Add a RuntimeEnabledFeature for display: contents, defaulted to false.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2017-05-22 Emilio Cobos Álvarez  <ecobos@igalia.com>
2
3         Add a RuntimeEnabledFeature for display: contents, defaulted to false.
4         https://bugs.webkit.org/show_bug.cgi?id=171984
5
6         Reviewed by Antti Koivisto.
7
8         The "defaulted to false" is not only because there are spec issues,
9         but because I ran the WPT suite, and there was a fair amount of
10         crashes and messed render trees.
11
12         Tests: imported/w3c/web-platform-tests/innerText/getter.html
13
14         * css/StyleResolver.cpp:
15         (WebCore::StyleResolver::adjustRenderStyle):
16         * page/RuntimeEnabledFeatures.h:
17         (WebCore::RuntimeEnabledFeatures::setDisplayContentsEnabled):
18         (WebCore::RuntimeEnabledFeatures::displayContentsEnabled):
19
20 2017-05-22  Myles C. Maxfield  <mmaxfield@apple.com>
21
22         Update font-style's implementation in the font selection algorithm
23         https://bugs.webkit.org/show_bug.cgi?id=169453
24
25         Reviewed by Simon Fraser.
26
27         Previously, we were treating "font-style: oblique" exactly the same as "font-style: italic".
28         These values were parsed to the same internal data type. However, variation fonts may have two
29         distinct axes: 'slnt' and 'ital'. Therefore, we need to keep a bool of state which represents
30         which of these two axes we should be setting when we apply font variations. We can do this by
31         making the "font-style" parser a "custom" parser. The implementation of these custom functions
32         will set both the italic value on the FontDescription as well as this extra bool.
33
34         We don't, however, want to treat these values as distinct for the purposese of font selection.
35         The fact that we treat oblique fonts the same as italic fonts is a feature, not a bug. Therefore,
36         the font selection algorithm is not made aware of this distinction. This is why we don't want to
37         package up the bool and FontSelectionValue into a class: font selection only cares about the
38         FontSelectionValue, so conceptually they shouldn't be joined. (The FontSelectionValue already
39         exists within a collection of all the things font selection needs to know about.)
40
41         Now that there is this extra bit of state on the FontDescription, we can do a little better when
42         computing the result of getComputedStyle(). Previously, we were always returning "italic" even
43         when "oblique" was specified. Now, we can return the correct one. However, this extra bit of
44         state is not kept on the CSSFontFace (because it doesn't need to be), which means we can only
45         improve the computed style of an element, rather than the cssText of an @font-face rule.
46
47         Test: fast/text/font-style-parse.html
48
49         * css/CSSComputedStyleDeclaration.cpp:
50         (WebCore::ComputedStyleExtractor::fontStyleFromStyleValue):
51         (WebCore::fontStyleFromStyle):
52         (WebCore::fontShorthandValueForSelectionProperties):
53         * css/CSSComputedStyleDeclaration.h:
54         * css/CSSFontFaceSet.h:
55         * css/CSSProperties.json:
56         * css/FontFace.cpp:
57         (WebCore::FontFace::style):
58         * css/FontSelectionValueInlines.h:
59         (WebCore::fontStyleKeyword):
60         * css/StyleBuilderConverter.h:
61         (WebCore::StyleBuilderConverter::convertFontStyle): Deleted.
62         * css/StyleBuilderCustom.h:
63         (WebCore::StyleBuilderCustom::applyInitialFontStyle):
64         (WebCore::StyleBuilderCustom::applyInheritFontStyle):
65         (WebCore::StyleBuilderCustom::applyValueFontStyle):
66         * platform/graphics/FontCache.h:
67         (WebCore::FontDescriptionKey::makeFlagsKey):
68         * platform/graphics/FontDescription.cpp:
69         (WebCore::FontDescription::FontDescription):
70         * platform/graphics/FontDescription.h:
71         (WebCore::FontDescription::shouldUseItalicVariationAxis):
72         (WebCore::FontDescription::setShouldUseItalicVariationAxis):
73         (WebCore::FontDescription::operator==):
74         (WebCore::FontCascadeDescription::initialShouldUseItalicVariationAxis):
75         * platform/graphics/cocoa/FontCacheCoreText.cpp:
76         (WebCore::preparePlatformFont):
77         (WebCore::fontWithFamily):
78         (WebCore::FontCache::createFontPlatformData):
79         (WebCore::FontCache::systemFallbackForCharacters):
80         * platform/graphics/mac/FontCustomPlatformData.cpp:
81         (WebCore::FontCustomPlatformData::fontPlatformData):
82
83 2017-05-22  Myles C. Maxfield  <mmaxfield@apple.com>
84
85         Support calc() in font-variation-settings and font-feature-settings
86         https://bugs.webkit.org/show_bug.cgi?id=171032
87
88         Reviewed by David Hyatt.
89
90         Tests: css3/font-feature-settings-calc.html
91                fast/text/variations/calc.html
92
93         We can use the convenience functions in CSSPropertyParserHelpers.cpp.
94
95         * css/parser/CSSPropertyParser.cpp:
96         (WebCore::consumeFontFeatureTag):
97         (WebCore::consumeFontVariationTag):
98
99 2017-05-22  Michael Catanzaro  <mcatanzaro@igalia.com>
100
101         Unreviewed, attempt to fix test runner by removing Unicode character from stderr output
102         https://bugs.webkit.org/show_bug.cgi?id=168409
103
104         * page/Page.cpp:
105         (WebCore::Page::suspendScriptedAnimations):
106
107 2017-05-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
108
109         Avoid moving to the second frame of an animated image before the first frame has finished decoding
110         https://bugs.webkit.org/show_bug.cgi?id=172461
111
112         Reviewed by Simon Fraser.
113
114         Sometimes the frameCount of an animated image gets changed when more data
115         is received. The problem is we may start decoding the image as if it were
116         a static large image and the decoding of this first frame finishes after 
117         the image starts animating.
118
119         * platform/graphics/BitmapImage.cpp:
120         (WebCore::BitmapImage::draw):
121         (WebCore::BitmapImage::imageFrameAvailableAtIndex):
122
123 2017-05-20  Alex Christensen  <achristensen@webkit.org>
124
125         REGRESSION(r215686): O(n^2) algorithm in CachedRawResource::addDataBuffer
126         https://bugs.webkit.org/show_bug.cgi?id=172406
127         <rdar://32109532>
128
129         Reviewed by Brady Eidson.
130
131         CachedRawResource::calculateIncrementalDataChunk was calling SharedBuffer::data each time the data
132         was appended to the SharedBuffer. This causes the data to be copied from two segments to one segment,
133         which causes the O(n^2) behavior I was worried about in r215686. These append/data/append/data calls
134         used to cause O(1) copies per byte which was amortized because of the exponential growth of the buffer.
135         After this change, there should be 0 copies per byte here, and instead a O(log(n)) binary search in the
136         call to std::upper_bound to find the next segment of data with a given starting location in the SharedBuffer.
137         We need to store the additional information of the offsets of the beginnings of the segments in a
138         SharedBuffer. This doesn't asymptotically increase our memory usage, but it does allow us to asymptotically
139         decrease the amount of time it takes to find data at a given offset in a SharedBuffer from O(n) to O(log(n)).
140
141         This allows us to complete http://speedtest.xfinity.com and new functionality in SharedBuffer is covered by API tests.
142
143         * loader/TextTrackLoader.cpp:
144         (WebCore::TextTrackLoader::processNewCueData):
145         * loader/cache/CachedRawResource.cpp:
146         (WebCore::CachedRawResource::calculateIncrementalDataChunk):
147         (WebCore::CachedRawResource::addDataBuffer):
148         (WebCore::CachedRawResource::finishLoading):
149         * loader/cache/CachedRawResource.h:
150         * platform/SharedBuffer.cpp:
151         (WebCore::SharedBuffer::SharedBuffer):
152         (WebCore::SharedBuffer::combineIntoOneSegment):
153         (WebCore::SharedBuffer::data):
154         (WebCore::SharedBuffer::getSomeData):
155         (WebCore::SharedBuffer::tryCreateArrayBuffer):
156         (WebCore::SharedBuffer::append):
157         (WebCore::SharedBuffer::clear):
158         (WebCore::SharedBuffer::copy):
159         (WebCore::SharedBuffer::internallyConsistent):
160         (WebCore::SharedBuffer::hintMemoryNotNeededSoon):
161         (WebCore::SharedBufferDataView::SharedBufferDataView):
162         (WebCore::SharedBufferDataView::size):
163         (WebCore::SharedBufferDataView::data):
164         * platform/SharedBuffer.h:
165         * platform/cf/SharedBufferCF.cpp:
166         (WebCore::SharedBuffer::createCFData):
167         (WebCore::SharedBuffer::hintMemoryNotNeededSoon):
168         (WebCore::SharedBuffer::append):
169         * platform/cocoa/SharedBufferCocoa.mm:
170         (WebCore::SharedBuffer::createNSData):
171         (WebCore::SharedBuffer::createCFData):
172         (WebCore::SharedBuffer::createNSDataArray):
173
174 2017-05-22  Chris Dumez  <cdumez@apple.com>
175
176         Resources in cached parsed stylesheets may bypass content blockers
177         https://bugs.webkit.org/show_bug.cgi?id=172468
178         <rdar://problem/31972693>
179
180         Reviewed by Geoffrey Garen.
181
182         Resources in cached parsed stylesheets could bypass content blockers when they were in the memory cache and
183         they did not need revalidation.
184
185         To address the issue, I made StyleSheetContents::subresourcesAllowReuse() to check content blockers.
186         If a subresource in the cached stylesheet is blocked, then we return false in subresourcesAllowReuse() and
187         the cached parsed stylesheet will not be used.
188
189         No new tests, not currently testable.
190
191         * css/StyleSheetContents.cpp:
192         (WebCore::StyleSheetContents::subresourcesAllowReuse):
193         * css/StyleSheetContents.h:
194         * html/HTMLLinkElement.cpp:
195         (WebCore::HTMLLinkElement::setCSSStyleSheet):
196         * loader/cache/CachedCSSStyleSheet.cpp:
197         (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
198         * loader/cache/CachedCSSStyleSheet.h:
199
200 2017-05-22  Chris Dumez  <cdumez@apple.com>
201
202         ASSERTION FAILED: tokens.find(item) == notFound in WebCore::DOMTokenList::replace
203         https://bugs.webkit.org/show_bug.cgi?id=172473
204
205         Reviewed by Ryosuke Niwa.
206
207         Fix bad assertion in DOMTokenList::replace(). If item == replacement, then the
208         assertion was wrong.
209
210         No new tests, unskipped existing test.
211
212         * html/DOMTokenList.cpp:
213         (WebCore::DOMTokenList::replace):
214
215 2017-05-22  Youenn Fablet  <youenn@apple.com>
216
217         Remove AVAudioCaptureSource
218         https://bugs.webkit.org/show_bug.cgi?id=172360
219
220         Reviewed by Sam Weinig.
221
222         No change of behavior, this class is no longer used by default as it does not support echo cancellation.
223
224         * WebCore.xcodeproj/project.pbxproj:
225         * page/Settings.cpp:
226         (WebCore::Settings::setMediaCaptureRequiresSecureConnection):
227         (WebCore::Settings::useAVFoundationAudioCapture): Deleted.
228         (WebCore::Settings::setUseAVFoundationAudioCapture): Deleted.
229         * page/Settings.h:
230         * platform/mediastream/mac/AVAudioCaptureSource.h: Removed.
231         * platform/mediastream/mac/AVAudioCaptureSource.mm: Removed.
232         * platform/mediastream/mac/AVCaptureDeviceManager.h:
233         * platform/mediastream/mac/AVCaptureDeviceManager.mm:
234         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
235         (WebCore::RealtimeMediaSourceCenterMac::defaultAudioFactory):
236         (WebCore::RealtimeMediaSourceCenterMac::defaultAudioCaptureDeviceManager):
237         (WebCore::RealtimeMediaSourceCenterMac::setUseAVFoundationAudioCapture): Deleted.
238         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
239
240 2017-05-22  Brian Burg  <bburg@apple.com>
241
242         Web Inspector: webkit reload policy should match default behavior
243         https://bugs.webkit.org/show_bug.cgi?id=171385
244         <rdar://problem/31871515>
245
246         Reviewed by Joseph Pecoraro.
247
248         Add an option to PageAgent.reload that tells the backend to use the old
249         behavior that revalidates unexpired cached subresources. This used by tests.
250
251         Covered by existing network/memory/disk cache tests.
252
253         * inspector/InspectorPageAgent.h:
254         * inspector/InspectorPageAgent.cpp:
255         (WebCore::InspectorPageAgent::reload):
256
257 2017-05-22  Yoav Weiss  <yoav@yoav.ws>
258
259         [preload] Add media and type attribute support.
260         https://bugs.webkit.org/show_bug.cgi?id=171720
261
262         Reviewed by Youenn Fablet.
263
264         Tests: http/wpt/preload/media-attribute.html
265                http/wpt/preload/type-attribute.html
266                http/tests/preload/viewport/meta-viewport-link-headers.php
267
268         * css/MediaQueryEvaluator.cpp: Move the mediaAttributeMatches code from HTMLResourcePreloader to a central location.
269         (WebCore::MediaQueryEvaluator::mediaAttributeMatches):
270         * css/MediaQueryEvaluator.h:
271         * html/HTMLImageElement.cpp:
272         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Use isSupportedImageOrSVGMIMEType() instead of checking SVG MIME type specifically.
273         * html/HTMLLinkElement.cpp:
274         (WebCore::HTMLLinkElement::process): Call loadLink() with the media and type attributes.
275         * html/parser/HTMLDocumentParser.cpp:
276         (WebCore::HTMLDocumentParser::pumpTokenizer): Trigger Link header based preload for links that have the media attribute.
277         * html/parser/HTMLPreloadScanner.cpp:
278         (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest): Avoid preloading link resources with non-matching type.
279         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): Collect the type attribute for link resources.
280         * html/parser/HTMLResourcePreloader.cpp:
281         (WebCore::HTMLResourcePreloader::preload): Use MediaQueryEvaluator::mediaAttributeMatches instead of the local one.
282         (WebCore::mediaAttributeMatches): Deleted.
283         * loader/FrameLoader.cpp:
284         (WebCore::FrameLoader::receivedFirstData): Indicate that only link preloads with no media attribute should be loaded here.
285         * loader/LinkLoader.cpp:
286         (WebCore::LinkLoader::loadLinksFromHeader): Load only links with or without media attributes, according to mode. Also send media and
287         type attributes to preloadIfNeeded().
288         (WebCore::LinkLoader::isSupportedType): Check if the MIME type is supported for the CachedResource::Type.
289         (WebCore::LinkLoader::preloadIfNeeded): Get the media and type attributes and only trigger a preload if media matches and type is supported.
290         (WebCore::LinkLoader::loadLink): Pass along the media and type attributes.
291         * loader/LinkLoader.h:
292         * platform/MIMETypeRegistry.cpp:
293         (WebCore::MIMETypeRegistry::isSupportedImageOrSVGMIMEType): Check if MIME type is supported for an image, or is an SVG mime type.
294         (WebCore::MIMETypeRegistry::isSupportedStyleSheetMIMEType): Check if MIME type is supported for a stylesheet.
295         (WebCore::MIMETypeRegistry::isSupportedFontMIMEType): Check if MIME type is supported for a font.
296         (WebCore::MIMETypeRegistry::isSupportedTextTrackMIMEType): Check if MIME type is supported for a text track.
297         * platform/MIMETypeRegistry.h:
298
299 2017-05-22  Said Abou-Hallawa  <sabouhallawa@apple.com>
300
301         [CG] Use the SPI CGImageSourceGetTypeWithData() to get the typeIdentifierHint of an image
302         https://bugs.webkit.org/show_bug.cgi?id=172405
303
304         Reviewed by Simon Fraser.
305
306         Use CGImageSourceGetTypeWithData() to get the typeIdentifierHint which will
307         be passed to CGImageSourceCreateIncremental(). If data is insufficient to
308         guess typeIdentifierHint, that means the image size is still not available.
309         In this case, CachedImage::addIncrementalDataBuffer() will call error()
310         which will call clear() which will call Image::destroyDecodedData()
311         which will delete the current ImageDecoder and creates a new one. So we
312         don't need to check the return value insufficientData.
313
314         * platform/graphics/DecodingOptions.h: Fix the header file dependencies.
315         * platform/graphics/ImageSource.cpp:
316         (WebCore::ImageSource::ensureDecoderAvailable): No need for the URL parameter.
317         * platform/graphics/ImageTypes.h: Move a typedef from ImageDecoderCG.h to ImageTypes.h.
318         * platform/graphics/cg/ImageDecoderCG.cpp:
319         (WebCore::ImageDecoder::ImageDecoder): Pass the SharedBuffer data to the constructor.
320         * platform/graphics/cg/ImageDecoderCG.h:
321         (WebCore::ImageDecoder::create): No need for the URL argument.
322         * platform/graphics/win/ImageDecoderDirect2D.h:
323         (WebCore::ImageDecoder::create): Remove the URL argument from the function signature.
324         * platform/image-decoders/ImageDecoder.cpp:
325         (WebCore::ImageDecoder::create): Remove the URL argument from the function signature.
326         * platform/image-decoders/ImageDecoder.h:
327         * platform/spi/cg/ImageIOSPI.h: Add the prototype of CGImageSourceGetTypeWithData().
328
329 2017-05-22  Zalan Bujtas  <zalan@apple.com>
330
331         SameSizeAsInlineBox mismatch on ARMV7.
332         https://bugs.webkit.org/show_bug.cgi?id=172459
333
334         Reviewed by Simon Fraser.
335
336         Due to the ARMV7/i386 padding behaviour mismatch, forcing m_bitfields to be 32bits does not always
337         produce the desired padding.
338         Move the bool to the end of the member list and let m_deletionSentinel (4bytes) force
339         padding.
340
341         * rendering/InlineBox.cpp:
342         * rendering/InlineBox.h:
343
344 2017-05-22  Myles C. Maxfield  <mmaxfield@apple.com>
345
346         Enable the woff2-variations @font-face format identifier
347         https://bugs.webkit.org/show_bug.cgi?id=172425
348
349         Reviewed by Andreas Kling.
350
351         We support woff2, and woff-variations, but not woff2-variations.
352         https://github.com/w3c/csswg-drafts/commit/5c914a8a0382734bd420090a89bc19b32e6c302d
353
354         Test: fast/text/variations/font-face-format-woff2.html
355
356         * platform/graphics/mac/FontCustomPlatformData.cpp:
357         (WebCore::FontCustomPlatformData::supportsFormat):
358
359 2017-05-22  Antoine Quint  <graouts@apple.com>
360
361         [mac-wk1] LayoutTest media/modern-media-controls/airplay-button/airplay-button.html is a flaky timeout
362         https://bugs.webkit.org/show_bug.cgi?id=168409
363
364         Reviewed by Simon Fraser.
365
366         Remove all the custom logging code we wrote to diagnose why this specific test failed and instead
367         log the backtrace when the ScriptedAnimationController gets suspended, which should allow us to
368         identify which test actually leads to suspension and affects this particular test.
369
370         * Modules/modern-media-controls/controls/scheduler.js:
371         (const.scheduler.new.prototype.scheduleLayout):
372         (const.scheduler.new.prototype.unscheduleLayout):
373         (const.scheduler.new.prototype._requestFrameIfNeeded):
374         (const.scheduler.new.prototype._frameDidFire):
375         (const.scheduler.new.prototype._layout):
376         * dom/Document.cpp:
377         (WebCore::Document::requestAnimationFrame):
378         * dom/ScriptedAnimationController.cpp:
379         (WebCore::ScriptedAnimationController::suspend):
380         (WebCore::ScriptedAnimationController::resume):
381         (WebCore::ScriptedAnimationController::addThrottlingReason):
382         (WebCore::ScriptedAnimationController::removeThrottlingReason):
383         (WebCore::ScriptedAnimationController::registerCallback):
384         (WebCore::ScriptedAnimationController::cancelCallback):
385         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
386         (WebCore::ScriptedAnimationController::scheduleAnimation):
387         (WebCore::ScriptedAnimationController::dispatchLoggingEventIfRequired): Deleted.
388         * dom/ScriptedAnimationController.h:
389         * page/Page.cpp:
390         (WebCore::Page::suspendScriptedAnimations):
391         * page/Settings.in:
392         * testing/InternalSettings.cpp:
393         (WebCore::InternalSettings::resetToConsistentState):
394         (WebCore::InternalSettings::shouldDispatchRequestAnimationFrameEvents): Deleted.
395         (WebCore::InternalSettings::setShouldDispatchRequestAnimationFrameEvents): Deleted.
