpp:
334         (WebCore::HTMLMediaElement::pause):
335
336 2016-07-20  Chris Dumez  <cdumez@apple.com>
337
338         Fix null handling of HTMLMediaElement.mediaGroup
339         https://bugs.webkit.org/show_bug.cgi?id=159974
340
341         Reviewed by Eric Carlson.
342
343         Fix null handling of HTMLMediaElement.mediaGroup to match the specification:
344         - https://www.w3.org/TR/html5/embedded-content-0.html#media-elements
345
346         null is supposed to be treated as the String "null". This patch aligns
347         our behavior with the specification. I tested Firefox and Chrome but both
348         do not have this attribute on HTMLMediaElement.
349
350         Also remove support for [TreatNullAs=LegacyNullString] from our bindings
351         generator as HTMLMediaElement.mediaGroup was the last user.
352
353         No new tests, rebaselined existing test.
354
355         * bindings/scripts/CodeGeneratorJS.pm:
356         (JSValueToNative):
357         * bindings/scripts/IDLAttributes.txt:
358         * html/HTMLMediaElement.idl:
359
360 2016-07-20  Chris Dumez  <cdumez@apple.com>
361
362         CSSStyleDeclaration.setProperty() should be able to unset "important" on a property
363         https://bugs.webkit.org/show_bug.cgi?id=159959
364
365         Reviewed by Alexey Proskuryakov.
366
367         CSSStyleDeclaration.setProperty() should be able to unsert "important"
368         on a property as per the latest specification:
369         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-setproperty
370         - https://drafts.csswg.org/cssom/#dom-cssstyledeclaration-camel-cased-attribute
371
372         Firefox and Chrome match the specification here but WebKit was ignoring calls
373         to setProperty() if there is already an "important" property wit this name
374         and if the new property does not have the "important" flag set.
375
376         This behavior was added a long time ago via Bug 60007. However, it does not
377         match the latest specification or other browsers.
378
379         Test: fast/css/CSSStyleDeclaration-setProperty-unset-important.html
380
381         * css/StyleProperties.cpp:
382         (WebCore::MutableStyleProperties::addParsedProperty):
383         Drop code that was added via Bug 60007 as this behavior no longer matches the
384         specification or other browsers. The layout test added in Bug 60007 fails in
385         other browsers and was updated in this patch to match the specification.
386
387 2016-07-20  Commit Queue  <commit-queue@webkit.org>
388
389         Unreviewed, rolling out r203423.
390         https://bugs.webkit.org/show_bug.cgi?id=159977
391
392         The test for this change is failing on Mac Release WK2
393         (Requested by ryanhaddad on #webkit).
394
395         Reverted changeset:
396
397         "HTMLVideoElement frames do not update on iOS when src is a
398         MediaStream blob"
399         https://bugs.webkit.org/show_bug.cgi?id=159833
400         http://trac.webkit.org/changeset/203423
401
402 2016-07-20  Chris Dumez  <cdumez@apple.com>
403
404         Fix null handling of HTMLSelectElement.value attribute
405         https://bugs.webkit.org/show_bug.cgi?id=159925
406
407         Reviewed by Benjamin Poulain.
408
409         Fix null handling of HTMLSelectElement.value attribute:
410         - https://html.spec.whatwg.org/multipage/forms.html#htmlselectelement
411
412         We were treating null as the null String which would end up setting
413         selectedIndex to -1. However, we should treat null as the String "null"
414         which would set the selectedIndex to the index of the <option> element
415         whose value is "null".
416
417         Firefox and Chrome match the specification.
418
419         Test: fast/dom/HTMLSelectElement/value-null-handling.html
420
421         * html/HTMLSelectElement.cpp:
422         (WebCore::HTMLSelectElement::setValue):
423         * html/HTMLSelectElement.idl:
424
425 2016-07-20  Chris Dumez  <cdumez@apple.com>
426
427         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender is alive
428         https://bugs.webkit.org/show_bug.cgi?id=159962
429         <rdar://problem/21439264>
430
431         Reviewed by David Kilzer.
432
433         PostResolutionCallbackDisabler can resume pending requests while a ResourceLoadSuspender
434         is alive. We have both PostResolutionCallbackDisabler and ResourceLoadSuspender that
435         call LoaderStrategy::suspendPendingRequests() / LoaderStrategy::resumePendingRequests().
436         However, PostResolutionCallbackDisabler and ResourceLoadSuspender are not aware of each
437         other. It is therefore possible for a PostResolutionCallbackDisabler object to get
438         destroyed, causing LoaderStrategy::resumePendingRequests() to be called while a
439         ResourceLoadSuspender object is alive.
440
441         This leads to hard to investigate crashes where we end up re-entering WebKit and killing
442         the style resolver.
443
444         This patch drops ResourceLoadSuspender and uses PostResolutionCallbackDisabler instead.
445         There was only one user of ResourceLoadSuspender and PostResolutionCallbackDisabler
446         is better because it manages a resolutionNestingDepth counter internally to make sure
447         it only calls LoaderStrategy::resumePendingRequests() once all
448         PostResolutionCallbackDisabler instances are destroyed.
449
450         No new tests, there is no easy way to reproduce the crashes.
451
452         * dom/Document.cpp:
453         (WebCore::Document::styleForElementIgnoringPendingStylesheets):
454         * loader/LoaderStrategy.cpp:
455         (WebCore::ResourceLoadSuspender::ResourceLoadSuspender): Deleted.
456         (WebCore::ResourceLoadSuspender::~ResourceLoadSuspender): Deleted.
457         * loader/LoaderStrategy.h:
458
459 2016-07-19  Youenn Fablet  <youenn@apple.com>
460
461         [Fetch API] Add a JS builtin to implement https://fetch.spec.whatwg.org/#concept-headers-fill
462         https://bugs.webkit.org/show_bug.cgi?id=159932
463
464         Reviewed by Alex Christensen.
465
466         Covered by existing tests.
467
468         Refactoring Headers initializeWith to use the new built-in internal that implements
469         https://fetch.spec.whatwg.org/#concept-headers-fill.
470
471         Refactoring Response constructor to put more checks in the JS builtin fucntion called within constructor.
472         Making use of the new built-in internal that implements https://fetch.spec.whatwg.org/#concept-headers-fill.
473
474         * CMakeLists.txt: Adding FetchHeadersInternals.js
475         * DerivedSources.make: Ditto.
476         * Modules/fetch/FetchHeaders.js:
477         (initializeFetchHeaders): Using fillFetchHeaders new built-in internal.
478         * Modules/fetch/FetchInternals.js: Added.
479         (fillFetchHeaders):
480         * Modules/fetch/FetchResponse.cpp: Refactoring to do more in the JS built-in. Splitting of initializeWith so
481         that the checks are done in the order defined by the spec.
482         (WebCore::FetchResponse::setStatus):
483         (WebCore::FetchResponse::initializeWith):
484         (WebCore::isNullBodyStatus): Deleted.
485         * Modules/fetch/FetchResponse.h:
486         * Modules/fetch/FetchResponse.idl:
487         * Modules/fetch/FetchResponse.js:
488         (initializeFetchResponse): New built-in internal.
489         * WebCore.xcodeproj/project.pbxproj:
490         * bindings/js/WebCoreBuiltinNames.h:
491
492 2016-07-19  Chris Dumez  <cdumez@apple.com>
493
494         Fix null handling of SVGScriptElement.type attribute
495         https://bugs.webkit.org/show_bug.cgi?id=159927
496
497         Reviewed by Benjamin Poulain.
498
499         Fix null handling of SVGScriptElement.type attribute:
500         - https://www.w3.org/TR/SVG2/interact.html#InterfaceSVGScriptElement
501
502         We were treating null as the null String which would end up removing
503         the 'type' content attribute. However, we should treat null as the
504         String "null".
505
506         Firefox and Chrome match the specification.
507
508         No new tests, updated existing test.
509
510         * svg/SVGScriptElement.idl:
511
512 2016-07-19  Chris Dumez  <cdumez@apple.com>
513
514         Fix null handling of several HTMLDocument attributes
515         https://bugs.webkit.org/show_bug.cgi?id=159923
516
517         Reviewed by Benjamin Poulain.
518
519         Fix null handling of several HTMLDocument attributes:
520         - https://html.spec.whatwg.org/multipage/dom.html#document
521         - https://html.spec.whatwg.org/multipage/obsolete.html#document-partial
522
523         In particular, null handling was incorrect in WebKit for 'dir',
524         'bgColor', 'fgColor', 'alinkColor', 'linkColor' and 'vlinkColor'.
525
526         Firefox and Chrome match the specification.
527
528         Test: fast/dom/HTMLDocument/null-handling.html
529
530         * html/HTMLDocument.idl:
531
532 2016-07-19  Chris Dumez  <cdumez@apple.com>
533
534         Document.createElementNS() / createAttributeNS() parameters should be mandatory
535         https://bugs.webkit.org/show_bug.cgi?id=159938
536
537         Reviewed by Benjamin Poulain.
538
539         Document.createElementNS() / createAttributeNS() parameters should be mandatory:
540         - https://dom.spec.whatwg.org/#document
541
542         They were optional in WebKit. However, Firefox and Chrome both match the
543         specification.
544
545         No new tests, rebaselined existing tests.
546
547         * dom/Document.idl:
548
549 2016-07-19  Benjamin Poulain  <bpoulain@apple.com>
550
551         Use getElementById for attribute matching if the attribute name is html's id
552         https://bugs.webkit.org/show_bug.cgi?id=159960
553
554         Reviewed by Chris Dumez.
555
556         Elliott Sprehn discovered YUI makes heavy uses of querySelector with [id=value]
557         (https://bugs.chromium.org/p/chromium/issues/detail?id=627242).
558
559         If we are not in quirks mode, IdForStyleResolution has the same value
560         as the Id attribute. We can use the same optimization for both cases.
561
562         Tests: fast/selectors/id-attribute-querySelector-used-as-id-selector-quirks.html
563                fast/selectors/id-attribute-querySelector-used-as-id-selector.html
564
565         * dom/SelectorQuery.cpp:
566         (WebCore::canBeUsedForIdFastPath):
567         (WebCore::findIdMatchingType):
568         (WebCore::SelectorDataList::SelectorDataList):
569         (WebCore::selectorForIdLookup):
570         (WebCore::filterRootById):
571
572 2016-07-19  Chris Dumez  <cdumez@apple.com>
573
574         Drop SVGElement.xmlbase attribute
575         https://bugs.webkit.org/show_bug.cgi?id=159926
576
577         Reviewed by Benjamin Poulain.
578
579         Drop SVGElement.xmlbase attribute as it is no longer part of the
580         specification:
581         - https://www.w3.org/TR/SVG2/types.html#InterfaceSVGElement
582
583         Both Firefox and Chrome have already dropped support for
584         SVGElement.xmlbase.
585
586         Chrome's intent to remove:
587         https://groups.google.com/a/chromium.org/forum/#!msg/blink-dev/TfwMq4d25hk/C-v_iC_wKfAJ
588
589         Test: svg/dom/SVGElement-xmlbase.html
590
591         * svg/SVGElement.cpp:
592         (WebCore::SVGElement::removedFrom): Deleted.
593         * svg/SVGElement.h:
594         * svg/SVGElement.idl:
595
596 2016-07-19  Chris Dumez  <cdumez@apple.com>
597
598         Align CSSStyleDeclaration.setProperty() with the specification
599         https://bugs.webkit.org/show_bug.cgi?id=159955
600
601         Reviewed by Benjamin Poulain.
602
603         Align CSSStyleDeclaration.setProperty() with the specification:
604         - https://drafts.csswg.org/cssom/#the-cssstyledeclaration-interface
605
606         In particular, the following changes were needed:
607         1. The 'value' parameter should not be optional
608         2. The 'priority' parameter should treat null as the empty string
609            rather than the string "null".
610         3. The 'priority' parameter's default value should be the empty string,
611            not the string "undefined".
612         4. CSSStyleDeclaration.setProperty() should return early if 'priority'
613            is not the empty string and is not an ASCII case-insensitive match
614            for the string "important".
615
616         Chrome matches the specification entirely.
617         Firefox matches the specification with the exception that it does a
618         case-sensitive match for "important".
619
620         Test: fast/css/CSSStyleDeclaration-setProperty.html
621
622         * css/CSSStyleDeclaration.idl:
623         * css/PropertySetCSSStyleDeclaration.cpp:
624         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
625
626 2016-07-19  Daniel Bates  <dabates@apple.com>
627
628         CSP: Improve support for multiple policies to more closely conform to the CSP Level 2 spec.
629         https://bugs.webkit.org/show_bug.cgi?id=159841
630         <rdar://problem/27381684>
631
632         Reviewed by Brent Fulgham.
633
634         Implement a first pass at sending multiple violation reports so as to more closely
635         conform to section Enforcing multiple policies of the Content Security Policy Level 2 spec.,
636         <https://w3c.github.io/webappsec-csp/2/> (Editor's Draft, 25 April 2016).
637
638         Tests: http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports.php
639                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy.php
640                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
641                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
642                http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
643                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy.php
644                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
645                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
646                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
647                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
648                http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
649                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-enforced-policy-and-not-in-report-only.html
650                http/tests/security/contentSecurityPolicy/1.1/scripthash-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
651                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy.php
652                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-enforced-policy-and-blocked-by-report-policy2.php
653                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy.php
654                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
655                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy.php
656                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy2.php
657                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy.php
658                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-allowed-by-report-policy2.php
659                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy.php
660                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2.php
661                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-enforced-policy-and-not-in-report-only.html
662                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-in-one-enforced-policy-neither-in-another-enforced-policy-nor-report-policy.html
663                http/tests/security/contentSecurityPolicy/1.1/scriptnonce-multiple-policies.html
664
665         * page/csp/ContentSecurityPolicy.cpp:
666         (WebCore::ContentSecurityPolicy::allPoliciesWithDispositionAllow): Added. Returns whether the resource
667         is allowed by all of the policies with the specified disposition.
668         (WebCore::ContentSecurityPolicy::allPoliciesAllow): Added. Returns whether the resource is allowed by
669         all of the enforced policies.
670         (WebCore::ContentSecurityPolicy::findHashOfContentInPolicies): Formerly named foundHashOfContentInAllPolicies.
671         Modified to return a ("has found hash in all enforced policies, "has found hash in all report-only policies)-pair
672         so that we can differentiate whether the hash violated an enforced policy or a report-only policy.
673         (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
674         (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
675         (WebCore::ContentSecurityPolicy::allowScriptWithNonce): For now only accept a nonce if it is allowed by
676         all enforced policies. As a side effect of this change is that we only send a CSP violation report when a
677         nonce violates a report-only policy only if the nonce also violates one or more enforced policies. We will
678         address this limitation in <https://bugs.webkit.org/show_bug.cgi?id=159830>.
679         (WebCore::ContentSecurityPolicy::allowStyleWithNonce): Ditto.
680         (WebCore::ContentSecurityPolicy::allowInlineScript): Differentiate between a hash/'unsafe-inline' that
681         matches/is contained in all enforce policies and a hash/'unsafe-inline' that matches/is contained in all
682         report-only policies so that we only allow the resource for the former. As a side effect of this change
683         we may report that a resource violated a policy even if it contained the hash. See <https://bugs.webkit.org/show_bug.cgi?id=159832>
684         for more details.
685         (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
686         (WebCore::ContentSecurityPolicy::allowEval): Write in terms of ContentSecurityPolicy::allPoliciesAllow().
687         (WebCore::ContentSecurityPolicy::allowFrameAncestors): Ditto.
688         (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
689         (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
690         (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
691         (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
692         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Ditto.
693         (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
694         (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
695         (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
696         (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
697         (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
698         (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
699         (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
700         (WebCore::ContentSecurityPolicy::foundHashOfContentInAllPolicies): Deleted.
701         * page/csp/ContentSecurityPolicy.h:
702         (WebCore::ContentSecurityPolicy::violatedDirectiveInAnyPolicy): Deleted.
703
704 2016-07-19  Chris Dumez  <cdumez@apple.com>
705
706         Fix null handling of HTMLScriptElement.text attribute
707         https://bugs.webkit.org/show_bug.cgi?id=159943
708
709         Reviewed by Benjamin Poulain.
710
711         Fix null handling of HTMLScriptElement.text attribute:
712         - https://html.spec.whatwg.org/multipage/scripting.html#the-script-element
713
714         We should treat null as the "null" String but we were treating it as
715         the empty string.
716
717         Firefox and Chrome match the specification.
718
719         No new tests, rebaselined existing test.
720
721         * html/HTMLScriptElement.idl:
722
723 2016-07-19  Chris Dumez  <cdumez@apple.com>
724
725         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]
726         https://bugs.webkit.org/show_bug.cgi?id=159934
727
728         Reviewed by Benjamin Poulain.
729
730         autocapitalize attribute should not use [TreatNullAs=LegacyNullString]. This is
731         non-standard and we want to drop support for it from the bindings generator.
732
733         Instead, use [TreatNullAs=EmptyString] in order to maintain existing behavior
734         given that both a missing/empty attribute result in using the default
735         autocapitalization mode and that autocapitalize returns the empty string by
736         default.
737
738         Test: platform/ios-simulator/ios/fast/forms/autocapitalize-null.html
739
740         * html/HTMLFormElement.idl:
741         * html/HTMLInputElement.idl:
742         * html/HTMLTextAreaElement.idl:
743
744 2016-07-19  Zalan Bujtas  <zalan@apple.com>
745
746         REGRESSION(r203415): ASSERTION FAILED: !m_layoutRoot->container() || !m_layoutRoot->container()->needsLayout()
747         https://bugs.webkit.org/show_bug.cgi?id=159952
748
749         Reviewed by Simon Fraser.
750
751         Update ASSERTs to reflect new functionality, that is, now we can end up in a state
752         where the container (RenderView) of one of the dirty subtrees is dirty.
753         See r203415.
754  
755         Covered by editing/pasteboard/drag-drop-input-in-svg.svg
756
757         * page/FrameView.cpp:
758         (WebCore::FrameView::scheduleRelayoutOfSubtree):
759
760 2016-07-19  Dean Jackson  <dino@apple.com>
761
762         REGRESSION(202927): The first slide is the only displayed slide when Quicklooking a Keynote file
763         https://bugs.webkit.org/show_bug.cgi?id=159948
764         <rdar://problem/27391012>
765
766         Reviewed by Simon Fraser.
767
768         There is an iOS bug (<rdar://problem/27416744>) that is causing us
769         to not always get a color space on CGContextRefs. Investigation of this
770         exposed some optimizations we can take when we are creating ImageBuffers.
771         In particular, if we have a bitmap context or an IOSurfaceContext we
772         can simply copy their color space using API. Otherwise we stick with
773         the existing CGContextCopyDeviceColorSpace.
774
775         Lastly, if for some reason we are unable to copy the device color space,
776         we should fall back to sRGB.
777
778         * platform/graphics/cg/ImageBufferCG.cpp:
779         (WebCore::ImageBuffer::createCompatibleBuffer):
780         * platform/spi/cg/CoreGraphicsSPI.h: Add some SPI and enums.
781
782
783 2016-07-19  George Ruan  <gruan@apple.com>
784
785         HTMLVideoElement frames do not update on iOS when src is a MediaStream blob
786         https://bugs.webkit.org/show_bug.cgi?id=159833
787         <rdar://problem/27379487>
788
789         Reviewed by Eric Carlson.
790
791         Test: fast/mediastream/MediaStream-video-element-displays-buffer.html
792
793         * WebCore.xcodeproj/project.pbxproj:
794         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Change create to return a Ref<T> instead
795         of RefPtr<T>
796         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h: Make observer of
797         MediaStreamTrackPrivate and make MediaPlayer use an AVSampleBufferDisplayLayer instead of CALayer.
798         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: Ditto.
