Don't reuse cached stylesheet with failed or canceled resource loads
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-08-05  Antti Koivisto  <antti@apple.com>
2
3         Don't reuse cached stylesheet with failed or canceled resource loads
4         https://bugs.webkit.org/show_bug.cgi?id=93203
5
6         Reviewed by Simon Fraser.
7
8         1) Go to apple.com
9         2) Reload repeatedly
10
11         Eventually you can get into state where some images don't load.
12         
13         The problem is that a cached stylesheet may end up pointing to image resources that have been canceled (by the reload).
14         If this happens they stay in the canceled state even when the stylesheet is applied to a new document.
15         
16         Fix by checking if all loads are complete (or pending) when restoring a cached stylesheet. The sheet is only used
17         if there are no failed or canceled loads. There are potential more sophisticated fixes but this is simple and safe.
18         Walking the sheet is fast and since it is only done on cache restore the cost is minimal.
19
20         No regression test yet though the new code does get exercised by the existing tests.
21
22         * css/CSSCrossfadeValue.cpp:
23         (WebCore::CSSCrossfadeValue::hasFailedOrCanceledSubresources):
24         (WebCore):
25         * css/CSSCrossfadeValue.h:
26         (CSSCrossfadeValue):
27         * css/CSSFontFaceSrcValue.cpp:
28         (WebCore::CSSFontFaceSrcValue::hasFailedOrCanceledSubresources):
29         (WebCore):
30         * css/CSSFontFaceSrcValue.h:
31         (CSSFontFaceSrcValue):
32         * css/CSSImageSetValue.cpp:
33         (WebCore::CSSImageSetValue::hasFailedOrCanceledSubresources):
34         (WebCore):
35         * css/CSSImageSetValue.h:
36         (CSSImageSetValue):
37         * css/CSSImageValue.cpp:
38         (WebCore::CSSImageValue::hasFailedOrCanceledSubresources):
39         (WebCore):
40         * css/CSSImageValue.h:
41         (CSSImageValue):
42         * css/CSSValue.cpp:
43         (WebCore::CSSValue::hasFailedOrCanceledSubresources):
44         (WebCore):
45         * css/CSSValue.h:
46         (CSSValue):
47         * css/CSSValueList.cpp:
48         (WebCore::CSSValueList::hasFailedOrCanceledSubresources):
49         (WebCore):
50         * css/CSSValueList.h:
51         (CSSValueList):
52         * css/StylePropertySet.cpp:
53         (WebCore::StylePropertySet::hasFailedOrCanceledSubresources):
54         (WebCore):
55         * css/StylePropertySet.h:
56         (StylePropertySet):
57         * css/StyleSheetContents.cpp:
58         (WebCore::childRulesHaveFailedOrCanceledSubresources):
59         (WebCore):
60         (WebCore::StyleSheetContents::hasFailedOrCanceledSubresources):
61         * css/StyleSheetContents.h:
62         (StyleSheetContents):
63         * loader/cache/CachedCSSStyleSheet.cpp:
64         (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
65         * loader/cache/CachedResource.h:
66         (WebCore::CachedResource::loadFailedOrCanceled):
67
68 2012-08-05  Kentaro Hara  <haraken@chromium.org>
69
70         [V8] Move V8Proxy methods that set DOM attributes/callbacks to V8Binding
71         https://bugs.webkit.org/show_bug.cgi?id=93103
72
73         Reviewed by Adam Barth.
74
75         To remove V8Proxy, we can move V8Proxy methods that set DOM
76         attributes/callbacks to V8Binding.
77
78         No tests. No change in behavior.
79
80         * bindings/v8/V8Binding.cpp:
81         (WebCore::batchConfigureAttributes):
82         (WebCore):
83         (WebCore::batchConfigureCallbacks):
84         (WebCore::batchConfigureConstants):
85         * bindings/v8/V8Binding.h:
86         (BatchedAttribute):
87         (WebCore):
88         (WebCore::configureAttribute):
89         (BatchedConstant):
90         (BatchedCallback):
91         * bindings/v8/V8Proxy.cpp:
92         * bindings/v8/V8Proxy.h:
93         (WebCore):
94
95 2012-08-05  Kentaro Hara  <haraken@chromium.org>
96
97         [V8] Remove V8Proxy::registerExtensionWithV8()
98         https://bugs.webkit.org/show_bug.cgi?id=93115
99
100         Reviewed by Adam Barth.
101
102         V8Proxy::registerExtensionWithV8() is used by V8Proxy::registerExtension()
103         only. We can remove the redundant method.
104
105         In a follow-up patch, I will implement V8Proxy::registerExtentionIfNeeded()
106         and remove registerExtensionWithV8() and registerExtension().
107
108         No tests. No change in behavior.
109
110         * bindings/v8/V8Proxy.cpp:
111         (WebCore::staticExtensionsList): Just moved to near related methods.
112         (WebCore):
113         (WebCore::V8Proxy::extensions):
114         (WebCore::V8Proxy::registerExtension):
115         * bindings/v8/V8Proxy.h:
116         (V8Proxy):
117
118 2012-08-05  Kentaro Hara  <haraken@chromium.org>
119
120         [V8] Remove unused enum and typedefs in V8Proxy
121         https://bugs.webkit.org/show_bug.cgi?id=93105
122
123         Reviewed by Adam Barth.
124
125         In preparation for removing V8Proxy, we can remove unused enum
126         and typedefs in V8Proxy.
127
128         No tests. No change in behavior.
129
130         * bindings/v8/V8Proxy.cpp:
131         * bindings/v8/V8Proxy.h:
132         (WebCore::throwError):
133
134 2012-08-04  Dan Bernstein  <mitz@apple.com>
135
136         <rdar://problem/11875795> REGRESSION (tiled drawing): Page’s scroll bars flash with each character you type in a textarea (affects Wikipedia and YouTube)
137         https://bugs.webkit.org/show_bug.cgi?id=91348
138
139         Reviewed by Andy Estes.
140
141         * platform/ScrollableArea.cpp:
142         (WebCore::ScrollableArea::scrollPositionChanged): Changed to call notifyContentAreaScrolled()
143         only if the scroll position after the change differs from what it was before the change.
144         * rendering/RenderListBox.cpp:
145         (WebCore::RenderListBox::scrollPosition): Added an override of this ScrollableArea function.
146         * rendering/RenderListBox.h:
147
148 2012-08-04  Ami Fischman  <fischman@chromium.org>
149
150         HTMLMediaElement may fire the seeked event before currentTime reaches the seek time
151         https://bugs.webkit.org/show_bug.cgi?id=92881
152
153         Reviewed by Eric Carlson.
154
155         Testing provided by media/video-seek-past-end-paused.html, hopefully demonstrating lack of redness on all ports/bots this time.
156
157         * html/HTMLMediaElement.cpp:
158         (WebCore::HTMLMediaElement::mediaPlayerTimeChanged): don't finishSeek() until the media player is no longer seeking.
159
160 2012-08-04  Dan Bernstein  <mitz@apple.com>
161
162         Tried to fix the Qt Windows build after r124654.
163
164         * platform/graphics/SimpleFontData.cpp:
165         (WebCore::SimpleFontData::glyphForCharacter): Enclosed this function in
166         #if !(PLATFORM(QT) && !HAVE(QRAWFONT)).
167
168 2012-08-04  Mike West  <mkwst@chromium.org>
169
170         Refactor SubframeLoader::requestPlugin/loadPlugin for clarity.
171         https://bugs.webkit.org/show_bug.cgi?id=93138
172
173         Reviewed by Adam Barth.
174
175         SubframeLoader::requestPlugin and SubframeLoader::loadPlugin both do a
176         variety of checks to determine whether or not a specific resource ought
177         to instantiate a plugin in a specific context. r124636[1] moved one of
178         those checks, but there doesn't seem to be a clear way to determine
179         which checks should be performed where.
180
181         This patch refactors the checks out of those two methods for clarity,
182         moving them all into a new method: SubframeLoader::pluginIsLoadable.
183         That method requires the resource URL and MIME type, as well as the
184         `object` or `embed` element that owns this bit of rendering. The URL
185         and type are used directly to determine availability, while the element
186         is currently used only to create a renderer on which
187         setPluginUnavailabilityReason can be called if the plugin is blocked by
188         Content Security Policy.
189
190         This patch introduces no new tests, as it shouldn't change the code's
191         behavior: it should be a straightforward refactoring without web-visible
192         side-effects.
193
194         [1]: http://trac.webkit.org/changeset/124636
195
196         * loader/SubframeLoader.cpp:
197         (WebCore::SubframeLoader::pluginIsLoadable):
198             A new method that extracts the various 'Should we allow this plugin
199             in this context?' checks from requestPlugin and loadPlugin into ine
200             location, rather than spreading them across both.
201         (WebCore):
202         (WebCore::SubframeLoader::requestPlugin):
203         (WebCore::SubframeLoader::loadPlugin):
204         * loader/SubframeLoader.h:
205         (SubframeLoader):
206
207 2012-08-04  John J. Barton  <johnjbarton@chromium.org>
208
209         Web Inspector: filteredItemSelectionDialog.css has wrong selector for highlights
210         https://bugs.webkit.org/show_bug.cgi?id=93168
211
212         Reviewed by Pavel Feldman.
213
214         Selector required span to be a child, but highlights are themselves span. Used descendent selector.
215         No new tests: I'll make one next week, to go with bug 93166
216
217         * inspector/front-end/filteredItemSelectionDialog.css:
218         (.js-outline-dialog > .container > div.item span.highlight):
219
220 2012-08-03  Robert Hogan  <robert@webkit.org>
221
222         CSS 2.1 failure: overflow-applies-to-001 fails
223         https://bugs.webkit.org/show_bug.cgi?id=93148
224
225         Reviewed by Eric Seidel.
226
227         Overflow no longer applies to table-rows or table-row-groups, it only applies
228         to block containers: http://www.w3.org/TR/CSS21/visufx.html#overflow
229
230         Tests:  css2.1/20110323/overflow-applies-to-001.htm
231                 css2.1/20110323/overflow-applies-to-002.htm
232                 css2.1/20110323/overflow-applies-to-003.htm
233                 css2.1/20110323/overflow-applies-to-004.htm
234                 css2.1/20110323/overflow-applies-to-005.htm
235                 css2.1/20110323/overflow-applies-to-006.htm
236                 css2.1/20110323/overflow-applies-to-007.htm
237                 css2.1/20110323/overflow-applies-to-008.htm
238                 css2.1/20110323/overflow-applies-to-009.htm
239                 css2.1/20110323/overflow-applies-to-010.htm
240                 css2.1/20110323/overflow-applies-to-012.htm
241                 css2.1/20110323/overflow-applies-to-013.htm
242                 css2.1/20110323/overflow-applies-to-014.htm
243                 css2.1/20110323/overflow-applies-to-015.htm
244
245         * rendering/RenderBox.cpp:
246         (WebCore::RenderBox::updateBoxModelInfoFromStyle):
247
248 2012-08-04  Adam Barth  <abarth@webkit.org>
249
250         BindingSecurity::shouldAllowAccessToNode shouldn't detour through Frame to find the node's document
251         https://bugs.webkit.org/show_bug.cgi?id=93140
252
253         Reviewed by Eric Seidel.
254
255         Previously, shouldAllowAccessToNode took a detour through the Frame to
256         find the Document associated with a given Node. That's crazy! Nodes
257         already know their documents. This patch removes the detour.
258
259         It's theoretically possible that this patch changes behavior in the
260         case where the Frame is 0, but I couldn't find any situations in which
261         we call this function on nodes in inactive documents because the
262         typical way you find a node worth checking security on is via
263         a JavaScript window object.
264
265         * bindings/generic/BindingSecurity.cpp:
266         (WebCore::canAccessDocument):
267         (WebCore::BindingSecurity::shouldAllowAccessToNode):
268         (WebCore::BindingSecurity::allowSettingFrameSrcToJavascriptUrl):
269
270 2012-08-04  Adam Barth  <abarth@webkit.org>
271
272         [V8] Re-wire "target" half of the same-origin security check through Document rather than DOMWindow
273         https://bugs.webkit.org/show_bug.cgi?id=93079
274
275         Reviewed by Eric Seidel.
276
277         Before this patch, we were traversing from Nodes to Frames to
278         DOMWindows to SecurityOrigins when determing the "target" of an
279         operation for the same-origin policy security check. Rather than
280         detouring through DOMWindow, these security checks should operate in
281         terms of ScriptExecutionContexts (aka Documents) because that's the
282         canonical place we store SecurityOrigin objects.
283
284         A future patch will re-wire the "active" part of the security check to
285         use ScriptExecutionContexts as well and we'll be able to remove the
286         extra copy of SecurityOrigin that we keep in DOMWindow.
287
288         * bindings/generic/BindingSecurity.cpp:
289         (WebCore::canAccessDocument):
290         (WebCore::BindingSecurity::canAccessFrame):
291         (WebCore::BindingSecurity::shouldAllowAccessToNode):
292         * bindings/v8/BindingState.cpp:
293         (WebCore::immediatelyReportUnsafeAccessTo):
294         * bindings/v8/BindingState.h:
295         (WebCore):
296         * bindings/v8/V8DOMWindowShell.cpp:
297         (WebCore::reportUnsafeJavaScriptAccess):
298         * bindings/v8/V8Proxy.cpp:
299         (WebCore::V8Proxy::reportUnsafeAccessTo):
300         * bindings/v8/V8Proxy.h:
301         (V8Proxy):
302
303 2012-08-03  Adam Barth  <abarth@webkit.org>
304
305         Disabling eval changes the timing of DidCreateScriptContext
306         https://bugs.webkit.org/show_bug.cgi?id=92189
307
308         Reviewed by Eric Seidel.
309
310         When we implemented Content-Security-Policy, we added the ability to
311         disable eval in the JavaScript engine. However, when we process the
312         Content-Security-Policy header, we might not have initialized the
313         script context for the given frame.
314
315         Previously, we would initialize the context, but that generates a
316         DidCreateScriptContext callback to the embedder earlier in the Document's
317         lifetime that before. A natural thing to do in this callback is to run
318         script to customize the script context, but Document isn't fully
319         initialized yet, which leads to odd bugs and general confusion.
320
321         In this patch, we delay actually disabling eval until we would have
322         created the scripting context previously. From the perspective of the
323         web platform, this has the same behavior. The only difference is that
324         now the DidCreateScriptContext notification occurs at the same time
325         regardless of whether Content-Security-Policy disables eval.
326
327         I tried to write a test for this change, but it was unclear to me how
328         to write a good test. I tried writing a Chromium WebKit unit test to no
329         avail. The good news is that this patch will be covered by the
330         PlatformAppBrowserTest.Iframes test in Chromium once
331         https://bugs.webkit.org/show_bug.cgi?id=93079 lands. That's not the
332         best way to test this change, but it might be sufficient.
333
334         * bindings/js/ScriptController.cpp:
335         (WebCore::ScriptController::initScript):
336         (WebCore::ScriptController::disableEval):
337         * bindings/v8/ScriptController.cpp:
338         (WebCore::ScriptController::enableEval):
339         (WebCore::ScriptController::disableEval):
340         * bindings/v8/V8DOMWindowShell.cpp:
341         (WebCore::V8DOMWindowShell::initContextIfNeeded):
342
343 2012-08-03  James Robinson  <jamesr@chromium.org>
344
345         [chromium] Stop relying on implicit WebFoo <-> WebCore conversion operators in compositor
346         https://bugs.webkit.org/show_bug.cgi?id=93169
347
348         Reviewed by Adrienne Walker.
349
350         This removes the compositor's reliance on implicit conversion operators from Web* types to WebKit-internal
351         types, specifically WebRect <-> WebCore::IntRect and WebString <-> WTF::String.
352
353         * platform/graphics/chromium/CanvasLayerTextureUpdater.cpp:
354         (WebCore::CanvasLayerTextureUpdater::paintContents):
355         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.cpp:
356         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::updateTextureRect):
357         * platform/graphics/chromium/LayerRendererChromium.cpp:
358         (WebCore::LayerRendererChromium::getFramebufferPixels):
359         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
360         (WebCore::ScrollbarLayerChromium::setTexturePriorities):
361         (WebCore::ScrollbarLayerChromium::update):
362         * platform/graphics/chromium/cc/CCFontAtlas.cpp:
363         (WebCore::CCFontAtlas::drawOneLineOfTextInternal):
364         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
365         (WebCore::CCHeadsUpDisplayLayerImpl::drawFPSCounter):
366         (WebCore::CCHeadsUpDisplayLayerImpl::drawDebugRects):
367         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
368         (WebCore::toUVRect):
369         (WebCore::CCScrollbarLayerImpl::appendQuads):
370         (WebCore::CCScrollbarLayerImpl::CCScrollbar::size):
371
372 2012-08-03  Michael Nordman  <michaeln@google.com>
373
374         [Chromium] Cross-thread-copy a couple more recently added ResourceResponse data members, apparently
375         these got missed when they were added. And fix a bug with how the m_remoteIPAddress
376         data member is handled, an isolatedCopy() is needed for thread safety.
377         https://bugs.webkit.org/show_bug.cgi?id=93158
378
379         Reviewed by David Levin.
380
381         No new tests, minor cleanup.
382
383         * platform/network/chromium/ResourceResponse.cpp:
384         (WebCore::ResourceResponse::doPlatformCopyData): make deep copies
385         (WebCore::ResourceResponse::doPlatformAdopt): take ownership of them
386         * platform/network/chromium/ResourceResponse.h:
387         (ResourceResponse):
388         (CrossThreadResourceResponseData):
389
390 2012-08-03  Florin Malita  <fmalita@chromium.org>
391
392         [SVG] Tref target event listener cleanup
393         https://bugs.webkit.org/show_bug.cgi?id=93004
394
395         Reviewed by Abhishek Arya.
396
397         Currently SVGTRefElement allocates event listeners dynamically as it attaches to its
398         targets. Synchronizing the lifetime of the target listener vs. the tref element is
399         error prone, as various events can stack and trigger nested handlers.
400
401         In order to reduce complexity and address a couple of outstanding issues, this patch
402         changes the way event listeners are allocated: only one target listener is created
403         for the lifetime of the SVGTRefElement, and gets reused if the target element changes.
404
405         Test: svg/custom/tref-nested-events-crash.svg
406
407         * dom/EventListener.h:
408         Added new <tref> target event listener type.
409         * svg/SVGTRefElement.cpp:
410         (WebCore):
411         (WebCore::SVGTRefTargetEventListener::create):
412         (WebCore::SVGTRefTargetEventListener::cast):
413         (SVGTRefTargetEventListener):
414         (WebCore::SVGTRefTargetEventListener::isAttached):
415         (WebCore::SVGTRefTargetEventListener::SVGTRefTargetEventListener):
416         (WebCore::SVGTRefTargetEventListener::attach):
417         (WebCore::SVGTRefTargetEventListener::detach):
418         (WebCore::SVGTRefTargetEventListener::operator==):
419         (WebCore::SVGTRefTargetEventListener::handleEvent):
420         No need to check m_trefElement anymore - the listener is allocated for the whole element
421         lifetime, detached when the element is removed and deallocated when the element is
422         destroyed.
423         (WebCore::SVGTRefElement::SVGTRefElement):
424         Allocate one target listener per element, at construction time.
425         (WebCore::SVGTRefElement::~SVGTRefElement):
426         Detach the listener if necessary.
427         (WebCore::SVGTRefElement::detachTarget):
428         Check whether the element is still in document after updating the text (may have been
429         removed by event handlers).
430         (WebCore::SVGTRefElement::buildPendingResource):
431         Attach the event listener before updating the text content to avoid racing with event
432         handlers (which can remove the element).
433         (WebCore::SVGTRefElement::removedFrom):
434         * svg/SVGTRefElement.h:
435         (WebCore):
436         (SVGTRefElement):
437
438 2012-08-03  Michael Saboff  <msaboff@apple.com>
439
440         Convert HTML parser to handle 8-bit resources without converting to UChar*
441         https://bugs.webkit.org/show_bug.cgi?id=90321
442
443         Reviewed by Adam Barth.
444
445         No new tests, no new functionality therefore covered by existing tests.
446
447         Changed the parsing of HTML to handle 8-bit strings without converting the 
448         whole string to 16-bits.  Primary change was to use the appropriate 
449         character pointer type (LChar* or UChar*) depending on the source string.
450         This access is abstracted in SegmentedSubstring by getCurrentChar{8,16} and
451         incrementAndGetCurrentChar{8,16} methods.  In SegmentedString, the advance()
452         and advanceAndUpdateLineNumber() methods have been refactored into a
453         state machine managed pair of function pointers.  The possible functions
454         have not only the 8 and 16 bitness factored out, they also have the 
455         "exclude line numbers" logic factored out for advanceAndUpdateLineNumber().
456         This change also has improvements over http://trac.webkit.org/changeset/123679.
457         The most prominent change was to inline the 8 bit paths for both advance()
458         and advanceAndUpdateLineNumber().