396         * testing/InternalSettings.h:
397         * testing/InternalSettings.idl:
398
399 2017-05-22  Emilio Cobos Álvarez  <ecobos@igalia.com>
400
401         Don't unconditionally reset TextIterator::m_handledChildren for display: contents nodes.
402         https://bugs.webkit.org/show_bug.cgi?id=172443
403
404         This avoids an infinite hang when enabling display: contents in bug 171984.
405
406         Reviewed by Antti Koivisto.
407
408         No new tests. Relanding bug 171984 will add test coverage for this.
409
410         * editing/TextIterator.cpp:
411         (WebCore::hasDisplayContents):
412         (WebCore::fullyClipsContents):
413         (WebCore::TextIterator::advance):
414
415 2017-05-22  Sam Weinig  <sam@webkit.org>
416
417         [WebIDL] Support callbacks with arbitrary return types
418         https://bugs.webkit.org/show_bug.cgi?id=172407
419
420         Reviewed by Chris Dumez.
421
422         - Adds and adopts CallbackResult<> template class that encapsulates a return value
423           and status from a javascript callback.
424         - Updates NodeIterator/TreeWalker to explicitly propagate exceptions thrown from
425           a JSNodeFilter, rather than relying on the JSNodeFilter to catch them (seemingly
426           accidentally).
427
428         * CMakeLists.txt:
429         * WebCore.xcodeproj/project.pbxproj:
430         * bindings/js/JSBindingsAllInOne.cpp:
431         Update file lists.
432
433         * Modules/geolocation/PositionCallback.h:
434         * Modules/geolocation/PositionErrorCallback.h:
435         * Modules/notifications/NotificationPermissionCallback.h:
436         * Modules/webaudio/AudioBufferCallback.h:
437         * Modules/webdatabase/DatabaseCallback.h:
438         * dom/RequestAnimationFrameCallback.h:
439         * dom/StringCallback.h:
440         * dom/Traversal.cpp:
441         * fileapi/BlobCallback.h:
442         * html/VoidCallback.h:
443         * page/IntersectionObserverCallback.h:
444         * page/PerformanceObserverCallback.h:
445         * css/MediaQueryListListener.h:
446         * Modules/webdatabase/SQLStatement.h:
447         * Modules/webdatabase/SQLStatementCallback.h:
448         * Modules/webdatabase/SQLStatementErrorCallback.h:
449         * Modules/webdatabase/SQLTransaction.cpp:
450         * Modules/webdatabase/SQLTransactionCallback.h:
451         * Modules/webdatabase/SQLTransactionErrorCallback.h:
452         * inspector/InspectorDatabaseAgent.cpp:
453         Adopt CallbackResult.
454
455         * Modules/webdatabase/SQLStatementErrorCallback.idl:
456         Remove Custom extended attribute annotation.
457
458         * Modules/webdatabase/SQLStatement.cpp:
459         (WebCore::SQLStatement::performCallback):
460         Adopt CallbackResult, migrating logic from JSSQLStatementErrorCallbackCustom
461         into the implementation, by way of the status enum.
462
463         * bindings/IDLTypes.h:
464         Add IDLVoid type.
465
466         * bindings/js/JSNodeFilterCustom.cpp: Removed.
467         * bindings/js/JSSQLStatementErrorCallbackCustom.cpp: Removed.
468         Remove now unneeded custom bindings.
469
470         * bindings/scripts/CodeGeneratorJS.pm:
471         (GenerateIndexedGetter):
472         (GenerateNamedGetter):
473         (GenerateImplementation):
474         (GenerateImplementationFunctionCall):
475         Update for new NativeToJSValue arguments.
476
477         (GenerateCallbackHeaderContent):
478         (GenerateCallbackImplementationContent):
479         Remove requirement of only void return types and update return type to use CallbackFunction.
480         Also adds necessary conversion of return value.
481
482         (GetBaseIDLType):
483         Add void IDL type mapping.
484
485         (IsValidContextForJSValueToNative):
486         Add operation as valid context, as that is what the callback return type's context is.
487
488         (NativeToJSValueUsingReferences):
489         (NativeToJSValueUsingPointers):
490         (NativeToJSValue):
491         Rework NativeToJSValueUsingReferences/NativeToJSValueUsingPointers to take a global object reference
492         accessor rather than a thisObject accessor, as a thisObject is not always available, and what the function
493         actually wants is the global object.
494
495         * bindings/scripts/IDLAttributes.json:
496         Add new RethrowException attribute to instruct the callback function to re-throw, rather than
497         just report, exceptions thrown in the callback and SkipCallbackInvokeCheck which instructs the
498         callback function to not check canInvokeCallback() before calling. These will both be needed to retain
499         the behavior of NodeFilter, and should be investigated further.
500
501         * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
502         * bindings/scripts/test/JS/JSTestCallbackFunction.h:
503         * bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp: Added.
504         * bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.h: Added.
505         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:
506         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.h:
507         * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
508         * bindings/scripts/test/JS/JSTestCallbackInterface.h:
509         * bindings/scripts/test/JS/JSTestVoidCallbackFunction.cpp: Added.
510         * bindings/scripts/test/JS/JSTestVoidCallbackFunction.h: Added.
511         * bindings/scripts/test/TestCallbackFunction.idl:
512         * bindings/scripts/test/TestCallbackInterface.idl:
513         * bindings/scripts/test/TestVoidCallbackFunction.idl: Copied from Source/WebCore/bindings/scripts/test/TestCallbackFunction.idl.
514         Update test results and add some additional test cases for callback functions and callback interface functions that return
515         non-void and use the RethrowExceptions.
516
517         * dom/CallbackResult.h: Added.
518         (WebCore::CallbackResult<ReturnType>::CallbackResult):
519         (WebCore::CallbackResult<ReturnType>::type):
520         (WebCore::CallbackResult<void>::CallbackResult):
521         (WebCore::CallbackResult<void>::type):
522         New class to encapsulate the return value and status of a callback function. Modeled loosely on
523         ExceptionOr, but is simpler since it does not need to handle complex exception objects.
524
525         * dom/NativeNodeFilter.cpp:
526         * dom/NativeNodeFilter.h:
527         Adopt CallbackResult, matching other NodeFiltering code by using
528         unsigned short rather than short, remove unused functions, and convert 
529         condition member to a Ref, allowing us to get rid of the branch acceptNode.
530
531         * dom/NodeFilter.h:
532         Adopt CallbackResult.
533
534         * dom/NodeFilter.idl:
535         Replace Custom extended attribute with SkipCallbackInvokeCheck and RethrowException.
536
537         * dom/NodeFilterCondition.cpp:
538         * dom/NodeFilterCondition.h:
539         Modernize to take a Node reference and match other filtering code
540         by returning an unsigned short.
541
542         * dom/Traversal.cpp:
543         * dom/Traversal.h:
544         Adopt CallbackResult and match other node filtering code by using unsigned short 
545         rather than short.
546
547         * dom/NodeIterator.cpp:
548         * dom/NodeIterator.h:
549         * dom/NodeIterator.idl:
550         * dom/TreeWalker.cpp:
551         * dom/TreeWalker.h:
552         * dom/TreeWalker.idl:
553         Change functions that callout to javascript via the NodeFilter to 
554         return ExceptionOr<Node>. Check the result of CallbackResult for a
555         thrown exception, and bail, returning Exception { ExistingExceptionError }
556         which acts as an indicator to the bindings that an exception was thrown.
557         (In actuality, the specific exception code does not matter. All that matters
558         is that an ExceptionOr<> is returned, which triggers, via overload, a path
559         in toJS() that calls propagateException(), which in turn, checks to see if
560         an exception is on the stack. But, having an explicit code here helps debugging).
561
562 2017-05-22  Simon Fraser  <simon.fraser@apple.com>
563
564         Support transform-box to switch sizing box in SVG
565         https://bugs.webkit.org/show_bug.cgi?id=145783
566
567         Reviewed by Dean Jackson.
568
569         Add support for the CSS "transform-box" property, as described at
570         <https://drafts.csswg.org/css-transforms/#transform-box>.
571         
572         This changes the behavior of percentage values in transform-origin in SVG.
573         When these were added in r110532, percentage values in transform-origin were made
574         relative to the bounding box, but absolute values relative to the view box.
575         <https://github.com/w3c/csswg-drafts/issues/895> has concluded that this behavior
576         is confusing. The new behavior is that, for SVG elements, both absolute and
577         percentage values are relative to the reference box, which is specified by the
578         new transform-box property.
579
580         The initial value for transform-box is border-box, with the svg.css UA stylesheet
581         supplying a default of view-box for the relevant SVG elements per
582         <https://www.w3.org/TR/SVG2/styling.html#UAStyleSheet>.
583
584         For non-SVG elements, the used value is always border-box, so there is no change
585         in behavior.
586
587         Tests: fast/css/transform-box-parsing.html
588                svg/transforms/svg-transform-box.html
589
590         * css/CSSComputedStyleDeclaration.cpp:
591         (WebCore::ComputedStyleExtractor::propertyValue):
592         * css/CSSPrimitiveValueMappings.h:
593         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
594         (WebCore::CSSPrimitiveValue::operator TransformBox):
595         * css/CSSProperties.json:
596         * css/CSSValueKeywords.in:
597         * css/parser/CSSPropertyParser.cpp:
598         (WebCore::CSSPropertyParser::parseSingleValue):
599         * css/svg.css:
600         (*:not(svg),):
601         (*): Deleted.
602         (html|* > svg): Deleted.
603         * page/animation/AnimationBase.cpp:
604         (WebCore::AnimationBase::computeTransformedExtentViaTransformList):
605         * rendering/style/RenderStyle.cpp:
606         (WebCore::RenderStyle::applyTransform): The transformOriginX().isPercent() tests
607         were added to support the weird "% values are relative to bounding box" in SVG. Now
608         it's up to the caller to pass a non-zero origin when that matters, and
609         SVGGraphicsElement::animatedLocalTransform() is the only caller that does so.
610         * rendering/style/RenderStyle.h:
611         (WebCore::RenderStyle::hasTransform):
612         (WebCore::RenderStyle::transformBox):
613         (WebCore::RenderStyle::setTransformBox):
614         (WebCore::RenderStyle::initialTransformBox):
615         * rendering/style/RenderStyleConstants.h:
616         * rendering/style/StyleTransformData.cpp:
617         (WebCore::StyleTransformData::StyleTransformData):
618         (WebCore::StyleTransformData::operator==):
619         * rendering/style/StyleTransformData.h:
620         * svg/SVGGraphicsElement.cpp:
621         (WebCore::SVGGraphicsElement::animatedLocalTransform): Consult the transform-box
622         style to compute the reference box as the bounding box, or the view box.
623
624 2017-05-22  Chris Dumez  <cdumez@apple.com>
625
626         Add support for [LegacyWindowAlias] IDL extended attribute
627         https://bugs.webkit.org/show_bug.cgi?id=172451
628
629         Reviewed by Sam Weinig.
630
631         Add support for [LegacyWindowAlias] IDL extended attribute as per:
632         - https://heycam.github.io/webidl/#LegacyWindowAlias
633
634         Use it for our legacy window aliases, such as webKitURL.
635
636         No new tests, there should be no Web-exposed behavior change.
637
638         * bindings/scripts/IDLAttributes.json:
639         * bindings/scripts/preprocess-idls.pl:
640         (GenerateConstructorAttributes):
641         * css/DOMMatrix.idl:
642         * dom/MutationObserver.idl:
643         * dom/XMLDocument.idl:
644         * html/DOMURL.idl:
645         * page/DOMWindow.idl:
646
647 2017-05-22  Jer Noble  <jer.noble@apple.com>
648
649         ASSERTION FAILED: m_boundThread == currentThread() in WTF::WeakReference<WebCore::WebCoreDecompressionSession>::clear()
650         https://bugs.webkit.org/show_bug.cgi?id=172457
651         <rdar://problem/32329436>
652
653         Reviewed by Eric Carlson.
654
655         Remove vestigal WeakPtrFactory that was entirely unused.
656
657         * platform/graphics/cocoa/WebCoreDecompressionSession.h:
658         (WebCore::WebCoreDecompressionSession::createWeakPtr): Deleted.
659         * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
660         (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession):
661
662 2017-05-22  Antti Koivisto  <antti@apple.com>
663
664         Crash in WebCore::StyleRuleKeyframes::findKeyframeIndex
665         https://bugs.webkit.org/show_bug.cgi?id=170756
666         <rdar://problem/31573157>
667
668         Reviewed by Andreas Kling.
669
670         Using a malformed key with CSSKeyframesRule.findRule crashes because
671         CSSParser::parseKeyframeKeyList returns null which is then dereferenced.
672
673         * css/CSSKeyframesRule.cpp:
674         (WebCore::StyleRuleKeyframes::findKeyframeIndex): Null test.
675
676 2017-05-22  Wenson Hsieh  <wenson_hsieh@apple.com>
677
678         Remove unused documentIsHandlingNonDefaultDrag plumbing for WebKit2
679         https://bugs.webkit.org/show_bug.cgi?id=172453
680
681         Reviewed by Tim Horton.
682
683         Removes unused plumbing that was originally added to support file uploads. No new tests, since there is no
684         change in behavior.
685
686         * page/DragController.h:
687         (WebCore::DragController::documentIsHandlingNonDefaultDrag): Deleted.
688
689 2017-05-22  Jer Noble  <jer.noble@apple.com>
690
691         Media element thinks its hidden when in PiP mode and tab is backgrounded.
692         https://bugs.webkit.org/show_bug.cgi?id=172221
693
694         Reviewed by Eric Carlson.
695
696         The element should not be considered hidden when in legacy fullscreen mode or PiP mode.
697
698         * html/HTMLMediaElement.cpp:
699         (WebCore::HTMLMediaElement::visibilityStateChanged):
700         (WebCore::HTMLMediaElement::fullscreenModeChanged):
701
702 2017-05-22  Zan Dobersek  <zdobersek@igalia.com>
703
704         NavigatorEME: null RefPtr<> dereference due to different calling conventions
705         https://bugs.webkit.org/show_bug.cgi?id=172352
706
707         Reviewed by Carlos Garcia Campos.
708
709         * Modules/encryptedmedia/NavigatorEME.cpp:
710         (WebCore::tryNextSupportedConfiguration): Avoid crashes when constructing
711         the MediaKeySystemAccess::create() arguments that can occur for targets with
712         calling conventions that might release the implementation RefPtr<> before it's
713         dereferenced to retrieve the key system string. Simply acquire the reference
714         to the key system String object before the MediaKeySystem::create() call
715         expression that releases the problematic RefPtr<>.
716
717 2017-05-22  Gwang Yoon Hwang  <yoon@igalia.com>
718
719         [CoordinatedGraphics] Clear UpdateAtlases for each tests
720         https://bugs.webkit.org/show_bug.cgi?id=172119
721
722         Reviewed by Carlos Garcia Campos.
723
724         * loader/EmptyClients.h:
725         * page/ChromeClient.h:
726         * testing/Internals.cpp:
727         (WebCore::Internals::resetToConsistentState): Clears update atlases
728         while resetting states of the test runner.
729
730 2017-05-22  Gwang Yoon Hwang  <yoon@igalia.com>
731
732         [CoordinatedGraphics] BitmapTexturePool does not release textures properly
733         https://bugs.webkit.org/show_bug.cgi?id=172428
734
735         Reviewed by Žan Doberšek.
736
737         No new tests because no behavior change.
738
739         * platform/graphics/texmap/BitmapTexturePool.cpp:
740         (WebCore::BitmapTexturePool::BitmapTexturePool):
741         Use the RunLoopTimer instead of Timer, because BitmapTexturePool would
742         run on the compositing thread in Coordinated Graphics case.
743         (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
744         We should check not only the last used time but also the refcounts of the
745         texture when selecting textures to remove.
746         * platform/graphics/texmap/BitmapTexturePool.h:
747         (WebCore::BitmapTexturePool::Entry::canBeReleased): Added.
748
749 2017-05-21  Carlos Garcia Campos  <cgarcia@igalia.com>
750
751         [WPE] Use surfaceless context for sharing and offscreen context if available
752         https://bugs.webkit.org/show_bug.cgi?id=172268
753
754         Reviewed by Žan Doberšek.
755
756         Like GTK+ port does, WPE should use surfaceless contexts when possible, and only create a native offscreen
757         context as a fallback. We don't need to do anything special in WPE port, just to make it consistent with the
758         Wayland and X11 implementations. We should also avoid including EGL.h in headers, we added
759         GLContextEGLWayland.cpp and GLContextEGLX11.cpp to avoid that. PlatformDisplayWPE::EGLOffscreenTarget is quite
760         simple and only used by GLContextEGLWPE, so we could move it there like we do for Wayland and X11.
761
762         * platform/graphics/GLContext.h: Remove EGL header includes.
763         * platform/graphics/egl/GLContextEGL.cpp:
764         (WebCore::GLContextEGL::createWindowContext): Use createWindowSurfaceWPE() in WPE.
765         (WebCore::GLContextEGL::createContext): Use createWPEContext in WPE.
766         (WebCore::GLContextEGL::createSharingContext): Move the WPE code below to ensure we try
767         createSurfacelessContext() first.
768         * platform/graphics/egl/GLContextEGL.h:
769         * platform/graphics/egl/GLContextEGLWPE.cpp:
770         (WebCore::GLContextEGL::GLContextEGL): Add constructor for WPE that receives a struct wpe_renderer_backend_egl_offscreen_target*
771         (WebCore::GLContextEGL::createWindowSurfaceWPE): Added implementation here because eglCreateWindowSurface needs
772         the platform specific EGL includes and definitions.
773         (WebCore::GLContextEGL::createWPEContext): Create a GLContext using WPE backend API directly here.
774         (WebCore::GLContextEGL::destroyWPETarget): Add null check.
775         * platform/graphics/wpe/PlatformDisplayWPE.cpp: Remove EGLOffscreenTarget.
776         * platform/graphics/wpe/PlatformDisplayWPE.h:
777
778 2017-05-21  Michael Catanzaro  <mcatanzaro@igalia.com>
779
780         [GTK] Remove Firefox user agent quirk for Google domains
781         https://bugs.webkit.org/show_bug.cgi?id=171941
782
783         Reviewed by Carlos Garcia Campos.
784
785         * platform/UserAgentQuirks.cpp:
786         (WebCore::UserAgentQuirks::quirksForURL):
787         (WebCore::UserAgentQuirks::stringForQuirk):
788         (WebCore::urlRequiresFirefoxBrowser): Deleted.
789         (WebCore::UserAgentQuirks::firefoxRevisionString): Deleted.
790         * platform/UserAgentQuirks.h:
791         * platform/gtk/UserAgentGtk.cpp:
792         (WebCore::buildUserAgentString):
793
794 2017-05-21  Antti Koivisto  <antti@apple.com>
795
796         matchMedia('print').addListener() fires in WK1 but never in WK2 when printing (breaks printing Google maps, QuickLooks)
797         https://bugs.webkit.org/show_bug.cgi?id=172361
798         <rdar://problem/28777408>
799
800         Reviewed by Sam Weinig.
801
802         Test: fast/media/matchMedia-print.html
803
804         * page/FrameView.cpp:
805         (WebCore::FrameView::layout):
806
807             Evaluate matchMedia queries unconditionally. No idea why it wasn't like that.
808
809         * testing/Internals.cpp:
810         (WebCore::Internals::setPrinting):
811
812             Add testing support. The existing ways to do printing testing were unable to hit this bug as
813             they had too much additional gunk.
814
815         * testing/Internals.h:
816         * testing/Internals.idl:
817
818 2017-05-21  Zalan Bujtas  <zalan@apple.com>
819
820         Remove redundant FrameView ref in FrameView::performPostLayoutTasks
821         https://bugs.webkit.org/show_bug.cgi?id=172422
822
823         Reviewed by Antti Koivisto.
824
825         This was added to protect FrameView from getting destroyed in updateEmbeddedObjects(), but r169475 changed
826         the embedded object update to be asynchronous.  
827
828         * page/FrameView.cpp:
829         (WebCore::FrameView::performPostLayoutTasks):
830
831 2017-05-20  Chris Dumez  <cdumez@apple.com>
832
833         Drop [NoInterfaceObject] from RTCDTMFSender and RTCStatsReport
834         https://bugs.webkit.org/show_bug.cgi?id=172418
835
836         Reviewed by Youenn Fablet.
837
838         Drop [NoInterfaceObject] from RTCDTMFSender and RTCStatsReport to match the specification:
839         - https://www.w3.org/TR/webrtc/#rtcdtmfsender
840         - https://www.w3.org/TR/webrtc/#rtcstatsreport-object
841
842         Firefox exposes both RTCDTMFSender and RTCStatsReport. Chrome exposes RTCStatsReport only.
843         RTCDTMFSender seems to be currently disabled at build time currently so the change to
844         its interface does not currently impact Web-exposed behavior, only the change to the
845         RTCStatsReport interface currently does.
846
847         No new tests, rebaselined existing test.
848
849         * Modules/mediastream/RTCDTMFSender.idl:
850         * Modules/mediastream/RTCStatsReport.idl:
851         Drop [NoInterfaceObject].
852
853         * Modules/mediastream/RTCIceCandidateEvent.cpp: Removed.
854         * Modules/mediastream/RTCIceCandidateEvent.h: Removed.