799         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC): Clean up
800         observers and AVSampleBufferDisplayLayer
801         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Ensures AVSampleBufferDisplayLayer
802         is available.
803         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Placeholder.
804         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Responsible
805         for enqueuing sample buffers to the active video track.
806         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Ensures that an AVSampleBufferDisplayLayer
807         exists.
808         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Destroys the AVSampleBufferDisplayLayer.
809         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer): Replace CALayer with AVSampleBufferDisplayLayer.
810         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode): Ditto.
811         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated): Called from MediaStreamTrackPrivate when a
812         new SampleBuffer is available.
813         (WebCore::updateTracksOfType): Manage adding and removing self as observer from tracks.
814         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks): Replace CALayer with AVSampleBufferDisplayLayer
815         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::acceleratedRenderingStateChanged): Copied from
816         MediaPlayerPrivateMediaSourceAVFObjC.mm
817         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::load): Deleted CALayer.
818         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode): Deleted process of updating CALayer.
819         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateIntrinsicSize): Deleted CALayer.
820         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers): Deleted.
821         * platform/mediastream/MediaStreamPrivate.cpp:
822         (WebCore::MediaStreamPrivate::updateActiveVideoTrack): Remove redundant check.
823         * platform/mediastream/MediaStreamTrackPrivate.cpp:
824         (WebCore::MediaStreamTrackPrivate::sourceHasMoreMediaData): Called from RealtimeMediaSource when a new SampleBuffer
825         is available.
826         * platform/mediastream/MediaStreamTrackPrivate.h:
827         (WebCore::MediaStreamTrackPrivate::Observer::sampleBufferUpdated): Relays to MediaPlayerPrivateMediaStream that
828         a new SampleBuffer is available to enqueue to the AVSampleBufferDisplayLayer.
829         * platform/mediastream/RealtimeMediaSource.cpp:
830         (WebCore::RealtimeMediaSource::mediaDataUpdated): Relays to all observers that a new SampleBuffer is available.
831         * platform/mediastream/RealtimeMediaSource.h:
832         * platform/mediastream/mac/AVVideoCaptureSource.mm:
833         (WebCore::AVVideoCaptureSource::processNewFrame): Calls mediaDataUpdated when a new SampleBuffer is captured.
834
835 2016-07-19  Anders Carlsson  <andersca@apple.com>
836
837         Get rid of a #define private public hack in WebCore
838         https://bugs.webkit.org/show_bug.cgi?id=159953
839
840         Reviewed by Dan Bernstein.
841
842         Use @package instead.
843
844         * bindings/objc/DOMInternal.h:
845         * bindings/objc/DOMObject.h:
846
847 2016-07-19  Andreas Kling  <akling@apple.com>
848
849         Fix SharedBuffer leak in MockContentFilter::replacementData().
850         <https://webkit.org/b/159945>
851
852         Reviewed by Andy Estes.
853
854         Spotted on leaks bot. This code was pretty explicit about how it's going to leak.
855         Since this is in the mock filter, it only affected layout tests.
856
857         * testing/MockContentFilter.cpp:
858         (WebCore::MockContentFilter::replacementData):
859
860 2016-07-19  Zalan Bujtas  <zalan@apple.com>
861
862         theguardian.co.uk crossword puzzles are sometimes not displaying text
863         https://bugs.webkit.org/show_bug.cgi?id=159924
864         <rdar://problem/27409483>
865
866         Reviewed by Simon Fraser.
867
868         This patch fixes the case when
869         - 2 disjoint subtrees are dirty
870         - RenderView is also dirty.
871         and we end up not laying out one of the 2 subtrees.
872
873         In FrameView::scheduleRelayoutOfSubtree, we assume that when the RenderView is dirty
874         we already have a pending full layout which means that any previous subtree layouts have already been
875         converted to full layouts.
876         However this assumption is incorrect. RenderView can get dirty without checking if there's
877         already a pending subtree layout.
878         One option to solve this problem would be to override RenderObject::setNeedsLayout in RenderView
879         so that when the RenderView gets dirty, we could also convert any pending subtree layout to full layout.
880         However RenderObject::setNeedsLayout is a hot function and making it virtual would impact performance.
881         The other option is to always normalize subtree layouts in FrameView::scheduleRelayoutOfSubtree().
882         This patch implements the second option.
883
884         Test: fast/misc/subtree-layouts.html
885
886         * page/FrameView.cpp:
887         (WebCore::FrameView::scheduleRelayoutOfSubtree):
888
889 2016-07-19  Anders Carlsson  <andersca@apple.com>
890
891         Some payment authorization status values should keep the sheet active
892         https://bugs.webkit.org/show_bug.cgi?id=159936
893         rdar://problem/26756701
894
895         Reviewed by Tim Horton.
896
897         * Modules/applepay/ApplePaySession.cpp:
898         (WebCore::ApplePaySession::completePayment):
899         Keep the sheet active if the status isn't a final state status.
900
901         * Modules/applepay/PaymentAuthorizationStatus.h:
902         (WebCore::isFinalStateStatus):
903         Add a new helper function that returns whether a given payment authorization status is "final",
904         meaning that once that status has been passed to completePayment, the session is finished.
905
906 2016-07-19  Nan Wang  <n_wang@apple.com>
907
908         AX: Incorrect behavior for word related text marker functions when there's collapsed whitespace
909         https://bugs.webkit.org/show_bug.cgi?id=159910
910
911         Reviewed by Chris Fleizach.
912
913         We are getting a bad CharacterOffset when there's collapsed whitespace. Added a TraverseOptionValidateOffset
914         option to make sure we are getting the correct CharacterOffset based on the corresponding Range offset. And
915         fixed a word navigation issue based on that.
916
917         Test: accessibility/mac/text-marker-word-nav-collapsed-whitespace.html
918
919         * accessibility/AXObjectCache.cpp:
920         (WebCore::AXObjectCache::traverseToOffsetInRange):
921         (WebCore::AXObjectCache::rangeForNodeContents):
922         (WebCore::AXObjectCache::startOrEndCharacterOffsetForRange):
923         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
924         (WebCore::AXObjectCache::rightWordRange):
925         (WebCore::AXObjectCache::previousBoundary):
926         * accessibility/AXObjectCache.h:
927         (WebCore::AXObjectCache::isNodeInUse):
928
929 2016-07-19  Youenn Fablet  <youenn@apple.com>
930
931         [Streams API] ReadableStreamController methods should throw if its stream is not readable
932         https://bugs.webkit.org/show_bug.cgi?id=159871
933
934         Reviewed by Xabier Rodriguez-Calvar.
935
936         Spec now mandates close and enqueue to throw if ReadableStream is not readable.
937         Covered by rebased and/or modified tests.
938
939         * Modules/streams/ReadableStreamController.js:
940         (enqueue): Throwing a TypeError if controlled stream is not readable.
941         (close): Ditto.
942
943 2016-07-19  Simon Fraser  <simon.fraser@apple.com>
944
945         Bubbles appear split for a brief moment in Messages
946         https://bugs.webkit.org/show_bug.cgi?id=159915
947         rdar://problem/27182267
948
949         Reviewed by David Hyatt.
950
951         RenderView::repaintRootContents() had a long-standing bug in WebView when the
952         view is scrolled. repaint() uses visualOverflowRect() but, for the 
953         RenderView, the visualOverflowRect() is the initial containing block
954         which is anchored at 0,0. When the view is scrolled it's clipped out and
955         calls to repaintRootContents() have no effect.
956         
957         Change repaintRootContents() to use layoutOverflowRect(). ScrollView::repaintContentRectangle()
958         will clip it to the view if necessary.
959
960         Test: fast/repaint/scrolled-view-full-repaint.html
961
962         * rendering/RenderView.cpp:
963         (WebCore::RenderView::repaintRootContents):
964
965 2016-07-19  Dan Bernstein  <mitz@apple.com>
966
967         <rdar://problem/27420308> WebCore-7602.1.42 fails to build: error: unused parameter 'vm'
968
969         * bindings/js/JSDOMGlobalObject.cpp:
970         (WebCore::JSDOMGlobalObject::addBuiltinGlobals): Fixed the !ENABLE(STREAMS_API) build.
971
972 2016-07-19  Youenn Fablet  <youenn@apple.com>
973
974         [Streams API] Make ReadableStream properties not enumerable
975         https://bugs.webkit.org/show_bug.cgi?id=159868
976
977         Reviewed by Darin Adler.
978
979         Covered by rebased tests.
980
981         Uopdating IDL definitions to mark all functions/attributes as not enumerable.
982         Updating IDL constructor definitions to correctly compute constructor length.
983         Updating built-in implementation to correctly compute pipeTo length to 1 (second parameter being optional).
984
985         * Modules/streams/ReadableStream.idl:
986         * Modules/streams/ReadableStream.js:
987         * Modules/streams/ReadableStreamController.idl:
988         * Modules/streams/ReadableStreamReader.idl:
989
990 2016-07-19  Chris Dumez  <cdumez@apple.com>
991
992         form.enctype / encoding / method should treat null as "null" string
993         https://bugs.webkit.org/show_bug.cgi?id=159916
994
995         Reviewed by Ryosuke Niwa.
996
997         form.enctype / encoding / method should treat null as "null" string:
998         - https://html.spec.whatwg.org/multipage/forms.html#htmlformelement
999
1000         Previously, WebKit would treat null as the null String, which would
1001         end up removing the existing attribute.
1002
1003         Firefox and Chrome match the specification.
1004
1005         Test: fast/dom/HTMLFormElement/null-handling.html
1006
1007         * html/HTMLFormElement.h:
1008         * html/HTMLFormElement.idl:
1009
1010 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
1011
1012         All-in-one buildfix after r202439
1013         https://bugs.webkit.org/show_bug.cgi?id=159877
1014
1015         Reviewed by Chris Dumez.
1016
1017         * Modules/webaudio/AudioDestinationNode.h:
1018         (WebCore::AudioDestinationNode::resume):
1019         (WebCore::AudioDestinationNode::suspend):
1020         (WebCore::AudioDestinationNode::close):
1021
1022 2016-07-18  Frederic Wang  <fwang@igalia.com>
1023
1024         Move parsing of subscriptshift and superscriptshift from rendering to element classes
1025         https://bugs.webkit.org/show_bug.cgi?id=159622
1026
1027         Reviewed by Darin Adler.
1028
1029         We introduce a new MathMLScriptsElement that is used for elements msub, msup, msubsup and
1030         mmultiscripts in order to create RenderMathMLScripts and parse and expose the values of the
1031         subscriptshift and superscriptshift attributes. This is one more step toward moving MathML
1032         attribute parsing to the DOM (bug 156536).
1033
1034         No new tests, rendering is unchanged.
1035
1036         * CMakeLists.txt: Add MathMLScriptsElement files.
1037         * WebCore.xcodeproj/project.pbxproj: Ditto.
1038         * mathml/MathMLAllInOne.cpp: Ditto.
1039         * mathml/MathMLInlineContainerElement.cpp: Remove handling of scripts.
1040         (WebCore::MathMLInlineContainerElement::createElementRenderer): Deleted.
1041         * mathml/MathMLScriptsElement.cpp: Added. New class to handle scripted elements supporting
1042         parsing for the subscriptshift and superscriptshift MathML lengths.
1043         (WebCore::MathMLScriptsElement::MathMLScriptsElement):
1044         (WebCore::MathMLScriptsElement::create):
1045         (WebCore::MathMLScriptsElement::subscriptShift): Expose the cached length for the shift,
1046         parsing the attribute again if necessary.
1047         (WebCore::MathMLScriptsElement::superscriptShift): Ditto.
1048         (WebCore::MathMLScriptsElement::parseAttribute): Mark attributes dirty.
1049         (WebCore::MathMLScriptsElement::createElementRenderer): Create RenderMathMLScripts.
1050         * mathml/MathMLScriptsElement.h: Ditto.
1051         * mathml/mathtags.in: Map msub, msup, msubsup and mmultiscripts to MathMLScriptsElement.
1052         * rendering/mathml/RenderMathMLScripts.cpp:
1053         (WebCore::RenderMathMLScripts::scriptsElement): Helper function to cast the node to a
1054         MathMLScriptsElement.
1055         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded): Resolve the attributes
1056         using the functions from the MathMLScriptsElement class.
1057         * rendering/mathml/RenderMathMLScripts.h: Declare scriptsElement.
1058
1059 2016-07-18  Frederic Wang  <fwang@igalia.com>
1060
1061         Do not store gap and shift parameters on RenderMathMLFraction
1062         https://bugs.webkit.org/show_bug.cgi?id=159876
1063
1064         Reviewed by Darin Adler.
1065
1066         After r203285, the stack and fraction layout parameters are only used in layoutBlock so we
1067         do not need to store them on the class. We remove them and split updateLayoutParameters into
1068         three functions: one to update the linethickness and two others to retrieve the fraction and
1069         stack respectively.
1070
1071         No new tests, rendering is unchanged.
1072
1073         * rendering/mathml/RenderMathMLFraction.cpp:
1074         (WebCore::RenderMathMLFraction::updateLineThickness): Move code to update thickness members here.
1075         (WebCore::RenderMathMLFraction::getFractionParameters): Move code to retrieve fraction parameters here.
1076         (WebCore::RenderMathMLFraction::getStackParameters): Move code to retrieve stack parameters here.
1077         (WebCore::RenderMathMLFraction::layoutBlock): Use the new helper functions and local variables
1078         for fraction and stack parameters.
1079         (WebCore::RenderMathMLFraction::updateLayoutParameters): Deleted.
1080         * rendering/mathml/RenderMathMLFraction.h: Declare new helper functions and remove members
1081         for stack and fraction parameters.
1082
1083 2016-07-18  Chris Dumez  <cdumez@apple.com>
1084
1085         input.formEnctype / formMethod and button.formEnctype / formMethod / type should treat null as "null"
1086         https://bugs.webkit.org/show_bug.cgi?id=159908
1087
1088         Reviewed by Alex Christensen.
1089
1090         input.formEnctype / formMethod and button.formEnctype / formMethod / type
1091         should treat null as "null" String:
1092         - https://html.spec.whatwg.org/multipage/forms.html#htmlinputelement
1093         - https://html.spec.whatwg.org/multipage/forms.html#htmlbuttonelement
1094
1095         In WebKit, we would treat null as a null String which would end up
1096         removing the corresponding attribute. This does not match the
1097         specification. Firefox and Chrome match the specification here.
1098
1099         Tests:
1100         - fast/dom/HTMLButtonElement/null-handling.html
1101         - fast/dom/HTMLInputElement/null-handling.html
1102
1103         * html/HTMLButtonElement.idl:
1104         * html/HTMLInputElement.idl:
1105
1106 2016-07-18  Alex Christensen  <achristensen@webkit.org>
1107
1108         webbookmarksd needs to use the same AppCache directory as MobileSafari
1109         https://bugs.webkit.org/show_bug.cgi?id=159912
1110
1111         Reviewed by Alexey Proskuryakov.
1112
1113         No new tests.  This only changes behavior for webbookmarksd.
1114
1115         * platform/RuntimeApplicationChecks.h:
1116         * platform/RuntimeApplicationChecks.mm:
1117         (WebCore::IOSApplication::isWebBookmarksD): Added.
1118
1119 2016-07-18  Chris Dumez  <cdumez@apple.com>
1120
1121         EventTarget.dispatchEvent() parameter should not be nullable
1122         https://bugs.webkit.org/show_bug.cgi?id=159897
1123
1124         Reviewed by Benjamin Poulain.
1125
1126         EventTarget.dispatchEvent() parameter should not be nullable:
1127         - https://dom.spec.whatwg.org/#interface-eventtarget
1128
1129         Even though the parameter was marked as nullable in our IDL, our
1130         implementation does a null check and we already throw a TypeError
1131         when calling dispatchEvent(null).
1132
1133         Update our IDL so that it matches the specification and so that
1134         the null check is generated in the bindings instead.
1135
1136         No new tests, rebaseline existing tests.
1137
1138         * dom/EventTarget.cpp:
1139         (WebCore::EventTarget::dispatchEventForBindings):
1140         * dom/EventTarget.h:
1141         * dom/EventTarget.idl:
1142
1143 2016-07-18  Chris Dumez  <cdumez@apple.com>
1144
1145         DocType's publicId / systemId should not be nullable
1146         https://bugs.webkit.org/show_bug.cgi?id=159901
1147
1148         Reviewed by Benjamin Poulain.
1149
1150         DocType's publicId / systemId should not be nullable. While they were
1151         not marked as nullable in our IDL, they could be stored as null Strings
1152         in our implementation depending on how the Node was constructed. This
1153         led to subtle bugs where String() != emptyString().
1154
1155         In particular, Node.isEqualNode() would return false when DocumentType
1156         nodes would mismatch because of their publicId / systemId being null
1157         instead of the emptyString.
1158
1159         Serialization would DocumentType nodes would also be wrong when
1160         publicId / systemId were empty Strings instead of null strings. The
1161         new behavior now matches:
1162         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-serialize-doctype (steps 7-9)
1163
1164         To address these issues, we now always store publicId / systemId as
1165         non-null Strings inside the DocumentType class.
1166
1167         Test: fast/dom/DocumentType/isEqualNode.html
1168
1169         * dom/DocumentType.cpp:
1170         (WebCore::DocumentType::DocumentType):
1171         * editing/MarkupAccumulator.cpp:
1172         (WebCore::MarkupAccumulator::appendDocumentType):
1173
1174 2016-07-18  Jeremy Jones  <jeremyj@apple.com>
1175
1176         If previous media session interruptions were prevented, still allow subsequent interruptions to try.
1177         https://bugs.webkit.org/show_bug.cgi?id=157553
1178         rdar://problem/25740804
1179
1180         Reviewed by Eric Carlson.
1181
1182         Test: platform/ios-simulator/media/video-interruption-suspendunderlock.html
1183
1184         When suspending under lock on iOS, there is first a resign active event, then a
1185         suspend under lock. PiP prevents resign active from interrupting playback. But it should allow the
1186         suspend under lock to interrupt playback.
1187
1188         Currently if there are nested interruptions only the first one is acted upon.
1189
1190         This change allows subsequent, nested interruptions to have a chance to interrupt playback if the
1191         previous interruptions were ignored.
1192
1193         This test is for iPad only, so it must be run manually.
1194
1195         * html/HTMLMediaElement.cpp:
1196         (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction):
1197         * platform/audio/PlatformMediaSession.cpp:
1198         (WebCore::PlatformMediaSession::beginInterruption):
1199         * testing/Internals.cpp:
1200         (WebCore::Internals::beginMediaSessionInterruption):
1201
1202 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1203
1204         Don't associate form-associated elements with forms in other trees.
1205         https://bugs.webkit.org/show_bug.cgi?id=119451
1206         <rdar://problem/27382946>
1207
1208         Change is based on the Blink change (patch by <adamk@chromium.org>):
1209         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
1210
1211         Reviewed by Chris Dumez.
1212
1213         Prevent elements from being associated with forms that are not part of the same home subtree.
1214         This brings us in line with the WhatWG HTML specification as of September, 2013.
1215
1216         Tests: fast/forms/image-disconnected-during-parse.html
1217                fast/forms/input-disconnected-during-parse.html
1218
1219         * dom/Element.h:
1220         (WebCore::Node::rootElement): Added.