459         This provides a net speed-up even with the 8/16 bit testing.
460         Other changes involve using String methods to access and compare with the
461         source data.
462
463         * html/FTPDirectoryDocument.cpp:
464         (WebCore::FTPDirectoryDocumentParser::append): Changed to use currentChar()
465         instead of SegmentedString '*' operator.
466         * html/parser/HTMLEntityParser.cpp: Changed to use currentChar() instead of
467         SegmentedString '*' operator.
468         * html/parser/HTMLParserIdioms.cpp:
469         (WebCore::stripLeadingAndTrailingHTMLSpaces): Added 8-bit fast path.
470         * html/parser/HTMLSourceTracker.cpp:
471         (WebCore::HTMLSourceTracker::sourceForToken): Changed to use currentChar() instead of
472         SegmentedString '*' operator.
473         * loader/cache/CachedScript.cpp:
474         (WebCore::CachedScript::script): Updated to use new String::dataSize() method.
475         * platform/text/SegmentedString.cpp:
476         (WebCore::SegmentedString::SegmentedString):
477         (WebCore::SegmentedString::operator=):
478         (WebCore::SegmentedString::clear):
479         (WebCore::SegmentedString::append):
480         (WebCore::SegmentedString::prepend):
481         (WebCore::SegmentedString::advanceSubstring):
482         (WebCore::SegmentedString::advance):
483         (WebCore::SegmentedString::advance8): Fast path advance function for 8 bit data.
484         (WebCore::SegmentedString::advance16): Fast path advance function for 16 bit data.
485         (WebCore::SegmentedString::advanceAndUpdateLineNumber8): Fast path
486         advanceAndUpdateLineNumber for 8 bit data when we need to update the line number.
487         (WebCore::SegmentedString::advanceAndUpdateLineNumber16): Fast path
488         advanceAndUpdateLineNumber for 16 bit data when we need to update the line number.
489         (WebCore::SegmentedString::advanceSlowCase): Slow case advance function for both
490         8 and 16 bit advance.
491         (WebCore::SegmentedString::advanceAndUpdateLineNumberSlowCase): Slow case
492         advanceAndUpdateLineNumber function for both 8 and 16 bit data.
493         (WebCore::SegmentedString::advanceEmpty): Advance function when input has been exhausted.
494         (WebCore::SegmentedString::updateSlowCaseFunctionPointers): Set advance function
495         pointers to slow case functions.
496         * platform/text/SegmentedString.h:
497         (WebCore::SegmentedSubstring::SegmentedSubstring):
498         (WebCore::SegmentedSubstring::clear):
499         (SegmentedSubstring):
500         (WebCore::SegmentedSubstring::is8Bit): New getter.
501         (WebCore::SegmentedSubstring::appendTo):
502         (WebCore::SegmentedSubstring::getCurrentChar8): New getter for the 8 bit case.
503         (WebCore::SegmentedSubstring::getCurrentChar16): New getter for the 16 bit case.
504         (WebCore::SegmentedSubstring::incrementAndGetCurrentChar8): New wrapper functions
505         that pre-increments the 8 bit pointer and returns the next character.
506         (WebCore::SegmentedSubstring::incrementAndGetCurrentChar16): New wrapper functions
507         that pre-increments the 16 bit pointer and returns the next character.
508         (WebCore::SegmentedSubstring::currentSubString):
509         (WebCore::SegmentedSubstring::getCurrentChar):
510         (WebCore::SegmentedSubstring::incrementAndGetCurrentChar):
511         (WebCore::SegmentedString::SegmentedString):
512         (WebCore::SegmentedString::push):
513         (WebCore::SegmentedString::isEmpty):
514         (WebCore::SegmentedString::lookAhead):
515         (WebCore::SegmentedString::lookAheadIgnoringCase):
516         (WebCore::SegmentedString::advance): Wrapper that contains 8 bit fast path
517         or calls via member function point to approriate advance() flavor.
518         (WebCore::SegmentedString::advanceAndUpdateLineNumber): Wrapper that
519         contains 8 bit fast path or calls via member function point to approriate
520         advance() flavor.
521         (WebCore::SegmentedString::advanceAndASSERT):
522         (WebCore::SegmentedString::advanceAndASSERTIgnoringCase):
523         (WebCore::SegmentedString::advancePastNonNewline):
524         (WebCore::SegmentedString::advancePastNewlineAndUpdateLineNumber):
525         (WebCore::SegmentedString::currentChar):
526         (WebCore::SegmentedString::decrementAndCheckLength): Decrement substring length and
527         change to slow case functions when only one character left.
528         (WebCore::SegmentedString::updateAdvanceFunctionPointers): Select appropriate
529         advance functions based on current substring.
530         (WebCore::SegmentedString::lookAheadInline): Changed to use String::startsWith().
531         (WebCore::SegmentedString::lookAheadSlowCase):
532         * xml/parser/CharacterReferenceParserInlineMethods.h:
533         (WebCore::consumeCharacterReference): Changed to use currentChar() instead of
534         SegmentedString '*' operator.
535         * xml/parser/MarkupTokenizerBase.h:
536         (WebCore::MarkupTokenizerBase::InputStreamPreprocessor::nextInputCharacter):
537         (WebCore::MarkupTokenizerBase::InputStreamPreprocessor::peek): Changed to use
538         currentChar() instead of SegmentedString '*' operator.
539         (WebCore::MarkupTokenizerBase::InputStreamPreprocessor::advance):
540
541 2012-08-03  Arnaud Renevier  <a.renevier@sisa.samsung.com>
542
543         Update TypedArrays to throw RangeError or similar instead of INDEX_SIZE_ERR
544         https://bugs.webkit.org/show_bug.cgi?id=45118
545
546         Reviewed by Kenneth Russell.
547
548         Update TypedArrays to raise JavaScript RangeError instead of dom
549         INDEX_SIZE_ERR exceptions. Also, update TypedArrays to raise TypeError
550         instead of JavaScript SyntaxError or dom exceptions SYNTAX_ERR when
551         calling set method with invalid arguments.
552
553         Specification does not define the type of exceptions to raise, but
554         other browsers raise JavaScript errors, so those changes will improve
555         compatibility.
556
557         New Test: fast/canvas/webgl/array-set-invalid-arguments.html
558
559         Updated Tests expectations:
560             fast/canvas/webgl/array-set-out-of-bounds.html
561             fast/canvas/webgl/data-view-crash.html
562             fast/canvas/webgl/data-view-test.html
563
564         * bindings/js/JSArrayBufferViewHelper.h:
565         (WebCore):
566         (WebCore::setWebGLArrayWithTypedArrayArgument):
567         (WebCore::setWebGLArrayHelper):
568         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
569         (WebCore::constructArrayBufferViewWithArrayBufferArgument):
570         (WebCore::constructArrayBufferView):
571         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
572         (WebCore):
573         (WebCore::constructWebGLArrayWithArrayBufferArgument):
574         (WebCore::setWebGLArrayHelper):
575
576 2012-08-03  Dave Tu  <dtu@chromium.org>
577
578         [chromium] Fix Renderer4.CompositorThreadImplDrawDelay histogram.
579         https://bugs.webkit.org/show_bug.cgi?id=93159
580
581         Reviewed by Adrienne Walker.
582
583         The histogram is using the frame number instead of the frame time by mistake.
584
585         * platform/graphics/chromium/cc/CCFrameRateCounter.cpp:
586         (WebCore::CCFrameRateCounter::markBeginningOfFrame):
587
588 2012-08-03  David Grogan  <dgrogan@chromium.org>
589
590         IndexedDB: Core upgradeneeded logic
591         https://bugs.webkit.org/show_bug.cgi?id=92558
592
593         Reviewed by Ojan Vafai.
594
595         This is the backend webkit logic needed for integer versions. The rest
596         is in https://bugs.webkit.org/show_bug.cgi?id=89505.
597
598         I tried to make use of the existing processPendingCalls and added two
599         more queues, pendingOpenWithVersionCalls and
600         pendingSecondHalfOpenWithVersionCalls. The "second half" refers to
601         how there are two events that need to be fired in response to an
602         open-with-version call. The "second half" queue holds the open
603         requests that should immediately follow the caller's upgradeneeded
604         handler.
605
606         No new tests, there are so many they are in their own patch:
607         https://bugs.webkit.org/show_bug.cgi?id=92560
608
609         Though this patch doesn't change any expected behavior anyway, lack of
610         regressions is what we're hoping for here.
611
612         * Modules/indexeddb/IDBBackingStore.h:
613         (IDBBackingStore):
614         * Modules/indexeddb/IDBCallbacks.h:
615         (WebCore::IDBCallbacks::onBlocked):
616         (WebCore::IDBCallbacks::onUpgradeNeeded):
617         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
618         (IDBDatabaseBackendImpl::PendingOpenCall):
619         (IDBDatabaseBackendImpl::PendingOpenWithVersionCall):
620         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::create):
621         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::callbacks):
622         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::version):
623         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::PendingOpenWithVersionCall):
624         (WebCore):
625         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
626         (WebCore::IDBDatabaseBackendImpl::openInternal):
627         (WebCore::IDBDatabaseBackendImpl::metadata):
628         (WebCore::IDBDatabaseBackendImpl::setVersion):
629         (WebCore::IDBDatabaseBackendImpl::setIntVersionInternal):
630         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
631         (WebCore::IDBDatabaseBackendImpl::transactionFinishedAndEventsFired):
632         When an upgradeneeded event is fired in response to an
633         open-with-version call, the version change transaction must receive its
634         complete event before processPendingCalls fires a success event at
635         IDBOpenDBRequest. In the future this should probably be changed
636         instead to transactionFinishedAndAbortFired and
637         transactionFinishedAndCompleteFired so that we'll know to fire a
638         success or error event at IDBOpenDBRequest. Currently, instead of
639         firing error when there's an abort, we don't fire anything.
640
641         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
642         Now that this is called after a connection is opened, we unfortunately
643         lose the invariant that there is only one existing connection when this
644         is called, but nothing inside this function actually relied on that.
645         Additionally, the secondHalfOpen calls only ever need to be serviced
646         in one place: right after a version change transaction completes, so
647         it could be moved out of here.
648
649         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
650         Now that setVersion and deleteDatabase calls are queued up behind
651         secondHalfOpen calls, we have to service those queues when
652         secondHalfOpen calls complete, which is here.  So call
653         processPendingCalls().
654
655         (WebCore::IDBDatabaseBackendImpl::runIntVersionChangeTransaction):
656         (WebCore::IDBDatabaseBackendImpl::openConnectionWithVersion):
657         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
658         (WebCore::IDBDatabaseBackendImpl::close):
659         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
660         (IDBDatabaseBackendImpl):
661         * Modules/indexeddb/IDBDatabaseCallbacks.h:
662         (WebCore::IDBDatabaseCallbacks::onVersionChange):
663         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
664         (WebCore::IDBFactoryBackendImpl::open):
665         This is refactored some so that the call to openConection{WithVersion}
666         happens once, at the end.
667
668         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
669         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
670         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
671         (WebCore::IDBLevelDBBackingStore::updateIDBDatabaseIntVersion):
672         (WebCore):
673         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
674         * Modules/indexeddb/IDBLevelDBBackingStore.h:
675         (IDBLevelDBBackingStore):
676         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
677         (WebCore::IDBTransactionBackendImpl::commit):
678         See above comments about transactionFinishedAndEventsFired. I tried
679         moving the call to transactionFinished after the events were fired but
680         that failed some asserts. But changing those asserts is still an
681         alternative to splitting up transactionFinished as is done here.
682
683 2012-08-03  Rick Byers  <rbyers@chromium.org>
684
685         Double tap gesture should send dblclick event
686         https://bugs.webkit.org/show_bug.cgi?id=92412
687
688         Reviewed by Adam Barth.
689
690         Propagate the tap count from PlatformGestureEvent in the derived mouse
691         events.
692
693         Also fixes a crash with unexpected GestureDoubleTap events by just
694         supressing them early.  They will probably be removed soon anyway.
695
696         Test: fast/events/touch/gesture/gesture-dblclick.html
697
698         * page/EventHandler.cpp:
699         (WebCore::EventHandler::handleGestureEvent):
700         (WebCore::EventHandler::handleGestureTap):
701
702 2012-08-03  Sheriff Bot  <webkit.review.bot@gmail.com>
703
704         Unreviewed, rolling out r124668.
705         http://trac.webkit.org/changeset/124668
706         https://bugs.webkit.org/show_bug.cgi?id=93167
707
708         Broke Mac build (Requested by kbr_google on #webkit).
709
710         * bindings/js/JSArrayBufferViewHelper.h:
711         (WebCore::setWebGLArrayWithTypedArrayArgument):
712         (WebCore::setWebGLArrayHelper):
713         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
714         (WebCore::constructArrayBufferViewWithArrayBufferArgument):
715         (WebCore::constructArrayBufferView):
716         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
717         (WebCore::constructWebGLArrayWithArrayBufferArgument):
718         (WebCore):
719         (WebCore::constructWebGLArray):
720         (WebCore::setWebGLArrayHelper):
721
722 2012-08-03  Julien Chaffraix  <jchaffraix@webkit.org>
723
724         Implement computePreferredLogicalWidths on RenderGrid
725         https://bugs.webkit.org/show_bug.cgi?id=92908
726
727         Reviewed by Ojan Vafai.
728
729         This functions implements a primitive computePreferredLogicalWidths
730         so that we properly handle vertical writing modes.
731
732         Covered by fast/css-grid-layout/place-cell-by-index.html.
733
734         * rendering/RenderGrid.cpp:
735         (WebCore::RenderGrid::computePreferredLogicalWidths):
736         * rendering/RenderGrid.h:
737         Added computePreferredLogicalWidths.
738
739 2012-08-03  Arnaud Renevier  <a.renevier@sisa.samsung.com>
740
741         Update TypedArrays to throw RangeError or similar instead of INDEX_SIZE_ERR
742         https://bugs.webkit.org/show_bug.cgi?id=45118
743
744         Reviewed by Kenneth Russell.
745
746         Update TypedArrays to raise JavaScript RangeError instead of dom
747         INDEX_SIZE_ERR exceptions. Also, update TypedArrays to raise TypeError
748         instead of JavaScript SyntaxError or dom exceptions SYNTAX_ERR when
749         calling set method with invalid arguments.
750
751         Specification does not define the type of exceptions to raise, but
752         other browsers raise JavaScript errors, so those changes will improve
753         compatibility.
754
755         New Test: fast/canvas/webgl/array-set-invalid-arguments.html
756
757         Updated Tests expectations:
758             fast/canvas/webgl/array-set-out-of-bounds.html
759             fast/canvas/webgl/data-view-crash.html
760             fast/canvas/webgl/data-view-test.html
761
762         * bindings/js/JSArrayBufferViewHelper.h:
763         (WebCore):
764         (WebCore::setWebGLArrayWithTypedArrayArgument):
765         (WebCore::setWebGLArrayHelper):
766         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
767         (WebCore::constructArrayBufferViewWithArrayBufferArgument):
768         (WebCore::constructArrayBufferView):
769         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
770         (WebCore):
771         (WebCore::constructWebGLArrayWithArrayBufferArgument):
772         (WebCore::setWebGLArrayHelper):
773
774 2012-08-03  Levi Weintraub  <leviw@chromium.org>
775
776         Switch mapLocalToContainer to use a flag instead of boolean parameters
777         https://bugs.webkit.org/show_bug.cgi?id=92927
778
779         Reviewed by Dirk Schulze.
780
781         Changing mapLocalToContainer to use a uint flag to set the mode of operation. This removes
782         simplifies the contract, removes boolean arguments and paves the way for an additional mode
783         for sub-pixel layout support. See https://bugs.webkit.org/show_bug.cgi?id=89238 for the
784         sub-pixel use case. Other than the new MapLocalToContainerMode enum and MapLocalToContainerFlags
785         typedef, this change is purely mechanical.
786
787         No new tests as this doesn't change current behavior.
788
789         * rendering/RenderBlock.cpp:
790         (WebCore::RenderBlock::selectionGapRectsForRepaint):
791         * rendering/RenderBox.cpp:
792         (WebCore::RenderBox::mapLocalToContainer):
793         * rendering/RenderBox.h:
794         (RenderBox):
795         * rendering/RenderGeometryMap.cpp:
796         (WebCore::RenderGeometryMap::mapToAbsolute):
797         * rendering/RenderInline.cpp:
798         (WebCore::RenderInline::mapLocalToContainer):
799         * rendering/RenderInline.h:
800         (RenderInline):
801         * rendering/RenderObject.cpp:
802         (WebCore::RenderObject::localToAbsolute):
803         (WebCore::RenderObject::mapLocalToContainer):
804         (WebCore::RenderObject::localToContainerQuad):
805         (WebCore::RenderObject::localToContainerPoint):
806         * rendering/RenderObject.h:
807         (RenderObject): Adding the MapLocalToContainerMode enum and MapLocalToContainerFlags unsigned
808         int, and removing the old ApplyContainerFlipOrNot enum.
809         * rendering/RenderView.cpp:
810         (WebCore::RenderView::mapLocalToContainer):
811         * rendering/RenderView.h:
812         (RenderView):
813         * rendering/svg/RenderSVGForeignObject.cpp:
814         (WebCore::RenderSVGForeignObject::mapLocalToContainer):
815         * rendering/svg/RenderSVGForeignObject.h:
816         (RenderSVGForeignObject):
817         * rendering/svg/RenderSVGInline.cpp:
818         (WebCore::RenderSVGInline::mapLocalToContainer):
819         * rendering/svg/RenderSVGInline.h:
820         (RenderSVGInline):
821         * rendering/svg/RenderSVGModelObject.cpp:
822         (WebCore::RenderSVGModelObject::mapLocalToContainer):
823         * rendering/svg/RenderSVGModelObject.h:
824         (RenderSVGModelObject):
825         * rendering/svg/RenderSVGRoot.cpp:
826         (WebCore::RenderSVGRoot::mapLocalToContainer):
827         * rendering/svg/RenderSVGRoot.h:
828         (RenderSVGRoot):
829         * rendering/svg/RenderSVGText.cpp:
830         (WebCore::RenderSVGText::mapLocalToContainer):
831         * rendering/svg/RenderSVGText.h:
832         (RenderSVGText):
833         * rendering/svg/SVGRenderSupport.cpp:
834         (WebCore::SVGRenderSupport::mapLocalToContainer):
835
836 2012-08-03  Emil A Eklund  <eae@chromium.org>
837
838         Remove dependency on LayoutTypes.h from transformation code
839         https://bugs.webkit.org/show_bug.cgi?id=93037
840
841         Reviewed by Levi Weintraub.
842
843         TransformationMatrix and HitTestingTransformState includes LayoutTypes.h
844         which is in rendering. This is a layering violation.
845         Remove this dependency as it is no longer needed.
846
847         No new tests, no change in functionality.
848
849         * rendering/LayoutTypes.h:
850         Remove clampToLayoutUnit
851         
852         * platform/FractionalLayoutUnit.h:
853         (WebCore::FractionalLayoutUnit::clamp):
854         Add FractionalLayoutUnit::clamp method that clamps a double to a FractionalLayoutUnit.
855         * platform/graphics/transforms/TransformationMatrix.cpp:
856         (WebCore::clampEdgeValue):
857         (WebCore::TransformationMatrix::clampedBoundsOfProjectedQuad):
858         Use clamp/max/min from FractionalLayoutUnit instead of going through LayoutUnit abstraction.
859         * platform/graphics/transforms/TransformationMatrix.h:
860         * rendering/HitTestingTransformState.cpp:
861         * rendering/HitTestingTransformState.h:
862         Replace use of LayoutRect with FractionalLayoutRect as LayoutRect maps to FractionalLayoutRect on all platforms.
863
864 2012-08-03  Dan Bernstein  <mitz@apple.com>
865
866         <rdar://problem/12005188> REGRESSION (Safari 5.1 - 6): Cannot correctly display Traditional Mongolian Script
867         https://bugs.webkit.org/show_bug.cgi?id=92864
868
869         Reviewed by Sam Weinig.
870
871         Test: platform/mac/fast/text/combining-character-sequence-vertical.html
872
873         * platform/graphics/SimpleFontData.cpp:
874         (WebCore::SimpleFontData::glyphForCharacter): Added this helper function.
875         * platform/graphics/SimpleFontData.h:
876         (SimpleFontData): Declared glyphDataForCharacter.
877         * platform/graphics/mac/FontComplexTextMac.cpp:
878         (WebCore::Font::fontDataForCombiningCharacterSequence): Added logic to use the appropriate
879         variant of each font in the fallback list, which mimcs the equivalent logic in
880         glyphDataAndPageForCharacter().
881
882 2012-08-03  Kenneth Russell  <kbr@google.com>
883
884         [Chromium] Web Inspector: Win Dbg tests timing out (r123556 or r123560?)