855         * Modules/mediastream/RTCIceCandidateEvent.idl: Removed.
856         Drop class and IDL that are no longer used. They were not even part of any project files.
857         RTCIceCandidateEvent has been renamed to RTCPeerConnectionIceEvent, which we support.
858
859 2017-05-20  Chris Dumez  <cdumez@apple.com>
860
861         Value for iterator property is wrong for maplike interfaces
862         https://bugs.webkit.org/show_bug.cgi?id=172410
863
864         Reviewed by Sam Weinig.
865
866         Value for iterator property was wrong for maplike interfaces. The iterator property is
867         supposed to have the same value as the 'entries' property but we were using the value
868         of the 'values' property.
869
870         Specification:
871         - https://heycam.github.io/webidl/#es-map-entries
872         - https://heycam.github.io/webidl/#es-iterator
873
874         This impacts the iterator of the RTCStatsReport interface.
875
876         No new tests, updated existing test.
877
878         * bindings/scripts/CodeGeneratorJS.pm:
879         (GenerateImplementation):
880         * bindings/scripts/test/JS/JSMapLike.cpp:
881         (WebCore::JSMapLikePrototype::finishCreation):
882         * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
883         (WebCore::JSReadOnlyMapLikePrototype::finishCreation):
884
885 2017-05-20  Chris Dumez  <cdumez@apple.com>
886
887         Drop superfluous iterator property setting in addValueIterableMethods()
888         https://bugs.webkit.org/show_bug.cgi?id=172409
889
890         Reviewed by Youenn Fablet.
891
892         Drop superfluous iterator setting in addValueIterableMethods(). The bindings already take care of
893         adding the iterator property before calling addValueIterableMethods().
894
895         No new tests, no Web-facing behavior change.
896
897         * bindings/js/JSDOMIterator.cpp:
898         (WebCore::addValueIterableMethods):
899
900 2017-05-20  Jer Noble  <jer.noble@apple.com>
901
902         [MSE][Mac] Support painting MSE video-element to canvas
903         https://bugs.webkit.org/show_bug.cgi?id=125157
904         <rdar://problem/23062016>
905
906         Reviewed by Eric Carlson.
907
908         Test: media/media-source/media-source-paint-to-canvas.html
909
910         In order to have access to decoded video data for painting, decode the encoded samples manually
911         instead of adding them to the AVSampleBufferDisplayLayer. To facilitate doing so, add a new
912         utility class WebCoreDecompressionSession, which can decode samples and store them.
913
914         For the purposes of this patch, to avoid double-decoding of video data and to avoid severe complication
915         of our sample delivery pipeline, we will only support painting of decoded video samples when the video is
916         not displayed in the DOM.
917
918         * Modules/mediasource/MediaSource.cpp:
919         (WebCore::MediaSource::seekToTime): Always send waitForSeekCompleted() to give private a chance to delay seek completion.
920         * Modules/mediasource/SourceBuffer.cpp:
921         (WebCore::SourceBuffer::sourceBufferPrivateReenqueSamples): Added.
922         * Modules/mediasource/SourceBuffer.h:
923         * WebCore.xcodeproj/project.pbxproj:
924         * platform/cf/CoreMediaSoftLink.cpp: Added new soft link macros.
925         * platform/cf/CoreMediaSoftLink.h: Ditto.
926         * platform/cocoa/CoreVideoSoftLink.cpp: Ditto.
927         * platform/cocoa/CoreVideoSoftLink.h: Ditto.
928         * platform/graphics/SourceBufferPrivateClient.h:
929         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
930         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::sampleBufferDisplayLayer): Simple accessor.
931         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::decompressionSession): Ditto.
932         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
933         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
934         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load): Update whether we should be displaying in a layer or decompression session..
935         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVisible): Ditto.
936         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::waitForSeekCompleted): m_seeking is now an enum.
937         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seeking): Ditto.
938         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekCompleted): Ditto. If waiting for a video frame, delay completing seek.
939         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::nativeImageForCurrentTime): Call updateLastImage() and return result.
940         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastImage): Fetch the image for the current time.
941         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paint): Pass to paintCurrentFrameInCanvas.
942         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paintCurrentFrameInContext): Get a native image, and render it.
943         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged): Create or destroy a layer or decompression session as appropriate.
944         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer): Creates a layer.
945         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyLayer): Destroys a layer.
946         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureDecompressionSession): Creates a decompression session.
947         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyDecompressionSession): Destroys a decompression session.
948         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableVideoFrame): If seek completion delayed, complete now. Ditto for ready state change.
949         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setReadyState): If waiting for a video frame, delay ready state change.
950         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): Deleted.
951         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeDisplayLayer): Deleted.
952         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
953         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
954         (WebCore::MediaSourcePrivateAVFObjC::hasVideo): Promote to a class function.
955         (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideo): Return whether any of the active source buffers have video and are selected.
956         (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideoChanged): Call setSourceBufferWithSelectedVideo().
957         (WebCore::MediaSourcePrivateAVFObjC::setVideoLayer): Set (or clear) the layer on the selected buffer.
958         (WebCore::MediaSourcePrivateAVFObjC::setDecompressionSession): Ditto for decompression session.
959         (WebCore::MediaSourcePrivateAVFObjC::setSourceBufferWithSelectedVideo): Remove the layer and decompression session from the unselected
960
961                 buffer and add the decompression session or layer to the newly selected buffer.
962         (WebCore::MediaSourcePrivateAVFObjCHasVideo): Deleted.
963         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
964         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
965         (WebCore::SourceBufferPrivateAVFObjC::destroyRenderers): Clear the videoLayer and decompressionSession.
966         (WebCore::SourceBufferPrivateAVFObjC::hasSelectedVideo): Return whether the buffer has a selected video track.
967         (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled): The media player now manages the video layer and decompression session lifetimes.
968         (WebCore::SourceBufferPrivateAVFObjC::flush): Flush the decompression session, if it exists.
969         (WebCore::SourceBufferPrivateAVFObjC::enqueueSample): Enqueue to the decompression session, if it exists.
970         (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples): As the decompression session, if it exists.
971         (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples): Tell the decompression session to stop requesting data, if it exists.
972         (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples): Request media data from the decompression session, if it exists.
973         (WebCore::SourceBufferPrivateAVFObjC::setVideoLayer): Added.
974         (WebCore::SourceBufferPrivateAVFObjC::setDecompressionSession): Added.
975         * platform/graphics/cocoa/WebCoreDecompressionSession.h: Added.
976         (WebCore::WebCoreDecompressionSession::create):
977         (WebCore::WebCoreDecompressionSession::isInvalidated):
978         (WebCore::WebCoreDecompressionSession::createWeakPtr):
979         * platform/graphics/cocoa/WebCoreDecompressionSession.mm: Added.
980         (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession): Register for media data requests.
981         (WebCore::WebCoreDecompressionSession::invalidate):  Unregister for same.
982         (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaDataCallback): Pass to maybeBecomeReadyForMoreMediaData.
983         (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaData): Check in-flight decodes, and decoded frame counts.
984         (WebCore::WebCoreDecompressionSession::enqueueSample): Pass the sample to be decoded on a background queue.
985         (WebCore::WebCoreDecompressionSession::decodeSample): Decode the sample.
986         (WebCore::WebCoreDecompressionSession::decompressionOutputCallback): Call handleDecompressionOutput.
987         (WebCore::WebCoreDecompressionSession::handleDecompressionOutput): Pass decoded sample to be enqueued on the main thread.
988         (WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
989         (WebCore::WebCoreDecompressionSession::enqueueDecodedSample): Enqueue the frame (if it's a displayed frame).
990         (WebCore::WebCoreDecompressionSession::isReadyForMoreMediaData): Return whether we've hit our high water sample count.
991         (WebCore::WebCoreDecompressionSession::requestMediaDataWhenReady):
992         (WebCore::WebCoreDecompressionSession::stopRequestingMediaData): Unset the same.
993         (WebCore::WebCoreDecompressionSession::notifyWhenHasAvailableVideoFrame): Set a callback to notify when a decoded frame has been enqueued.
994         (WebCore::WebCoreDecompressionSession::imageForTime): Successively dequeue images until reaching one at or beyond the requested time.
995         (WebCore::WebCoreDecompressionSession::flush): Synchronously empty the producer and consumer queues.
996         (WebCore::WebCoreDecompressionSession::getDecodeTime): Utility method.
997         (WebCore::WebCoreDecompressionSession::getPresentationTime): Ditto.
998         (WebCore::WebCoreDecompressionSession::getDuration): Ditto.
999         (WebCore::WebCoreDecompressionSession::compareBuffers): Ditto.
1000         * platform/cocoa/VideoToolboxSoftLink.cpp: Added.
1001         * platform/cocoa/VideoToolboxSoftLink.h: Added.
1002
1003 2017-05-19  Joseph Pecoraro  <pecoraro@apple.com>
1004
1005         WebAVStreamDataParserListener String leak
1006         https://bugs.webkit.org/show_bug.cgi?id=172395
1007
1008         Reviewed by Chris Dumez.
1009
1010         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1011         (-[WebAVStreamDataParserListener streamDataParser:didProvideMediaData:forTrackID:mediaType:flags:]):
1012         (-[WebAVStreamDataParserListener streamDataParser:didReachEndOfTrackWithTrackID:mediaType:]):
1013         Use an isolated String in a lambda used across threads.
1014
1015 2017-05-19  Chris Dumez  <cdumez@apple.com>
1016
1017         Consider not exposing webkitURL in workers
1018         https://bugs.webkit.org/show_bug.cgi?id=172166
1019
1020         Reviewed by Geoffrey Garen.
1021
1022         Drop webkitURL alias for URL in workers, to match other browsers. The risk should
1023         be low given that this only impacts workers, we expose URL to workers and Blink
1024         does not have this alias. We still support the webkitURL alias for URL on Window.
1025
1026         No new tests, rebaselined existing test.
1027
1028         * workers/WorkerGlobalScope.idl:
1029
1030 2017-05-19  Youenn Fablet  <youenn@apple.com>
1031
1032         Add RTCPeerConnection connection state change logging
1033         https://bugs.webkit.org/show_bug.cgi?id=172314
1034
1035         Reviewed by Eric Carlson.
1036
1037         No change of behavior.
1038         Adding some release logging of connection state changes.
1039
1040         * Modules/mediastream/RTCPeerConnection.cpp:
1041         (WebCore::rtcIceGatheringStateToString):
1042         (WebCore::RTCPeerConnection::updateIceGatheringState):
1043         (WebCore::rtcIceConnectionStateToString):
1044         (WebCore::RTCPeerConnection::updateIceConnectionState):
1045
1046 2017-05-19  Jeremy Jones  <jeremyj@apple.com>
1047
1048         webkitSupportsFullscreen and webkitSupportsPresentationMode('fullscreen') disagree.
1049         https://bugs.webkit.org/show_bug.cgi?id=172329
1050         rdar://problem/32260891
1051
1052         Reviewed by Darin Adler.
1053
1054         Updated tests:
1055         * media/media-fullscreen-inline-expected.txt:
1056         * media/media-fullscreen-not-in-document-expected.txt:
1057         * media/media-fullscreen.js:
1058
1059         webkitSupportsPresentationMode('fullscreen') should delegate to webkitSupportsFullscreen.
1060         The additional mediaSession().fullscreenPermitted() check causes it to return false when
1061         not handling a user gesture, which isn't helpful to deciding to show a button in controls
1062         or not.
1063
1064         * html/HTMLVideoElement.cpp:
1065         (WebCore::HTMLVideoElement::webkitSupportsPresentationMode):
1066
1067 2017-05-19  Jeremy Jones  <jeremyj@apple.com>
1068
1069         Prevent javascript interface from activating picture-in-picture for video elements that are showing capture camera on ios.
1070         https://bugs.webkit.org/show_bug.cgi?id=172328
1071
1072         Reviewed by Eric Carlson.
1073
1074         This change allows MediaPlayers to decide if they support pictureInPicture.
1075         And check this from supportsFullscreen().
1076
1077         In MediaPlayerPrivateMediaStreamAVFObjC disable pip if there is a capture video track.
1078         Elsewhere, leave it enabled.
1079
1080         * html/HTMLVideoElement.cpp:
1081         (WebCore::HTMLVideoElement::supportsFullscreen): Added Check.
1082         * platform/graphics/MediaPlayer.cpp:
1083         (WebCore::MediaPlayer::supportsPictureInPicture): Added.
1084         * platform/graphics/MediaPlayer.h:
1085         * platform/graphics/MediaPlayerPrivate.h:
1086         (WebCore::MediaPlayerPrivateInterface::supportsPictureInPicture): Added.
1087         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
1088         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
1089         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
1090         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
1091         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::supportsPictureInPicture): Added
1092         * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
1093         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1094         (WebCore::MediaPlayerPrivateQTKit::supportsFullscreen): Deleted. Moved inline.
1095
1096 2017-05-19  Chris Dumez  <cdumez@apple.com>
1097
1098         Do not fire load event for SVGElements that are detached or in frameless documents
1099         https://bugs.webkit.org/show_bug.cgi?id=172289
1100         <rdar://problem/32275689>
1101
1102         Reviewed by Ryosuke Niwa.
1103
1104         We should not fire load event for SVGElements that are detached or in frameless
1105         documents.
1106
1107         Test: svg/load-event-detached.html
1108
1109         * svg/SVGElement.cpp:
1110         (WebCore::SVGElement::sendSVGLoadEventIfPossible):
1111
1112 2017-05-19  Chris Dumez  <cdumez@apple.com>
1113
1114         Option() named constructor is not per spec
1115         https://bugs.webkit.org/show_bug.cgi?id=172185
1116
1117         Reviewed by Sam Weinig.
1118
1119         Align the behavior of the Option() named constructor with the HTML specification:
1120         - https://html.spec.whatwg.org/#dom-option
1121
1122         In particular, we no longer create an empty Text child node if the input text is the empty string.
1123         This also aligns our behavior with Firefox.
1124
1125         Test: imported/w3c/web-platform-tests/html/semantics/forms/the-option-element/option-element-constructor.html
1126
1127         * html/HTMLOptionElement.cpp:
1128         (WebCore::HTMLOptionElement::createForJSConstructor):
1129         * html/HTMLOptionElement.h:
1130         * html/HTMLOptionElement.idl:
1131
1132 2017-05-19  Chris Dumez  <cdumez@apple.com>
1133
1134         URLSearchParams / Headers objects @@iterator is not as per Web IDL spec
1135         https://bugs.webkit.org/show_bug.cgi?id=172218
1136
1137         Reviewed by Youenn Fablet.
1138
1139         Both URLSearchParams and Headers interfaces are iterable as per their
1140         respective specification, and they both have a pair iterator:
1141         - https://url.spec.whatwg.org/#interface-urlsearchparams
1142         - https://fetch.spec.whatwg.org/#headers-class
1143
1144         As per the WebIDL specification for 'entries'[1], "If the interface has a pair
1145         iterator, then the Function object is the value of the @@iterator property",
1146         the value of @@iterator being defined at [2]. In WebKit, we were using
1147         different values/functions for 'entries' and @@iterator, although those
1148         functions were doing the same thing (and the right thing).
1149
1150         Also, as per [2], the name of the @@iterator function should be "entries",
1151         which I also implemented in this patch. Previously, we were using
1152         "[Symbol.Iterator]" as function name.
1153
1154         [1] https://heycam.github.io/webidl/#es-iterable-entries
1155         [2] https://heycam.github.io/webidl/#es-iterator
1156
1157         No new tests, rebaselined existing tests.
1158
1159         * bindings/scripts/CodeGeneratorJS.pm:
1160         (GenerateImplementation):
1161         (GenerateImplementationIterableFunctions):
1162         * bindings/scripts/test/JS/JSMapLike.cpp:
1163         * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
1164         * bindings/scripts/test/JS/JSTestIterable.cpp:
1165         (WebCore::JSTestIterablePrototype::finishCreation):
1166         (WebCore::jsTestIterablePrototypeFunctionEntriesCaller):
1167         * bindings/scripts/test/JS/JSTestNode.cpp:
1168         (WebCore::JSTestNodePrototype::finishCreation):
1169         (WebCore::jsTestNodePrototypeFunctionEntriesCaller):
1170
1171 2017-05-19  Zalan Bujtas  <zalan@apple.com>
1172
1173         Redundant ellipsis box triggers ASSERT_WITH_SECURITY_IMPLICATION in InlineBox::parent().
1174         https://bugs.webkit.org/show_bug.cgi?id=172309
1175         <rdar://problem/32262357>
1176
1177         Reviewed by Simon Fraser.
1178
1179         This patch stops the redundant ellipsis box trigger ASSERT_WITH_SECURITY_IMPLICATION.
1180
1181         In RootInlineBox::placeEllipsis we construct an ellipsis box and append it to a static HashMap which
1182         keeps track of the ellipsis boxes on each line. However when the line already has an ellipsis, we
1183         re-use the existing one and this newly constructed (but redundant) box gets destroyed as we return from this function.
1184         In InlineBox's d'tor, we let the parent know that now it has a dangling child and we assert on it
1185         later, while accessing the children list. However this redundant ellipsis box was never added to the line,
1186         so the assertion hits incorrectly.
1187
1188         Test: fast/inline/redundant-ellipsis-triggers-assert-incorrectly.html
1189
1190         * rendering/EllipsisBox.cpp:
1191         (WebCore::EllipsisBox::EllipsisBox):
1192         * rendering/InlineBox.cpp: This needs 32bits padding.
1193         (WebCore::InlineBox::invalidateParentChildList):
1194         * rendering/InlineBox.h:
1195         * rendering/RootInlineBox.cpp:
1196         (WebCore::RootInlineBox::placeEllipsis):
1197
1198 2017-05-19  Matt Rajca  <mrajca@apple.com>
1199
1200         Inherit media user gestures from the top document when autoplay quirks are allowed.
1201         https://bugs.webkit.org/show_bug.cgi?id=172375
1202
1203         Reviewed by Eric Carlson.
1204
1205         Added API test.
1206
1207         * dom/Document.cpp:
1208         (WebCore::Document::processingUserGestureForMedia):
1209
1210 2017-05-19  Youenn Fablet  <youenn@apple.com>
1211
1212         Align MockRealtimeMediaSourceCenter with RealtimeMediaSourceCenter
1213         https://bugs.webkit.org/show_bug.cgi?id=172324
1214
1215         Reviewed by Eric Carlson.
1216
1217         No change of behavior.
1218         Remove most of MockRealtimeMediaSourceCenter implementation.
1219         Next step should be to remove it entirely and use the factory setters instead.
1220
1221         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
1222         (WebCore::RealtimeMediaSourceCenter::RealtimeMediaSourceCenter):
1223         (WebCore::RealtimeMediaSourceCenter::createMediaStream):
1224         (WebCore::RealtimeMediaSourceCenter::getMediaStreamDevices):
1225         (WebCore::RealtimeMediaSourceCenter::setDeviceEnabled):
1226         * platform/mediastream/RealtimeMediaSourceCenter.h:
1227         (WebCore::RealtimeMediaSourceCenter::supportedConstraints):
1228         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
1229         (WebCore::RealtimeMediaSourceCenterMac::RealtimeMediaSourceCenterMac):
1230         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
1231         * platform/mock/MockRealtimeMediaSourceCenter.cpp:
1232         (WebCore::MockRealtimeMediaSourceCenter::MockCaptureDeviceManager::captureDevices):
1233         * platform/mock/MockRealtimeMediaSourceCenter.h:
1234
1235 2017-05-19  Zalan Bujtas  <zalan@apple.com>
1236
1237         Update SameSizeAsInlineBox with the correct InlineBoxBitfields bits.
1238         https://bugs.webkit.org/show_bug.cgi?id=172377
1239
1240         Reviewed by Tim Horton.
1241
1242         * rendering/InlineBox.cpp:
1243
1244 2017-05-19  Daniel Bates  <dabates@apple.com>
1245
1246         Bindings: Support runtime-enabled features in specific worlds
1247         https://bugs.webkit.org/show_bug.cgi?id=172235
1248
1249         Reviewed by Chris Dumez.
1250
1251         Currently a function, attribute, or interface can be annotated with either EnabledAtRuntime
1252         or EnabledForWorld (not both) to expose/conceal it depending on the state of a runtime
1253         feature flag or the DOM world associated with the running JavaScript code, respectively.
1254         Even though we do not have any functions, attributes, or interfaces that are annotated
1255         with both EnabledAtRuntime and EnabledForWorld at the time of writing, it seems reasonable
1256         to support such a combination of annotations. This also has the benefit of making it
1257         straightforward to support the extended attribute SecureContext by generalizing the logic
1258         that generates the code to expose/conceal a function, attribute, or interface.
1259
1260         * bindings/scripts/CodeGeneratorJS.pm:
1261         (GenerateRuntimeEnableConditionalString): Use an array to build up all the conjuncts in
1262         the conditional expression.
1263         (GenerateImplementation): Substitute GenerateRuntimeEnableConditionalString() and $runtimeEnableConditionalString
1264         for GetRuntimeEnableFunctionName() and $enable_function_result, respectively.