1221         * html/FormAssociatedElement.cpp:
1222         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
1223         is not part of the same tree, remove the association.
1224         * html/HTMLImageElement.cpp:
1225         (WebCore::HTMLImageElement::insertedInto): Ditto.
1226
1227 2016-07-18  Anders Carlsson  <andersca@apple.com>
1228
1229         WebKit nightly fails to build on macOS Sierra
1230         https://bugs.webkit.org/show_bug.cgi?id=159902
1231         rdar://problem/27365672
1232
1233         Reviewed by Tim Horton.
1234
1235         * Modules/applepay/cocoa/PaymentCocoa.mm:
1236         * Modules/applepay/cocoa/PaymentContactCocoa.mm:
1237         * Modules/applepay/cocoa/PaymentMerchantSessionCocoa.mm:
1238         * Modules/applepay/cocoa/PaymentMethodCocoa.mm:
1239         Use new PassKitSPI header.
1240
1241         * WebCore.xcodeproj/project.pbxproj:
1242         Add new PassKitSPI header.
1243
1244         * icu/unicode/ucurr.h: Added.
1245         Add ucurr.h from ICU.
1246
1247         * platform/spi/cocoa/PassKitSPI.h: Added.
1248         Add new PassKitSPI header.
1249
1250 2016-07-18  Dean Jackson  <dino@apple.com>
1251
1252         REGRESSION (r202950): Image zoom animations are broken at medium.com (159861)
1253         https://bugs.webkit.org/show_bug.cgi?id=159906
1254         <rdar://problem/27391725>
1255
1256         Reviewed by Simon Fraser.
1257
1258         The fix for webkit.org/b/157569 in r200769 broke AMP pages.
1259         The followup fix for webkit.org/b/159450 in r202950 broke Medium pages.
1260
1261         Revert them both until we have better testing.
1262
1263         * css/CSSParser.cpp:
1264         (WebCore::CSSParser::addPropertyWithPrefixingVariant):
1265         (WebCore::CSSParser::parseValue):
1266         (WebCore::CSSParser::parseAnimationShorthand):
1267         (WebCore::CSSParser::parseTransitionShorthand): Deleted.
1268         * css/CSSPropertyNames.in:
1269         * css/PropertySetCSSStyleDeclaration.cpp:
1270         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValue):
1271         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValue):
1272         (WebCore::PropertySetCSSStyleDeclaration::getPropertyCSSValueInternal):
1273         (WebCore::PropertySetCSSStyleDeclaration::getPropertyValueInternal):
1274         * css/StyleProperties.cpp:
1275         (WebCore::MutableStyleProperties::removeShorthandProperty):
1276         (WebCore::MutableStyleProperties::removeProperty):
1277         (WebCore::MutableStyleProperties::removePrefixedOrUnprefixedProperty):
1278         (WebCore::MutableStyleProperties::setProperty):
1279         (WebCore::getIndexInShorthandVectorForPrefixingVariant):
1280         (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
1281         (WebCore::MutableStyleProperties::setPrefixingVariantProperty):
1282         (WebCore::StyleProperties::asText): Deleted.
1283         * css/StyleProperties.h:
1284
1285 2016-07-18  Andreas Kling  <akling@apple.com>
1286
1287         There should be a way to simulate memory pressure in layout tests
1288         <https://webkit.org/b/159743>
1289
1290         Reviewed by Simon Fraser.
1291
1292         Add three window.internal APIs:
1293
1294             - boolean isUnderMemoryPressure (readonly attribute)
1295             - void beginSimulatedMemoryPressure()
1296             - void endSimulatedMemoryPressure()
1297
1298         These make it possible to write tests that exercise behaviors that only
1299         occur during memory pressure situations.
1300
1301         I also implemented the "org.WebKit.lowMemory" notification handler using the new API.
1302
1303         Test: memory/memory-pressure-simulation.html
1304
1305         * platform/MemoryPressureHandler.cpp:
1306         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
1307         (WebCore::MemoryPressureHandler::endSimulatedMemoryPressure):
1308         * platform/MemoryPressureHandler.h:
1309         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
1310         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1311         (WebCore::MemoryPressureHandler::platformReleaseMemory):
1312         (WebCore::MemoryPressureHandler::install):
1313         * testing/Internals.cpp:
1314         (WebCore::Internals::isUnderMemoryPressure):
1315         (WebCore::Internals::beginSimulatedMemoryPressure):
1316         (WebCore::Internals::endSimulatedMemoryPressure):
1317         * testing/Internals.h:
1318         * testing/Internals.idl:
1319
1320 2016-07-18  Said Abou-Hallawa  <sabouhallawa@apple,com>
1321
1322         [iOS] PDFDocumentImage should cache only a sub image of the PDF when caching the whole image is expensive
1323         https://bugs.webkit.org/show_bug.cgi?id=158715
1324
1325         Reviewed by Dean Jackson.
1326
1327         Test: fast/images/displaced-non-cached-pdf.html
1328
1329         For iOS, we need to ensure the size of the cached PDF images will not
1330         exceed some limit. Also we should be caching only a sub image of the PDF
1331         if caching the whole image will exceed the memory limit.
1332
1333         * page/Settings.cpp:
1334         (WebCore::Settings::Settings):
1335         (WebCore::Settings::setCachedPDFImageEnabled):
1336         * page/Settings.h:
1337         (WebCore::Settings::isCachedPDFImageEnabled):
1338             Add an option to disable caching the PDF images.
1339
1340         * platform/graphics/cg/PDFDocumentImage.cpp:
1341         (WebCore::PDFDocumentImage::setCachedPDFImageEnabled):
1342             Allow the caller of draw() to disable caching the PDF images.
1343         
1344         (WebCore::PDFDocumentImage::cacheParametersMatch):
1345             Match the context dirty rectangle with the cached image rectangle.
1346         
1347         (WebCore::transformContextForPainting):
1348             When preparing the context for drawing the PDF, take the location 
1349             of the destination rectangle into account. We do not need to scale
1350             the location of the source rectangle because we scale the size of
1351             the rectangle but we don't scale the whole coordinate system.
1352
1353         (WebCore::cachedImageRect):
1354             Calculate the rectangle of the cached image such that it does not
1355             exceed the limit. Start from the center of the dirty rectangle and
1356             then expand around it.
1357             
1358         (WebCore::PDFDocumentImage::decodedSizeChanged):
1359             In addition to notifying the ImageObserver, it keeps track of the size
1360             of all the cached PDF images.
1361
1362         (WebCore::PDFDocumentImage::updateCachedImageIfNeeded):
1363             Ensure the size of all the cached images does not exceed the limit
1364             
1365         (WebCore::PDFDocumentImage::destroyDecodedData):
1366         * platform/graphics/cg/PDFDocumentImage.h:
1367
1368         * rendering/RenderImage.cpp:
1369         (WebCore::RenderImage::paintIntoRect):
1370             Pass the option to disable caching the PDF images to PDFDocumentImage.
1371
1372         * testing/InternalSettings.cpp:
1373         (WebCore::InternalSettings::Backup::Backup):
1374         (WebCore::InternalSettings::Backup::restoreTo):
1375         (WebCore::InternalSettings::setCachedPDFImageEnabled):
1376         * testing/InternalSettings.h:
1377         * testing/InternalSettings.idl:
1378             Add an internal option to disable caching the PDF images.
1379
1380 2016-07-18  Chris Dumez  <cdumez@apple.com>
1381
1382         The 2 first parameters to addEventListener() / removeEventListener() should be mandatory
1383         https://bugs.webkit.org/show_bug.cgi?id=158008
1384
1385         Reviewed by Darin Adler.
1386
1387         The 2 first parameters to addEventListener() / removeEventListener() should be
1388         mandatory:
1389         - https://dom.spec.whatwg.org/#interface-eventtarget
1390
1391         Firefox 46 and Chrome 50 both match the specification and throw an exception when those
1392         parameters are omitted. However, those parameters were marked as optional in WebKit and
1393         the calls were no-ops if those parameters were omitted. This patch aligns our behavior
1394         with the specification and other browsers.
1395
1396         Test: fast/dom/eventtarget-api-parameters.html
1397
1398         * bindings/scripts/CodeGeneratorJS.pm:
1399         (GetFunctionLength): Deleted.
1400         * dom/EventTarget.idl:
1401
1402 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1403
1404         Unreviewed, rolling out r203373.
1405
1406         Unaddressed
1407
1408         Reverted changeset:
1409
1410         "Don't associate form-associated elements with forms in other
1411         trees."
1412         https://bugs.webkit.org/show_bug.cgi?id=119451
1413         http://trac.webkit.org/changeset/203373
1414
1415 2016-07-18  Brent Fulgham  <bfulgham@apple.com>
1416
1417         Don't associate form-associated elements with forms in other trees.
1418         https://bugs.webkit.org/show_bug.cgi?id=119451
1419         <rdar://problem/27382946>
1420
1421         Change is based on the Blink change (patch by <adamk@chromium.org>):
1422         <https://chromium.googlesource.com/chromium/blink/+/0b33128be67e7845d495d5219614c02ccfe7a414>
1423
1424         Reviewed by Zalan Bujtas.
1425
1426         Prevent elements from being associated with forms that are not part of the same home subtree.
1427         This brings us in line with the WhatWG HTML specification as of September, 2013.
1428
1429         Tests: fast/forms/image-disconnected-during-parse.html
1430                fast/forms/input-disconnected-during-parse.html
1431
1432         * dom/NodeTraversal.h:
1433         (WebCore::NodeTraversal::highestAncestorOrSelf): Added.
1434         * html/FormAssociatedElement.cpp:
1435         (WebCore::FormAssociatedElement::insertedInto): If the element is associated with a form that
1436         is not part of the same tree, remove the association.
1437         * html/HTMLImageElement.cpp:
1438         (WebCore::HTMLImageElement::insertedInto): Ditto.
1439
1440 2016-07-18  George Ruan  <gruan@apple.com>
1441
1442         Move MediaSampleAVFObjC into its own file
1443         https://bugs.webkit.org/show_bug.cgi?id=159796
1444         <rdar://problem/27362488>
1445
1446         In preparation for a feature that uses MediaSampleAVFObjC, but does
1447         not need SourceBufferPrivateAVFObjC, it is beneficial to move
1448         MediaSampleAVFObjC to its own file.
1449
1450         Reviewed by Eric Carlson.
1451
1452         * WebCore.xcodeproj/project.pbxproj:
1453         * platform/MediaSample.h: Allow setting trackID to associate
1454         MediaSample id with MediaStreamTrackPrivate id.
1455         * platform/graphics/avfoundation/MediaSampleAVFObjC.h: Added.
1456         * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: Moved
1457         from MediaSampleAVFObjC
1458         (WebCore::MediaSampleAVFObjC::presentationTime):
1459         (WebCore::MediaSampleAVFObjC::decodeTime):
1460         (WebCore::MediaSampleAVFObjC::duration):
1461         (WebCore::MediaSampleAVFObjC::sizeInBytes):
1462         (WebCore::MediaSampleAVFObjC::platformSample):
1463         (WebCore::CMSampleBufferIsRandomAccess):
1464         (WebCore::MediaSampleAVFObjC::flags):
1465         (WebCore::MediaSampleAVFObjC::presentationSize):
1466         (WebCore::MediaSampleAVFObjC::dump):
1467         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy):
1468         (WebCore::MediaSampleAVFObjC::setTimestamps):
1469         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1470         Moved MediaSampleAVFObjC to its own file.
1471         (WebCore::MediaSampleAVFObjC::platformSample): Deleted.
1472         (WebCore::CMSampleBufferIsRandomAccess): Deleted.
1473         (WebCore::MediaSampleAVFObjC::flags): Deleted.
1474         (WebCore::MediaSampleAVFObjC::presentationSize): Deleted.
1475         (WebCore::MediaSampleAVFObjC::dump): Deleted.
1476         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Deleted.
1477         (WebCore::MediaSampleAVFObjC::setTimestamps): Deleted.
1478         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
1479
1480 2016-07-18  Eric Carlson  <eric.carlson@apple.com>
1481
1482         [MSE][Mac] Pass AVSampleBufferDisplayLayer HDCP status to a newly created key session
1483         https://bugs.webkit.org/show_bug.cgi?id=159812
1484         <rdar://problem/27371624>
1485
1486         Reviewed by Jon Lee.
1487
1488         No new tests, it isn't possible to test this with our current testing infrastructure.
1489
1490         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
1491         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1492         (WebCore::SourceBufferPrivateAVFObjC::setCDMSession): Call layerDidReceiveError if there has
1493         been an HDCP error.
1494         (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Remember an HDCP error.
1495
1496 2016-07-18  Yoav Weiss  <yoav@yoav.ws>
1497
1498         Add preload to features.json
1499         https://bugs.webkit.org/show_bug.cgi?id=159872
1500
1501         Reviewed by Darin Adler.
1502
1503         No new tests but no functional change.
1504
1505         * features.json:
1506
1507 2016-07-18  Youenn Fablet  <youenn@apple.com>
1508
1509         [Streams API] ReadableStream should throw a RangeError in case of NaN highWaterMark
1510         https://bugs.webkit.org/show_bug.cgi?id=159870
1511
1512         Reviewed by Xabier Rodriguez-Calvar.
1513
1514         Covered by rebased test.
1515
1516         * Modules/streams/StreamInternals.js:
1517         (validateAndNormalizeQueuingStrategy): Throwing a RangeError in lieu of a TypeError in case of NaN highWaterMark.
1518
1519 2016-07-18  Csaba Osztrogon√°c  <ossy@webkit.org>
1520
1521         Windows buildfix after r203338
1522         https://bugs.webkit.org/show_bug.cgi?id=159875
1523
1524         Unreviewed buildfix.
1525
1526         * dom/UserGestureIndicator.h:
1527         (WebCore::UserGestureToken::addDestructionObserver):
1528
1529 2016-07-18  Carlos Garcia Campos  <cgarcia@igalia.com>
1530
1531         MemoryPressureHandler doesn't work if cgroups aren't present in Linux
1532         https://bugs.webkit.org/show_bug.cgi?id=155255
1533
1534         Reviewed by Sergio Villar Senin.
1535
1536         Allow to pass an eventFD file descriptor to the MemoryPressureHandler to be monitorized in case cgroups are not
1537         available.
1538
1539         * platform/MemoryPressureHandler.h:
1540         * platform/linux/MemoryPressureHandlerLinux.cpp:
1541
1542 2016-07-17  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1543
1544         Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota
1545         https://bugs.webkit.org/show_bug.cgi?id=159701
1546
1547         Reviewed by Alex Christensen.
1548
1549         No new tests, no behavior changes.
1550
1551         * Modules/encryptedmedia/CDM.h:
1552         * Modules/encryptedmedia/MediaKeySession.h:
1553         * Modules/encryptedmedia/MediaKeys.h:
1554         * Modules/quota/DOMWindowQuota.cpp:
1555         * Modules/quota/StorageErrorCallback.cpp:
1556         (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
1557         * Modules/quota/StorageErrorCallback.h:
1558         * Modules/quota/StorageInfo.h:
1559         * Modules/quota/StorageQuota.h:
1560         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
1561         * Modules/speech/SpeechSynthesis.cpp:
1562         (WebCore::SpeechSynthesis::getVoices):
1563         (WebCore::SpeechSynthesis::startSpeakingImmediately):
1564         (WebCore::SpeechSynthesis::speak):
1565         (WebCore::SpeechSynthesis::cancel):
1566         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
1567         (WebCore::SpeechSynthesis::boundaryEventOccurred):
1568         (WebCore::SpeechSynthesis::didStartSpeaking):
1569         (WebCore::SpeechSynthesis::didPauseSpeaking):
1570         (WebCore::SpeechSynthesis::didResumeSpeaking):
1571         (WebCore::SpeechSynthesis::didFinishSpeaking):
1572         (WebCore::SpeechSynthesis::speakingErrorOccurred):
1573         * Modules/speech/SpeechSynthesis.h:
1574         * Modules/speech/SpeechSynthesisEvent.h:
1575         * Modules/speech/SpeechSynthesisUtterance.h:
1576         * Modules/speech/SpeechSynthesisVoice.cpp:
1577         (WebCore::SpeechSynthesisVoice::create):
1578         (WebCore::SpeechSynthesisVoice::SpeechSynthesisVoice):
1579         * Modules/speech/SpeechSynthesisVoice.h:
1580         * platform/PlatformSpeechSynthesizer.h:
1581         * platform/efl/PlatformSpeechSynthesisProviderEfl.cpp:
1582         (WebCore::PlatformSpeechSynthesisProviderEfl::fireSpeechEvent):
1583         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
1584         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
1585         (WebCore::PlatformSpeechSynthesizerMock::speak):
1586         (WebCore::PlatformSpeechSynthesizerMock::cancel):
1587         (WebCore::PlatformSpeechSynthesizerMock::pause):
1588         (WebCore::PlatformSpeechSynthesizerMock::resume):
1589
1590 2016-07-16  Sam Weinig  <sam@webkit.org>
1591
1592         [WebKit API] Add SPI to track multiple navigations caused by a single user gesture
1593         <rdar://problem/26554137>
1594         https://bugs.webkit.org/show_bug.cgi?id=159856
1595
1596         Reviewed by Dan Bernstein.
1597
1598         - Adds a new RefCounted object to represent a unique user gesture, called UserGestureToken.
1599         - Makes UserGestureIndicator track UserGestureToken.
1600         - Refines UserGestureIndicator's interface to use Optional and a smaller enum set
1601           to represent the different initial states.
1602         - Stores UserGestureTokens on objects that want to forward user gesture state (DOMTimer, 
1603           postMessage, and ScheduledNavigation) rather than just a boolean.
1604
1605         * accessibility/AccessibilityNodeObject.cpp:
1606         (WebCore::AccessibilityNodeObject::increment):
1607         (WebCore::AccessibilityNodeObject::decrement):
1608         * accessibility/AccessibilityObject.cpp:
1609         (WebCore::AccessibilityObject::press):
1610         * bindings/js/ScriptController.cpp:
1611         (WebCore::ScriptController::executeScriptInWorld):
1612         (WebCore::ScriptController::executeScript):
1613         Update for new UserGestureIndicator interface.
1614
1615         * dom/UserGestureIndicator.cpp:
1616         (WebCore::currentToken):
1617         (WebCore::UserGestureToken::~UserGestureToken):
1618         (WebCore::UserGestureIndicator::UserGestureIndicator):
1619         (WebCore::UserGestureIndicator::~UserGestureIndicator):
1620         (WebCore::UserGestureIndicator::currentUserGesture):
1621         (WebCore::UserGestureIndicator::processingUserGesture):
1622         (WebCore::UserGestureIndicator::processingUserGestureForMedia):
1623         (WebCore::isDefinite): Deleted.