885         https://bugs.webkit.org/show_bug.cgi?id=92570
886
887         Reviewed by Pavel Feldman.
888
889         Try restricting the use of the GC hint for canvas contexts to only
890         WebGL contexts, where it is most needed, to see whether this
891         clears up the timeouts.
892
893         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
894         (WebCore::V8HTMLCanvasElement::getContextCallback):
895
896 2012-08-02  Jeffrey Pfau  <jpfau@apple.com>
897
898         Add API for enabling blanket third-party data blocking
899         https://bugs.webkit.org/show_bug.cgi?id=93022
900
901         Reviewed by Anders Carlsson.
902
903         Added API for enabling third-party storage blocking.
904
905         * page/Settings.cpp:
906         (WebCore::Settings::Settings):
907         * page/Settings.h:
908         (WebCore::Settings::setThirdPartyStorageBlockingEnabled):
909         (WebCore::Settings::thirdPartyStorageBlockingEnabled):
910         (Settings):
911
912 2012-08-03  Anna Cavender  <annacc@chromium.org>
913
914         Negative timestamps for TextTrackCues should not be allowed.
915         https://bugs.webkit.org/show_bug.cgi?id=92939
916
917         Reviewed by Eric Carlson.
918
919         Make sure cues added in JavaScript are not allowed negative timestamps.
920         Attempting to add a cue with a negative timestamp is not successful
921         and setting a timestamp to a negative value has no effect.
922
923         Test: media/track/track-cue-negative-timestamp.html
924
925         * html/track/TextTrack.cpp:
926         (WebCore::TextTrack::addCue): If the cue's startTime or endTime is 
927             negative, do not add the cue.
928         * html/track/TextTrackCue.cpp:
929         (WebCore::TextTrackCue::setStartTime): Ignore negative values.
930         (WebCore::TextTrackCue::setEndTime): Ignore negative values.
931         * html/track/TextTrackCueList.cpp:
932         (WebCore::TextTrackCueList::add): Add ASSERTs to check startTime and
933             endTime are positive.
934
935 2012-08-03  Sheriff Bot  <webkit.review.bot@gmail.com>
936
937         Unreviewed, rolling out r124594.
938         http://trac.webkit.org/changeset/124594
939         https://bugs.webkit.org/show_bug.cgi?id=93152
940
941         Broke PlatformAppBrowserTest.Iframes browser_test on Chromium
942         bots (Requested by dimich on #webkit).
943
944         * bindings/generic/BindingSecurity.cpp:
945         (WebCore::canAccess):
946         (WebCore::BindingSecurity::canAccessFrame):
947         (WebCore::BindingSecurity::shouldAllowAccessToNode):
948         * bindings/v8/BindingState.cpp:
949         (WebCore::immediatelyReportUnsafeAccessTo):
950         * bindings/v8/BindingState.h:
951         (WebCore):
952         * bindings/v8/V8DOMWindowShell.cpp:
953         (WebCore::reportUnsafeJavaScriptAccess):
954         * bindings/v8/V8Proxy.cpp:
955         (WebCore::V8Proxy::reportUnsafeAccessTo):
956         * bindings/v8/V8Proxy.h:
957         (V8Proxy):
958
959 2012-08-03  Terry Anderson  <tdanderson@chromium.org>
960
961         Apply target fuzzing when sending a context menu event
962         https://bugs.webkit.org/show_bug.cgi?id=92914
963
964         Reviewed by Antonio Gomes.
965
966         If TOUCH_ADJUSTMENT is enabled, use bestClickableNodeForTouchPoint to possibly
967         adjust the location of a context menu event. This change uses the same set of
968         candidates for touch adjustment as is used for a GestureTap event (which
969         admittedly is a simplifying assumption).
970
971         Test: touchadjustment/touch-links-longpress.html
972
973         * page/EventHandler.cpp:
974         (WebCore::EventHandler::handleGestureTap):
975         Some code moved to the new function adjustGesturePosition.
976         (WebCore):
977         (WebCore::EventHandler::adjustGesturePosition):
978         Added this function to avoid repeated code in handleGestureTap and
979         sendContextMenuEventForGesture.
980         (WebCore::EventHandler::sendContextMenuEventForGesture):
981         Try to adjust the location of |mouseEvent| to correspond to the most
982         probable gesture target. If no such target exists, the location of
983         |mouseEvent| is unchanged.
984         * page/EventHandler.h:
985         (EventHandler):
986
987 2012-08-03  Sheriff Bot  <webkit.review.bot@gmail.com>
988
989         Unreviewed, rolling out r124475 and r124496.
990         http://trac.webkit.org/changeset/124475
991         http://trac.webkit.org/changeset/124496
992         https://bugs.webkit.org/show_bug.cgi?id=93151
993
994         Causing assertion failures in table-section-node-at-point-
995         crash.html (Requested by inferno-sec on #webkit).
996
997         * rendering/RenderTableSection.cpp:
998         (WebCore::RenderTableSection::paint):
999
1000 2012-08-03  Jan Keromnes  <janx@linux.com>
1001
1002         Web Inspector: Create and interface for TextEditor
1003         https://bugs.webkit.org/show_bug.cgi?id=93126
1004
1005         Reviewed by Pavel Feldman.
1006
1007         For more extensibility, TextEditor needs to be an interface that other
1008         classes can implement, e.g. the new class DefaultTextEditor.
1009
1010         * WebCore.gypi:
1011         * WebCore.vcproj/WebCore.vcproj:
1012         * inspector/compile-front-end.py:
1013         * inspector/front-end/SourceFrame.js:
1014         (WebInspector.SourceFrame):
1015         * inspector/front-end/TextEditor.js:
1016         (WebInspector.TextEditor):
1017         (WebInspector.TextEditor.prototype.set mimeType):
1018         (WebInspector.TextEditor.prototype.setReadOnly):
1019         (WebInspector.TextEditor.prototype.readOnly):
1020         (WebInspector.TextEditor.prototype.defaultFocusedElement):
1021         (WebInspector.TextEditor.prototype.revealLine):
1022         (WebInspector.TextEditor.prototype.addDecoration):
1023         (WebInspector.TextEditor.prototype.removeDecoration):
1024         (WebInspector.TextEditor.prototype.markAndRevealRange):
1025         (WebInspector.TextEditor.prototype.highlightLine):
1026         (WebInspector.TextEditor.prototype.clearLineHighlight):
1027         (WebInspector.TextEditor.prototype.freeCachedElements):
1028         (WebInspector.TextEditor.prototype.elementsToRestoreScrollPositionsFor):
1029         (WebInspector.TextEditor.prototype.inheritScrollPositions):
1030         (WebInspector.TextEditor.prototype.beginUpdates):
1031         (WebInspector.TextEditor.prototype.endUpdates):
1032         (WebInspector.TextEditor.prototype.onResize):
1033         (WebInspector.TextEditor.prototype._textChanged):
1034         (WebInspector.TextEditor.prototype.editRange):
1035         (WebInspector.TextEditor.prototype.scrollToLine):
1036         (WebInspector.TextEditor.prototype.selection):
1037         (WebInspector.TextEditor.prototype.lastSelection):
1038         (WebInspector.TextEditor.prototype.setSelection):
1039         (WebInspector.TextEditor.prototype.setText):
1040         (WebInspector.TextEditor.prototype.text):
1041         (WebInspector.TextEditor.prototype.range):
1042         (WebInspector.TextEditor.prototype.line):
1043         (WebInspector.TextEditor.prototype.get linesCount):
1044         (WebInspector.TextEditor.prototype.setAttribute):
1045         (WebInspector.TextEditor.prototype.getAttribute):
1046         (WebInspector.TextEditor.prototype.removeAttribute):
1047         (WebInspector.TextEditor.prototype.wasShown):
1048         (WebInspector.TextEditor.prototype._handleFocused):
1049         (WebInspector.TextEditor.prototype.willHide):
1050         * inspector/front-end/WebKit.qrc:
1051         * inspector/front-end/inspector.html:
1052
1053 2012-08-03  Mike West  <mkwst@chromium.org>
1054
1055         Blocking a plugin via CSP should result in one (and only one) console message.
1056         https://bugs.webkit.org/show_bug.cgi?id=92649
1057
1058         Reviewed by Adam Barth.
1059
1060         Currently, blocking a plugin via Content Security Policy results in some
1061         leakage of console log messages between tests. I'm unclear as to the
1062         root cause, but the symptoms exhibited include
1063         `SubframeLoader::requestPlugin` being called multiple times for a single
1064         element, which in turn causes multiple console logs to be sent. These
1065         messages tend to appear in the subsequent test, making the
1066         `http/test/security/contentSecurityPolicy/object-src-*` set of tests
1067         flakey indeed.
1068
1069         This patch addresses the issue by marking elements' plugins as
1070         unavailable when they're blocked by CSP. No new tests have been added:
1071         this patch should simply make the current tests actually pass.
1072
1073         * loader/SubframeLoader.cpp:
1074         (WebCore::SubframeLoader::requestPlugin):
1075             We check the CSP status in `SubframeLoader::loadPlugin`, which is
1076             called at the end of this function. Checking CSP status in both
1077             locations is redundant.
1078         (WebCore::SubframeLoader::loadPlugin):
1079             If the plugin is blocked by CSP, tell the element's embedded object
1080             renderer that the plugin is unavailable.
1081         * platform/LocalizedStrings.cpp:
1082         (WebCore::blockedPluginByContentSecurityPolicyText):
1083         (WebCore):
1084         * platform/LocalizedStrings.h:
1085         (WebCore):
1086         * platform/blackberry/LocalizedStringsBlackBerry.cpp:
1087         (WebCore::blockedPluginByContentSecurityPolicyText):
1088         (WebCore):
1089         * platform/efl/LocalizedStringsEfl.cpp:
1090         (WebCore::blockedPluginByContentSecurityPolicyText):
1091         (WebCore):
1092         * platform/gtk/LocalizedStringsGtk.cpp:
1093         (WebCore::blockedPluginByContentSecurityPolicyText):
1094         (WebCore):
1095         * platform/qt/LocalizedStringsQt.cpp:
1096         (WebCore::blockedPluginByContentSecurityPolicyText):
1097         (WebCore):
1098         * rendering/RenderEmbeddedObject.cpp:
1099         (WebCore::unavailablePluginReplacementText):
1100         * rendering/RenderEmbeddedObject.h:
1101             Return appropriate text when the plugin is blocked by CSP.
1102
1103 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1104
1105         [V8] Add an IsExecutionTerminating() check to setDOMException()
1106         https://bugs.webkit.org/show_bug.cgi?id=93101
1107
1108         Reviewed by Adam Barth.
1109
1110         In preparation for moving exception related code from V8Proxy to V8Binding,
1111         I am going to remove throwError(ExceptionCode, v8::Isolate*) from V8Proxy.
1112         throwError(ExceptionCode, v8::Isolate*) will be replaced with
1113         setDOMException(ExceptionCode, v8::Isolate*). By this refactoring,
1114         the way to throw JavaScript errors and DOM exceptions becomes simple:
1115         "Throw JavaScript errors by throwError(). Throw DOM exceptions by setDOMException()".
1116         (Currently some DOM exceptions are being thrown by throwError().)
1117
1118         To keep the current behavior of throwError(ExceptionCode, v8::Isolate*),
1119         before the replacement, we need to insert the IsExecutionTerminating()
1120         check to setDOMException(). This will add an extra check to the current
1121         setDOMException(), but I don't think it's a problem.
1122
1123         No tests. No change in behavior.
1124
1125         * bindings/v8/V8Proxy.cpp:
1126         (WebCore::V8Proxy::setDOMException):
1127
1128 2012-08-03  Sadrul Habib Chowdhury  <sadrul@chromium.org>
1129
1130         Avoid dispatching gesture events of unknown types
1131         https://bugs.webkit.org/show_bug.cgi?id=93060
1132
1133         Reviewed by Adam Barth.
1134
1135         WebCore gesture events do not always correspond 1-to-1 to the Platform gesture events. So
1136         avoid dispatching the unknown gesture events to nodes.
1137
1138         * dom/GestureEvent.cpp:
1139         (WebCore::GestureEvent::create):
1140         * dom/Node.cpp:
1141         (WebCore::Node::dispatchGestureEvent):
1142
1143 2012-08-03  Stephen Chenney  <schenney@chromium.org>
1144
1145         Crash when a clip path referencing a clip path changes documents
1146         https://bugs.webkit.org/show_bug.cgi?id=93023
1147
1148         Reviewed by Dirk Schulze.
1149
1150         The SVGClipPathElement is set to not need pending resource handling,
1151         when in fact it can have pending resources. The result is a crash when
1152         the element is moved to a new document (which deletes all resources
1153         and leaves them pending) and then immediately deleted (which asserts
1154         that there are no pending resources). There is code to remove pending
1155         resources upon deletion and removal from the DOM, but it was not
1156         executing for clips because of the aforementioned code claiming that
1157         clips don't require such handling.
1158
1159         The assertion that there be no pending resources is necessary to
1160         prevent caches of pending resources from trying to access the deleted
1161         element.
1162
1163         This change removes the check for needsPendingResourceHandling in
1164         SVGStyledElement upon deletion and removal from the DOM. Pending resources
1165         will always be checked in such cases to ensure we do not introduce
1166         security issues.
1167
1168         Test: svg/custom/clip-path-document-change-assert.html
1169
1170         * svg/SVGStyledElement.cpp:
1171         (WebCore::SVGStyledElement::~SVGStyledElement): Removed needsPendingResourceHandling in the conditional to clean up resources.
1172         (WebCore::SVGStyledElement::removedFrom): Removed needsPendingResourceHandling in the conditional to clean up resources.
1173
1174 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1175
1176         [V8] Remove unused methods in V8Proxy
1177         https://bugs.webkit.org/show_bug.cgi?id=93106
1178
1179         Reviewed by Adam Barth.
1180
1181         In preparation for removing V8Proxy, we can remove unused methods in V8Proxy.
1182
1183         No tests. No change in behavior.
1184
1185         * bindings/v8/V8Proxy.h:
1186         (V8Proxy):
1187
1188 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1189
1190         [V8] Implement v8Undefined()
1191         https://bugs.webkit.org/show_bug.cgi?id=93093
1192
1193         Reviewed by Adam Barth.
1194
1195         There are a couple of equivalent ways to create an undefined value,
1196         e.g. v8::Undefined(), v8::Undefined(isolate), v8::Handle<v8::Value>(), etc.
1197         We should implement v8Undefined() and use it everywhere.
1198
1199         In this bug, we implement v8Undefined() and use it in CodeGeneratorV8.pm.
1200         We can implement v8Undefined() like this:
1201
1202             v8::Handle<v8::Value> v8Undefined() { v8::Handle<v8::Value>(); }
1203
1204         This is based on the following performance results:
1205
1206         // 14.5 ns
1207         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1208             return v8::Undefined();
1209         }
1210
1211         // 8.24 ns (This cannot be used where isolate can be 0.)
1212         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1213             return v8::Undefined(info.GetIsolate());
1214         }
1215
1216         // 8.54 ns
1217         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1218             v8::Isolate* isolate = info.GetIsolate();
1219             return isolate ? v8::Handle<v8::Value>(v8::Undefined(isolate)) : v8::Handle<v8::Value>();
1220         }
1221
1222         // 8.52 ns
1223         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1224             return v8::Handle<v8::Value>();
1225         }
1226
1227         No tests. No change in behavior.
1228
1229         * bindings/scripts/CodeGeneratorV8.pm:
1230         (GenerateConstructorGetter):
1231         (GenerateNormalAttrGetter):
1232         (GenerateNewFunctionTemplate):
1233         (GenerateEventListenerCallback):
1234         (GenerateFunctionCallback):
1235         (GenerateCallWith):
1236         (GenerateParametersCheck):
1237         (GenerateEventConstructorCallback):
1238         (GenerateNonStandardFunction):
1239         (GenerateImplementation):
1240         (NativeToJSValue):
1241         * bindings/scripts/test/V8/V8Float64Array.cpp:
1242         (WebCore::ConfigureV8Float64ArrayTemplate):
1243         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
1244         (WebCore::TestActiveDOMObjectV8Internal::excitingFunctionCallback):
1245         (WebCore::TestActiveDOMObjectV8Internal::postMessageCallback):
1246         (WebCore::TestActiveDOMObjectV8Internal::postMessageAttrGetter):
1247         (WebCore::ConfigureV8TestActiveDOMObjectTemplate):
1248         (WebCore::V8TestActiveDOMObject::wrapSlow):
1249         * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
1250         (WebCore::TestCustomNamedGetterV8Internal::anotherFunctionCallback):
1251         * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
1252         (WebCore::V8TestEventConstructor::constructorCallback):
1253         * bindings/scripts/test/V8/V8TestEventTarget.cpp:
1254         (WebCore::TestEventTargetV8Internal::addEventListenerCallback):
1255         (WebCore::TestEventTargetV8Internal::removeEventListenerCallback):
1256         (WebCore::ConfigureV8TestEventTargetTemplate):
1257         * bindings/scripts/test/V8/V8TestInterface.cpp:
1258         (WebCore::TestInterfaceV8Internal::supplementalMethod1Callback):
1259         (WebCore::TestInterfaceV8Internal::supplementalMethod2Callback):
1260         (WebCore::TestInterfaceV8Internal::supplementalMethod4Callback):
1261         (WebCore::ConfigureV8TestInterfaceTemplate):
1262         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
1263         (WebCore::TestMediaQueryListListenerV8Internal::methodCallback):
1264         * bindings/scripts/test/V8/V8TestObj.cpp:
1265         (WebCore::TestObjV8Internal::readOnlyTestObjAttrAttrGetter):
1266         (WebCore::TestObjV8Internal::withScriptStateAttributeAttrGetter):
1267         (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeAttrGetter):
1268         (WebCore::TestObjV8Internal::withScriptStateAttributeRaisesAttrGetter):
1269         (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeRaisesAttrGetter):
1270         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeAttrGetter):
1271         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeRaisesAttrGetter):
1272         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateWithSpacesAttributeAttrGetter):
1273         (WebCore::TestObjV8Internal::withScriptArgumentsAndCallStackAttributeAttrGetter):
1274         (WebCore::TestObjV8Internal::withScriptArgumentsAndCallStackAttributeAttrSetter):
1275         (WebCore::TestObjV8Internal::cachedAttribute1AttrGetter):
1276         (WebCore::TestObjV8Internal::cachedAttribute2AttrGetter):
1277         (WebCore::TestObjV8Internal::TestObjConstructorGetter):
1278         (WebCore::TestObjV8Internal::voidMethodCallback):
1279         (WebCore::TestObjV8Internal::voidMethodWithArgsCallback):
1280         (WebCore::TestObjV8Internal::methodWithSequenceArgCallback):
1281         (WebCore::TestObjV8Internal::serializedValueCallback):
1282         (WebCore::TestObjV8Internal::idbKeyCallback):
1283         (WebCore::TestObjV8Internal::optionsObjectCallback):
1284         (WebCore::TestObjV8Internal::methodWithExceptionCallback):
1285         (WebCore::TestObjV8Internal::addEventListenerCallback):
1286         (WebCore::TestObjV8Internal::removeEventListenerCallback):
1287         (WebCore::TestObjV8Internal::withScriptStateVoidCallback):
1288         (WebCore::TestObjV8Internal::withScriptStateVoidExceptionCallback):
1289         (WebCore::TestObjV8Internal::withScriptExecutionContextCallback):
1290         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateCallback):
1291         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateObjExceptionCallback):
1292         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateWithSpacesCallback):
1293         (WebCore::TestObjV8Internal::withScriptArgumentsAndCallStackCallback):
1294         (WebCore::TestObjV8Internal::methodWithOptionalArgCallback):
1295         (WebCore::TestObjV8Internal::methodWithNonOptionalArgAndOptionalArgCallback):
1296         (WebCore::TestObjV8Internal::methodWithNonOptionalArgAndTwoOptionalArgsCallback):
1297         (WebCore::TestObjV8Internal::methodWithOptionalStringCallback):
1298         (WebCore::TestObjV8Internal::methodWithOptionalStringIsUndefinedCallback):
1299         (WebCore::TestObjV8Internal::methodWithOptionalStringIsNullStringCallback):
1300         (WebCore::TestObjV8Internal::methodWithCallbackArgCallback):
1301         (WebCore::TestObjV8Internal::methodWithNonCallbackArgAndCallbackArgCallback):
1302         (WebCore::TestObjV8Internal::methodWithCallbackAndOptionalArgCallback):
1303         (WebCore::TestObjV8Internal::conditionalMethod2Callback):
1304         (WebCore::TestObjV8Internal::conditionalMethod3Callback):
1305         (WebCore::TestObjV8Internal::overloadedMethod1Callback):
1306         (WebCore::TestObjV8Internal::overloadedMethod2Callback):
1307         (WebCore::TestObjV8Internal::overloadedMethod3Callback):
1308         (WebCore::TestObjV8Internal::overloadedMethod4Callback):
1309         (WebCore::TestObjV8Internal::overloadedMethod5Callback):
1310         (WebCore::TestObjV8Internal::overloadedMethod6Callback):
1311         (WebCore::TestObjV8Internal::overloadedMethod7Callback):
1312         (WebCore::TestObjV8Internal::overloadedMethod8Callback):
1313         (WebCore::TestObjV8Internal::overloadedMethod9Callback):
1314         (WebCore::TestObjV8Internal::overloadedMethod10Callback):
1315         (WebCore::TestObjV8Internal::classMethodCallback):
1316         (WebCore::TestObjV8Internal::overloadedMethod11Callback):
1317         (WebCore::TestObjV8Internal::overloadedMethod12Callback):
1318         (WebCore::TestObjV8Internal::classMethodWithClampCallback):
1319         (WebCore::TestObjV8Internal::enabledAtRuntimeMethod1Callback):
1320         (WebCore::TestObjV8Internal::enabledAtRuntimeMethod2Callback):
1321         (WebCore::TestObjV8Internal::enabledPerContextMethod1Callback):
1322         (WebCore::TestObjV8Internal::enabledPerContextMethod2Callback):
1323         (WebCore::TestObjV8Internal::convert1Callback):
1324         (WebCore::TestObjV8Internal::convert2Callback):
1325         (WebCore::TestObjV8Internal::convert3Callback):
1326         (WebCore::TestObjV8Internal::convert4Callback):
1327         (WebCore::TestObjV8Internal::convert5Callback):
1328         (WebCore::TestObjV8Internal::orangeCallback):
1329         (WebCore::ConfigureV8TestObjTemplate):
1330         (WebCore::V8TestObj::installPerContextProperties):
1331         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
1332         (WebCore::TestSerializedScriptValueInterfaceV8Internal::acceptTransferListCallback):
1333         (WebCore::TestSerializedScriptValueInterfaceV8Internal::multiTransferListCallback):
1334         (WebCore::V8TestSerializedScriptValueInterface::constructorCallback):
1335         * bindings/v8/V8Binding.h:
1336         (WebCore::v8Undefined):
1337         (WebCore):
1338
1339 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1340
1341         [V8] Remove v8StringToWebCoreString()
1342         https://bugs.webkit.org/show_bug.cgi?id=93087
1343
1344         Reviewed by Adam Barth.
1345
1346         There should be only one API that converts V8 String
1347         to WebCore String. v8ValueToWebCoreString() does it.