1265         (GetRuntimeEnableFunctionName): Deleted.
1266
1267         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
1268          (WebCore::JSTestGlobalObject::finishCreation):
1269          (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabled):
1270          (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledCaller):
1271          (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeaturesEnabled):
1272          (WebCore::jsTestGlobalObjectInstanceFunctionEnabledInSpecificWorldWhenRuntimeFeaturesEnabledCaller):
1273          Update expected results.
1274
1275          * bindings/scripts/test/JS/JSTestObj.cpp:
1276          (WebCore::JSTestObjPrototype::finishCreation):
1277          (WebCore::jsTestObjPrototypeFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabled):
1278          (WebCore::jsTestObjPrototypeFunctionEnabledInSpecificWorldWhenRuntimeFeatureEnabledCaller):
1279          Ditto.
1280
1281          * bindings/scripts/test/TestGlobalObject.idl: Added test cases.
1282          * bindings/scripts/test/TestObj.idl: Added test case.
1283
1284 2017-05-19  Jeremy Jones  <jeremyj@apple.com>
1285
1286         Fix macos build after r217143
1287         https://bugs.webkit.org/show_bug.cgi?id=172380
1288
1289         unreviewed.
1290
1291         Remove reference to WebVideoFullscreenInterface for mac build.
1292
1293         * html/HTMLMediaElement.cpp:
1294         * platform/mac/WebVideoFullscreenInterfaceMac.h:
1295
1296 2017-05-19  Jeremy Jones  <jeremyj@apple.com>
1297
1298         Remove defunct WebVideoFullscreenInterface
1299         https://bugs.webkit.org/show_bug.cgi?id=172254
1300
1301         Reviewed by Jon Lee.
1302
1303         No new tests because no behavior change.
1304
1305         WebVideoFullscreenInterface has long since been replaced by WebVideoFullscreenModelClient.
1306
1307         * WebCore.xcodeproj/project.pbxproj:
1308         * html/HTMLMediaElement.cpp:
1309         * html/HTMLVideoElement.cpp:
1310         * platform/cocoa/WebPlaybackSessionModelMediaElement.mm:
1311         * platform/cocoa/WebVideoFullscreenInterface.h: Removed.
1312         * platform/cocoa/WebVideoFullscreenModel.h:
1313         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
1314         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
1315         * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
1316         * platform/mac/WebVideoFullscreenInterfaceMac.h:
1317
1318 2017-05-19  Jeremy Jones  <jeremyj@apple.com>
1319
1320         HTMLVideoElement::webkitSupportsPresentationMode allowsPictureInPicture() check is redundant.
1321         https://bugs.webkit.org/show_bug.cgi?id=172330
1322         rdar://problem/32285443
1323
1324         Reviewed by Eric Carlson.
1325
1326         No new tests because no behavior change.
1327
1328         This removes a redundant call to allowsPictureInPicture() to make it
1329         more clear that webkitSupportsPresentationMode gives the same result as 
1330         webkitSupportsFullscreen(pipMode)
1331
1332         * html/HTMLVideoElement.cpp:
1333         (WebCore::HTMLVideoElement::webkitSupportsPresentationMode):
1334
1335 2017-05-19  Jeremy Jones  <jeremyj@apple.com>
1336
1337         [WebRTC] Remove PiP support for video elements that are showing camera capture
1338         https://bugs.webkit.org/show_bug.cgi?id=172336
1339
1340         Reviewed by Eric Carlson.
1341
1342         No new tests because no effect on the DOM. This just changes a value sent to the platform interface layer.
1343
1344         Ask video element if it supports picture-in-picture instead of asking the mediaSession directly.
1345         This allows the video element to give a more robust answer.
1346
1347         * html/HTMLVideoElement.h:
1348         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
1349         (WebVideoFullscreenControllerContext::setUpFullscreen):
1350
1351 2017-05-18  Sam Weinig  <sam@webkit.org>
1352
1353         [WebIDL] Remove the need for the generator to know about native type mapping
1354         https://bugs.webkit.org/show_bug.cgi?id=172310
1355
1356         Reviewed by Darin Adler.
1357
1358         Replace the use of explicit typename to native type mappings in CodeGeneratorJS.pm
1359         with use of IDLTypes and Converter, which already need the mapping. This allows us
1360         to have the information in only one spot.
1361
1362         Also, callback generation to account for nullability and update the IDLs to correctly
1363         annotate only the types that need to be nullable. 
1364
1365         * Modules/geolocation/GeoNotifier.cpp:
1366         * Modules/geolocation/GeoNotifier.h:
1367         * Modules/geolocation/Geolocation.cpp:
1368         * Modules/geolocation/Geolocation.h:
1369         * Modules/geolocation/PositionCallback.idl:
1370         * Modules/geolocation/PositionErrorCallback.h:
1371         Use references where possible in the Geolocation code. It was almost possible
1372         to make PositionCallback take a non-nullable position, but some odd logic in
1373         Geolocation::makeCachedPositionCallbacks() implies that there is a path where
1374         passing null is possible, though it would assert. Added FIXME's to return to
1375         this in a follow up.
1376
1377         * Modules/webaudio/AudioBufferCallback.idl:
1378         Add nullable annotation and FIXME explaining that the latest spec splits the callback
1379         into two separate ones.
1380
1381         * Modules/webdatabase/Database.cpp:
1382         (WebCore::Database::runTransaction):
1383         * Modules/webdatabase/DatabaseCallback.h:
1384         * Modules/webdatabase/DatabaseManager.cpp:
1385         (WebCore::DatabaseManager::openDatabase):
1386         * Modules/webdatabase/SQLStatement.cpp:
1387         (WebCore::SQLStatement::performCallback):
1388         * Modules/webdatabase/SQLStatementCallback.h:
1389         * Modules/webdatabase/SQLStatementErrorCallback.h:
1390         * Modules/webdatabase/SQLTransaction.cpp:
1391         (WebCore::SQLTransaction::deliverTransactionCallback):
1392         (WebCore::SQLTransaction::deliverTransactionErrorCallback):
1393         * Modules/webdatabase/SQLTransactionCallback.h:
1394         * Modules/webdatabase/SQLTransactionErrorCallback.h:
1395         * inspector/InspectorDatabaseAgent.cpp:
1396         * bindings/js/JSSQLStatementErrorCallbackCustom.cpp:
1397         (WebCore::JSSQLStatementErrorCallback::handleEvent):
1398         Update to pass callback parameters as references, since they are never null.
1399
1400         * bindings/IDLTypes.h:
1401         Add NullableParameterType to allow customization of nullable parameters (in much
1402         the same way we allow customization of the nullable implementation type).
1403
1404         * bindings/scripts/CodeGeneratorJS.pm:
1405         (GenerateDefaultValue):
1406         Use Converter<>::ReturnType{ } for default values rather than ${GetNativeType..}().
1407
1408         (GenerateHeader):
1409         Remove use of GetNativeType for toWrapped by using the impl type, since this will never
1410         be a complex type.
1411
1412         (GenerateImplementation):
1413         Simplify DOMJIT UnsafeToNative by merging two identical paths and using auto.
1414
1415         (GenerateParametersCheck):
1416         Rework parameter checks to use more specific variable names, make branches more clear,
1417         and use Converter<>::ReturnType rather than GetNativeType.
1418
1419         (GenerateCallbackHeaderContent):
1420         (GenerateCallbackImplementationContent):
1421         Switch to using typename ${IDLType}::ParameterType as the parameters for callback functions. Also
1422         add final and override to make sure the generated function matches the user provided base class.
1423         (GetNativeType): Deleted.
1424         (GetNativeInnerType): Deleted.
1425         (GetNativeTypeForCallbacks): Deleted.
1426         Remove native type mappings.
1427
1428         * css/MediaQueryListListener.h:
1429         * css/MediaQueryListListener.idl:
1430         * css/MediaQueryMatcher.cpp:
1431         Update MediaQueryListListener to take a non-nullable MediaQueryList.
1432         
1433         * dom/NativeNodeFilter.cpp:
1434         * dom/NativeNodeFilter.h:
1435         * dom/NodeFilter.h:
1436         * dom/NodeFilter.idl:
1437         * dom/NodeIterator.cpp:
1438         * dom/Traversal.cpp:
1439         * dom/Traversal.h:
1440         * dom/TreeWalker.cpp:
1441         * bindings/js/JSNodeFilterCustom.cpp:
1442         Update acceptNode to be non-nullable and pass the Node by reference.
1443
1444         * dom/StringCallback.cpp:
1445         * dom/StringCallback.h:
1446         Pass the ScriptExecutionContext by reference.
1447
1448         * page/IntersectionObserverCallback.h:
1449         Update to match new parameter types and pass IntersectionObserver by reference.
1450
1451         * page/PerformanceObserver.cpp:
1452         * page/PerformanceObserverCallback.h:
1453         Update to pass PerformanceObserverEntryList and PerformanceObserver by reference.
1454
1455         * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
1456         * bindings/scripts/test/JS/JSTestCallbackFunction.h:
1457         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:
1458         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.h:
1459         * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
1460         * bindings/scripts/test/JS/JSTestCallbackInterface.h:
1461         * bindings/scripts/test/JS/JSTestObj.cpp:
1462         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1463         Update test results.
1464
1465         * bindings/scripts/test/TestCallbackInterface.idl:
1466         Update test to refer to actual interfaces as we now do lookup on these parameter 
1467         types rather than blindly assuming they are interfaces.
1468
1469 2017-05-19  Commit Queue  <commit-queue@webkit.org>
1470
1471         Unreviewed, rolling out r217098, r217111, r217113, and
1472         r217114.
1473         https://bugs.webkit.org/show_bug.cgi?id=172367
1474
1475         These changes broke the Windows build and introduced
1476         LayoutTest failures (Requested by ryanhaddad on #webkit).
1477
1478         Reverted changesets:
1479
1480         "[MSE][Mac] Support painting MSE video-element to canvas"
1481         https://bugs.webkit.org/show_bug.cgi?id=125157
1482         http://trac.webkit.org/changeset/217098
1483
1484         "[MSE][Mac] Support painting MSE video-element to canvas"
1485         https://bugs.webkit.org/show_bug.cgi?id=125157
1486         http://trac.webkit.org/changeset/217111
1487
1488         "Unreviewed build fix; add undefined functions and constants
1489         to the CoreMediaSoftLink.h, and use the"
1490         http://trac.webkit.org/changeset/217113
1491
1492         "[MSE][Mac] Support painting MSE video-element to canvas"
1493         https://bugs.webkit.org/show_bug.cgi?id=125157
1494         http://trac.webkit.org/changeset/217114
1495
1496 2017-05-19  Andy Estes  <aestes@apple.com>
1497
1498         REGRESSION (r217078): window.ApplePaySession is undefined on macOS Sierra
1499         https://bugs.webkit.org/show_bug.cgi?id=172344
1500
1501         Reviewed by Tim Horton.
1502
1503         r213673 mistakenly changed the ApplePaySession interface from being conditional on
1504         APPLE_PAY to being conditional on APPLE_PAY_DELEGATE, so when r217078 disabled
1505         APPLE_PAY_DELEGATE on Sierra and earlier it disabled ApplePaySession.
1506
1507         Fix this by reverting ApplePaySession to being conditional on APPLE_PAY.
1508
1509         Fixes http/tests/ssl/applepay/ApplePaySession.html
1510
1511         * Modules/applepay/ApplePaySession.idl:
1512
1513 2017-05-19  Chris Dumez  <cdumez@apple.com>
1514
1515         CSSOM insertRule() index argument is optional with default 0
1516         https://bugs.webkit.org/show_bug.cgi?id=172219
1517
1518         Reviewed by Sam Weinig.
1519
1520         Index parameter to CSSSupportsRule.insertRule() and CSSStyleSheet.insertRule() should
1521         be optional with a default value of 0, as per the latest specification:
1522         - https://github.com/w3c/csswg-drafts/commit/7949d41a2d86107f8ad4624c055b4b0c9c28ad0d
1523         - https://www.w3.org/Bugs/Public/show_bug.cgi?id=27384
1524
1525         Tests: imported/w3c/web-platform-tests/cssom/insertRule-charset-no-index.html
1526                imported/w3c/web-platform-tests/cssom/insertRule-import-no-index.html
1527                imported/w3c/web-platform-tests/cssom/insertRule-namespace-no-index.html
1528                imported/w3c/web-platform-tests/cssom/insertRule-no-index.html
1529
1530         * css/CSSStyleSheet.cpp:
1531         * css/CSSStyleSheet.h:
1532         * css/CSSStyleSheet.idl:
1533         * css/CSSSupportsRule.idl:
1534
1535 2017-05-19  Carlos Garcia Campos  <cgarcia@igalia.com>
1536
1537         [Threaded Compositor] Remove platform ifdefs from threaded compositor implementation
1538         https://bugs.webkit.org/show_bug.cgi?id=172265
1539
1540         Reviewed by Žan Doberšek.
1541
1542         Remove PlatformDisplayWPE::EGLTarget.
1543
1544         * platform/graphics/wpe/PlatformDisplayWPE.cpp:
1545         * platform/graphics/wpe/PlatformDisplayWPE.h:
1546
1547 2017-05-19  Jer Noble  <jer.noble@apple.com>
1548
1549         Unreviewed build fix; add undefined functions and constants to the CoreMediaSoftLink.h, and use the
1550         correct (and previously soft-linked) method in WebCoreDecompressionSession.
1551
1552         * platform/cf/CoreMediaSoftLink.cpp:
1553         * platform/cf/CoreMediaSoftLink.h:
1554         * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
1555         (WebCore::WebCoreDecompressionSession::imageForTime):
1556
1557 2017-05-19  Yusuke Suzuki  <utatane.tea@gmail.com>
1558
1559         [JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass
1560         https://bugs.webkit.org/show_bug.cgi?id=172098
1561
1562         Reviewed by Saam Barati.
1563
1564         Add DOMJIT interface IDL attribute. Which allows us to define checkSubClassPatchpointFor${className}
1565         function for that ClassInfo. And we move CheckSubClass patchpoint implementation to ClassInfo's member
1566
1567         * CMakeLists.txt:
1568         * WebCore.xcodeproj/project.pbxproj:
1569         * bindings/js/JSDOMGlobalObject.cpp:
1570         * bindings/js/JSDOMWindowBase.cpp:
1571         * bindings/js/JSDOMWindowProperties.cpp:
1572         * bindings/js/JSDOMWindowShell.cpp:
1573         * bindings/js/JSReadableStreamPrivateConstructors.cpp:
1574         * bindings/js/JSWorkerGlobalScopeBase.cpp:
1575         * bindings/scripts/CodeGeneratorJS.pm:
1576         (GenerateHeader):
1577         (GenerateImplementation):
1578         (GenerateImplementationIterableFunctions):
1579         (GenerateConstructorHelperMethods):
1580         * bindings/scripts/IDLAttributes.json:
1581         * bindings/scripts/test/JS/JSInterfaceName.cpp:
1582         * bindings/scripts/test/JS/JSMapLike.cpp:
1583         * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
1584         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1585         * bindings/scripts/test/JS/JSTestCEReactions.cpp:
1586         * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
1587         * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
1588         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
1589         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
1590         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
1591         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
1592         * bindings/scripts/test/JS/JSTestDOMJIT.h:
1593         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1594         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1595         * bindings/scripts/test/JS/JSTestException.cpp:
1596         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
1597         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
1598         * bindings/scripts/test/JS/JSTestInterface.cpp:
1599         * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
1600         * bindings/scripts/test/JS/JSTestIterable.cpp:
1601         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1602         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1603         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
1604         * bindings/scripts/test/JS/JSTestNode.cpp:
1605         * bindings/scripts/test/JS/JSTestObj.cpp:
1606         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
1607         * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
1608         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
1609         * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
1610         * bindings/scripts/test/JS/JSTestSerialization.cpp:
1611         * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
1612         * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
1613         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1614         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1615         * bridge/c/CRuntimeObject.cpp:
1616         * bridge/c/c_instance.cpp:
1617         * bridge/objc/ObjCRuntimeObject.mm:
1618         * bridge/objc/objc_instance.mm:
1619         * bridge/objc/objc_runtime.mm:
1620         * bridge/runtime_array.cpp:
1621         * bridge/runtime_method.cpp:
1622         * bridge/runtime_object.cpp:
1623         * dom/Document.idl:
1624         * dom/DocumentFragment.idl:
1625         * dom/Element.idl:
1626         * dom/Event.idl:
1627         * dom/Node.idl:
1628         * domjit/JSDocumentDOMJIT.cpp:
1629         (WebCore::checkSubClassPatchpointForJSDocument):
1630         (WebCore::DocumentDocumentElementDOMJIT::checkDOM): Deleted.
1631         (WebCore::DocumentBodyDOMJIT::checkDOM): Deleted.
1632         * domjit/JSDocumentFragmentDOMJIT.cpp: Copied from Source/JavaScriptCore/runtime/JSMap.cpp.
1633         (WebCore::checkSubClassPatchpointForJSDocumentFragment):
1634         * domjit/JSElementDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
1635         (WebCore::checkSubClassPatchpointForJSElement):
1636         * domjit/JSEventDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
1637         (WebCore::checkSubClassPatchpointForJSEvent):
1638         * domjit/JSNodeDOMJIT.cpp:
1639         (WebCore::checkSubClassPatchpointForJSNode):
1640         (WebCore::NodeFirstChildDOMJIT::checkDOM): Deleted.
1641         (WebCore::NodeLastChildDOMJIT::checkDOM): Deleted.
1642         (WebCore::NodeNextSiblingDOMJIT::checkDOM): Deleted.
1643         (WebCore::NodePreviousSiblingDOMJIT::checkDOM): Deleted.
1644         (WebCore::NodeParentNodeDOMJIT::checkDOM): Deleted.
1645         (WebCore::NodeNodeTypeDOMJIT::checkDOM): Deleted.
1646         (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted.
1647
1648 2017-05-18  Jer Noble  <jer.noble@apple.com>
1649
1650         [MSE][Mac] Support painting MSE video-element to canvas
1651         https://bugs.webkit.org/show_bug.cgi?id=125157
1652         <rdar://problem/23062016>
1653
1654         Reviewed by Eric Carlson.
1655
1656         Test: media/media-source/media-source-paint-to-canvas.html
1657
1658         In order to have access to decoded video data for painting, decode the encoded samples manually
1659         instead of adding them to the AVSampleBufferDisplayLayer. To facilitate doing so, add a new
1660         utility class WebCoreDecompressionSession, which can decode samples and store them.
1661
1662         For the purposes of this patch, to avoid double-decoding of video data and to avoid severe complication
1663         of our sample delivery pipeline, we will only support painting of decoded video samples when the video is
1664         not displayed in the DOM.
1665
1666         * Modules/mediasource/MediaSource.cpp:
1667         (WebCore::MediaSource::seekToTime): Always send waitForSeekCompleted() to give private a chance to delay seek completion.
1668         * Modules/mediasource/SourceBuffer.cpp:
1669         (WebCore::SourceBuffer::sourceBufferPrivateReenqueSamples): Added.
1670         * Modules/mediasource/SourceBuffer.h:
1671         * WebCore.xcodeproj/project.pbxproj:
1672         * platform/cf/CoreMediaSoftLink.cpp: Added new soft link macros.
1673         * platform/cf/CoreMediaSoftLink.h: Ditto.
1674         * platform/cocoa/CoreVideoSoftLink.cpp: Ditto.
1675         * platform/cocoa/CoreVideoSoftLink.h: Ditto.
1676         * platform/graphics/SourceBufferPrivateClient.h:
1677         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
1678         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::sampleBufferDisplayLayer): Simple accessor.
1679         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::decompressionSession): Ditto.
1680         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
1681         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
1682         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load): Update whether we should be displaying in a layer or decompression session..
1683         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVisible): Ditto.
1684         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::waitForSeekCompleted): m_seeking is now an enum.
1685         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seeking): Ditto.
1686         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekCompleted): Ditto. If waiting for a video frame, delay completing seek.
1687         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::nativeImageForCurrentTime): Call updateLastImage() and return result.
1688         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastImage): Fetch the image for the current time.
1689         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paint): Pass to paintCurrentFrameInCanvas.
1690         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paintCurrentFrameInContext): Get a native image, and render it.
1691         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged): Create or destroy a layer or decompression session as appropriate.
1692         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer): Creates a layer.
1693         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyLayer): Destroys a layer.
1694         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureDecompressionSession): Creates a decompression session.
1695         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::destroyDecompressionSession): Destroys a decompression session.
1696         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableVideoFrame): If seek completion delayed, complete now. Ditto for ready state change.
1697         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setReadyState): If waiting for a video frame, delay ready state change.
1698         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): Deleted.
1699         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeDisplayLayer): Deleted.
1700         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
1701         * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
1702         (WebCore::MediaSourcePrivateAVFObjC::hasVideo): Promote to a class function.
1703         (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideo): Return whether any of the active source buffers have video and are selected.
