Don't rely on the fact that StaticPosition happens to be defined as 0
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2013-03-11  Morten Stenshorne  <mstensho@opera.com>
2
3         Don't rely on the fact that StaticPosition happens to be defined as 0
4         https://bugs.webkit.org/show_bug.cgi?id=110123
5
6         Also made the expression slightly less convoluted.
7
8         Reviewed by Alexey Proskuryakov.
9
10         No new tests. This is just code cleanup.
11
12         * rendering/RenderObject.cpp:
13         (WebCore::RenderObject::containingBlock):
14
15 2013-03-11  Adam Barth  <abarth@webkit.org>
16
17         Unreviewed attempt to fix build after http://trac.webkit.org/changeset/145421.
18
19         * html/HTMLPlugInImageElement.cpp:
20
21 2013-03-05  Ojan Vafai  <ojan@chromium.org>
22
23         Intrinsic width keyword values don't work for tables
24         https://bugs.webkit.org/show_bug.cgi?id=111515
25
26         Reviewed by Julien Chaffraix.
27
28         Tests: fast/css-intrinsic-dimensions/css-tables.html
29                fast/css-intrinsic-dimensions/tables.html
30
31         * rendering/RenderBox.cpp:
32         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
33         (WebCore::RenderBox::computeLogicalWidthInRegionUsing):
34         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
35         (WebCore::RenderBox::computePositionedLogicalWidthUsing):
36         * rendering/RenderBox.h:
37         Pass in the border and padding as an argument since RenderTable needs
38         to pass in a different value. Unfortunately, the math doesn't work out right
39         in the positioned/replaced cases if we just pass 0. We need to pass in the correct
40         border and padding and then subtract it from the result.
41
42         * rendering/RenderTable.cpp:
43         (WebCore::RenderTable::updateLogicalWidth):
44         Compute intrinsic widths as well as specified ones. Down the road
45         we may want to consider having intrinsic width values return true for
46         isSpecified.
47
48         (WebCore::RenderTable::convertStyleLogicalWidthToComputedWidth):
49         Compute intrinsic widths as well.
50
51         (WebCore::RenderTable::computeIntrinsicLogicalWidths):
52         Implement this method so that the RenderBox::computeIntrinsicLogicalWidthUsing
53         gets the right intrinsic values instead of the preferred values.
54
55         (WebCore::RenderTable::computePreferredLogicalWidths):
56         * rendering/RenderTable.h:
57
58 2013-03-11  Stephen Chenney  <schenney@chromium.org>
59
60         HTMLInputElement can delete an ImageLoader while it's still needed
61         https://bugs.webkit.org/show_bug.cgi?id=110621
62
63         Reviewed by Darin Adler.
64
65         ImageLoader objects may fire events for HTMLInputElements that are of
66         type ImageInputType that own the loader. These events may cause script
67         to run that changes the type of the input element and hence causes the
68         ImageLoader to be deleted, while the image loader is still processing
69         the event dispatch. Bad things ensue.
70
71         This change moves ownership of the ImageLoader from the ImageInputType
72         onto the HTMLImageElement which is already protected from deletion during
73         event processing.
74
75         Test: fast/forms/image/image-error-event-modifies-type-crash.html
76
77         * html/HTMLInputElement.cpp:
78         (WebCore::HTMLInputElement::imageLoader): Method to return the
79           ImageLoader, creating it if not already created.
80         * html/HTMLInputElement.h:
81         (WebCore::HTMLInputElement::hasImageLoader): Return true if the
82           ImageLoader has been created.
83         (HTMLInputElement): Define ImageLoader access methods and the OwnPtr
84           for the HTMLImageLoader.
85         * html/ImageInputType.cpp:
86         (WebCore::ImageInputType::srcAttributeChanged): Use the element's ImageLoader.
87         (WebCore::ImageInputType::attach): Use the element's ImageLoader.
88         (WebCore::ImageInputType::willMoveToNewOwnerDocument): Use the element's ImageLoader.
89         (WebCore::ImageInputType::height): Use the element's ImageLoader.
90         (WebCore::ImageInputType::width): Use the element's ImageLoader.
91         * html/ImageInputType.h:
92         (ImageInputType): Remove the declaration of the ImageLoader.
93
94 2013-03-11  Alok Priyadarshi  <alokp@chromium.org>
95
96         Revert "Mark GraphicsLayers as opaque when possible"
97
98         This reverts commit 0a4d3c2d8a0373aa9e5bd9209885137a13a7f0e0.
99
100         REGRESSION (r143626): http://chainlove.com shows garbage tiles on Mac
101         https://bugs.webkit.org/show_bug.cgi?id=112043
102
103         Unreviewed, rolling out r143626.
104
105         * rendering/RenderBox.cpp:
106         * rendering/RenderBox.h:
107         (RenderBox):
108         * rendering/RenderBoxModelObject.h:
109         (RenderBoxModelObject):
110         * rendering/RenderLayer.cpp:
111         * rendering/RenderLayer.h:
112         (RenderLayer):
113         * rendering/RenderLayerBacking.cpp:
114         (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry):
115         * rendering/RenderLayerModelObject.h:
116         (RenderLayerModelObject):
117
118 2013-03-11  Dean Jackson  <dino@apple.com>
119
120         Plugins created during user gestures (or soon after) should not be snapshotted
121         https://bugs.webkit.org/show_bug.cgi?id=111975
122
123         Reviewed by Tim Horton.
124
125         There are sites which create plugins in response to user actions, such as clicking
126         on an image that is acting like a poster frame. In those cases we should never snapshot.
127
128         There are some other sites which also create plugins in response to user actions,
129         but don't necessarily create the content themselves. Instead they run some script
130         that injects an iframe, and the frame loads a plugin. In order to make sure we don't
131         snapshot in those cases, we're adding the concept of a blessed plugin. Anything that
132         is created soon after a *handled* user gesture is not snapshotted. To do this we
133         mark a timestamp in the document when we've called an event listener for a user
134         gesture. The plugin element then compares its creation time with the most recent
135         user action time.
136
137         * dom/Document.cpp:
138         (WebCore::Document::Document): Initialise new timestamp.
139         (WebCore::Document::resetLastHandledUserGestureTimestamp): Sets the member variable
140             to the current time.
141         * dom/Document.h:
142         (WebCore::Document::lastHandledUserGestureTimestamp): Getter.
143
144         * dom/EventTarget.cpp:
145         (WebCore::EventTarget::fireEventListeners): If there were some event listeners and
146             we were processing a user gesture, then reset the timestamp in the document.
147
148         * html/HTMLPlugInImageElement.cpp:
149         (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement): Remember if we were created
150             during a user gesture.
151         (WebCore::HTMLPlugInImageElement::subframeLoaderWillCreatePlugIn): Start the plugin
152             if we were created during a user gesture, or if we are close enough in time
153             to a listener that fired in relation to a user gesture.
154         * html/HTMLPlugInImageElement.h: New private member flag indicating if we were
155             in a user gesture when constructed.
156
157 2013-03-11  Jeffrey Pfau  <jpfau@apple.com>
158
159         List cache partitions as units instead of as their contents
160         https://bugs.webkit.org/show_bug.cgi?id=111909
161
162         Reviewed by Maciej Stachowiak.
163
164         Not possible to test with current automated test tools, must be tested manually.
165
166         * loader/cache/MemoryCache.cpp:
167         (WebCore::MemoryCache::getOriginsWithCache): List a cache item as a member of a partition, if possible
168
169 2013-03-11  Alexey Proskuryakov  <ap@apple.com>
170
171         Chromium build fix. Forked files strike again.
172
173         * platform/network/chromium/ResourceHandle.cpp:
174         (WebCore::ResourceHandle::firstRequest):
175
176 2013-03-11  James Robinson  <jamesr@chromium.org>
177
178         Fix typo from r145399. Rubber stamped by Abhishek Arya.
179
180         * rendering/svg/RenderSVGViewportContainer.h:
181         (WebCore::toRenderSVGViewportContainer):
182
183 2013-03-11  Hans Muller  <hmuller@adobe.com>
184
185         [CSS Exclusions] Refactor the ExclusionPolygon class to enable storing multiple boundaries
186         https://bugs.webkit.org/show_bug.cgi?id=111766
187
188         Reviewed by Dirk Schulze.
189
190         Refactored the ExclusionPolygon class to enable adding support for shape-margin and shape-padding.
191         Extracted a new FloatPolygon class which is now used by ExclusionPolygon to represent the shape's
192         boundary. It will be used to add m_paddedPolygon and m_marginPolygon members to ExclusionPolygon
193         in a subsequent patch.
194
195         No new tests. This is strictly a refactoring of the existing code.
196
197         * CMakeLists.txt:
198         * GNUmakefile.list.am:
199         * WebCore.gypi:
200         * WebCore.vcproj/WebCore.vcproj:
201         * WebCore.xcodeproj/project.pbxproj:
202         * platform/graphics/FloatPolygon.cpp: Factored out of Source/WebCore/rendering/ExclusionPolygon.cpp.
203         (WebCore::determinant):
204         (WebCore::areCollinearPoints):
205         (WebCore::areCoincidentPoints):
206         (WebCore::isPointOnLineSegment):
207         (WebCore::nextVertexIndex):
208         (WebCore::FloatPolygon::FloatPolygon):
209         (WebCore::FloatPolygon::findNextEdgeVertexIndex):
210         (WebCore::FloatPolygon::overlappingEdges):
211         (WebCore::leftSide):
212         (WebCore::FloatPolygon::contains):
213         (WebCore::VertexPair::overlapsRect):
214         (WebCore::VertexPair::intersection):
215         * platform/graphics/FloatPolygon.h: Factored out of Source/WebCore/rendering/ExclusionPolygon.h.
216         (FloatPolygon):
217         (WebCore::FloatPolygon::vertexAt):
218         (WebCore::FloatPolygon::numberOfVertices):
219         (WebCore::FloatPolygon::fillRule):
220         (WebCore::FloatPolygon::edgeAt):
221         (WebCore::FloatPolygon::numberOfEdges):
222         (WebCore::FloatPolygon::boundingBox):
223         (WebCore::FloatPolygon::isEmpty):
224         (VertexPair):
225         (WebCore::VertexPair::~VertexPair):
226         (WebCore::VertexPair::minX):
227         (WebCore::VertexPair::minY):
228         (WebCore::VertexPair::maxX):
229         (WebCore::VertexPair::maxY):
230         (FloatPolygonEdge):
231         (WebCore::FloatPolygonEdge::previousEdge):
232         (WebCore::FloatPolygonEdge::nextEdge):
233         (WebCore::FloatPolygonEdge::polygon):
234         (WebCore::FloatPolygonEdge::vertexIndex1):
235         (WebCore::FloatPolygonEdge::vertexIndex2):
236         (WebCore::FloatPolygonEdge::edgeIndex):
237         * rendering/ExclusionPolygon.cpp: Now depends on FloatPolygon.
238         (EdgeIntersection):
239         (WebCore::leftSide):
240         (WebCore::computeXIntersection):
241         (WebCore::getVertexIntersectionVertices):
242         (WebCore::computeXIntersections):
243         (WebCore::computeOverlappingEdgeXProjections):
244         (WebCore::ExclusionPolygon::getExcludedIntervals):
245         (WebCore::ExclusionPolygon::getIncludedIntervals):
246         (WebCore::firstFitRectInPolygon):
247         (WebCore::ExclusionPolygon::firstIncludedIntervalLogicalTop):
248         * rendering/ExclusionPolygon.h: Now depends on FloatPolygon.
249         (WebCore::OffsetPolygonEdge::OffsetPolygonEdge):
250         (ExclusionPolygon):
251         (WebCore::ExclusionPolygon::ExclusionPolygon):
252
253 2013-03-11  Alexey Proskuryakov  <ap@apple.com>
254
255         Roll out part of r144671.
256
257         ResourceHandle::firstRequest() should not be const(), because it returns a
258         non-const reference.        
259
260         * platform/network/ResourceHandle.cpp:
261         (WebCore::ResourceHandle::firstRequest):
262         * platform/network/ResourceHandle.h:
263
264 2013-01-30  Jer Noble  <jer.noble@apple.com>
265
266         Mac: Cmd-w should close full screen window.
267         https://bugs.webkit.org/show_bug.cgi?id=108406
268
269         Reviewed by Darin Adler.
270
271         Pass performClose: requests on to the owning window controller.
272
273         * platform/mac/WebCoreFullScreenWindow.mm:
274         (-[WebCoreFullScreenWindow performClose:]):
275
276 2013-03-11  Xiyuan Xia  <xiyuan@chromium.org>
277
278         [Chromium] chromium/linux breaks expectation of select popup background due to bad UA css rules
279         https://bugs.webkit.org/show_bug.cgi?id=111873
280
281         Reviewed by Tony Chang.
282
283         On linux the default <select> background color is too dark to use as the
284         popup background color.  Last fixes:
285         https://bugs.webkit.org/show_bug.cgi?id=54115 and
286         https://bugs.webkit.org/show_bug.cgi?id=56023
287         attempt to fix the problem by applying a lighter background using
288         special <option> selector. This breaks expectations of some websites.
289
290         This CL reverts the bad UA css rules above and provides the lighter
291         background color if <select> and <option> elements are using the default
292         background.
293
294         No new tests, this tests <select> popups and can be verified by ManualTests/select-scroll.html.
295
296         * css/themeChromiumLinux.css:
297         (select):
298         * platform/PopupMenuStyle.h:
299         (WebCore::PopupMenuStyle::PopupMenuStyle):
300         (WebCore::PopupMenuStyle::backgroundColorType):
301         (PopupMenuStyle):
302         * platform/chromium/PopupListBox.cpp:
303         (WebCore::PopupListBox::paintRow):
304         * rendering/RenderMenuList.cpp:
305         (WebCore::RenderMenuList::itemStyle):
306         (WebCore::RenderMenuList::getItemBackgroundColor):
307         * rendering/RenderMenuList.h:
308         (RenderMenuList):
309         * rendering/RenderSearchField.cpp:
310         (WebCore::RenderSearchField::menuStyle):
311         * rendering/RenderThemeChromiumDefault.cpp:
312         (WebCore::RenderThemeChromiumDefault::systemColor):
313
314 2013-03-11  James Robinson  <jamesr@chromium.org>
315
316         Compile fix. Rubber-stamp by Eric Seidel.
317
318         * html/shadow/MediaControlElements.cpp:
319         (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
320
321 2013-03-11  Dima Gorbik  <dgorbik@apple.com>
322
323         Fix build for r145397 (part 2)
324
325         Unreviewed.
326
327         * html/track/TextTrackCue.cpp:
328         (WebCore::TextTrackCue::getDisplayTree):
329
330 2013-03-11  Dima Gorbik  <dgorbik@apple.com>
331
332         Fix build for r145397
333
334         Unreviewed.
335
336         * html/shadow/MediaControls.cpp:
337         (WebCore::MediaControls::createTextTrackDisplay):
338         * html/shadow/MediaControlsChromium.cpp:
339         (WebCore::MediaControlsChromium::createTextTrackDisplay):
340         * html/shadow/MediaControlsGtk.cpp:
341         (WebCore::MediaControlsGtk::createTextTrackDisplay):
342
343 2013-03-11  Abhishek Arya  <inferno@chromium.org>
344
345         Add ASSERT_WITH_SECURITY_IMPLICATION to catch bad casts.
346         https://bugs.webkit.org/show_bug.cgi?id=112060
347
348         Reviewed by Eric Seidel.
349
350         * Modules/geolocation/Geolocation.cpp:
351         (WebCore::Geolocation::document):
352         * accessibility/AccessibilityMenuList.h:
353         (WebCore::toAccessibilityMenuList):
354         * accessibility/AccessibilityNodeObject.h:
355         (WebCore::toAccessibilityNodeObject):
356         * accessibility/AccessibilityRenderObject.h:
357         (WebCore::toAccessibilityRenderObject):
358         * accessibility/AccessibilitySVGRoot.h:
359         (WebCore::toAccessibilitySVGRoot):
360         * accessibility/AccessibilitySpinButton.h:
361         (WebCore::toAccessibilitySpinButton):
362         (WebCore::toAccessibilitySpinButtonPart):
363         * accessibility/AccessibilityTable.h:
364         (WebCore::toAccessibilityTable):
365         * css/StyleRule.h:
366         (WebCore::toStyleRuleMedia):
367         (WebCore::toStyleRuleSupports):
368         (WebCore::toStyleRuleRegion):
369         * dom/EventContext.h:
370         (WebCore::toTouchEventContext):
371         * fileapi/File.h:
372         (WebCore::toFile):
373         * html/HTMLElement.cpp:
374         (WebCore::HTMLElement::insertAdjacentElement):
375         (WebCore::contextElementForInsertion):
376         * html/HTMLMediaElement.h:
377         (WebCore::toMediaElement):
378         * html/HTMLMeterElement.h:
379         (WebCore::toHTMLMeterElement):
380         * html/HTMLOptionElement.cpp:
381         (WebCore::toHTMLOptionElement):
382         * html/HTMLProgressElement.cpp:
383         (WebCore::HTMLProgressElement::renderProgress):
384         * html/HTMLProgressElement.h:
385         (WebCore::toHTMLProgressElement):
386         * html/HTMLSelectElement.h:
387         (WebCore::toHTMLSelectElement):
388         * html/HTMLTableCellElement.cpp:
389         (WebCore::toHTMLTableCellElement):
390         * html/HTMLTextFormControlElement.h:
391         (WebCore::toHTMLTextFormControlElement):
392         * html/PluginDocument.h:
393         (WebCore::toPluginDocument):
394         * html/shadow/DetailsMarkerControl.cpp:
395         (WebCore::DetailsMarkerControl::summaryElement):
396         * html/shadow/HTMLContentElement.h:
397         (WebCore::toHTMLContentElement):
398         * html/shadow/HTMLShadowElement.h:
399         (WebCore::toHTMLShadowElement):
400         * html/shadow/TextFieldDecorationElement.cpp:
401         (WebCore::TextFieldDecorationElement::hostInput):
402         * page/DOMWindow.cpp:
403         (WebCore::DOMWindow::document):
404         * rendering/InlineTextBox.h:
405         (WebCore::toInlineTextBox):
406         * rendering/RenderHTMLCanvas.h:
407         (WebCore::toRenderHTMLCanvas):
408         * rendering/RenderScrollbar.h:
409         (WebCore::toRenderScrollbar):
410         * rendering/RenderTextFragment.h:
411         (WebCore::toRenderTextFragment):
412         * rendering/mathml/RenderMathMLOperator.h:
413         (WebCore::toRenderMathMLOperator):
414         * rendering/svg/RenderSVGTextPath.h:
415         (WebCore::toRenderSVGTextPath):
416         * rendering/svg/RenderSVGViewportContainer.h:
417         (WebCore::toRenderSVGViewportContainer):
418         * svg/graphics/SVGImageChromeClient.h:
419         (WebCore::toSVGImageChromeClient):
420
421 2013-03-11  Adam Barth  <abarth@webkit.org>
422
423         Factor HTMLTreeBuilderSimulator out of BackgroundHTMLParser
424         https://bugs.webkit.org/show_bug.cgi?id=112057
425
426         Reviewed by Eric Seidel.
427
428         Simulating the HTML tree builder is a separate concern from parsing on
429         the background thread. We plan to re-use the tree builder simulator for
430         the view-source parser, for example. Also, having the simulator as a
431         separate object will make it easier to fix
432         https://bugs.webkit.org/show_bug.cgi?id=109764.
433
434         * CMakeLists.txt:
435         * GNUmakefile.list.am:
436         * Target.pri:
437         * WebCore.gypi:
438         * WebCore.vcproj/WebCore.vcproj:
439         * html/parser/BackgroundHTMLParser.cpp:
440         (WebCore):
441         (WebCore::BackgroundHTMLParser::BackgroundHTMLParser):
442         (WebCore::BackgroundHTMLParser::pumpTokenizer):
443         * html/parser/BackgroundHTMLParser.h:
444         (BackgroundHTMLParser):
445
446 2013-02-26  Dima Gorbik  <dgorbik@apple.com>
447
448         Not all properties apply to the '::cue' pseudo-element
449         https://bugs.webkit.org/show_bug.cgi?id=110705
450
451         Reviewed by Eric Carlson.
452
453         Background properties are not inherited and they were not applied to right elements.
454         Now we apply all ::cue properties to WebVTT cue background box, which -webkit-media-text-track-all-nodes
455         container was corresponding to. Now it has 'cue' pseudoId instead of '-webkit-media-text-track-all-nodes'.
456         Property filtering is turned off for user agent rules so that we are still able to apply filtered rules
457         to this container internally. m_cueContainer is removed because it is no longer needed.
458         m_allDocumentNodes container was renamed to m_cueBackgroundBox.
459
460         Existing tests modified to cover this case.
461
462         * css/RuleSet.h:
463         (WebCore::RuleData::propertyWhitelistType): disable filtering for UA rules.
464         * css/StyleResolver.cpp:
465         (WebCore::StyleResolver::sortAndTransferMatchedRules): pass the UA scope to propertyWhitelistType().