1348         We can remove v8StringToWebCoreString().
1349
1350         No tests. No change in behavior.
1351
1352         * bindings/v8/ScriptDebugServer.cpp:
1353         (WebCore::ScriptDebugServer::setBreakpoint):
1354         * bindings/v8/V8Binding.cpp:
1355         (WebCore::v8ValueToWebCoreString):
1356         * bindings/v8/V8Binding.h:
1357         (WebCore):
1358
1359 2012-07-20  Jon Lee  <jonlee@apple.com>
1360
1361         Crash in Notification when setting a non-object as an event listener (91881)
1362         https://bugs.webkit.org/show_bug.cgi?id=91881
1363         <rdar://problem/11923341>
1364
1365         Reviewed by Oliver Hunt.
1366
1367         Check to make sure that the value being retrieved is an object. This is similar
1368         to the isObject() check done in the bindings code.
1369
1370         Test: fast/notifications/notifications-event-listener-crash.html
1371
1372         * bindings/js/Dictionary.h:
1373         (WebCore::Dictionary::getEventListener):
1374
1375 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1376
1377         [V8] Remove v8StringToAtomicWebCoreString()
1378         https://bugs.webkit.org/show_bug.cgi?id=93086
1379
1380         Reviewed by Dimitri Glazkov.
1381
1382         There should be only one API that converts V8 String to
1383         AtomicString. v8ValueToAtomicWebCoreString() does it.
1384         We can remove v8StringToAtomicWebCoreString().
1385
1386         No tests. No change in behavior.
1387
1388         * bindings/v8/V8Binding.cpp:
1389         (WebCore::v8ValueToAtomicWebCoreString):
1390         * bindings/v8/V8Binding.h:
1391         (WebCore):
1392         * bindings/v8/V8DOMWindowShell.cpp:
1393         (WebCore::getter):
1394         * bindings/v8/custom/V8DOMWindowCustom.cpp:
1395         (WebCore::V8DOMWindow::namedPropertyGetter):
1396         * bindings/v8/custom/V8HTMLAllCollectionCustom.cpp:
1397         (WebCore::V8HTMLAllCollection::namedPropertyGetter):
1398         * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
1399         (WebCore::V8HTMLCollection::namedPropertyGetter):
1400         * bindings/v8/custom/V8HTMLFormElementCustom.cpp:
1401         (WebCore::V8HTMLFormElement::namedPropertyGetter):
1402         * bindings/v8/custom/V8HTMLFrameSetElementCustom.cpp:
1403         (WebCore::V8HTMLFrameSetElement::namedPropertyGetter):
1404
1405 2012-08-03  Ilya Tikhonovsky  <loislo@chromium.org>
1406
1407         Web Inspector: eliminate visitBaseClass method from NMI. It introduces unnecessary complexity.
1408         https://bugs.webkit.org/show_bug.cgi?id=93129
1409
1410         Reviewed by Yury Semikhatsky.
1411
1412         * css/PropertySetCSSStyleDeclaration.cpp:
1413         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
1414         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
1415         * dom/CharacterData.cpp:
1416         (WebCore::CharacterData::reportMemoryUsage):
1417         * dom/ContainerNode.h:
1418         (WebCore::ContainerNode::reportMemoryUsage):
1419         * dom/Document.cpp:
1420         (WebCore::Document::reportMemoryUsage):
1421         * dom/Element.h:
1422         (WebCore::Element::reportMemoryUsage):
1423         * dom/MemoryInstrumentation.h:
1424         * dom/Node.cpp:
1425         (WebCore::Node::reportMemoryUsage):
1426
1427 2012-08-03  Alexandre Elias  <aelias@google.com>
1428
1429         [chromium] Move ubercomp quads back into CC
1430         https://bugs.webkit.org/show_bug.cgi?id=93062
1431
1432         Reviewed by James Robinson.
1433
1434         Because GTFO is almost done, we can move back the quad types
1435         to CC and pickle them there.  This patch moves everything back
1436         to where it was before and changes types like WebRect to IntRect.
1437
1438         As a bonus, I also added CCRenderPassDrawQuad and CCYUVVideoDrawQuad
1439         (which had been left in the CC files) to CCDrawQuad::size(), so now
1440         every quad type is ready for serialization.
1441
1442         No new tests (no-op refactoring).
1443
1444         * WebCore.gypi:
1445         * platform/chromium/support/WebCompositorStreamVideoQuad.cpp: Removed.
1446         * platform/graphics/chromium/LayerRendererChromium.cpp:
1447         (WebCore::LayerRendererChromium::drawQuad):
1448         * platform/graphics/chromium/cc/CCCheckerboardDrawQuad.cpp: Copied from Source/WebCore/platform/graphics/chromium/cc/CCQuadSink.h.
1449         (WebCore):
1450         (WebCore::CCCheckerboardDrawQuad::create):
1451         (WebCore::CCCheckerboardDrawQuad::CCCheckerboardDrawQuad):
1452         (WebCore::CCCheckerboardDrawQuad::materialCast):
1453         * platform/graphics/chromium/cc/CCCheckerboardDrawQuad.h:
1454         (WebCore):
1455         (CCCheckerboardDrawQuad):
1456         * platform/graphics/chromium/cc/CCDebugBorderDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorDebugBorderQuad.cpp.
1457         (WebCore):
1458         (WebCore::CCDebugBorderDrawQuad::create):
1459         (WebCore::CCDebugBorderDrawQuad::CCDebugBorderDrawQuad):
1460         (WebCore::CCDebugBorderDrawQuad::materialCast):
1461         * platform/graphics/chromium/cc/CCDebugBorderDrawQuad.h:
1462         (WebCore):
1463         (CCDebugBorderDrawQuad):
1464         (WebCore::CCDebugBorderDrawQuad::color):
1465         (WebCore::CCDebugBorderDrawQuad::width):
1466         * platform/graphics/chromium/cc/CCDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorQuad.cpp.
1467         (WebCore):
1468         (WebCore::CCDrawQuad::CCDrawQuad):
1469         (WebCore::CCDrawQuad::opaqueRect):
1470         (WebCore::CCDrawQuad::setQuadVisibleRect):
1471         (WebCore::CCDrawQuad::size):
1472         (WebCore::CCDrawQuad::setSharedQuadState):
1473         * platform/graphics/chromium/cc/CCDrawQuad.h:
1474         (WebCore):
1475         (CCDrawQuad):
1476         (WebCore::CCDrawQuad::quadRect):
1477         (WebCore::CCDrawQuad::quadTransform):
1478         (WebCore::CCDrawQuad::visibleContentRect):
1479         (WebCore::CCDrawQuad::scissorRect):
1480         (WebCore::CCDrawQuad::opacity):
1481         (WebCore::CCDrawQuad::needsBlending):
1482         (WebCore::CCDrawQuad::isLayerAxisAlignedIntRect):
1483         (WebCore::CCDrawQuad::quadVisibleRect):
1484         (WebCore::CCDrawQuad::isDebugQuad):
1485         (WebCore::CCDrawQuad::material):
1486         (WebCore::CCDrawQuad::sharedQuadState):
1487         (WebCore::CCDrawQuad::sharedQuadStateId):
1488         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
1489         (WebCore::CCHeadsUpDisplayLayerImpl::appendQuads):
1490         * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorIOSurfaceQuad.cpp.
1491         (WebCore):
1492         (WebCore::CCIOSurfaceDrawQuad::create):
1493         (WebCore::CCIOSurfaceDrawQuad::CCIOSurfaceDrawQuad):
1494         (WebCore::CCIOSurfaceDrawQuad::materialCast):
1495         * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.h:
1496         (WebCore):
1497         (CCIOSurfaceDrawQuad):
1498         (WebCore::CCIOSurfaceDrawQuad::ioSurfaceSize):
1499         (WebCore::CCIOSurfaceDrawQuad::ioSurfaceTextureId):
1500         (WebCore::CCIOSurfaceDrawQuad::orientation):
1501         * platform/graphics/chromium/cc/CCQuadCuller.h:
1502         (CCQuadCuller):
1503         * platform/graphics/chromium/cc/CCQuadSink.h:
1504         (WebCore):
1505         (CCQuadSink):
1506         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.cpp:
1507         (WebCore::CCRenderPassDrawQuad::create):
1508         (WebCore::CCRenderPassDrawQuad::CCRenderPassDrawQuad):
1509         (WebCore::CCRenderPassDrawQuad::materialCast):
1510         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.h:
1511         (CCRenderPassDrawQuad):
1512         * platform/graphics/chromium/cc/CCSharedQuadState.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorSharedQuadState.cpp.
1513         (WebCore):
1514         (WebCore::CCSharedQuadState::CCSharedQuadState):
1515         (WebCore::CCSharedQuadState::create):
1516         (WebCore::CCSharedQuadState::isLayerAxisAlignedIntRect):
1517         * platform/graphics/chromium/cc/CCSharedQuadState.h:
1518         (WebCore):
1519         (CCSharedQuadState):
1520         * platform/graphics/chromium/cc/CCSolidColorDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorSolidColorQuad.cpp.
1521         (WebCore):
1522         (WebCore::CCSolidColorDrawQuad::create):
1523         (WebCore::CCSolidColorDrawQuad::CCSolidColorDrawQuad):
1524         (WebCore::CCSolidColorDrawQuad::materialCast):
1525         * platform/graphics/chromium/cc/CCSolidColorDrawQuad.h:
1526         (WebCore):
1527         (CCSolidColorDrawQuad):
1528         (WebCore::CCSolidColorDrawQuad::color):
1529         * platform/graphics/chromium/cc/CCStreamVideoDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorCheckerboardQuad.cpp.
1530         (WebCore):
1531         (WebCore::CCStreamVideoDrawQuad::create):
1532         (WebCore::CCStreamVideoDrawQuad::CCStreamVideoDrawQuad):
1533         (WebCore::CCStreamVideoDrawQuad::materialCast):
1534         * platform/graphics/chromium/cc/CCStreamVideoDrawQuad.h:
1535         (WebCore):
1536         (CCStreamVideoDrawQuad):
1537         (WebCore::CCStreamVideoDrawQuad::textureId):
1538         (WebCore::CCStreamVideoDrawQuad::matrix):
1539         * platform/graphics/chromium/cc/CCTextureDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorTextureQuad.cpp.
1540         (WebCore):
1541         (WebCore::CCTextureDrawQuad::create):
1542         (WebCore::CCTextureDrawQuad::CCTextureDrawQuad):
1543         (WebCore::CCTextureDrawQuad::setNeedsBlending):
1544         (WebCore::CCTextureDrawQuad::materialCast):
1545         * platform/graphics/chromium/cc/CCTextureDrawQuad.h:
1546         (WebCore):
1547         (CCTextureDrawQuad):
1548         (WebCore::CCTextureDrawQuad::uvRect):
1549         (WebCore::CCTextureDrawQuad::resourceId):
1550         (WebCore::CCTextureDrawQuad::premultipliedAlpha):
1551         (WebCore::CCTextureDrawQuad::flipped):
1552         * platform/graphics/chromium/cc/CCTileDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorTileQuad.cpp.
1553         (WebCore):
1554         (WebCore::CCTileDrawQuad::create):
1555         (WebCore::CCTileDrawQuad::CCTileDrawQuad):
1556         (WebCore::CCTileDrawQuad::materialCast):
1557         * platform/graphics/chromium/cc/CCTileDrawQuad.h:
1558         (WebCore):
1559         (CCTileDrawQuad):
1560         (WebCore::CCTileDrawQuad::resourceId):
1561         (WebCore::CCTileDrawQuad::textureOffset):
1562         (WebCore::CCTileDrawQuad::textureSize):
1563         (WebCore::CCTileDrawQuad::textureFilter):
1564         (WebCore::CCTileDrawQuad::swizzleContents):
1565         (WebCore::CCTileDrawQuad::leftEdgeAA):
1566         (WebCore::CCTileDrawQuad::topEdgeAA):
1567         (WebCore::CCTileDrawQuad::rightEdgeAA):
1568         (WebCore::CCTileDrawQuad::bottomEdgeAA):
1569         (WebCore::CCTileDrawQuad::isAntialiased):
1570         * platform/graphics/chromium/cc/CCYUVVideoDrawQuad.cpp:
1571         (WebCore::CCYUVVideoDrawQuad::create):
1572         (WebCore::CCYUVVideoDrawQuad::CCYUVVideoDrawQuad):
1573         (WebCore::CCYUVVideoDrawQuad::materialCast):
1574         * platform/graphics/chromium/cc/CCYUVVideoDrawQuad.h:
1575         (CCYUVVideoDrawQuad):
1576
1577 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
1578
1579         Unreviewed, restore Web Inspector JS frontend compilability after r124484 (fix JSDoc annotations).
1580
1581         * inspector/front-end/Settings.js:
1582         * inspector/front-end/SettingsScreen.js:
1583         * inspector/front-end/UserAgentSupport.js:
1584         (WebInspector.UserAgentSupport.DeviceOrientation):
1585
1586 2012-08-03  Philippe Normand  <pnormand@igalia.com>
1587
1588         Unreviewed, rolling out r124614.
1589         http://trac.webkit.org/changeset/124614
1590         https://bugs.webkit.org/show_bug.cgi?id=91727
1591
1592         gstreamer core .po files mess up the build again
1593
1594         * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
1595         (WTF::adoptGRef):
1596         * platform/graphics/gstreamer/GStreamerVersioning.cpp:
1597         (setGstElementClassMetadata):
1598         * platform/graphics/gstreamer/GStreamerVersioning.h:
1599         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1600         (StreamingClient::didReceiveResponse):
1601
1602 2012-08-03  Benjamin Poulain  <bpoulain@apple.com>
1603
1604         Initialize the Event Names' string from read only memory
1605         https://bugs.webkit.org/show_bug.cgi?id=92435
1606
1607         Reviewed by Anders Carlsson.
1608
1609         Similarily to r123689, we can initialize the event names' string from memory without copying the data.
1610         This saves us memory and initialization time.
1611
1612         * dom/EventNames.cpp:
1613         (WebCore):
1614
1615 2012-08-03  Philippe Normand  <pnormand@igalia.com>
1616
1617         [GTK][jhbuild] Switch to GStreamer 0.11 build
1618         https://bugs.webkit.org/show_bug.cgi?id=91727
1619
1620         Reviewed by Gustavo Noronha Silva.
1621
1622         Add a new function to encapsulate the GStreamer API removal of
1623         GST_OBJECT_IS_FLOATING in the upcoming 1.0 release. Use of this
1624         macro can now be replaced by calling the g_object_is_floating
1625         function.
1626
1627         * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
1628         (WTF::adoptGRef):
1629         * platform/graphics/gstreamer/GStreamerVersioning.cpp:
1630         (gstObjectIsFloating):
1631         * platform/graphics/gstreamer/GStreamerVersioning.h:
1632
1633 2012-08-03  George Staikos  <staikos@webkit.org>
1634
1635         [BlackBerry] Add a null check for media implementation to fix a crash.
1636         https://bugs.webkit.org/show_bug.cgi?id=93107
1637
1638         Reviewed by Rob Buis.
1639
1640         Fixes media/video-size.html.
1641
1642         * platform/blackberry/RenderThemeBlackBerry.cpp:
1643         (WebCore::RenderThemeBlackBerry::paintMediaSliderTrack): Add null check.
1644
1645 2012-08-03  Yury Semikhatsky  <yurys@chromium.org>
1646
1647         Unreviewed. Fixed WinCE compilation after r124589.
1648
1649         * css/PropertySetCSSStyleDeclaration.cpp:
1650         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
1651         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
1652
1653 2012-08-03  Keishi Hattori  <keishi@webkit.org>
1654
1655         Add keyboard support for color suggestion popup
1656         https://bugs.webkit.org/show_bug.cgi?id=93069
1657
1658         Reviewed by Kent Tamura.
1659
1660         This adds support for keyboard inside the color suggestion popup.
1661         Tab or arrow keys to move around. Return or space to select the color.
1662         Escape closes the popup.
1663
1664         No new tests. Covered in platform/chromium/fast/forms/color/color-suggestion-picker-appearance.html.
1665
1666         * Resources/colorSuggestionPicker.css:
1667         (.color-swatch):
1668         (.color-swatch:focus):
1669         * Resources/colorSuggestionPicker.js:
1670         (ColorPicker):
1671         (ColorPicker.prototype._layout):
1672         (ColorPicker.prototype.selectColorAtIndex): Selects color at index.
1673         (ColorPicker.prototype._handleMouseMove): Set focus to the swatch under the mouse cursor.
1674         (ColorPicker.prototype._handleKeyDown): Move focused element on arrow keys.
1675         (ColorPicker.prototype._handleMouseDown): Prevents blur on click.
1676
1677 2012-08-03  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
1678
1679         Add missing include to build on Mac OS 10.8
1680
1681         Reviewed by Ossy.
1682
1683         * platform/graphics/surfaces/mac/GraphicsSurfaceMac.cpp:
1684
1685 2012-08-03  Adam Barth  <abarth@webkit.org>
1686
1687         [V8] Re-wire "target" half of the same-origin security check through Document rather than DOMWindow
1688         https://bugs.webkit.org/show_bug.cgi?id=93079
1689
1690         Reviewed by Eric Seidel.
1691
1692         Before this patch, we were traversing from Nodes to Frames to
1693         DOMWindows to SecurityOrigins when determing the "target" of an
1694         operation for the same-origin policy security check. Rather than
1695         detouring through DOMWindow, these security checks should operate in
1696         terms of ScriptExecutionContexts (aka Documents) because that's the
1697         canonical place we store SecurityOrigin objects.
1698
1699         A future patch will re-wire the "active" part of the security check to
1700         use ScriptExecutionContexts as well and we'll be able to remove the
1701         extra copy of SecurityOrigin that we keep in DOMWindow.
1702
1703         * bindings/generic/BindingSecurity.cpp:
1704         (WebCore::canAccessDocument):
1705         (WebCore::BindingSecurity::canAccessFrame):
1706         (WebCore::BindingSecurity::shouldAllowAccessToNode):
1707         * bindings/v8/BindingState.cpp:
1708         (WebCore::immediatelyReportUnsafeAccessTo):
1709         * bindings/v8/BindingState.h:
1710         (WebCore):
1711         * bindings/v8/V8DOMWindowShell.cpp:
1712         (WebCore::reportUnsafeJavaScriptAccess):
1713         * bindings/v8/V8Proxy.cpp:
1714         (WebCore::V8Proxy::reportUnsafeAccessTo):
1715         * bindings/v8/V8Proxy.h:
1716         (V8Proxy):
1717
1718 2012-08-03  Keishi Hattori  <keishi@webkit.org>
1719
1720         ColorSuggestionPicker popup's height doesn't get smaller than 100 px
1721         https://bugs.webkit.org/show_bug.cgi?id=92945
1722
1723         Reviewed by Kent Tamura.
1724
1725         A window cannot be resized to be smaller than 100x100 pixels so this
1726         adjust the color suggestion popup UI to look better when there are only
1727         a few suggestions.