1704         (WebCore::MediaSourcePrivateAVFObjC::hasSelectedVideoChanged): Call setSourceBufferWithSelectedVideo().
1705         (WebCore::MediaSourcePrivateAVFObjC::setVideoLayer): Set (or clear) the layer on the selected buffer.
1706         (WebCore::MediaSourcePrivateAVFObjC::setDecompressionSession): Ditto for decompression session.
1707         (WebCore::MediaSourcePrivateAVFObjC::setSourceBufferWithSelectedVideo): Remove the layer and decompression session from the unselected
1708
1709                 buffer and add the decompression session or layer to the newly selected buffer.
1710         (WebCore::MediaSourcePrivateAVFObjCHasVideo): Deleted.
1711         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
1712         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1713         (WebCore::SourceBufferPrivateAVFObjC::destroyRenderers): Clear the videoLayer and decompressionSession.
1714         (WebCore::SourceBufferPrivateAVFObjC::hasSelectedVideo): Return whether the buffer has a selected video track.
1715         (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled): The media player now manages the video layer and decompression session lifetimes.
1716         (WebCore::SourceBufferPrivateAVFObjC::flush): Flush the decompression session, if it exists.
1717         (WebCore::SourceBufferPrivateAVFObjC::enqueueSample): Enqueue to the decompression session, if it exists.
1718         (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples): As the decompression session, if it exists.
1719         (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples): Tell the decompression session to stop requesting data, if it exists.
1720         (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples): Request media data from the decompression session, if it exists.
1721         (WebCore::SourceBufferPrivateAVFObjC::setVideoLayer): Added.
1722         (WebCore::SourceBufferPrivateAVFObjC::setDecompressionSession): Added.
1723         * platform/graphics/cocoa/WebCoreDecompressionSession.h: Added.
1724         (WebCore::WebCoreDecompressionSession::create):
1725         (WebCore::WebCoreDecompressionSession::isInvalidated):
1726         (WebCore::WebCoreDecompressionSession::createWeakPtr):
1727         * platform/graphics/cocoa/WebCoreDecompressionSession.mm: Added.
1728         (WebCore::WebCoreDecompressionSession::WebCoreDecompressionSession): Register for media data requests.
1729         (WebCore::WebCoreDecompressionSession::invalidate):  Unregister for same.
1730         (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaDataCallback): Pass to maybeBecomeReadyForMoreMediaData.
1731         (WebCore::WebCoreDecompressionSession::maybeBecomeReadyForMoreMediaData): Check in-flight decodes, and decoded frame counts.
1732         (WebCore::WebCoreDecompressionSession::enqueueSample): Pass the sample to be decoded on a background queue.
1733         (WebCore::WebCoreDecompressionSession::decodeSample): Decode the sample.
1734         (WebCore::WebCoreDecompressionSession::decompressionOutputCallback): Call handleDecompressionOutput.
1735         (WebCore::WebCoreDecompressionSession::handleDecompressionOutput): Pass decoded sample to be enqueued on the main thread.
1736         (WebCore::WebCoreDecompressionSession::getFirstVideoFrame):
1737         (WebCore::WebCoreDecompressionSession::enqueueDecodedSample): Enqueue the frame (if it's a displayed frame).
1738         (WebCore::WebCoreDecompressionSession::isReadyForMoreMediaData): Return whether we've hit our high water sample count.
1739         (WebCore::WebCoreDecompressionSession::requestMediaDataWhenReady):
1740         (WebCore::WebCoreDecompressionSession::stopRequestingMediaData): Unset the same.
1741         (WebCore::WebCoreDecompressionSession::notifyWhenHasAvailableVideoFrame): Set a callback to notify when a decoded frame has been enqueued.
1742         (WebCore::WebCoreDecompressionSession::imageForTime): Successively dequeue images until reaching one at or beyond the requested time.
1743         (WebCore::WebCoreDecompressionSession::flush): Synchronously empty the producer and consumer queues.
1744         (WebCore::WebCoreDecompressionSession::getDecodeTime): Utility method.
1745         (WebCore::WebCoreDecompressionSession::getPresentationTime): Ditto.
1746         (WebCore::WebCoreDecompressionSession::getDuration): Ditto.
1747         (WebCore::WebCoreDecompressionSession::compareBuffers): Ditto.
1748         * platform/cocoa/VideoToolboxSoftLink.cpp: Added.
1749         * platform/cocoa/VideoToolboxSoftLink.h: Added.
1750
1751 2017-05-18  Said Abou-Hallawa  <sabouhallawa@apple.com>
1752
1753         [REGRESSION](r216901): Delete ImageDecoder if BitmapImage::destroyDecodedData() was called to destroy all the decoded frames
1754         https://bugs.webkit.org/show_bug.cgi?id=172325
1755
1756         Reviewed by Simon Fraser.
1757
1758         When calling BitmapImage::destroyDecodedData() with destroyAll = true, the
1759         current ImageDecoder has to be deleted regardless the current frame needs
1760         to be cached or not. This is true except when the image is animating.
1761         Creating a new ImageDecoder for the animated image will lead to decoding
1762         all the frames from frame-zero till the current frame.
1763
1764         Deleting the current ImageDecoder has the benefit of releasing its raster
1765         data. We also must delete the current ImageDecoder when the CachedImage
1766         switched its data SharedBuffer.
1767
1768         The fix is return the condition in BitmapImage::destroyDecodedData() to 
1769         be as it was before r216901.
1770
1771         * platform/graphics/BitmapImage.cpp:
1772         (WebCore::BitmapImage::destroyDecodedData):
1773
1774 2017-05-18  Ryan Haddad  <ryanhaddad@apple.com>
1775
1776         Unreviewed, rolling out r217079.
1777
1778         This change broke internal builds.
1779
1780         Reverted changeset:
1781
1782         "Redundant ellipsis box triggers
1783         ASSERT_WITH_SECURITY_IMPLICATION in InlineBox::parent()."
1784         https://bugs.webkit.org/show_bug.cgi?id=172309
1785         http://trac.webkit.org/changeset/217079
1786
1787 2017-05-18  Joseph Pecoraro  <pecoraro@apple.com>
1788
1789         Web Inspector: Release InjectedScripts when frontends close
1790         https://bugs.webkit.org/show_bug.cgi?id=172313
1791
1792         Reviewed by Andreas Kling.
1793
1794         * inspector/InspectorController.cpp:
1795         (WebCore::InspectorController::disconnectFrontend):
1796         Release inspector resources together, including discarding injected
1797         scripts so that they may be collected.
1798
1799         (WebCore::InspectorController::inspectedPageDestroyed):
1800         (WebCore::InspectorController::disconnectAllFrontends):
1801         Move the disconnect call inside of disconnectAllFrontends to establish
1802         a pattern of releasing web inspector resources together.
1803
1804 2017-05-18  Simon Fraser  <simon.fraser@apple.com>
1805
1806         Add a newline after the URL in showLayerTree output.
1807
1808         Reviewed by Zalan Bujtas.
1809
1810         * rendering/RenderLayer.cpp:
1811         (WebCore::showLayerTree):
1812
1813 2017-05-18  Wenson Hsieh  <wenson_hsieh@apple.com>
1814
1815         Attachment drag preview should not have the attachment outline
1816         https://bugs.webkit.org/show_bug.cgi?id=172327
1817         <rdar://problem/32282831>
1818
1819         Reviewed by Tim Horton.
1820
1821         When creating a drag image for an attachment element, don't include borders around the attachment.
1822
1823         * page/DragController.cpp:
1824         (WebCore::DragController::startDrag):
1825         * rendering/RenderAttachment.h:
1826         * rendering/RenderThemeIOS.mm:
1827         (WebCore::RenderThemeIOS::paintAttachment):
1828
1829 2017-05-18  Youenn Fablet  <youenn@apple.com>
1830
1831         Make WebRTC logging happen in Release
1832         https://bugs.webkit.org/show_bug.cgi?id=172307
1833
1834         Reviewed by Eric Carlson.
1835
1836         No change of behavior.
1837         Move from LOG(WebRTC...) to RELEASE_LOG(WebRTC...).
1838
1839         * Modules/mediastream/PeerConnectionBackend.cpp:
1840         (WebCore::PeerConnectionBackend::createOfferSucceeded):
1841         (WebCore::PeerConnectionBackend::createOfferFailed):
1842         (WebCore::PeerConnectionBackend::createAnswerSucceeded):
1843         (WebCore::PeerConnectionBackend::createAnswerFailed):
1844         (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
1845         (WebCore::PeerConnectionBackend::setLocalDescriptionFailed):
1846         (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
1847         (WebCore::PeerConnectionBackend::setRemoteDescriptionFailed):
1848         (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
1849         (WebCore::PeerConnectionBackend::addIceCandidateFailed):
1850         (WebCore::PeerConnectionBackend::newICECandidate):
1851         (WebCore::PeerConnectionBackend::doneGatheringCandidates):
1852         * Modules/mediastream/RTCPeerConnection.cpp:
1853         (WebCore::RTCPeerConnection::queuedCreateOffer):
1854         (WebCore::RTCPeerConnection::queuedCreateAnswer):
1855         (WebCore::RTCPeerConnection::queuedSetLocalDescription):
1856         (WebCore::RTCPeerConnection::queuedSetRemoteDescription):
1857         (WebCore::RTCPeerConnection::queuedAddIceCandidate):
1858
1859 2017-05-18  Eric Carlson  <eric.carlson@apple.com>
1860
1861         [MediaStream] do not cache gUM permissions
1862         https://bugs.webkit.org/show_bug.cgi?id=172245
1863
1864         Reviewed by Youenn Fablet.
1865
1866         No new tests, updated fast/mediastream/MediaDevices-getUserMedia.html.
1867
1868         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
1869         (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints): Add salt parameter.
1870         * platform/mediastream/RealtimeMediaSourceCenter.h:
1871
1872 2017-05-18  Zalan Bujtas  <zalan@apple.com>
1873
1874         Redundant ellipsis box triggers ASSERT_WITH_SECURITY_IMPLICATION in InlineBox::parent().
1875         https://bugs.webkit.org/show_bug.cgi?id=172309
1876         <rdar://problem/32262357>
1877
1878         Reviewed by Simon Fraser.
1879
1880         This patch stops the redundant ellipsis box trigger ASSERT_WITH_SECURITY_IMPLICATION.
1881
1882         In RootInlineBox::placeEllipsis we construct an ellipsis box and append it to a static HashMap which
1883         keeps track of the ellipsis boxes on each line. However when the line already has an ellipsis, we
1884         re-use the existing one and this newly constructed (but redundant) box gets destroyed as we return from this function.
1885         In InlineBox's d'tor, we let the parent know that now it has a dangling child and we assert on it
1886         later, while accessing the children list. However this redundant ellipsis box was never added to the line,
1887         so the assertion hits incorrectly.
1888
1889         Test: fast/inline/redundant-ellipsis-triggers-assert-incorrectly.html
1890
1891         * rendering/EllipsisBox.cpp:
1892         (WebCore::EllipsisBox::EllipsisBox):
1893         * rendering/InlineBox.cpp:
1894         (WebCore::InlineBox::invalidateParentChildList):
1895         * rendering/InlineBox.h:
1896         * rendering/RootInlineBox.cpp:
1897         (WebCore::RootInlineBox::placeEllipsis): Use the newly created ellipsis box instead.
1898
1899 2017-05-18  Andy Estes  <aestes@apple.com>
1900
1901         ENABLE(APPLE_PAY_DELEGATE) should be NO on macOS Sierra and earlier
1902         https://bugs.webkit.org/show_bug.cgi?id=172305
1903
1904         Reviewed by Anders Carlsson.
1905
1906         * Configurations/FeatureDefines.xcconfig:
1907
1908 2017-05-18  Dean Jackson  <dino@apple.com>
1909
1910         Transform misplaces element 50% of the time
1911         https://bugs.webkit.org/show_bug.cgi?id=172300
1912
1913         Reviewed by Simon Fraser.
1914
1915         A hardware-accelerated animation of the transform property
1916         requires layout to happen if it contains a translate operation
1917         using percentages, otherwise it may create an incorrect
1918         animation. The "50% of the time" comes in to play because
1919         the layout timer may sometimes fire before the animation
1920         timer. The test case contains a example that is much more
1921         likely to fail without this fix.
1922
1923         Test: animations/needs-layout.html
1924
1925         * page/animation/CSSAnimationController.cpp:
1926         (WebCore::CSSAnimationControllerPrivate::animationTimerFired): If
1927         we've been told that we need a layout, and we have one pending, then
1928         force it before doing the rest of the animation logic.
1929         (WebCore::CSSAnimationController::updateAnimations): Check if the
1930         CompositeAnimation depends on layout, and tell the private controller
1931         that it should check for the necessity of a layout as the animation
1932         timer fires.
1933
1934         * page/animation/CompositeAnimation.cpp:
1935         (WebCore::CompositeAnimation::animate): Ask the keyframes if this
1936         animation depends on layout.
1937
1938         * page/animation/CompositeAnimation.h:
1939         (WebCore::CompositeAnimation::hasAnimationThatDependsOnLayout):
1940         * page/animation/KeyframeAnimation.cpp:
1941         (WebCore::KeyframeAnimation::KeyframeAnimation):
1942         (WebCore::KeyframeAnimation::computeLayoutDependency): Look at all
1943         the keyframe properties for something that is a translation using
1944         percentages.
1945
1946         * page/animation/KeyframeAnimation.h:
1947
1948 2017-05-18  Wenson Hsieh  <wenson_hsieh@apple.com>
1949
1950         Selection around attachment elements should not persist when beginning a drag
1951         https://bugs.webkit.org/show_bug.cgi?id=172319
1952         <rdar://problem/32283008>
1953
1954         Reviewed by Tim Horton.
1955
1956         When beginning to drag an attachment element, save and restore the visible selection when calling out to the
1957         injected bundle for additional data, and when creating the drag image.
1958
1959         Augmented an existing API test: DataInteractionTests.AttachmentElementItemProviders.
1960
1961         * page/DragController.cpp:
1962         (WebCore::DragController::startDrag):
1963
1964 2017-05-18  Daniel Bates  <dabates@apple.com>
1965
1966         Cleanup: Remove unused functions from RuntimeEnabledFeatures
1967         https://bugs.webkit.org/show_bug.cgi?id=172315
1968
1969         Reviewed by Jer Noble.
1970
1971         * page/RuntimeEnabledFeatures.cpp:
1972         (WebCore::RuntimeEnabledFeatures::htmlMediaElementEnabled): Deleted.
1973         (WebCore::RuntimeEnabledFeatures::htmlVideoElementEnabled): Deleted.
1974         (WebCore::RuntimeEnabledFeatures::htmlSourceElementEnabled): Deleted.
1975         (WebCore::RuntimeEnabledFeatures::mediaControllerEnabled): Deleted.
1976         (WebCore::RuntimeEnabledFeatures::mediaErrorEnabled): Deleted.
1977         (WebCore::RuntimeEnabledFeatures::timeRangesEnabled): Deleted.
1978         * page/RuntimeEnabledFeatures.h:
1979         (WebCore::RuntimeEnabledFeatures::setDOMIteratorEnabled): Deleted.
1980         (WebCore::RuntimeEnabledFeatures::domIteratorEnabled): Deleted.
1981         (WebCore::RuntimeEnabledFeatures::setGeolocationEnabled): Deleted.
1982         (WebCore::RuntimeEnabledFeatures::geolocationEnabled): Deleted.
1983
1984 2017-05-18  Daniel Bates  <dabates@apple.com>
1985
1986         Improve error message for Access-Control-Allow-Origin violation due to misconfigured server
1987         https://bugs.webkit.org/show_bug.cgi?id=162819
1988         <rdar://problem/28575938>
1989
1990         Reviewed by Joseph Pecoraro.
1991
1992         Inspired by Blink change:
1993         <https://src.chromium.org/viewvc/blink?view=revision&revision=163406>
1994
1995         At most one Access-Control-Allow-Origin header may be in an HTTP response. Improve the
1996         error message emitted on a CORS failure when Access-Control-Allow-Origin contains more
1997         than one origin, indicated by the presence of a ',', as a way to help web developers/server
1998         administrators differentiate between a misconfigured Access-Control-Allow-Origin header
1999         and a misconfigured server.
2000
2001         * loader/CrossOriginAccessControl.cpp:
2002         (WebCore::passesAccessControlCheck): Defined a local variable to hold the value of securityOrigin.toString()
2003         and referenced this variable throughout the code to avoid computing the stringified security
2004         origin more than once. Switched to using makeString() to concatenate error message when the
2005         origin of the page does not match the value of the Access-Control-Allow-Origin header.
2006
2007 2017-05-18  John Wilander  <wilander@apple.com>
2008
2009         Resource Load Statistics: Grandfather domains for existing data records
2010         https://bugs.webkit.org/show_bug.cgi?id=172155
2011         <rdar://problem/24913532>
2012
2013         Reviewed by Alex Christensen.
2014
2015         Test: http/tests/loading/resourceLoadStatistics/grandfathering.html
2016
2017         * loader/ResourceLoadObserver.cpp:
2018         (WebCore::ResourceLoadObserver::setGrandfathered):
2019         (WebCore::ResourceLoadObserver::isGrandfathered):
2020         (WebCore::ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval):
2021         (WebCore::ResourceLoadObserver::setGrandfatheringTime):
2022             Functions for testing and configuration.
2023             ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval() changed as a result of moving
2024             WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
2025         * loader/ResourceLoadObserver.h:
2026         * loader/ResourceLoadStatisticsStore.cpp:
2027         (WebCore::ResourceLoadStatisticsStore::createEncoderFromData):
2028         (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):
2029             Now contains endOfGrandfatheringTimestamp.
2030         (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent):
2031             Now makes a call to m_grandfatherExistingWebsiteDataHandler().
2032         (WebCore::ResourceLoadStatisticsStore::setGrandfatherExistingWebsiteDataCallback):
2033         (WebCore::ResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval):
2034             Changed as a result of moving
2035             WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
2036         (WebCore::ResourceLoadStatisticsStore::setGrandfatheringTime):
2037         (WebCore::ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor):
2038             Renamed since it now also takes grandfathering into account.
2039         (WebCore::ResourceLoadStatisticsStore::updateStatisticsForRemovedDataRecords):
2040             Fixed typo in local variable name.
2041         (WebCore::ResourceLoadStatisticsStore::handleFreshStartWithEmptyOrNoStore):
2042         (WebCore::ResourceLoadStatisticsStore::shouldRemoveDataRecords):
2043             Convenience function added.
2044         (WebCore::ResourceLoadStatisticsStore::dataRecordsBeingRemoved):
2045             Convenience function added.
2046         (WebCore::ResourceLoadStatisticsStore::dataRecordsWereRemoved):
2047             Convenience function added.
2048         (WebCore::ResourceLoadStatisticsStore::prevalentResourceDomainsWithoutUserInteraction): Deleted.
2049             Replaced by ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor().
2050         * loader/ResourceLoadStatisticsStore.h:
2051
2052 2017-05-18  Daniel Bates  <dabates@apple.com>
2053
2054         Bindings: Require value for extended attributes EnabledAtRuntime and EnabledForWorld
2055         https://bugs.webkit.org/show_bug.cgi?id=172252
2056
2057         Reviewed by Sam Weinig.
2058
2059         According to Sam Weinig it is an anti-feature that EnabledAtRuntime can be specified
2060         without a value. We should make it require a value for the name of the RuntimeEnabledFeatures
2061         function to use in the generated code. For similar reasons we should also require
2062         a value for the extended attribute EnabledForWorld.
2063
2064         * Modules/websockets/WebSocket.idl: Substitute EnabledAtRuntime=WebSocket for EnabledAtRuntime.
2065         * bindings/scripts/CodeGeneratorJS.pm:
2066         (GetRuntimeEnableFunctionName):
2067         * html/HTMLAudioElement.idl: Substitute EnabledAtRuntime=Audio for EnabledAtRuntime.
2068         * page/RuntimeEnabledFeatures.cpp:
2069         (WebCore::RuntimeEnabledFeatures::audioEnabled):
2070         (WebCore::RuntimeEnabledFeatures::htmlAudioElementEnabled): Deleted. This function duplicated
2071         the functionality of RuntimeEnabledFeatures::audioEnabled(). Instead we explicitly
2072         write EnabledAtRuntime=Audio in HTMLAudioElement.idl to use RuntimeEnabledFeatures::audioEnabled()
2073         to determine whether to expose/conceal the HTMLAudioElement global constructor at runtime.
2074         * page/RuntimeEnabledFeatures.h:
2075
2076 2017-05-18  Jer Noble  <jer.noble@apple.com>
2077
2078         Allow nested timers to propagate user gestures so long as the total nested interval is less than 1s.
2079         https://bugs.webkit.org/show_bug.cgi?id=172173
2080
2081         Reviewed by Andy Estes.
2082
2083         Test: media/restricted-audio-playback-with-multiple-settimeouts.html
2084
2085         Store the current nested timer interval in DOMTimerFireState, and use that value to propagate the
2086         nested interval through multiple invocations of setTimeout().