466         * css/mediaControls.css: rename -webkit-media-text-track-all-nodes to 'cue'
467         (video::cue): 
468         * html/shadow/MediaControlElements.cpp:
469         (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
470         * html/shadow/MediaControlElements.h:
471         (MediaControlTextTrackContainerElement):
472         * html/shadow/MediaControls.cpp:
473         (WebCore::MediaControls::createTextTrackDisplay):
474         * html/shadow/MediaControlsChromium.cpp:
475         (WebCore::MediaControlsChromium::createTextTrackDisplay):
476         * html/shadow/MediaControlsGtk.cpp:
477         (WebCore::MediaControlsGtk::createTextTrackDisplay):
478         * html/track/TextTrackCue.cpp:
479         (WebCore::TextTrackCue::TextTrackCue):
480         (WebCore::TextTrackCue::updateDisplayTree):
481         (WebCore::TextTrackCue::getDisplayTree):
482         * html/track/TextTrackCue.h:
483         (WebCore::TextTrackCue::element):
484         * page/CaptionUserPreferencesMac.mm:
485         (WebCore::CaptionUserPreferencesMac::captionsStyleSheetOverride):
486
487 2013-03-11  Tim Horton  <timothy_horton@apple.com>
488
489         ChromeClient.h doesn’t need to include RenderSnapshottedPlugIn
490         https://bugs.webkit.org/show_bug.cgi?id=111981
491
492         Reviewed by Kentaro Hara.
493
494         * page/ChromeClient.h: Remove the extraneous #include.
495
496 2013-03-11  David Hyatt  <hyatt@apple.com>
497
498         Vertical writing doesn't work with form controls.
499         https://bugs.webkit.org/show_bug.cgi?id=70211
500
501         Reviewed by Simon Fraser.
502
503         This is just some basic plumbing work to make textfields and
504         textareas work with vertical writing modes. This patch leaves the
505         html.css override alone, so authors can't enable vertical
506         writing yet.
507         
508         The changes consist of converting uses of x/y/width/height to
509         logicalLeft/Top/Width/Height.
510       
511         * rendering/RenderBoxModelObject.h:
512         (WebCore::RenderBoxModelObject::paddingLogicalLeft):
513         (WebCore::RenderBoxModelObject::paddingLogicalRight):
514         (RenderBoxModelObject):
515         (WebCore::RenderBoxModelObject::marginLogicalHeight):
516         (WebCore::RenderBoxModelObject::marginLogicalWidth):
517         * rendering/RenderSearchField.cpp:
518         (WebCore::RenderSearchField::computeControlLogicalHeight):
519         (WebCore::RenderSearchField::computeLogicalHeightLimit):
520         (WebCore::RenderSearchField::centerContainerIfNeeded):
521         * rendering/RenderSearchField.h:
522         (RenderSearchField):
523         * rendering/RenderTextControl.cpp:
524         (WebCore::RenderTextControl::textBlockLogicalHeight):
525         (WebCore::RenderTextControl::textBlockLogicalWidth):
526         (WebCore::RenderTextControl::computeLogicalHeight):
527         (WebCore::RenderTextControl::computeIntrinsicLogicalWidths):
528         (WebCore::RenderTextControl::computePreferredLogicalWidths):
529         * rendering/RenderTextControl.h:
530         (RenderTextControl):
531         * rendering/RenderTextControlMultiLine.cpp:
532         (WebCore::RenderTextControlMultiLine::preferredContentLogicalWidth):
533         (WebCore::RenderTextControlMultiLine::computeControlLogicalHeight):
534         (WebCore::RenderTextControlMultiLine::layoutSpecialExcludedChild):
535         * rendering/RenderTextControlMultiLine.h:
536         (RenderTextControlMultiLine):
537         * rendering/RenderTextControlSingleLine.cpp:
538         (WebCore::RenderTextControlSingleLine::RenderTextControlSingleLine):
539         (WebCore::RenderTextControlSingleLine::paint):
540         (WebCore::RenderTextControlSingleLine::computeLogicalHeightLimit):
541         (WebCore::RenderTextControlSingleLine::layout):
542         (WebCore::RenderTextControlSingleLine::styleDidChange):
543         (WebCore::RenderTextControlSingleLine::preferredContentLogicalWidth):
544         (WebCore::RenderTextControlSingleLine::computeControlLogicalHeight):
545         (WebCore::RenderTextControlSingleLine::createInnerTextStyle):
546         * rendering/RenderTextControlSingleLine.h:
547         (RenderTextControlSingleLine):
548         * rendering/style/RenderStyle.h:
549
550 2013-03-11  Tim Horton  <timothy_horton@apple.com>
551
552         TiledBacking scrolling coverage can be unfairly limited for clients who do scrolling outside the web view
553         https://bugs.webkit.org/show_bug.cgi?id=111958
554         <rdar://problem/13356896>
555
556         Reviewed by Darin Adler.
557
558         Don't limit TiledBacking coverage if the client has opted into using
559         its exposed rect to allow scrolling above the web view.
560
561         * platform/graphics/TiledBacking.h:
562         * platform/graphics/ca/mac/TileController.h:
563         * rendering/RenderLayerBacking.cpp:
564         (WebCore::RenderLayerBacking::adjustTiledBackingCoverage):
565
566 2013-03-11  Rajeev Sarvaria  <rsarvaria@blackberry.com>
567
568         GetnUniform*vEXT (Robustness extension) passed incorrect parameter in WebGLRenderingContext
569         https://bugs.webkit.org/show_bug.cgi?id=111450
570
571         Reviewed by Rob Buis.
572
573         Bufsize argument corrected to size in bytes instead of number of integers or floats.
574
575         * html/canvas/WebGLRenderingContext.cpp:
576         (WebCore):
577         (WebCore::WebGLRenderingContext::getUniform):
578
579 2013-03-11  Sheriff Bot  <webkit.review.bot@gmail.com>
580
581         Unreviewed, rolling out r145375.
582         http://trac.webkit.org/changeset/145375
583         https://bugs.webkit.org/show_bug.cgi?id=112050
584
585         Does not compile (Requested by jamesr on #webkit).
586
587         * Modules/indexeddb/IDBBackingStore.cpp:
588         (WebCore::IDBBackingStore::getObjectStores):
589         (WebCore::IDBBackingStore::createObjectStore):
590         (WebCore::IDBBackingStore::deleteObjectStore):
591         (WebCore::IDBBackingStore::getRecord):
592         (WebCore::IDBBackingStore::putRecord):
593         (WebCore::IDBBackingStore::clearObjectStore):
594         (WebCore::IDBBackingStore::deleteRecord):
595         (WebCore::IDBBackingStore::getKeyGeneratorCurrentNumber):
596         (WebCore::IDBBackingStore::maybeUpdateKeyGeneratorCurrentNumber):
597         (WebCore::IDBBackingStore::keyExistsInObjectStore):
598         (WebCore::IDBBackingStore::getIndexes):
599         (WebCore::IDBBackingStore::createIndex):
600         (WebCore::IDBBackingStore::deleteIndex):
601         (WebCore::IDBBackingStore::putIndexDataForRecord):
602         (WebCore::IDBBackingStore::findKeyInIndex):
603         (WebCore::IDBBackingStore::getPrimaryKeyViaIndex):
604         (WebCore::IDBBackingStore::keyExistsInIndex):
605         (WebCore::indexCursorOptions):
606         * Modules/indexeddb/IDBBackingStore.h:
607         (IDBBackingStore):
608         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
609         (WebCore::DeleteIndexOperation::create):
610         (WebCore::DeleteIndexOperation::DeleteIndexOperation):
611         (DeleteIndexOperation):
612         (WebCore::IDBDatabaseBackendImpl::openInternal):
613         (WebCore::IDBDatabaseBackendImpl::deleteIndex):
614         (WebCore::DeleteIndexOperation::perform):
615         (WebCore::DeleteRangeOperation::perform):
616         (WebCore::ClearOperation::perform):
617         * Modules/indexeddb/IDBLevelDBCoding.cpp:
618         (WebCore::IDBLevelDBCoding::KeyPrefix::KeyPrefix):
619         (WebCore::IDBLevelDBCoding::KeyPrefix::encode):
620         (WebCore::IDBLevelDBCoding::SchemaVersionKey::encode):
621         (WebCore::IDBLevelDBCoding::MaxDatabaseIdKey::encode):
622         (WebCore::IDBLevelDBCoding::DataVersionKey::encode):
623         (WebCore::IDBLevelDBCoding::DatabaseFreeListKey::encode):
624         (WebCore::IDBLevelDBCoding::DatabaseNameKey::encode):
625         (WebCore::IDBLevelDBCoding::DatabaseMetaDataKey::encode):
626         (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::encode):
627         (WebCore::IDBLevelDBCoding::IndexMetaDataKey::encode):
628         (WebCore::IDBLevelDBCoding::ObjectStoreFreeListKey::encode):
629         (WebCore::IDBLevelDBCoding::IndexFreeListKey::encode):
630         (WebCore::IDBLevelDBCoding::ObjectStoreNamesKey::encode):
631         (WebCore::IDBLevelDBCoding::IndexNamesKey::encode):
632         (WebCore::IDBLevelDBCoding::ObjectStoreDataKey::encode):
633         (WebCore::IDBLevelDBCoding::ExistsEntryKey::encode):
634         * Modules/indexeddb/IDBLevelDBCoding.h:
635         (IDBLevelDBCoding):
636         (KeyPrefix):
637         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
638         (WebCore::IDBObjectStoreBackendImpl::IndexWriter::writeIndexKeys):
639
640 2013-03-11  Adam Klein  <adamk@chromium.org>
641
642         MutationCallback should be a WebIDL 'callback', not a [Callback] interface
643         https://bugs.webkit.org/show_bug.cgi?id=91406
644
645         Reviewed by Adam Barth.
646
647         Spec: http://dom.spec.whatwg.org/#mutationcallback
648
649         Besides no longer calling handleEvent methods on passed-in objects,
650         throw a TypeError if a non-function is passed to the MutationObserver constructor.
651         This is per WebIDL: http://www.w3.org/TR/WebIDL/#es-callback-function
652
653         Updated MutationObserver constructor tests to exercise TypeError-throwing behavior.
654
655         * bindings/js/JSMutationCallback.cpp:
656         (WebCore::JSMutationCallback::call): Call the callback directly instead of handing off to JSCallbackData; make return value void.
657         Use jsArray() to convert from WTF::Vector -> JSArray.
658         * bindings/js/JSMutationCallback.h:
659         (JSMutationCallback): Rename handleEvent() to call(), make it void.
660         * bindings/js/JSMutationObserverCustom.cpp:
661         (WebCore::JSMutationObserverConstructor::constructJSMutationObserver): Throw if passed a non-function.
662         * bindings/v8/V8MutationCallback.cpp:
663         (WebCore::V8MutationCallback::V8MutationCallback): Take a v8::Function instead of a v8::Object.
664         (WebCore::V8MutationCallback::call): Call the callback directly instead of handing off to invokeCallback(); make return value void.
665         Use v8Array() to convert form WTF::Vector -> JSArray.
666         * bindings/v8/V8MutationCallback.h:
667         (WebCore::V8MutationCallback::create): Take a v8::Function instead of a v8::Object.
668         (V8MutationCallback): ditto
669         * bindings/v8/custom/V8MutationObserverCustom.cpp:
670         (WebCore::V8MutationObserver::constructorCustom): Throw if passed a non-function, cast to a v8::Function when constructing callback.
671         * dom/MutationCallback.h:
672         (WebCore): Remove unnecessary typedef.
673         (MutationCallback): Rename handleEvent() to call(), make it void.
674         * dom/MutationObserver.cpp:
675         (WebCore::MutationObserver::deliver): Update MutationCallback method name.
676
677 2013-03-11  Julien Chaffraix  <jchaffraix@webkit.org>
678
679         [CSS Grid Layout] Handle spanning grid items over specified grid tracks
680         https://bugs.webkit.org/show_bug.cgi?id=111918
681
682         Reviewed by Tony Chang.
683
684         This change updates the containing block override logic to handle multiple
685         spanned tracks. This makes the multiple specified grid tracks case work and
686         will enable us to handle the minmax case once the computation logic has been
687         updated.
688
689         Test: fast/css-grid-layout/grid-item-spanning-resolution.html
690
691         * rendering/RenderGrid.cpp:
692         (WebCore::RenderGrid::logicalContentHeightForChild):
693         (WebCore::RenderGrid::layoutGridItems):
694         Updated these functions to use gridAreaBreadthForChild.
695
696         (WebCore::RenderGrid::gridAreaBreadthForChild):
697         Added this helper function to handle multiple spanned grid tracks.
698
699         * rendering/RenderGrid.h: Added the previous function.
700
701 2013-03-11  Philip Rogers  <pdr@google.com>
702
703         Replace SVG's static_cast<SVGElement> with toSVGElement()
704         https://bugs.webkit.org/show_bug.cgi?id=111651
705
706         Reviewed by Abhishek Arya.
707
708         toSVGElement is preferred over static_cast because bad casts can be caught on
709         our testing infrastructure. This patch replaces all static_cast<SVGElement>
710         instances with toSVGElement.
711
712         No new tests as this is just a refactoring.
713
714         * css/CSSCursorImageValue.cpp:
715         (WebCore::CSSCursorImageValue::updateIfSVGCursorIsUsed):
716         * css/StyleResolver.cpp:
717         (WebCore::StyleResolver::matchAllRules):
718         (WebCore::StyleResolver::locateCousinList):
719         (WebCore::StyleResolver::canShareStyleWithElement):
720         (WebCore::StyleResolver::locateSharedStyle):
721         * dom/Element.cpp:
722         (WebCore::Element::synchronizeAllAttributes):
723         (WebCore::Element::synchronizeAttribute):
724         * rendering/svg/RenderSVGModelObject.cpp:
725         (WebCore::getElementCTM):
726         (WebCore::RenderSVGModelObject::checkIntersection):
727         (WebCore::RenderSVGModelObject::checkEnclosure):
728         * rendering/svg/RenderSVGResource.cpp:
729         (WebCore::removeFromCacheAndInvalidateDependencies):
730         * rendering/svg/RenderSVGResourceClipper.cpp:
731         (WebCore::RenderSVGResourceClipper::pathOnlyClipping):
732         (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
733         (WebCore::RenderSVGResourceClipper::calculateClipContentRepaintRect):
734         (WebCore::RenderSVGResourceClipper::hitTestClipContent):
735         * rendering/svg/RenderSVGResourceFilter.cpp:
736         (WebCore::RenderSVGResourceFilter::buildPrimitives):
737         * rendering/svg/RenderSVGResourceMasker.cpp:
738         (WebCore::RenderSVGResourceMasker::drawContentIntoMaskImage):
739         (WebCore::RenderSVGResourceMasker::calculateMaskContentRepaintRect):
740         * rendering/svg/RenderSVGResourcePattern.cpp:
741         (WebCore::RenderSVGResourcePattern::createTileImage):
742         * rendering/svg/RenderSVGShape.cpp:
743         (WebCore::RenderSVGShape::strokeWidth):
744         * rendering/svg/RenderSVGText.cpp:
745         (WebCore::RenderSVGText::strokeBoundingBox):
746         * rendering/svg/SVGRenderSupport.cpp:
747         (WebCore::SVGRenderSupport::layoutChildren):
748         (WebCore::SVGRenderSupport::applyStrokeStyleToContext):
749         * rendering/svg/SVGRenderTreeAsText.cpp:
750         (WebCore::writeSVGPaintingResource):
751         (WebCore::writeStyle):
752         (WebCore::operator<<):
753         * rendering/svg/SVGResources.cpp:
754         (WebCore::SVGResources::buildCachedResources):
755         * rendering/svg/SVGTextLayoutEngine.cpp:
756         (WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath):
757         * svg/SVGAElement.cpp:
758         (WebCore::SVGAElement::createRenderer):
759         * svg/SVGAnimationElement.cpp:
760         (WebCore::SVGAnimationElement::adjustForInheritance):
761         * svg/SVGElement.cpp:
762         (WebCore::SVGElement::viewportElement):
763         (WebCore::SVGElement::haveLoadedRequiredResources):
764         (WebCore::SVGElement::sendSVGLoadEventIfPossible):
765         (WebCore::SVGElement::childShouldCreateRenderer):
766         * svg/SVGElement.h:
767         (WebCore::toSVGElement):
768         (WebCore):
769         * svg/SVGFEImageElement.cpp:
770         (WebCore::SVGFEImageElement::buildPendingResource):
771         * svg/SVGFilterElement.cpp:
772         (WebCore::SVGFilterElement::childShouldCreateRenderer):
773         * svg/SVGGradientElement.cpp:
774         (WebCore::SVGGradientElement::buildStops):
775         * svg/SVGLocatable.cpp:
776         (WebCore::SVGLocatable::nearestViewportElement):
777         (WebCore::SVGLocatable::farthestViewportElement):
778         (WebCore::SVGLocatable::computeCTM):
779         * svg/SVGMPathElement.cpp:
780         (WebCore::SVGMPathElement::buildPendingResource):
781         * svg/SVGSVGElement.cpp:
782         (WebCore::SVGSVGElement::collectIntersectionOrEnclosureList):
783         * svg/SVGStyledElement.cpp:
784         (WebCore::SVGStyledElement::updateRelativeLengthsInformation):
785         * svg/SVGSwitchElement.cpp:
786         (WebCore::SVGSwitchElement::childShouldCreateRenderer):
787         * svg/SVGTextPathElement.cpp:
788         (WebCore::SVGTextPathElement::buildPendingResource):
789         * svg/SVGUseElement.cpp:
790         (WebCore::SVGUseElement::buildPendingResource):
791         (WebCore::SVGUseElement::toClipPath):
792         (WebCore::SVGUseElement::rendererClipChild):
793         (WebCore::SVGUseElement::buildInstanceTree):
794         (WebCore::SVGUseElement::hasCycleUseReferencing):
795         (WebCore::SVGUseElement::expandUseElementsInShadowTree):
796         (WebCore::SVGUseElement::associateInstancesWithShadowTreeElements):
797         * svg/SVGViewSpec.cpp:
798         (WebCore::SVGViewSpec::viewTarget):
799         * svg/animation/SVGSMILElement.cpp:
800         (WebCore::SVGSMILElement::buildPendingResource):
801         * svg/graphics/filters/SVGFEImage.cpp:
802         (WebCore::FEImage::platformApplySoftware):
803
804 2013-03-11  Carlos Garcia Campos  <cgarcia@igalia.com>
805
806         [SOUP] ResourceRequest::updateSoupMessage doesn't update the URI of the soup message
807         https://bugs.webkit.org/show_bug.cgi?id=112040
808
809         Reviewed by Gustavo Noronha Silva.
810
811         * platform/network/soup/ResourceRequestSoup.cpp:
812         (WebCore::ResourceRequest::updateSoupMessage): Update the soup
813         message URI with the ResourceRequest URL.
814
815 2013-03-11  Alec Flett  <alecflett@chromium.org>
816
817         IndexedDB: Protect against key prefix overflows
818         https://bugs.webkit.org/show_bug.cgi?id=111138
819
820         Reviewed by Tony Chang.
821
822         This reworks the boundary checking for all databaseId,
823         objectStoreId, and indexId, including negative and
824         zero-based ids. All entrypoints into IDBLevelDBCoding
825         are protected with explicit checks and all internal
826         uses of KeyPrefix are protected with ASSERTs in the
827         various constructors.
828
829         Tests: WebKit unit tests IDBBackingStoreTest.cpp in WebKit/chromium
830
831         * Modules/indexeddb/IDBBackingStore.h: Make all public methods boolean-based for errors.
832         * Modules/indexeddb/IDBLevelDBCoding.h: Add methods for checking databaseId, objectStoreId, and indexId.
833
834 2013-03-11  Xan Lopez  <xlopez@igalia.com>
835
836         [BlackBerry] PlatformBlackBerry.cmake: create thin AR archives
837         https://bugs.webkit.org/show_bug.cgi?id=110580
838
839         Reviewed by Rob Buis.
840
841         Otherwise libwebcore.a goes beyond the 4Gb file size limit and the
842         link phase fails.
843
844         * PlatformBlackBerry.cmake:
845
846 2013-03-11  Pavel Feldman  <pfeldman@chromium.org>
847
848         Web Inspector: fix styles toolbar in the vertical mode.
849         Not reviewed: swapped two lines.
850
851         * inspector/front-end/ElementsPanel.js:
852         (WebInspector.ElementsPanel.prototype._splitVertically):
853
854 2013-03-11  Andrey Lushnikov  <lushnikov@chromium.org>
855
856         Web Inspector: [CodeMirror] add token highlight feature
857         https://bugs.webkit.org/show_bug.cgi?id=112009
858
859         Reviewed by Pavel Feldman.
860
861         Handle CodeMirror's "cursorActivity" event, check selection for being
862         a word and highlight all its occurrences via CodeMirror.addOverlay method.