1624         * dom/UserGestureIndicator.h:
1625         (WebCore::UserGestureToken::create):
1626         (WebCore::UserGestureToken::state):
1627         (WebCore::UserGestureToken::processingUserGesture):
1628         (WebCore::UserGestureToken::processingUserGestureForMedia):
1629         (WebCore::UserGestureToken::addDestructionObserver):
1630         (WebCore::UserGestureToken::UserGestureToken):
1631         Add UserGestureToken and track the current one explicitly.
1632
1633         * html/HTMLMediaElement.cpp:
1634         (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
1635         * inspector/InspectorFrontendClientLocal.cpp:
1636         (WebCore::InspectorFrontendClientLocal::openInNewTab):
1637         * inspector/InspectorFrontendHost.cpp:
1638         * inspector/InspectorPageAgent.cpp:
1639         (WebCore::InspectorPageAgent::navigate):
1640         Update for new UserGestureIndicator interface.
1641
1642         * loader/NavigationAction.cpp:
1643         (WebCore::NavigationAction::NavigationAction):
1644         * loader/NavigationAction.h:
1645         (WebCore::NavigationAction::userGestureToken):
1646         (WebCore::NavigationAction::processingUserGesture):
1647         * loader/NavigationScheduler.cpp:
1648         (WebCore::ScheduledNavigation::ScheduledNavigation):
1649         (WebCore::ScheduledNavigation::~ScheduledNavigation):
1650         (WebCore::ScheduledNavigation::lockBackForwardList):
1651         (WebCore::ScheduledNavigation::wasDuringLoad):
1652         (WebCore::ScheduledNavigation::isLocationChange):
1653         (WebCore::ScheduledNavigation::userGestureToForward):
1654         (WebCore::ScheduledNavigation::clearUserGesture):
1655         (WebCore::NavigationScheduler::mustLockBackForwardList):
1656         (WebCore::NavigationScheduler::scheduleFormSubmission):
1657         (WebCore::ScheduledNavigation::wasUserGesture): Deleted.
1658         * page/DOMTimer.cpp:
1659         (WebCore::shouldForwardUserGesture):
1660         (WebCore::userGestureTokenToForward):
1661         (WebCore::DOMTimer::DOMTimer):
1662         (WebCore::DOMTimer::fired):
1663         * page/DOMTimer.h:
1664         * page/DOMWindow.cpp:
1665         (WebCore::PostMessageTimer::PostMessageTimer):
1666         Store the active UserGestureToken rather than just a bit.
1667
1668         * page/EventHandler.cpp:
1669         (WebCore::EventHandler::handleMousePressEvent):
1670         (WebCore::EventHandler::handleMouseDoubleClickEvent):
1671         (WebCore::EventHandler::handleMouseReleaseEvent):
1672         (WebCore::EventHandler::keyEvent):
1673         (WebCore::EventHandler::handleTouchEvent):
1674         * rendering/HitTestResult.cpp:
1675         (WebCore::HitTestResult::toggleMediaFullscreenState):
1676         (WebCore::HitTestResult::enterFullscreenForVideo):
1677         (WebCore::HitTestResult::toggleEnhancedFullscreenForVideo):
1678         Update for new UserGestureIndicator interface.
1679
1680 2016-07-17  Ryosuke Niwa  <rniwa@webkit.org>
1681
1682         Rename fastHasAttribute to hasAttributeWithoutSynchronization
1683         https://bugs.webkit.org/show_bug.cgi?id=159864
1684
1685         Reviewed by Chris Dumez.
1686
1687         Renamed Rename fastHasAttribute to hasAttributeWithoutSynchronization for clarity.
1688
1689         * accessibility/AccessibilityListBoxOption.cpp:
1690         (WebCore::AccessibilityListBoxOption::isEnabled):
1691         * accessibility/AccessibilityObject.cpp:
1692         (WebCore::AccessibilityObject::hasAttribute):
1693         (WebCore::AccessibilityObject::getAttribute):
1694         * accessibility/AccessibilityRenderObject.cpp:
1695         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
1696         * bindings/scripts/CodeGenerator.pm:
1697         (GetterExpression):
1698         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1699         * bindings/scripts/test/JS/JSTestObj.cpp:
1700         (WebCore::jsTestObjReflectedBooleanAttr):
1701         (WebCore::jsTestObjReflectedCustomBooleanAttr):
1702         * bindings/scripts/test/ObjC/DOMTestObj.mm:
1703         (-[DOMTestObj reflectedBooleanAttr]):
1704         (-[DOMTestObj setReflectedBooleanAttr:]):
1705         (-[DOMTestObj reflectedCustomBooleanAttr]):
1706         (-[DOMTestObj setReflectedCustomBooleanAttr:]):
1707         * dom/Document.cpp:
1708         (WebCore::Document::hasManifest):
1709         (WebCore::Document::doctype):
1710         * dom/Element.h:
1711         (WebCore::Node::parentElement):
1712         (WebCore::Element::hasAttributeWithoutSynchronization):
1713         (WebCore::Element::fastHasAttribute): Deleted.
1714         * editing/ApplyStyleCommand.cpp:
1715         (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
1716         * editing/DeleteSelectionCommand.cpp:
1717         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
1718         * editing/markup.cpp:
1719         (WebCore::createMarkupInternal):
1720         * html/ColorInputType.cpp:
1721         (WebCore::ColorInputType::shouldShowSuggestions):
1722         * html/FileInputType.cpp:
1723         (WebCore::FileInputType::handleDOMActivateEvent):
1724         (WebCore::FileInputType::receiveDroppedFiles):
1725         * html/FormAssociatedElement.cpp:
1726         (WebCore::FormAssociatedElement::didMoveToNewDocument):
1727         (WebCore::FormAssociatedElement::insertedInto):
1728         (WebCore::FormAssociatedElement::removedFrom):
1729         (WebCore::FormAssociatedElement::formAttributeChanged):
1730         * html/FormController.cpp:
1731         (WebCore::ownerFormForState):
1732         * html/GenericCachedHTMLCollection.cpp:
1733         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
1734         * html/HTMLAnchorElement.cpp:
1735         (WebCore::HTMLAnchorElement::draggable):
1736         (WebCore::HTMLAnchorElement::href):
1737         (WebCore::HTMLAnchorElement::sendPings):
1738         * html/HTMLAppletElement.cpp:
1739         (WebCore::HTMLAppletElement::rendererIsNeeded):
1740         * html/HTMLElement.cpp:
1741         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
1742         (WebCore::elementAffectsDirectionality):
1743         (WebCore::setHasDirAutoFlagRecursively):
1744         * html/HTMLEmbedElement.cpp:
1745         (WebCore::HTMLEmbedElement::rendererIsNeeded):
1746         * html/HTMLFieldSetElement.cpp:
1747         (WebCore::updateFromControlElementsAncestorDisabledStateUnder):
1748         (WebCore::HTMLFieldSetElement::disabledAttributeChanged):
1749         (WebCore::HTMLFieldSetElement::disabledStateChanged):
1750         (WebCore::HTMLFieldSetElement::childrenChanged):
1751         * html/HTMLFormControlElement.cpp:
1752         (WebCore::HTMLFormControlElement::formNoValidate):
1753         (WebCore::HTMLFormControlElement::formAction):
1754         (WebCore::HTMLFormControlElement::computeIsDisabledByFieldsetAncestor):
1755         (WebCore::shouldAutofocus):
1756         * html/HTMLFormElement.cpp:
1757         (WebCore::HTMLFormElement::formElementIndex):
1758         (WebCore::HTMLFormElement::noValidate):
1759         * html/HTMLFrameElement.cpp:
1760         (WebCore::HTMLFrameElement::noResize):
1761         (WebCore::HTMLFrameElement::didAttachRenderers):
1762         * html/HTMLFrameElementBase.cpp:
1763         (WebCore::HTMLFrameElementBase::parseAttribute):
1764         (WebCore::HTMLFrameElementBase::location):
1765         * html/HTMLHRElement.cpp:
1766         (WebCore::HTMLHRElement::collectStyleForPresentationAttribute):
1767         * html/HTMLImageElement.cpp:
1768         (WebCore::HTMLImageElement::isServerMap):
1769         * html/HTMLInputElement.cpp:
1770         (WebCore::HTMLInputElement::finishParsingChildren):
1771         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
1772         (WebCore::HTMLInputElement::isActivatedSubmit):
1773         (WebCore::HTMLInputElement::reset):
1774         (WebCore::HTMLInputElement::multiple):
1775         (WebCore::HTMLInputElement::setSize):
1776         (WebCore::HTMLInputElement::shouldUseMediaCapture):
1777         * html/HTMLMarqueeElement.cpp:
1778         (WebCore::HTMLMarqueeElement::minimumDelay):
1779         * html/HTMLMediaElement.cpp:
1780         (WebCore::HTMLMediaElement::insertedInto):
1781         (WebCore::HTMLMediaElement::selectMediaResource):
1782         (WebCore::HTMLMediaElement::loadResource):
1783         (WebCore::HTMLMediaElement::autoplay):
1784         (WebCore::HTMLMediaElement::preload):
1785         (WebCore::HTMLMediaElement::loop):
1786         (WebCore::HTMLMediaElement::setLoop):
1787         (WebCore::HTMLMediaElement::controls):
1788         (WebCore::HTMLMediaElement::setControls):
1789         (WebCore::HTMLMediaElement::muted):
1790         (WebCore::HTMLMediaElement::setMuted):
1791         (WebCore::HTMLMediaElement::selectNextSourceChild):
1792         (WebCore::HTMLMediaElement::sourceWasAdded):
1793         (WebCore::HTMLMediaElement::mediaSessionTitle):
1794         * html/HTMLObjectElement.cpp:
1795         (WebCore::HTMLObjectElement::parseAttribute):
1796         * html/HTMLOptGroupElement.cpp:
1797         (WebCore::HTMLOptGroupElement::isDisabledFormControl):
1798         (WebCore::HTMLOptGroupElement::isFocusable):
1799         * html/HTMLOptionElement.cpp:
1800         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
1801         (WebCore::HTMLOptionElement::text):
1802         * html/HTMLProgressElement.cpp:
1803         (WebCore::HTMLProgressElement::isDeterminate):
1804         (WebCore::HTMLProgressElement::didElementStateChange):
1805         * html/HTMLScriptElement.cpp:
1806         (WebCore::HTMLScriptElement::async):
1807         (WebCore::HTMLScriptElement::setCrossOrigin):
1808         (WebCore::HTMLScriptElement::asyncAttributeValue):
1809         (WebCore::HTMLScriptElement::deferAttributeValue):
1810         (WebCore::HTMLScriptElement::hasSourceAttribute):
1811         (WebCore::HTMLScriptElement::dispatchLoadEvent):
1812         * html/HTMLSelectElement.cpp:
1813         (WebCore::HTMLSelectElement::reset):
1814         * html/HTMLTrackElement.cpp:
1815         (WebCore::HTMLTrackElement::isDefault):
1816         (WebCore::HTMLTrackElement::ensureTrack):
1817         (WebCore::HTMLTrackElement::loadTimerFired):
1818         * html/MediaElementSession.cpp:
1819         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
1820         (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
1821         (WebCore::MediaElementSession::allowsAutomaticMediaDataLoading):
1822         * html/SearchInputType.cpp:
1823         (WebCore::SearchInputType::searchEventsShouldBeDispatched):
1824         (WebCore::SearchInputType::didSetValueByUserEdit):
1825         * inspector/InspectorDOMAgent.cpp:
1826         (WebCore::InspectorDOMAgent::buildObjectForNode):
1827         * loader/FrameLoader.cpp:
1828         (WebCore::FrameLoader::shouldTreatURLAsSrcdocDocument):
1829         (WebCore::FrameLoader::findFrameForNavigation):
1830         * loader/ImageLoader.cpp:
1831         (WebCore::ImageLoader::notifyFinished):
1832         * mathml/MathMLSelectElement.cpp:
1833         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
1834         * rendering/RenderTableCell.cpp:
1835         (WebCore::RenderTableCell::computePreferredLogicalWidths):
1836         * rendering/RenderThemeIOS.mm:
1837         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
1838         * rendering/SimpleLineLayout.cpp:
1839         (WebCore::SimpleLineLayout::canUseForWithReason):
1840         * rendering/svg/RenderSVGResourceClipper.cpp:
1841         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
1842         * svg/SVGAnimateMotionElement.cpp:
1843         (WebCore::SVGAnimateMotionElement::updateAnimationPath):
1844         * svg/SVGAnimationElement.cpp:
1845         (WebCore::SVGAnimationElement::startedActiveInterval):
1846         (WebCore::SVGAnimationElement::updateAnimation):
1847         * svg/animation/SVGSMILElement.cpp:
1848         (WebCore::SVGSMILElement::insertedInto):
1849
1850 2016-07-17  Brady Eidson  <beidson@apple.com>
1851
1852         Exceptions logged to the JS console should use toString().
1853         https://bugs.webkit.org/show_bug.cgi?id=159855
1854
1855         Reviewed by Darin Adler.
1856
1857         No new tests (No change in behavior).
1858
1859         * bindings/js/JSDOMBinding.cpp:
1860         (WebCore::reportException):
1861
1862         * dom/DOMCoreException.h:
1863         (WebCore::DOMCoreException::DOMCoreException):
1864
1865         * dom/ExceptionBase.cpp:
1866         (WebCore::ExceptionBase::ExceptionBase):
1867         (WebCore::ExceptionBase::toString):
1868         (WebCore::ExceptionBase::consoleErrorMessage): Deleted.
1869         * dom/ExceptionBase.h:
1870         (WebCore::ExceptionBase::description): Deleted.
1871
1872         * svg/SVGException.h:
1873
1874         * xml/XPathException.h:
1875         (WebCore::XPathException::XPathException):
1876
1877 2016-07-17  Brady Eidson  <beidson@apple.com>
1878
1879         Update DOMCoreException to use the description in toString().
1880         https://bugs.webkit.org/show_bug.cgi?id=159857
1881
1882         Reviewed by Darin Adler.
1883
1884         No new tests (Covered by changes to existing tests).
1885
1886         * bindings/js/JSDOMBinding.cpp:
1887         (WebCore::createDOMException):
1888
1889         * dom/DOMCoreException.h:
1890         (WebCore::DOMCoreException::DOMCoreException):
1891         (WebCore::DOMCoreException::createWithDescriptionAsMessage): Deleted.
1892
1893 2016-07-17  Myles C. Maxfield  <mmaxfield@apple.com>
1894
1895         Support new emoji group candidates
1896         https://bugs.webkit.org/show_bug.cgi?id=159755
1897         <rdar://problem/27325521>
1898
1899         Reviewed by Dean Jackson.
1900
1901         There are a few code points which should be able to be joined (with ZWJ) to
1902         either U+2640 or U+2642 to change the gender of the emoji. These patterns
1903         should also work with an additional 0xFE0F variation selector. This patch
1904         adds these new patterns to our existing emoji group candidate infrastructure.
1905
1906         Tests: fast/text/emoji-gender-2-3.html
1907                fast/text/emoji-gender-2-4.html
1908                fast/text/emoji-gender-2-5.html
1909                fast/text/emoji-gender-2-6.html
1910                fast/text/emoji-gender-2-7.html
1911                fast/text/emoji-gender-2-8.html
1912                fast/text/emoji-gender-2-9.html
1913                fast/text/emoji-gender-2.html
1914                fast/text/emoji-gender-3.html
1915                fast/text/emoji-gender-4.html
1916                fast/text/emoji-gender-5.html
1917                fast/text/emoji-gender-6.html
1918                fast/text/emoji-gender-7.html
1919                fast/text/emoji-gender-8.html
1920                fast/text/emoji-gender-9.html
1921                fast/text/emoji-gender-fe0f-3.html
1922                fast/text/emoji-gender-fe0f-4.html
1923                fast/text/emoji-gender-fe0f-5.html
1924                fast/text/emoji-gender-fe0f-6.html
1925                fast/text/emoji-gender-fe0f-7.html
1926                fast/text/emoji-gender-fe0f-8.html
1927                fast/text/emoji-gender-fe0f-9.html
1928                fast/text/emoji-gender.html
1929                fast/text/emoji-num-glyphs.html
1930                fast/text/emoji-single-parent-family-2.html
1931                fast/text/emoji-single-parent-family.html
1932
1933         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
1934         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
1935         * platform/graphics/FontCascade.cpp:
1936         (WebCore::FontCascade::characterRangeCodePath):
1937         * platform/text/CharacterProperties.h:
1938         (WebCore::isEmojiGroupCandidate):
1939
1940 2016-07-16  Brady Eidson  <beidson@apple.com>
1941
1942         Update SVGException to use the description in toString().
1943         https://bugs.webkit.org/show_bug.cgi?id=159847
1944
1945         Reviewed by Darin Adler.
1946
1947         No new tests (Covered by changes to existing tests).
1948
1949         * bindings/js/JSDOMBinding.cpp:
1950         (WebCore::reportException): use consoleErrorMessage for now.
1951
1952         * dom/ExceptionBase.cpp:
1953         (WebCore::ExceptionBase::consoleErrorMessage):
1954         * dom/ExceptionBase.h:
1955
1956         * svg/SVGException.h:
1957
1958 2016-07-16  Chris Dumez  <cdumez@apple.com>
1959
1960         Use fastHasAttribute() when possible
1961         https://bugs.webkit.org/show_bug.cgi?id=159838
1962
1963         Reviewed by Ryosuke Niwa.
1964
1965         Use fastHasAttribute() when possible, for performance.
1966
1967         * editing/DeleteSelectionCommand.cpp:
1968         (WebCore::DeleteSelectionCommand::makeStylingElementsDirectChildrenOfEditableRootToPreventStyleLoss):
1969         * editing/markup.cpp:
1970         (WebCore::createMarkupInternal):
1971         * html/HTMLAnchorElement.cpp:
1972         (WebCore::HTMLAnchorElement::draggable):
1973         * html/HTMLFrameElementBase.cpp:
1974         (WebCore::HTMLFrameElementBase::parseAttribute):
1975         * mathml/MathMLSelectElement.cpp:
1976         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
1977         * rendering/RenderThemeIOS.mm:
1978         (WebCore::RenderThemeIOS::adjustMenuListButtonStyle):
1979
1980 2016-07-16  Ryosuke Niwa  <rniwa@webkit.org>
1981
1982         Rename fastGetAttribute to attributeWithoutSynchronization
1983         https://bugs.webkit.org/show_bug.cgi?id=159852
1984
1985         Reviewed by Darin Adler.
1986
1987         Renamed fastGetAttribute to attributeWithoutSynchronization for clarity.
1988
1989         * accessibility/AXObjectCache.cpp:
1990         (WebCore::AXObjectCache::findAriaModalNodes):
1991         (WebCore::nodeHasRole):
1992         (WebCore::AXObjectCache::handleLiveRegionCreated):
1993         (WebCore::AXObjectCache::handleMenuItemSelected):
1994         (WebCore::AXObjectCache::handleAriaModalChange):
1995         (WebCore::isNodeAriaVisible):
1996         * accessibility/AccessibilityNodeObject.cpp:
1997         (WebCore::siblingWithAriaRole):
1998         (WebCore::AccessibilityNodeObject::titleElementText):
1999         (WebCore::AccessibilityNodeObject::alternativeTextForWebArea):
2000         (WebCore::AccessibilityNodeObject::hierarchicalLevel):
2001         (WebCore::AccessibilityNodeObject::stringValue):
2002         (WebCore::accessibleNameForNode):
2003         * accessibility/AccessibilityObject.cpp:
2004         (WebCore::AccessibilityObject::contentEditableAttributeIsEnabled):
2005         (WebCore::AccessibilityObject::getAttribute):
2006         * accessibility/AccessibilityRenderObject.cpp:
2007         (WebCore::AccessibilityRenderObject::stringValue):
2008         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
2009         * accessibility/AccessibilitySVGElement.cpp:
2010         (WebCore::AccessibilitySVGElement::childElementWithMatchingLanguage):
2011         (WebCore::AccessibilitySVGElement::accessibilityDescription):
2012         * bindings/objc/DOM.mm:
2013         (-[DOMHTMLLinkElement _mediaQueryMatches]):
2014         * bindings/scripts/CodeGenerator.pm:
2015         (GetterExpression):
2016         * bindings/scripts/CodeGeneratorObjC.pm:
2017         (GenerateImplementation):
2018         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2019         * bindings/scripts/test/JS/JSTestObj.cpp:
2020         (WebCore::jsTestObjReflectedStringAttr):
2021         * dom/AuthorStyleSheets.cpp:
2022         (WebCore::AuthorStyleSheets::collectActiveStyleSheets):
2023         * dom/Document.cpp:
2024         (WebCore::Document::buildAccessKeyMap):
2025         (WebCore::Document::processBaseElement):
2026         * dom/DocumentOrderedMap.cpp:
2027         (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
2028         * dom/Element.cpp:
2029         (WebCore::Element::imageSourceURL):
2030         (WebCore::Element::rendererIsNeeded):
2031         (WebCore::Element::insertedInto):
2032         (WebCore::Element::removedFrom):
2033         (WebCore::Element::pseudo):
2034         (WebCore::Element::setPseudo):
2035         (WebCore::Element::spellcheckAttributeState):
2036         (WebCore::Element::canContainRangeEndPoint):
2037         (WebCore::Element::completeURLsInAttributeValue):
2038         * dom/Element.h:
2039         (WebCore::Element::fastHasAttribute):
2040         (WebCore::Element::attributeWithoutSynchronization):
2041         (WebCore::Element::fastGetAttribute): Deleted.