2087
2088         Drive-by fix: instead of manually resetting the nesting level in DOMTimer::fired(), add the
2089         nesting level to the DOMTimerFireState, and reset the nesting level on the state's destruction.
2090         This fixes one place in DOMTimer::fire() where an early return lead to the timer's nesting level
2091         not being reset.
2092
2093         * page/DOMTimer.cpp:
2094         (WebCore::DOMTimerFireState::DOMTimerFireState):
2095         (WebCore::DOMTimerFireState::~DOMTimerFireState):
2096         (WebCore::DOMTimerFireState::nestedTimerInterval):
2097         (WebCore::shouldForwardUserGesture):
2098         (WebCore::userGestureTokenToForward):
2099         (WebCore::currentNestedTimerInterval):
2100         (WebCore::DOMTimer::DOMTimer):
2101         (WebCore::DOMTimer::fired):
2102         * page/DOMTimer.h:
2103
2104 2017-05-18  Youenn Fablet  <youenn@apple.com>
2105
2106         RealtimeOutgoingAudioSource should use the source sample rate
2107         https://bugs.webkit.org/show_bug.cgi?id=172297
2108
2109         Reviewed by Eric Carlson.
2110
2111         Covered by manual tests.
2112
2113         * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
2114         (WebCore::RealtimeOutgoingAudioSource::audioSamplesAvailable): Using the audio source sample rate so that the converter does the right conversion.
2115
2116 2017-05-18  Andy Estes  <aestes@apple.com>
2117
2118         Add "countryCode" to ApplePayErrorContactField
2119         https://bugs.webkit.org/show_bug.cgi?id=172264
2120         <rdar://problem/32004909>
2121
2122         Reviewed by Anders Carlsson.
2123
2124         Added ApplePayError tests to http/tests/ssl/applepay/ApplePaySession.html
2125
2126         * Modules/applepay/ApplePayError.idl:
2127         * Modules/applepay/PaymentRequest.h:
2128
2129 2017-05-18  Daniel Bates  <dabates@apple.com>
2130
2131         Cleanup: Remove unnecessary call to AddToImplIncludes("RuntimeEnabledFeatures.h") in GenerateImplementation()
2132         https://bugs.webkit.org/show_bug.cgi?id=172236
2133
2134         Reviewed by Chris Dumez.
2135
2136         It is unnecessary for GenerateImplementation() to explicitly call AddToImplIncludes("RuntimeEnabledFeatures.h")
2137         to add the header RuntimeEnabledFeatures.h to the list of headers in the generated implementation
2138         as this header is added when GetRuntimeEnableFunctionName() is called. And GenerateImplementation()
2139         calls GetRuntimeEnableFunctionName().
2140
2141         No functionality changed. So, no new tests.
2142
2143         * bindings/scripts/CodeGeneratorJS.pm:
2144         (GenerateImplementation):
2145
2146 2017-05-18  Daniel Bates  <dabates@apple.com>
2147
2148         REGRESSION (r209608): Cross-origin plugin document opened in child window blocked by parent
2149         window CSP when object-src 'none' is set
2150         https://bugs.webkit.org/show_bug.cgi?id=172038
2151         <rdar://problem/32258262>
2152
2153         Reviewed by Andy Estes.
2154
2155         Fixes an issue where a cross-origin plugin document opened in a child window would inherit
2156         the Content Security Policy (CSP) of its opener. In particular, a cross-origin plugin
2157         document opened in a child window would be blocked when the CSP of its opener disallows
2158         plugins (e.g. object-source 'none').
2159
2160         Prior to r209608 a document opened in a child window never inherited the CSP from its opener
2161         and a plugin document loaded in a subframe would unconditionally inherit the CSP from its
2162         parent frame. So, a plugin document opened in a child window would be allowed to load
2163         regardless of whether its opener had a CSP that prevented plugins. Following r209608 a
2164         document opened in a child window would inherit its CSP from its opener if and only if it
2165         would inherit the security origin from its opener (e.g. about:blank) or was a plugin
2166         document. The latter condition makes plugin documents opened in a child window unconditionally
2167         inherit the CSP from their opener and is the cause of this bug. It seems reasonable to exempt
2168         cross-origin plugin documents opened in a child window from the CSP inheritance rule because
2169         such documents cannot compromise the origin of their opener. Same-origin plugin documents
2170         opened in a child window will continue to inherit the CSP from their opener because such
2171         documents can compromise the origin of their opener.
2172
2173         Tests: http/tests/security/contentSecurityPolicy/cross-origin-plugin-document-allowed-in-child-window.html
2174                http/tests/security/contentSecurityPolicy/plugin-blocked-in-about-blank-window.html
2175                http/tests/security/contentSecurityPolicy/same-origin-plugin-document-blocked-in-child-window.html
2176
2177         * dom/Document.cpp:
2178         (WebCore::Document::shouldInheritContentSecurityPolicyFromOwner): Added.
2179         (WebCore::Document::initContentSecurityPolicy):
2180         * dom/Document.h:
2181
2182 2017-05-18  Keith Miller  <keith_miller@apple.com>
2183
2184         WebAssembly API: test with neutered inputs
2185         https://bugs.webkit.org/show_bug.cgi?id=163899
2186
2187         Reviewed by JF Bastien.
2188
2189         Make it not possible to transfer an ArrayBuffer that is backed by a
2190         wasm memory.
2191
2192         Test: workers/wasm-mem-post-message.html
2193
2194         * bindings/js/SerializedScriptValue.cpp:
2195         (WebCore::SerializedScriptValue::create):
2196
2197 2017-05-18  Commit Queue  <commit-queue@webkit.org>
2198
2199         Unreviewed, rolling out r217031, r217032, and r217037.
2200         https://bugs.webkit.org/show_bug.cgi?id=172293
2201
2202         cause linking errors in Windows (Requested by yusukesuzuki on
2203         #webkit).
2204
2205         Reverted changesets:
2206
2207         "[JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass"
2208         https://bugs.webkit.org/show_bug.cgi?id=172098
2209         http://trac.webkit.org/changeset/217031
2210
2211         "Unreviewed, rebaseline for newly added ClassInfo"
2212         https://bugs.webkit.org/show_bug.cgi?id=172098
2213         http://trac.webkit.org/changeset/217032
2214
2215         "Unreviewed, fix debug and non-JIT build"
2216         https://bugs.webkit.org/show_bug.cgi?id=172098
2217         http://trac.webkit.org/changeset/217037
2218
2219 2017-05-18  Per Arne Vollan  <pvollan@apple.com>
2220
2221         Protect MediaDeviceRequest instance during context destruction.
2222         https://bugs.webkit.org/show_bug.cgi?id=172285
2223         <rdar://problem/30369017>
2224
2225         Reviewed by Brent Fulgham.
2226
2227         In MediaDevicesRequest::contextDestroyed(), the call to m_enumerationRequest->cancel() might
2228         end up deleting itself (MediaDevicesRequest). The std::function member m_completionHandler
2229         in MediaDevicesEnumerationRequest contains a captured variable of type
2230         RefPtr<MediaDevicesRequest>. When m_completionHandler is set to null in the cancel() method,
2231         the MediaDevicesRequest object will be deleted if the m_completionHandler member is holding
2232         the last reference.
2233
2234         No new tests, since I am unable to reproduce.
2235
2236         * Modules/mediastream/MediaDevicesRequest.cpp:
2237         (WebCore::MediaDevicesRequest::contextDestroyed):
2238
2239 2017-05-18  Antti Koivisto  <antti@apple.com>
2240
2241         Design mode should not affect UA shadow trees
2242         https://bugs.webkit.org/show_bug.cgi?id=171854
2243         <rdar://problem/32071037>
2244
2245         Reviewed by Zalan Bujtas.
2246
2247         Test: editing/deleting/search-shadow-tree-delete.html
2248
2249         * html/HTMLElement.cpp:
2250         (WebCore::HTMLElement::editabilityFromContentEditableAttr):
2251
2252             Ignore design mode for UA shadow trees.
2253
2254         * html/SearchInputType.cpp:
2255         (WebCore::SearchInputType::~SearchInputType):
2256         (WebCore::SearchInputType::createShadowSubtree):
2257         (WebCore::SearchInputType::resultsButtonElement):
2258         (WebCore::SearchInputType::cancelButtonElement):
2259         * html/SearchInputType.h:
2260
2261             Use RefPtr.
2262
2263 2017-05-18  Vanessa Chipirrás Navalón  <vchipirras@igalia.com>
2264
2265         [GTK][GStreamer][MSE] Crash on youtube when MSE is enabled but gstreamer cant find the decoder element.
2266         https://bugs.webkit.org/show_bug.cgi?id=167120
2267
2268         Reviewed by Žan Doberšek.
2269
2270         This is because supportCodecs() doesn't check in runtime which plugins the player has.
2271         So, a static function which returns a map with the plugins has been created. That map is later
2272         used in the supportsCodecs() method to check if the requested codec matches any of the map.
2273
2274         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
2275         (WebCore::MediaPlayerPrivateGStreamerBase::initializeGStreamerAndRegisterWebKitElements):
2276         The declaration is moved into this class.
2277         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2278         (WebCore::MediaPlayerPrivateGStreamer::isAvailable): This function calls the implementation of
2279         initializeGstreamerAndRegisterWebKitElements function.
2280         (WebCore::MediaPlayerPrivateGStreamer::load): Ditto
2281         (WebCore::mimeTypeSet): Ditto
2282         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h: It is static type to expose
2283         initializeGStreamerAndRegisterWebKitElements() function to be called from internal function
2284         "which runs before MediaPlayerPrivateGStreamerBase initialization but needs to have GStreamer initialized".
2285         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
2286         (WebCore::codecSet): It returns a map with the plugins has been created.
2287         (WebCore::MediaPlayerPrivateGStreamerMSE::supportsCodecs): To check if the requested codec
2288         matches any of the map from codecSet().
2289
2290 2017-05-18  Romain Bellessort  <romain.bellessort@crf.canon.fr>
2291
2292         [Readable Streams API] Align getDesiredSize with spec
2293         https://bugs.webkit.org/show_bug.cgi?id=172220
2294
2295         Reviewed by Chris Dumez.
2296
2297         Aligned implementation of getDesiredSize operation for both controllers:
2298         - https://streams.spec.whatwg.org/#readable-stream-default-controller-get-desired-size
2299         - https://streams.spec.whatwg.org/#readable-byte-stream-controller-get-desired-size
2300
2301         Implementation slightly differs from spec as queueTotalSize refactoring is not
2302         yet implemented, but behavior is now similar.
2303
2304         No new tests (already covered by WPT tests, corresponding expectations have been updated).
2305
2306         * Modules/streams/ReadableByteStreamInternals.js:
2307         (readableByteStreamControllerGetDesiredSize): Updated.
2308         * Modules/streams/ReadableStreamInternals.js:
2309         (readableStreamDefaultControllerGetDesiredSize): Updated.
2310
2311 2017-05-18  Tim Horton  <timothy_horton@apple.com>
2312
2313         More WebKit2 header cleanup
2314         https://bugs.webkit.org/show_bug.cgi?id=172214
2315
2316         Reviewed by Simon Fraser.
2317
2318         * Modules/mediastream/UserMediaController.cpp:
2319         * Modules/mediastream/UserMediaController.h:
2320
2321 2017-05-16  Yusuke Suzuki  <utatane.tea@gmail.com>
2322
2323         [JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass
2324         https://bugs.webkit.org/show_bug.cgi?id=172098
2325
2326         Reviewed by Saam Barati.
2327
2328         Add DOMJIT interface IDL attribute. Which allows us to define checkSubClassPatchpoint function
2329         for that ClassInfo. And we move CheckSubClass patchpoint implementation to ClassInfo's member.
2330
2331         * CMakeLists.txt:
2332         * WebCore.xcodeproj/project.pbxproj:
2333         * bindings/js/JSDOMGlobalObject.cpp:
2334         * bindings/js/JSDOMWindowBase.cpp:
2335         * bindings/js/JSDOMWindowProperties.cpp:
2336         * bindings/js/JSDOMWindowShell.cpp:
2337         * bindings/js/JSReadableStreamPrivateConstructors.cpp:
2338         * bindings/js/JSWorkerGlobalScopeBase.cpp:
2339         * bindings/scripts/CodeGeneratorJS.pm:
2340         (GenerateHeader):
2341         (GenerateImplementation):
2342         (GenerateImplementationIterableFunctions):
2343         (GenerateConstructorHelperMethods):
2344         * bindings/scripts/IDLAttributes.json:
2345         * bindings/scripts/test/JS/JSInterfaceName.cpp:
2346         * bindings/scripts/test/JS/JSMapLike.cpp:
2347         * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
2348         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
2349         * bindings/scripts/test/JS/JSTestCEReactions.cpp:
2350         * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
2351         * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
2352         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
2353         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
2354         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
2355         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
2356         * bindings/scripts/test/JS/JSTestDOMJIT.h:
2357         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
2358         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
2359         * bindings/scripts/test/JS/JSTestException.cpp:
2360         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
2361         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
2362         * bindings/scripts/test/JS/JSTestInterface.cpp:
2363         * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
2364         * bindings/scripts/test/JS/JSTestIterable.cpp:
2365         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
2366         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
2367         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
2368         * bindings/scripts/test/JS/JSTestNode.cpp:
2369         * bindings/scripts/test/JS/JSTestObj.cpp:
2370         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
2371         * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
2372         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
2373         * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
2374         * bindings/scripts/test/JS/JSTestSerialization.cpp:
2375         * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
2376         * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
2377         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2378         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2379         * bridge/c/CRuntimeObject.cpp:
2380         * bridge/c/c_instance.cpp:
2381         * bridge/objc/ObjCRuntimeObject.mm:
2382         * bridge/objc/objc_instance.mm:
2383         * bridge/objc/objc_runtime.mm:
2384         * bridge/runtime_array.cpp:
2385         * bridge/runtime_method.cpp:
2386         * bridge/runtime_object.cpp:
2387         * dom/Document.idl:
2388         * dom/DocumentFragment.idl:
2389         * dom/Element.idl:
2390         * dom/Event.idl:
2391         * dom/Node.idl:
2392         * domjit/JSDocumentDOMJIT.cpp:
2393         (WebCore::JSDocument::checkSubClassPatchpoint):
2394         (WebCore::DocumentDocumentElementDOMJIT::checkDOM): Deleted.
2395         (WebCore::DocumentBodyDOMJIT::checkDOM): Deleted.
2396         * domjit/JSDocumentFragmentDOMJIT.cpp: Copied from Source/JavaScriptCore/runtime/JSMap.cpp.
2397         (WebCore::JSDocumentFragment::checkSubClassPatchpoint):
2398         * domjit/JSElementDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
2399         (WebCore::JSElement::checkSubClassPatchpoint):
2400         * domjit/JSEventDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
2401         (WebCore::JSEvent::checkSubClassPatchpoint):
2402         * domjit/JSNodeDOMJIT.cpp:
2403         (WebCore::JSNode::checkSubClassPatchpoint):
2404         (WebCore::NodeFirstChildDOMJIT::checkDOM): Deleted.
2405         (WebCore::NodeLastChildDOMJIT::checkDOM): Deleted.
2406         (WebCore::NodeNextSiblingDOMJIT::checkDOM): Deleted.
2407         (WebCore::NodePreviousSiblingDOMJIT::checkDOM): Deleted.
2408         (WebCore::NodeParentNodeDOMJIT::checkDOM): Deleted.
2409         (WebCore::NodeNodeTypeDOMJIT::checkDOM): Deleted.
2410         (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted.
2411
2412 2017-05-17  Youenn Fablet  <youenn@apple.com>
2413
2414         r216999 broke win build
2415         https://bugs.webkit.org/show_bug.cgi?id=172257
2416
2417         Unreviewed.
2418
2419         * testing/Internals.cpp:
2420         (WebCore::Internals::setPageVisibility): Moving setPageVisibility out of MEDIA_STREAM compilation flag.
2421
2422 2017-05-17  Andy Estes  <aestes@apple.com>
2423
2424         [Cocoa] errors are not propagated to PassKit when calling ApplePaySession.completePayment()
2425         https://bugs.webkit.org/show_bug.cgi?id=172253
2426         <rdar://problem/32258020>
2427
2428         Reviewed by Dan Bernstein.
2429
2430         In ApplePaySession::completePayment(), releaseReturnValue() was being called twice on the
2431         same convertedResult. Since the first call moved the errors vector out of convertedResult,
2432         the vector is empty in the second call. It's the second call that sends the result to the
2433         UI process, so we end up with an empty arary when we call PassKit's delegate completion
2434         handler.
2435
2436         * Modules/applepay/ApplePaySession.cpp:
2437         (WebCore::ApplePaySession::completePayment):
2438
2439 2017-05-17  Ryan Haddad  <ryanhaddad@apple.com>
2440
2441         Unreviewed, rolling out r217014.
2442
2443         This change caused mac-wk2 LayoutTests to exit early due to
2444         crashes.
2445
2446         Reverted changeset:
2447
2448         "Resource Load Statistics: Grandfather domains for existing
2449         data records"
2450         https://bugs.webkit.org/show_bug.cgi?id=172155
2451         http://trac.webkit.org/changeset/217014
2452
2453 2017-05-17  Zalan Bujtas  <zalan@apple.com>
2454
2455         Tighten TextIterator::handleTextNode run-renderer mapping logic.
2456         https://bugs.webkit.org/show_bug.cgi?id=172174
2457
2458         Reviewed by Antti Koivisto.
2459
2460         This patch ensure that when runs and renderers are getting out of sync
2461         we don't run into problems like webkit.org/b/172113 (where we end up
2462         using incorrect content start/end positions).
2463
2464         * editing/TextIterator.cpp:
2465         (WebCore::TextIterator::handleTextNode):
2466
2467 2017-05-17  John Wilander  <wilander@apple.com>
2468
2469         Resource Load Statistics: Grandfather domains for existing data records
2470         https://bugs.webkit.org/show_bug.cgi?id=172155
2471         <rdar://problem/24913532>
2472
2473         Reviewed by Alex Christensen.
2474
2475         Test: http/tests/loading/resourceLoadStatistics/grandfathering.html
2476
2477         * loader/ResourceLoadObserver.cpp:
2478         (WebCore::ResourceLoadObserver::setGrandfathered):
2479         (WebCore::ResourceLoadObserver::isGrandfathered):
2480         (WebCore::ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval):
2481         (WebCore::ResourceLoadObserver::setGrandfatheringTime):
2482             Functions for testing and configuration.
2483             ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval() changed as a result of moving
2484             WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
2485         * loader/ResourceLoadObserver.h:
2486         * loader/ResourceLoadStatisticsStore.cpp:
2487         (WebCore::ResourceLoadStatisticsStore::createEncoderFromData):
2488         (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):
2489             Now contains endOfGrandfatheringTimestamp.
2490         (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent):
2491             Now makes a call to m_grandfatherExistingWebsiteDataHandler().
2492         (WebCore::ResourceLoadStatisticsStore::setGrandfatherExistingWebsiteDataCallback):
2493         (WebCore::ResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval):
2494             Changed as a result of moving
2495             WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
2496         (WebCore::ResourceLoadStatisticsStore::setGrandfatheringTime):
2497         (WebCore::ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor):
2498             Renamed since it now also takes grandfathering into account.
2499         (WebCore::ResourceLoadStatisticsStore::updateStatisticsForRemovedDataRecords):
2500             Fixed typo in local variable name.
2501         (WebCore::ResourceLoadStatisticsStore::handleFreshStartWithEmptyOrNoStore):
2502         (WebCore::ResourceLoadStatisticsStore::shouldRemoveDataRecords):
2503             Convenience function added.
2504         (WebCore::ResourceLoadStatisticsStore::dataRecordsBeingRemoved):
2505             Convenience function added.
2506         (WebCore::ResourceLoadStatisticsStore::dataRecordsWereRemoved):
2507             Convenience function added.
2508         (WebCore::ResourceLoadStatisticsStore::prevalentResourceDomainsWithoutUserInteraction): Deleted.
2509             Replaced by ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor().
2510         * loader/ResourceLoadStatisticsStore.h:
2511
2512 2017-05-17  Zalan Bujtas  <zalan@apple.com>
2513
2514         Debug ASSERT: WebCore::RenderImageResource::shutdown
2515         https://bugs.webkit.org/show_bug.cgi?id=172238
2516         <rdar://problem/30064601>
2517
2518         Reviewed by Simon Fraser.
2519
2520         While constructing new renderers, as part of the render tree update, we check if the insertion point is valid for them. 
2521         When this newly constructed child renderer can't be injected to a specific place, we destroy it right away.
2522         This assert was added with the assumption that the image resource object gets initialized
2523         (through RenderObject::initializeStyle) even when the renderer turns out to be invalid.