863
864         No new tests.
865
866         * inspector/front-end/CodeMirrorTextEditor.js:
867         (WebInspector.CodeMirrorTextEditor):
868         (WebInspector.CodeMirrorTextEditor.TokenHighlighter):
869         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._cursorChange):
870         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._isWord):
871         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._removeHighlight):
872         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._addHighlight.nextToken):
873         (WebInspector.CodeMirrorTextEditor.TokenHighlighter.prototype._addHighlight):
874         * inspector/front-end/cm/cmdevtools.css:
875         (.cm-token-highlight):
876
877 2013-03-11  Andrey Lushnikov  <lushnikov@chromium.org>
878
879         Web Inspector: [CodeMirror] set indentation size according to devtools settings
880         https://bugs.webkit.org/show_bug.cgi?id=111717
881
882         Reviewed by Pavel Feldman.
883
884         Set up codemirror indent size according to devtools settings.
885
886         No new tests.
887
888         * inspector/front-end/CodeMirrorTextEditor.js:
889         (.get if):
890         (WebInspector.CodeMirrorTextEditor):
891
892 2013-03-11  Yury Semikhatsky  <yurys@chromium.org>
893
894         Web Inspector: add per image statistics to the native memory snapshot
895         https://bugs.webkit.org/show_bug.cgi?id=112011
896
897         Reviewed by Pavel Feldman.
898
899         Added per-image statistics to the native memory distribution table.
900
901         * inspector/front-end/HeapSnapshotProxy.js:
902         (WebInspector.HeapSnapshotWorker):
903         (WebInspector.HeapSnapshotWorker.prototype.createLoader):
904         (WebInspector.HeapSnapshotWorker.prototype.wrapCallback):
905         (WebInspector.HeapSnapshotWorker.prototype.callFactoryMethod):
906         (WebInspector.HeapSnapshotProxyObject.prototype.callFactoryMethod): the method now accepts
907         proxy constructor function instead of its name. This eliminates unnecessary function lookup.
908         (WebInspector.HeapSnapshotLoaderProxy):
909         (WebInspector.HeapSnapshotLoaderProxy.prototype.close):
910         (WebInspector.HeapSnapshotProxy.prototype.createEdgesProvider):
911         (WebInspector.HeapSnapshotProxy.prototype.createRetainingEdgesProvider):
912         (WebInspector.HeapSnapshotProxy.prototype.createAddedNodesProvider):
913         (WebInspector.HeapSnapshotProxy.prototype.createDeletedNodesProvider):
914         (WebInspector.HeapSnapshotProxy.prototype.createNodesProvider):
915         (WebInspector.HeapSnapshotProxy.prototype.createNodesProviderForClass):
916         (WebInspector.HeapSnapshotProxy.prototype.createNodesProviderForDominator):
917         (WebInspector.NativeHeapSnapshotProxy):
918         (WebInspector.NativeHeapSnapshotProxy.prototype.images):
919         * inspector/front-end/HeapSnapshotView.js:
920         (WebInspector.HeapProfileHeader.prototype.snapshotProxyConstructor):
921         (WebInspector.HeapProfileHeader.prototype._setupWorker):
922         * inspector/front-end/NativeHeapSnapshot.js:
923         (WebInspector.NativeHeapSnapshot.prototype.images):
924         * inspector/front-end/NativeMemorySnapshotView.js:
925         (WebInspector.NativeSnapshotNode):
926         (WebInspector.NativeSnapshotNode.prototype._createSizeCell):
927         (WebInspector.NativeSnapshotNode.prototype._populate):
928         (WebInspector.NativeSnapshotNode.prototype._addChildrenFromGraph):
929         (WebInspector.NativeSnapshotNode.prototype._addImageDetails.didLoad.didReceiveImages):
930         (WebInspector.NativeSnapshotNode.prototype._addImageDetails):
931         (WebInspector.NativeSnapshotProfileHeader.prototype.snapshotProxyConstructor):
932
933 2013-03-11  Allan Sandfeld Jensen  <allan.jensen@digia.com>
934
935         [Qt] Enable tiled shadow blur for inset box shadows
936         https://bugs.webkit.org/show_bug.cgi?id=111736
937
938         Reviewed by Noam Rosenthal.
939
940         Paint inset box-shadows using the optimized tiled shadow blur, instead of
941         applying shadow blur to the entire painted rect.
942
943         This optimizes the default CSS on common pastebin sites.
944
945         Tested by existing tests.
946
947         * platform/graphics/GraphicsContext.cpp:
948         * platform/graphics/ShadowBlur.cpp:
949         (WebCore::ShadowBlur::drawInsetShadowWithTiling):
950             Must set fill color before calling clearShadow, as that might clear m_color.
951         (WebCore::ShadowBlur::drawLayerPieces):
952             Ditto.
953         * platform/graphics/qt/GraphicsContextQt.cpp:
954         (WebCore::GraphicsContext::fillPath):
955         (WebCore::GraphicsContext::fillRectWithRoundedHole):
956
957 2013-03-11  Alberto Garcia  <agarcia@igalia.com>
958
959         [BlackBerry] GraphicsLayer: rename notifySyncRequired to notifyFlushRequired
960         https://bugs.webkit.org/show_bug.cgi?id=111997
961
962         Reviewed by Rob Buis.
963
964         This changed in r130439 but the old name was introduced again by
965         mistake in r144465.
966
967         * platform/graphics/blackberry/GraphicsLayerBlackBerry.h:
968         (WebCore::GraphicsLayerBlackBerry::notifyFlushRequired):
969         * platform/graphics/blackberry/LayerWebKitThread.cpp:
970         (WebCore::LayerWebKitThread::setNeedsCommit):
971
972 2013-03-11  Kent Tamura  <tkent@chromium.org>
973
974         Inappropriate validation message for required number/date input elements
975         https://bugs.webkit.org/show_bug.cgi?id=111982
976
977         Reviewed by Kentaro Hara.
978
979         For validation message, badInput messages should take precedence
980         over valueMissing messages because users already filled out the
981         field with a bad value.
982
983         Tests: Update fast/forms/validationMessage.html
984
985         * html/InputType.cpp:
986         (WebCore::InputType::validationMessage):
987         Check badInput first.
988
989 2013-03-11  Yury Semikhatsky  <yurys@chromium.org>
990
991         Web Inspector: extract common parts of native profiles
992         https://bugs.webkit.org/show_bug.cgi?id=111965
993
994         Reviewed by Alexander Pavlov.
995
996         Extracted common parts of native profiles into NativeProfileTypeBase. Memory
997         domain dispatcher is now a separate class as it is shared by two native memory
998         profile types.
999
1000         Both native memory profile types now capture native heap graph.
1001
1002         * inspector/front-end/NativeMemorySnapshotView.js:
1003         (WebInspector.MemoryAgentDispatcher.instance):
1004         (WebInspector.NativeProfileTypeBase.prototype.buttonClicked.didReceiveMemorySnapshot):
1005         (WebInspector.NativeProfileTypeBase.prototype.buttonClicked):
1006         (WebInspector.NativeSnapshotProfileType):
1007         (WebInspector.NativeSnapshotProfileHeader.prototype._didReceiveMemorySnapshot):
1008         (WebInspector.NativeMemoryProfileType):
1009         (WebInspector.NativeMemoryProfileHeader.prototype._updateSnapshotStatus):
1010         (WebInspector.NativeMemoryProfileHeader.prototype._didReceiveMemorySnapshot):
1011
1012 2013-03-11  Sheriff Bot  <webkit.review.bot@gmail.com>
1013
1014         Unreviewed, rolling out r145349.
1015         http://trac.webkit.org/changeset/145349
1016         https://bugs.webkit.org/show_bug.cgi?id=111966
1017
1018         Missing code history of Element,PageRuleCollector. (Requested
1019         by tasak on #webkit).
1020
1021         * CMakeLists.txt:
1022         * GNUmakefile.list.am:
1023         * Target.pri:
1024         * WebCore.gypi:
1025         * WebCore.xcodeproj/project.pbxproj:
1026         * css/CSSAllInOne.cpp:
1027         * css/DocumentRuleSets.cpp:
1028         (WebCore::ShadowDistributedRules::collectMatchRequests):
1029         * css/DocumentRuleSets.h:
1030         * css/ElementRuleCollector.cpp: Removed.
1031         * css/ElementRuleCollector.h: Removed.
1032         * css/PageRuleCollector.cpp: Removed.
1033         * css/PageRuleCollector.h: Removed.
1034         * css/StyleResolver.cpp:
1035         (WebCore::leftToRightDeclaration):
1036         (WebCore):
1037         (WebCore::rightToLeftDeclaration):
1038         (WebCore::StyleResolver::State::ensureRuleList):
1039         (WebCore::StyleResolver::State::clear):
1040         (WebCore::StyleResolver::addMatchedProperties):
1041         (WebCore::StyleResolver::addElementStyleProperties):
1042         (MatchingUARulesScope):
1043         (WebCore::MatchingUARulesScope::MatchingUARulesScope):
1044         (WebCore::MatchingUARulesScope::~MatchingUARulesScope):
1045         (WebCore::MatchingUARulesScope::isMatchingUARules):
1046         (WebCore::StyleResolver::collectMatchingRules):
1047         (WebCore::StyleResolver::collectMatchingRulesForRegion):
1048         (WebCore::StyleResolver::sortAndTransferMatchedRules):
1049         (WebCore::StyleResolver::matchScopedAuthorRules):
1050         (WebCore::StyleResolver::matchHostRules):
1051         (WebCore::StyleResolver::matchAuthorRules):
1052         (WebCore::StyleResolver::matchUserRules):
1053         (WebCore::StyleResolver::matchUARules):
1054         (WebCore::StyleResolver::collectMatchingRulesForList):
1055         (WebCore::compareRules):
1056         (WebCore::StyleResolver::sortMatchedRules):
1057         (WebCore::StyleResolver::matchAllRules):
1058         (WebCore::StyleResolver::State::initForStyleResolve):
1059         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet):
1060         (WebCore::StyleResolver::styleForElement):
1061         (WebCore::StyleResolver::styleForKeyframe):
1062         (WebCore::StyleResolver::pseudoStyleForElement):
1063         (WebCore::StyleResolver::styleForPage):
1064         (WebCore::StyleResolver::pseudoStyleRulesForElement):
1065         (WebCore::StyleResolver::ruleMatches):
1066         (WebCore::StyleResolver::checkRegionSelector):
1067         (WebCore::comparePageRules):
1068         (WebCore::StyleResolver::matchPageRules):
1069         (WebCore::checkPageSelectorComponents):
1070         (WebCore::StyleResolver::matchPageRulesForList):
1071         (WebCore::StyleResolver::isLeftPage):
1072         (WebCore::StyleResolver::isFirstPage):
1073         (WebCore::StyleResolver::pageName):
1074         * css/StyleResolver.h:
1075         (WebCore::MatchRequest::MatchRequest):
1076         (MatchRequest):
1077         (StyleResolver):
1078         (MatchResult):
1079         (WebCore::StyleResolver::State::State):
1080         (State):
1081         (WebCore::StyleResolver::State::takeRuleList):
1082         (WebCore::StyleResolver::State::setSameOriginOnly):
1083         (WebCore::StyleResolver::State::isSameOriginOnly):
1084         (WebCore::StyleResolver::State::pseudoStyleRequest):
1085         (WebCore::StyleResolver::State::setMode):
1086         (WebCore::StyleResolver::State::mode):
1087         (WebCore::StyleResolver::State::matchedRules):
1088         (WebCore::StyleResolver::State::addMatchedRule):
1089         * inspector/InspectorCSSAgent.cpp:
1090         (WebCore::InspectorCSSAgent::willMatchRule):
1091         * inspector/InspectorCSSAgent.h:
1092         (WebCore):
1093         (InspectorCSSAgent):
1094         * inspector/InspectorInstrumentation.cpp:
1095         (WebCore):
1096         (WebCore::InspectorInstrumentation::willMatchRuleImpl):
1097         * inspector/InspectorInstrumentation.h:
1098         (WebCore):
1099         (InspectorInstrumentation):
1100         (WebCore::InspectorInstrumentation::willMatchRule):
1101
1102 2013-03-11  Marja Hölttä  <marja@chromium.org>
1103
1104         [V8] Fix V8InjectedScriptManager
1105         https://bugs.webkit.org/show_bug.cgi?id=111968
1106
1107         Reviewed by Kentaro Hara.
1108
1109         This is needed to make the inspector work after templates for main world
1110         and non-main worlds are separated (bug 111724).
1111
1112         No new tests (no changes in functionality).
1113
1114         * bindings/v8/custom/V8InjectedScriptManager.cpp:
1115         (WebCore::InjectedScriptManager::canAccessInspectedWindow):
1116
1117 2013-03-11  Hayato Ito  <hayato@chromium.org>
1118
1119         Make sure that CSSSelector::setValue() is never called after parsing its pseudoType.
1120         https://bugs.webkit.org/show_bug.cgi?id=111957
1121
1122         Reviewed by Hajime Morrita.
1123
1124         It'd be nice to have an assertion here since
1125         CSSSelector::pseudoType() will never parse a new value after it
1126         parses a value and m_pseudoType is set to non-PseudoNotParsed.
1127
1128         No new tests (no change in behaviour).
1129
1130         * css/CSSSelector.h:
1131         (WebCore::CSSSelector::setValue):
1132
1133 2013-03-11  Takashi Sakamoto  <tasak@google.com>
1134
1135         [Refactoring] Implement RuleCollector
1136         https://bugs.webkit.org/show_bug.cgi?id=109916
1137
1138         Reviewed by Antti Koivisto.
1139
1140         Implemented rule collector for an element and collector for a page.
1141         Not all members in class State are required entire while resolving
1142         a style.
1143
1144         No new tests, because just refactoring.
1145
1146         * CMakeLists.txt:
1147         * GNUmakefile.list.am:
1148         * Target.pri:
1149         * WebCore.gypi:
1150         * WebCore.xcodeproj/project.pbxproj:
1151         * css/CSSAllInOne.cpp:
1152         Added ElementRuleCollector and PageRuleCollector.
1153         * css/DocumentRuleSets.cpp:
1154         (WebCore::ShadowDistributedRules::collectMatchRequests):
1155         Since behaviorAtBoundary is a state owned by ElementRuleCollector,
1156         removed from here.
1157         * css/DocumentRuleSets.h:
1158         (WebCore::ShadowDistributedRules::isEmpty):
1159         Added to quickly check whether there exist any ShadowDistributedRules
1160         or not.
1161         * css/ElementRuleCollector.cpp: Copied from Source/WebCore/css/StyleResolver.cpp.
1162         (WebCore):
1163         (WebCore::ElementRuleCollector::matchedResult):
1164         (WebCore::ElementRuleCollector::matchedRuleList):
1165         (WebCore::ElementRuleCollector::addMatchedRule):
1166         (WebCore::ElementRuleCollector::clearMatchedRules):
1167         (WebCore::ElementRuleCollector::ensureRuleList):
1168         (WebCore::ElementRuleCollector::addElementStyleProperties):
1169         (WebCore::ElementRuleCollector::collectMatchingRules):
1170         (WebCore::ElementRuleCollector::collectMatchingRulesForRegion):
1171         (WebCore::ElementRuleCollector::sortAndTransferMatchedRules):
1172         (WebCore::ElementRuleCollector::matchScopedAuthorRules):
1173         (WebCore::ElementRuleCollector::matchHostRules):
1174         (WebCore::ElementRuleCollector::matchShadowDistributedRules):
1175         (WebCore::ElementRuleCollector::matchAuthorRules):
1176         (WebCore::ElementRuleCollector::matchUserRules):
1177         (WebCore::ElementRuleCollector::matchUARules):
1178         (WebCore::ElementRuleCollector::ruleMatches):
1179         (WebCore::ElementRuleCollector::collectMatchingRulesForList):
1180         (WebCore::ElementRuleCollector::sortMatchedRules):
1181         (WebCore::ElementRuleCollector::matchAllRules):
1182         Moved these methods from StyleResolver to this class.
1183         (WebCore::ElementRuleCollector::hasAnyMatchingRules):
1184         This method is used for checking whether a given element can share
1185         a cache.
1186         * css/ElementRuleCollector.h: Copied from Source/WebCore/css/StyleResolver.h.
1187         (WebCore):
1188         (WebCore::ElementRuleCollector::ElementRuleCollector):
1189         Use styleResolver instance to initialize its member variables, i.e.
1190         SelectorFilter, RuleSets, InspectorCSSOMWrappers, and
1191         StyleScopedResolver.
1192         (ElementRuleCollector):
1193         (WebCore::ElementRuleCollector::setMode):
1194         (WebCore::ElementRuleCollector::setPseudoStyleRequest):
1195         (WebCore::ElementRuleCollector::setSameOriginOnly):
1196         (WebCore::ElementRuleCollector::setRegionForStyling):
1197         Mode, SameOriginOnly, RegionForStyling are only used while collecting
1198         matched rules.
1199         (WebCore::ElementRuleCollector::setMedium):
1200         Need to know which default stylesheet should be looked up.
1201         (WebCore::ElementRuleCollector::document):
1202         * css/PageRuleCollector.cpp: Copied from Source/WebCore/css/StyleResolver.cpp.
1203         (WebCore::comparePageRules):
1204         (WebCore::PageRuleCollector::isLeftPage):
1205         (WebCore::PageRuleCollector::isFirstPage):
1206         (WebCore::PageRuleCollector::pageName):
1207         (WebCore::PageRuleCollector::matchAllPageRules):
1208         (WebCore::PageRuleCollector::matchPageRules):
1209         (WebCore::checkPageSelectorComponents):
1210         (WebCore::PageRuleCollector::matchPageRulesForList):
1211         Moved from StyleResolver.
1212         * css/PageRuleCollector.h: Copied from Source/WebCore/css/StyleResolver.h.
1213         (WebCore):
1214         (WebCore::PageRuleCollector::PageRuleCollector):
1215         (PageRuleCollector):
1216         (WebCore::PageRuleCollector::matchedResult):
1217         * css/StyleResolver.cpp:
1218         (WebCore):
1219         (WebCore::StyleResolver::State::clear):
1220         (WebCore::StyleResolver::MatchResult::addMatchedProperties):
1221         (WebCore::StyleResolver::State::initForStyleResolve):
1222         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet):
1223         (WebCore::StyleResolver::styleForElement):
1224         (WebCore::StyleResolver::styleForKeyframe):
1225         (WebCore::StyleResolver::pseudoStyleForElement):
1226         (WebCore::StyleResolver::styleForPage):
1227         (WebCore::StyleResolver::pseudoStyleRulesForElement):
1228         (WebCore::StyleResolver::applyMatchedProperties):
1229         * css/StyleResolver.h:
1230         (WebCore::MatchRequest::MatchRequest):
1231         Removed behaviorAtBoundary. Instead, ElementRuleCollector have the
1232         state.
1233         (MatchRequest):
1234         (WebCore::StyleResolver::selectorFilter):
1235         Added to obtain SelectorFilter in ElementRuleCollector's constructor.
1236         (StyleResolver):
1237         (MatchResult):
1238         (WebCore::StyleResolver::State::State):
1239         To pass ASSERT in StyleResolver::applyProperties, need to keep
1240         m_regionForStyling.
1241         (State):
1242         (WebCore::StyleResolver::State::regionForStyling):
1243         (WebCore::StyleResolver::State::useSVGZoomRules):
1244         (WebCore::StyleResolver::hasSelectorForId):
1245         (WebCore):
1246         (WebCore::checkRegionSelector):
1247         * inspector/InspectorCSSAgent.cpp:
1248         (WebCore::InspectorCSSAgent::willMatchRule):
1249         Removed StyleResolver from its parameter list. Instead, added
1250         InspectorCSSOMWrappers and DocumentStyleSheetCollection.
1251         * inspector/InspectorCSSAgent.h:
1252         (WebCore):
1253         (InspectorCSSAgent):
1254         * inspector/InspectorInstrumentation.cpp:
1255         (WebCore):
1256         (WebCore::InspectorInstrumentation::willMatchRuleImpl):
1257         * inspector/InspectorInstrumentation.h:
1258         (WebCore):
1259         (InspectorInstrumentation):
1260         (WebCore::InspectorInstrumentation::willMatchRule):
1261
1262 2013-03-11  Mike West  <mkwst@chromium.org>
1263
1264         XSSAuditor doesn't need a copy of the original document's body.
1265         https://bugs.webkit.org/show_bug.cgi?id=111946
1266
1267         Reviewed by Darin Adler.
1268
1269         The XSSAuditor currently copies the original HTTP body of the document
1270         that's being audited in order to include it into a violation report if
1271         reflected XSS is detected. We don't actually need to do this, as we
1272         have access to the original request information from inside the
1273         XSSAuditorDelegate where the report is generated.
1274         XSSAuditorDelegate::didBlockScript ASSERTs that it's running on the
1275         main thread, so it should be safe to reach through the document's
1276         loader to get that information directly, rather than passing it from
1277         thread to thread via XSSInfo object properties.
1278
1279         * html/parser/XSSAuditor.h:
1280         * html/parser/XSSAuditor.cpp:
1281         (WebCore::XSSAuditor::init):
1282         (WebCore::XSSAuditor::filterToken):
1283         (WebCore::XSSAuditor::isSafeToSendToAnotherThread):
1284         * html/parser/XSSAuditorDelegate.h:
1285         (WebCore::XSSInfo::create):
1286         (WebCore::XSSInfo::XSSInfo):
1287         * html/parser/XSSAuditorDelegate.cpp:
1288         (WebCore::XSSInfo::isSafeToSendToAnotherThread):
1289             Drop the XSSInfo and XSSAuditor properties that held an
1290             isolatedCopy of the the original HTTP body. Depending on the
1291             document's size, this could be a significant savings.
1292         (WebCore::XSSAuditorDelegate::didBlockScript):
1293             Reach into the document's loader's original request in order to
1294             grab the body as a String, and feed that into the violation report
1295             object.
1296
1297             As a drive-by, this patch creates a FrameLoader* temporary
1298             variable to minimize repetition in this area of the code. We use
1299             the loader a few times, but should only have to grab it once.