2042         * dom/InlineStyleSheetOwner.cpp:
2043         (WebCore::InlineStyleSheetOwner::createSheet):
2044         * dom/ScriptElement.cpp:
2045         (WebCore::ScriptElement::requestScript):
2046         (WebCore::ScriptElement::executeScript):
2047         * dom/SlotAssignment.cpp:
2048         (WebCore::slotNameFromSlotAttribute):
2049         (WebCore::SlotAssignment::SlotAssignment):
2050         (WebCore::recursivelyFireSlotChangeEvent):
2051         (WebCore::SlotAssignment::didChangeSlot):
2052         (WebCore::SlotAssignment::hostChildElementDidChange):
2053         (WebCore::SlotAssignment::assignedNodesForSlot):
2054         (WebCore::SlotAssignment::resolveAllSlotElements):
2055         * dom/TreeScope.cpp:
2056         (WebCore::TreeScope::labelElementForId):
2057         * dom/VisitedLinkState.cpp:
2058         (WebCore::linkAttribute):
2059         * editing/ApplyStyleCommand.cpp:
2060         (WebCore::isLegacyAppleStyleSpan):
2061         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
2062         * editing/EditingStyle.cpp:
2063         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
2064         * editing/ReplaceSelectionCommand.cpp:
2065         (WebCore::isInterchangeNewlineNode):
2066         (WebCore::isInterchangeConvertedSpaceSpan):
2067         (WebCore::positionAvoidingPrecedingNodes):
2068         (WebCore::isMailPasteAsQuotationNode):
2069         (WebCore::isHeaderElement):
2070         (WebCore::isInlineNodeWithStyle):
2071         * editing/TextIterator.cpp:
2072         (WebCore::isRendererReplacedElement):
2073         * editing/cocoa/DataDetection.mm:
2074         (WebCore::DataDetection::isDataDetectorLink):
2075         (WebCore::DataDetection::requiresExtendedContext):
2076         (WebCore::DataDetection::dataDetectorIdentifier):
2077         (WebCore::DataDetection::shouldCancelDefaultAction):
2078         (WebCore::removeResultLinksFromAnchor):
2079         (WebCore::searchForLinkRemovingExistingDDLinks):
2080         * editing/gtk/EditorGtk.cpp:
2081         (WebCore::elementURL):
2082         * editing/htmlediting.cpp:
2083         (WebCore::isTabSpanNode):
2084         (WebCore::isTabSpanTextNode):
2085         (WebCore::isMailBlockquote):
2086         (WebCore::caretMinOffset):
2087         * editing/markup.cpp:
2088         (WebCore::createFragmentFromMarkup):
2089         * html/Autofill.cpp:
2090         (WebCore::AutofillData::createFromHTMLFormControlElement):
2091         * html/BaseTextInputType.cpp:
2092         (WebCore::BaseTextInputType::patternMismatch):
2093         * html/DateInputType.cpp:
2094         (WebCore::DateInputType::createStepRange):
2095         * html/DateTimeInputType.cpp:
2096         (WebCore::DateTimeInputType::createStepRange):
2097         * html/DateTimeLocalInputType.cpp:
2098         (WebCore::DateTimeLocalInputType::createStepRange):
2099         * html/FormAssociatedElement.cpp:
2100         (WebCore::FormAssociatedElement::findAssociatedForm):
2101         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver):
2102         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
2103         * html/HTMLAnchorElement.cpp:
2104         (WebCore::HTMLAnchorElement::draggable):
2105         (WebCore::HTMLAnchorElement::href):
2106         (WebCore::HTMLAnchorElement::setHref):
2107         (WebCore::HTMLAnchorElement::target):
2108         (WebCore::HTMLAnchorElement::origin):
2109         (WebCore::HTMLAnchorElement::sendPings):
2110         (WebCore::HTMLAnchorElement::handleClick):
2111         * html/HTMLAnchorElement.h:
2112         (WebCore::HTMLAnchorElement::visitedLinkHash):
2113         * html/HTMLAppletElement.cpp:
2114         (WebCore::HTMLAppletElement::updateWidget):
2115         * html/HTMLAreaElement.cpp:
2116         (WebCore::HTMLAreaElement::target):
2117         * html/HTMLAttachmentElement.cpp:
2118         (WebCore::HTMLAttachmentElement::attachmentTitle):
2119         (WebCore::HTMLAttachmentElement::attachmentType):
2120         * html/HTMLBaseElement.cpp:
2121         (WebCore::HTMLBaseElement::target):
2122         (WebCore::HTMLBaseElement::href):
2123         * html/HTMLBodyElement.cpp:
2124         (WebCore::HTMLBodyElement::addSubresourceAttributeURLs):
2125         * html/HTMLButtonElement.cpp:
2126         (WebCore::HTMLButtonElement::value):
2127         (WebCore::HTMLButtonElement::computeWillValidate):
2128         * html/HTMLCanvasElement.cpp:
2129         (WebCore::HTMLCanvasElement::reset):
2130         * html/HTMLDocument.cpp:
2131         (WebCore::HTMLDocument::bgColor):
2132         (WebCore::HTMLDocument::setBgColor):
2133         (WebCore::HTMLDocument::fgColor):
2134         (WebCore::HTMLDocument::setFgColor):
2135         (WebCore::HTMLDocument::alinkColor):
2136         (WebCore::HTMLDocument::setAlinkColor):
2137         (WebCore::HTMLDocument::linkColor):
2138         (WebCore::HTMLDocument::setLinkColor):
2139         (WebCore::HTMLDocument::vlinkColor):
2140         (WebCore::HTMLDocument::setVlinkColor):
2141         * html/HTMLElement.cpp:
2142         (WebCore::contentEditableType):
2143         (WebCore::HTMLElement::collectStyleForPresentationAttribute):
2144         (WebCore::HTMLElement::dir):
2145         (WebCore::HTMLElement::setDir):
2146         (WebCore::HTMLElement::draggable):
2147         (WebCore::HTMLElement::setDraggable):
2148         (WebCore::HTMLElement::title):
2149         (WebCore::HTMLElement::tabIndex):
2150         (WebCore::HTMLElement::translateAttributeMode):
2151         (WebCore::HTMLElement::hasDirectionAuto):
2152         (WebCore::HTMLElement::directionality):
2153         * html/HTMLEmbedElement.cpp:
2154         (WebCore::HTMLEmbedElement::imageSourceURL):
2155         (WebCore::HTMLEmbedElement::addSubresourceAttributeURLs):
2156         * html/HTMLFormControlElement.cpp:
2157         (WebCore::HTMLFormControlElement::formEnctype):
2158         (WebCore::HTMLFormControlElement::formMethod):
2159         (WebCore::HTMLFormControlElement::formAction):
2160         (WebCore::HTMLFormControlElement::autocorrect):
2161         (WebCore::HTMLFormControlElement::autocapitalizeType):
2162         * html/HTMLFormElement.cpp:
2163         (WebCore::HTMLFormElement::autocorrect):
2164         (WebCore::HTMLFormElement::autocapitalizeType):
2165         (WebCore::HTMLFormElement::autocapitalize):
2166         (WebCore::HTMLFormElement::action):
2167         (WebCore::HTMLFormElement::setAction):
2168         (WebCore::HTMLFormElement::target):
2169         (WebCore::HTMLFormElement::wasUserSubmitted):
2170         (WebCore::HTMLFormElement::shouldAutocomplete):
2171         (WebCore::HTMLFormElement::finishParsingChildren):
2172         (WebCore::HTMLFormElement::autocomplete):
2173         * html/HTMLFrameElementBase.cpp:
2174         (WebCore::HTMLFrameElementBase::location):
2175         (WebCore::HTMLFrameElementBase::setLocation):
2176         * html/HTMLHtmlElement.cpp:
2177         (WebCore::HTMLHtmlElement::insertedByParser):
2178         * html/HTMLImageElement.cpp:
2179         (WebCore::HTMLImageElement::imageSourceURL):
2180         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
2181         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
2182         (WebCore::HTMLImageElement::selectImageSource):
2183         (WebCore::HTMLImageElement::altText):
2184         (WebCore::HTMLImageElement::createElementRenderer):
2185         (WebCore::HTMLImageElement::width):
2186         (WebCore::HTMLImageElement::height):
2187         (WebCore::HTMLImageElement::alt):
2188         (WebCore::HTMLImageElement::draggable):
2189         (WebCore::HTMLImageElement::setHeight):
2190         (WebCore::HTMLImageElement::src):
2191         (WebCore::HTMLImageElement::setSrc):
2192         (WebCore::HTMLImageElement::addSubresourceAttributeURLs):
2193         (WebCore::HTMLImageElement::didMoveToNewDocument):
2194         (WebCore::HTMLImageElement::isServerMap):
2195         (WebCore::HTMLImageElement::crossOrigin):
2196         * html/HTMLInputElement.cpp:
2197         (WebCore::HTMLInputElement::updateType):
2198         (WebCore::HTMLInputElement::initializeInputType):
2199         (WebCore::HTMLInputElement::altText):
2200         (WebCore::HTMLInputElement::value):
2201         (WebCore::HTMLInputElement::defaultValue):
2202         (WebCore::HTMLInputElement::setDefaultValue):
2203         (WebCore::HTMLInputElement::acceptMIMETypes):
2204         (WebCore::HTMLInputElement::acceptFileExtensions):
2205         (WebCore::HTMLInputElement::accept):
2206         (WebCore::HTMLInputElement::alt):
2207         (WebCore::HTMLInputElement::effectiveMaxLength):
2208         (WebCore::HTMLInputElement::src):
2209         (WebCore::HTMLInputElement::setAutoFilled):
2210         (WebCore::HTMLInputElement::dataList):
2211         (WebCore::HTMLInputElement::resetListAttributeTargetObserver):
2212         * html/HTMLKeygenElement.cpp:
2213         (WebCore::HTMLKeygenElement::isKeytypeRSA):
2214         (WebCore::HTMLKeygenElement::appendFormData):
2215         * html/HTMLLIElement.cpp:
2216         (WebCore::HTMLLIElement::didAttachRenderers):
2217         (WebCore::HTMLLIElement::parseValue):
2218         * html/HTMLLabelElement.cpp:
2219         (WebCore::HTMLLabelElement::control):
2220         * html/HTMLLinkElement.cpp:
2221         (WebCore::HTMLLinkElement::crossOrigin):
2222         (WebCore::HTMLLinkElement::process):
2223         (WebCore::HTMLLinkElement::href):
2224         (WebCore::HTMLLinkElement::rel):
2225         (WebCore::HTMLLinkElement::target):
2226         (WebCore::HTMLLinkElement::type):
2227         (WebCore::HTMLLinkElement::iconType):
2228         * html/HTMLMarqueeElement.cpp:
2229         (WebCore::HTMLMarqueeElement::scrollAmount):
2230         (WebCore::HTMLMarqueeElement::setScrollAmount):
2231         (WebCore::HTMLMarqueeElement::scrollDelay):
2232         (WebCore::HTMLMarqueeElement::setScrollDelay):
2233         (WebCore::HTMLMarqueeElement::loop):
2234         * html/HTMLMediaElement.cpp:
2235         (WebCore::HTMLMediaElement::insertedInto):
2236         (WebCore::HTMLMediaElement::crossOrigin):
2237         (WebCore::HTMLMediaElement::networkState):
2238         (WebCore::HTMLMediaElement::mediaSessionTitle):
2239         (WebCore::HTMLMediaElement::doesHaveAttribute):
2240         * html/HTMLMetaElement.cpp:
2241         (WebCore::HTMLMetaElement::process):
2242         (WebCore::HTMLMetaElement::content):
2243         (WebCore::HTMLMetaElement::httpEquiv):
2244         (WebCore::HTMLMetaElement::name):
2245         * html/HTMLMeterElement.cpp:
2246         (WebCore::HTMLMeterElement::min):
2247         (WebCore::HTMLMeterElement::setMin):
2248         (WebCore::HTMLMeterElement::max):
2249         (WebCore::HTMLMeterElement::setMax):
2250         (WebCore::HTMLMeterElement::value):
2251         (WebCore::HTMLMeterElement::low):
2252         (WebCore::HTMLMeterElement::high):
2253         (WebCore::HTMLMeterElement::optimum):
2254         * html/HTMLObjectElement.cpp:
2255         (WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk):
2256         (WebCore::HTMLObjectElement::hasValidClassId):
2257         (WebCore::HTMLObjectElement::imageSourceURL):
2258         (WebCore::HTMLObjectElement::renderFallbackContent):
2259         (WebCore::HTMLObjectElement::containsJavaApplet):
2260         (WebCore::HTMLObjectElement::addSubresourceAttributeURLs):
2261         * html/HTMLOptGroupElement.cpp:
2262         (WebCore::HTMLOptGroupElement::groupLabelText):
2263         * html/HTMLOptionElement.cpp:
2264         (WebCore::HTMLOptionElement::value):
2265         (WebCore::HTMLOptionElement::label):
2266         * html/HTMLParamElement.cpp:
2267         (WebCore::HTMLParamElement::value):
2268         (WebCore::HTMLParamElement::isURLParameter):
2269         * html/HTMLProgressElement.cpp:
2270         (WebCore::HTMLProgressElement::value):
2271         (WebCore::HTMLProgressElement::max):
2272         * html/HTMLScriptElement.cpp:
2273         (WebCore::HTMLScriptElement::crossOrigin):
2274         (WebCore::HTMLScriptElement::src):
2275         (WebCore::HTMLScriptElement::sourceAttributeValue):
2276         (WebCore::HTMLScriptElement::charsetAttributeValue):
2277         (WebCore::HTMLScriptElement::typeAttributeValue):
2278         (WebCore::HTMLScriptElement::languageAttributeValue):
2279         (WebCore::HTMLScriptElement::forAttributeValue):
2280         (WebCore::HTMLScriptElement::eventAttributeValue):
2281         (WebCore::HTMLScriptElement::asyncAttributeValue):
2282         * html/HTMLSlotElement.cpp:
2283         (WebCore::HTMLSlotElement::insertedInto):
2284         (WebCore::HTMLSlotElement::removedFrom):
2285         * html/HTMLSourceElement.cpp:
2286         (WebCore::HTMLSourceElement::media):
2287         (WebCore::HTMLSourceElement::setMedia):
2288         (WebCore::HTMLSourceElement::type):
2289         (WebCore::HTMLSourceElement::setType):
2290         * html/HTMLTableCellElement.cpp:
2291         (WebCore::HTMLTableCellElement::colSpanForBindings):
2292         (WebCore::HTMLTableCellElement::rowSpan):
2293         (WebCore::HTMLTableCellElement::rowSpanForBindings):
2294         (WebCore::HTMLTableCellElement::cellIndex):
2295         (WebCore::HTMLTableCellElement::abbr):
2296         (WebCore::HTMLTableCellElement::axis):
2297         (WebCore::HTMLTableCellElement::setColSpanForBindings):
2298         (WebCore::HTMLTableCellElement::headers):
2299         (WebCore::HTMLTableCellElement::setRowSpanForBindings):
2300         (WebCore::HTMLTableCellElement::scope):
2301         (WebCore::HTMLTableCellElement::addSubresourceAttributeURLs):
2302         (WebCore::HTMLTableCellElement::cellAbove):
2303         * html/HTMLTableColElement.cpp:
2304         (WebCore::HTMLTableColElement::width):
2305         * html/HTMLTableElement.cpp:
2306         (WebCore::HTMLTableElement::rules):
2307         (WebCore::HTMLTableElement::summary):
2308         (WebCore::HTMLTableElement::addSubresourceAttributeURLs):
2309         * html/HTMLTableSectionElement.cpp:
2310         (WebCore::HTMLTableSectionElement::align):
2311         (WebCore::HTMLTableSectionElement::setAlign):
2312         (WebCore::HTMLTableSectionElement::ch):
2313         (WebCore::HTMLTableSectionElement::setCh):
2314         (WebCore::HTMLTableSectionElement::chOff):
2315         (WebCore::HTMLTableSectionElement::setChOff):
2316         (WebCore::HTMLTableSectionElement::vAlign):
2317         (WebCore::HTMLTableSectionElement::setVAlign):
2318         * html/HTMLTextAreaElement.cpp:
2319         (WebCore::HTMLTextAreaElement::appendFormData):
2320         * html/HTMLTextFormControlElement.cpp:
2321         (WebCore::HTMLTextFormControlElement::strippedPlaceholder):
2322         (WebCore::HTMLTextFormControlElement::isPlaceholderEmpty):
2323         (WebCore::HTMLTextFormControlElement::directionForFormData):
2324         * html/HTMLTrackElement.cpp:
2325         (WebCore::HTMLTrackElement::srclang):
2326         (WebCore::HTMLTrackElement::label):
2327         (WebCore::HTMLTrackElement::isDefault):
2328         (WebCore::HTMLTrackElement::ensureTrack):
2329         (WebCore::HTMLTrackElement::mediaElementCrossOriginAttribute):
2330         * html/HTMLVideoElement.cpp:
2331         (WebCore::HTMLVideoElement::parseAttribute):
2332         (WebCore::HTMLVideoElement::imageSourceURL):
2333         * html/ImageInputType.cpp:
2334         (WebCore::ImageInputType::height):
2335         (WebCore::ImageInputType::width):
2336         * html/InputType.cpp:
2337         (WebCore::InputType::applyStep):
2338         * html/MediaElementSession.cpp:
2339         (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
2340         * html/MonthInputType.cpp:
2341         (WebCore::MonthInputType::createStepRange):
2342         * html/NumberInputType.cpp:
2343         (WebCore::NumberInputType::createStepRange):
2344         (WebCore::NumberInputType::sizeShouldIncludeDecoration):
2345         * html/RangeInputType.cpp:
2346         (WebCore::RangeInputType::createStepRange):
2347         (WebCore::RangeInputType::handleKeydownEvent):
2348         * html/TextFieldInputType.cpp:
2349         (WebCore::TextFieldInputType::appendFormData):