2524
2525         Test: fast/images/assert-when-insertion-point-is-incorrect.html
2526
2527         * rendering/RenderImageResource.cpp:
2528         (WebCore::RenderImageResource::RenderImageResource):
2529         (WebCore::RenderImageResource::shutdown):
2530         * rendering/RenderImageResource.h:
2531
2532 2017-05-17  Per Arne Vollan  <pvollan@apple.com>
2533
2534         Crash under WebCore::AudioSourceProviderAVFObjC::process().
2535         https://bugs.webkit.org/show_bug.cgi?id=172101
2536         rdar://problem/27446589
2537
2538         Reviewed by Jer Noble.
2539
2540         Calling the function MTAudioProcessingTapGetSourceAudio when the value of the
2541         MTAudioProcessingTapRef parameter is null, will lead to a null dereference.
2542         This can for example happen if MediaPlayerPrivateAVFoundationObjC::cancelLoad()
2543         is called on the main thread while MediaToolbox is calling the
2544         WebCore::AudioSourceProviderAVFObjC::processCallback function on a secondary
2545         thread. MediaPlayerPrivateAVFoundationObjC::cancelLoad() will then call
2546         AudioSourceProviderAVFObjC::setPlayerItem(nullptr), which will call
2547         AudioSourceProviderAVFObjC::destroyMix(), which will set m_tap to null. When
2548         AudioSourceProviderAVFObjC::process is called on the secondary thread, using
2549         the m_tap member in the call to MTAudioProcessingTapGetSourceAudio, the process
2550         will crash.
2551
2552         No new tests since I am not able to reproduce.
2553
2554         * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
2555         (WebCore::AudioSourceProviderAVFObjC::initCallback):
2556         (WebCore::AudioSourceProviderAVFObjC::process):
2557
2558 2017-05-17  Chris Dumez  <cdumez@apple.com>
2559
2560         Setting URL.search to '' results in a stringified URL ending in '?'
2561         https://bugs.webkit.org/show_bug.cgi?id=162345
2562         <rdar://problem/31800441>
2563
2564         Reviewed by Alex Christensen.
2565
2566         As per the specification for the URL.search setter [1], if the given value is
2567         the empty string, then we should set the URL's query to null. We would
2568         previously set the URL's query to the empty string in this case. This aligns
2569         our behavior with Firefox and Chrome.
2570
2571         [1] https://url.spec.whatwg.org/#dom-url-search
2572
2573         No new tests, updated existing tests.
2574
2575         * html/URLUtils.h:
2576         (WebCore::URLUtils<T>::setSearch):
2577
2578 2017-05-17  Eric Carlson  <eric.carlson@apple.com>
2579
2580         [MediaStream] videoWidth and videoHeight should be set when 'loadedmetadata' event fires
2581         https://bugs.webkit.org/show_bug.cgi?id=172223
2582         <rdar://problem/31899755>
2583
2584         Reviewed by Jer Noble.
2585
2586         Test: fast/mediastream/get-user-media-on-loadedmetadata.html
2587
2588         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2589         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentReadyState): If a stream has
2590         a video track, return HaveNothing until we have a sample.
2591        
2592         * platform/mediastream/RealtimeMediaSource.h:
2593         * platform/mock/MockRealtimeAudioSource.cpp:
2594         (WebCore::MockRealtimeAudioSource::tick): Optionally delay the next sample.
2595         (WebCore::MockRealtimeAudioSource::delaySamples):
2596         * platform/mock/MockRealtimeAudioSource.h:
2597
2598         * platform/mock/MockRealtimeVideoSource.cpp:
2599         (WebCore::MockRealtimeVideoSource::delaySamples):
2600         (WebCore::MockRealtimeVideoSource::generateFrame): Optionally delay the next sample.
2601         * platform/mock/MockRealtimeVideoSource.h:
2602
2603         * testing/Internals.cpp:
2604         (WebCore::Internals::delayMediaStreamTrackSamples):
2605         * testing/Internals.h:
2606         * testing/Internals.idl:
2607
2608 2017-05-17  Youenn Fablet  <youenn@apple.com>
2609
2610         iOS WebRTC Media Capture should not allow camera capture from background tab
2611         https://bugs.webkit.org/show_bug.cgi?id=172200
2612
2613         Reviewed by Eric Carlson.
2614
2615         Test: platform/ios/mediastream/getUserMedia-disabled-in-background-tabs.html and manual tests.
2616
2617         Making Video Capture Factory aware of Document visibility changes.
2618         On iOS, muting/unmuting the current video source according Document visibility.
2619         Not using Document visibility change observer as factories are platform and cannot implement
2620         the visibility observer interface without moving the visibility observer interface.
2621
2622         Introducing internals API to switch on/off the page visibility.
2623
2624         * dom/Document.cpp:
2625         (WebCore::Document::visibilityStateChanged):
2626         (WebCore::Document::notifyVisibilityChangedToMediaCapture):
2627         * dom/Document.h:
2628         * platform/mediastream/RealtimeMediaSource.h:
2629         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
2630         (WebCore::RealtimeMediaSourceCenter::setVisibility):
2631         * platform/mediastream/RealtimeMediaSourceCenter.h:
2632         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2633         (WebCore::AVVideoCaptureSourceFactory::setVisibility):
2634         * testing/Internals.cpp:
2635         (WebCore::Internals::setPageVisibility):
2636         * testing/Internals.h:
2637         * testing/Internals.idl:
2638
2639 2017-05-17  Said Abou-Hallawa  <sabouhallawa@apple.com>
2640
2641         When the image decoding thread makes a callOnMainThread(), ensure all the objects it needs are protected
2642         https://bugs.webkit.org/show_bug.cgi?id=171614
2643
2644         Reviewed by David Kilzer.
2645
2646         The asynchronous image decoding was designed to not block the main thread if
2647         the image is deleted. To achieve that we allow decoding the current frame
2648         even if it is not going to be used after closing the decoding queue. We 
2649         protect all the objects which the decoding thread uses. But when a frame
2650         finishes decoding the native image frame is cached on the main thread. Not
2651         all of the objects are protected when the callOnMainThread() is dispatched.
2652         The ImageFrameCache and the ImageDecoder objects are not protected.
2653
2654         This might lead to two kinds of crashes:
2655         1. A segfault inside the ImageDecoder trying to access one of its member
2656         2. A segfault inside the ImageFrameCache trying to access one of its frames
2657
2658         The fix is to protect the ImageFrameCache and the ImageDecoder when the
2659         decoding thread makes a callOnMainThread(). Also switch all the pointers
2660         the decoding threads protect to be ThreadSafeRefCounted.
2661
2662         * platform/graphics/ImageFrameCache.cpp:
2663         (WebCore::ImageFrameCache::startAsyncDecodingQueue):
2664         * platform/graphics/ImageFrameCache.h:
2665         * platform/graphics/cg/ImageDecoderCG.h:
2666         * platform/graphics/win/ImageDecoderDirect2D.h:
2667         * platform/image-decoders/ImageDecoder.h:
2668
2669 2017-05-17  Wenson Hsieh  <wenson_hsieh@apple.com>
2670
2671         A URL type is vended for a non-URL plain text string when starting data interaction
2672         https://bugs.webkit.org/show_bug.cgi?id=172228
2673         <rdar://problem/32166729>
2674
2675         Reviewed by Andy Estes.
2676
2677         Previously, when writing a plain text string to WebItemProviderPasteboard, we would write an NSString directly
2678         to the item provider by using built-in functionality in NSString+UIItemProvider. However, this causes plain
2679         strings such as "apple" to be considered URLs, since -[NSURL URLWithString:] creates a non-null NSURL. To fix
2680         this, we instead write the string as UTF8 data, for the UTI kUTTypeUTF8PlainText, if the plain text is not a
2681         URL. If the plain text is clearly a URL (determined by constructing a new WebCore URL with no base URL and the
2682         plaintext string as the absolute URL) then we additionally write an NSURL to the pasteboard.
2683
2684         2 new API tests:
2685         DataInteractionTests.SinglePlainTextWordTypeIdentifiers
2686         DataInteractionTests.SinglePlainTextURLTypeIdentifiers
2687
2688         * platform/ios/PlatformPasteboardIOS.mm:
2689         (WebCore::addRepresentationsForPlainText):
2690         (WebCore::PlatformPasteboard::writeObjectRepresentations):
2691
2692 2017-05-15  Jiewen Tan  <jiewen_tan@apple.com>
2693
2694         Replace CryptoOperationData with BufferSource for WebKitSubtleCrypto
2695         https://bugs.webkit.org/show_bug.cgi?id=172146
2696         <rdar://problem/32122256>
2697
2698         Reviewed by Brent Fulgham.
2699
2700         In this patch, we replaces CryptoOperationData with BufferSource for WebKitSubtleCrypto in
2701         the custom binding codes.
2702
2703         Test: crypto/webkitSubtle/import-export-raw-key-leak.html
2704
2705         * bindings/js/JSWebKitSubtleCryptoCustom.cpp:
2706         (WebCore::JSWebKitSubtleCrypto::encrypt):
2707         (WebCore::JSWebKitSubtleCrypto::decrypt):
2708         (WebCore::JSWebKitSubtleCrypto::sign):
2709         (WebCore::JSWebKitSubtleCrypto::verify):
2710         (WebCore::JSWebKitSubtleCrypto::digest):
2711         (WebCore::JSWebKitSubtleCrypto::importKey):
2712         (WebCore::JSWebKitSubtleCrypto::unwrapKey):
2713         * crypto/WebKitSubtleCrypto.idl:
2714
2715 2017-05-17  Youenn Fablet  <youenn@apple.com>
2716
2717         Move-related refactoring on UserMediaPermissionRequestProxy
2718         https://bugs.webkit.org/show_bug.cgi?id=172195
2719
2720         Reviewed by Alex Christensen.
2721
2722         No behavioral change.
2723
2724         * platform/mediastream/RealtimeMediaSourceCenter.h: Cleaning the function definition.
2725
2726 2017-05-17  David Kilzer  <ddkilzer@apple.com>
2727
2728         BlobDataFileReference::generateReplacementFile() should use mkstemp()
2729         <https://webkit.org/b/172192>
2730
2731         Reviewed by Brent Fulgham.
2732
2733         * platform/network/mac/BlobDataFileReferenceMac.mm:
2734         (WebCore::BlobDataFileReference::generateReplacementFile): Use
2735         mkstemp().
2736
2737 2017-05-17  Matt Lewis  <jlewis3@apple.com>
2738
2739         Unreviewed, rolling out r216974.
2740
2741         Revision caused consistent timeouts on all platforms.
2742
2743         Reverted changeset:
2744
2745         "Add a RuntimeEnabledFeature for display: contents, defaulted
2746         to false."
2747         https://bugs.webkit.org/show_bug.cgi?id=171984
2748         http://trac.webkit.org/changeset/216974
2749
2750 2017-05-17  Nan Wang  <n_wang@apple.com>
2751
2752         ASSERTION FAILED in WebCore::AccessibilityNodeObject::insertChild()
2753         https://bugs.webkit.org/show_bug.cgi?id=171927
2754         <rdar://problem/32109781>
2755
2756         Reviewed by Chris Fleizach.
2757
2758         The nextSibling() logic might include the continuation sibling that's not
2759         the child of the current renderer. Make sure we only insert the valid child.
2760
2761         Test: accessibility/insert-children-assert.html
2762
2763         * accessibility/AccessibilityObject.cpp:
2764         (WebCore::AccessibilityObject::setIsIgnoredFromParentDataForChild):
2765         * accessibility/AccessibilityRenderObject.cpp:
2766         (WebCore::AccessibilityRenderObject::nextSibling):
2767
2768 2017-05-17  Ryosuke Niwa  <rniwa@webkit.org>
2769
2770         getElementById can return a wrong elemnt when a matching element is removed during beforeload event
2771         https://bugs.webkit.org/show_bug.cgi?id=171374
2772
2773         Reviewed by Brent Fulgham.
2774
2775         The bug was caused by HTMLLinkElement firing beforeload event inside insertedInto before the tree state is updated.
2776         Delay the event dispatch to the post insertion callback.
2777
2778         Test: fast/html/link-element-removal-during-beforeload.html
2779
2780         * html/HTMLLinkElement.cpp:
2781         (WebCore::HTMLLinkElement::insertedInto):
2782         (WebCore::HTMLLinkElement::finishedInsertingSubtree):
2783         * html/HTMLLinkElement.h:
2784
2785 2017-05-17  Alex Christensen  <achristensen@webkit.org>
2786
2787         Interacting with WKHTTPCookieStores before creating WKWebViews and WKProcessPools should affect cookies used
2788         https://bugs.webkit.org/show_bug.cgi?id=171987
2789
2790         Reviewed by Brady Eidson.
2791
2792         Covered by new API tests.
2793
2794         * CMakeLists.txt:
2795         * platform/Cookie.h:
2796         (WebCore::Cookie::Cookie):
2797         (WebCore::Cookie::isNull):
2798         (WebCore::CookieHash::hash):
2799         (WebCore::CookieHash::equal):
2800         (WTF::HashTraits<WebCore::Cookie>::emptyValue):
2801         (WTF::HashTraits<WebCore::Cookie>::constructDeletedValue):
2802         (WTF::HashTraits<WebCore::Cookie>::isDeletedValue):
2803         * platform/network/Cookie.cpp: Added.
2804         (WebCore::Cookie::operator==):
2805         (WebCore::Cookie::hash):
2806         * platform/network/cocoa/CookieCocoa.mm:
2807         (WebCore::Cookie::operator NSHTTPCookie *):
2808         (WebCore::Cookie::operator==):
2809         (WebCore::Cookie::hash):
2810         * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
2811         (WebCore::NetworkStorageSession::setCookies):
2812         Use NSHTTPCookie's hash and equality comparison to more closely match the NSHTTPCookie behavior.
2813
2814 2017-05-17  Emilio Cobos Álvarez  <ecobos@igalia.com>
2815
2816         Add a RuntimeEnabledFeature for display: contents, defaulted to false.
2817         https://bugs.webkit.org/show_bug.cgi?id=171984
2818
2819         Reviewed by Antti Koivisto.
2820
2821         The "defaulted to false" is not only because there are spec issues,
2822         but because I ran the WPT suite, and there was a fair amount of
2823         crashes and messed render trees.
2824
2825         * css/StyleResolver.cpp:
2826         (WebCore::StyleResolver::adjustRenderStyle):
2827         * page/RuntimeEnabledFeatures.h:
2828         (WebCore::RuntimeEnabledFeatures::setDisplayContentsEnabled):
2829         (WebCore::RuntimeEnabledFeatures::displayContentsEnabled):
2830
2831 2017-05-17  Antti Koivisto  <antti@apple.com>
2832
2833         Regression (198943): <marquee> shouldn't wrap text
2834         https://bugs.webkit.org/show_bug.cgi?id=172217
2835
2836         Reviewed by Andreas Kling.
2837
2838         RenderMarquee::updateMarqueeStyle mutated the style and then expected it to inherit to children.
2839         This doesn't work anymore because render tree construction is now separated from style resolution
2840         where inheritance happens.
2841
2842         Test: fast/html/marquee-child-wrap.html
2843
2844         * css/StyleResolver.cpp:
2845         (WebCore::StyleResolver::adjustRenderStyle):
2846
2847             Implement marquee hacks in adjustRenderStyle instead. This can't do the childrenInline check
2848             the previous code had but it wasn't working anyway (there are no children when updateMarqueeStyle
2849             gets called).
2850
2851         * rendering/RenderMarquee.cpp:
2852         (WebCore::RenderMarquee::updateMarqueeStyle):
2853
2854             This no longer needs mutable style.
2855
2856 2017-05-16  David Kilzer  <ddkilzer@apple.com>
2857
2858         Remove C-style casts by using xmlDocPtr instead of void*
2859         <https://webkit.org/b/172189>
2860
2861         Reviewed by Alex Christensen.
2862
2863         * dom/TransformSource.h: Fix whitespace indentation.
2864         (typedef PlatformTransformSource): Use xmlDocPtr not void*.
2865         * dom/TransformSourceLibxslt.cpp:
2866         (WebCore::TransformSource::~TransformSource): Remove cast.
2867         * xml/XSLStyleSheetLibxslt.cpp:
2868         (WebCore::XSLStyleSheet::document): Remove cast.
2869         * xml/XSLTProcessorLibxslt.cpp:
2870         (WebCore::xmlDocPtrFromNode): Remove casts.
2871         * xml/parser/XMLDocumentParser.h:
2872         (WebCore::xmlDocPtrForString): Update declaration to return
2873         xmlDocPtr not void*.
2874         * xml/parser/XMLDocumentParserLibxml2.cpp:
2875         (WebCore::XMLDocumentParser::doEnd): Change type of local
2876         variable from void* to xmlDocPtr.
2877         (WebCore::xmlDocPtrForString): Update to return xmlDocPtr
2878         not void*.
2879
2880 2017-05-16  Sam Weinig  <sam@webkit.org>
2881
2882         Bring Notification.idl up to spec
2883         https://bugs.webkit.org/show_bug.cgi?id=172156
2884
2885         Reviewed by Chris Dumez.
2886
2887         Test: http/tests/notifications/notification.html
2888
2889         * CMakeLists.txt:
2890         * DerivedSources.make:
2891         * WebCore.xcodeproj/project.pbxproj:
2892         Add new files.
2893
2894         * Modules/notifications/Notification.cpp:
2895         (WebCore::Notification::create):
2896         (WebCore::Notification::Notification):
2897         (WebCore::Notification::show):
2898         (WebCore::directionString): Deleted.
2899         (WebCore::Notification::permission): Deleted.
2900         (WebCore::Notification::permissionString): Deleted.
2901         * Modules/notifications/Notification.h:
2902         * Modules/notifications/Notification.idl:
2903         * Modules/notifications/NotificationClient.h:
2904         * Modules/notifications/NotificationDirection.h: Added.
2905         * Modules/notifications/NotificationPermission.h: Added.
2906         * Modules/notifications/NotificationPermission.idl: Added.
2907         * Modules/notifications/NotificationPermissionCallback.h:
2908         * Modules/notifications/NotificationPermissionCallback.idl:
2909         Bring up to spec, replacing DOMStrings with enums where appropriate and adding
2910         additional readonly properties to Notification to mirror options provided
2911         in construction.
2912
2913 2017-05-16  Zalan Bujtas  <zalan@apple.com>
2914
2915         Do not skip <slot> children when collecting content for innerText.
2916         https://bugs.webkit.org/show_bug.cgi?id=172113
2917         <rdar://problem/30362324>
2918
2919         Reviewed by Ryosuke Niwa and Brent Fulgham.
2920
2921         "display: contents" elements do not generate renderers but their children might.
2922         This patch ensure that we don't skip them while collecting text content.  
2923
2924         Test: fast/text/inner-text-should-include-slot-subtree.html
2925
2926         * editing/TextIterator.cpp:
2927         (WebCore::TextIterator::advance):
2928
2929 2017-05-16  Filip Pizlo  <fpizlo@apple.com>
2930
2931         GCController::garbageCollectNowIfNotDoneRecently should request Async Full GCs
2932         https://bugs.webkit.org/show_bug.cgi?id=172204
2933
2934         Reviewed by Saam Barati.
2935
2936         No new tests because existing tests will tell us if there is a problem.
2937         
2938         The goal of this change is to reduce the likelihood that we block for a GC. We want it to be
2939         benchmark-neutral.
2940         
2941         It's a 0.14% speed-up on JetStream with 24% probability.
2942         
2943         It's a 0.12% slow-down on PLT3 with 43% probability.
2944         
2945         So it's neutral on my machine.
2946
2947         * bindings/js/GCController.cpp:
2948         (WebCore::GCController::garbageCollectNowIfNotDoneRecently):
2949
2950 2017-05-16  Tim Horton  <timothy_horton@apple.com>
2951
2952         [macOS] REGRESSION: Drag images for links with right-to-left titles are incorrect (172006)
2953         https://bugs.webkit.org/show_bug.cgi?id=172006
2954         <rdar://problem/32165137>
2955
2956         Reviewed by Dean Jackson.
2957
2958         * platform/mac/DragImageMac.mm:
2959         (WebCore::LinkImageLayout::LinkImageLayout):
2960         (WebCore::createDragImageForLink):
2961         (WebCore::LinkImageLayout::addLine): Deleted.
2962         * platform/spi/cocoa/CoreTextSPI.h:
2963         Set and paint the entire frame as a single unit, making use of the
2964         CTFrameMaximumNumberOfLines attribute to limit the number of lines.
2965         This gives CoreText power over text alignment and makes RTL text lay
2966         out correctly.
2967
2968 2017-05-16  Chris Dumez  <cdumez@apple.com>
2969
2970         Implement DOMMatrix / DOMMatrixReadOnly
2971         https://bugs.webkit.org/show_bug.cgi?id=110001
2972
2973         Reviewed by Sam Weinig and Simon Fraser.
2974
2975         Implement DOMMatrix / DOMMatrixReadOnly as per:
2976         - https://drafts.fxtf.org/geometry/#DOMMatrix
2977
2978         For now, these new types co-exist with WebKitCSSMatrix / SVGMatrix. However, in the future,
2979         WebKitCSSMatrix / SVGMatrix are supposed to become aliases to DOMMatrix.
2980
2981         Most of it has been implemented. What remaining to be implemented is:
2982         - Make WebKitCSSMatrix / SVGMatrix aliases to DOMMatrix
2983         - DOMMatrix.fromFloat32Array() / fromFloat64Array()
2984         - DOMMatrixReadOnly.fromFloat32Array() / fromFloat64Array() / toFloat32Array() / toFloat64Array()
2985         - DOMMatrixReadOnly.transformPoint().