1300
1301 2013-03-11  Silvia Pfeiffer  <silviapf@chromium.org>
1302
1303         [Chromium] REGRESSION: Closed Captions button not showing properly
1304         https://bugs.webkit.org/show_bug.cgi?id=109871
1305
1306         Reviewed by Jer Noble.
1307
1308         No new tests - covered by existing tests.
1309
1310         Most of the patch was in the meantime covered by a patch to
1311         https://bugs.webkit.org/show_bug.cgi?id=111109 .
1312         This changes a static Chromium-only function name to be consistent with
1313         parent class function names.
1314
1315         * rendering/RenderMediaControlsChromium.cpp:
1316         (WebCore::paintMediaToggleClosedCaptionsButton):
1317         (WebCore::RenderMediaControlsChromium::paintMediaControlsPart):
1318         Rename paintMediaClosedCaptionsButton to paintMediaToggleClosedCaptionsButton.
1319
1320 2013-03-11  Tim Horton  <timothy_horton@apple.com>
1321
1322         RenderSnapshottedPlugIn paints in PaintPhaseBlockBackground instead of PaintPhaseForeground
1323         https://bugs.webkit.org/show_bug.cgi?id=111962
1324         <rdar://problem/13289335>
1325
1326         Reviewed by Dean Jackson.
1327
1328         RenderSnapshottedPlugIn should paint its snapshot during the foreground
1329         painting phase, instead of BlockBackground, to match normal plugin painting.
1330
1331         * rendering/RenderSnapshottedPlugIn.cpp:
1332         (WebCore::RenderSnapshottedPlugIn::paint):
1333
1334 2013-03-07  Alexander Pavlov  <apavlov@chromium.org>
1335
1336         Web Inspector: [Elements] XSLT transformation result from the xml-stylesheet PI not rendered
1337         https://bugs.webkit.org/show_bug.cgi?id=111313
1338
1339         Reviewed by Vsevolod Vlasov.
1340
1341         Frame document update upon XSL transformation was never instrumented.
1342         This change instruments the Document::applyXSLTransform() method to that end.
1343
1344         Test: http/tests/inspector/styles/xsl-transformed.xml
1345
1346         * dom/Document.cpp:
1347         (WebCore::Document::applyXSLTransform): Instrumented.
1348         * inspector/InspectorDOMAgent.cpp:
1349         (WebCore::InspectorDOMAgent::frameDocumentUpdated): Invoked upon applyXSLTransform().
1350         * inspector/InspectorDOMAgent.h:
1351         * inspector/InspectorInstrumentation.cpp:
1352         (WebCore::InspectorInstrumentation::frameDocumentUpdatedImpl): Added.
1353         * inspector/InspectorInstrumentation.h:
1354         (WebCore::InspectorInstrumentation::didCommitLoad): Drive-by: simplified.
1355         (WebCore::InspectorInstrumentation::frameDocumentUpdated): Added.
1356
1357 2013-03-10  Matt Falkenhagen  <falken@chromium.org>
1358
1359         Implement inert subtrees needed for modal <dialog>
1360         https://bugs.webkit.org/show_bug.cgi?id=110952
1361
1362         Reviewed by Hajime Morrita.
1363
1364         This changes Node::disabled() to return true when a modal dialog is
1365         open and the node is not in the dialog.
1366
1367         Reusing disabled for inertness is useful because then event
1368         targeting and focus control automatically have the desired behavior:
1369         inert nodes are skipped over.
1370
1371         Tests: fast/dom/HTMLDialogElement/closed-dialog-does-not-block-mouse-events.html
1372                fast/dom/HTMLDialogElement/modal-dialog-blocks-mouse-events.html
1373                fast/dom/HTMLDialogElement/non-modal-dialog-does-not-block-mouse-events.html
1374
1375         * dom/Document.h:
1376         (WebCore::Document::activeModalDialog): Returns the topmost element in the top layer.
1377         Since now the only elements in the top layer are modal dialogs, it is the active modal dialog.
1378         * dom/Node.cpp:
1379         (WebCore):
1380         (WebCore::Node::isInert): As per the spec, a node that is not an ancestor or descendant of the modal dialog is inert.
1381         (WebCore::Node::disabled): Return false when inert.
1382         * dom/Node.h:
1383         * html/HTMLFormControlElement.cpp:
1384         (WebCore::HTMLFormControlElement::disabled): Fall back to the superclass so inert is taken into account.
1385
1386 2013-03-10  Glenn Adams  <glenn@skynav.com>
1387
1388         Line breaking opportunities at the end of a text node are missed
1389         https://bugs.webkit.org/show_bug.cgi?id=17427
1390
1391         Reviewed by Darin Adler.
1392
1393         When initializing context for determining next break position,
1394         reuse last two characters from previous text node(s) within block.
1395         This additional state is stored in the current LazyLineBreakIterator
1396         as an optimization to prevent having to add two new parameters to
1397         isBreakable().
1398
1399         At present, this fixes only the ASCII shortcut code path, but
1400         does not yet handle the non-ASCII path. Since the ASCII path is
1401         the most performant critical, the handling of this latter path
1402         will be addressed by webkit.org/b/105692.
1403
1404         Additionally test for case where last two characters context
1405         is derived from distinct nodes, possibly with intervening empty
1406         inline node(s).
1407
1408         Test: fast/text/line-break-between-text-nodes.html
1409
1410         * platform/text/TextBreakIterator.h:
1411         (WebCore::LazyLineBreakIterator::LazyLineBreakIterator):
1412         (WebCore::LazyLineBreakIterator::lastCharacter):
1413         (WebCore::LazyLineBreakIterator::secondToLastCharacter):
1414         (WebCore::LazyLineBreakIterator::setLastTwoCharacters):
1415         (WebCore::LazyLineBreakIterator::resetLastTwoCharacters):
1416         (WebCore::LazyLineBreakIterator::updateLastTwoCharacters):
1417         (LazyLineBreakIterator):
1418         Add state variables to retain last two characters of previous text node(s)
1419         for reuse when initializing nextBreakPosition<>() context.
1420         * rendering/RenderBlockLineLayout.cpp:
1421         (WebCore::RenderBlock::layoutRunsAndFloatsInRange):
1422         (WebCore::RenderBlock::LineBreaker::nextSegmentBreak):
1423         Record and reset retained last two characters of previous text node(s) as
1424         appropriate.
1425         * rendering/break_lines.cpp:
1426         (WebCore::nextBreakablePosition):
1427         Use state variables holding retained last two characters of previous text node(s)
1428         for when initializing nextBreakPosition<>() context.
1429
1430 2013-03-10  Darin Adler  <darin@apple.com>
1431
1432         NetworkStorageSession leaks its CFURLStorageSessionRef
1433         https://bugs.webkit.org/show_bug.cgi?id=111950
1434         <rdar://problem/13384134>
1435
1436         Reviewed by Sam Weinig.
1437
1438         * platform/network/NetworkStorageSession.h:
1439         Change the argument type of the constructor to a RetainPtr.
1440         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
1441         (WebCore::NetworkStorageSession::NetworkStorageSession): Changed
1442         the argument type to a RetainPtr.
1443         (WebCore::NetworkStorageSession::switchToNewTestingSession): Added
1444         calls to adoptCF to adopt the value returned by wkCreatePrivateStorageSession.
1445         (WebCore::NetworkStorageSession::createPrivateBrowsingSession): Ditto.
1446         (WebCore::NetworkStorageSession::cookieStorage): Changed to use adoptCF
1447         instead of the RetainPtr constructor with AdoptCF since the former is
1448         far easier to read.
1449
1450 2013-03-10  Jason Anderssen  <janderssen@gmail.com>
1451
1452         Conformance Test 1.0.3 (Beta) function: bufferData undefined value failed.
1453         https://bugs.webkit.org/show_bug.cgi?id=111641
1454
1455         Reviewed by Dean Jackson.
1456
1457         The WebGL specification requires that a size of 0 is not valid. In javascript, passing in undefined 
1458         as a parameter to a long long is the same as passing in 0, so we must check for this incorrect
1459         value and fail. 
1460         The test suite in Kronos 1.0.3 failed, test to verify conformance is as follows:
1461         https://www.khronos.org/registry/webgl/sdk/tests/conformance/more/functions/bufferDataBadArgs.html.
1462
1463         * html/canvas/WebGLRenderingContext.cpp:
1464         (WebCore::WebGLRenderingContext::bufferData):
1465         Synthesize error and returned if size is 0.
1466
1467 2013-03-10  Andreas Kling  <akling@apple.com>
1468
1469         SVGDocumentExtensions should use OwnPtr for pending resource maps.
1470         <http://webkit.org/b/111943>
1471
1472         Reviewed by Anders Carlsson.
1473
1474         * svg/SVGDocumentExtensions.cpp:
1475         (WebCore::SVGDocumentExtensions::~SVGDocumentExtensions):
1476         (WebCore::SVGDocumentExtensions::addPendingResource):
1477         (WebCore::SVGDocumentExtensions::isElementPendingResources):
1478         (WebCore::SVGDocumentExtensions::removeElementFromPendingResources):
1479         (WebCore::SVGDocumentExtensions::removePendingResource):
1480         (WebCore::SVGDocumentExtensions::removePendingResourceForRemoval):
1481         (WebCore::SVGDocumentExtensions::markPendingResourcesForRemoval):
1482         * svg/SVGDocumentExtensions.h:
1483         (SVGDocumentExtensions):
1484
1485 2013-03-10  Tim Horton  <timothy_horton@apple.com>
1486
1487         Add a heuristic to determine the “primary” snapshotted plugin
1488         https://bugs.webkit.org/show_bug.cgi?id=111932
1489         <rdar://problem/13270208>
1490
1491         Reviewed by Dean Jackson.
1492
1493         * WebCore.exp.in: Export a few things.
1494         * html/HTMLPlugInImageElement.cpp:
1495         (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
1496         (WebCore::classNameForShadowRoot): If we've been informed that we are the primary snapshotted plugin, add the 'primary' class.
1497         (WebCore::HTMLPlugInImageElement::setIsPrimarySnapshottedPlugIn): Added
1498         (WebCore::HTMLPlugInImageElement::updateSnapshotInfo): Hand classNameForShadowRoot our primary-ness.
1499         * html/HTMLPlugInImageElement.h:
1500         (HTMLPlugInImageElement): Add storage for m_isPrimarySnapshottedPlugIn.
1501
1502 2013-03-10  Mike West  <mkwst@chromium.org>
1503
1504         XSSAuditor doesn't need a copy of the original document URL.
1505         https://bugs.webkit.org/show_bug.cgi?id=111944
1506
1507         Reviewed by Adam Barth.
1508
1509         When creating an XSSInfo object in response to detecting reflected XSS
1510         on a page, the Auditor was passing in a copy of the document's
1511         original URL for reporting. It doesn't look like we need this, as
1512         XSSInfo's only consumer, XSSAuditorDelegate, runs on the main thread
1513         with access to the document. We can obtain access to the same
1514         information by reading the URL directly from the delegate's Document
1515         object if and when we need it.
1516
1517         * html/parser/XSSAuditorDelegate.cpp:
1518         (WebCore::XSSAuditorDelegate::didBlockScript):
1519             Read the document's URL directly in order to create a violation
1520             report.
1521         (WebCore::XSSInfo::isSafeToSendToAnotherThread):
1522         * html/parser/XSSAuditorDelegate.h:
1523         (WebCore::XSSInfo::create):
1524         (WebCore::XSSInfo::XSSInfo):
1525         * html/parser/XSSAuditor.cpp:
1526         (WebCore::XSSAuditor::init):
1527         (WebCore::XSSAuditor::filterToken):
1528         (WebCore::XSSAuditor::isSafeToSendToAnotherThread):
1529         * html/parser/XSSAuditor.h:
1530             Remove the copied original URL from both XSSInfo objects and the
1531             XSSAuditor.
1532
1533 2013-03-10  Andreas Kling  <akling@apple.com>
1534
1535         GlyphMetricsMap should use OwnPtr.
1536         <http://webkit.org/b/111937>
1537
1538         Reviewed by Anders Carlsson.
1539
1540         Use OwnPtr instead of raw pointer + deleteAllValues().
1541
1542         * platform/graphics/GlyphMetricsMap.h:
1543         (GlyphMetricsMap):
1544         (WebCore::::locatePageSlowCase):
1545
1546 2013-03-10  Eric Carlson  <eric.carlson@apple.com>
1547
1548         Allow iOS port to use InbandTextTrackPrivateAVF
1549         https://bugs.webkit.org/show_bug.cgi?id=111933
1550
1551         Reviewed by Dean Jackson.
1552
1553         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
1554         (WebCore::InbandTextTrackPrivateAVF::processCue): Drive-by cleanup.
1555         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.h:
1556
1557 2013-03-09  Eric Carlson  <eric.carlson@apple.com>
1558
1559         Enable platform code to implement text track menu
1560         https://bugs.webkit.org/show_bug.cgi?id=111924
1561
1562         Reviewed by Dean Jackson.
1563
1564         No new tests, the new code isn't enabled in any ports yet.
1565
1566         * WebCore.xcodeproj/project.pbxproj: Add PlatformTextTrack.h and PlatformTextTrackMenu.h.
1567
1568         * html/HTMLAudioElement.cpp:
1569         (WebCore::HTMLAudioElement::createForJSConstructor): scheduleLoad -> scheduleDelayedAction.
1570
1571         * html/HTMLMediaElement.cpp:
1572         (WebCore::HTMLMediaElement::HTMLMediaElement): Deal with scheduleLoad to scheduleDelayedAction rename.
1573         (WebCore::HTMLMediaElement::parseAttribute): Ditto.
1574         (WebCore::HTMLMediaElement::finishParsingChildren): Ditto.
1575         (WebCore::HTMLMediaElement::insertedInto): Ditto.
1576         (WebCore::HTMLMediaElement::scheduleDelayedAction): Ditto.
1577         (WebCore::HTMLMediaElement::scheduleNextSourceChild): Ditto.
1578         (WebCore::HTMLMediaElement::loadTimerFired): Ditto.
1579         (WebCore::HTMLMediaElement::textTrackModeChanged): Notify platform menu of track change.
1580         (WebCore::HTMLMediaElement::playInternal): Deal with scheduleLoad to scheduleDelayedAction rename.
1581         (WebCore::HTMLMediaElement::pauseInternal): Ditto.
1582         (WebCore::HTMLMediaElement::mediaPlayerDidAddTrack): Ditto. Call addTrack() instead of appending 
1583             the track directly.
1584         (WebCore::HTMLMediaElement::setSelectedTextTrack): Deal with platform menu changing the
1585             selected track.
1586         (WebCore::HTMLMediaElement::platformTextTracks): Return an array of PlatformTracks representing
1587             the current text tracks.
1588         (WebCore::HTMLMediaElement::notifyMediaPlayerOfTextTrackChanges): Notify the platform menu
1589             that the list of text tracks has changed.
1590         (WebCore::HTMLMediaElement::platformTextTrackMenu): Return the platform track menu, if any.
1591         (WebCore::HTMLMediaElement::closeCaptionTracksChanged): 
1592         (WebCore::HTMLMediaElement::addTrack): Call addTrack() instead of appending the track directly.
1593         (WebCore::HTMLMediaElement::removeTrack): Call closeCaptionTracksChanged.
1594         (WebCore::HTMLMediaElement::addTextTrack): Call addTrack() instead of appending the track directly.
1595         (WebCore::HTMLMediaElement::didAddTrack): Ditto.
1596         (WebCore::HTMLMediaElement::didRemoveTrack): Deal with scheduleLoad to scheduleDelayedAction rename.
1597         (WebCore::HTMLMediaElement::sourceWasAdded): Ditto.
1598         (WebCore::HTMLMediaElement::clearMediaPlayer): Forget the platform track menu.
1599         (WebCore::HTMLMediaElement::resume): Deal with scheduleLoad to scheduleDelayedAction rename.
1600         * html/HTMLMediaElement.h:
1601
1602         * html/track/InbandTextTrack.h: scheduleLoad -> scheduleDelayedAction.
1603
1604         * html/track/TextTrack.cpp:
1605         (WebCore::TextTrack::platformTextTrack): Create a PlatformTextTrack.
1606         * html/track/TextTrack.h:
1607
1608         * platform/graphics/MediaPlayer.cpp:
1609         (WebCore::MediaPlayer::implementsTextTrackControls): New, player private passthrough.
1610         (WebCore::MediaPlayer::textTrackMenu): Ditto.
1611         * platform/graphics/MediaPlayer.h:
1612         * platform/graphics/MediaPlayerPrivate.h:
1613
1614         * platform/graphics/PlatformTextTrack.h: Added.
1615
1616         * platform/graphics/PlatformTextTrackMenu.h: Added.
1617
1618 2013-03-09  Eric Carlson  <eric.carlson@apple.com>
1619
1620         Video size calculated incorrectly when PLUGIN_PROXY_FOR_VIDEO
1621         https://bugs.webkit.org/show_bug.cgi?id=111912
1622
1623         Reviewed by Dean Jackson.
1624
1625         * html/shadow/MediaControlElements.cpp:
1626         (WebCore::MediaControlTextTrackContainerElement::updateSizes): We use RenderPart when
1627             PLUGIN_PROXY_FOR_VIDEO is defined, not RenderVideo.
1628
1629 2013-03-09  Sebastian Dröge  <sebastian.droege@collabora.co.uk>
1630
1631         Fix offset handling in GStreamer WebKitWebSource.
1632         https://bugs.webkit.org/show_bug.cgi?id=111888
1633
1634         Reviewed by Philippe Normand.
1635
1636         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1637         (webKitWebSrcSeekDataCb):
1638         (StreamingClient::didReceiveData):
1639         The offset handling in WebKitWebSource was completely wrong
1640         before and caused wrong offsets to be set on the GStreamer buffers
1641         after a seek.
1642
1643         Apart from that there was also a race condition that happens
1644         when a downstream element causes seeks in very short succession
1645         and is switching between two different parts of the stream.
1646
1647 2013-03-09  Keishi Hattori  <keishi@webkit.org>
1648
1649         Month transition animation is missing in some places
1650         https://bugs.webkit.org/show_bug.cgi?id=111908
1651
1652         Reviewed by Kent Tamura.
1653
1654         Month transition animation was missing when navigating using keyboard
1655         shortcuts and when navigation was trigger by selecting.
1656
1657         Added tests to calendar-picker/*-picker-key-operations.html.
1658
1659         * Resources/pagepopups/calendarPicker.js:
1660         (Animator): Added annotations.
1661         (Animator.prototype.isRunning): Returns true of the animation is running. Used by test.
1662         (ScrollView.prototype.scrollAnimator): Returns the scroll animator. Used by test.
1663         (CalendarPicker):
1664         (CalendarPicker.prototype.onYearListViewDidSelectMonth): Use CalendarPicker.NavigationBehavior enum instead of bool.
1665         (CalendarPicker.prototype.setSelection): Ditto.
1666         (CalendarPicker.prototype._moveHighlight): Ditto.
1667         (CalendarPicker.prototype.onCalendarTableKeyDown): Ditto.
1668         (CalendarPicker.prototype.onBodyKeyDown): Ditto.
1669
1670 2013-03-09  Dean Jackson  <dino@apple.com>
1671
1672         Can't build w/o accelerated compositing
1673         https://bugs.webkit.org/show_bug.cgi?id=111891
1674
1675         Patch originally came from Tobias Mueller <tobiasmue@gnome.org>
1676
1677         Unreviewed build fix for platforms without ACCELERATED_COMPOSITING enabled, due
1678         to r145057.
1679
1680         * dom/PseudoElement.cpp:
1681         (WebCore::PseudoElement::~PseudoElement): Wrap the call to pseudoElementDestroyed in
1682             USE(ACCELERATED_COMPOSITING)
1683
1684 2013-03-07  Robert Hogan  <robert@webkit.org>
1685
1686         REGRESSION(r140907): Incorrect baseline for cells with media content during load
1687         https://bugs.webkit.org/show_bug.cgi?id=108357
1688
1689         Reviewed by Julien Chaffraix.
1690
1691         If a cell has replaced content, the intrinsic height of its content can change between layouts. If that's the case then the intrinsic padding we used
1692         for layout (the padding required to push the contents of the cell down to the row's baseline) is included in the new height and baseline and makes both
1693         of them wrong. So if a cell's content's intrinsic height has changed push the new content up into the intrinsic padding and relayout so that the rest of
1694         table and row layout can use the correct baseline and height for this cell.
1695
1696         Tests: fast/css/vertical-align-baseline-rowspan-012.html
1697                http/tests/css/vertical-align-baseline-after-image-load-2.html
1698                http/tests/css/vertical-align-baseline-after-image-load-3.html
1699                http/tests/css/vertical-align-baseline-after-image-load.html
1700
1701         * rendering/RenderTableCell.cpp:
1702         (WebCore::RenderTableCell::layout):
1703         * rendering/RenderTableCell.h:
1704         (WebCore::RenderTableCell::isBaselineAligned):
1705         * rendering/RenderTableSection.cpp:
1706         (WebCore::RenderTableSection::calcRowLogicalHeight):
1707         (WebCore::RenderTableSection::layoutRows):
1708
1709 2013-03-08  Chris Fleizach  <cfleizach@apple.com>
1710
1711         REGRESSION: Intermittent crash in SpeechSynthesis::didFinishSpeaking
1712         https://bugs.webkit.org/show_bug.cgi?id=111613
1713
1714         Reviewed by Ryosuke Niwa.
1715
1716         This crash happens when the mock synthesizer utterance variable gets cleared
1717         before the speakingFinished timer happens. I don't see how that could happen
1718         but I was able to make a similar problem happen when cancel is called twice.