1728
1729         Tests: platform/chromium/fast/forms/color/color-suggestion-picker-one-row-appearance.html
1730                platform/chromium/fast/forms/color/color-suggestion-picker-two-row-appearance.html
1731
1732         * Resources/colorSuggestionPicker.css:
1733         (.color-swatch-container): Vertically center the swatches.
1734
1735 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
1736
1737         Web Inspector: Remove InspectorCSSAgent from InstrumentingAgents on clearFrontend()
1738         https://bugs.webkit.org/show_bug.cgi?id=93082
1739
1740         Reviewed by Yury Semikhatsky.
1741
1742         * inspector/InspectorCSSAgent.cpp:
1743         (WebCore::InspectorCSSAgent::InspectorCSSAgent):
1744         (WebCore::InspectorCSSAgent::~InspectorCSSAgent):
1745         (WebCore::InspectorCSSAgent::setFrontend):
1746         (WebCore::InspectorCSSAgent::clearFrontend):
1747
1748 2012-08-03  Eugene Klyuchnikov  <eustas.big@gmail.com>
1749
1750         Web Inspector: Profiles: extract save to file / load from code
1751         https://bugs.webkit.org/show_bug.cgi?id=92348
1752
1753         Reviewed by Yury Semikhatsky.
1754
1755         Motivation: extract reusable code for timeline load/save.
1756         FileUtils.js will contain common code. Not all code moved to FileUtils
1757         to make review easier. This code will be moved in next patch.
1758
1759         Core abstractions: OutputStream and OutputStreamDelegate.
1760
1761         OutputStream is interface that is used to transfer entity divded
1762         to chunks. Transfer process is explicitly initialized (startTransfer)
1763         and finalized (finishTrnsfer).
1764
1765         OutputStreamDelegate is interface to receive notifications about
1766         transfer process: onTransferStarted, onChunkTransferred, onTransferFinished.
1767
1768         ChunkedFileReader: utility class that loads file by chunks of specified
1769         size and notifies given delegate. OutputStream is supplied as a
1770         parameter of method "start".
1771
1772         ChunkedFileWriter: implementation of OutputStream that saves data
1773         to file specified by file name and notifies given delegate.
1774
1775         * WebCore.gypi: Added 'FileUtils.js'.
1776         * WebCore.vcproj/WebCore.vcproj: Added 'FileUtils.js'.
1777         * inspector/compile-front-end.py: Added 'FileUtils.js'.
1778         * inspector/front-end/FileUtils.js: Added.
1779         (WebInspector.OutputStreamDelegate): Added.
1780         (WebInspector.ChunkedFileReader): Added.
1781         (WebInspector.createFileSelectorElement): Added utility method to construct
1782         hidden input element to select file.
1783         * inspector/front-end/HeapSnapshotLoader.js: Adopted new API.
1784         * inspector/front-end/HeapSnapshotProxy.js: Adopted new API.
1785         * inspector/front-end/HeapSnapshotView.js: Adopted new API.
1786         (WebInspector.HeapSnapshotLoadFromFileDelegate):
1787         Extracted from existing code.
1788         (WebInspector.ChunkedFileWriter): Renamed and refactored.
1789         (WebInspector.HeapSnapshotSaveToFileDelegate):
1790         Extracted from existing code.
1791         * inspector/front-end/ProfilesPanel.js: Adopted new API.
1792
1793 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
1794
1795         Web Inspector: Incorrect blob url href when inspecting
1796         https://bugs.webkit.org/show_bug.cgi?id=93076
1797
1798         Reviewed by Vsevolod Vlasov.
1799
1800         Special-cased the "blob" scheme to return the original URL intact on completion.
1801
1802         * inspector/front-end/ResourceUtils.js:
1803         (WebInspector.completeURL):
1804
1805 2012-08-03  Yury Semikhatsky  <yurys@chromium.org>
1806
1807         Web Inspector: add CSSRule memory instrumentation
1808         https://bugs.webkit.org/show_bug.cgi?id=92962
1809
1810         Reviewed by Pavel Feldman.
1811
1812         Added memory footprint reporting method to CSSRule and its descendants.
1813
1814         * css/CSSCharsetRule.cpp:
1815         (WebCore::CSSCharsetRule::reportDescendantMemoryUsage):
1816         (WebCore):
1817         * css/CSSCharsetRule.h:
1818         (CSSCharsetRule):
1819         * css/CSSComputedStyleDeclaration.cpp:
1820         (WebCore::CSSComputedStyleDeclaration::reportMemoryUsage):
1821         (WebCore):
1822         * css/CSSComputedStyleDeclaration.h:
1823         (CSSComputedStyleDeclaration):
1824         * css/CSSFontFaceRule.cpp:
1825         (WebCore::CSSFontFaceRule::reportDescendantMemoryUsage):
1826         (WebCore):
1827         * css/CSSFontFaceRule.h:
1828         (CSSFontFaceRule):
1829         * css/CSSImportRule.cpp:
1830         (WebCore::CSSImportRule::reportDescendantMemoryUsage):
1831         (WebCore):
1832         * css/CSSImportRule.h:
1833         (CSSImportRule):
1834         * css/CSSMediaRule.cpp:
1835         (WebCore::CSSMediaRule::reportDescendantMemoryUsage):
1836         (WebCore):
1837         * css/CSSMediaRule.h:
1838         (CSSMediaRule):
1839         * css/CSSPageRule.cpp:
1840         (WebCore::CSSPageRule::reportDescendantMemoryUsage):
1841         (WebCore):
1842         * css/CSSPageRule.h:
1843         (CSSPageRule):
1844         * css/CSSRule.cpp:
1845         (WebCore::CSSRule::reportMemoryUsage): we manually implement polymorphic
1846         call here to avoid adding vtable pointer to all CSSRule objects. Descendants
1847         are expected to report their memory via reportDescendantMemoryUsage. The name
1848         is intentionally different from reportMemoryUsage to avoid accidential infitite
1849         recursion: if the descendants overrode non-virtual CSSRule::reportMemoryUsage,
1850         it would be easy to add a new descendant type to the switch in
1851         CSSRule::reportMemoryUsage without providing proper override for reportMemoryUsage
1852         and CSSRule::reportMemoryUsage would end up calling itself.
1853         (WebCore):
1854         (WebCore::CSSRule::reportBaseClassMemoryUsage): again we cannot use
1855         MemoryClassInfo::visitBaseClass like we do for virtual methods because it would
1856         lead to a recursive call of CSSRule::reportMemoryUsage. This is why we use
1857         reportBaseClassMemoryUsage to allow descendants to report objects referenced
1858         from their base class.
1859         * css/CSSRule.h:
1860         (WebCore):
1861         (CSSRule):
1862         * css/CSSRuleList.cpp:
1863         (WebCore::StaticCSSRuleList::reportMemoryUsage):
1864         (WebCore):
1865         * css/CSSRuleList.h:
1866         (WebCore):
1867         (CSSRuleList):
1868         (StaticCSSRuleList):
1869         (LiveCSSRuleList):
1870         * css/CSSStyleDeclaration.h:
1871         (WebCore):
1872         (CSSStyleDeclaration):
1873         * css/CSSStyleRule.cpp:
1874         (WebCore::CSSStyleRule::reportDescendantMemoryUsage):
1875         (WebCore):
1876         * css/CSSStyleRule.h:
1877         (CSSStyleRule):
1878         * css/CSSStyleSheet.cpp:
1879         (StyleSheetCSSRuleList):
1880         (WebCore::CSSStyleSheet::reportMemoryUsage):
1881         * css/CSSUnknownRule.h:
1882         (CSSUnknownRule):
1883         (WebCore::CSSUnknownRule::reportDescendantMemoryUsage):
1884         * css/PropertySetCSSStyleDeclaration.cpp:
1885         (WebCore::PropertySetCSSStyleDeclaration::reportMemoryUsage):
1886         (WebCore):
1887         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
1888         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
1889         * css/PropertySetCSSStyleDeclaration.h:
1890         (PropertySetCSSStyleDeclaration):
1891         (StyleRuleCSSStyleDeclaration):
1892         (InlineCSSStyleDeclaration):
1893         * css/WebKitCSSKeyframeRule.cpp:
1894         (WebCore::WebKitCSSKeyframeRule::reportDescendantMemoryUsage):
1895         (WebCore):
1896         * css/WebKitCSSKeyframeRule.h:
1897         (WebKitCSSKeyframeRule):
1898         * css/WebKitCSSKeyframesRule.cpp:
1899         (WebCore::WebKitCSSKeyframesRule::reportDescendantMemoryUsage):
1900         (WebCore):
1901         * css/WebKitCSSKeyframesRule.h:
1902         (WebKitCSSKeyframesRule):
1903         * css/WebKitCSSRegionRule.cpp:
1904         (WebCore::WebKitCSSRegionRule::reportDescendantMemoryUsage):
1905         (WebCore):
1906         * css/WebKitCSSRegionRule.h:
1907         (WebKitCSSRegionRule):
1908
1909 2012-08-03  Adam Barth  <abarth@webkit.org>
1910
1911         WebCore::DragController::cleanupAfterSystemDrag should null-check page
1912         https://bugs.webkit.org/show_bug.cgi?id=61815
1913
1914         Reviewed by Eric Seidel.
1915
1916         * page/DragController.cpp:
1917         (WebCore::DragController::dragEnteredOrUpdated):
1918         (WebCore::DragController::doSystemDrag):
1919
1920 2012-08-03  Sergio Carlos Morales Angeles  <carloschilazo@gmail.com>
1921
1922         Delete text from password does nothing.
1923         https://bugs.webkit.org/show_bug.cgi?id=92040
1924
1925         Reviewed by Ryosuke Niwa.
1926
1927         Use Editor::canDelete() to determine if field is editable or not.
1928         Added password-delete-contents test.
1929
1930         Test: editing/deleting/password-delete-contents.html
1931
1932         * editing/EditorCommand.cpp:
1933         (WebCore::enabledDelete):
1934
1935 2012-08-03  Jan Keromnes  <janx@linux.com>
1936
1937         Web Inspector: Make textModel private to textEditor
1938         https://bugs.webkit.org/show_bug.cgi?id=92999
1939
1940         Reviewed by Pavel Feldman.
1941
1942         Making textModel private to the textEditor ensures that it is accessed
1943         only through the textEditor, making the latter more modular.
1944
1945         Tests were changed accordingly.
1946
1947         * inspector/front-end/JavaScriptSourceFrame.js:
1948         (WebInspector.JavaScriptSourceFrame.prototype.afterTextChanged):
1949         (WebInspector.JavaScriptSourceFrame.prototype._restoreBreakpointsAfterEditing):
1950         (WebInspector.JavaScriptSourceFrame.prototype._addBreakpointDecoration):
1951         (WebInspector.JavaScriptSourceFrame.prototype._removeBreakpointDecoration):
1952         (WebInspector.JavaScriptSourceFrame.prototype._lineNumberAfterEditing):
1953         * inspector/front-end/SourceFrame.js:
1954         (WebInspector.SourceFrame):
1955         (WebInspector.SourceFrame.prototype.setContent):
1956         (WebInspector.SourceFrame.prototype.replaceAllWith):
1957         (WebInspector.SourceFrame.prototype._collectRegexMatches):
1958         (WebInspector.SourceFrame.prototype.addMessageToSource):
1959         (WebInspector.SourceFrame.prototype.removeMessageFromSource):
1960         (WebInspector.TextEditorDelegateForSourceFrame.prototype.commitEditing):
1961         * inspector/front-end/TextEditor.js:
1962         (WebInspector.TextEditor.prototype.setText):
1963         (WebInspector.TextEditor.prototype.text):
1964         (WebInspector.TextEditor.prototype.range):
1965         (WebInspector.TextEditor.prototype.line):
1966         (WebInspector.TextEditor.prototype.get linesCount):
1967         (WebInspector.TextEditor.prototype.setAttribute):
1968         (WebInspector.TextEditor.prototype.getAttribute):
1969         (WebInspector.TextEditor.prototype.removeAttribute):
1970         * inspector/front-end/UISourceCodeFrame.js:
1971         (WebInspector.UISourceCodeFrame.prototype.afterTextChanged):
1972
1973 2012-08-03  Adam Barth  <abarth@webkit.org>
1974
1975         V8Proxy::retrieve(*) leads to really obfuscated code and should be removed
1976         https://bugs.webkit.org/show_bug.cgi?id=93072
1977
1978         Reviewed by Eric Seidel.
1979
1980         Once upon a time, V8Proxy::retrieve did a bunch of checks before
1981         returning the V8Proxy object (such as checking whether script was
1982         enabled). Over time, we've removed all of these checks in order to fix
1983         various bugs. Now all it does is check whether the Frame is 0. However,
1984         because the function ends up returning 0 when its argument is 0, the
1985         caller sill needs to have a null check.
1986
1987         This patch deletes all the variations of V8Proxy::retrieve(*) and
1988         inlines them into their callers. In several cases, inlining the
1989         function call showed that we were testing the Frame for 0 twice, and
1990         I've removed the redundant null checks. In other cases, I've
1991         uncontorted the callers to make the code more readable.
1992
1993         * bindings/scripts/CodeGeneratorV8.pm:
1994         (GenerateToV8Converters):
1995         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
1996         (WebCore::V8TestActiveDOMObject::wrapSlow):
1997         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
1998         (WebCore::V8TestNamedConstructorConstructorCallback):
1999         * bindings/scripts/test/V8/V8TestNode.cpp:
2000         (WebCore::V8TestNode::wrapSlow):
2001         * bindings/v8/PageScriptDebugServer.cpp:
2002         (WebCore::PageScriptDebugServer::addListener):
2003         * bindings/v8/ScheduledAction.cpp:
2004         (WebCore::ScheduledAction::execute):
2005         * bindings/v8/ScriptController.h:
2006         (WebCore::ScriptController::windowShell):
2007         * bindings/v8/V8DOMWrapper.cpp:
2008         (WebCore::V8DOMWrapper::instantiateV8Object):
2009         * bindings/v8/V8EventListener.cpp:
2010         (WebCore::V8EventListener::callListenerFunction):
2011         * bindings/v8/V8Helpers.cpp:
2012         (WebCore::toV8Proxy):
2013         * bindings/v8/V8LazyEventListener.cpp:
2014         (WebCore::V8LazyEventListener::callListenerFunction):
2015         (WebCore::V8LazyEventListener::prepareListenerObject):
2016         * bindings/v8/V8Proxy.cpp:
2017         (WebCore::V8Proxy::handleOutOfMemory):
2018         (WebCore::V8Proxy::retrievePerContextData):
2019         (WebCore::V8Proxy::mainWorldContext):
2020         (WebCore::toV8Context):
2021         * bindings/v8/V8Proxy.h:
2022         (V8Proxy):
2023         * bindings/v8/custom/V8DOMWindowCustom.cpp:
2024         (WebCore::V8DOMWindow::addEventListenerCallback):
2025         (WebCore::V8DOMWindow::removeEventListenerCallback):
2026         * bindings/v8/custom/V8DocumentCustom.cpp:
2027         (WebCore::toV8):
2028         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
2029         (WebCore::V8HTMLDocument::openCallback):
2030         (WebCore::toV8):
2031         * bindings/v8/custom/V8SVGDocumentCustom.cpp:
2032         (WebCore::toV8):
2033
2034 2012-08-03  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
2035
2036         Add *explicit* keyword to constructors in WebCore/accessibility
2037         https://bugs.webkit.org/show_bug.cgi?id=93067
2038
2039         Reviewed by Kentaro Hara.
2040
2041         As a step to add *explicit* keyword to constructors which have a parameter,
2042         *explicit* keyword is added to Source/WebCore/accessibility in order to avoid
2043         implicit type conversion.
2044
2045         No new tests. Covered by existing tests.
2046
2047         * accessibility/AXObjectCache.h:
2048         (AXObjectCache):
2049         * accessibility/AccessibilityARIAGrid.h:
2050         (AccessibilityARIAGrid):
2051         * accessibility/AccessibilityARIAGridCell.h:
2052         (AccessibilityARIAGridCell):
2053         * accessibility/AccessibilityARIAGridRow.h:
2054         (AccessibilityARIAGridRow):
2055         * accessibility/AccessibilityList.h:
2056         (AccessibilityList):
2057         * accessibility/AccessibilityListBox.h:
2058         (AccessibilityListBox):
2059         * accessibility/AccessibilityMediaControls.h:
2060         (AccessibilityMediaControl):
2061         (AccessibilityMediaTimeline):
2062         (AccessibilityMediaControlsContainer):
2063         (AccessibilityMediaTimeDisplay):
2064         * accessibility/AccessibilityMenuList.h:
2065         (AccessibilityMenuList):
2066         * accessibility/AccessibilityNodeObject.h:
2067         (AccessibilityNodeObject):
2068         * accessibility/AccessibilityProgressIndicator.h:
2069         (AccessibilityProgressIndicator):
2070         * accessibility/AccessibilityRenderObject.h:
2071         (AccessibilityRenderObject):
2072         * accessibility/AccessibilityScrollView.h:
2073         (AccessibilityScrollView):
2074         * accessibility/AccessibilityScrollbar.h:
2075         (AccessibilityScrollbar):
2076         * accessibility/AccessibilitySlider.h:
2077         (AccessibilitySlider):
2078         * accessibility/AccessibilityTable.h:
2079         (AccessibilityTable):
2080         * accessibility/AccessibilityTableCell.h:
2081         (AccessibilityTableCell):
2082         * accessibility/AccessibilityTableRow.h:
2083         (AccessibilityTableRow):
2084
2085 2012-08-03  Abhishek Arya  <inferno@chromium.org>
2086
2087         Regression(r124564): Wrong inlineChildrenBlock->hasLayer() computed in RenderBlock::removeChild.
2088         https://bugs.webkit.org/show_bug.cgi?id=90800
2089
2090         Reviewed by Eric Seidel.
2091
2092         r124564 reversed the sequence of setStyle and removeChildNode calls, but failed to cache the value
2093         of inlineChildrenBlock->hasLayer(). So, it will be null when the layer is removed from parent in setStyle.
2094         Fixed by the caching the bool value. 
2095
2096         Covered by existing test fast/block/layer-not-removed-from-parent-crash.html.
2097
2098         * rendering/RenderBlock.cpp:
2099         (WebCore::RenderBlock::removeChild):
2100
2101 2012-08-03  Mario Sanchez Prada  <msanchez@igalia.com>
2102
2103         [GTK] Add a new and reusable enchant-based spellchecker in WebCore
2104         https://bugs.webkit.org/show_bug.cgi?id=90269
2105
2106         Reviewed by Martin Robinson.
2107
2108         Move enchant specific code down to WebCore, into a new class
2109         TextCheckerEnchant, that we can use from WK1 and WK2.
2110
2111         * GNUmakefile.am: Add flags to handle the SPELLCHECK feature.
2112         * GNUmakefile.list.am: Added new files.
2113         * platform/text/gtk/TextCheckerEnchant.cpp: Added.
2114         (getAvailableDictionariesCallback):
2115         (TextCheckerEnchant::TextCheckerEnchant):
2116         (TextCheckerEnchant::~TextCheckerEnchant):
2117         (TextCheckerEnchant::ignoreWord):
2118         (TextCheckerEnchant::learnWord):
2119         (TextCheckerEnchant::checkSpellingOfString):
2120         (TextCheckerEnchant::getGuessesForWord):
2121         (TextCheckerEnchant::updateSpellCheckingLanguages):
2122         (TextCheckerEnchant::freeEnchantBrokerDictionaries):
2123         * platform/text/gtk/TextCheckerEnchant.h: Added.
2124         (WebCore):
2125         (TextCheckerEnchant):
2126         (WebCore::TextCheckerEnchant::create):
2127
2128 2012-08-03  Kwang Yul Seo  <skyul@company100.net>
2129
2130         Unreviewed r124536 followup, fix the assertion error on Chromium.
2131
2132         * html/parser/HTMLTreeBuilder.cpp:
2133         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
2134
2135 2012-08-03  Ilya Tikhonovsky  <loislo@chromium.org>
2136
2137         Web Inspector: simple replace objectType with ownerObjectType in NMI code.
2138         https://bugs.webkit.org/show_bug.cgi?id=93001
2139
2140         Reviewed by Yury Semikhatsky.
2141
2142         In all the cases when we are visiting members, objectType field is actually the object type of the member's owner object.