2350         (WebCore::TextFieldInputType::updateAutoFillButton):
2351         * html/TimeInputType.cpp:
2352         (WebCore::TimeInputType::createStepRange):
2353         * html/ValidationMessage.cpp:
2354         (WebCore::ValidationMessage::updateValidationMessage):
2355         * html/WeekInputType.cpp:
2356         (WebCore::WeekInputType::createStepRange):
2357         * html/track/WebVTTElement.cpp:
2358         (WebCore::WebVTTElement::createEquivalentHTMLElement):
2359         * inspector/InspectorPageAgent.cpp:
2360         (WebCore::InspectorPageAgent::buildObjectForFrame):
2361         * loader/FormSubmission.cpp:
2362         (WebCore::FormSubmission::create):
2363         * loader/FrameLoader.cpp:
2364         (WebCore::FrameLoader::defaultSubstituteDataForURL):
2365         * loader/ImageLoader.cpp:
2366         (WebCore::ImageLoader::updateFromElement):
2367         * loader/SubframeLoader.cpp:
2368         (WebCore::SubframeLoader::isPluginContentAllowedByContentSecurityPolicy):
2369         * mathml/MathMLElement.cpp:
2370         (WebCore::MathMLElement::colSpan):
2371         (WebCore::MathMLElement::rowSpan):
2372         (WebCore::MathMLElement::childShouldCreateRenderer):
2373         (WebCore::MathMLElement::defaultEventHandler):
2374         (WebCore::MathMLElement::cachedMathMLLength):
2375         * mathml/MathMLFractionElement.cpp:
2376         (WebCore::MathMLFractionElement::lineThickness):
2377         (WebCore::MathMLFractionElement::cachedFractionAlignment):
2378         * mathml/MathMLSelectElement.cpp:
2379         (WebCore::MathMLSelectElement::getSelectedActionChildAndIndex):
2380         (WebCore::MathMLSelectElement::getSelectedActionChild):
2381         (WebCore::MathMLSelectElement::getSelectedSemanticsChild):
2382         (WebCore::MathMLSelectElement::defaultEventHandler):
2383         (WebCore::MathMLSelectElement::willRespondToMouseClickEvents):
2384         (WebCore::MathMLSelectElement::toggle):
2385         * page/EventHandler.cpp:
2386         (WebCore::findDropZone):
2387         * page/Frame.cpp:
2388         (WebCore::Frame::matchLabelsAgainstElement):
2389         * page/PageSerializer.cpp:
2390         (WebCore::PageSerializer::serializeFrame):
2391         * platform/win/PasteboardWin.cpp:
2392         (WebCore::Pasteboard::writeImageToDataObject):
2393         * rendering/HitTestResult.cpp:
2394         (WebCore::HitTestResult::altDisplayString):
2395         * rendering/RenderDetailsMarker.cpp:
2396         (WebCore::RenderDetailsMarker::isOpen):
2397         * rendering/RenderImage.cpp:
2398         (WebCore::RenderImage::imageMap):
2399         (WebCore::RenderImage::nodeAtPoint):
2400         * rendering/RenderMenuList.cpp:
2401         (RenderMenuList::itemAccessibilityText):
2402         (RenderMenuList::itemToolTip):
2403         * rendering/RenderSearchField.cpp:
2404         (WebCore::RenderSearchField::autosaveName):
2405         * rendering/RenderThemeIOS.mm:
2406         (WebCore::getAttachmentProgress):
2407         (WebCore::AttachmentInfo::AttachmentInfo):
2408         * rendering/RenderThemeMac.mm:
2409         (WebCore::AttachmentLayout::layOutSubtitle):
2410         (WebCore::RenderThemeMac::paintAttachment):
2411         * rendering/mathml/MathMLStyle.cpp:
2412         (WebCore::MathMLStyle::resolveMathMLStyle):
2413         * rendering/mathml/RenderMathMLFenced.cpp:
2414         (WebCore::RenderMathMLFenced::updateFromElement):
2415         * rendering/mathml/RenderMathMLOperator.cpp:
2416         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttribute):
2417         (WebCore::RenderMathMLOperator::setOperatorFlagFromAttributeValue):
2418         (WebCore::RenderMathMLOperator::setOperatorProperties):
2419         * rendering/mathml/RenderMathMLScripts.cpp:
2420         (WebCore::RenderMathMLScripts::getScriptMetricsAndLayoutIfNeeded):
2421         * rendering/mathml/RenderMathMLUnderOver.cpp:
2422         (WebCore::RenderMathMLUnderOver::hasAccent):
2423         * style/StyleSharingResolver.cpp:
2424         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2425         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
2426         * svg/SVGAElement.cpp:
2427         (WebCore::SVGAElement::title):
2428         (WebCore::SVGAElement::defaultEventHandler):
2429         * svg/SVGAltGlyphElement.cpp:
2430         (WebCore::SVGAltGlyphElement::glyphRef):
2431         (WebCore::SVGAltGlyphElement::setFormat):
2432         (WebCore::SVGAltGlyphElement::format):
2433         (WebCore::SVGAltGlyphElement::childShouldCreateRenderer):
2434         * svg/SVGAnimationElement.cpp:
2435         (WebCore::SVGAnimationElement::toValue):
2436         (WebCore::SVGAnimationElement::byValue):
2437         (WebCore::SVGAnimationElement::fromValue):
2438         (WebCore::SVGAnimationElement::isAdditive):
2439         (WebCore::SVGAnimationElement::isAccumulated):
2440         * svg/SVGElement.cpp:
2441         (WebCore::SVGElement::xmlbase):
2442         (WebCore::SVGElement::setXmlbase):
2443         * svg/SVGFontFaceElement.cpp:
2444         (WebCore::SVGFontFaceElement::unitsPerEm):
2445         (WebCore::SVGFontFaceElement::xHeight):
2446         (WebCore::SVGFontFaceElement::capHeight):
2447         (WebCore::SVGFontFaceElement::horizontalOriginX):
2448         (WebCore::SVGFontFaceElement::horizontalOriginY):
2449         (WebCore::SVGFontFaceElement::horizontalAdvanceX):
2450         (WebCore::SVGFontFaceElement::verticalOriginX):
2451         (WebCore::SVGFontFaceElement::verticalOriginY):
2452         (WebCore::SVGFontFaceElement::verticalAdvanceY):
2453         (WebCore::SVGFontFaceElement::ascent):
2454         (WebCore::SVGFontFaceElement::descent):
2455         * svg/SVGFontFaceNameElement.cpp:
2456         (WebCore::SVGFontFaceNameElement::srcValue):
2457         * svg/SVGFontFaceUriElement.cpp:
2458         (WebCore::SVGFontFaceUriElement::srcValue):
2459         * svg/SVGGlyphRefElement.cpp:
2460         (WebCore::SVGGlyphRefElement::glyphRef):
2461         (WebCore::SVGGlyphRefElement::setGlyphRef):
2462         * svg/SVGHKernElement.cpp:
2463         (WebCore::SVGHKernElement::buildHorizontalKerningPair):
2464         * svg/SVGSVGElement.cpp:
2465         (WebCore::SVGSVGElement::contentScriptType):
2466         (WebCore::SVGSVGElement::contentStyleType):
2467         * svg/SVGStyleElement.cpp:
2468         (WebCore::SVGStyleElement::media):
2469         (WebCore::SVGStyleElement::title):
2470         (WebCore::SVGStyleElement::setTitle):
2471         * svg/SVGToOTFFontConversion.cpp:
2472         (WebCore::SVGToOTFFontConverter::appendOS2Table):
2473         (WebCore::SVGToOTFFontConverter::appendCFFTable):
2474         (WebCore::SVGToOTFFontConverter::appendArabicReplacementSubtable):
2475         (WebCore::SVGToOTFFontConverter::appendVORGTable):
2476         (WebCore::SVGToOTFFontConverter::transcodeGlyphPaths):
2477         (WebCore::SVGToOTFFontConverter::processGlyphElement):
2478         (WebCore::SVGToOTFFontConverter::compareCodepointsLexicographically):
2479         (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):
2480         * svg/SVGVKernElement.cpp:
2481         (WebCore::SVGVKernElement::buildVerticalKerningPair):
2482         * svg/animation/SVGSMILElement.cpp:
2483         (WebCore::SVGSMILElement::insertedInto):
2484         (WebCore::SVGSMILElement::parseAttribute):
2485         (WebCore::SVGSMILElement::svgAttributeChanged):
2486         (WebCore::SVGSMILElement::restart):
2487         (WebCore::SVGSMILElement::fill):
2488         (WebCore::SVGSMILElement::dur):
2489         (WebCore::SVGSMILElement::repeatDur):
2490         (WebCore::SVGSMILElement::repeatCount):
2491         (WebCore::SVGSMILElement::maxValue):
2492         (WebCore::SVGSMILElement::minValue):
2493
2494 2016-07-16  Carlos Garcia Campos  <cgarcia@igalia.com>
2495
2496         ASSERTION FAILED: isMainThread() in ~UniqueIDBDatabase() since r201997
2497         https://bugs.webkit.org/show_bug.cgi?id=159809
2498
2499         Reviewed by Brady Eidson.
2500
2501         In r201997 the UniqueIDBDatabase was protected in executeNextDatabaseTask() because the last reference could be
2502         removed while the task is performed. However UniqueIDBDatabase is expected to be deleted in the main thread, and
2503         the destructor asserts when not called in the main thread, but executeNextDatabaseTask() is always called on a
2504         secondary thread. So, if the protector contains the last reference, the object is deleted in the secondary thread.
2505
2506         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2507         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask): Use callOnMainThread to ensure the object is
2508         deleted in the main thread in case the protector contains the last reference.
2509
2510 2016-07-15  Chris Dumez  <cdumez@apple.com>
2511
2512         Use emptyString() / nullAtom when possible
2513         https://bugs.webkit.org/show_bug.cgi?id=159850
2514
2515         Reviewed by Ryosuke Niwa.
2516
2517         Use emptyString() / nullAtom when possible, for performance.
2518
2519         * Modules/webaudio/AudioNode.cpp:
2520         (WebCore::AudioNode::channelCountMode):
2521         (WebCore::AudioNode::channelInterpretation):
2522         * Modules/webdatabase/DatabaseTracker.cpp:
2523         (WebCore::DatabaseTracker::tracker):
2524         * Modules/websockets/WebSocket.cpp:
2525         (WebCore::WebSocket::WebSocket):
2526         (WebCore::WebSocket::didConnect):
2527         * Modules/websockets/WebSocketChannel.cpp:
2528         (WebCore::WebSocketChannel::subprotocol):
2529         (WebCore::WebSocketChannel::extensions):
2530         * accessibility/AccessibilityObject.cpp:
2531         (WebCore::AccessibilityObject::supportsPressAction):
2532         * accessibility/mac/AXObjectCacheMac.mm:
2533         (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
2534         * css/CSSPropertySourceData.cpp:
2535         (WebCore::CSSPropertySourceData::CSSPropertySourceData):
2536         * css/PageRuleCollector.cpp:
2537         (WebCore::PageRuleCollector::pageName):
2538         * css/PropertySetCSSStyleDeclaration.cpp:
2539         (WebCore::PropertySetCSSStyleDeclaration::getPropertyPriority):
2540         * dom/DocumentMarkerController.cpp:
2541         (WebCore::DocumentMarkerController::addDictationPhraseWithAlternativesMarker):
2542         * dom/Element.cpp:
2543         (WebCore::Element::setPrefix):
2544         * editing/AlternativeTextController.cpp:
2545         (WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):
2546         (WebCore::AlternativeTextController::markerDescriptionForAppliedAlternativeText):
2547         * editing/CompositeEditCommand.cpp:
2548         (WebCore::CompositeEditCommand::removeNodeAttribute):
2549         (WebCore::CompositeEditCommand::moveParagraphs):
2550         * editing/InsertTextCommand.cpp:
2551         (WebCore::InsertTextCommand::positionInsideTextNode):
2552         * editing/TextCheckingHelper.cpp:
2553         (WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar):
2554         * editing/TypingCommand.cpp:
2555         (WebCore::TypingCommand::deleteSelection):
2556         (WebCore::TypingCommand::deleteKeyPressed):
2557         (WebCore::TypingCommand::forwardDeleteKeyPressed):
2558         (WebCore::TypingCommand::insertLineBreak):
2559         (WebCore::TypingCommand::insertParagraphSeparator):
2560         * editing/cocoa/EditorCocoa.mm:
2561         (WebCore::Editor::styleForSelectionStart):
2562         * editing/mac/EditorMac.mm:
2563         (WebCore::Editor::stringSelectionForPasteboard):
2564         (WebCore::Editor::stringSelectionForPasteboardWithImageAltText):
2565         * fileapi/FileReaderLoader.cpp:
2566         (WebCore::FileReaderLoader::FileReaderLoader):
2567         * html/FileInputType.cpp:
2568         (WebCore::FileInputType::appendFormData):
2569         * html/HTMLMediaElement.cpp:
2570         (WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
2571         * html/HTMLOutputElement.cpp:
2572         (WebCore::HTMLOutputElement::HTMLOutputElement):
2573         * html/SearchInputType.cpp:
2574         (WebCore::SearchInputType::handleKeydownEvent):
2575         * html/TextFieldInputType.cpp:
2576         (WebCore::autoFillButtonTypeToAccessibilityLabel):
2577         * html/canvas/WebGLDebugShaders.cpp:
2578         (WebCore::WebGLDebugShaders::getTranslatedShaderSource):
2579         * html/canvas/WebGLRenderingContextBase.cpp:
2580         (WebCore::WebGLRenderingContextBase::dispatchContextLostEvent):
2581         (WebCore::WebGLRenderingContextBase::maybeRestoreContext):
2582         * html/canvas/WebGLShader.cpp:
2583         (WebCore::WebGLShader::WebGLShader):
2584         * html/shadow/MediaControlElements.cpp:
2585         (WebCore::MediaControlStatusDisplayElement::update):
2586         * html/track/TextTrack.cpp:
2587         (WebCore::TextTrack::captionMenuOffItem):
2588         (WebCore::TextTrack::captionMenuAutomaticItem):
2589         * html/track/VTTRegion.cpp:
2590         (WebCore::VTTRegion::scroll):
2591         * html/track/VTTRegion.h:
2592         * inspector/InspectorDOMAgent.cpp:
2593         (WebCore::InspectorDOMAgent::toErrorString):
2594         (WebCore::InspectorDOMAgent::resolveNode):
2595         (WebCore::InspectorDOMAgent::documentURLString):
2596         (WebCore::documentBaseURLString):
2597         * inspector/InspectorDOMDebuggerAgent.cpp:
2598         (WebCore::domTypeName):
2599         * inspector/InspectorFrontendHost.cpp:
2600         (WebCore::InspectorFrontendHost::localizedStringsURL):
2601         * inspector/InspectorHistory.cpp:
2602         (WebCore::InspectorHistory::Action::mergeId):
2603         * inspector/InspectorPageAgent.cpp:
2604         (WebCore::InspectorPageAgent::reload):
2605         (WebCore::InspectorPageAgent::frameId):
2606         (WebCore::InspectorPageAgent::loaderId):
2607         * inspector/InspectorStyleSheet.cpp:
2608         (WebCore::InspectorStyleSheet::ruleSelector):
2609         * loader/EmptyClients.h:
2610         * loader/FrameLoader.cpp:
2611         (WebCore::FrameLoader::referrer):
2612         * loader/ImageLoader.cpp:
2613         (WebCore::ImageLoader::clearFailedLoadURL):
2614         * loader/ResourceLoader.cpp:
2615         (WebCore::ResourceLoader::didReceiveResponse):
2616         * page/ContextMenuController.cpp:
2617         (WebCore::ContextMenuController::contextMenuItemSelected):
2618         * page/FrameTree.cpp:
2619         (WebCore::FrameTree::setName):
2620         (WebCore::FrameTree::clearName):
2621         * page/Location.cpp:
2622         (WebCore::Location::port):
2623         * platform/network/ProtectionSpaceBase.cpp:
2624         (WebCore::ProtectionSpaceBase::ProtectionSpaceBase):
2625         * xml/parser/XMLDocumentParserLibxml2.cpp:
2626         (WebCore::handleElementAttributes):
2627
2628 2016-07-15  Simon Fraser  <simon.fraser@apple.com>
2629
2630         Repaints rects drawn incorrectly when inspecting a WebView on a Retina display
2631         https://bugs.webkit.org/show_bug.cgi?id=159824
2632         rdar://problem/27376305
2633
2634         Reviewed by Brian Burg.
2635
2636         InspectorOverlayPage.js set up the canvases with a deviceScaleFactor passed into
2637         reset(), which comes from the overlay's m_page.deviceScaleFactor(). However, updatePaintRects()
2638         used window.devicePixelRatio which was always 1.
2639
2640         Fix by setting the deviceScaleFactor on the m_overlayPage.
2641
2642         * inspector/InspectorOverlay.cpp:
2643         (WebCore::InspectorOverlay::overlayPage):
2644
2645 2016-07-15  Myles C. Maxfield  <mmaxfield@apple.com>
2646
2647         [macOS] Work around crash in [NSAttributedString nextWordFromIndex:forward:]
2648         https://bugs.webkit.org/show_bug.cgi?id=159842
2649
2650         Reviewed by Jon Lee.
2651
2652         <rdar://problem/27380532> describes a crash inside [NSAttributedString nextWordFromIndex:forward:].
2653         This must be worked around for https://bugs.webkit.org/show_bug.cgi?id=159755 and
2654         <rdar://problem/27325521>.