1719
1720         This adds in a few more asserts and common sense checks. I'm hoping it will
1721         illuminate the problem further.
1722
1723         * platform/mock/PlatformSpeechSynthesizerMock.cpp:
1724         (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
1725         (WebCore::PlatformSpeechSynthesizerMock::speak):
1726         (WebCore::PlatformSpeechSynthesizerMock::cancel):
1727
1728 2013-03-08  David Kilzer  <ddkilzer@apple.com>
1729
1730         BUILD FIX: Make WebCore link for iOS
1731
1732         * WebCore.exp.in:
1733         - Add ENABLE(RUBBER_BAND) for FrameView::setWantsLayerForTopOverHangArea(bool)
1734           and FrameView::setWantsLayerForBottomOverHangArea(bool).
1735         - Move FloatPoint::FloatPoint(_NSPoint const&) to !PLATFORM(IOS)
1736           section.
1737
1738 2013-03-08  Julien Chaffraix  <jchaffraix@webkit.org>
1739
1740         [CSS Grid Layout] Resolve grid-{end|after} integer against the end|after edge
1741         https://bugs.webkit.org/show_bug.cgi?id=111885
1742
1743         Reviewed by Tony Chang.
1744
1745         The current code resolves grid-end (resp. grid-after) <integer>'s format against the start
1746         (resp. before) axis. The specification changed so that they are resolved against their matching
1747         axis.
1748
1749         Test: fast/css-grid-layout/grid-auto-flow-resolution.html
1750
1751         * rendering/RenderGrid.cpp:
1752         (WebCore::RenderGrid::maximumIndexInDirection):
1753         Updated the code to do the grid sizing measurement without resolveGridPositionsFromStyle. That's required
1754         as resolveGridPositionsFromStyle requires the grid to be sized.
1755
1756         (WebCore::RenderGrid::placeItemsOnGrid):
1757         Added a comment about not recomputing after grid growth. This issue was raised to www-style
1758         (http://lists.w3.org/Archives/Public/www-style/2013Mar/0182.html).
1759
1760         (WebCore::RenderGrid::resolveGridPositionsFromStyle):
1761         Added an ASSERT now that we don't call it during grid construction. Also added some code to pass
1762         the side of the GridPosition we give to resolveGridPositionFromStyle.
1763
1764         (WebCore::RenderGrid::resolveGridPositionFromStyle):
1765         Updated the code to resolve the grid position against the right side.
1766
1767         * rendering/RenderGrid.h:
1768         Added GridPositionSide and updated resolveGridPositionFromStyle's signature.
1769
1770 2013-03-08  Sheriff Bot  <webkit.review.bot@gmail.com>
1771
1772         Unreviewed, rolling out r142015.
1773         http://trac.webkit.org/changeset/142015
1774         https://bugs.webkit.org/show_bug.cgi?id=111904
1775
1776         The change caused 2 major regressions (bug 111091 and bug
1777         111595) and Pravin doesn't have time to investigate them
1778         (Requested by jchaffraix on #webkit).
1779
1780         * dom/Node.cpp:
1781         (WebCore::Node::diff):
1782         * rendering/RenderBlock.cpp:
1783         (WebCore::RenderBlock::childBecameNonInline):
1784         (WebCore):
1785         * rendering/RenderBlock.h:
1786         (RenderBlock):
1787         * rendering/RenderBoxModelObject.h:
1788         (WebCore::RenderBoxModelObject::childBecameNonInline):
1789         (RenderBoxModelObject):
1790         * rendering/RenderInline.cpp:
1791         (WebCore::RenderInline::childBecameNonInline):
1792         (WebCore):
1793         * rendering/RenderInline.h:
1794         (RenderInline):
1795         * rendering/RenderObject.cpp:
1796         (WebCore):
1797         (WebCore::RenderObject::handleDynamicFloatPositionChange):
1798         (WebCore::RenderObject::styleWillChange):
1799         (WebCore::RenderObject::styleDidChange):
1800         * rendering/RenderObject.h:
1801         (RenderObject):
1802
1803 2013-03-08  Dean Jackson  <dino@apple.com>
1804
1805         Don't snapshot Java plugins
1806         https://bugs.webkit.org/show_bug.cgi?id=111899
1807
1808         Reviewed by Tim Horton.
1809
1810         Export MIMETypeRegistry::isJavaAppletMIMEType symbol.
1811
1812         * WebCore.exp.in:
1813
1814 2013-03-08  Rafael Weinstein  <rafaelw@chromium.org>
1815
1816         [HTMLTemplateElement] processTemplateEndTag() needs to check for template in html scope
1817         https://bugs.webkit.org/show_bug.cgi?id=111880
1818
1819         Reviewed by Eric Seidel.
1820
1821         Currently, </template> handling exits with an error if there is not a template tag "in scope"
1822         which will be true if there is a table (for instance) below a template. This makes it so that
1823         the search (correctly) examines the entire element stack.
1824
1825         Tests added to html5lib testing library.
1826
1827         * html/parser/HTMLTreeBuilder.cpp:
1828         (WebCore::HTMLTreeBuilder::processTemplateEndTag):
1829
1830 2013-03-08  Eric Seidel  <eric@webkit.org>
1831
1832         BackgroundHTMLParser should be able to atomize well-known strings
1833         https://bugs.webkit.org/show_bug.cgi?id=107337
1834
1835         Reviewed by Adam Barth.
1836
1837         Testing this patch easily requires applying bug 107236 locally
1838         to remove all the rendering noise from Parser/html-threaded-parser.html.
1839
1840         This patch adds a new class HTMLIdentifier which allows us to avoid
1841         allocating strings for known tag/attribute names from HTMLNames.
1842
1843         There is still a lot of meat on this bone, but I think it's important to
1844         land something "smallish" to start and iterate from there.
1845
1846         This took Parser/html-threaded-parser.html from:
1847         median= 443.726500002 ms, stdev= 7.25002679952 ms, min= 430.244000047 ms, max= 455.511000007 ms
1848         to:
1849         median= 427.849500004 ms, stdev= 9.96967058292 ms, min= 417.914000049 ms, max= 461.528000014 ms
1850         on my MBP.
1851
1852         * CMakeLists.txt:
1853         * GNUmakefile.list.am:
1854         * Target.pri:
1855         * WebCore.gypi:
1856         * WebCore.vcproj/WebCore.vcproj:
1857         * WebCore.vcxproj/WebCore.vcxproj:
1858         * html/parser/AtomicHTMLToken.h:
1859         (WebCore::AtomicHTMLToken::AtomicHTMLToken):
1860         * html/parser/BackgroundHTMLParser.cpp:
1861         (WebCore::tokenExitsForeignContent):
1862         (WebCore::tokenExitsSVG):
1863         (WebCore::tokenExitsMath):
1864         (WebCore::BackgroundHTMLParser::simulateTreeBuilder):
1865         * html/parser/CSSPreloadScanner.cpp:
1866         (WebCore::CSSPreloadScanner::scan):
1867         * html/parser/CSSPreloadScanner.h:
1868         (WebCore):
1869         (CSSPreloadScanner):
1870         * html/parser/CompactHTMLToken.cpp:
1871         (SameSizeAsCompactHTMLToken):
1872         (WebCore::CompactHTMLToken::CompactHTMLToken):
1873         * html/parser/CompactHTMLToken.h:
1874         (WebCore::CompactHTMLToken::Attribute::Attribute):
1875         (Attribute):
1876         (WebCore::CompactHTMLToken::data):
1877         (WebCore::CompactHTMLToken::publicIdentifier):
1878         (CompactHTMLToken):
1879         * html/parser/HTMLDocumentParser.cpp:
1880         (WebCore::HTMLDocumentParser::startBackgroundParser):
1881         * html/parser/HTMLIdentifier.cpp: Added.
1882         (WebCore):
1883         (WebCore::identifierTable):
1884         (WebCore::HTMLIdentifier::hasIndex):
1885         (WebCore::HTMLIdentifier::findIndex):
1886         (WebCore::nameForIndex):
1887         (WebCore::HTMLIdentifier::asString):
1888         (WebCore::HTMLIdentifier::asStringImpl):
1889         (WebCore::HTMLIdentifier::addNames):
1890         (WebCore::HTMLIdentifier::init):
1891         * html/parser/HTMLIdentifier.h: Added.
1892         (WebCore):
1893         (HTMLIdentifier):
1894         (WebCore::HTMLIdentifier::HTMLIdentifier):
1895         (WebCore::HTMLIdentifier::isSafeToSendToAnotherThread):
1896         * html/parser/HTMLParserIdioms.cpp:
1897         (WebCore::threadSafeEqual):
1898         (WebCore::threadSafeMatch):
1899         * html/parser/HTMLParserIdioms.h:
1900         (WebCore):
1901         (WebCore::threadSafeHTMLNamesMatch):
1902         * html/parser/HTMLPreloadScanner.cpp:
1903         (WebCore::TokenPreloadScanner::tagIdFor):
1904         (WebCore::TokenPreloadScanner::StartTagScanner::match):
1905         (TokenPreloadScanner::StartTagScanner):
1906         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
1907         * html/parser/HTMLPreloadScanner.h:
1908
1909 2013-03-08  Brandon Jones  <bajones@google.com>
1910
1911         Check to ensure MultisampleRenderbuffer creation succeeds
1912         https://bugs.webkit.org/show_bug.cgi?id=111780
1913
1914         Reviewed by Dean Jackson.
1915
1916         On OSX systems using AMD graphics chips the allocation of large
1917         Multisample Renderbuffers in Chromium would fail without any indication
1918         of failure. Attempting to draw to the buffer resulted in garbage being
1919         rendered onscreen. This could be reproduced by opening a full-page
1920         WebGL app and pressing (Command + "-") several times. This patch adds an
1921         additional check during DrawingBuffer resize to verify that the resized
1922         buffer is valid. 
1923
1924         * platform/graphics/gpu/DrawingBuffer.cpp:
1925         (WebCore):
1926         (WebCore::DrawingBuffer::checkBufferIntegrity):
1927         (WebCore::DrawingBuffer::reset):
1928         * platform/graphics/gpu/DrawingBuffer.h:
1929         (DrawingBuffer):
1930
1931 2013-03-08  Harald Alvestrand  <hta@chromium.org>
1932
1933         Implemented new API for RTCStatsReport object.
1934         https://bugs.webkit.org/show_bug.cgi?id=110333
1935
1936         Removed RTCStatsElement object, moved its interface to
1937         RTCStatsReport. Preserved some interfaces for
1938         backwards compatibility; will be removed in a later patch.
1939
1940         Reviewed by Adam Barth.
1941
1942         Tested by extensions to RTCPeerConnection-stats test.
1943
1944         * Modules/mediastream/RTCStatsElement.cpp: Removed.
1945         * Modules/mediastream/RTCStatsElement.h: Removed.
1946         * Modules/mediastream/RTCStatsElement.idl: Removed.
1947         * Modules/mediastream/RTCStatsReport.cpp:
1948         (WebCore::RTCStatsReport::create):
1949         (WebCore::RTCStatsReport::RTCStatsReport):
1950         (WebCore):
1951         (WebCore::RTCStatsReport::names):
1952         (WebCore::RTCStatsReport::local):
1953         (WebCore::RTCStatsReport::remote):
1954         (WebCore::RTCStatsReport::addStatistic):
1955         (WebCore::RTCStatsReport::addElement):
1956         * Modules/mediastream/RTCStatsReport.h:
1957         (RTCStatsReport):
1958         (WebCore::RTCStatsReport::timestamp):
1959         (WebCore::RTCStatsReport::id):
1960         (WebCore::RTCStatsReport::stat):
1961         * Modules/mediastream/RTCStatsReport.idl:
1962         * Modules/mediastream/RTCStatsResponse.cpp:
1963         (WebCore::RTCStatsResponse::namedItem):
1964         (WebCore):
1965         (WebCore::RTCStatsResponse::addReport):
1966         (WebCore::RTCStatsResponse::addStatistic):
1967         * Modules/mediastream/RTCStatsResponse.h:
1968         (RTCStatsResponse):
1969         * Modules/mediastream/RTCStatsResponse.idl:
1970         * WebCore.gypi:
1971         * platform/chromium/support/WebRTCStatsResponse.cpp:
1972         (WebKit::WebRTCStatsResponse::addReport):
1973         (WebKit):
1974         (WebKit::WebRTCStatsResponse::addStatistic):
1975         (WebKit::WebRTCStatsResponse::addElement):
1976         * platform/mediastream/RTCStatsResponseBase.h:
1977         (RTCStatsResponseBase):
1978
1979 2013-03-08  Eric Seidel  <eric@webkit.org>
1980
1981         Free up background parser's checkpoints when speculation succeeds
1982         https://bugs.webkit.org/show_bug.cgi?id=110547
1983
1984         Reviewed by Adam Barth.
1985
1986         This should be a memory (and possible perf) win while parsing
1987         pages, as we will no longer hold multiple copies of every
1988         source byte during the whole parse.
1989
1990         Many LayoutTests exercise this code path, and I've manually (debugger and printf)
1991         that we're hitting this code, but we'll have to wait for the memory/perf bots
1992         to tell us if this shows up as a win.
1993
1994         We only bother to message the parser at the end of a speculation chain, so as not
1995         to send too many messages to the background parser.
1996
1997         * html/parser/BackgroundHTMLInputStream.cpp:
1998         (WebCore::BackgroundHTMLInputStream::BackgroundHTMLInputStream):
1999         (WebCore::BackgroundHTMLInputStream::invalidateCheckpointsUpThrough):
2000         (WebCore):
2001         (WebCore::BackgroundHTMLInputStream::rewindTo):
2002         * html/parser/BackgroundHTMLInputStream.h:
2003         (BackgroundHTMLInputStream):
2004         (Checkpoint):
2005         (WebCore::BackgroundHTMLInputStream::Checkpoint::isNull):
2006         (WebCore::BackgroundHTMLInputStream::Checkpoint::clear):
2007         * html/parser/BackgroundHTMLParser.cpp:
2008         (WebCore::BackgroundHTMLParser::passedCheckpoint):
2009         (WebCore):
2010         * html/parser/BackgroundHTMLParser.h:
2011         (BackgroundHTMLParser):
2012         * html/parser/HTMLDocumentParser.cpp:
2013         (WebCore::HTMLDocumentParser::pumpPendingSpeculations):
2014
2015 2013-03-08  Chandra Shekar Vallala  <brk376@motorola.com>
2016
2017         [chromium] Keydown event for 'shift+alt' returns win keycode instead of 'alt'
2018         https://bugs.webkit.org/show_bug.cgi?id=111112
2019
2020         Reviewed by Tony Chang.
2021
2022         Return windows keycode of Alt incase of GDK_META_L, GDK_META_R. This matches
2023         the firefox behaviour in linux platform.
2024
2025         Added Manual Test : ManualTests/shift-alt-key-event.html
2026         Try press Shift then alt key. The test passes if the shiftKey, altKey values
2027         of JSKeyEvent are true and keycode/which is 18.
2028
2029         * platform/chromium/KeyCodeConversionGtk.cpp:
2030         (WebCore::windowsKeyCodeForKeyEvent):
2031
2032 2013-03-08  Mike West  <mkwst@chromium.org>
2033
2034         CSP: 'eval()' is blocked in report-only mode.
2035         https://bugs.webkit.org/show_bug.cgi?id=111867
2036
2037         Reviewed by Adam Barth.
2038
2039         Setting a 'Content-Security-Policy-Report-Only' header should not have
2040         any effect on what a page actually executes. Currently, however, setting
2041         a 'script-src' directive that doesn't whitelist 'unsafe-eval' actually
2042         blocks 'eval()' on the page. This patch fixes that by checking whether
2043         we're in report-only mode before turning 'eval()' off inside the script
2044         engine.
2045
2046         This leaves us in a weird state, however. We don't currently have any
2047         mechanism of explaining to the VM that we just want to be notified of
2048         'eval()' usage. I've filed http://wkbug.com/111869 to cover this
2049         aspect.
2050
2051         Test: http/tests/security/contentSecurityPolicy/eval-allowed-in-report-only-mode.html
2052
2053         * page/ContentSecurityPolicy.cpp:
2054         (WebCore::ContentSecurityPolicy::didReceiveHeader):
2055             For each policy we parse, check that we're only turning off eval in
2056             the VM when we're in enforce mode. If we're in report-only mode,
2057             skip it.
2058
2059 2013-03-08  Christian Biesinger  <cbiesinger@chromium.org>
2060
2061         REGRESSION (r143643): <button> should support ::first-line and ::first-letter
2062         https://bugs.webkit.org/show_bug.cgi?id=111782
2063
2064         Reviewed by Ojan Vafai.
2065
2066         Test: fast/forms/button-first-line-first-letter.html
2067
2068         * rendering/RenderBlock.cpp:
2069         (WebCore::RenderBlock::firstLineBlock):
2070         (WebCore::findFirstLetterBlock):
2071         Add isRenderButton to the first-line and first-letter checks that
2072         don't allow ::first-* styles for flexbox.
2073
2074 2013-03-08  Geoffrey Garen  <ggaren@apple.com>
2075
2076         Removed an out-of-date comment from SharedTimer
2077         https://bugs.webkit.org/show_bug.cgi?id=111875
2078
2079         Reviewed by Mark Hahnenberg.
2080
2081         Even if we surround each call to an ObjC interface with an autorelease
2082         pool, it's still nice to have one at top-level entry points like
2083         timers, to avoid turning a single mistake into a long-term leak.
2084
2085         * platform/ios/SharedTimerIOS.mm:
2086         (WebCore::timerFired):
2087         * platform/mac/SharedTimerMac.mm:
2088         (WebCore::timerFired):
2089
2090 2013-03-08  Benjamin Poulain  <benjamin@webkit.org>
2091
2092         [Mac] Add a feature flag for 'view-mode' Media Feature, disable it on Mac
2093         https://bugs.webkit.org/show_bug.cgi?id=111297
2094
2095         Reviewed by Kenneth Rohde Christiansen.
2096
2097         The 'view-mode' Media Feature spec is implemented in WebCore but
2098         there is no WebKit support for it on Mac.
2099         Because of this, we always lie and report a windowed view mode.
2100
2101         This patch add a feature flag for the feature and disable it on
2102         Mac so that we stop reporting incorrect default values.
2103
2104         * WebCore.exp.in:
2105         * css/CSSValueKeywords.in:
2106         * css/MediaFeatureNames.h:
2107         (MediaFeatureNames):
2108         * css/MediaQueryEvaluator.cpp:
2109         * css/MediaQueryExp.cpp:
2110         (WebCore::featureWithCSSValueID):
2111         (WebCore::featureWithoutValue):
2112         * page/Page.cpp:
2113         (WebCore::Page::Page):
2114         * page/Page.h:
2115         (Page):
2116
2117 2013-03-08  Ryosuke Niwa  <rniwa@webkit.org>
2118
2119         After sending message, Mail changes formatting
2120         https://bugs.webkit.org/show_bug.cgi?id=111360
2121
2122         Reviewed by Enrica Casucci.
2123
2124         Added makeInsertedContentRoundTrippableWithHTMLTreeBuilder to move prohibited children (e.g. p, h1, etc...)
2125         out of paragraph elements to run immediately after the fragment insertion. This function splits trees and
2126         moves prohibited children out of paragraph elements to keep the tree isomorphic under HTML serialization and
2127         parsing. Unfortunately, there are many other DOM tree constructs we need to fix to make the subtree truly
2128         isomorphic but this is a step forward.
2129
2130         Test: editing/pasteboard/pasting-into-p-should-not-nest-p.html
2131
2132         * editing/ReplaceSelectionCommand.cpp:
2133         (WebCore::isProhibitedParagraphChild): Added. Matches the list at
2134         https://dvcs.w3.org/hg/editing/raw-file/57abe6d3cb60/editing.html#prohibited-paragraph-child
2135         except main element, which is currently missing in the specification.
2136         (WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder): Added.
2137         (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor): Added.
2138         (WebCore::ReplaceSelectionCommand::doApply): Call moveProhibitedChildrenOutOfParagraphElements.