2143
2144         * dom/MemoryInstrumentation.h:
2145         (WebCore::MemoryInstrumentation::InstrumentedPointer::InstrumentedPointer):
2146         (InstrumentedPointer):
2147         (WebCore::MemoryInstrumentation::addObject):
2148         (WebCore::MemoryInstrumentation::addInstrumentedObject):
2149         (WebCore::MemoryInstrumentation::addRawBuffer):
2150         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedObject):
2151         (WebCore::MemoryInstrumentation::OwningTraits::addObject):
2152         (WebCore::MemoryObjectInfo::MemoryObjectInfo):
2153         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
2154         (WebCore::MemoryInstrumentation::addObjectImpl):
2155         (WebCore::MemoryInstrumentation::addHashMap):
2156         (WebCore::MemoryInstrumentation::addHashSet):
2157         (WebCore::MemoryInstrumentation::addInstrumentedCollection):
2158         (WebCore::MemoryInstrumentation::addListHashSet):
2159         (WebCore::MemoryInstrumentation::addVector):
2160         (WebCore::::process):
2161
2162 2012-08-02  Ilya Tikhonovsky  <loislo@chromium.org>
2163
2164         Web Inspector: extend test coverage for nmi code and fix 2 bugs.
2165         https://bugs.webkit.org/show_bug.cgi?id=92994
2166
2167         Reviewed by Yury Semikhatsky.
2168
2169         1) owner object type propagation.
2170         If a class with object-type DOM has an instrumented member with object-type Other then it has to be recorded as DOM.
2171         Sample: We have SharedBuffer class and we don't know the object-type for it but we know that it is owned by an object with object-type CachedResourceImage.
2172
2173         2) the first member of an instrumented non virtual class was skipped even if it was reported properly.
2174         it happened because the first member has the same address as it's owner
2175
2176         * dom/MemoryInstrumentation.h:
2177         (WebCore::MemoryInstrumentation::addRootObject):
2178         (WebCore::MemoryInstrumentation::InstrumentedPointer::InstrumentedPointer):
2179         (InstrumentedPointer):
2180         (WebCore::MemoryInstrumentation::addInstrumentedObject):
2181         (MemoryInstrumentation):
2182         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedObject):
2183         (WebCore::MemoryObjectInfo::MemoryObjectInfo):
2184         (WebCore::MemoryObjectInfo::reportObjectInfo):
2185         (WebCore::MemoryClassInfo::addInstrumentedMember):
2186         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
2187         (WebCore::MemoryInstrumentation::addObjectImpl):
2188         (WebCore::MemoryInstrumentation::addInstrumentedCollection):
2189         (WebCore::::process):
2190
2191 2012-08-03  Kentaro Hara  <haraken@chromium.org>
2192
2193         [V8] Make v8NonStringValueToWebCoreString a static method
2194         https://bugs.webkit.org/show_bug.cgi?id=93066
2195
2196         Reviewed by Adam Barth.
2197
2198         v8NonStringValueToWebCoreString() and v8NonStringValueToAtomicWebCoreString()
2199         are not intended to be used from outside V8Binding.cpp.
2200         They should be static methods.
2201
2202         No tests. No change in behavior.
2203
2204         * bindings/v8/V8Binding.cpp:
2205         (WebCore::v8NonStringValueToWebCoreString):
2206         (WebCore):
2207         (WebCore::v8NonStringValueToAtomicWebCoreString):
2208         * bindings/v8/V8Binding.h:
2209         (WebCore::v8StringToWebCoreString):
2210         (WebCore::v8StringToAtomicWebCoreString):
2211
2212 2012-08-02  Abhishek Arya  <inferno@chromium.org>
2213
2214         Crash due to layer not removed from parent for anonymous block.
2215         https://bugs.webkit.org/show_bug.cgi?id=90800
2216
2217         Reviewed by Kent Tamura.
2218
2219         Reverse the order of setStyle and removeChildNode calls. This ensures that setting the style
2220         properly removes its layer from the parent in RenderBoxModelObject::styleDidChange. Calling
2221         removeChildNode before calling setStyle is problematic since the parent layer never gets
2222         notified.
2223
2224         Test: fast/block/layer-not-removed-from-parent-crash.html
2225
2226         * rendering/RenderBlock.cpp:
2227         (WebCore::RenderBlock::removeChild):
2228
2229 2012-08-02  Adam Barth  <abarth@webkit.org>
2230
2231         V8Proxy::retrieveFrameFor*Context are used only by BindingState and should be removed as separate functions
2232         https://bugs.webkit.org/show_bug.cgi?id=93049
2233
2234         Reviewed by Eric Seidel.
2235
2236         No one calls these functions directly anymore. This patch removes them
2237         from V8Proxy and inlines their logic into BindingState.cpp.
2238
2239         * bindings/v8/BindingState.cpp:
2240         (WebCore::activeContext):
2241         (WebCore):
2242         (WebCore::activeWindow):
2243         (WebCore::activeFrame):
2244         (WebCore::firstFrame):
2245         (WebCore::currentFrame):
2246         * bindings/v8/V8Proxy.cpp:
2247         * bindings/v8/V8Proxy.h:
2248         (V8Proxy):
2249
2250 2012-08-02  Yoshifumi Inoue  <yosin@chromium.org>
2251
2252         Make order of attribute/method in HTMLTrackElement.idl as same as specification
2253         https://bugs.webkit.org/show_bug.cgi?id=80102
2254
2255         Reviewed by Kentaro Hara.
2256
2257         No new tests. This patch doesn't change behavior.
2258
2259         * html/HTMLTrackElement.idl: Reorder attribute/method position.
2260
2261 2012-08-02  Kent Tamura  <tkent@chromium.org>
2262
2263         Fix crashes for <input> and <textarea> with display:run-in.
2264         https://bugs.webkit.org/show_bug.cgi?id=87300
2265
2266         Reviewed by Abhishek Arya.
2267
2268         Introduce RenderObject::canBeReplacedWithInlineRunIn, and renderers which
2269         should not be run-in override it so that it returns false.
2270
2271         Test: fast/runin/input-text-runin.html
2272               fast/runin/textarea-runin.html
2273
2274         * rendering/RenderBlock.cpp:
2275         (WebCore::RenderBlock::moveRunInUnderSiblingBlockIfNeeded):
2276         Checks canBeReplacedWithInlineRunIn instead of checking tag names.
2277         * rendering/RenderFileUploadControl.cpp:
2278         (WebCore::RenderFileUploadControl::canBeReplacedWithInlineRunIn):
2279         Added. Disallow run-in.
2280         * rendering/RenderFileUploadControl.h:
2281         (RenderFileUploadControl): Declare canBeReplacedWithInlineRunIn.
2282         * rendering/RenderListBox.cpp:
2283         (WebCore::RenderListBox::canBeReplacedWithInlineRunIn):
2284         Added. Disallow run-in. This is not a behavior change.
2285         * rendering/RenderListBox.h:
2286         (RenderListBox): Declare canBeReplacedWithInlineRunIn.
2287         * rendering/RenderMenuList.cpp:
2288         (WebCore::RenderMenuList::canBeReplacedWithInlineRunIn):
2289         Added. Disallow run-in. This is not a behavior change.
2290         * rendering/RenderMenuList.h:
2291         (RenderMenuList): Declare canBeReplacedWithInlineRunIn.
2292         * rendering/RenderObject.cpp:
2293         (WebCore::RenderObject::canBeReplacedWithInlineRunIn):
2294         Added. Allow run-in by default.
2295         * rendering/RenderObject.h:
2296         (RenderObject): Declare canBeReplacedWithInlineRunIn.
2297         * rendering/RenderProgress.cpp:
2298         (WebCore::RenderProgress::canBeReplacedWithInlineRunIn):
2299         Added. Disallow run-in. This is not a behavior change.
2300         * rendering/RenderProgress.h:
2301         (RenderProgress): Declare canBeReplacedWithInlineRunIn.
2302         * rendering/RenderSlider.cpp:
2303         (WebCore::RenderSlider::canBeReplacedWithInlineRunIn):
2304         Added. Disallow run-in.
2305         * rendering/RenderSlider.h:
2306         (RenderSlider): Declare canBeReplacedWithInlineRunIn.
2307         * rendering/RenderTextControl.cpp:
2308         (WebCore::RenderTextControl::canBeReplacedWithInlineRunIn):
2309         Added. Disallow run-in.
2310         * rendering/RenderTextControl.h:
2311         (RenderTextControl): Declare canBeReplacedWithInlineRunIn.
2312
2313 2012-08-02  Kihong Kwon  <kihong.kwon@samsung.com>
2314
2315         [EFL] Fix wrong assigned value of BatteryStatus
2316         https://bugs.webkit.org/show_bug.cgi?id=93058
2317
2318         Reviewed by Kentaro Hara.
2319
2320         There is a wrong change in the bug 92964.
2321         property variable have to be used after assigned value in the setBatteryClient.
2322
2323         * platform/efl/BatteryProviderEfl.cpp:
2324         (WebCore::BatteryProviderEfl::setBatteryClient):
2325
2326 2012-08-02  Arvid Nilsson  <anilsson@rim.com>
2327
2328         [BlackBerry] Add default implementation of GraphicsLayerClient::contentsVisible()
2329         https://bugs.webkit.org/show_bug.cgi?id=93036
2330
2331         Reviewed by George Staikos.
2332
2333         Returning true by default would cause memory usage to balloon, because
2334         the LayerTiler would believe every tile is visible and always needs to
2335         be rendered. Instead, we choose to return false by default, relying
2336         entirely on reactive rendering through render jobs.
2337
2338         However this revealed a subtle bug. If the entire layer was invalidated
2339         every frame, checkerboard would never resolve with this default
2340         implementation.
2341
2342         Fixed by not clearing render jobs when the entire layer is invalidated,
2343         thus making us robust against an incomplete contentsVisible
2344         implementation.
2345
2346         Also removed dead code related to the deprecated
2347         LayerTiler::m_tilesWebKitThread mechanism, which has been replaced by
2348         the implicit visibility management resulting from render jobs.
2349
2350         With m_tilesWebKitThread out of the way, rename m_tilesCompositingThread
2351         to be simply m_tiles.
2352
2353         PR 187458
2354
2355         This is not currently testable using BlackBerry testing infrastructure.
2356
2357         * platform/graphics/GraphicsLayerClient.h:
2358         (WebCore::GraphicsLayerClient::contentsVisible): Gets a default implementation instead of being pure virtual.
2359         * platform/graphics/blackberry/LayerTile.cpp:
2360         (WebCore::LayerTile::LayerTile): Merged LayerTileData into LayerTile now that m_tilesWebKitThread is gone.
2361         * platform/graphics/blackberry/LayerTile.h:
2362         (LayerTile):
2363         * platform/graphics/blackberry/LayerTiler.cpp:
2364         (WebCore::LayerTiler::~LayerTiler):
2365         (WebCore::LayerTiler::updateTextureContentsIfNeeded): Bug fix to make us robust against the new default implementation of GraphicsLayerClient::contentsVisible()
2366         (WebCore::LayerTiler::shouldPerformRenderJob):
2367         (WebCore::LayerTiler::layerVisibilityChanged):
2368         (WebCore::LayerTiler::uploadTexturesIfNeeded):
2369         (WebCore::LayerTiler::drawTexturesInternal):
2370         (WebCore::LayerTiler::deleteTextures):
2371         (WebCore::LayerTiler::pruneTextures):
2372         (WebCore::LayerTiler::bindContentsTexture):
2373         * platform/graphics/blackberry/LayerTiler.h:
2374         (LayerTiler):
2375
2376 2012-08-02  Keishi Hattori  <keishi@webkit.org>
2377
2378         Slider should snap to datalist tick marks
2379         https://bugs.webkit.org/show_bug.cgi?id=92640
2380
2381         Reviewed by Kent Tamura.
2382
2383         Input type=range slider snaps to datalist tick marks.
2384
2385         Test: fast/forms/datalist/range-snap-to-datalist.html
2386
2387         * html/HTMLInputElement.cpp:
2388         (WebCore::HTMLInputElement::findClosestTickMarkValue): Just calls InputType::findClosestTickMarkValue.
2389         (WebCore):
2390         * html/HTMLInputElement.h:
2391         (HTMLInputElement):
2392         * html/InputType.cpp:
2393         (WebCore):
2394         (WebCore::InputType::findClosestTickMarkValue): Overridden by RangeInputType.
2395         * html/InputType.h:
2396         (InputType):
2397         * html/RangeInputType.cpp:
2398         (WebCore::RangeInputType::RangeInputType):
2399         (WebCore):
2400         (WebCore::RangeInputType::listAttributeTargetChanged): Mark m_tickMarkValues as dirty.
2401         (WebCore::decimalCompare):
2402         (WebCore::RangeInputType::updateTickMarkValues): Sets m_tickMarkValues to a list of sorted valid datalist values.
2403         (WebCore::RangeInputType::findClosestTickMarkValue): Finds closest tick mark value to a given value.
2404         * html/RangeInputType.h:
2405         (RangeInputType):
2406         * html/shadow/SliderThumbElement.cpp:
2407         (WebCore):
2408         (WebCore::SliderThumbElement::setPositionFromPoint): Snaps to the closest tick mark value if it is within a certain distance.
2409
2410 2012-08-02  Ryuan Choi  <ryuan.choi@samsung.com>
2411
2412         [EFL] Crash while loading plugin after r121467
2413         https://bugs.webkit.org/show_bug.cgi?id=92943
2414
2415         Reviewed by Laszlo Gombos.
2416
2417         r121467 replaced POSIX dlopen to helpers in eina_module, but some codes
2418         are not changed.
2419
2420         No new tests, behavior has not changed.
2421
2422         * plugins/efl/PluginPackageEfl.cpp:
2423         (WebCore::PluginPackage::fetchInfo):
2424         Changes dlsym to eina_module_symbol_get to follow changes of r121467.
2425
2426 2012-08-02  Adam Barth  <abarth@webkit.org>
2427
2428         V8 bindings code that tries to find its context should use BindingState functions rather than V8Proxy
2429         https://bugs.webkit.org/show_bug.cgi?id=93038
2430
2431         Reviewed by Eric Seidel.
2432
2433         After this patch, most code in the V8 bindings that tries to determine
2434         it's "context" goes through BindingState.h rather than V8Proxy. This
2435         patch is a step towards unifying all these code paths.
2436
2437         * bindings/scripts/CodeGeneratorV8.pm:
2438         (GenerateNamedConstructorCallback):
2439         * bindings/v8/BindingState.cpp:
2440         (WebCore::currentFrame):
2441         (WebCore):
2442         * bindings/v8/BindingState.h:
2443         (WebCore):
2444         * bindings/v8/ScriptController.cpp:
2445         (WebCore::ScriptController::retrieveFrameForEnteredContext):
2446         (WebCore::ScriptController::retrieveFrameForCurrentContext):
2447         * bindings/v8/V8DOMWindowShell.cpp:
2448         (WebCore::v8UncaughtExceptionHandler):
2449         * bindings/v8/V8Proxy.cpp:
2450         (WebCore::V8Proxy::reportUnsafeAccessTo):
2451         * bindings/v8/V8Proxy.h:
2452         (V8Proxy):
2453         * bindings/v8/V8Utilities.cpp:
2454         (WebCore::getScriptExecutionContext):
2455         * bindings/v8/custom/V8AudioContextCustom.cpp:
2456         (WebCore::V8AudioContext::constructorCallback):
2457         * bindings/v8/custom/V8DOMWindowCustom.cpp:
2458         (WebCore::handlePostMessageCallback):
2459         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
2460         (WebCore::V8HTMLDocument::writeCallback):
2461         (WebCore::V8HTMLDocument::writelnCallback):
2462         (WebCore::V8HTMLDocument::openCallback):
2463         * bindings/v8/custom/V8HTMLImageElementConstructor.cpp:
2464         (WebCore::v8HTMLImageElementConstructorCallback):
2465
2466 2012-08-02  Sheriff Bot  <webkit.review.bot@gmail.com>
2467
2468         Unreviewed, rolling out r124540.
2469         http://trac.webkit.org/changeset/124540
2470         https://bugs.webkit.org/show_bug.cgi?id=93055
2471
2472         Broke compile on Chromium Win bot (Requested by dimich on
2473         #webkit).
2474
2475         * Modules/indexeddb/IDBBackingStore.h:
2476         (IDBBackingStore):
2477         * Modules/indexeddb/IDBCallbacks.h:
2478         (IDBCallbacks):
2479         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
2480         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::PendingOpenCall):
2481         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
2482         (WebCore::IDBDatabaseBackendImpl::openInternal):
2483         (WebCore::IDBDatabaseBackendImpl::metadata):
2484         (WebCore::IDBDatabaseBackendImpl::setVersion):
2485         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
2486         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
2487         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
2488         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
2489         (WebCore::IDBDatabaseBackendImpl::close):
2490         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
2491         (IDBDatabaseBackendImpl):
2492         * Modules/indexeddb/IDBDatabaseCallbacks.h:
2493         (IDBDatabaseCallbacks):
2494         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
2495         (WebCore::IDBFactoryBackendImpl::open):
2496         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
2497         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
2498         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
2499         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
2500         * Modules/indexeddb/IDBLevelDBBackingStore.h:
2501         (IDBLevelDBBackingStore):
2502         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
2503         (WebCore::IDBTransactionBackendImpl::commit):
2504
2505 2012-08-02  Arvid Nilsson  <anilsson@rim.com>
2506
2507         [BlackBerry] Upstream GraphicsLayerClient::contentsVisible()
2508         https://bugs.webkit.org/show_bug.cgi?id=93040
2509
2510         Reviewed by George Staikos.
2511
2512         Our LayerTiler uses both proactive and reactive rendering to populate
2513         tiles. If contentsVisible() is accurate, it will cause the right tiles
2514         to be rendered. Failing that, when a dirty tile is found to be visible
2515         on the compositing thread, a render job is scheduled.
2516
2517         This is not currently testable using BlackBerry testing infrastructure.
2518
2519         * platform/graphics/GraphicsLayerClient.h:
2520         (GraphicsLayerClient): New BlackBerry-specific method "contentsVisible" added.
2521         * rendering/RenderLayerBacking.cpp:
2522         (WebCore):
2523         (WebCore::RenderLayerBacking::contentsVisible): BlackBerry-specific implementation.
2524
2525 2012-08-02  Alexandre Elias  <aelias@google.com>
2526
2527         [chromium] deviceViewportSize cleanup
2528         https://bugs.webkit.org/show_bug.cgi?id=92794
2529
2530         Reviewed by Adrienne Walker.
2531
2532         In the future, CSS layout size will become increasingly disassociated
2533         from physical device size, and it will become impossible to infer one
2534         from the other inside the compositor.  Therefore, this patch allows
2535         deviceViewportSize to be explicitly passed in by the outside client.
2536
2537         I also renamed the existing viewportSize field to "layoutViewportSize"
2538         for clarity, and converted its uses to deviceViewportSize since
2539         that is more appropriate.
2540
2541         I had to add some default-value scaffolding to WebLayerTreeView in
2542         order to avoid breaking ui/compositor.  We can delete it once that's
2543         updated.
2544
2545         No new tests (covered by existing tests).
2546
2547         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2548         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
2549         (WebCore::CCLayerTreeHost::setViewportSize):
2550         (WebCore::CCLayerTreeHost::updateLayers):
2551         (WebCore::CCLayerTreeHost::setDeviceScaleFactor):
2552         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2553         (CCLayerTreeHost):
2554         (WebCore::CCLayerTreeHost::layoutViewportSize):
2555         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2556         (WebCore::CCLayerTreeHostImpl::canDraw):
2557         (WebCore::CCLayerTreeHostImpl::startPageScaleAnimation):
2558         (WebCore::CCLayerTreeHostImpl::setViewportSize):
2559         (WebCore::CCLayerTreeHostImpl::setDeviceScaleFactor):
2560         (WebCore::CCLayerTreeHostImpl::updateMaxScrollPosition):
2561         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2562         (CCLayerTreeHostImpl):
2563         (WebCore::CCLayerTreeHostImpl::layoutViewportSize):
2564
2565 2012-08-02  Adam Barth  <abarth@webkit.org>
2566
2567         V8Proxy::currentContext() doesn't do anything and should be removed
2568         https://bugs.webkit.org/show_bug.cgi?id=93041
2569
2570         Reviewed by Eric Seidel.
2571
2572         It's just a wrapper for GetCurrent().
2573
2574         * bindings/v8/DateExtension.cpp:
2575         (WebCore::DateExtension::setAllowSleep):
2576         * bindings/v8/V8NPUtils.cpp:
2577         (WebCore::convertV8ObjectToNPVariant):
2578         * bindings/v8/V8Proxy.cpp:
2579         (WebCore::V8Proxy::retrieve):
2580         (WebCore::V8Proxy::mainWorldContext):
2581         * bindings/v8/V8Proxy.h:
2582         (V8Proxy):
2583         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
2584         (WebCore::getJSListenerFunctions):
2585
2586 2012-08-02  David Grogan  <dgrogan@chromium.org>
2587
2588         IndexedDB: Core upgradeneeded logic
2589         https://bugs.webkit.org/show_bug.cgi?id=92558
2590
2591         Reviewed by Ojan Vafai.
2592
2593         This is the backend webkit logic needed for integer versions. The rest
2594         is in https://bugs.webkit.org/show_bug.cgi?id=89505.