2655
2656         * platform/text/mac/TextBoundaries.mm:
2657         (WebCore::findNextWordFromIndex):
2658
2659 2016-07-15  Brady Eidson  <beidson@apple.com>
2660
2661         Update XPathException to use the description in toString().
2662         https://bugs.webkit.org/show_bug.cgi?id=159848
2663
2664         Reviewed by Alex Christensen.
2665
2666         No new tests (Covered by changes to existing tests).
2667
2668         * bindings/js/JSDOMBinding.cpp:
2669         (WebCore::createDOMException):
2670         * xml/XPathException.h:
2671         (WebCore::XPathException::XPathException):
2672
2673 2016-07-15  Brady Eidson  <beidson@apple.com>
2674
2675         Change toString() behavior for exceptions constructed with "createWithDescriptionAsMessage".
2676         https://bugs.webkit.org/show_bug.cgi?id=159839
2677
2678         Reviewed by Alex Christensen.
2679
2680         No new tests (Covered by changes to existing tests).
2681
2682         This is the first step towards extended exception messages for all exception types.
2683
2684         * dom/ExceptionBase.cpp:
2685         (WebCore::ExceptionBase::ExceptionBase):
2686         (WebCore::ExceptionBase::toString):
2687         * dom/ExceptionBase.h:
2688
2689 2016-07-15  Geoffrey Garen  <ggaren@apple.com>
2690
2691         Added a makeRef<T> helper
2692         https://bugs.webkit.org/show_bug.cgi?id=159835
2693
2694         Reviewed by Andreas Kling.
2695
2696         Anders told me to!
2697
2698         * Modules/indexeddb/IDBTransaction.cpp:
2699         (WebCore::IDBTransaction::putOrAddOnServer):
2700         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
2701         (WebCore::InProcessIDBServer::deleteDatabase):
2702         (WebCore::InProcessIDBServer::didDeleteDatabase):
2703         (WebCore::InProcessIDBServer::openDatabase):
2704         (WebCore::InProcessIDBServer::didOpenDatabase):
2705         (WebCore::InProcessIDBServer::didAbortTransaction):
2706         (WebCore::InProcessIDBServer::didCommitTransaction):
2707         (WebCore::InProcessIDBServer::didCreateObjectStore):
2708         (WebCore::InProcessIDBServer::didDeleteObjectStore):
2709         (WebCore::InProcessIDBServer::didClearObjectStore):
2710         (WebCore::InProcessIDBServer::didCreateIndex):
2711         (WebCore::InProcessIDBServer::didDeleteIndex):
2712         (WebCore::InProcessIDBServer::didPutOrAdd):
2713         (WebCore::InProcessIDBServer::didGetRecord):
2714         (WebCore::InProcessIDBServer::didGetCount):
2715         (WebCore::InProcessIDBServer::didDeleteRecord):
2716         (WebCore::InProcessIDBServer::didOpenCursor):
2717         (WebCore::InProcessIDBServer::didIterateCursor):
2718         (WebCore::InProcessIDBServer::abortTransaction):
2719         (WebCore::InProcessIDBServer::commitTransaction):
2720         (WebCore::InProcessIDBServer::didFinishHandlingVersionChangeTransaction):
2721         (WebCore::InProcessIDBServer::createObjectStore):
2722         (WebCore::InProcessIDBServer::deleteObjectStore):
2723         (WebCore::InProcessIDBServer::clearObjectStore):
2724         (WebCore::InProcessIDBServer::createIndex):
2725         (WebCore::InProcessIDBServer::deleteIndex):
2726         (WebCore::InProcessIDBServer::putOrAdd):
2727         (WebCore::InProcessIDBServer::getRecord):
2728         (WebCore::InProcessIDBServer::getCount):
2729         (WebCore::InProcessIDBServer::deleteRecord):
2730         (WebCore::InProcessIDBServer::openCursor):
2731         (WebCore::InProcessIDBServer::iterateCursor):
2732         (WebCore::InProcessIDBServer::establishTransaction):
2733         (WebCore::InProcessIDBServer::fireVersionChangeEvent):
2734         (WebCore::InProcessIDBServer::didStartTransaction):
2735         (WebCore::InProcessIDBServer::didCloseFromServer):
2736         (WebCore::InProcessIDBServer::notifyOpenDBRequestBlocked):
2737         (WebCore::InProcessIDBServer::databaseConnectionClosed):
2738         (WebCore::InProcessIDBServer::abortOpenAndUpgradeNeeded):
2739         (WebCore::InProcessIDBServer::didFireVersionChangeEvent):
2740         (WebCore::InProcessIDBServer::openDBRequestCancelled):
2741         (WebCore::InProcessIDBServer::confirmDidCloseFromServer):
2742         (WebCore::InProcessIDBServer::getAllDatabaseNames):
2743         (WebCore::InProcessIDBServer::didGetAllDatabaseNames):
2744         * Modules/mediastream/MediaDevicesRequest.cpp:
2745         (WebCore::MediaDevicesRequest::didCompleteTrackSourceInfoRequest):
2746         * Modules/mediastream/UserMediaRequest.cpp:
2747         (WebCore::UserMediaRequest::constraintsValidated):
2748         (WebCore::UserMediaRequest::userMediaAccessGranted):
2749         * Modules/webaudio/AudioContext.cpp:
2750         (WebCore::AudioContext::scheduleNodeDeletion):
2751         (WebCore::AudioContext::isPlayingAudioDidChange):
2752         (WebCore::AudioContext::suspend):
2753         (WebCore::AudioContext::resume):
2754         (WebCore::AudioContext::close):
2755         (WebCore::AudioContext::suspendPlayback):
2756         (WebCore::AudioContext::mayResumePlayback):
2757         * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
2758         (WebCore::ThreadableWebSocketChannelClientWrapper::didConnect):
2759         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessage):
2760         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData):
2761         (WebCore::ThreadableWebSocketChannelClientWrapper::didUpdateBufferedAmount):
2762         (WebCore::ThreadableWebSocketChannelClientWrapper::didStartClosingHandshake):
2763         (WebCore::ThreadableWebSocketChannelClientWrapper::didClose):
2764         (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessageError):
2765         (WebCore::ThreadableWebSocketChannelClientWrapper::processPendingTasks):
2766         * Modules/websockets/WebSocket.cpp:
2767         (WebCore::WebSocket::connect):
2768         * bindings/js/JSEventListener.h:
2769         (WebCore::JSEventListener::jsFunction):
2770         * dom/Node.cpp:
2771         (WebCore::Node::setTextContent):
2772         * html/HTMLMediaElement.cpp:
2773         (WebCore::HTMLMediaElement::layoutSizeChanged):
2774         * inspector/CommandLineAPIHost.cpp:
2775         (WebCore::CommandLineAPIHost::wrapper):
2776         * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
2777         (WebCore::AudioSourceProviderAVFObjC::prepare):
2778         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
2779         (WebCore::WebCoreAVCFResourceLoader::invalidate):
2780         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
2781         (WebCore::WebCoreAVFResourceLoader::invalidate):
2782         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
2783         (WebVideoFullscreenControllerContext::setExternalPlayback):
2784         * platform/network/BlobResourceHandle.cpp:
2785         (WebCore::BlobResourceHandle::start):
2786         (WebCore::BlobResourceHandle::notifyFinish):
2787         * platform/network/SocketStreamHandleBase.cpp:
2788         (WebCore::SocketStreamHandleBase::disconnect):
2789         * platform/network/curl/CurlDownload.cpp:
2790         (WebCore::CurlDownload::didReceiveHeader):
2791
2792 2016-07-15  Chris Dumez  <cdumez@apple.com>
2793
2794         Use fastGetAttribute() / setAttributeWithoutSynchronization() when possible
2795         https://bugs.webkit.org/show_bug.cgi?id=159793
2796
2797         Reviewed by Ryosuke Niwa.
2798
2799         Use fastGetAttribute() / setAttributeWithoutSynchronization() when possible, for performance.
2800
2801         * Modules/plugins/YouTubePluginReplacement.cpp:
2802         (WebCore::YouTubePluginReplacement::installReplacement):
2803         * dom/Element.h:
2804         (WebCore::Element::setIdAttribute):
2805         * editing/ApplyStyleCommand.cpp:
2806         (WebCore::hasNoAttributeOrOnlyStyleAttribute):
2807         (WebCore::createFontElement):
2808         (WebCore::ApplyStyleCommand::applyInlineStyleChange):
2809         * editing/EditingStyle.cpp:
2810         (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
2811         * editing/Editor.cpp:
2812         (WebCore::Editor::setBaseWritingDirection):
2813         * editing/ReplaceSelectionCommand.cpp:
2814         (WebCore::isMailPasteAsQuotationNode):
2815         (WebCore::isInlineNodeWithStyle):
2816         * editing/cocoa/DataDetection.mm:
2817         (WebCore::DataDetection::detectContentInRange):
2818         * editing/htmlediting.cpp:
2819         (WebCore::createTabSpanElement):
2820         * editing/ios/EditorIOS.mm:
2821         (WebCore::Editor::setTextAlignmentForChangedBaseWritingDirection):
2822         (WebCore::Editor::WebContentReader::readURL):
2823         * editing/mac/EditorMac.mm:
2824         (WebCore::Editor::WebContentReader::readURL):
2825         * editing/markup.cpp:
2826         (WebCore::createFragmentFromText):
2827         * html/BaseButtonInputType.cpp:
2828         (WebCore::BaseButtonInputType::setValue):
2829         * html/BaseCheckableInputType.cpp:
2830         (WebCore::BaseCheckableInputType::setValue):
2831         * html/FTPDirectoryDocument.cpp:
2832         (WebCore::FTPDirectoryDocumentParser::appendEntry):
2833         (WebCore::FTPDirectoryDocumentParser::createTDForFilename):
2834         (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate):
2835         (WebCore::FTPDirectoryDocumentParser::createBasicDocument):
2836         * html/HTMLAnchorElement.cpp:
2837         (WebCore::HTMLAnchorElement::href):
2838         (WebCore::HTMLAnchorElement::setHref):
2839         (WebCore::HTMLAnchorElement::target):
2840         * html/HTMLAreaElement.cpp:
2841         (WebCore::HTMLAreaElement::target):
2842         * html/HTMLBaseElement.cpp:
2843         (WebCore::HTMLBaseElement::setHref):
2844         * html/HTMLButtonElement.cpp:
2845         (WebCore::HTMLButtonElement::setType):
2846         * html/HTMLDetailsElement.cpp:
2847         (WebCore::HTMLDetailsElement::didAddUserAgentShadowRoot):
2848         (WebCore::HTMLDetailsElement::toggleOpen):
2849         * html/HTMLDocument.cpp:
2850         (WebCore::HTMLDocument::setBgColor):
2851         (WebCore::HTMLDocument::setFgColor):
2852         (WebCore::HTMLDocument::setAlinkColor):
2853         (WebCore::HTMLDocument::setLinkColor):
2854         (WebCore::HTMLDocument::setVlinkColor):
2855         * html/HTMLElement.cpp:
2856         (WebCore::HTMLElement::setDir):
2857         (WebCore::HTMLElement::setContentEditable):
2858         (WebCore::HTMLElement::setDraggable):
2859         (WebCore::HTMLElement::setSpellcheck):
2860         (WebCore::HTMLElement::setTranslate):
2861         * html/HTMLFormControlElement.cpp:
2862         (WebCore::HTMLFormControlElement::setFormEnctype):
2863         (WebCore::HTMLFormControlElement::setFormMethod):
2864         (WebCore::HTMLFormControlElement::setAutocorrect):
2865         (WebCore::HTMLFormControlElement::setAutocapitalize):
2866         (WebCore::HTMLFormControlElement::setAutocomplete):
2867         * html/HTMLFormElement.cpp:
2868         (WebCore::HTMLFormElement::setAutocorrect):
2869         (WebCore::HTMLFormElement::setAutocapitalize):
2870         (WebCore::HTMLFormElement::setAction):
2871         (WebCore::HTMLFormElement::setEnctype):
2872         (WebCore::HTMLFormElement::setMethod):
2873         (WebCore::HTMLFormElement::target):
2874         * html/HTMLImageElement.cpp:
2875         (WebCore::HTMLImageElement::width):
2876         (WebCore::HTMLImageElement::height):
2877         (WebCore::HTMLImageElement::setSrc):
2878         * html/HTMLInputElement.cpp:
2879         (WebCore::HTMLInputElement::setType):
2880         (WebCore::HTMLInputElement::updateType):
2881         (WebCore::HTMLInputElement::altText):
2882         (WebCore::HTMLInputElement::setDefaultValue):
2883         * html/HTMLLinkElement.cpp:
2884         (WebCore::HTMLLinkElement::href):
2885         (WebCore::HTMLLinkElement::target):
2886         (WebCore::HTMLLinkElement::type):
2887         * html/HTMLMediaElement.cpp:
2888         (WebCore::HTMLMediaElement::setSrc):
2889         (WebCore::HTMLMediaElement::setPreload):
2890         * html/HTMLMeterElement.cpp:
2891         (WebCore::HTMLMeterElement::min):
2892         (WebCore::HTMLMeterElement::setMin):
2893         (WebCore::HTMLMeterElement::max):
2894         (WebCore::HTMLMeterElement::setMax):
2895         (WebCore::HTMLMeterElement::value):
2896         (WebCore::HTMLMeterElement::setValue):
2897         (WebCore::HTMLMeterElement::low):
2898         (WebCore::HTMLMeterElement::setLow):
2899         (WebCore::HTMLMeterElement::high):
2900         (WebCore::HTMLMeterElement::setHigh):
2901         (WebCore::HTMLMeterElement::optimum):
2902         (WebCore::HTMLMeterElement::setOptimum):
2903         * html/HTMLObjectElement.cpp:
2904         (WebCore::HTMLObjectElement::containsJavaApplet):
2905         * html/HTMLOptionElement.cpp:
2906         (WebCore::HTMLOptionElement::createForJSConstructor):
2907         (WebCore::HTMLOptionElement::setValue):
2908         (WebCore::HTMLOptionElement::setLabel):
2909         * html/HTMLProgressElement.cpp:
2910         (WebCore::HTMLProgressElement::setValue):
2911         (WebCore::HTMLProgressElement::setMax):
2912         * html/HTMLScriptElement.cpp:
2913         (WebCore::HTMLScriptElement::typeAttributeValue):
2914         * html/HTMLSelectElement.cpp:
2915         (WebCore::HTMLSelectElement::setMultiple):
2916         * html/HTMLSourceElement.cpp:
2917         (WebCore::HTMLSourceElement::setSrc):
2918         (WebCore::HTMLSourceElement::media):
2919         (WebCore::HTMLSourceElement::setMedia):
2920         (WebCore::HTMLSourceElement::type):
2921         (WebCore::HTMLSourceElement::setType):
2922         * html/HTMLTableSectionElement.cpp:
2923         (WebCore::HTMLTableSectionElement::setAlign):
2924         (WebCore::HTMLTableSectionElement::setCh):
2925         (WebCore::HTMLTableSectionElement::chOff):
2926         (WebCore::HTMLTableSectionElement::setChOff):
2927         (WebCore::HTMLTableSectionElement::setVAlign):
2928         * html/HTMLTextFormControlElement.cpp:
2929         (WebCore::HTMLTextFormControlElement::updateInnerTextElementEditability):
2930         * html/HTMLVideoElement.cpp:
2931         (WebCore::HTMLVideoElement::imageSourceURL):
2932         * html/HiddenInputType.cpp:
2933         (WebCore::HiddenInputType::restoreFormControlState):
2934         (WebCore::HiddenInputType::setValue):
2935         * html/MediaDocument.cpp:
2936         (WebCore::MediaDocumentParser::createDocumentStructure):
2937         (WebCore::MediaDocument::replaceMediaElementTimerFired):
2938         * html/PluginDocument.cpp:
2939         (WebCore::PluginDocumentParser::createDocumentStructure):
2940         * html/TextFieldInputType.cpp:
2941         (WebCore::TextFieldInputType::createAutoFillButton):
2942         (WebCore::TextFieldInputType::updateAutoFillButton):
2943         * html/parser/HTMLTreeBuilder.cpp:
2944         (WebCore::HTMLTreeBuilder::processIsindexStartTagForInBody):
2945         * html/shadow/MediaControlElements.cpp:
2946         (WebCore::MediaControlClosedCaptionsContainerElement::create):
2947         (WebCore::MediaControlTimelineElement::create):
2948         (WebCore::MediaControlPanelVolumeSliderElement::create):
2949         (WebCore::MediaControlFullscreenVolumeSliderElement::create):
2950         * html/shadow/TextControlInnerElements.cpp:
2951         (WebCore::SearchFieldCancelButtonElement::SearchFieldCancelButtonElement):
2952         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
2953         (WebCore::ImageControlsButtonElementMac::tryCreate):
2954         * html/shadow/mac/ImageControlsRootElementMac.cpp:
2955         (WebCore::ImageControlsRootElement::tryCreate):
2956         * html/track/WebVTTElement.cpp:
2957         (WebCore::WebVTTElement::createEquivalentHTMLElement):
2958         * html/track/WebVTTParser.cpp:
2959         (WebCore::WebVTTTreeBuilder::constructTreeFromToken):
2960         * inspector/InspectorCSSAgent.cpp:
2961         (WebCore::InspectorCSSAgent::createInspectorStyleSheetForDocument):
2962         * inspector/InspectorPageAgent.cpp:
2963         (WebCore::InspectorPageAgent::buildObjectForFrame):
2964         * mathml/MathMLSelectElement.cpp:
2965         (WebCore::MathMLSelectElement::toggle):
2966         * page/PageSerializer.cpp:
2967         (WebCore::PageSerializer::serializeFrame):
2968         * rendering/RenderDetailsMarker.cpp:
2969         (WebCore::RenderDetailsMarker::isOpen):
2970         * rendering/mathml/RenderMathMLFraction.cpp:
2971         (WebCore::RenderMathMLFraction::updateFromElement):
2972         * svg/SVGElement.cpp:
2973         (WebCore::SVGElement::setXmlbase):
2974         * svg/SVGSVGElement.cpp:
2975         (WebCore::SVGSVGElement::setContentScriptType):
2976         (WebCore::SVGSVGElement::setContentStyleType):
2977         * svg/SVGStyleElement.cpp:
2978         (WebCore::SVGStyleElement::setMedia):
2979         (WebCore::SVGStyleElement::setTitle):
2980
2981 2016-07-15  Chris Dumez  <cdumez@apple.com>
2982
2983         Modernize StaticNodeList / StaticElementList
2984         https://bugs.webkit.org/show_bug.cgi?id=159831
2985
2986         Reviewed by Ryosuke Niwa.
2987
2988         Modernize StaticNodeList / StaticElementList. Pass vector to adopt
2989         as an rvalue reference instead of a non-const reference.
2990
2991         * bindings/js/JSHTMLAllCollectionCustom.cpp:
2992         (WebCore::namedItems):
2993         * dom/ChildListMutationScope.cpp:
2994         (WebCore::ChildListMutationAccumulator::enqueueMutationRecord):
2995         * dom/MutationRecord.cpp:
2996         * dom/SelectorQuery.cpp:
2997         (WebCore::SelectorDataList::queryAll):
2998         * dom/StaticNodeList.h:
2999         * dom/WebKitNamedFlow.cpp:
3000         (WebCore::WebKitNamedFlow::getRegionsByContent):
3001         (WebCore::WebKitNamedFlow::getRegions):
3002         (WebCore::WebKitNamedFlow::getContent):
3003         * svg/SVGSVGElement.cpp:
3004         (WebCore::SVGSVGElement::collectIntersectionOrEnclosureList):
3005         * testing/Internals.cpp:
3006         (WebCore::Internals::nodesFromRect):
3007
3008 2016-07-15  Brent Fulgham  <bfulgham@apple.com>
3009
3010         Block insecure script running in a data: frame when the top-level page is HTTPS
3011         https://bugs.webkit.org/show_bug.cgi?id=125806
3012         <rdar://problem/27331825>
3013
3014         Reviewed by Brady Eidson.
3015
3016         Fix based on a Blink change (patch by <tsepez@chromium.org>):
3017         <https://chromium.googlesource.com/chromium/blink/+/33e553bd96e040151c1472289a0d80803bfca3a5>
3018
3019         Test: http/tests/security/mixedContent/insecure-script-in-data-iframe-in-main-frame-blocked.html
3020
3021         * loader/cache/CachedResourceLoader.cpp:
3022         (WebCore::CachedResourceLoader::checkInsecureContent): Check the top-level frame's security state
3023         before allowing insecure scripts to be used.        
3024
3025 2016-07-15  Chris Dumez  <cdumez@apple.com>
3026
3027         Let the compiler generate QualifiedName copy constructor and assignment operator
3028         https://bugs.webkit.org/show_bug.cgi?id=159826
3029
3030         Reviewed by Alex Christensen.
3031
3032         Let the compiler generate QualifiedName copy constructor and assignment operator
3033         as our custom implementation does nothing special. This also makes QualifiedName
3034         movable as the compiler is now able to generate the move constructor / assignment
3035         operator as well.
3036
3037         * dom/QualifiedName.h:
3038         (WebCore::QualifiedName::QualifiedName): Deleted.
3039         (WebCore::QualifiedName::operator=): Deleted.