2139
2140         * editing/ReplaceSelectionCommand.h:
2141         (ReplaceSelectionCommand):
2142
2143 2013-03-08  Eric Seidel  <eric@webkit.org>
2144
2145         AtomicHTMLToken should not be heap allocated or RefCounted
2146         https://bugs.webkit.org/show_bug.cgi?id=111250
2147
2148         Reviewed by Adam Barth.
2149
2150         It was clearly an oversight on our part to ever make AtomicHTMLToken ref-counted.
2151         We don't need the actual "token" saved, just enough of it to recreate a fake token.
2152
2153         This removed many more mallocs than I thought it would, for a nice little speed win.
2154         Before:
2155         median= 450.482999993 ms, stdev= 7.2381436538 ms, min= 436.084999994 ms, max= 464.968999964 ms
2156         After:
2157         median= 436.41600004 ms, stdev= 5.71435647554 ms, min= 427.160999971 ms, max= 446.753000026 ms
2158
2159         * html/parser/AtomicHTMLToken.h:
2160         (AtomicHTMLToken):
2161         * html/parser/HTMLConstructionSite.cpp:
2162         (WebCore::HTMLConstructionSite::createElementFromSavedToken):
2163         * html/parser/HTMLDocumentParser.cpp:
2164         (WebCore::HTMLDocumentParser::constructTreeFromHTMLToken):
2165         (WebCore::HTMLDocumentParser::constructTreeFromCompactHTMLToken):
2166         * html/parser/HTMLElementStack.cpp:
2167         (WebCore::HTMLElementStack::isHTMLIntegrationPoint):
2168         * html/parser/HTMLFormattingElementList.cpp:
2169         (WebCore):
2170         (WebCore::HTMLFormattingElementList::tryToEnsureNoahsArkConditionQuickly):
2171         (WebCore::HTMLFormattingElementList::ensureNoahsArkCondition):
2172         * html/parser/HTMLStackItem.h:
2173         (WebCore::HTMLStackItem::create):
2174         (WebCore::HTMLStackItem::localName):
2175         (WebCore::HTMLStackItem::attributes):
2176         (WebCore::HTMLStackItem::getAttributeItem):
2177         (HTMLStackItem):
2178         (WebCore::HTMLStackItem::hasLocalName):
2179         (WebCore::HTMLStackItem::hasTagName):
2180         (WebCore::HTMLStackItem::HTMLStackItem):
2181         * html/parser/HTMLTreeBuilder.cpp:
2182         (WebCore::HTMLTreeBuilder::processFakeStartTag):
2183         (WebCore::HTMLTreeBuilder::processFakeEndTag):
2184         (WebCore::HTMLTreeBuilder::processFakePEndTagIfPInButtonScope):
2185         (WebCore::HTMLTreeBuilder::processStartTagForInBody):
2186         (WebCore::HTMLTreeBuilder::processStartTag):
2187         (WebCore::HTMLTreeBuilder::processEndTagForInBody):
2188         (WebCore::HTMLTreeBuilder::processEndTag):
2189         (WebCore::HTMLTreeBuilder::defaultForBeforeHTML):
2190         (WebCore::HTMLTreeBuilder::defaultForBeforeHead):
2191         (WebCore::HTMLTreeBuilder::defaultForInHead):
2192         (WebCore::HTMLTreeBuilder::defaultForInHeadNoscript):
2193         (WebCore::HTMLTreeBuilder::defaultForAfterHead):
2194         * html/parser/TextDocumentParser.cpp:
2195         (WebCore::TextDocumentParser::insertFakePreElement):
2196
2197 2013-03-08  Roger Fong  <roger_fong@apple.com>
2198
2199         Makefile fixes.
2200
2201         * WebCore.vcxproj/WebCore.make:
2202
2203 2013-03-07  Emil A Eklund  <eae@chromium.org>
2204
2205         [sub-pixel] Rounding error in table cell height calculation causes unnecessary scrollbar
2206         https://bugs.webkit.org/show_bug.cgi?id=111794
2207
2208         Reviewed by Levi Weintraub.
2209         
2210         In RenderTableCell::logicalHeightForRowSizing the
2211         adjustedLogicalHeight is calculated from the logicalHeight and
2212         intrinsic padding and is then returned and floored. This can
2213         cause cause the cell to be slightly smaller (0.5px) than the
2214         element it contains.
2215
2216         Test: fast/sub-pixel/table-cell-height.html
2217
2218         * rendering/RenderTableCell.h:
2219         (WebCore::RenderTableCell::logicalHeightForRowSizing):
2220         Change to use pixelSnapped version of logicalHeight method and
2221         change signature to return int as the only caller immediately
2222         down-casts the result to an int.
2223
2224 2013-03-08  Christian Biesinger  <cbiesinger@chromium.org>
2225
2226         RenderFullScreen needs to clear override sizes when exiting full screen
2227         https://bugs.webkit.org/show_bug.cgi?id=111775
2228
2229         Reviewed by Ojan Vafai.
2230
2231         Test: fullscreen/full-screen-with-flex-item.html
2232
2233         * rendering/RenderFullScreen.cpp:
2234         (RenderFullScreen::unwrapRenderer):
2235         RenderFullScreen is a flexbox, so it will potentially set override
2236         sizes on its children while in fullscreen mode. When we exit
2237         fullscreen mode, we need to clear this override size, otherwise the
2238         the leftover override size may affect layout. See the testcase for an
2239         example.
2240
2241 2013-03-08  Julien Chaffraix  <jchaffraix@webkit.org>
2242
2243         [CSS Grid Layout] Handle 2 positions with one 'auto' properly
2244         https://bugs.webkit.org/show_bug.cgi?id=111653
2245
2246         Reviewed by Tony Chang.
2247
2248         The rendering code was making the assumption that we have one position.
2249         Thus it couldn't fully match what the specification wants as the 2 opposite
2250         positions are required to resolve either position in several cases (e.g.
2251         1 / span 2, auto / 'c').
2252
2253         This change introduces resolveGridPositionsFromStyle to do both opposite
2254         positions resolution in one pass and thus handling more cases.
2255
2256         Test: fast/css-grid-layout/grid-item-spanning-resolution.html
2257
2258         * rendering/RenderGrid.cpp:
2259         (WebCore::RenderGrid::maximumIndexInDirection):
2260         (WebCore::RenderGrid::placeItemsOnGrid):
2261         (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
2262         (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
2263         Updated the above functions to rely on resolveGridPositionsFromStyle.
2264
2265         (WebCore::RenderGrid::resolveGridPositionsFromStyle):
2266         Added this new function that handle the correct resolution.
2267
2268         (WebCore::RenderGrid::resolveGridPositionFromStyle):
2269         Updated the ASSERT to match the new code flow.
2270
2271         * rendering/RenderGrid.h:
2272         (WebCore::RenderGrid::GridSpan::GridSpan):
2273         Introduced this new struct to hold the 2 positions along one axis.
2274
2275 2013-03-08  Dominic Cooney  <dominicc@chromium.org>
2276
2277         RenderTextControlSingleLine should not assume that its text element has a renderer
2278         https://bugs.webkit.org/show_bug.cgi?id=111826
2279
2280         Reviewed by Ojan Vafai.
2281
2282         Tests: fast/forms/search/search-autoscroll-hidden-decoration-container-crash.html
2283                fast/forms/search/search-hide-decoration-container-crash.html
2284                fast/forms/search/search-scroll-hidden-decoration-container-crash.html
2285
2286         * rendering/RenderTextControlSingleLine.cpp:
2287         (WebCore::RenderTextControlSingleLine::layout):
2288         (WebCore::RenderTextControlSingleLine::controlClipRect):
2289         (WebCore::RenderTextControlSingleLine::autoscroll):
2290         (WebCore::RenderTextControlSingleLine::scroll):
2291
2292 2013-03-08  Joshua Bell  <jsbell@chromium.org>
2293
2294         IndexedDB: Use WeakPtr for Factory-to-BackingStore reference
2295         https://bugs.webkit.org/show_bug.cgi?id=111459
2296
2297         Reviewed by Adam Barth.
2298
2299         IDBFactoryBackendImpl maintains a map of backing stores - if another database in the same
2300         origin is opened, the backing store instance must be re-used). This was a map to raw
2301         pointers so that the backing store can be collected when all database references are
2302         dropped. The map was maintained manually by passing the factory to the IDBBackingStore which
2303         would add/remove itself on creation/destruction.
2304
2305         Replace this with a HashMap<WeakPtr<T>>. This simplifies the plumbing; map entries
2306         "leak" but are purged on subsequent opens.
2307
2308         Added webkit_unit_test (Chromium port) to verify refcounts.
2309
2310         * Modules/indexeddb/IDBBackingStore.cpp:
2311         (WebCore::IDBBackingStore::IDBBackingStore): No need to notify factory of lifetime.
2312         (WebCore::IDBBackingStore::~IDBBackingStore): Ditto.
2313         (WebCore::IDBBackingStore::open): Ditto.
2314         * Modules/indexeddb/IDBBackingStore.h: No reference to the factory, but...
2315         (WebCore::IDBBackingStore::createWeakPtr): Do need to expose weak pointers for the factory to hold.
2316         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
2317         (WebCore::cleanWeakMap): Helper function to scrub a HashMap<WeakPtr<T>> of empty pointers.
2318         May move to WTF when we've learned how general it is, or come up with a dedicated WeakPtrHashMap type.
2319         (WebCore::IDBFactoryBackendImpl::openBackingStore): WeakPtr fu.
2320         * Modules/indexeddb/IDBFactoryBackendImpl.h:
2321         (IDBFactoryBackendImpl): Remove plumbing methods.
2322
2323 2013-03-08  John Mellor  <johnme@chromium.org>
2324
2325         @media queries do not take zooming into account
2326         https://bugs.webkit.org/show_bug.cgi?id=53186
2327
2328         Reviewed by Kenneth Rohde Christiansen.
2329
2330         Fixes @media width and height to take into account full page zoom, by
2331         adding code to MediaQueryEvaluator's width/heightMediaFeatureEval,
2332         corresponding to the existing code in Element::clientWidth which makes
2333         document.documentElement.clientWidth take into account page zoom.
2334
2335         Test: fast/media/mq-width-pagezoom.html
2336
2337         * css/MediaQueryEvaluator.cpp:
2338         (WebCore::heightMediaFeatureEval):
2339         (WebCore::widthMediaFeatureEval):
2340
2341 2013-03-08  Carlos Garcia Campos  <cgarcia@igalia.com>
2342
2343         [BlackBerry] Add stubs for DNSResolveQueue platform specific methods
2344         https://bugs.webkit.org/show_bug.cgi?id=111841
2345
2346         Reviewed by Rob Buis.
2347
2348         Add empty implementations of
2349         DNSResolveQueue::platformProxyIsEnabledInSystemPreferences() and
2350         DNSResolveQueue::platformResolve() to DNSBlackBerry.cpp to make it
2351         build.
2352
2353         * platform/network/blackberry/DNSBlackBerry.cpp:
2354         (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences):
2355         (WebCore::DNSResolveQueue::platformResolve):
2356
2357 2013-03-08  Glenn Hartmann  <hartmanng@chromium.org>
2358
2359        Adding a hook to collect data for a Google UMA histogram to track when
2360        m_needsCompositedScrolling is turned on and off.
2361        https://bugs.webkit.org/show_bug.cgi?id=111725
2362
2363        Reviewed by Julien Chaffraix.
2364
2365        We want to keep track of this information to quantify the effects of a
2366        few patches that will cause us to opt in to composited scrolling.
2367        Specifically, we want to measure the effects of
2368        https://bugs.webkit.org/show_bug.cgi?id=109302,
2369        https://bugs.webkit.org/show_bug.cgi?id=109966,
2370        https://bugs.webkit.org/show_bug.cgi?id=109591, and
2371        https://bugs.webkit.org/show_bug.cgi?id=107618.
2372
2373        We do this by measuring a per-layer boolean value, and comparing the
2374        ratio between number of layers opted in and number of layers that remain
2375        uncomposited. We hope the relative number of layers opting in will
2376        increase after the relevant patches land and are enabled.
2377
2378        Unfortunately implementing extra statistics is impractical at the
2379        moment since most of the actionable relevant data is expensive to
2380        compute. For example, it would be useful to know if the layers that opt
2381        out do so because of invisible or non-overlapping layers that cause a
2382        potential stacking container's children to be discontiguous, because we
2383        would potentially be able to mitigate the problem. However, this would
2384        add considerable overhead to perform overlap testing just to gather
2385        data.
2386
2387        No new tests (no change in behaviour).
2388
2389        * rendering/RenderLayer.cpp:
2390        (WebCore::RenderLayer::updateNeedsCompositedScrolling):
2391
2392 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2393
2394         [BlackBerry] GraphicsContext: rename addRoundedRectClip to clipRoundedRect
2395         https://bugs.webkit.org/show_bug.cgi?id=111852
2396
2397         Reviewed by Rob Buis.
2398
2399         This changed in r139353.
2400
2401         * platform/graphics/blackberry/GraphicsContextBlackBerry.cpp:
2402         (WebCore::GraphicsContext::clipRoundedRect):
2403
2404 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2405
2406         [BlackBerry] Add BlendMode parameter to GraphicsContext::setPlatformCompositeOperation
2407         https://bugs.webkit.org/show_bug.cgi?id=111840
2408
2409         Reviewed by Rob Buis.
2410
2411         This parameter was added in r137011.
2412
2413         * platform/graphics/blackberry/GraphicsContextBlackBerry.cpp:
2414         (WebCore::GraphicsContext::setPlatformCompositeOperation):
2415
2416 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2417
2418         [BlackBerry] Remove unused GraphicsContext::addInnerRoundedRectClip()
2419         https://bugs.webkit.org/show_bug.cgi?id=111838
2420
2421         Reviewed by Rob Buis.
2422
2423         This was removed in r139138.
2424
2425         * platform/graphics/blackberry/GraphicsContextBlackBerry.cpp:
2426
2427 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2428
2429         [BlackBerry] GraphicsContext: add fillRule parameter to clip() and canvasClip()
2430         https://bugs.webkit.org/show_bug.cgi?id=111836
2431
2432         Reviewed by Rob Buis.
2433
2434         This parameter was added in r139967.
2435
2436         * platform/graphics/blackberry/PathBlackBerry.cpp:
2437         (WebCore):
2438         (WebCore::GraphicsContext::clip):
2439         (WebCore::GraphicsContext::canvasClip):
2440
2441 2013-03-08  Vsevolod Vlasov  <vsevik@chromium.org>
2442
2443         Web Inspector: Get rid of file system ids and use file pathes as uri for file based uiSourceCodes.
2444         https://bugs.webkit.org/show_bug.cgi?id=111753
2445
2446         Reviewed by Pavel Feldman.
2447
2448         * inspector/front-end/FileSystemMapping.js:
2449         (WebInspector.FileSystemMappingImpl):
2450         (WebInspector.FileSystemMappingImpl.prototype._loadFromSettings.get this):
2451         (WebInspector.FileSystemMappingImpl.prototype._loadFromSettings):
2452         (WebInspector.FileSystemMappingImpl.prototype._saveToSettings):
2453         (WebInspector.FileSystemMappingImpl.prototype.set addFileSystemMapping):
2454         (WebInspector.FileSystemMappingImpl.prototype.removeFileSystemMapping):
2455         (WebInspector.FileSystemMappingImpl.prototype.fileSystemPaths):
2456         (WebInspector.FileSystemMappingImpl.prototype.fileSystemPathForPrefix):
2457         * inspector/front-end/FileSystemProjectDelegate.js:
2458         (WebInspector.FileSystemProjectDelegate.projectId):
2459         (WebInspector.FileSystemProjectDelegate.prototype.id):
2460         (WebInspector.FileSystemProjectDelegate.prototype.fileSystemPath):
2461         (WebInspector.FileSystemWorkspaceProvider):
2462         (WebInspector.FileSystemWorkspaceProvider.prototype._fileSystemAdded):
2463         (WebInspector.FileSystemWorkspaceProvider.prototype._fileSystemRemoved):
2464         (WebInspector.FileSystemWorkspaceProvider.prototype.fileSystemPath):
2465         * inspector/front-end/IsolatedFileSystemManager.js:
2466         (WebInspector.IsolatedFileSystemManager.prototype._innerAddFileSystem):
2467         (WebInspector.IsolatedFileSystemManager.prototype._fileSystemRemoved):
2468         * inspector/front-end/Workspace.js:
2469         (WebInspector.Workspace.prototype.uiSourceCodeForURL):
2470
2471 2013-03-08  Vsevolod Vlasov  <vsevik@chromium.org>
2472
2473         Web Inspector: Polish TabbedEditorContaner and ScriptsNavigator behavior.
2474         https://bugs.webkit.org/show_bug.cgi?id=111732
2475
2476         Reviewed by Pavel Feldman.
2477
2478         Resources matching inspectedPageURL are always expanded in NavigatorView now.
2479         Snippets tab in scripts navigator is not automatically opened anymore.
2480         Cleared saved TabbedEditorContainer history because it might have been corrupted due to errors in earlier versions.
2481         Snippets are not revealed in TabbedEditorContainer anymore unless they were actually selected by user or there is no other tabs opened.
2482
2483         * inspector/front-end/NavigatorView.js:
2484         (WebInspector.NavigatorView):
2485         (WebInspector.NavigatorView.prototype.addUISourceCode):
2486         (WebInspector.NavigatorView.prototype._inspectedURLChanged):
2487         (WebInspector.NavigatorView.prototype.revealUISourceCode):
2488         (WebInspector.NavigatorView.prototype.removeUISourceCode):
2489         (WebInspector.NavigatorFolderTreeElement.prototype.onattach):
2490         (WebInspector.NavigatorUISourceCodeTreeNode.prototype.uiSourceCode):
2491         (WebInspector.NavigatorUISourceCodeTreeNode.prototype.reveal):
2492         * inspector/front-end/ScriptsNavigator.js:
2493         (WebInspector.ScriptsNavigator.prototype.revealUISourceCode):
2494         * inspector/front-end/ScriptsPanel.js:
2495         (WebInspector.ScriptsPanel.prototype._showFile):
2496         * inspector/front-end/Settings.js:
2497         (WebInspector.VersionController.prototype._updateVersionFrom1To2):
2498         * inspector/front-end/TabbedEditorContainer.js:
2499         (WebInspector.TabbedEditorContainer.prototype.addUISourceCode.tabId.this._tabIds.get this):
2500         (WebInspector.TabbedEditorContainer.prototype.addUISourceCode):
2501         (WebInspector.TabbedEditorContainer.History.prototype._rebuildItemIndex):
2502
2503 2013-03-08  Vsevolod Vlasov  <vsevik@chromium.org>
2504
2505         Web Inspector: Add shortcut for running a snippet.
2506         https://bugs.webkit.org/show_bug.cgi?id=111680
2507
2508         Reviewed by Pavel Feldman.
2509
2510         Added Ctrl/Cmd+Enter as a shortcut for running a snippet.
2511
2512         * inspector/front-end/SnippetJavaScriptSourceFrame.js:
2513         (WebInspector.SnippetJavaScriptSourceFrame):
2514         (WebInspector.SnippetJavaScriptSourceFrame.prototype._runButtonClicked):
2515         (WebInspector.SnippetJavaScriptSourceFrame.prototype._runSnippet):
2516         (WebInspector.SnippetJavaScriptSourceFrame.prototype._onKeyDown):
2517
2518 2013-03-08  Philip Rogers  <pdr@google.com>
2519
2520         Prevent infinite loop in SVG use cycle detection
2521         https://bugs.webkit.org/show_bug.cgi?id=111822
2522
2523         Reviewed by Stephen Chenney.
2524
2525         SVG use cycle detection depended on idForStyleResolution() which differs from
2526         getIdAttribute() in quirks mode. During use tree cycle detection, this difference
2527         resulted in an infinite loop because idForStyleResolution() used lower-cased id
2528         attributes. This patch removes an existing fixme for this and switches to using
2529         getIdAttribute().
2530
2531         Test: svg/custom/use-cycle-detection.html
2532
2533         * svg/SVGUseElement.cpp:
2534         (WebCore::SVGUseElement::hasCycleUseReferencing):
2535
2536 2013-03-08  Yuki Sekiguchi  <yuki.sekiguchi@access-company.com>
2537
2538         When we set word-wrap: break-word and xml:space="preserve" to svg text element, the text is collapsed.
2539         https://bugs.webkit.org/show_bug.cgi?id=111675
2540
2541         Reviewed by Stephen Chenney.
2542
2543         RenderSVGText define its size when it laid out its first line at SVGRootInlineBox::computePerCharacterLayoutInformation().
2544
2545         In the following spec, SVG don't perform automatic line break or word wrapping.
2546         http://www.w3.org/TR/SVG/text.html#Introduction
2547         > SVG performs no automatic line breaking or word wrapping.
2548         However, when we set word-wrap: break-word and xml:space="preserve" to svg text element, RenderBlock::LineBreaker::nextLineBreak() breaks the text.
2549         This make single character lines and make RenderSVGText narrow.
2550
2551         We must ignore word-wrap property to make the text a single line.
2552
2553         We always disable break words and break all in nextLineBreak() when the object is SVGInlineText.
2554
2555         Test: svg/text/preserve-break-word.html
2556
2557         * rendering/RenderBlockLineLayout.cpp:
2558         (WebCore::RenderBlock::LineBreaker::nextSegmentBreak): Disable break words and break all when we process SVG Text.
2559
2560 2013-03-08  Allan Sandfeld Jensen  <allan.jensen@digia.com>
2561
2562         [Qt] HTML5 video - sound volume bar out of widget
2563         https://bugs.webkit.org/show_bug.cgi?id=108213
2564
2565         Reviewed by Jocelyn Turcotte.
2566
2567         Since we use Safari shadow DOM for media controls, follow
2568         the overall layout of Safari media control CSS.