2595
2596         I tried to make use of the existing processPendingCalls and added two
2597         more queues, pendingOpenWithVersionCalls and
2598         pendingSecondHalfOpenWithVersionCalls. The "second half" refers to
2599         how there are two events that need to be fired in response to an
2600         open-with-version call. The "second half" queue holds the open
2601         requests that should immediately follow the caller's upgradeneeded
2602         handler.
2603
2604         No new tests, there are so many they are in their own patch:
2605         https://bugs.webkit.org/show_bug.cgi?id=92560
2606
2607         Though this patch doesn't change any expected behavior anyway, lack of
2608         regressions is what we're hoping for here.
2609
2610         * Modules/indexeddb/IDBBackingStore.h:
2611         (IDBBackingStore):
2612         * Modules/indexeddb/IDBCallbacks.h:
2613         (WebCore::IDBCallbacks::onBlocked):
2614         (WebCore::IDBCallbacks::onUpgradeNeeded):
2615         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
2616         (IDBDatabaseBackendImpl::PendingOpenCall):
2617         (IDBDatabaseBackendImpl::PendingOpenWithVersionCall):
2618         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::create):
2619         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::callbacks):
2620         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::version):
2621         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::PendingOpenWithVersionCall):
2622         (WebCore):
2623         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
2624         (WebCore::IDBDatabaseBackendImpl::openInternal):
2625         (WebCore::IDBDatabaseBackendImpl::metadata):
2626         (WebCore::IDBDatabaseBackendImpl::setVersion):
2627         (WebCore::IDBDatabaseBackendImpl::setIntVersionInternal):
2628         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
2629         (WebCore::IDBDatabaseBackendImpl::transactionFinishedAndEventsFired):
2630         When an upgradeneeded event is fired in response to an
2631         open-with-version call, the version change transaction must receive its
2632         complete event before processPendingCalls fires a success event at
2633         IDBOpenDBRequest. In the future this should probably be changed
2634         instead to transactionFinishedAndAbortFired and
2635         transactionFinishedAndCompleteFired so that we'll know to fire a
2636         success or error event at IDBOpenDBRequest. Currently, instead of
2637         firing error when there's an abort, we don't fire anything.
2638
2639         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
2640         Now that this is called after a connection is opened, we unfortunately
2641         lose the invariant that there is only one existing connection when this
2642         is called, but nothing inside this function actually relied on that.
2643         Additionally, the secondHalfOpen calls only ever need to be serviced
2644         in one place: right after a version change transaction completes, so
2645         it could be moved out of here.
2646
2647         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
2648         Now that setVersion and deleteDatabase calls are queued up behind
2649         secondHalfOpen calls, we have to service those queues when
2650         secondHalfOpen calls complete, which is here.  So call
2651         processPendingCalls().
2652
2653         (WebCore::IDBDatabaseBackendImpl::runIntVersionChangeTransaction):
2654         (WebCore::IDBDatabaseBackendImpl::openConnectionWithVersion):
2655         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
2656         (WebCore::IDBDatabaseBackendImpl::close):
2657         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
2658         (IDBDatabaseBackendImpl):
2659         * Modules/indexeddb/IDBDatabaseCallbacks.h:
2660         (WebCore::IDBDatabaseCallbacks::onVersionChange):
2661         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
2662         (WebCore::IDBFactoryBackendImpl::open):
2663         This is refactored some so that the call to openConection{WithVersion}
2664         happens once, at the end.
2665
2666         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
2667         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
2668         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
2669         (WebCore::IDBLevelDBBackingStore::updateIDBDatabaseIntVersion):
2670         (WebCore):
2671         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
2672         * Modules/indexeddb/IDBLevelDBBackingStore.h:
2673         (IDBLevelDBBackingStore):
2674         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
2675         (WebCore::IDBTransactionBackendImpl::commit):
2676         See above comments about transactionFinishedAndEventsFired. I tried
2677         moving the call to transactionFinished after the events were fired but
2678         that failed some asserts. But changing those asserts is still an
2679         alternative to splitting up transactionFinished as is done here.
2680
2681 2012-08-02  Rob Buis  <rwlbuis@webkit.org>
2682
2683         SVG text selection doesn't work with hyperlinked text
2684         https://bugs.webkit.org/show_bug.cgi?id=29166
2685
2686         Reviewed by Eric Seidel.
2687
2688         Cleanup SVGAElement. There is no need to test for middle mouse button here, this
2689         is handled elsewhere, so remove isMiddleMouseButtonEvent. Similarly handleLinkClick
2690         is not used anymore by HTMLAnchorElement, remove it. Finally, _self indeed is not needed.
2691
2692         No new tests, since no change in behaviour.
2693
2694         * WebCore.order:
2695         * html/HTMLAnchorElement.cpp:
2696         * html/HTMLAnchorElement.h:
2697         (WebCore):
2698         * svg/SVGAElement.cpp:
2699         (WebCore::SVGAElement::defaultEventHandler):
2700
2701 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
2702
2703         Move causesFosterParenting() to HTMLStackItem
2704         https://bugs.webkit.org/show_bug.cgi?id=93048
2705
2706         Reviewed by Adam Barth.
2707
2708         Changed to share causesFosterParenting() between HTMLTreeBuilder and HTMLConstructionSite
2709         by moving this function to HTMLStackItem.
2710
2711         No functional change, so no new tests.
2712
2713         * html/parser/HTMLConstructionSite.cpp:
2714         (WebCore::HTMLConstructionSite::shouldFosterParent):
2715         * html/parser/HTMLStackItem.h:
2716         (WebCore::HTMLStackItem::causesFosterParenting):
2717         (HTMLStackItem):
2718         * html/parser/HTMLTreeBuilder.cpp:
2719         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
2720
2721 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
2722
2723         Read tag names and attributes from the saved tokens in HTMLTreeBuilder::callTheAdoptionAgency(AtomicHTMLToken*)
2724         https://bugs.webkit.org/show_bug.cgi?id=93047
2725
2726         Reviewed by Adam Barth.
2727
2728         This is a follow-up patch for r123577.
2729         Changed to retrieve the stack item of commonAncestor and read the local name from the saved token.
2730
2731         No new tests, covered by existing tests.
2732
2733         * html/parser/HTMLTreeBuilder.cpp:
2734         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
2735
2736 2012-08-02  Vincent Scheib  <scheib@chromium.org>
2737
2738         Remove old Pointer Lock API.
2739         https://bugs.webkit.org/show_bug.cgi?id=88892
2740
2741         Reviewed by Adam Barth.
2742
2743         Removing the old Pointer Lock API as one of the final cleanup
2744         changes for the Update to Fullscreen style locking Spec meta
2745         bug https://bugs.webkit.org/show_bug.cgi?id=84402.
2746
2747         This change primarily removes idl, access in navigator,
2748         one event, and supporting infrastructure in page/PointerLock.
2749
2750         In PointerLockController changes were already noted clearly with
2751         TODOs differentiating old and new api sections.
2752
2753         Test: pointer-lock/pointerlockchange-event-on-lock-lost.html
2754
2755         * WebCore.gypi:
2756         * dom/Element.cpp:
2757         (WebCore::Element::webkitRequestPointerLock):
2758         * dom/EventNames.h:
2759         (WebCore):
2760         * page/Navigator.cpp:
2761         * page/Navigator.h:
2762         (WebCore):
2763         (Navigator):
2764         * page/Navigator.idl:
2765         * page/PointerLock.cpp: Removed.
2766         * page/PointerLock.h: Removed.
2767         * page/PointerLock.idl: Removed.
2768         * page/PointerLockController.cpp:
2769         (WebCore::PointerLockController::requestPointerLock):
2770         (WebCore::PointerLockController::didAcquirePointerLock):
2771         (WebCore::PointerLockController::didNotAcquirePointerLock):
2772         (WebCore::PointerLockController::didLosePointerLock):
2773         * page/PointerLockController.h:
2774         (PointerLockController):
2775
2776 2012-08-02  Ryosuke Niwa  <rniwa@webkit.org>
2777
2778         scripts in formaction should be stripped upon paste
2779         https://bugs.webkit.org/show_bug.cgi?id=92298
2780
2781         Reviewed by Eric Seidel.
2782
2783         Strip formaction attribute values when the URL is of javascript protocol.
2784
2785         Test: editing/pasteboard/paste-noscript-xhtml.html
2786               editing/pasteboard/paste-noscript.html
2787
2788         * dom/Element.cpp:
2789         (WebCore::isAttributeToRemove): Explicitly compare with href and nohref instead of comparing
2790         the ends of strings since comparing two AtomicString is much faster.
2791
2792 2012-08-02  Elliott Sprehn  <esprehn@gmail.com>
2793
2794         Built in quotes don't use lang attribute
2795         https://bugs.webkit.org/show_bug.cgi?id=92918
2796
2797         Reviewed by Alexey Proskuryakov.
2798
2799         Previously even though there was a table in RenderQuote of languages mapped
2800         to quotes we always used basic quotes. This patch removes the broken tree
2801         walking and uses Element::computeInheritedLanguage fixing this.
2802
2803         Tests: fast/css-generated-content/quotes-lang-expected.html
2804                fast/css-generated-content/quotes-lang.html
2805                fast/css-generated-content/quotes-xml-lang-expected.html
2806                fast/css-generated-content/quotes-xml-lang.html
2807
2808         * rendering/RenderQuote.cpp:
2809         (WebCore::RenderQuote::originalText):
2810         (WebCore::RenderQuote::quotesData): New method that determines the right QuotesData to use.
2811         (WebCore):
2812         * rendering/RenderQuote.h:
2813         (RenderQuote):
2814
2815 2012-08-02  Adam Barth  <abarth@webkit.org>
2816
2817         Add back a header I mistakenly removed in my previous commit.
2818
2819         * WebCore.xcodeproj/project.pbxproj:
2820
2821 2012-08-02  Adrienne Walker  <enne@google.com>
2822
2823         [chromium] Remove dependency on Scrollbar.h from ScrollbarLayerChromium
2824         https://bugs.webkit.org/show_bug.cgi?id=93024
2825
2826         Reviewed by James Robinson.
2827
2828         Change part enum from the Scrollbar version to WebScrollbar's.
2829
2830         Tested by composited layout tests.
2831
2832         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
2833         (WebCore::ScrollbarBackgroundPainter::create):
2834         (WebCore::ScrollbarBackgroundPainter::ScrollbarBackgroundPainter):
2835         (ScrollbarBackgroundPainter):
2836         (WebCore::ScrollbarLayerChromium::createTextureUpdaterIfNeeded):
2837
2838 2012-08-02  Adam Barth  <abarth@webkit.org>
2839
2840         BindingSecurityBase serves no purpose and should be removed
2841         https://bugs.webkit.org/show_bug.cgi?id=93025
2842
2843         Reviewed by Eric Seidel.
2844
2845         Now that we don't use templates in the generic bindings, we can merge
2846         BindingSecurity and BindingSecurityBase. This patch also removes some
2847         functions that are no longer used (and reduces the number of
2848         #includes).
2849
2850         No behavior change.
2851
2852         * GNUmakefile.list.am:
2853         * WebCore.gypi:
2854         * bindings/generic/BindingSecurity.h:
2855         (WebCore):
2856         (BindingSecurity):
2857         * bindings/generic/BindingSecurityBase.cpp: Removed.
2858         * bindings/generic/BindingSecurityBase.h: Removed.
2859         * bindings/v8/V8Binding.h:
2860         * bindings/v8/V8Utilities.cpp:
2861         * bindings/v8/custom/V8MutationObserverCustom.cpp:
2862
2863 2012-08-02  Ryosuke Niwa  <rniwa@webkit.org>
2864
2865         Let XCode have its own away and also sort the files.
2866
2867         * WebCore.xcodeproj/project.pbxproj:
2868
2869 2012-08-02  Tien-Ren Chen  <trchen@chromium.org>
2870
2871         [chromium] Add CCScrollbarAnimationController class for compositor scrollbar animation
2872         https://bugs.webkit.org/show_bug.cgi?id=91688
2873
2874         Reviewed by Adrienne Walker.
2875
2876         Add CCScrollbarAnimationController that serves as the middle man
2877         between the scrolling layer and scrollbar layer. Now all scroll offset
2878         information are pushed through the controller, and individual platform
2879         can provide specialized controller for extra processing.
2880
2881         A basic fadeout controller for Android scrollbar is included.
2882
2883         New test: ScrollbarLayerChromiumTest.scrollOffsetSynchronization
2884                   CCScrollbarAnimationControllerLinearFade.*
2885
2886         * WebCore.gypi:
2887         * page/FrameView.cpp:
2888         (WebCore::FrameView::calculateScrollbarModesForLayout):
2889         * page/scrolling/chromium/ScrollingCoordinatorChromium.cpp:
2890         (WebCore::createScrollbarLayer):
2891         * platform/graphics/chromium/TreeSynchronizer.cpp:
2892         (WebCore::TreeSynchronizer::synchronizeTreeRecursive):
2893         (WebCore::TreeSynchronizer::updateScrollbarLayerPointersRecursive):
2894         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
2895         (WebCore::CCLayerImpl::scrollBy):
2896         (WebCore::CCLayerImpl::setMaxScrollPosition):
2897         (WebCore):
2898         (WebCore::CCLayerImpl::horizontalScrollbarLayer):
2899         (WebCore::CCLayerImpl::setHorizontalScrollbarLayer):
2900         (WebCore::CCLayerImpl::verticalScrollbarLayer):
2901         (WebCore::CCLayerImpl::setVerticalScrollbarLayer):
2902         * platform/graphics/chromium/cc/CCLayerImpl.h:
2903         (WebCore):
2904         (CCLayerImpl):
2905         (WebCore::CCLayerImpl::scrollbarAnimationController):
2906         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2907         (WebCore::CCLayerTreeHostImpl::animate):
2908         (WebCore::CCLayerTreeHostImpl::pinchGestureBegin):
2909         (WebCore::CCLayerTreeHostImpl::pinchGestureUpdate):
2910         (WebCore::CCLayerTreeHostImpl::pinchGestureEnd):
2911         (WebCore::CCLayerTreeHostImpl::animateScrollbars):
2912         (WebCore):
2913         (WebCore::CCLayerTreeHostImpl::animateScrollbarsRecursive):
2914         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2915         (CCLayerTreeHostImpl):
2916         * platform/graphics/chromium/cc/CCScrollbarAnimationController.cpp: Added.
2917         (WebCore):
2918         (WebCore::CCScrollbarAnimationController::create):
2919         (WebCore::CCScrollbarAnimationController::CCScrollbarAnimationController):
2920         (WebCore::CCScrollbarAnimationController::~CCScrollbarAnimationController):
2921         (WebCore::CCScrollbarAnimationController::getScrollLayerBounds):
2922         (WebCore::CCScrollbarAnimationController::updateScrollOffset):
2923         * platform/graphics/chromium/cc/CCScrollbarAnimationController.h: Added.
2924         (WebCore):
2925         (CCScrollbarAnimationController):
2926         (WebCore::CCScrollbarAnimationController::animate):
2927         (WebCore::CCScrollbarAnimationController::didPinchGestureBegin):
2928         (WebCore::CCScrollbarAnimationController::didPinchGestureUpdate):
2929         (WebCore::CCScrollbarAnimationController::didPinchGestureEnd):
2930         (WebCore::CCScrollbarAnimationController::setHorizontalScrollbarLayer):
2931         (WebCore::CCScrollbarAnimationController::horizontalScrollbarLayer):
2932         (WebCore::CCScrollbarAnimationController::setVerticalScrollbarLayer):
2933         (WebCore::CCScrollbarAnimationController::verticalScrollbarLayer):
2934         * platform/graphics/chromium/cc/CCScrollbarAnimationControllerAndroid.cpp: Added.
2935         (WebCore):
2936         (WebCore::CCScrollbarAnimationController::create):
2937         (WebCore::CCScrollbarAnimationControllerAndroid::CCScrollbarAnimationControllerAndroid):
2938         (WebCore::CCScrollbarAnimationControllerAndroid::~CCScrollbarAnimationControllerAndroid):
2939         (WebCore::CCScrollbarAnimationControllerAndroid::animate):
2940         (WebCore::CCScrollbarAnimationControllerAndroid::didPinchGestureUpdate):
2941         (WebCore::CCScrollbarAnimationControllerAndroid::didPinchGestureEnd):
2942         (WebCore::CCScrollbarAnimationControllerAndroid::updateScrollOffset):
2943         (WebCore::CCScrollbarAnimationControllerAndroid::opacityAtTime):
2944         * platform/graphics/chromium/cc/CCScrollbarAnimationControllerAndroid.h: Added.
2945         (WebCore):
2946         (CCScrollbarAnimationControllerAndroid):
2947         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
2948         (WebCore::CCScrollbarLayerImpl::CCScrollbarLayerImpl):
2949         (WebCore):
2950         (WebCore::CCScrollbarLayerImpl::CCScrollbar::value):
2951         (WebCore::CCScrollbarLayerImpl::CCScrollbar::currentPos):
2952         (WebCore::CCScrollbarLayerImpl::CCScrollbar::totalSize):
2953         (WebCore::CCScrollbarLayerImpl::CCScrollbar::maximum):
2954         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
2955         (WebCore::CCScrollbarLayerImpl::orientation):
2956         (WebCore::CCScrollbarLayerImpl::setCurrentPos):
2957         (WebCore::CCScrollbarLayerImpl::setTotalSize):
2958         (WebCore::CCScrollbarLayerImpl::setMaximum):
2959         (CCScrollbarLayerImpl):
2960
2961 2012-06-15  David Barton  <dbarton@mathscribe.com>
2962
2963         MathML: nested square root symbols have varying descenders
2964         https://bugs.webkit.org/show_bug.cgi?id=43819
2965
2966         Reviewed by Eric Seidel.
2967
2968         This bug stems from the use of offsetHeight() on a renderer that's possibly a
2969         RenderInline, in getBoxModelObjectHeight() in RenderMathMLBlock.h.
2970         RenderInline::offsetHeight() actually returns linesBoundingBox().height(), which can be
2971         overly large, especially for the big STIX fonts that include a few mathematical symbols
2972         with unusually tall ascenders or descenders. A better solution for MathML in general is
2973         the CSS properties { -webkit-line-box-contain: glyphs replaced; line-height: 0; }. This
2974         gives tight glyph-based formatting in radical expressions, subscripts, superscripts,
2975         underscripts, overscripts, numerators, denominators, etc. To make this work, inline
2976         elements such as <mn> and <mi> must be wrapped inside implicit <mrow>s or just
2977         RenderMathMLBlocks, when a tight height is desired. We also replace
2978         getBoxModelObjectWidth(), which uses offsetWidth(), with contentLogicalWidth(). Finally,
2979         we enable the STIXGeneral font for use inside layout tests.
2980
2981         Tested by existing LayoutTests/mathml/presentation/ files including roots.xhtml.
2982
2983         * css/mathml.css:
2984         (math):
2985         (mtext):
2986         (mroot > * + *):
2987         (mtd):
2988         * rendering/mathml/RenderMathMLBlock.cpp:
2989         (WebCore::RenderMathMLBlock::preferredLogicalHeightAfterSizing):
2990         (WebCore::RenderMathMLBlock::baselinePosition):
2991         * rendering/mathml/RenderMathMLBlock.h:
2992         * rendering/mathml/RenderMathMLFraction.cpp:
2993         (WebCore::RenderMathMLFraction::baselinePosition):
2994         * rendering/mathml/RenderMathMLOperator.cpp:
2995         (WebCore::RenderMathMLOperator::createStackableStyle):
2996         (WebCore::RenderMathMLOperator::baselinePosition):
2997         * rendering/mathml/RenderMathMLRoot.cpp:
2998         (WebCore::RenderMathMLRoot::addChild):
2999         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths):
3000         (WebCore::RenderMathMLRoot::paint):
3001         * rendering/mathml/RenderMathMLRoot.h:
3002         * rendering/mathml/RenderMathMLSquareRoot.cpp:
3003         * rendering/mathml/RenderMathMLSquareRoot.h:
3004         * rendering/mathml/RenderMathMLSubSup.cpp:
3005         (WebCore::RenderMathMLSubSup::layout):
3006         * rendering/mathml/RenderMathMLUnderOver.cpp:
3007         (WebCore::RenderMathMLUnderOver::baselinePosition):
3008         * rendering/mathml/RenderMathMLUnderOver.h:
3009
3010 2012-08-02  Adrienne Walker  <enne@google.com>
3011
3012         [chromium] Make CCScrollbarLayerImpl handle lost contexts properly
3013         https://bugs.webkit.org/show_bug.cgi?id=93021
3014
3015         Reviewed by James Robinson.
3016
3017         The resource ids that CCScrollbarLayerImpl holds onto need to be
3018         discarded during a lost context as the resource provider they came
3019         from is also destroyed.