3040
3041 2016-07-15  Antonio Gomes  <tonikitoo@igalia.com>
3042
3043         ScrollView::setHasHorizontalScrollbar / setHasVerticalScrollbar duplicate their logic
3044         https://bugs.webkit.org/show_bug.cgi?id=159825
3045
3046         Patch introduces a (private) method to ScrollView
3047         to share the code/logic of setHas{Horizontal,Vertical}Scrollbar.
3048
3049         Reviewed by Simon Fraser.
3050
3051         No new tests needed.
3052
3053         * platform/ScrollView.cpp:
3054         (WebCore::ScrollView::setHasScrollbarInternal):
3055         (WebCore::ScrollView::setHasHorizontalScrollbar):
3056         (WebCore::ScrollView::setHasVerticalScrollbar):
3057         * platform/ScrollView.h:
3058
3059 2016-07-15  Frederic Wang  <fwang@igalia.com>
3060
3061         MathOperator: Improve alignment for vertical size variant
3062         https://bugs.webkit.org/show_bug.cgi?id=158866
3063
3064         Reviewed by Brent Fulgham.
3065
3066         The MathOperator class may stretch operators with either a large glyph or a glyph assembly.
3067         In the latter case, the assembly is adjusted to match the stretch ascent and descent
3068         requested by the callers. But in the former case the glyph ascent and descent are used
3069         instead. We solve this by making MathOperator::stretchTo only take a targetSize and let
3070         callers do the vertical alignment they want. This improves the rendering of fences with some
3071         math fonts (e.g. XITS) and allows to pass the two cases of mo-axis-height-1.html.
3072
3073         Test: imported/mathml-in-html5/mathml/presentation-markup/operators/mo-axis-height-1.html
3074
3075         * rendering/mathml/MathOperator.cpp:
3076         (WebCore::MathOperator::stretchTo): Merge vertical and horizontal stretching into the same
3077         function with only the targetSize as a parameter.
3078         * rendering/mathml/RenderMathMLOperator.cpp:
3079         (WebCore::RenderMathMLOperator::stretchTo): Updated to use the new signature.
3080         (WebCore::RenderMathMLOperator::verticalStretchedOperatorShift): Helper function to calculate
3081         the shift necessary to align the baseline of the MathOperator instance with the one of the
3082         RenderMathMLOperator.
3083         (WebCore::RenderMathMLOperator::firstLineBaseline): Adjust the baseline.
3084         * rendering/mathml/RenderMathMLOperator.h: Declare verticalStretchedOperatorShift.
3085         * rendering/mathml/RenderMathMLRoot.cpp:
3086         (WebCore::RenderMathMLRoot::layoutBlock): Use the new signature. This function aligns the top
3087         of the radical with the overbar so we do not need to adjust baseline alignment here.
3088
3089 2016-07-15  Brady Eidson  <beidson@apple.com>
3090
3091         WebKit should prevent push/replace state with username in URL.
3092         <rdar://problem/27361737> and https://bugs.webkit.org/show_bug.cgi?id=159818
3093
3094         Reviewed by Brent Fulgham.
3095
3096         Test: http/tests/security/history-username-password.html
3097
3098         * page/History.cpp:
3099         (WebCore::History::stateObjectAdded): Don't allow URLs with usernames/passwords.
3100
3101 2016-07-15  Ryan Haddad  <ryanhaddad@apple.com>
3102
3103         Unreviewed, rolling out r203266.
3104
3105         This change caused editing/deleting/delete-emoji.html to time
3106         out on El Capitan, crash under GuardMalloc
3107
3108         Reverted changeset:
3109
3110         "Support new emoji group candidates"
3111         https://bugs.webkit.org/show_bug.cgi?id=159755
3112         http://trac.webkit.org/changeset/203266
3113
3114 2016-07-15  Frederic Wang  <fwang@igalia.com>
3115
3116         Move parsing of mfrac attributes into a MathMLFractionElement class
3117         https://bugs.webkit.org/show_bug.cgi?id=159624
3118
3119         Reviewed by Brent Fulgham.
3120
3121         We move the parsing of mfrac attributes to a MathMLFractionElement class. This allows to
3122         minimize the updates in RenderMathMLFraction and to remove the alignment members. Many of
3123         the members in updateLayoutParameters are actually only used in layoutBlock and could be
3124         removed in a follow-up patch. We also improve the resolution of negative line thickness value
3125         since the MathML recommendation says it should be rounded up to the nearest valid
3126         value (which is zero) instead of ignoring the attribute and using the line thickness.
3127
3128         No new tests, already covered by existing tests.
3129
3130         * CMakeLists.txt: Add MathMLFractionElement.
3131         * WebCore.xcodeproj/project.pbxproj: Ditto.
3132         * mathml/MathMLAllInOne.cpp: Ditto.
3133         * mathml/MathMLFractionElement.cpp: Added.
3134         (WebCore::MathMLFractionElement::MathMLFractionElement):
3135         (WebCore::MathMLFractionElement::create):
3136         (WebCore::MathMLFractionElement::lineThickness): Return the cached linethickness length,
3137         parsing it again if it is dirty. This handles the special values "thin", "medium" and "thick"
3138         or fallback to the general parseMathMLLength for MathML lengths.
3139         (WebCore::MathMLFractionElement::cachedFractionAlignment): Return the cached alignment value,
3140         parsing it again if it is dirty.
3141         (WebCore::MathMLFractionElement::numeratorAlignment): Return the cached alignment.
3142         (WebCore::MathMLFractionElement::denominatorAlignment): Ditto.
3143         (WebCore::MathMLFractionElement::parseAttribute): Make attributes dirty.
3144         (WebCore::MathMLFractionElement::createElementRenderer): Create a RenderMathMLFraction.
3145         * mathml/MathMLFractionElement.h: Added.
3146         * mathml/MathMLInlineContainerElement.cpp: We no longer need to handle fraction here.
3147         (WebCore::MathMLInlineContainerElement::createElementRenderer):
3148         * mathml/mathtags.in: Use MathMLFractionElement for mfrac.
3149         * rendering/mathml/RenderMathMLFraction.cpp:
3150         (WebCore::RenderMathMLFraction::updateLayoutParameters): New helper function to set the
3151         layout parameters, replacing updateFromElement. We no longer parse and store the alignment
3152         values here. We also change the resolution of negative values.
3153         (WebCore::RenderMathMLFraction::horizontalOffset): Use the enum from MathMLFractionElement.
3154         (WebCore::RenderMathMLFraction::layoutBlock): We call updateLayoutParameters instead of
3155         updateFromElement. The numerator and denominator alignments are resolved here.
3156         (WebCore::RenderMathMLFraction::parseAlignmentAttribute): Deleted. Parsing of alignment
3157         attribute is now handled in MathMLFractionElement.
3158         (WebCore::RenderMathMLFraction::updateFromElement): Deleted. Attribute changes are now
3159         handled in MathMLFractionElement.
3160         (WebCore::RenderMathMLFraction::styleDidChange): Deleted. Font changes are properly handled.
3161         * rendering/mathml/RenderMathMLFraction.h: Update declarations.
3162
3163 2016-07-15  Frederic Wang  <fwang@igalia.com>
3164
3165         Check whether font is nonnull for GlyphData instead of calling GlyphData::isValid()
3166         https://bugs.webkit.org/show_bug.cgi?id=159783
3167
3168         Reviewed by Brent Fulgham.
3169
3170         GlyphData::isValid() returns true for GlyphData with null 'font' pointer when the 'glyph'
3171         index is nonzero. This behavior is not expected by the MathML code and we have had crashes
3172         in our test suite in the past on Windows (e.g. bug 140653). We thus replace the call to
3173         GlyphData::isValid() with a stronger verification: Whether the 'font' pointer is nonzero.
3174
3175         No new tests, this only makes null pointer checks stronger.
3176
3177         * rendering/mathml/MathOperator.cpp:
3178         (WebCore::boundsForGlyph):
3179         (WebCore::advanceWidthForGlyph):
3180         (WebCore::MathOperator::getBaseGlyph):
3181         (WebCore::MathOperator::setSizeVariant):
3182         (WebCore::MathOperator::fillWithVerticalExtensionGlyph):
3183         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph):
3184         (WebCore::MathOperator::paintVerticalGlyphAssembly):
3185         (WebCore::MathOperator::paintHorizontalGlyphAssembly):
3186         (WebCore::MathOperator::paint):
3187         * rendering/mathml/RenderMathMLOperator.cpp:
3188         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths):
3189         * rendering/mathml/RenderMathMLToken.cpp:
3190         (WebCore::RenderMathMLToken::computePreferredLogicalWidths):
3191         (WebCore::RenderMathMLToken::firstLineBaseline):
3192         (WebCore::RenderMathMLToken::layoutBlock):
3193         (WebCore::RenderMathMLToken::paint):
3194         (WebCore::RenderMathMLToken::paintChildren):
3195
3196 2016-07-15  Frederic Wang  <fwang@igalia.com>
3197
3198         Add DejaVu Math TeX Gyre to the list of math fonts.
3199         https://bugs.webkit.org/show_bug.cgi?id=159805
3200
3201         Reviewed by Brent Fulgham.
3202
3203         DejaVu 2.36 has a new math font that can be used for MathML rendering. Because this font is
3204         likely to be installed on many systems (Linux, LibreOffice, etc) we include it in the default
3205         list of font-families in mathml.css in order to increase the chance to find a math font.
3206
3207         No new tests, it only affects rendering when DejaVu Math TeX Gyre is installed on the system.
3208
3209         * css/mathml.css:
3210         (math):
3211
3212 2016-07-15  Eric Carlson  <eric.carlson@apple.com>
3213
3214         [MSE] Increase the SourceBuffer "fudge factor"
3215         https://bugs.webkit.org/show_bug.cgi?id=159813
3216         <rdar://problem/27372033>
3217
3218         Reviewed by Jon Lee.
3219         
3220         Some media encoding/conversion pipelines are sloppy when doing sample time/timescale
3221         math, and the error accumulation results in small gaps in the media timeline. r202641
3222         increased the maximum allowable gap from 0.01 second to one 24fps frame, but it turns
3223         out that at least one large provider has a significant amount of content encoded with
3224         up to two 24fps frames.
3225
3226         No new tests, updated media/media-source/media-source-small-gap.html.
3227
3228         * Modules/mediasource/SourceBuffer.cpp:
3229         (WebCore::currentTimeFudgeFactor): Increase maximum gap to 2002 / 24000 frames.
3230
3231 2016-07-15  Rawinder Singh  <rawinder.singh-webkit@cisra.canon.com.au>
3232
3233         Add final keyword to WebCore/svg classes
3234         https://bugs.webkit.org/show_bug.cgi?id=159802
3235
3236         Reviewed by Youenn Fablet.
3237
3238         Updated classes in the WebCore/svg directory to be marked as final where appropriate.
3239
3240         * svg/SVGException.h:
3241         * svg/SVGLengthList.h:
3242         * svg/SVGMatrix.h:
3243         * svg/SVGNumberList.h:
3244         * svg/SVGPaint.h:
3245         * svg/SVGPathBuilder.h:
3246         * svg/SVGPathByteStreamBuilder.h:
3247         * svg/SVGPathByteStreamSource.h:
3248         * svg/SVGPathSegArcAbs.h:
3249         * svg/SVGPathSegArcRel.h:
3250         * svg/SVGPathSegClosePath.h:
3251         * svg/SVGPathSegCurvetoCubicAbs.h:
3252         * svg/SVGPathSegCurvetoCubicRel.h:
3253         * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
3254         * svg/SVGPathSegCurvetoCubicSmoothRel.h:
3255         * svg/SVGPathSegCurvetoQuadraticAbs.h:
3256         * svg/SVGPathSegCurvetoQuadraticRel.h:
3257         * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
3258         * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
3259         * svg/SVGPathSegLinetoAbs.h:
3260         * svg/SVGPathSegLinetoHorizontalAbs.h:
3261         * svg/SVGPathSegLinetoHorizontalRel.h:
3262         * svg/SVGPathSegLinetoRel.h:
3263         * svg/SVGPathSegLinetoVerticalAbs.h:
3264         * svg/SVGPathSegLinetoVerticalRel.h:
3265         * svg/SVGPathSegListBuilder.h:
3266         * svg/SVGPathSegListSource.h:
3267         * svg/SVGPathSegMovetoAbs.h:
3268         * svg/SVGPathSegMovetoRel.h:
3269         * svg/SVGPathStringSource.h:
3270         * svg/SVGPathTraversalStateBuilder.h:
3271         * svg/SVGPointList.h:
3272         * svg/SVGRenderingIntent.h:
3273         * svg/SVGStringList.h:
3274         * svg/SVGTRefElement.cpp:
3275         * svg/SVGToOTFFontConversion.cpp:
3276         * svg/SVGTransformList.h:
3277         * svg/SVGUnitTypes.h:
3278         * svg/SVGViewSpec.h:
3279         * svg/SVGZoomEvent.h:
3280         * svg/animation/SMILTimeContainer.h:
3281         * svg/animation/SVGSMILElement.cpp:
3282         * svg/graphics/filters/SVGFEImage.h:
3283         * svg/graphics/filters/SVGFilter.h:
3284         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
3285         * svg/properties/SVGAnimatedPropertyTearOff.h:
3286         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
3287         * svg/properties/SVGMatrixTearOff.h:
3288         * svg/properties/SVGPathSegListPropertyTearOff.h:
3289         * svg/properties/SVGStaticListPropertyTearOff.h:
3290         * svg/properties/SVGStaticPropertyTearOff.h:
3291         * svg/properties/SVGTransformListPropertyTearOff.h:
3292
3293 2016-07-15  Per Arne Vollan  <pvollan@apple.com>
3294
3295         Uninitialized variable in DIBPixelData can cause a dangerous memory write
3296         https://bugs.webkit.org/show_bug.cgi?id=159414
3297
3298         Reviewed by Brent Fulgham.
3299
3300         Initialize local BITMAP variable, in case the ::GetObject function that should initialize it
3301         fails to do so, because the bitmap handle is invalid.
3302
3303         Tests: Tools/TestWebKitAPI/Tests/WebCore/win/DIBPixelData.cpp
3304
3305         * platform/graphics/win/DIBPixelData.cpp:
3306         (WebCore::DIBPixelData::initialize): Initialize local variable.
3307         (WebCore::DIBPixelData::setRGBABitmapAlpha): Return early if we have no bitmap.
3308         * platform/graphics/win/DIBPixelData.h: Link fix.
3309
3310 2016-07-14  Yoav Weiss  <yoav@yoav.ws>
3311
3312         Change CSSParser::sourceSize returning Optional<CSSParser::SourceSize>
3313         https://bugs.webkit.org/show_bug.cgi?id=159666
3314
3315         Reviewed by Michael Catanzaro.
3316
3317         Tests:
3318             fast/dom/HTMLImageElement/sizes/image-sizes-invalids.html
3319
3320         * css/CSSGrammar.y.in: Avoid adding SourceSize to source_size_list when the value is a Nullopt.
3321         * css/CSSParser.cpp:
3322         (WebCore::CSSParser::sourceSize): Return a Nullopt when an invalid value is encountered.
3323         * css/CSSParser.h:
3324
3325 2016-07-14  Antonio Gomes  <tonikitoo@igalia.com>
3326
3327         [RTL Scrollbars] Frame scrollbars don't move to the right when text direction changes to RTL
3328         https://bugs.webkit.org/show_bug.cgi?id=158252
3329
3330         Reviewed by Myles C. Maxfield.
3331
3332         When the 'dir' attribute changes either on body or on the document
3333         element level, the associated FrameView does not trigger an update on
3334         the frame level vertical scrollbar.
3335
3336         Patch adds a 'hook' so that RenderBox::styleDidChange can call in
3337         order to get the document level scrollbar placed properly in the next
3338         layout.
3339
3340         Test: fast/scrolling/rtl-scrollbars-alternate-body-dir-attr-does-not-update-scrollbar-placement.html
3341               fast/scrolling/rtl-scrollbars-alternate-body-dir-attr-does-not-update-scrollbar-placement-2.html
3342               fast/scrolling/rtl-scrollbars-alternate-iframe-body-dir-attr-does-not-update-scrollbar-placement.html
3343
3344         * page/FrameView.cpp:
3345         (WebCore::FrameView::topContentDirectionDidChange):
3346         * page/FrameView.h:
3347         * rendering/RenderBox.cpp:
3348         (WebCore::RenderBox::styleDidChange):
3349
3350 2016-07-14  Myles C. Maxfield  <mmaxfield@apple.com>
3351
3352         Support new emoji group candidates
3353         https://bugs.webkit.org/show_bug.cgi?id=159755
3354         <rdar://problem/27325521>
3355
3356         Reviewed by Dean Jackson.
3357
3358         There are a few code points which should be able to be joined (with ZWJ) to
3359         either U+2640 or U+2642 to change the gender of the emoji. These patterns
3360         should also work with an additional 0xFE0F variation selector. This patch
3361         adds these new patterns to our existing emoji group candidate infrastructure.
3362
3363         Tests: fast/text/emoji-gender-2-3.html
3364                fast/text/emoji-gender-2-4.html
3365                fast/text/emoji-gender-2-5.html
3366                fast/text/emoji-gender-2-6.html
3367                fast/text/emoji-gender-2-7.html
3368                fast/text/emoji-gender-2-8.html
3369                fast/text/emoji-gender-2-9.html
3370                fast/text/emoji-gender-2.html
3371                fast/text/emoji-gender-3.html
3372                fast/text/emoji-gender-4.html
3373                fast/text/emoji-gender-5.html
3374                fast/text/emoji-gender-6.html
3375                fast/text/emoji-gender-7.html
3376                fast/text/emoji-gender-8.html
3377                fast/text/emoji-gender-9.html
3378                fast/text/emoji-gender-fe0f-3.html
3379                fast/text/emoji-gender-fe0f-4.html
3380                fast/text/emoji-gender-fe0f-5.html
3381                fast/text/emoji-gender-fe0f-6.html
3382                fast/text/emoji-gender-fe0f-7.html
3383                fast/text/emoji-gender-fe0f-8.html
3384                fast/text/emoji-gender-fe0f-9.html
3385                fast/text/emoji-gender.html
3386                fast/text/emoji-num-glyphs.html
3387                fast/text/emoji-single-parent-family-2.html
3388                fast/text/emoji-single-parent-family.html
3389
3390         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3391         (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Removed incorrect ASSERT()s.
3392         * platform/graphics/FontCascade.cpp:
3393         (WebCore::FontCascade::characterRangeCodePath):
3394         * platform/text/CharacterProperties.h:
3395         (WebCore::isEmojiGroupCandidate):
3396
3397 2016-07-14  Dean Jackson  <dino@apple.com>
3398
3399         CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::MediaQueryEvaluator::evaluate const
3400         https://bugs.webkit.org/show_bug.cgi?id=159799
3401         <rdar://problem/27346959>
3402
3403         Reviewed by Myles Maxfield.
3404
3405         Speculative fix for this crash, which seems to happen when asking for the Node's
3406         renderer(). From the incoming crash logs, it is triggered by mutations on
3407         a <picture> or <img> element, which would require choosing a new source,
3408         and causing some media queries to evaluate.
3409
3410         The only place in MediaQueryEvaluator that has anything to do with
3411         renderers is when gathering up some style information to pass to the
3412         actual evaluation function. I put a guard against a missing documentElement
3413         in there.
3414
3415         * css/MediaQueryEvaluator.cpp:
3416         (WebCore::MediaQueryEvaluator::evaluate): Make sure documentElement is not
3417         null.
3418