2986
2987         Tests: imported/w3c/web-platform-tests/css/geometry-1/*
2988
2989         * CMakeLists.txt:
2990         * DerivedSources.make:
2991         * WebCore.xcodeproj/project.pbxproj:
2992
2993         * bindings/scripts/CodeGeneratorJS.pm:
2994         * bindings/scripts/test/JS/JSTestObj.cpp:
2995         Fix a bug in the bindings generator causing the generator code for
2996         "Constructor(optional (DOMString or sequence<unrestricted double>) init)" to be wrong
2997         and not build.
2998
2999         * css/DOMMatrix.cpp: Added.
3000         (WebCore::DOMMatrix::DOMMatrix):
3001         (WebCore::DOMMatrix::fromMatrix):
3002         (WebCore::DOMMatrix::multiplySelf):
3003         (WebCore::DOMMatrix::preMultiplySelf):
3004         (WebCore::DOMMatrix::translateSelf):
3005         (WebCore::DOMMatrix::scaleSelf):
3006         (WebCore::DOMMatrix::scale3dSelf):
3007         (WebCore::DOMMatrix::rotateSelf):
3008         (WebCore::DOMMatrix::rotateFromVectorSelf):
3009         (WebCore::DOMMatrix::rotateAxisAngleSelf):
3010         (WebCore::DOMMatrix::skewXSelf):
3011         (WebCore::DOMMatrix::skewYSelf):
3012         (WebCore::DOMMatrix::invertSelf):
3013         (WebCore::DOMMatrix::setMatrixValueForBindings):
3014         * css/DOMMatrix.h: Added.
3015         (WebCore::DOMMatrix::create):
3016         (WebCore::DOMMatrix::setA):
3017         (WebCore::DOMMatrix::setB):
3018         (WebCore::DOMMatrix::setC):
3019         (WebCore::DOMMatrix::setD):
3020         (WebCore::DOMMatrix::setE):
3021         (WebCore::DOMMatrix::setF):
3022         (WebCore::DOMMatrix::setM11):
3023         (WebCore::DOMMatrix::setM12):
3024         (WebCore::DOMMatrix::setM13):
3025         (WebCore::DOMMatrix::setM14):
3026         (WebCore::DOMMatrix::setM21):
3027         (WebCore::DOMMatrix::setM22):
3028         (WebCore::DOMMatrix::setM23):
3029         (WebCore::DOMMatrix::setM24):
3030         (WebCore::DOMMatrix::setM31):
3031         (WebCore::DOMMatrix::setM32):
3032         (WebCore::DOMMatrix::setM33):
3033         (WebCore::DOMMatrix::setM34):
3034         (WebCore::DOMMatrix::setM41):
3035         (WebCore::DOMMatrix::setM42):
3036         (WebCore::DOMMatrix::setM43):
3037         (WebCore::DOMMatrix::setM44):
3038         * css/DOMMatrix.idl: Added.
3039         * css/DOMMatrixInit.h: Added.
3040         * css/DOMMatrixInit.idl: Added.
3041         * css/DOMMatrixReadOnly.cpp: Added.
3042         (WebCore::DOMMatrixReadOnly::DOMMatrixReadOnly):
3043         (WebCore::DOMMatrixReadOnly::validateAndFixup):
3044         (WebCore::DOMMatrixReadOnly::fromMatrix):
3045         (WebCore::DOMMatrixReadOnly::isIdentity):
3046         (WebCore::DOMMatrixReadOnly::setMatrixValue):
3047         (WebCore::DOMMatrixReadOnly::translate):
3048         (WebCore::DOMMatrixReadOnly::flipX):
3049         (WebCore::DOMMatrixReadOnly::flipY):
3050         (WebCore::DOMMatrixReadOnly::multiply):
3051         (WebCore::DOMMatrixReadOnly::scale):
3052         (WebCore::DOMMatrixReadOnly::scale3d):
3053         (WebCore::DOMMatrixReadOnly::rotate):
3054         (WebCore::DOMMatrixReadOnly::rotateFromVector):
3055         (WebCore::DOMMatrixReadOnly::rotateAxisAngle):
3056         (WebCore::DOMMatrixReadOnly::skewX):
3057         (WebCore::DOMMatrixReadOnly::skewY):
3058         (WebCore::DOMMatrixReadOnly::inverse):
3059         (WebCore::DOMMatrixReadOnly::toString):
3060         * css/DOMMatrixReadOnly.h: Added.
3061         (WebCore::DOMMatrixReadOnly::create):
3062         (WebCore::DOMMatrixReadOnly::a):
3063         (WebCore::DOMMatrixReadOnly::b):
3064         (WebCore::DOMMatrixReadOnly::c):
3065         (WebCore::DOMMatrixReadOnly::d):
3066         (WebCore::DOMMatrixReadOnly::e):
3067         (WebCore::DOMMatrixReadOnly::f):
3068         (WebCore::DOMMatrixReadOnly::m11):
3069         (WebCore::DOMMatrixReadOnly::m12):
3070         (WebCore::DOMMatrixReadOnly::m13):
3071         (WebCore::DOMMatrixReadOnly::m14):
3072         (WebCore::DOMMatrixReadOnly::m21):
3073         (WebCore::DOMMatrixReadOnly::m22):
3074         (WebCore::DOMMatrixReadOnly::m23):
3075         (WebCore::DOMMatrixReadOnly::m24):
3076         (WebCore::DOMMatrixReadOnly::m31):
3077         (WebCore::DOMMatrixReadOnly::m32):
3078         (WebCore::DOMMatrixReadOnly::m33):
3079         (WebCore::DOMMatrixReadOnly::m34):
3080         (WebCore::DOMMatrixReadOnly::m41):
3081         (WebCore::DOMMatrixReadOnly::m42):
3082         (WebCore::DOMMatrixReadOnly::m43):
3083         (WebCore::DOMMatrixReadOnly::m44):
3084         (WebCore::DOMMatrixReadOnly::is2D):
3085         (WebCore::DOMMatrixReadOnly::fromMatrixHelper):
3086         * css/DOMMatrixReadOnly.idl: Added.
3087         * css/WebKitCSSMatrix.h:
3088         * css/WebKitCSSMatrix.idl:
3089         * svg/SVGMatrix.h:
3090         * svg/SVGMatrix.idl:
3091
3092 2017-05-16  Eric Carlson  <eric.carlson@apple.com>
3093
3094         [MediaStream] AudioSampleBufferList::zeroABL takes byte count, not sample count
3095         https://bugs.webkit.org/show_bug.cgi?id=172194
3096         <rdar://problem/32233799>
3097
3098         Reviewed by Jer Noble.
3099
3100         * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
3101         (WebCore::AudioTrackPrivateMediaStreamCocoa::render): Pass number of bytes to zero,
3102         not number of samples.
3103
3104 2017-05-16  Mark Lam  <mark.lam@apple.com>
3105
3106         WorkerRunLoop::Task::performTask() needs to null check context->script() before use.
3107         https://bugs.webkit.org/show_bug.cgi?id=172193
3108         <rdar://problem/32225346>
3109
3110         Reviewed by Filip Pizlo.
3111
3112         According to https://build-safari.apple.com/results/Trunk%20Fuji%20GuardMalloc%20Production%20WK2%20Tests/r216929_459760e0918316187c8e52c6585a3a9ba9181204%20(12066)/results.html,
3113         we see a crash with this crash trace:
3114
3115         Thread 13 Crashed:: WebCore: Worker
3116         0 com.apple.WebCore        0x00000001099607b2 WebCore::WorkerScriptController::isTerminatingExecution() const + 18
3117         1 com.apple.WebCore        0x000000010995ebbf WebCore::WorkerRunLoop::runCleanupTasks(WebCore::WorkerGlobalScope*) + 143
3118         2 com.apple.WebCore        0x000000010995e80f WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*) + 111
3119         3 com.apple.WebCore        0x00000001099621b6 WebCore::WorkerThread::workerThread() + 742
3120         4 com.apple.JavaScriptCore 0x000000010a964b92 WTF::threadEntryPoint(void*) + 178
3121         5 com.apple.JavaScriptCore 0x000000010a964a69 WTF::wtfThreadEntryPoint(void*) + 121
3122         6 libsystem_pthread.dylib  0x00007fffbdb5caab _pthread_body + 180
3123         7 libsystem_pthread.dylib  0x00007fffbdb5c9f7 _pthread_start + 286
3124         8 libsystem_pthread.dylib  0x00007fffbdb5c1fd thread_start + 13
3125
3126         ... and the crashing address is:
3127
3128         Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000022
3129
3130         0x0000000000000022 is the offset of m_scheduledTerminationMutex in the
3131         WorkerScriptController.  This means that WorkerScriptController::isTerminatingExecution()
3132         is passed a NULL this pointer.  This means that it's possible to have a race
3133         where a WorkerRunLoop::Task gets enqueued beyond the Cleanup task that deletes the
3134         context->script().  As a result, WorkerRunLoop::Task::performTask() (called by
3135         runCleanupTasks()) may see a null context->script().
3136
3137         Hence, WorkerRunLoop::Task::performTask() should null check context->script()
3138         before invoking the isTerminatingExecution() query on it.
3139
3140         No new tests because this is already covered by existing tests.
3141
3142         * workers/WorkerRunLoop.cpp:
3143         (WebCore::WorkerRunLoop::Task::performTask):
3144
3145 2017-05-16  Youenn Fablet  <youenn@apple.com>
3146
3147         Modernize WebKit2 getUserMedia passing of parameters
3148         https://bugs.webkit.org/show_bug.cgi?id=172161
3149
3150         Reviewed by Eric Carlson.
3151
3152         No change of behavior.
3153
3154         * platform/mediastream/RealtimeMediaSourceCenter.h: Using WTF::Function to enable capture Ref<>.
3155
3156 2017-05-16  Jeremy Jones  <jeremyj@apple.com>
3157
3158         Captions and subtitles not showing up in picture-in-picture for MSE content.
3159         https://bugs.webkit.org/show_bug.cgi?id=172145
3160
3161         Reviewed by Eric Carlson.
3162
3163         No new tests as this has no affect on the DOM.
3164
3165         Add TextTrackRepresentation code from MediaPlayerPrivateAVFoundationObj to MediaPlayerPrivateMediaSourceAVFObjc.
3166         This moves the TextTrackRepresentation platfrom layer into the fullscreen container layer when going into
3167         pip for fullscreen, allowing the captions to be visible.
3168
3169         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
3170         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
3171         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
3172         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenLayer):
3173         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenFrame):
3174         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::requiresTextTrackRepresentation):
3175         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::syncTextTrackBounds):
3176         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setTextTrackRepresentation):
3177
3178 2017-05-16  David Kilzer  <ddkilzer@apple.com>
3179
3180         WebCore::leakCGColor() needs CF_RETURNS_RETAINED annotation
3181         <https://webkit.org/b/172190>
3182
3183         Reviewed by Simon Fraser.
3184
3185         * platform/graphics/cg/ColorCG.cpp:
3186         (WebCore::leakCGColor): Annotate with CF_RETURNS_RETAINED since
3187         it does not follow the CF naming convention, which means the
3188         expected behavior can't be inferred by the clang static
3189         analyzer.
3190
3191 2017-05-16  Youenn Fablet  <youenn@apple.com>
3192
3193         RealtimeOutgoingVideoSource should support sinkWants for rotation
3194         https://bugs.webkit.org/show_bug.cgi?id=172123
3195         <rdar://problem/32200017>
3196
3197         Reviewed by Eric Carlson.
3198
3199         Covered by manual testing.
3200
3201         * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
3202         (WebCore::RealtimeOutgoingVideoSource::AddOrUpdateSink): Triggering pixel rotation based on sink.
3203         (WebCore::RealtimeOutgoingVideoSource::sendFrame): Doing the rotation using libwebrtc API.
3204         * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:
3205
3206 2017-05-16  Myles C. Maxfield  <mmaxfield@apple.com>
3207
3208         REGRESSION(r212513): LastResort is platform-dependent, so its semantics should not be required to perform font loading correctly.
3209         https://bugs.webkit.org/show_bug.cgi?id=168487
3210
3211         Reviewed by Antti Koivisto.
3212
3213         There are three ways a Web author can chain multiple font files together:
3214         1. Multiple entries in the "src" descriptor in an @font-face rule
3215         2. Multiple @font-face rules with the same "font-family" descriptor
3216         3. Multiple entries in the "font-family" property on an element
3217
3218         Before r212513, the code which iterated across #2 and #3 above could have
3219         triggered each item in the chain to download. r212513 tried to solve this
3220         by using LastResort as the interstitial font used during downloads, because
3221         LastResort supports every character and therefore solves #3 above. However,
3222         this change had a few problems:
3223
3224         1. Previously, our code would try to avoid using the interstitial font for
3225         layout or rendering whenever possible (because one of the chains above may
3226         have named a local font which would be better to use). In order to use the
3227         benefits of LastResort, I had to remove this avoidance logic and make
3228         WebKit try to use the interstitial font as often as possible. However, due
3229         to the large metrics of LastResort, this means that offsetWidth queries
3230         during font loading would be wildly inaccurate, causing Google Docs to break.
3231         2. It also means that canvas drawing during font loading would actually draw
3232         LastResort, causing Bing maps to break.
3233         3. LastResort is platform-specific, so only platforms which have it would
3234         actually be able to load fonts correctly.
3235
3236         Instead, we should keep the older logic about avoiding using the
3237         interstitial font so that loading has a better experience for the user.
3238         We solve the unnecessary download problem by giving our loading code a
3239         downloading policy enum, which has two values: allow downloads or forbid
3240         downloads. Whenever our loading code returns the interstitial font, we
3241         continue our search, but we change the policy to forbid downloads.
3242
3243         There is one piece of subtlety, though: It is more common for web authors
3244         to put good fallbacks in the "font-family" property than in the "src"
3245         descriptor inside @font-face. This means that we shouldn't exhaustively
3246         search through the @font-face src list first. Instead, we should look
3247         through the src list until we hit a non-local font, and then immediately
3248         start looking through the other other chains.
3249
3250         Tests: fast/text/font-download-font-face-src-list.html
3251                fast/text/font-download-font-family-property.html
3252                fast/text/font-download-remote-fallback-all.html
3253                fast/text/font-interstitial-invisible-width-while-loading.html
3254                fast/text/font-weight-download-3.html
3255                fast/text/web-font-load-fallback-during-loading-2.html
3256                fast/text/web-font-load-invisible-during-loading.html
3257
3258         * css/CSSFontFace.cpp:
3259         (WebCore::CSSFontFace::fontLoadEventOccurred): Implement support for
3260         the font download policy.
3261         (WebCore::CSSFontFace::setStatus): After 3 seconds of loading, we
3262         will start drawing the fallback font. However, for testing, we have an
3263         internal setting to make this switch happen immediately. This patch now
3264         requires that this internal switch happen synchronously.
3265         (WebCore::CSSFontFace::pump): Implement support for the font download
3266         policy.
3267         (WebCore::CSSFontFace::load): Ditto.
3268         (WebCore::CSSFontFace::font): Ditto.
3269         * css/CSSFontFace.h: Ditto.
3270         * css/CSSFontSelector.cpp:
3271         (WebCore::CSSFontSelector::beginLoadingFontSoon): Implement support for
3272         synchronous font download timeouts.
3273         * css/CSSSegmentedFontFace.cpp:
3274         (WebCore::CSSSegmentedFontFace::fontRanges): Implement support for the
3275         font download policy.
3276         * platform/graphics/Font.cpp: Add new flag which represents if the
3277         interstitial font was created after the 3 second timeout or before.
3278         Previously, we would distinguish between these two cases by knowing
3279         that one font was LastResort and the other font was a fallback. Now that
3280         we're using fallback fonts on both sides of the 3 second timeout, we
3281         now no longer know which one should be invisible. This new enum solves
3282         this problem.
3283         (WebCore::Font::Font):
3284         (WebCore::Font::verticalRightOrientationFont):
3285         (WebCore::Font::uprightOrientationFont):
3286         * platform/graphics/Font.h: Ditto.
3287         (WebCore::Font::create):
3288         (WebCore::Font::origin):
3289         (WebCore::Font::visibility):
3290         * platform/graphics/FontCache.h:
3291         * platform/graphics/FontCascade.cpp: We try to fall back to a local() font
3292         during downloads, but there might not be one that we can use. Therefore, we
3293         can't use the presence of the interstitial font to detect if we should paint
3294         invisibly. Instead, we can move this logic into the font-specific part of
3295         painting, and consult with the specific font to know if it was created from
3296         a timed-out @font-face rule or not.
3297         (WebCore::FontCascade::drawText):
3298         (WebCore::shouldDrawIfLoading):
3299         (WebCore::FontCascade::drawGlyphBuffer):
3300         (WebCore::FontCascade::drawEmphasisMarks):
3301         * platform/graphics/FontCascade.h:
3302         * platform/graphics/FontCascadeFonts.cpp:
3303         (WebCore::FontCascadeFonts::glyphDataForVariant): Implement the logic
3304         described above where we switch the policy if we encounter the intestitial
3305         font.
3306         (WebCore::FontCascadeFonts::glyphDataForNormalVariant): Ditto.
3307         (WebCore::glyphPageFromFontRanges): Ditto.
3308         * platform/graphics/FontRanges.cpp: Implement support for the font download
3309         policy.
3310         (WebCore::FontRanges::Range::font):
3311         (WebCore::FontRanges::glyphDataForCharacter):
3312         (WebCore::FontRanges::fontForCharacter):
3313         (WebCore::FontRanges::fontForFirstRange):
3314         * platform/graphics/FontRanges.h:
3315         * platform/graphics/FontSelector.h:
3316         * platform/graphics/freetype/FontCacheFreeType.cpp:
3317         (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
3318         * platform/graphics/mac/FontCacheMac.mm:
3319         (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
3320         * platform/graphics/win/FontCacheWin.cpp:
3321         (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
3322
3323 2017-05-16  Zalan Bujtas  <zalan@apple.com>
3324
3325         Simple line layout: Move setCollapedWhitespaceWidth call to updateLineConstrains.
3326         https://bugs.webkit.org/show_bug.cgi?id=172178
3327
3328         Reviewed by Antti Koivisto.
3329
3330         No change in functionality.
3331
3332         * rendering/SimpleLineLayout.cpp:
3333         (WebCore::SimpleLineLayout::updateLineConstrains):
3334         (WebCore::SimpleLineLayout::createLineRuns):
3335
3336 2017-05-16  Eric Carlson  <eric.carlson@apple.com>
3337
3338         [MediaStream] Return default device list until user gives permission to capture
3339         https://bugs.webkit.org/show_bug.cgi?id=172168
3340         <rdar://problem/31816884>
3341
3342         Reviewed by Youenn Fablet.
3343
3344         Test: fast/mediastream/media-devices-enumerate-devices.html
3345
3346         * Modules/mediastream/MediaDevicesRequest.cpp:
3347         (WebCore::MediaDevicesRequest::filterDeviceList): Remove all but the "default" number of
3348         devices of each type.
3349         (WebCore::MediaDevicesRequest::start): Call filterDeviceList.
3350         * Modules/mediastream/MediaDevicesRequest.h:
3351
3352 2017-05-16  Claudio Saavedra  <csaavedra@igalia.com>
3353
3354         Silent a few warnings about unused parameters
3355         https://bugs.webkit.org/show_bug.cgi?id=172169
3356
3357         Reviewed by Sam Weinig.
3358
3359         * page/Page.cpp:
3360         (WebCore::Page::mainFrameLoadStarted):
3361         * platform/graphics/cairo/ImageBufferCairo.cpp:
3362         (WebCore::ImageBuffer::toData):
3363         * platform/network/ResourceRequestBase.cpp:
3364         (WebCore::ResourceRequestBase::partitionName):
3365
3366 2017-05-16  Wenson Hsieh  <wenson_hsieh@apple.com>
3367
3368         WebItemProviderPasteboard should be robust when temporary files are missing path extensions
3369         https://bugs.webkit.org/show_bug.cgi?id=172170
3370
3371         Reviewed by Tim Horton.
3372
3373         Makes a slight adjustment to the temporary file URLs are handled when using WebItemProviderPasteboard to load
3374         data off of item providers. Previously, we would bail early and not load any data if the temporary URL is
3375         missing an extension. Since the switch to NSItemProviders from UIItemProviders, some types of temporary files
3376         generated by item providers are missing extensions, so this extra check is meaningless.
3377
3378         Covered by existing data interaction unit tests.
3379
3380         * platform/ios/WebItemProviderPasteboard.mm:
3381         (temporaryFileURLForDataInteractionContent