3020
3021         Make a scrollbarGeometry function that wraps all uses of the
3022         m_geometry member to make it possible to test CCScrollbarLayerImpl
3023         without depending on WebCore.
3024
3025         Test: CCLayerTreeHostImplTest.dontUseOldResourcesAfterLostContext
3026
3027         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
3028         (WebCore::CCScrollbarLayerImpl::scrollbarGeometry):
3029         (WebCore):
3030         (WebCore::CCScrollbarLayerImpl::appendQuads):
3031         (WebCore::CCScrollbarLayerImpl::didLoseContext):
3032         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
3033         (CCScrollbarLayerImpl):
3034
3035 2012-08-02  Oliver Hunt  <oliver@apple.com>
3036
3037         A few objects aren't being safely protected from GC in all cases
3038         https://bugs.webkit.org/show_bug.cgi?id=93031
3039
3040         Reviewed by Filip Pizlo.
3041
3042         I haven't seen evidence that anyone is hitting bugs due to this, but any
3043         GC error can lead to later -- hard to diagnose -- bugs if they result in
3044         resurrecting dead objects.
3045
3046         * bindings/js/JSCustomXPathNSResolver.cpp:
3047         (WebCore::JSCustomXPathNSResolver::create):
3048         (WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver):
3049         (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
3050         * bindings/js/JSCustomXPathNSResolver.h:
3051         (JSCustomXPathNSResolver):
3052         * bindings/js/JSDictionary.cpp:
3053         (WebCore::JSDictionary::tryGetProperty):
3054         * bindings/js/JSDictionary.h:
3055         (WebCore::JSDictionary::JSDictionary):
3056         (WebCore::JSDictionary::initializerObject):
3057
3058 2012-08-02  Emil A Eklund  <eae@chromium.org>
3059
3060         Range::isPointInRange incorrectly throws WRONG_DOCUMENT_ERR
3061         https://bugs.webkit.org/show_bug.cgi?id=93009
3062
3063         Reviewed by Ojan Vafai.
3064
3065         The latest working draft of the DOM4 spec has all but killed the
3066         WRONG_DOCUMENT_ERR exception. Update isPointInRange to return false
3067         instead of throwing an exception when the range and point are in
3068         different documents. This matches the Mozilla behavior.
3069
3070         Test: fast/html/range-point-in-range-for-different-documents.html
3071
3072         * dom/Range.cpp:
3073         (WebCore::Range::isPointInRange):
3074         Return false instead of throwing WRONG_DOCUMENT_ERR when the point is in
3075         a different document.
3076
3077 2012-08-02  Erik Arvidsson  <arv@chromium.org>
3078
3079         DOM4: className should be defined on Element and not on HTMLElement
3080         https://bugs.webkit.org/show_bug.cgi?id=93014
3081
3082         Reviewed by Adam Barth.
3083
3084         DOM4 specs that Element should have the className WebIDL attribute. This moves the
3085         attribute to the correct IDL file.
3086
3087         Test: fast/dom/Element/class-name.html
3088
3089         * dom/Element.idl:
3090         * html/HTMLElement.idl:
3091
3092 2012-08-02  Erik Arvidsson  <arv@chromium.org>
3093
3094         [V8] Handle case where Error.prototype returns an empty object
3095         https://bugs.webkit.org/show_bug.cgi?id=91792
3096
3097         Reviewed by Kentaro Hara.
3098
3099         In some edge cases we get an empty object back from Error.prototype.
3100
3101         No new tests. I cannot reproduce this.
3102
3103         * bindings/v8/V8BindingPerContextData.cpp:
3104         (WebCore::V8BindingPerContextData::constructorForTypeSlowCase):
3105
3106 2012-08-02  Eric Seidel  <eric@webkit.org>
3107
3108         Add back ASSERT(!needsLayout) to RenderTableSection which is now valid
3109         https://bugs.webkit.org/show_bug.cgi?id=92954
3110
3111         Unreviewed, follow-up per Mitz's request.
3112
3113         * rendering/RenderTableSection.cpp:
3114         (WebCore::RenderTableSection::paint):
3115
3116 2012-08-02  James Robinson  <jamesr@chromium.org>
3117
3118         [chromium] Remove unused includes from compositor code
3119         https://bugs.webkit.org/show_bug.cgi?id=92930
3120
3121         Reviewed by Adrienne Walker.
3122
3123         * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.cpp:
3124         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
3125         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
3126
3127 2012-08-02  Adam Barth  <abarth@webkit.org>
3128
3129         The generic bindings shouldn't use templates
3130         https://bugs.webkit.org/show_bug.cgi?id=93016
3131
3132         Reviewed by Eric Seidel.
3133
3134         We originally created the generic bindings to share code between the
3135         JavaScriptCore and V8 bindings. However, the code came out sort of ugly
3136         because we used templates (with the idea that templates would let us
3137         use more than one scripting engine).
3138
3139         This patch rips out the templates in an attempt to make the code
3140         prettier and therefore easier to use in both V8 and JSC. I've tried to
3141         keep this patch small by remaning things mostly in place. In the next
3142         patch, I'll move a bunch of code out of headers and into cpp files.
3143
3144         No behavior change.
3145
3146         * GNUmakefile.am:
3147         * UseV8.cmake:
3148         * WebCore.gyp/WebCore.gyp:
3149         * WebCore.gypi:
3150         * WebCore.pri:
3151         * bindings/generic/BindingSecurity.h:
3152         (WebCore):
3153         (BindingSecurity):
3154         (WebCore::BindingSecurity::canAccessWindow):
3155         (WebCore::BindingSecurity::canAccessFrame):
3156         (WebCore::BindingSecurity::shouldAllowAccessToNode):
3157         (WebCore::BindingSecurity::allowPopUp):
3158         (WebCore::BindingSecurity::allowSettingFrameSrcToJavascriptUrl):
3159         (WebCore::BindingSecurity::allowSettingSrcToJavascriptURL):
3160         * bindings/generic/GenericBinding.h:
3161         (WebCore::completeURL):
3162         * bindings/scripts/CodeGeneratorV8.pm:
3163         (GenerateDomainSafeFunctionGetter):
3164         (GenerateNormalAttrGetter):
3165         (GenerateReplaceableAttrSetter):
3166         (GenerateFunctionCallback):
3167         (GenerateImplementation):
3168         * bindings/scripts/test/V8/V8Float64Array.cpp:
3169         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
3170         (WebCore::TestActiveDOMObjectV8Internal::excitingFunctionCallback):
3171         (WebCore::TestActiveDOMObjectV8Internal::postMessageAttrGetter):
3172         * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
3173         * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
3174         * bindings/scripts/test/V8/V8TestEventTarget.cpp:
3175         * bindings/scripts/test/V8/V8TestException.cpp:
3176         * bindings/scripts/test/V8/V8TestInterface.cpp:
3177         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
3178         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
3179         * bindings/scripts/test/V8/V8TestNode.cpp:
3180         * bindings/scripts/test/V8/V8TestObj.cpp:
3181         (WebCore::TestObjV8Internal::contentDocumentAttrGetter):
3182         (WebCore::TestObjV8Internal::getSVGDocumentCallback):
3183         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
3184         * bindings/v8/BindingState.cpp: Renamed from Source/WebCore/bindings/v8/specialization/V8BindingState.cpp.
3185         (WebCore):
3186         (WebCore::BindingState::instance):
3187         (WebCore::activeWindow):
3188         (WebCore::firstWindow):
3189         (WebCore::activeFrame):
3190         (WebCore::firstFrame):
3191         (WebCore::immediatelyReportUnsafeAccessTo):
3192         * bindings/v8/BindingState.h: Renamed from Source/WebCore/bindings/v8/specialization/V8BindingState.h.
3193         (WebCore):
3194         (BindingState):
3195         * bindings/v8/ScriptController.cpp:
3196         (WebCore::ScriptController::canAccessFromCurrentOrigin):
3197         * bindings/v8/V8Binding.h:
3198         (WebCore):
3199         * bindings/v8/V8DOMWindowShell.cpp:
3200         * bindings/v8/V8Proxy.cpp:
3201         * bindings/v8/V8Utilities.cpp:
3202         (WebCore::callingOrEnteredFrame):
3203         (WebCore::completeURL):
3204         * bindings/v8/custom/V8DOMWindowCustom.cpp:
3205         (WebCore::WindowSetTimeoutImpl):
3206         (WebCore::V8DOMWindow::eventAccessorGetter):
3207         (WebCore::V8DOMWindow::eventAccessorSetter):
3208         (WebCore::V8DOMWindow::locationAccessorSetter):
3209         (WebCore::V8DOMWindow::openerAccessorSetter):
3210         (WebCore::V8DOMWindow::addEventListenerCallback):
3211         (WebCore::V8DOMWindow::removeEventListenerCallback):
3212         (WebCore::V8DOMWindow::showModalDialogCallback):
3213         (WebCore::V8DOMWindow::openCallback):
3214         (WebCore::V8DOMWindow::namedSecurityCheck):
3215         (WebCore::V8DOMWindow::indexedSecurityCheck):
3216         * bindings/v8/custom/V8DocumentLocationCustom.cpp:
3217         (WebCore::V8Document::locationAccessorSetter):
3218         * bindings/v8/custom/V8EntryCustom.cpp:
3219         * bindings/v8/custom/V8EntrySyncCustom.cpp:
3220         * bindings/v8/custom/V8HTMLFrameElementCustom.cpp:
3221         (WebCore::V8HTMLFrameElement::locationAccessorSetter):
3222         * bindings/v8/custom/V8HistoryCustom.cpp:
3223         (WebCore::V8History::indexedSecurityCheck):
3224         (WebCore::V8History::namedSecurityCheck):
3225         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
3226         * bindings/v8/custom/V8InjectedScriptManager.cpp:
3227         (WebCore::InjectedScriptManager::canAccessInspectedWindow):
3228         * bindings/v8/custom/V8LocationCustom.cpp:
3229         (WebCore::V8Location::hashAccessorSetter):
3230         (WebCore::V8Location::hostAccessorSetter):
3231         (WebCore::V8Location::hostnameAccessorSetter):
3232         (WebCore::V8Location::hrefAccessorSetter):
3233         (WebCore::V8Location::pathnameAccessorSetter):
3234         (WebCore::V8Location::portAccessorSetter):
3235         (WebCore::V8Location::protocolAccessorSetter):
3236         (WebCore::V8Location::searchAccessorSetter):
3237         (WebCore::V8Location::reloadAccessorGetter):
3238         (WebCore::V8Location::replaceAccessorGetter):
3239         (WebCore::V8Location::assignAccessorGetter):
3240         (WebCore::V8Location::reloadCallback):
3241         (WebCore::V8Location::replaceCallback):
3242         (WebCore::V8Location::assignCallback):
3243         (WebCore::V8Location::toStringCallback):
3244         (WebCore::V8Location::indexedSecurityCheck):
3245         (WebCore::V8Location::namedSecurityCheck):
3246         * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
3247         * bindings/v8/custom/V8NodeCustom.cpp:
3248
3249 2012-08-02  Abhishek Arya  <inferno@chromium.org>
3250
3251         No isChildAllowed checked when adding RenderFullScreen as the child..
3252         https://bugs.webkit.org/show_bug.cgi?id=92995
3253
3254         Reviewed by Eric Seidel.
3255
3256         Test: fullscreen/fullscreen-child-not-allowed-crash.html
3257
3258         * dom/Document.cpp:
3259         (WebCore::Document::webkitWillEnterFullScreenForElement): pass the object's parent
3260         pointer as an additional argument.
3261         * dom/NodeRenderingContext.cpp:
3262         (WebCore::NodeRendererFactory::createRendererIfNeeded): pass the to be parent |parentRenderer|
3263         as the argument. 
3264         * rendering/RenderFullScreen.cpp:
3265         (RenderFullScreen::wrapRenderer): make sure that parent allows RenderFullScreen as the child.
3266         * rendering/RenderFullScreen.h: 
3267         (RenderFullScreen): support the object's parent
3268         pointer as an additional argument.
3269
3270 2012-08-01  James Robinson  <jamesr@chromium.org>
3271
3272         [chromium] Wrap shared context getters in WebKit API and avoid WebCore::GraphicsContext3D use in compositor internals
3273         https://bugs.webkit.org/show_bug.cgi?id=92917
3274
3275         Reviewed by Adrienne Walker.
3276
3277         This uses Platform API wrappers to access the shared WebGraphicsContext3D / Ganesh contexts from the compositor
3278         to evaluate accelerated filters or do accelerated painting.
3279
3280         Filters changes covered by css3/filters/*-hw.html layout tests.
3281
3282         * WebCore.gypi:
3283         * platform/chromium/support/WebSharedGraphicsContext3D.cpp:
3284         (WebKit):
3285         (WebKit::WebSharedGraphicsContext3D::mainThreadContext):
3286         (WebKit::WebSharedGraphicsContext3D::mainThreadGrContext):
3287         (WebKit::WebSharedGraphicsContext3D::compositorThreadContext):
3288         (WebKit::WebSharedGraphicsContext3D::compositorThreadGrContext):
3289         (WebKit::WebSharedGraphicsContext3D::haveCompositorThreadContext):
3290         (WebKit::WebSharedGraphicsContext3D::createCompositorThreadContext):
3291         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.cpp:
3292         (WebCore::createAcceleratedCanvas):
3293         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::Texture::updateRect):
3294         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::updateTextureRect):
3295         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.h:
3296         (WebKit):
3297         (FrameBufferSkPictureCanvasLayerTextureUpdater):
3298         * platform/graphics/chromium/LayerRendererChromium.cpp:
3299         (WebCore::applyFilters):
3300         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.cpp:
3301         (WebCore::CCRenderSurfaceFilters::apply):
3302         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.h:
3303         (WebKit):
3304         (CCRenderSurfaceFilters):
3305
3306 2012-08-02  Beth Dakin  <bdakin@apple.com>
3307
3308         https://bugs.webkit.org/show_bug.cgi?id=93020
3309         REGRESSION (tiled scrolling): Full-screen video is broken if page is 
3310         scrolled
3311         -and corresponding-
3312         <rdar://problem/11629778>
3313
3314         Reviewed by Anders Carlsson.
3315
3316         The bug here is that ScrollingTreeNodeMac::setScrollLayerPosition() 
3317         uses the CALayer (PlatformLayer) directly to set the position. That 
3318         means that the GraphicsLayer that owns that PlatformLayer does not 
3319         have updated position information. That results in this bug when we 
3320         switch from fast scrolling to main thread scrolling, because at that 
3321         point, the GraphicsLayer needs to have the correct information. So 
3322         make sure to update the main thread scroll position and layer 
3323         position before transitioning to main thread scrolling.
3324         * page/scrolling/ScrollingCoordinator.cpp:
3325         (WebCore::ScrollingCoordinator::setShouldUpdateScrollLayerPositionOnMainThread):
3326
3327 2012-08-02  Addy Osmani  <addyo@chromium.org>
3328
3329         Web Inspector: Rename 'User agent' to 'Overrides' in settings screen
3330         https://bugs.webkit.org/show_bug.cgi?id=92990
3331
3332         Reviewed by Pavel Feldman.
3333
3334         Simple setting rename of User agent -> Overrides
3335
3336         * English.lproj/localizedStrings.js:
3337         * inspector/front-end/SettingsScreen.js:
3338
3339 2012-08-02  Philip Rogers  <pdr@google.com>
3340
3341         Do not dispatch modification events in SVG attribute synchronization
3342         https://bugs.webkit.org/show_bug.cgi?id=92604
3343
3344         Reviewed by Ryosuke Niwa.
3345
3346         Previously, calling hasAttribute() during layout could hit a
3347         layout-during-layout bug because calling hasAttribute() could dispatch a 
3348         subtree modification event which could synchronously force a layout. hasAttribute()
3349         exhibits this behavior because property synchronization is done lazily.
3350
3351         This patch skips dispatching subtree modification events during attribute
3352         synchronization.
3353
3354         Additionally, this patch contains a refactoring of lazy attribute setting. We
3355         now have a single place where lazy attributes are set (setSynchronizedLazyAttribute)
3356         and lazy attribute flags have been moved to just Element and ElementAttributeData.
3357
3358         Test: svg/custom/path-domsubtreemodified-crash.html
3359
3360         * dom/Element.cpp:
3361         (WebCore::Element::setAttribute):
3362         (WebCore::Element::setSynchronizedLazyAttribute):
3363         (WebCore):
3364         (WebCore::Element::setAttributeInternal):
3365         * dom/Element.h:
3366         (Element):
3367         * dom/ElementAttributeData.cpp:
3368         (WebCore::ElementAttributeData::addAttribute):
3369         (WebCore::ElementAttributeData::removeAttribute):
3370         * dom/ElementAttributeData.h:
3371         (ElementAttributeData):
3372         * dom/StyledElement.cpp:
3373         (WebCore::StyledElement::updateStyleAttribute):
3374         * svg/properties/SVGAnimatedPropertyMacros.h:
3375         (WebCore::SVGSynchronizableAnimatedProperty::synchronize):
3376
3377 2012-08-02  Konrad Piascik  <kpiascik@rim.com>
3378
3379         Web Inspector: Override the DeviceOrientation
3380         https://bugs.webkit.org/show_bug.cgi?id=91008
3381
3382         Reviewed by Pavel Feldman.
3383
3384         Re-added the m_page member variable to DeviceOrientationController and
3385         added InspectorInstrumentation to see if the DeviceOrientationData
3386         should be overridden or not.
3387
3388         Added UI to the web inspector front-end to allow users to override the
3389         device orientation.  This is currently hidden behind an experiment.
3390
3391         Test: inspector/device-orientation-success.html
3392
3393         * English.lproj/localizedStrings.js:
3394         * dom/DeviceOrientationController.cpp:
3395         (WebCore::DeviceOrientationController::DeviceOrientationController):
3396         (WebCore::DeviceOrientationController::create):
3397         (WebCore::DeviceOrientationController::didChangeDeviceOrientation):
3398         (WebCore::provideDeviceOrientationTo):
3399         * dom/DeviceOrientationController.h:
3400         (DeviceOrientationController):
3401         * inspector/Inspector.json:
3402         * inspector/InspectorInstrumentation.cpp:
3403         (WebCore):
3404         (WebCore::InspectorInstrumentation::overrideDeviceOrientationImpl):
3405         * inspector/InspectorInstrumentation.h:
3406         (WebCore):
3407         (InspectorInstrumentation):
3408         (WebCore::InspectorInstrumentation::overrideDeviceOrientation):
3409         * inspector/InspectorPageAgent.cpp:
3410         (WebCore::InspectorPageAgent::setDeviceOrientationOverride):
3411         (WebCore):
3412         (WebCore::InspectorPageAgent::clearDeviceOrientationOverride):
3413         (WebCore::InspectorPageAgent::canOverrideDeviceOrientation):
3414         (WebCore::InspectorPageAgent::overrideDeviceOrientation):
3415         * inspector/InspectorPageAgent.h:
3416         * inspector/front-end/Settings.js:
3417         (WebInspector.ExperimentsSettings):
3418         * inspector/front-end/SettingsScreen.js:
3419         (WebInspector.UserAgentSettingsTab):
3420         (WebInspector.UserAgentSettingsTab.prototype._createInput):
3421         (WebInspector.UserAgentSettingsTab.prototype._createDeviceMetricsElement):
3422         (WebInspector.UserAgentSettingsTab.prototype._createGeolocationOverrideElement):
3423         (WebInspector.UserAgentSettingsTab.prototype._onDeviceOrientationOverrideCheckboxClicked):
3424         (WebInspector.UserAgentSettingsTab.prototype._applyDeviceOrientationUserInput):
3425         (WebInspector.UserAgentSettingsTab.prototype._setDeviceOrientation.set if):
3426         (WebInspector.UserAgentSettingsTab.prototype._setDeviceOrientation):
3427         (WebInspector.UserAgentSettingsTab.prototype._createDeviceOrientationOverrideElement):
3428         * inspector/front-end/UserAgentSupport.js:
3429         (WebInspector.UserAgentSupport.DeviceOrientation):
3430         (WebInspector.UserAgentSupport.DeviceOrientation.prototype.toSetting):
3431         (WebInspector.UserAgentSupport.DeviceOrientation.parseSetting):
3432         (WebInspector.UserAgentSupport.DeviceOrientation.parseUserInput):
3433         (WebInspector.UserAgentSupport.DeviceOrientation.clearDeviceOrientationOverride):
3434         * inspector/front-end/inspector.js:
3435         (WebInspector.doLoadedDone):
3436
3437 2012-08-02  Arnaud Renevier  <a.renevier@sisa.samsung.com>
3438
3439         TypedArray set method is slow when called with another typed array
3440         https://bugs.webkit.org/show_bug.cgi?id=92556