2569
2570         * css/mediaControlsQt.css:
2571         (audio::-webkit-media-controls-panel, video::-webkit-media-controls-panel):
2572         (audio::-webkit-media-controls-mute-button, video::-webkit-media-controls-mute-button):
2573         (audio::-webkit-media-controls-play-button, video::-webkit-media-controls-play-button):
2574         (audio::-webkit-media-controls-timeline-container, video::-webkit-media-controls-timeline-container):
2575         (audio::-webkit-media-controls-current-time-display, video::-webkit-media-controls-current-time-display):
2576         (audio::-webkit-media-controls-time-remaining-display, video::-webkit-media-controls-time-remaining-display):
2577         (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
2578         (audio::-webkit-media-controls-volume-slider-container, video::-webkit-media-controls-volume-slider-container):
2579         (audio::-webkit-media-controls-volume-slider, video::-webkit-media-controls-volume-slider):
2580         (audio::-webkit-media-controls-seek-back-button, video::-webkit-media-controls-seek-back-button):
2581         (audio::-webkit-media-controls-seek-forward-button, video::-webkit-media-controls-seek-forward-button):
2582         (audio::-webkit-media-controls-rewind-button, video::-webkit-media-controls-rewind-button):
2583         (audio::-webkit-media-controls-return-to-realtime-button, video::-webkit-media-controls-return-to-realtime-button):
2584         (audio::-webkit-media-controls-toggle-closed-captions-button, video::-webkit-media-controls-toggle-closed-captions-button):
2585
2586 2013-03-08  Allan Sandfeld Jensen  <allan.jensen@digia.com>
2587
2588         [Qt] Doesn't build with QtMultimedia
2589         https://bugs.webkit.org/show_bug.cgi?id=111847
2590
2591         Reviewed by Jocelyn Turcotte.
2592
2593         Fix include.
2594
2595         * platform/graphics/qt/MediaPlayerPrivateQt.h:
2596
2597 2013-03-08  Huang Dongsung  <luxtella@company100.net>
2598
2599         [EFL][Qt] REGRESSION(r144787): A fixed element lags when scrolling and wheeling.
2600         https://bugs.webkit.org/show_bug.cgi?id=111829
2601
2602         Reviewed by Noam Rosenthal.
2603
2604         Currently, flagsChanged deals with all boolean flags. It introduces this bug
2605         because when another flag (i.e. preserves3D) is changed, fixedToViewport is set
2606         to false. So this patch updates all flags when at least one flag is changed.
2607
2608         In addition, this patch amends isScrollable code to match other flags.
2609
2610         This patch can only be tested manually since there is no automated
2611         testing facilities for in-motion touch.
2612         Test: ManualTests/fixed-position.html
2613               ManualTests/nested-fixed-position.html
2614
2615         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
2616         (WebCore::CoordinatedGraphicsLayer::setScrollableArea):
2617         (WebCore::CoordinatedGraphicsLayer::syncLayerState):
2618         * platform/graphics/texmap/coordinated/CoordinatedGraphicsScene.cpp:
2619         (WebCore::CoordinatedGraphicsScene::setLayerState):
2620         * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:
2621         (WebCore::CoordinatedGraphicsLayerState::CoordinatedGraphicsLayerState):
2622
2623 2013-03-07  Dean Jackson  <dino@apple.com>
2624
2625         Remove dead label code in snapshotted plugin
2626         https://bugs.webkit.org/show_bug.cgi?id=111781
2627
2628         Reviewed by Tim Horton.
2629
2630         Since ports can use the shadow tree to do label display,
2631         there is no need for the hardcoded timers in RenderSnapshottedPlugin.
2632
2633         * rendering/RenderSnapshottedPlugIn.cpp: Remove label flags and timers.
2634         (WebCore::RenderSnapshottedPlugIn::RenderSnapshottedPlugIn):
2635         (WebCore::RenderSnapshottedPlugIn::~RenderSnapshottedPlugIn):
2636         (WebCore::RenderSnapshottedPlugIn::updateSnapshot):
2637         (WebCore::RenderSnapshottedPlugIn::handleEvent):
2638         * rendering/RenderSnapshottedPlugIn.h:
2639         (RenderSnapshottedPlugIn):
2640
2641 2013-03-07  Dean Jackson  <dino@apple.com>
2642
2643         Implement a custom appearance for the snapshotted plugin background
2644         https://bugs.webkit.org/show_bug.cgi?id=108368
2645
2646         Reviewed by Tim Horton.
2647
2648         After https://bugs.webkit.org/show_bug.cgi?id=108284 (r142507), a
2649         snapshotted plugin was no longer drawing the background of the
2650         label blurred. Since the snapshot content was now a shadow tree,
2651         it wasn't feasible to pre-blur a region of the snapshot: the label
2652         could be any size and in any location, with ports being able to
2653         override the appearance through their UA style sheet.
2654
2655         Instead we now use one of the elements in the tree, the snapshot-overlay,
2656         as a hook where ports can add any effect they want. This could be simply
2657         a border, or a transparent mask, or even a CSS filter. We introduce a custom
2658         CSS appearance "snapshotted-plugin-overlay", which could be added to the
2659         element in the injected UA stylesheet. This calls into RenderTheme in
2660         the same way that custom controls do.
2661
2662         Meanwhile, in RenderThemeMac, we implement the appearance by drawing the
2663         content of the plugin snapshot into the background of the element. That
2664         way we can add effects in CSS.
2665
2666         Test: plugins/snapshot-appearance.html
2667
2668         * css/CSSPrimitiveValueMappings.h:
2669         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Handle SnapshottedPluginOverlayPart.
2670         * css/CSSValueKeywords.in: New appearance value snapshotted-plugin-overlay.
2671         * platform/ThemeTypes.h: New value SnapshottedPluginOverlayPart.
2672         * html/HTMLPlugInElement.h:
2673         (WebCore::toHTMLPlugInElement): Add safer casting helpers.
2674         * html/HTMLPlugInImageElement.h:
2675         (WebCore::toHTMLPlugInImageElement): Ditto.
2676         * rendering/RenderSnapshottedPlugIn.cpp: Remove the code for handling
2677             the blur directly in the renderer.
2678         (WebCore::RenderSnapshottedPlugIn::paint): Simplify the paint logic since we're
2679             no longer trying to blur here.
2680         (WebCore::RenderSnapshottedPlugIn::paintSnapshot): Ditto.
2681         * rendering/RenderSnapshottedPlugIn.h: Remove the methods that were trying
2682             to blur the image directly.
2683         * rendering/RenderTheme.cpp:
2684         (WebCore::RenderTheme::paint): Call paintSnapshottedPluginOverlay.
2685         * rendering/RenderTheme.h:
2686         (WebCore::RenderTheme::paintSnapshottedPluginOverlay): New virtual method with default implementation.
2687         * rendering/RenderThemeMacShared.h:
2688         (RenderThemeMacShared): Override paintSnapshottedPluginOverlay.
2689         * rendering/RenderThemeMacShared.mm:
2690         (WebCore::RenderThemeMacShared::paintSnapshottedPluginOverlay): Implement a custom render path
2691             that takes the snapshot image from the node's parent, and draws it into the background.
2692             Along the way make sure we're actually using the right type of element (an HTMLPlugInImageElement).
2693
2694 2013-03-08  Sergio Villar Senin  <svillar@igalia.com>
2695
2696         Improve drag&drop of list items in contentEditable divs
2697         https://bugs.webkit.org/show_bug.cgi?id=111556
2698
2699         Reviewed by Ryosuke Niwa.
2700
2701         A single fully selected <li> should generate the same markup as if
2702         we were selecting some of them, i.e., we should preserve the list
2703         structure and appearance.
2704
2705         Test: editing/selection/drag-list-item.html
2706
2707         * editing/htmlediting.cpp:
2708         (WebCore::isListItem): modified constness.
2709         * editing/htmlediting.h:
2710         (WebCore): ditto.
2711         * editing/markup.cpp:
2712         (WebCore::highestAncestorToWrapMarkup):
2713
2714 2013-03-08  Alberto Garcia  <agarcia@igalia.com>
2715
2716         [BlackBerry] LayerTiler: rename currentFrameHasAlpha as currentFrameKnownToBeOpaque
2717         https://bugs.webkit.org/show_bug.cgi?id=111828
2718
2719         Reviewed by Carlos Garcia Campos.
2720
2721         This changed in r141637.
2722
2723         * platform/graphics/blackberry/LayerTiler.cpp:
2724         (WebCore::LayerTiler::updateTextureContentsIfNeeded):
2725
2726 2013-03-08  Antoine Quint  <graouts@apple.com>
2727
2728         Fix a couple of typos.
2729
2730         Unreviewed.
2731
2732         * inspector/Inspector.json:
2733
2734 2013-03-08  Carlos Garcia Campos  <cgarcia@igalia.com>
2735
2736         [BlackBerry] Use OwnPtr for CredentialBackingStore members
2737         https://bugs.webkit.org/show_bug.cgi?id=111737
2738
2739         Reviewed by Rob Buis.
2740
2741         It simplifies the code a bit.
2742
2743         * platform/network/blackberry/CredentialBackingStore.cpp:
2744         (WebCore::CredentialBackingStore::~CredentialBackingStore):
2745         (WebCore::CredentialBackingStore::open):
2746         (WebCore::CredentialBackingStore::certMgrWrapper):
2747         * platform/network/blackberry/CredentialBackingStore.h:
2748         (CredentialBackingStore):
2749
2750 2013-03-07  Gavin Barraclough  <barraclough@apple.com>
2751
2752         MemoryPressureHandler should fully flush the WebCore & NS URL caches
2753         https://bugs.webkit.org/show_bug.cgi?id=111827
2754
2755         Rubber Stamped by Geoff Garen
2756
2757         When the handler is fired we should free as much memory as possible.
2758
2759         * platform/mac/MemoryPressureHandlerMac.mm:
2760         (WebCore::MemoryPressureHandler::releaseMemory):
2761             - fully flush the WebCore & NS URL caches
2762
2763 2013-03-07  Keishi Hattori  <keishi@webkit.org>
2764
2765         Update calendar picker UI
2766         https://bugs.webkit.org/show_bug.cgi?id=109439
2767
2768         Reviewed by Kent Tamura.
2769
2770         This patch changes the calendar picker UI.
2771
2772         Added tests to existing calendar picker tests.
2773         Test: platform/chromium/fast/forms/calendar-picker/calendar-picker-appearance-month-popup.html
2774
2775         * Resources/pagepopups/calendarPicker.css:
2776         (body):
2777         (.rtl):
2778         (.scroll-view):
2779         (.scroll-view-content):
2780         (.list-cell):
2781         (.list-cell.hidden):
2782         (.day-cell):
2783         (.week-number-cell):
2784         (.day-cell.today):
2785         (.day-cell.highlighted):
2786         (.day-cell.highlighted.disabled):
2787         (.day-cell.selected):
2788         (.day-cell.disabled):
2789         (.day-cell.current-month):
2790         (.calendar-table-view):
2791         (.preparing .calendar-table-view:focus):
2792         (.week-day-label):
2793         (.week-number-label):
2794         (.calendar-table-header-view):
2795         (.calendar-picker):
2796         (.calendar-header-view):
2797         (.calendar-title):
2798         (.rtl .calendar-title):
2799         (.month-popup-button:disabled):
2800         (.month-popup-button):
2801         (.month-popup-button .disclosure-triangle):
2802         (.month-popup-button .disclosure-triangle svg):
2803         (.today-button::after):
2804         (.calendar-navigation-button):
2805         (.year-list-view):
2806         (.year-list-cell):
2807         (.year-list-cell .label):
2808         (.year-list-cell .month-chooser):
2809         (.month-buttons-row):
2810         (.month-button):
2811         (.month-button.highlighted):
2812         (.scrubby-scroll-bar):
2813         (.scrubby-scroll-thumb):
2814         (.month-popup-view):
2815         (.year-list-view .scrubby-scroll-bar):
2816         (.rtl .year-list-view .scrubby-scroll-bar):
2817         * Resources/pagepopups/calendarPicker.js:
2818         (setGlobalParams): Sets the global params.
2819         (initialize):
2820         (openCalendarPicker):
2821         (CalendarHeaderView.prototype.onNavigationButtonClick): Fix typo.
2822         (CalendarPicker):
2823         (CalendarPicker.prototype.onWindowResize): We want to have the "preparing" class applied
2824         to cancel css transitions while setting up the calendar picker so we can avoid flaky pixel tests.
2825         (CalendarPicker.prototype.onYearListViewDidHide): The user clicked on a month so hide the month popup.
2826         (CalendarPicker.prototype.onYearListViewDidSelectMonth): Change the current month in response to the month popup.
2827         (CalendarPicker.prototype.attachTo): We want the calendar table focused when the calendar picker first opens.
2828         (CalendarPicker.prototype.cleanup): Clean up any event listeners or elements attached to nodes outside of this.element.
2829         (CalendarPicker.prototype.onMonthPopupButtonClick): Open the month popup in response to the month popup button being clicked.
2830         (CalendarPicker.prototype._setConfig): Configures the calendar picker.
2831         (CalendarPicker.prototype.currentMonth): The currently shown month.
2832         (CalendarPicker.prototype.setCurrentMonth): Scrolls the calendar table to the given month. Use the navigation behavior param to specify if you want a transition animation.
2833         (CalendarPicker.prototype.adjustHeight): Adjusts the height so its just tall enough to fit the current month. If the month picker is open, fit that.
2834         (CalendarPicker.prototype.selection): Currently selected date range.
2835         (CalendarPicker.prototype.highlight): Currently highlighted date range.
2836         (CalendarPicker.prototype.firstVisibleDay): Returns the first visible day ignoring scroll animation (i.e. this is the first visible day when the scroll animation is done).
2837         (CalendarPicker.prototype.lastVisibleDay): Returns the last visible day ignoring scroll animation.
2838         (CalendarPicker.prototype.selectRangeContainingDay): Sets the selection to the date range containing the given day.
2839         (CalendarPicker.prototype.highlightRangeContainingDay): Sets the highlight to the date range containing the given day.
2840         (CalendarPicker.prototype.setSelection): Sets the selection to the given date range.
2841         (CalendarPicker.prototype._setHighlight): Sets the highlight to the given date range.
2842         (CalendarPicker.prototype._stepMismatch): Just moving.
2843         (CalendarPicker.prototype._outOfRange): Ditto.
2844         (CalendarPicker.prototype.isValid): Returns true if the given date range is a valid selection.
2845         (CalendarPicker.prototype.isValidDay): Returns true if the day is part of a valid selection.
2846         (CalendarPicker.prototype._moveHighlight): Moves the highlight to the given date range if possible. Returns true if it succeeds.
2847         (CalendarPicker.prototype.onCalendarTableKeyDown): Handles the arrow keys, etc.
2848         (CalendarPicker.prototype.width):
2849         (CalendarPicker.prototype.height):
2850         (CalendarPicker.prototype.setHeight):
2851         (CalendarPicker.prototype.onBodyKeyDown): Handles esc/m/y/d.
2852         * Resources/pagepopups/chromium/calendarPickerChromium.css:
2853         (.calendar-table-view:focus):
2854         (.preparing .calendar-table-view:focus):
2855
2856 2013-03-07  Seokju Kwon  <seokju.kwon@gmail.com>
2857
2858         Web Inspector: Remove unused return value after r122962
2859         https://bugs.webkit.org/show_bug.cgi?id=111821
2860
2861         Reviewed by Pavel Feldman.
2862
2863         No new tests.
2864
2865         * inspector/front-end/ConsolePanel.js:
2866         (WebInspector.ConsolePanel.prototype.jumpToPreviousSearchResult):
2867         * inspector/front-end/ElementsPanel.js:
2868         (WebInspector.ElementsPanel.prototype.jumpToPreviousSearchResult):
2869         * inspector/front-end/ScriptsPanel.js:
2870         (WebInspector.ScriptsPanel.prototype.jumpToPreviousSearchResult):
2871
2872 2013-03-07  Sheriff Bot  <webkit.review.bot@gmail.com>
2873
2874         Unreviewed, rolling out r145166.
2875         http://trac.webkit.org/changeset/145166
2876         https://bugs.webkit.org/show_bug.cgi?id=111819
2877
2878         build break - no symbol
2879         webkit_support::CreateScopedTempDirectory() (Requested by
2880         hayato on #webkit).
2881
2882         * Modules/indexeddb/IDBBackingStore.cpp:
2883         (WebCore::IDBBackingStore::IDBBackingStore):
2884         (WebCore::IDBBackingStore::~IDBBackingStore):
2885         (WebCore::IDBBackingStore::open):
2886         * Modules/indexeddb/IDBBackingStore.h:
2887         (WebCore):
2888         (IDBBackingStore):
2889         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
2890         (WebCore::IDBFactoryBackendImpl::addIDBBackingStore):
2891         (WebCore):
2892         (WebCore::IDBFactoryBackendImpl::removeIDBBackingStore):
2893         (WebCore::IDBFactoryBackendImpl::openBackingStore):
2894         * Modules/indexeddb/IDBFactoryBackendImpl.h:
2895         (IDBFactoryBackendImpl):
2896
2897 2013-03-07  Hajime Morrita  <morrita@google.com>
2898
2899         Custom Elements: CustomElement constructor shouldn't share function instance
2900         https://bugs.webkit.org/show_bug.cgi?id=111807
2901
2902         Reviewed by Kentaro Hara.
2903
2904         Adaptor functions of custom elements unintentionally share the instance.
2905         This fix gives new one for each.
2906
2907         Test: Updated fast/dom/custom/document-register-basic.html
2908
2909         * bindings/v8/V8AdaptorFunction.cpp:
2910         (WebCore::V8AdaptorFunction::wrap):
2911
2912 2013-03-07  Jared Wyles  <wyles@adobe.com>
2913
2914         Reading border radius from style property returns in wrong order.
2915         https://bugs.webkit.org/show_bug.cgi?id=110853
2916
2917         Reviewed by Ryosuke Niwa
2918         
2919         Updating the order of border-radius to return in the order specified
2920         in http://www.w3.org/TR/css3-background/#the-border-radius
2921
2922         Tests updated in LayoutTests/fast/borders/border-radius-parsing.html 
2923         Changed the expectations in LayoutTests/inspector/elements/elements-panel-styles-expected.txt 
2924         
2925         Compat information -
2926         jQuery's css function favours using getComputedStyle for elements so that should not be impacted.
2927         Zepto does check for the element on style first so may be a slight concern there.
2928
2929         * css/StylePropertyShorthand.cpp:
2930         (WebCore::borderRadiusShorthand):
2931
2932 2013-03-07  Andreas Kling  <akling@apple.com>
2933
2934         Resizing Cappuccino is very laggy on WebKit since Safari 5.1
2935         <http://webkit.org/b/71354>
2936         <rdar://problem/10565998>
2937
2938         Reviewed by Anders Carlsson.
2939
2940         * WebCore.exp.in: Export FloatPoint(const NSPoint&)
2941
2942 2013-03-07  Andreas Kling  <akling@apple.com>
2943
2944         Remove desktop version of -webkit-text-size-adjust property.
2945         <http://webkit.org/b/56543>
2946         <rdar://problem/9150203>
2947
2948         Reviewed by Simon Fraser.
2949
2950         This property existed to support a number of Apple-internal clients of WebKit.
2951         We no longer need this property, and since it's clashing with a mobile version of the
2952         same property with different meaning, let's remove it altogether from the desktop build.
2953
2954         * css/CSSComputedStyleDeclaration.cpp:
2955         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
2956         * css/CSSParser.cpp:
2957         (WebCore::isValidKeywordPropertyAndValue):
2958         (WebCore::isKeywordPropertyID):
2959         (WebCore::CSSParser::parseValue):
2960         * css/CSSPrimitiveValue.cpp:
2961         (WebCore::CSSPrimitiveValue::computeLengthDouble):
2962         * css/CSSProperty.cpp:
2963         (WebCore::CSSProperty::isInheritedProperty):
2964         * css/CSSPropertyNames.in:
2965         * css/StyleBuilder.cpp:
2966         (WebCore::ApplyPropertyLineHeight::applyValue):
2967         * css/StyleResolver.cpp:
2968         (WebCore::StyleResolver::updateFont):
2969         (WebCore::StyleResolver::applyProperties):
2970         (WebCore::StyleResolver::applyProperty):
2971         * css/StyleResolver.h:
2972         (StyleResolver):
2973         * css/svg.css:
2974         * editing/EditingStyle.cpp:
2975         * inspector/front-end/inspector.css:
2976         (#console-messages):
2977         * inspector/front-end/resourcesPanel.css:
2978         (.storage-view.query):
2979         * rendering/style/RenderStyle.cpp:
2980         (WebCore::RenderStyle::diff):
2981         * rendering/style/RenderStyle.h:
2982         * rendering/style/StyleRareInheritedData.cpp:
2983         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
2984         (WebCore::StyleRareInheritedData::operator==):
2985         * rendering/style/StyleRareInheritedData.h:
2986         (StyleRareInheritedData):
2987
2988 2013-03-07  Joshua Bell  <jsbell@chromium.org>
2989
2990         IndexedDB: Use WeakPtr for Factory-to-BackingStore reference
2991         https://bugs.webkit.org/show_bug.cgi?id=111459
2992
2993         Reviewed by Adam Barth.
2994
2995         IDBFactoryBackendImpl maintains a map of backing stores - if another database in the same
2996         origin is opened, the backing store instance must be re-used). This was a map to raw
2997         pointers so that the backing store can be collected when all database references are
2998         dropped. The map was maintained manually by passing the factory to the IDBBackingStore which
2999         would add/remove itself on creation/destruction.
3000
3001         Replace this with a HashMap<WeakPtr<>>. This simplifies the plumbing; map entries
3002         "leak" but are purged on subsequent opens.
3003
3004         Added webkit_unit_test (Chromium port) to verify refcounts.
3005
3006         * Modules/indexeddb/IDBBackingStore.cpp:
3007         (WebCore::IDBBackingStore::IDBBackingStore): No need to notify factory of lifetime.
3008         (WebCore::IDBBackingStore::~IDBBackingStore): Ditto.
3009         (WebCore::IDBBackingStore::open): Ditto.
3010         * Modules/indexeddb/IDBBackingStore.h: No reference to the factory, but...
3011         (WebCore::IDBBackingStore::createWeakPtr): Do need to expose weak pointers for the factory to hold.
3012         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
3013         (WebCore::cleanWeakMap): Helper function to scrub a HashMap<WeakPtr<T>> of empty pointers.
3014         May move to WTF when we've learned how general it is, or come up with a dedicated WeakPtrHashMap type.
3015         (WebCore::IDBFactoryBackendImpl::openBackingStore): WeakPtr fu.
3016         * Modules/indexeddb/IDBFactoryBackendImpl.h:
3017         (IDBFactoryBackendImpl): Remove plumbing methods.
3018
3019 2013-03-07  Otto Derek Cheung  <otcheung@rim.com>
3020
3021         [BlackBerry] RefCounting ParsedCookie to avoid SegFaults
3022         https://bugs.webkit.org/show_bug.cgi?id=111761
3023
3024         Reviewed by Rob Buis.
3025
3026         Making necessary changes to ref count the ParsedCookie object.
3027
3028         Tested using the opera cookie test suite and the BB Browser cookie test suite.
3029         Tested using the browser, visiting popular sites such as facebook, reddit, google etc
3030         to ensure cookie functionality isn't changed.
3031
3032         * loader/blackberry/CookieJarBlackBerry.cpp:
3033         (WebCore::getRawCookies):
3034         * platform/blackberry/CookieDatabaseBackingStore/CookieDatabaseBackingStore.cpp:
3035         (WebCore::CookieDatabaseBackingStore::insert):
3036         (WebCore::CookieDatabaseBackingStore::update):
3037         (WebCore::CookieDatabaseBackingStore::remove):
3038         (WebCore::CookieDatabaseBackingStore::getCookiesFromDatabase):
3039         (WebCore::CookieDatabaseBackingStore::invokeGetCookiesWithLimit):
3040         (WebCore::CookieDatabaseBackingStore::invokeSendChangesToDatabase):
3041         (WebCore::CookieDatabaseBackingStore::addToChangeQueue):
3042         * platform/blackberry/CookieDatabaseBackingStore/CookieDatabaseBackingStore.h:
3043         (CookieDatabaseBackingStore):
3044         * platform/blackberry/CookieManager.cpp:
3045         (WebCore::cookieSorter):
3046         (WebCore::CookieManager::setCookies):
3047         (WebCore::CookieManager::getCookie):
3048         (WebCore::CookieManager::generateHtmlFragmentForCookies):
3049         (WebCore::CookieManager::getRawCookies):
3050         (WebCore::CookieManager::checkAndTreatCookie):
3051         (WebCore::CookieManager::addCookieToMap):
3052         (WebCore::CookieManager::getBackingStoreCookies):
3053         (WebCore::CookieManager::findOrCreateCookieMap):
3054         (WebCore::CookieManager::removeCookieWithName):
3055         (WebCore::CookieManager::cookieLimitCleanUp):
3056         * platform/blackberry/CookieManager.h:
3057         * platform/blackberry/CookieMap.cpp:
3058         (WebCore::CookieMap::addOrReplaceCookie):
3059         (WebCore::CookieMap::removeCookieAtIndex):
3060         (WebCore::CookieMap::removeCookie):
3061         (WebCore::CookieMap::getAllCookies):
3062         (WebCore::CookieMap::removeOldestCookie):
3063         (WebCore::CookieMap::deleteAllCookiesAndDomains):
3064         (WebCore::CookieMap::getAllChildCookies):
3065         * platform/blackberry/CookieMap.h:
3066         (CookieMap):
3067         * platform/blackberry/CookieParser.cpp:
3068         (WebCore):
3069         (WebCore::CookieParser::parse):
3070         (WebCore::CookieParser::parseOneCookie):
3071         * platform/blackberry/CookieParser.h:
3072         (CookieParser):
3073         * platform/blackberry/ParsedCookie.cpp:
3074         * platform/blackberry/ParsedCookie.h:
3075         (ParsedCookie):
3076         (WebCore::ParsedCookie::create):
3077
3078 2013-03-07  Aaron Colwell  <acolwell@chromium.org>
3079
3080         Heap-use-after-free in WebCore::HTMLMediaElement::~HTMLMediaElement
3081         https://bugs.webkit.org/show_bug.cgi?id=110623
3082
3083         Reviewed by Kentaro Hara.
3084
3085         Test: http/tests/misc/delete-frame-during-readystatechange-with-gc-after-video-removal.html
3086
3087         * bindings/v8/V8GCController.cpp: Fix MinorGCWrapperVisitor so it doesn't collect ActiveDOMObjects
3088                                           that have pending activity.
3089         * html/HTMLAudioElement.h:
3090         (HTMLAudioElement): Removed hasPendingActivity() now that this is handled by the base class.
3091         * html/HTMLAudioElement.idl: Removed ActiveDOMObject annotation since HTMLMediaElement now has it.
3092         * html/HTMLMediaElement.cpp:
3093         (WebCore::HTMLMediaElement::hasPendingActivity): Update implementation to return true if the media
3094                                                          has audio and is playing. This brings the code into
3095                                                          compliance with the detached element behavior outlined
3096                                                          in the HTML5 spec.
3097         * html/HTMLMediaElement.idl: Added ActiveDOMObject annotation so that all derived classes are
3098                                      considered ActiveDOMObjects.
3099
3100 2013-03-07  Jeffrey Pfau  <jpfau@apple.com>
3101
3102         CFNetwork cache partitioning does not work properly on subdomains
3103         https://bugs.webkit.org/show_bug.cgi?id=111772
3104
3105         Reviewed by David Kilzer.
3106
3107         Ensure that the cache partitioning is done over the top privately-controlled domain for the NSURLRequest.
3108
3109         Not possible to test with current automated test tools, must be tested manually.
3110
3111         * loader/cache/MemoryCache.cpp: Remove extraneous calls to partitionName
3112         (WebCore):
3113         (WebCore::MemoryCache::add):
3114         (WebCore::MemoryCache::revalidationSucceeded):
3115         (WebCore::MemoryCache::resourceForRequest):
3116         (WebCore::MemoryCache::evict):
3117         (WebCore::MemoryCache::removeResourcesWithOrigin):
3118         * platform/network/cf/ResourceRequest.h: Put top privately-controlled domain reduction code into ResourceRequest::partitionName
3119         (ResourceRequest):
3120         (WebCore::ResourceRequest::cachePartition):
3121         (WebCore::ResourceRequest::setCachePartition): Pre-process the partition name
3122         * platform/network/cf/ResourceRequestCFNet.cpp:
3123         (WebCore):
3124         (WebCore::ResourceRequest::partitionName):
3125         * platform/network/mac/ResourceRequestMac.mm:
3126         (WebCore::ResourceRequest::doUpdatePlatformRequest): Use a UTF-8 version of the cache partition name
3127
3128 2013-03-07  Kenneth Russell  <kbr@google.com>
3129
3130         Compute WebGL context attributes from DrawingBuffer when it is used
3131         https://bugs.webkit.org/show_bug.cgi?id=111666
3132
3133         Reviewed by James Robinson.
3134
3135         Fixed computation of antialias flag when DrawingBuffer is used.
3136
3137         No new tests; covered by existing tests. Ran WebGL conformance
3138         tests on desktop Linux and Android to test.
3139
3140         * html/canvas/WebGLRenderingContext.cpp:
3141         (WebCore):
3142         (WebCore::WebGLRenderingContext::getContextAttributes):
3143             Query DrawingBuffer, when used, for antialias flag.
3144
3145 2013-03-07  Beth Dakin  <bdakin@apple.com>
3146
3147         Need API to draw custom overhang area
3148         https://bugs.webkit.org/show_bug.cgi?id=111679
3149         -and corresponding-
3150         <rdar://problem/13291415>
3151
3152         Reviewed by Simon Fraser.
3153
3154         This will allow clients to put custom images into the top or bottom overhang area.
3155
3156         New FrameView API takes a bool indicating whether the client wants a top/bottom 
3157         overhang layer. If the bool is true, the overhang layer will be returned. 
3158         * WebCore.exp.in:
3159         * page/FrameView.cpp:
3160         (WebCore::FrameView::setWantsLayerForTopOverHangArea):
3161         (WebCore::FrameView::setWantsLayerForBottomOverHangArea):
3162         * page/FrameView.h:
3163         (FrameView):
3164
3165         Keep member variables for the top and bottom overhang layers. Create them if 
3166         necessary, and update them if the root layer changes.
3167         * rendering/RenderLayerCompositor.cpp:
3168         (WebCore::RenderLayerCompositor::updateRootLayerPosition):
3169         (WebCore::RenderLayerCompositor::updateLayerForTopOverhangArea):
3170         (WebCore::RenderLayerCompositor::updateLayerForBottomOverhangArea):
3171         (WebCore::RenderLayerCompositor::reportMemoryUsage):
3172         * rendering/RenderLayerCompositor.h:
3173         (RenderLayerCompositor):
3174
3175 2013-03-07  Gavin Barraclough  <barraclough@apple.com>
3176
3177         Reduce page cache size on Mac
3178         https://bugs.webkit.org/show_bug.cgi?id=111795
3179
3180         Rubber stamped by Geoff Garen
3181
3182         5 entries is unnecessarily large; research show 3 should suffice.
3183         On a low memory warning we should clear this completely.
3184
3185         * platform/mac/MemoryPressureHandlerMac.mm:
3186         (WebCore::MemoryPressureHandler::releaseMemory):
3187             - clear the page cache completely
3188
3189 2013-03-07  Simon Fraser  <simon.fraser@apple.com>
3190
3191         Rename Mac's TileCache to TileController, and WebTileCacheLayer to WebTiledBackingLayer
3192         https://bugs.webkit.org/show_bug.cgi?id=111779
3193
3194         Reviewed by Tim Horton.
3195         
3196         "TileCache" was a name conflict in downstream code, so rename it to TileController.
3197         The layer that has a TileController is now a WebTiledBackingLayer (which fits with
3198         the TiledBacking API that TileController exposes).
3199         
3200         Also renamed the flags in PlatformCALayer to match.
3201
3202         Rename only, no behavior change.
3203
3204         * WebCore.xcodeproj/project.pbxproj:
3205         * page/scrolling/mac/ScrollingTreeScrollingNodeMac.mm:
3206         (WebCore::ScrollingTreeScrollingNodeMac::logExposedUnfilledArea):
3207         * platform/graphics/GraphicsLayerClient.h:
3208         (WebCore::GraphicsLayerClient::shouldUseTiledBacking):
3209         * platform/graphics/ca/GraphicsLayerCA.cpp:
3210         (WebCore::GraphicsLayerCA::GraphicsLayerCA):
3211         (WebCore::GraphicsLayerCA::recursiveCommitChanges):
3212         (WebCore::GraphicsLayerCA::platformCALayerShowRepaintCounter):
3213         (WebCore::GraphicsLayerCA::platformCALayerDidCreateTiles):
3214         (WebCore::GraphicsLayerCA::updateVisibleRect):
3215         (WebCore::GraphicsLayerCA::getDebugBorderInfo):
3216         (WebCore::GraphicsLayerCA::requiresTiledLayer):
3217         (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
3218         * platform/graphics/ca/GraphicsLayerCA.h:
3219         * platform/graphics/ca/PlatformCALayer.h:
3220         (WebCore::PlatformCALayer::usesTiledBackingLayer):
3221         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
3222         (PlatformCALayer::PlatformCALayer):
3223         (PlatformCALayer::~PlatformCALayer):
3224         (PlatformCALayer::tiledBacking):
3225         * platform/graphics/ca/mac/TileController.h: Renamed from Source/WebCore/platform/graphics/ca/mac/TileCache.h.
3226         * platform/graphics/ca/mac/WebTileLayer.h:
3227         (TileController):
3228         * platform/graphics/ca/mac/WebTileLayer.mm:
3229         (-[WebTileLayer drawInContext:]):
3230         (-[WebTileLayer setTileController:WebCore::]):
3231         (-[WebTileLayer logFilledFreshTile]):
3232         * platform/graphics/ca/mac/WebTiledBackingLayer.h: Renamed from Source/WebCore/platform/graphics/ca/mac/WebTileCacheLayer.h.
3233         * platform/graphics/ca/mac/WebTiledBackingLayer.mm: Renamed from Source/WebCore/platform/graphics/ca/mac/WebTileCacheLayer.mm.
3234         * platform/graphics/mac/WebLayer.mm:
3235         (drawLayerContents):
3236         * rendering/RenderLayerBacking.cpp:
3237         (WebCore::RenderLayerBacking::RenderLayerBacking):
3238         (WebCore::RenderLayerBacking::shouldUseTiledBacking):
3239         (WebCore::RenderLayerBacking::adjustTiledBackingCoverage):
3240         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer):
3241         * rendering/RenderLayerBacking.h:
3242         (WebCore::RenderLayerBacking::usingTiledBacking):
3243         (RenderLayerBacking):
3244         (WebCore::RenderLayerBacking::hasTiledBackingFlatteningLayer):
3245         * rendering/RenderLayerCompositor.cpp:
3246         (WebCore::RenderLayerCompositor::frameViewDidLayout):
3247         (WebCore::RenderLayerCompositor::rootFixedBackgroundsChanged):
3248         (WebCore::RenderLayerCompositor::supportsFixedRootBackgroundCompositing):
3249
3250 2013-03-07  Alexey Proskuryakov  <ap@apple.com>
3251
3252         FormData should allow setting filename to empty
3253         https://bugs.webkit.org/show_bug.cgi?id=111687
3254
3255         Reviewed by Brady Eidson.
3256
3257         Tests: http/tests/local/formdata/send-form-data-with-empty-blob-filename.html
3258                http/tests/local/formdata/send-form-data-with-empty-file-filename.html
3259
3260         * platform/network/FormData.cpp: (WebCore::FormData::appendKeyValuePairItems):
3261         Missing value is a null string. If the string is empty, we should treat is as
3262         authoritative.
3263
3264 2013-03-07  David Hyatt  <hyatt@apple.com>
3265
3266         REGRESSION: fast/border/border-fit-2.html needs updating
3267         https://bugs.webkit.org/show_bug.cgi?id=111776
3268
3269         Reviewed by Simon Fraser.
3270
3271         This test is incorrectly shrinking the border image now.
3272         We need to apply some clamping to the border-fit like the
3273         old code did. The pixel results *are* still changing though,
3274         since a layout-time shrinkage will not result in right-aligned
3275         boxes in an LTR block when the left edge gets chopped. We'll
3276         have to see if this behavioral change ends up being a problem,
3277         but for now we'll rebaseline and assume it will be ok.
3278
3279         * rendering/RenderBlock.cpp:
3280         (WebCore::RenderBlock::fitBorderToLinesIfNeeded):
3281
3282 2013-03-07  Antoine Quint  <graouts@apple.com>
3283
3284         Web Inspector: provide reasons why a layer was composited in the LayerTreeAgent
3285         https://bugs.webkit.org/show_bug.cgi?id=111703
3286
3287         Introduce a new LayerTree.reasonsForCompositingLayer(layerId) method which returns
3288         the list of reasons why the provided layer was composited as an object with an
3289         optional property for each possible reason. The RenderLayerCompositor already knows
3290         how to provide this information via its own reasonsForCompositing() method, and we
3291         process the returned bitmask to populate the object sent to the front-end.
3292
3293         Reviewed by Timothy Hatcher.
3294
3295         Test: inspector-protocol/layers/layers-compositing-reasons.html
3296
3297         * inspector/Inspector.json:
3298         * inspector/InspectorLayerTreeAgent.cpp:
3299         (WebCore::InspectorLayerTreeAgent::reasonsForCompositingLayer):
3300         (WebCore):
3301         * inspector/InspectorLayerTreeAgent.h:
3302         (InspectorLayerTreeAgent):
3303
3304 2013-03-07  Anders Carlsson  <andersca@apple.com>
3305
3306         Add a didFocusTextField callback to the injected bundle form client
3307         https://bugs.webkit.org/show_bug.cgi?id=111771
3308
3309         Reviewed by Andreas Kling.
3310
3311         Export a symbol needed by WebKit2.
3312
3313         * WebCore.exp.in:
3314
3315 2013-03-06  James Robinson  <jamesr@chromium.org>
3316
3317         [chromium] Stop using WebTransformationMatrix on WebLayer
3318         https://bugs.webkit.org/show_bug.cgi?id=111635
3319
3320         Reviewed by Adrienne Walker.
3321
3322         Switches over to the SkMatrix44 transform setters.
3323
3324         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
3325         (WebCore::transformToSkMatrix44):
3326           Utility for convering a WebCore::TransformationMatrix to an SkMatrix44.
3327           Will move to a more common location once it gets more callers.
3328         (WebCore::GraphicsLayerChromium::updateTransform):
3329         (WebCore::GraphicsLayerChromium::updateChildrenTransform):
3330
3331 2013-03-07  Eric Carlson  <eric.carlson@apple.com>
3332
3333         [Mac] allow iOS to use CaptionUserPreferencesMac
3334         https://bugs.webkit.org/show_bug.cgi?id=111770
3335
3336         Reviewed by Dean Jackson.
3337
3338         No new tests, covered by existing tests.
3339
3340         * page/CaptionUserPreferencesMac.h:
3341         * page/CaptionUserPreferencesMac.mm:
3342         (WebCore::userCaptionPreferencesChangedNotificationCallback): Respond to notifications on
3343             the web thread.
3344
3345 2013-03-07  Mike West  <mkwst@chromium.org>
3346
3347         Move side-effects on hover/active state out of hit-testing
3348         https://bugs.webkit.org/show_bug.cgi?id=98168
3349
3350         Reviewed by Julien Chaffraix.
3351
3352         Original patch by Allan Sandfeld Jensen; I'm just tweaking things.
3353
3354         Document::updateHoverActiveState is currently called during hit testing
3355         to update the hover and active states of elements effected by mouse
3356         movements (or their keyboard equivalents). This conflates the hit test
3357         algorithm itself with side-effects associated with specific use-cases.
3358
3359         This conflation makes it very difficult to reuse the hover/active logic
3360         for things other than hit testing. 'mouseenter'/'mouseleave' events[1]
3361         are one example of a feature that would be simple to implement on top of
3362         this existing logic if we split it out from the hit testing path, and
3363         instead call it explicitly when necessary. An explicit split between
3364         hit testing and its side-effects will also enable us to simplify the
3365         logic in future patches with well-named parameters, rather than relying
3366         on stuffing properties into HitTestRequest.
3367
3368         This patch drops the call to Document::updateHoverActiveState from
3369         RenderView::hitTest, and adjusts the three call-sites in EventHandler
3370         to explicitly call out to it rather than Document::updateStyleIfNeeded.
3371         The latter call is still necessary but has been folded into
3372         updateHoverActiveState, as the former is never called without calling
3373         the latter.
3374
3375         [1]: http://wkbug.com/18930
3376
3377         * dom/Document.h:
3378         * dom/Document.cpp:
3379         (WebCore::Document::updateHoverActiveState):
3380             First, this function must now only be called from contexts that were
3381             performing a read/write hit-test: the code asserts this
3382             precondition.
3383
3384             Second, rather than accepting a HitTestResult, the function accepts
3385             an Element* from which to begin the hover/active chain changes.
3386
3387             Third, we have to explicitly update the hover/active states for
3388             documents between the updated element and the top-level document.
3389             The hit-testing logic was taking care of this for us, now we need to
3390             take care of it ourselves.
3391
3392             Fourth, call out to updateStyleIfNeeded rather than making our
3393             caller do so. The calls were always paired; now that's explicit.
3394         (WebCore::Document::prepareMouseEvent):
3395         * page/EventHandler.cpp:
3396         (WebCore::EventHandler::hitTestResultAtPoint):
3397         (WebCore::EventHandler::sendContextMenuEventForKey):
3398         (WebCore::EventHandler::hoverTimerFired):
3399             Call out to updateHoverActiveState rather than updateStyleIfNeeded.
3400         * rendering/RenderView.cpp:
3401         (WebCore::RenderView::hitTest):
3402             Drop the call to updateHoverActiveState.
3403
3404 2013-03-07  Sheriff Bot  <webkit.review.bot@gmail.com>
3405
3406         Unreviewed, rolling out r145097.
3407         http://trac.webkit.org/changeset/145097
3408         https://bugs.webkit.org/show_bug.cgi?id=111765
3409
3410         Triggers an ASSERT in the Chromium port (Requested by abarth
3411         on #webkit).
3412
3413         * html/FileInputType.cpp:
3414         (WebCore::FileInputType::appendFormData):
3415         * platform/network/FormData.cpp:
3416         (WebCore::FormData::appendKeyValuePairItems):
3417
3418 2013-03-07  Chris Fleizach  <cfleizach@apple.com>
3419
3420         AX: Can't activate links with VoiceOver in Safari
3421         https://bugs.webkit.org/show_bug.cgi?id=111755
3422
3423         Reviewed by Tim Horton.
3424
3425         VoiceOver is relying on the press action being the first action in the list. We changed
3426         that order inadvertently recently, which confuses VoiceOver.
3427
3428         Test: platform/mac/accessibility/press-action-is-first.html
3429
3430         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3431         (-[WebAccessibilityObjectWrapper accessibilityActionNames]):
3432
3433 2013-03-07  Rafael Weinstein  <rafaelw@chromium.org>
3434
3435         Unreviewed, rolling out r145083.
3436         http://trac.webkit.org/changeset/145083
3437         https://bugs.webkit.org/show_bug.cgi?id=110733
3438
3439         caused lots crashes in http/tests/security/xssAuditor/* tests
3440
3441         * html/parser/XSSAuditor.cpp: