CSP: Extract helper classes into their own files
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-09  Daniel Bates  <dabates@apple.com>
2
3         CSP: Extract helper classes into their own files
4         https://bugs.webkit.org/show_bug.cgi?id=154040
5         <rdar://problem/24571189>
6
7         Reviewed by Brent Fulgham.
8
9         No functionality was changed. So, no new tests.
10
11         * CMakeLists.txt: Add files ContentSecurityPolicy{DirectiveList, MediaListDirective, Source, SourceList, SourceListDirective}.cpp.
12         * WebCore.xcodeproj/project.pbxproj: Ditto.
13         * page/csp/ContentSecurityPolicy.cpp: Clean up #includes. Include header ParsingUtilities.h so that we can remove our own
14         variants of skip{Exactly, Until, While}(). Update code as necessary for class renames.
15         (WebCore::skipExactly): Deleted; instead use the analogous function in ParsingUtilities.h.
16         (WebCore::skipUntil): Deleted; instead use the analogous function in ParsingUtilities.h.
17         (WebCore::skipWhile): Deleted; instead use the analogous function in ParsingUtilities.h.
18         (WebCore::isSourceListNone): Moved to file ContentSecurityPolicySourceList.cpp.
19         (WebCore::CSPSource): Deleted; moved implementation to files ContentSecurityPolicySource.{cpp, h}.
20         (WebCore::CSPSourceList): Deleted; moved implementation to files ContentSecurityPolicySourceList.{cpp, h}.
21         (WebCore::CSPDirective): Deleted; moved implementation to file ContentSecurityPolicyDirective.h.
22         (WebCore::MediaListDirective): Deleted; moved implementation to files ContentSecurityPolicyMediaListDirective.{cpp, h}.
23         (WebCore::SourceListDirective): Deleted; moved implementation to files ContentSecurityPolicySourceListDirective.{cpp, h}.
24         (WebCore::CSPDirectiveList): Deleted; moved implementation to files ContentSecurityPolicyDirectiveList.{cpp, h}.
25         * page/csp/ContentSecurityPolicy.h:
26         * page/csp/ContentSecurityPolicyDirective.h: Added.
27         * page/csp/ContentSecurityPolicyDirectiveList.cpp: Added; removed use of ternary operator where it made the code less readable.
28         Updated code to make use of the functions defined in ParsingUtilities.h.
29         (WebCore::isExperimentalDirectiveName): Moved from file ContentSecurityPolicy.cpp.
30         (WebCore::isCSPDirectiveName): Ditto.
31         (WebCore::isDirectiveNameCharacter): Ditto.
32         (WebCore::isDirectiveValueCharacter): Ditto.
33         (WebCore::isNotASCIISpace): Ditto.
34         * page/csp/ContentSecurityPolicyDirectiveList.h: Added.
35         * page/csp/ContentSecurityPolicyMediaListDirective.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
36         (WebCore::isMediaTypeCharacter): Moved from file ContentSecurityPolicy.cpp.
37         (WebCore::isNotASCIISpace): Ditto.
38         * page/csp/ContentSecurityPolicyMediaListDirective.h: Added.
39         * page/csp/ContentSecurityPolicySource.cpp: Added.
40         * page/csp/ContentSecurityPolicySource.h: Added.
41         * page/csp/ContentSecurityPolicySourceList.cpp: Added. Updated code to make use of the functions defined in ParsingUtilities.h.
42         (WebCore::isSourceCharacter): Moved from file ContentSecurityPolicy.cpp.
43         (WebCore::isHostCharacter): Ditto.
44         (WebCore::isPathComponentCharacter): Ditto.
45         (WebCore::isSchemeContinuationCharacter): Ditto.
46         (WebCore::isNotColonOrSlash): Ditto.
47         (WebCore::isSourceListNone): Ditto.
48         * page/csp/ContentSecurityPolicySourceList.h: Added.
49         * page/csp/ContentSecurityPolicySourceListDirective.cpp: Added.
50         * page/csp/ContentSecurityPolicySourceListDirective.h: Added.
51
52 2016-02-09  Brady Eidson  <beidson@apple.com>
53
54         Modern IDB: TransactionOperation objects leak.
55         https://bugs.webkit.org/show_bug.cgi?id=154054
56
57         Reviewed by Alex Christensen.
58
59         No new tests (Currently untestable).
60
61         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
62         (WebCore::IDBClient::IDBTransaction::abortOnServerAndCancelRequests): Remove the TransactionOperation from
63           the map, as this operation doesn't complete "normally" like most others.
64         (WebCore::IDBClient::IDBTransaction::commitOnServer): Ditto.
65         
66         * Modules/indexeddb/client/TransactionOperation.h:
67         (WebCore::IDBClient::TransactionOperation::perform): Clear the m_performFunction after use,
68           as it holds a lambda that holds a RefPtr to the IDBTransaction, as well as a self-ref.
69         (WebCore::IDBClient::TransactionOperation::completed): Clear m_completeFunction for the same reasons.
70
71 2016-02-09  Jer Noble  <jer.noble@apple.com>
72
73         [Mac] Graphical corruption in videos when enabling custom loading path
74         https://bugs.webkit.org/show_bug.cgi?id=154044
75
76         Reviewed by Alex Christensen.
77
78         The NSOperationQueue provided by AVFoundation from the AVAssetResourceLoader queue is not
79         set to be a serial queue. So when adding dataReceived operations to that queue, there exists
80         the possibility that some operations are handled before others, and the client will receieve
81         data out of order.
82
83         A real NSURLSession object will only issue another operation when the first operation
84         completes, so emulate this behavior in WebCoreNSURLSession by using a serial dispatch queue.
85         The internal queue will enqueue an operation to the resource loader's queue, and block until
86         that operation completes, thus ensuring ordering of the data (and other) operations.
87
88         * platform/network/cocoa/WebCoreNSURLSession.h:
89         * platform/network/cocoa/WebCoreNSURLSession.mm:
90         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Initialize _internalQueue
91         (-[WebCoreNSURLSession addDelegateOperation:]): Added utility method.
92         (-[WebCoreNSURLSession taskCompleted:]): Call -addDelegateOperation:
93         (-[WebCoreNSURLSession finishTasksAndInvalidate]): Ditto.
94         (-[WebCoreNSURLSession resetWithCompletionHandler:]): Ditto.
95         (-[WebCoreNSURLSession flushWithCompletionHandler:]): Ditto.
96         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]): Ditto.
97         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]): Ditto.
98         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Ditto.
99         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Ditto.
100         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Ditto.
101
102         Drive-by fix:
103         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]): Set countOfBytesReceived outside the operation,
104             queue, matching NSURLSessionDataTask's behavior.
105
106 2016-02-09  Nan Wang  <n_wang@apple.com>
107
108         [iOS Simulator] accessibility/text-marker/text-marker-range-stale-node-crash.html crashing
109         https://bugs.webkit.org/show_bug.cgi?id=154039
110
111         Reviewed by Chris Fleizach.
112
113         We are accessing the derefed node in the CharacterOffset object, we should create an empty
114         CharacterOffset object if the node is not in use.
115
116         It's covered by the test accessibility/text-marker/text-marker-range-stale-node-crash.html.
117
118         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
119         (-[WebAccessibilityTextMarker characterOffset]):
120         (-[WebAccessibilityTextMarker isIgnored]):
121
122 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
123
124         Unreviewed build fix after r196322
125
126         Unreviewed.
127
128         * css/CSSFontFace.cpp:
129         (WebCore::CSSFontFace::font):
130
131 2016-02-09  Zalan Bujtas  <zalan@apple.com>
132
133         Outline corners do not align properly for multiline inlines.
134         https://bugs.webkit.org/show_bug.cgi?id=154025
135
136         Reviewed by David Hyatt.
137
138         Adjust border position when outline-offset > 0. This patch also
139         removes integral pixelsnapping (drawLineForBoxSide takes care of
140         device pixelsnapping). 
141
142         Test: fast/inline/outline-corners-with-offset.html
143
144         * rendering/RenderInline.cpp:
145         (WebCore::RenderInline::paintOutlineForLine):
146
147 2016-02-09  Jer Noble  <jer.noble@apple.com>
148
149         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
150
151         Rubber-stamped by Eric Carlson;
152
153         Set the correct global variable from setAVFoundationNSURLSessionEnabled().
154
155         * page/Settings.cpp:
156         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
157
158 2016-02-07  Gavin Barraclough  <barraclough@apple.com>
159
160         GetValueFunc/PutValueFunc should not take both slotBase and thisValue
161         https://bugs.webkit.org/show_bug.cgi?id=154009
162
163         Reviewed by Geoff Garen.
164
165         In JavaScript there are two types of properties - regular value properties, and accessor properties.
166         One difference between these is how they are reflected by getOwnPropertyDescriptor, and another is
167         what object they operate on in the case of a prototype access. If you access a value property of a
168         prototype object it return a value pertinent to the prototype, but in the case of a prototype object
169         returning an accessor, then the accessor function is applied to the base object of the access.
170
171         JSC supports special 'custom' properties implemented as a c++ callback, and these custom properties
172         can be used to implement either value- or accessor-like behavior. getOwnPropertyDescriptor behavior
173         is selected via the CustomAccessor attribute. Value- or accessor-like object selection is current
174         supported by passing both the slotBase and the thisValue to the callback,and hoping it uses the
175         right one. This is probably inefficient, bug-prone, and leads to crazy like JSBoundSlotBaseFunction.
176
177         Instead, just pass one thisValue to the callback functions, consistent with CustomAccessor.
178
179         * bindings/js/JSDOMBinding.cpp:
180         (WebCore::printErrorMessageForFrame):
181         (WebCore::objectToStringFunctionGetter):
182         * bindings/js/JSDOMBinding.h:
183         (WebCore::propertyNameToString):
184         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>):
185         (WebCore::nonCachingStaticFunctionGetter):
186         * bindings/js/JSDOMWindowCustom.cpp:
187         (WebCore::JSDOMWindow::visitAdditionalChildren):
188         (WebCore::childFrameGetter):
189         (WebCore::namedItemGetter):
190         (WebCore::jsDOMWindowWebKit):
191         (WebCore::jsDOMWindowIndexedDB):
192             - add missing null check, in case indexDB acessor is applied to non-window object.
193         * bindings/js/JSPluginElementFunctions.cpp:
194         (WebCore::pluginScriptObject):
195         (WebCore::pluginElementPropertyGetter):
196         * bindings/js/JSPluginElementFunctions.h:
197         * bindings/scripts/CodeGeneratorJS.pm:
198         (GenerateHeader):
199         (GenerateImplementation):
200         * bridge/runtime_array.cpp:
201         (JSC::RuntimeArray::destroy):
202         (JSC::RuntimeArray::lengthGetter):
203         * bridge/runtime_array.h:
204         * bridge/runtime_method.cpp:
205         (JSC::RuntimeMethod::finishCreation):
206         (JSC::RuntimeMethod::lengthGetter):
207         * bridge/runtime_method.h:
208         * bridge/runtime_object.cpp:
209         (JSC::Bindings::RuntimeObject::invalidate):
210         (JSC::Bindings::RuntimeObject::fallbackObjectGetter):
211         (JSC::Bindings::RuntimeObject::fieldGetter):
212         (JSC::Bindings::RuntimeObject::methodGetter):
213         * bridge/runtime_object.h:
214             - Merged slotBase & thisValue to custom property callbacks.
215
216 2016-02-09  Jer Noble  <jer.noble@apple.com>
217
218         Build-fix; add Nullibility macros around previously un-macro'd class definitions.
219
220         * platform/spi/mac/AVFoundationSPI.h:
221
222 2016-02-04  Jer Noble  <jer.noble@apple.com>
223
224         [Mac] Adopt NSURLSession properties in AVAssetResourceLoader
225         https://bugs.webkit.org/show_bug.cgi?id=153873
226
227         Reviewed by Eric Carlson.
228
229         Adopt a new AVAssetResourceLoader API allowing clients to specify a NSURLSession object to
230         use for media loading, and control the use of this property with a new Setting.
231
232         * page/Settings.cpp:
233         (WebCore::Settings::setAVFoundationNSURLSessionEnabled):
234         * page/Settings.h:
235         (WebCore::Settings::isAVFoundationNSURLSessionEnabled):
236         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
237         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
238         * platform/spi/mac/AVFoundationSPI.h:
239
240 2016-02-09  Myles C. Maxfield  <mmaxfield@apple.com>
241
242         Decouple font creation from font loading
243         https://bugs.webkit.org/show_bug.cgi?id=153414
244
245         Reviewed by Darin Adler.
246
247         Previously, CSSFontFaceSource never triggered a font download until that font was actually used. This means
248         that the function which triggers the download also has the goal of returning a font to use. However,
249         the CSS Font Loading JavaScript API requires being able to trigger a font download without this extra font
250         creation overhead.
251
252         In addition, this patch adds an explicit (and enforced) state transition diagram. The diagram looks like
253         this:
254                             => Success
255                           //
256         Pending => Loading
257                           \\
258                             => Failure
259
260         Therefore, the API for CSSFontFaceSource has changed to expose the concept of these new states. This means
261         that its user (CSSSegmentedFontFaceSource) has been updated to handle each possible state that its constituent
262         CSSFontFaceSources may be in.
263
264         No new tests because there is no behavior change.
265
266         * css/CSSFontFace.cpp:
267         (WebCore::CSSFontFace::allSourcesFailed): Renamed to make the name clearer.
268         (WebCore::CSSFontFace::addedToSegmentedFontFace): Use references instead of pointers.
269         (WebCore::CSSFontFace::removedFromSegmentedFontFace): Ditto.
270         (WebCore::CSSFontFace::adoptSource): Renamed to make the name clearer.
271         (WebCore::CSSFontFace::fontLoaded): Use references instead of pointers. Also, remove old dead code.
272         (WebCore::CSSFontFace::font): Adapt to the new API of CSSFontFaceSource.
273         (WebCore::CSSFontFace::isValid): Deleted.
274         (WebCore::CSSFontFace::addSource): Deleted.
275         (WebCore::CSSFontFace::notifyFontLoader): Deleted. Old dead code.
276         (WebCore::CSSFontFace::notifyLoadingDone): Deleted. Old dead code.
277         * css/CSSFontFace.h:
278         (WebCore::CSSFontFace::create): Remove old dead code.
279         (WebCore::CSSFontFace::CSSFontFace): Use references instead of pointers.
280         (WebCore::CSSFontFace::loadState): Deleted. Remove old dead code.
281         * css/CSSFontFaceSource.cpp:
282         (WebCore::CSSFontFaceSource::setStatus): Enforce state transitions.
283         (WebCore::CSSFontFaceSource::CSSFontFaceSource): Explicitly handle new state transitions.
284         (WebCore::CSSFontFaceSource::fontLoaded): Update for new states.
285         (WebCore::CSSFontFaceSource::load): Pulled out code from font().
286         (WebCore::CSSFontFaceSource::font): Moved code into load().
287         (WebCore::CSSFontFaceSource::isValid): Deleted.
288         (WebCore::CSSFontFaceSource::isDecodeError): Deleted.
289         (WebCore::CSSFontFaceSource::ensureFontData): Deleted.
290         * css/CSSFontFaceSource.h: Much cleaner API.
291         * css/CSSFontSelector.cpp:
292         (WebCore::createFontFace): Migrate to references instead of pointers. This requires a little
293         reorganization.
294         (WebCore::registerLocalFontFacesForFamily): Update to new CSSFontFaceSource API.
295         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
296         (WebCore::CSSFontSelector::getFontFace): Ditto.
297         * css/CSSSegmentedFontFace.cpp:
298         (WebCore::CSSSegmentedFontFace::CSSSegmentedFontFace): Migrate to references instead of pointers.
299         (WebCore::CSSSegmentedFontFace::~CSSSegmentedFontFace): Ditto.
300         (WebCore::CSSSegmentedFontFace::fontLoaded): Remove old dead code.
301         (WebCore::CSSSegmentedFontFace::appendFontFace): Cleanup.
302         (WebCore::CSSSegmentedFontFace::fontRanges): Adopt to new API.
303         (WebCore::CSSSegmentedFontFace::pruneTable): Deleted.
304         (WebCore::CSSSegmentedFontFace::isLoading): Deleted. Old dead code.
305         (WebCore::CSSSegmentedFontFace::checkFont): Deleted. Ditto.
306         (WebCore::CSSSegmentedFontFace::loadFont): Deleted. Ditto.
307         * css/CSSSegmentedFontFace.h:
308         (WebCore::CSSSegmentedFontFace::create): Migrate to references instead of pointers.
309         (WebCore::CSSSegmentedFontFace::fontSelector): Ditto.
310         (WebCore::CSSSegmentedFontFace::LoadFontCallback::~LoadFontCallback): Deleted.
311         * loader/cache/CachedFont.cpp:
312         (WebCore::CachedFont::didAddClient): Migrate to references instead of pointers.
313         (WebCore::CachedFont::checkNotify): Ditto.
314         * loader/cache/CachedFontClient.h:
315         (WebCore::CachedFontClient::fontLoaded): Ditto.
316
317 2016-02-09  Brady Eidson  <beidson@apple.com>
318
319         Modern IDB: IDBOpenDBRequests leak.
320         https://bugs.webkit.org/show_bug.cgi?id=154032
321
322         Reviewed by Alex Christensen.
323
324         No new tests (Currently untestable).
325
326         * CMakeLists.txt:
327         * WebCore.xcodeproj/project.pbxproj:
328
329         Add a simple Event subclass that holds a ref to an IDBRequest, to make sure that we
330         drop the last ref to the request after its last event fires or is otherwise destroyed:
331         * Modules/indexeddb/IDBRequestCompletionEvent.cpp: Added.
332         (WebCore::IDBRequestCompletionEvent::IDBRequestCompletionEvent):
333         * Modules/indexeddb/IDBRequestCompletionEvent.h: Added.
334         (WebCore::IDBRequestCompletionEvent::create):
335
336         * Modules/indexeddb/client/IDBOpenDBRequestImpl.cpp:
337         (WebCore::IDBClient::IDBOpenDBRequest::onError): IDBRequestCompletionEvent instead of Event.
338         (WebCore::IDBClient::IDBOpenDBRequest::fireSuccessAfterVersionChangeCommit): Ditto.
339         (WebCore::IDBClient::IDBOpenDBRequest::fireErrorAfterVersionChangeCompletion): Ditto.
340         (WebCore::IDBClient::IDBOpenDBRequest::onSuccess): Ditto.
341
342         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
343         (WebCore::IDBClient::IDBTransaction::dispatchEvent): After setting up the request's 
344           completion event to fire, clear the back-ref to the request.
345
346 2016-02-09  Commit Queue  <commit-queue@webkit.org>
347
348         Unreviewed, rolling out r196286.
349         https://bugs.webkit.org/show_bug.cgi?id=154026
350
351         Looks like 5% iOS PLT regression (Requested by kling on
352         #webkit).
353
354         Reverted changeset:
355
356         "[iOS] Throw away some unlinked code when navigating to a new
357         page."
358         https://bugs.webkit.org/show_bug.cgi?id=154014
359         http://trac.webkit.org/changeset/196286
360
361 2016-02-08  Chris Dumez  <cdumez@apple.com>
362
363         Attribute getters should not require an explicit 'this' value for Window properties
364         https://bugs.webkit.org/show_bug.cgi?id=153968
365
366         Reviewed by Darin Adler.
367
368         Attribute getters should not require an explicit 'this' value for
369         Window properties. This is because the Window interface is marked
370         as [ImplicitThis]:
371         - http://heycam.github.io/webidl/#ImplicitThis
372         - https://www.w3.org/Bugs/Public/show_bug.cgi?id=29421
373
374         This matches the behavior of Firefox and the expectations of the W3C
375         web-platform-tests.
376
377         No new tests, already covered by existing tests.
378
379         * bindings/scripts/CodeGeneratorJS.pm:
380         In attribute getters of an interface marked as [ImplicitThis],
381         if 'thisValue' is undefined or null, fall back to using the
382         global object as 'thisValue'.
383
384         * bindings/scripts/IDLAttributes.txt:
385         Add support for [ImplicitThis]:
386         http://heycam.github.io/webidl/#ImplicitThis
387
388         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
389         * bindings/scripts/test/JS/JSTestException.cpp:
390         * bindings/scripts/test/JS/JSTestInterface.cpp:
391         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
392         * bindings/scripts/test/JS/JSTestNode.cpp:
393         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
394         * bindings/scripts/test/JS/JSTestObj.cpp:
395         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
396         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
397         * bindings/scripts/test/JS/JSattribute.cpp:
398         Rebaseline bindings tests.
399
400         * page/DOMWindow.idl:
401         Mark Window as [ImplicitThis]:
402         http://heycam.github.io/webidl/#ImplicitThis
403
404 2016-02-08  Nan Wang  <n_wang@apple.com>
405
406         AX: crash at WebCore::Range::selectNodeContents(WebCore::Node*, int&)
407         https://bugs.webkit.org/show_bug.cgi?id=154018
408
409         Reviewed by Chris Fleizach.
410
411         Sometimes rangeForUnorderedCharacterOffsets call is accessing derefed node objects
412         and leading to a crash. Fixed it by checking isNodeInUse before creating the CharacterOffset
413         object.
414
415         Test: accessibility/text-marker/text-marker-range-stale-node-crash.html
416
417         * accessibility/AXObjectCache.cpp:
418         (WebCore::AXObjectCache::visiblePositionForTextMarkerData):
419         (WebCore::AXObjectCache::characterOffsetForTextMarkerData):
420         (WebCore::AXObjectCache::traverseToOffsetInRange):
421         * accessibility/AXObjectCache.h:
422         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
423         (-[WebAccessibilityObjectWrapper rangeForTextMarkerRange:]):
424         (characterOffsetForTextMarker):
425         (-[WebAccessibilityObjectWrapper characterOffsetForTextMarker:]):
426         (textMarkerForVisiblePosition):
427
428 2016-02-08  Andreas Kling  <akling@apple.com>
429
430         [iOS] Throw away some unlinked code when navigating to a new page.
431         <https://webkit.org/b/154014>
432
433         Reviewed by Gavin Barraclough.
434
435         Extended the mechanism introduced earlier to also throw away unlinked code
436         that's only relevant to the page that we're navigating away from.
437
438         The new JSC::VM API is deleteAllCodeExceptCaches() and it does what it sounds
439         like, deleting unlinked and linked code but leaving code caches alone.
440
441         This means that if the page we're navigating to wants to parse some of the
442         same JS that the page we're leaving had on it, it might still be found in the
443         JSC::CodeCache.
444
445         Doing a back navigation to a PageCache'd page may now incur some reparsing,
446         just like leaving the app or tab would.
447
448         * bindings/js/GCController.cpp:
449         (WebCore::GCController::deleteAllCodeExceptCaches):
450         (WebCore::GCController::deleteAllLinkedCode): Deleted.
451         * bindings/js/GCController.h:
452         * loader/FrameLoader.cpp:
453         (WebCore::FrameLoader::commitProvisionalLoad):
454
455 2016-02-08  Daniel Bates  <dabates@apple.com>
456
457         CSP connect-src directive should block redirects
458         https://bugs.webkit.org/show_bug.cgi?id=69359
459         <rdar://problem/24383025>
460
461         Reviewed by Brent Fulgham.
462
463         Inspired by Blink patch:
464         <https://src.chromium.org/viewvc/blink?revision=150246&view=revision>
465
466         Apply the connect-src directive of the Content Security Policy for the document or worker to the redirect URL
467         of an XMLHttpRequest and EventSource load so as to conform to section Paths and Redirects of the CSP 2.0 spec.,
468         <https://w3c.github.io/webappsec-csp/2/#source-list-paths-and-redirects> (29 August 2015).
469
470         Additionally, check that each requested script URL passed to WorkerGlobalScope.importScripts() is allowed by
471         the CSP of the worker before initiating a load for it. If some URL i is blocked by the CSP policy
472         then we do not try to load URLs j >= i.
473
474         Tests: http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-block-aborts-all-subsequent-imports.html
475                http/tests/security/contentSecurityPolicy/worker-blob-inherits-csp-importScripts-redirect-cross-origin-blocked.html
476                http/tests/security/contentSecurityPolicy/worker-csp-blocks-xhr-redirect-cross-origin.html
477                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-allowed.html
478                http/tests/security/contentSecurityPolicy/worker-csp-importScripts-redirect-cross-origin-blocked.html
479                http/tests/security/contentSecurityPolicy/worker-without-csp-importScripts-redirect-cross-origin-allowed.html
480                http/tests/security/isolatedWorld/bypass-main-world-csp-for-xhr-redirect.html
481                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-importScript-redirect-cross-origin.html
482                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-importScripts-redirect-cross-origin.html
483                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr-redirect-cross-origin.html
484                http/tests/security/isolatedWorld/bypass-worker-csp-for-xhr.html
485
486         * fileapi/FileReaderLoader.cpp:
487         (WebCore::FileReaderLoader::start): Do not enforce a CSP directive as CSP is not applicable to File API.
488         * inspector/InspectorNetworkAgent.cpp:
489         (WebCore::InspectorNetworkAgent::loadResource): Do not enforce a CSP directive as CSP should not interfere
490         with the Web Inspector.
491         * loader/DocumentThreadableLoader.cpp:
492         (WebCore::DocumentThreadableLoader::loadResourceSynchronously): Modified to take an optional ContentSecurityPolicy
493         and pass it through to DocumentThreadableLoader::create().
494         (WebCore::DocumentThreadableLoader::create): Modified to take an optional ContentSecurityPolicy and pass it through
495         to DocumentThreadableLoader::DocumentThreadableLoader().
496         (WebCore::DocumentThreadableLoader::DocumentThreadableLoader): Modified to take an optional ContentSecurityPolicy.
497         Asserts that the CSP allows the load of the request URL so as to catch when a caller creates a loader for a request
498         that is not allowed by the CSP. The caller should not create a loader for such a request.
499         (WebCore::DocumentThreadableLoader::redirectReceived): Check if the CSP allows the redirect URL. If it does not
500         then notify the client that the redirect check failed.
501         (WebCore::DocumentThreadableLoader::loadRequest): Ditto.
502         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Checks that the specified URL is allowed
503         by the enforced CSP directive.
504         (WebCore::DocumentThreadableLoader::contentSecurityPolicy): Returns the ContentSecurityPolicy object passed to
505         DocumentThreadableLoader on instantiation or the ContentSecurityPolicy object of the associated document.
506         * loader/DocumentThreadableLoader.h: Add overloaded variants of DocumentThreadableLoader::{create, loadResourceSynchronously}()
507         that take a std::unique_ptr<ContentSecurityPolicy>&&. Remove some unnecessary headers.
508         * loader/ThreadableLoader.cpp:
509         (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Take the CSP directive to enforce and store it.
510         (WebCore::ThreadableLoaderOptions::isolatedCopy): Copy the CSP directive to enforce.
511         * loader/ThreadableLoader.h: Added member field to store the CSP directive to enforce (defaults to enforce the
512         directive connect-src - the most appropriate directive in most circumstances). As of the time of writing,
513         only WorkerGlobalScope.importScripts() enforces a different directive: script-src.
514         * loader/WorkerThreadableLoader.cpp:
515         (WebCore::WorkerThreadableLoader::WorkerThreadableLoader): Pass the SecurityOrigin and ContentSecurityPolicy associated
516         with the WorkerGlobalScope to WorkerThreadableLoader::MainThreadBridge::MainThreadBridge().
517         (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Pass a copy of the worker's ContentSecurityPolicy
518         to the DocumentThreadableLoader.
519         * loader/WorkerThreadableLoader.h:
520         * page/EventSource.cpp:
521         (WebCore::EventSource::connect): Enforce the CSP directive connect-src on redirects unless we are running in an isolated world.
522         * workers/AbstractWorker.cpp:
523         (WebCore::AbstractWorker::resolveURL): Modified to take a boolean whether to bypass the main world Content Security Policy
524         instead of querying for it directly.
525         * workers/AbstractWorker.h:
526         * workers/Worker.cpp:
527         (WebCore::Worker::create): Added FIXME to enforce child-src directive of the document's CSP to the worker's script URL
528         on redirect once we fix <https://bugs.webkit.org/show_bug.cgi?id=153562>. For now, do not enforce a CSP policy on redirect
529         of the worker's script URL.
530         * workers/WorkerGlobalScope.cpp:
531         (WebCore::WorkerGlobalScope::importScripts): Check that the requested URL is allowed by the CSP of the worker (if applicable).
532         Enforce the CSP directive script-src on redirects unless we are running in an isolated world.
533         * workers/WorkerScriptLoader.cpp:
534         (WebCore::WorkerScriptLoader::loadSynchronously): Pass SecurityOrigin and ContentSecurityPolicyEnforcement to WorkerThreadableLoader.
535         (WebCore::WorkerScriptLoader::loadAsynchronously): Ditto.
536         * workers/WorkerScriptLoader.h:
537         * xml/XMLHttpRequest.cpp:
538         (WebCore::XMLHttpRequest::createRequest): Enforce the CSP directive connect-src on redirects unless we are running in
539         an isolated world.
540
541 2016-02-08  Antti Koivisto  <antti@apple.com>
542
543         Try to fix Yosemite build.
544
545         * dom/ComposedTreeIterator.h:
546         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
547         (WebCore::ComposedTreeIterator::traverseNext):
548
549 2016-02-08  Antti Koivisto  <antti@apple.com>
550
551         Implement ComposedTreeIterator in terms of ElementAndTextDescendantIterator
552         https://bugs.webkit.org/show_bug.cgi?id=154003
553
554         Reviewed by Darin Adler.
555
556         Currently ComposedTreeIterator implements tree traversal using NodeTraversal. This makes it overly complicated.
557         It can also return nodes other than Element and Text which should not be part of the composed tree.
558
559         This patch adds a new iterator type, ElementAndTextDescendantIterator, similar to the existing ElementDescendantIterator.
560         ComposedTreeIterator is then implemented using this new iterator.
561
562         When entering a shadow tree or a slot the local iterator is pushed along with the context stack and a new local
563         iterator is initialized for the new context. When leaving a shadow tree the context stack is popped and the previous
564         local iterator becomes active.
565
566         * WebCore.xcodeproj/project.pbxproj:
567         * dom/ComposedTreeIterator.cpp:
568         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
569         (WebCore::ComposedTreeIterator::initializeContextStack):
570         (WebCore::ComposedTreeIterator::pushContext):
571         (WebCore::ComposedTreeIterator::traverseNextInShadowTree):
572         (WebCore::ComposedTreeIterator::traverseNextLeavingContext):
573         (WebCore::ComposedTreeIterator::advanceInSlot):
574         (WebCore::ComposedTreeIterator::traverseSiblingInSlot):
575         (WebCore::ComposedTreeIterator::initializeShadowStack): Deleted.
576         (WebCore::ComposedTreeIterator::traverseParentInShadowTree): Deleted.
577         (WebCore::ComposedTreeIterator::traverseNextSiblingSlot): Deleted.
578         (WebCore::ComposedTreeIterator::traversePreviousSiblingSlot): Deleted.
579         * dom/ComposedTreeIterator.h:
580         (WebCore::ComposedTreeIterator::operator*):
581         (WebCore::ComposedTreeIterator::operator->):
582         (WebCore::ComposedTreeIterator::operator==):
583         (WebCore::ComposedTreeIterator::operator!=):
584         (WebCore::ComposedTreeIterator::operator++):
585         (WebCore::ComposedTreeIterator::Context::Context):
586         (WebCore::ComposedTreeIterator::context):
587         (WebCore::ComposedTreeIterator::current):
588         (WebCore::ComposedTreeIterator::ComposedTreeIterator):
589         (WebCore::ComposedTreeIterator::traverseNext):
590         (WebCore::ComposedTreeIterator::traverseNextSkippingChildren):
591         (WebCore::ComposedTreeIterator::traverseNextSibling):
592         (WebCore::ComposedTreeIterator::traversePreviousSibling):
593         (WebCore::ComposedTreeDescendantAdapter::ComposedTreeDescendantAdapter):
594         (WebCore::ComposedTreeDescendantAdapter::begin):
595         (WebCore::ComposedTreeDescendantAdapter::end):
596         (WebCore::ComposedTreeDescendantAdapter::at):
597         (WebCore::ComposedTreeChildAdapter::Iterator::Iterator):
598         (WebCore::ComposedTreeChildAdapter::ComposedTreeChildAdapter):
599         (WebCore::ComposedTreeChildAdapter::begin):
600         (WebCore::ComposedTreeChildAdapter::end):
601         (WebCore::ComposedTreeChildAdapter::at):
602         (WebCore::ComposedTreeIterator::ShadowContext::ShadowContext): Deleted.
603         (WebCore::ComposedTreeIterator::traverseParent): Deleted.
604         * dom/ElementAndTextDescendantIterator.h: Added.
605
606             New iterator type that traverses Element and Text nodes (that is renderable nodes only).
607             It also tracks depth for future use.
608
609 2016-02-08  Joseph Pecoraro  <pecoraro@apple.com>
610
611         Web Inspector: copy({x:1}) should copy "{x:1}", not "[object Object]"
612         https://bugs.webkit.org/show_bug.cgi?id=148605
613
614         Reviewed by Brian Burg.
615
616         Test: inspector/console/command-line-api-copy.html
617
618         * inspector/CommandLineAPIModuleSource.js:
619         (CommandLineAPIImpl.prototype.copy):
620         Support copying different types. This is meant to be more
621         convenient then just JSON.stringify, so it handles types
622         like Node, Symbol, RegExp, and Function a bit better.
623
624 2016-02-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
625
626         REGRESSION(r181345): SVG polyline and polygon leak page
627         https://bugs.webkit.org/show_bug.cgi?id=152759
628
629         Reviewed by Darin Adler.
630
631         The leak happens because of cyclic reference between SVGListPropertyTearOff 
632         and SVGAnimatedListPropertyTearOff which is derived from SVGAnimatedProperty.
633         There is also cyclic reference between SVGAnimatedProperty and SVGElement
634         and this causes the whole document to be leaked. So if the JS requests, for
635         example, an instance of SVGPolylineElement.points, the whole document will be
636         leaked.
637
638         The fix depends on having the cyclic reference as is since the owning and the
639         owned classes have to live together if any of them is referenced. But the owning
640         class caches a raw 'ref-counted' pointer of the owned class. If it is requested
641         for an instance of the owned class it returned a RefPtr<> of it. Once the owned
642         class is not used, it can delete itself. The only thing needed here is to notify
643         the owner class of the deletion so it cleans its caches and be able to create a
644         new pointer if it is requested for an instance of the owned class later.
645
646         Revert the change of r181345 in SVGAnimatedProperty::lookupOrCreateWrapper()
647         to break the cyclic reference between SVGElement and SVGAnimatedProperty.
648         
649         Also apply the same approach in SVGAnimatedListPropertyTearOff::baseVal() and
650         animVal() to break cyclic reference between SVGListPropertyTearOff and
651         SVGAnimatedListPropertyTearOff.
652
653         Test: svg/animations/smil-leak-list-property-instances.svg
654
655         * bindings/scripts/CodeGeneratorJS.pm:
656         (NativeToJSValue): The SVG non-string list tear-off properties became of
657         type RefPtr<>. So we need to use get() with the casting expressions.
658         
659         * svg/SVGMarkerElement.cpp:
660         (WebCore::SVGMarkerElement::orientType):
661         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
662
663         * svg/SVGPathElement.cpp:
664         (WebCore::SVGPathElement::pathByteStream):
665         (WebCore::SVGPathElement::lookupOrCreateDWrapper):
666         Since SVGAnimatedProperty::lookupWrappe() returns a RefPtr<> we need to 
667         use get() for the casting expressions.
668         
669         (WebCore::SVGPathElement::pathSegList):
670         (WebCore::SVGPathElement::normalizedPathSegList):
671         (WebCore::SVGPathElement::animatedPathSegList):
672         (WebCore::SVGPathElement::animatedNormalizedPathSegList):
673         * svg/SVGPathElement.h:
674         Change the return value from raw pointer to RefPtr<>.
675
676         * svg/SVGPathSegWithContext.h:
677         (WebCore::SVGPathSegWithContext::animatedProperty):
678         Change the return type to be RefPtr<> to preserve the value from being deleted.
679         
680         * svg/SVGPolyElement.cpp:
681         (WebCore::SVGPolyElement::parseAttribute):
682         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
683         use get() for the casting expressions.
684         
685         (WebCore::SVGPolyElement::points):
686         (WebCore::SVGPolyElement::animatedPoints):
687         * svg/SVGPolyElement.h:
688         Change the return value from raw pointer to RefPtr<>.
689         
690         * svg/SVGViewSpec.cpp:
691         (WebCore::SVGViewSpec::setTransformString):
692         Since SVGAnimatedProperty::lookupWrapper() returns a RefPtr<> we need to 
693         use get() for the casting expressions.
694
695         (WebCore::SVGViewSpec::transform):
696         * svg/SVGViewSpec.h:
697         Change the return value from raw pointer to RefPtr<>.
698         
699         * svg/properties/SVGAnimatedListPropertyTearOff.h:
700         (WebCore::SVGAnimatedListPropertyTearOff::baseVal):
701         (WebCore::SVGAnimatedListPropertyTearOff::animVal):
702         Change the return value from raw pointer to RefPtr<> and change the cached
703         value from RefPtr<> to raw pointer. If the property is null, it will be
704         created, its raw pointer will be cached and the only ref-counted RefPtr<>
705         will be returned. This will guarantee, the RefPtr<> will be deleted once
706         it is not used anymore. 
707         
708         (WebCore::SVGAnimatedListPropertyTearOff::propertyWillBeDeleted):
709         Clean the raw pointer caches m_baseVal and m_animVal upon deleting the
710         actual pointer. This function will be called from the destructor of
711         SVGListPropertyTearOff.
712         
713         (WebCore::SVGAnimatedListPropertyTearOff::findItem):
714         (WebCore::SVGAnimatedListPropertyTearOff::removeItemFromList):
715         We have to ensure the baseVal() is created before using it.
716         
717         (WebCore::SVGAnimatedListPropertyTearOff::detachListWrappers):
718         (WebCore::SVGAnimatedListPropertyTearOff::currentAnimatedValue):
719         (WebCore::SVGAnimatedListPropertyTearOff::animationStarted):
720         (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
721         (WebCore::SVGAnimatedListPropertyTearOff::synchronizeWrappersIfNeeded):
722         (WebCore::SVGAnimatedListPropertyTearOff::animValWillChange):
723         (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
724         For animation, a separate RefPtr<> 'm_animatingAnimVal' will be assigned
725         to the animVal(). This will prevent deleting m_animVal while animation.
726         
727         * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
728         (WebCore::SVGAnimatedPathSegListPropertyTearOff::baseVal):
729         (WebCore::SVGAnimatedPathSegListPropertyTearOff::animVal):
730         Same as what is done in SVGAnimatedListPropertyTearOff.
731         
732         (WebCore::SVGAnimatedPathSegListPropertyTearOff::findItem):
733         (WebCore::SVGAnimatedPathSegListPropertyTearOff::removeItemFromList):
734         Same as what is done in SVGAnimatedListPropertyTearOff.
735         
736         * svg/properties/SVGAnimatedProperty.h:
737         (WebCore::SVGAnimatedProperty::lookupOrCreateWrapper):
738         Change the return value from raw reference to Ref<> and change the
739         cached value from Ref<> to raw pointer. This reverts the change of
740         r181345 in this function.
741         
742         (WebCore::SVGAnimatedProperty::lookupWrapper):
743         Change the return value from raw pointer to RefPtr<>.
744         
745         * svg/properties/SVGAnimatedPropertyMacros.h:
746         Use 'auto' type for the return of SVGAnimatedProperty::lookupWrapper().
747         
748         * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
749         (WebCore::SVGAnimatedTransformListPropertyTearOff::baseVal):
750         (WebCore::SVGAnimatedTransformListPropertyTearOff::animVal):
751         Same as what is done in SVGAnimatedListPropertyTearOff.
752
753         * svg/properties/SVGListPropertyTearOff.h:
754         (WebCore::SVGListPropertyTearOff::~SVGListPropertyTearOff):
755         Call the SVGAnimatedListPropertyTearOff::propertyWillBeDeleted() to clean
756         its raw pointers when the RefPtr<> deletes itself.
757
758 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
759
760         [GTK] WebKitWebView should send crossing events to the WebProcess
761         https://bugs.webkit.org/show_bug.cgi?id=153740
762
763         Reviewed by Michael Catanzaro.
764
765         Update the target element under the mouse also when only updating
766         scrollbars, so that if the mouse enters the page when the window
767         is not active, the scroll animator is notified that the mouse
768         entered the scrollable area.
769
770         * page/EventHandler.cpp:
771         (WebCore::EventHandler::handleMouseMoveEvent): Call
772         updateMouseEventTargetNode() before early returning in case of
773         only updating scrollbars.
774
775 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
776
777         PiP and external playback are mutually exclusive.
778         https://bugs.webkit.org/show_bug.cgi?id=153988
779         rdar://problem/24108661
780
781         Reviewed by Eric Carlson.
782
783         Adding isPlayingOnSecondScreen to isPlayingOnExternalScreen allows AVKit to disable PiP
784         when appropriate. Testing video fullscreen mode in updateDisableExternalPlayback allows us to 
785         turn-off external playback when entering picture-in-picture.
786
787         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
788         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
789         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
790         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
791         (-[WebAVPlayerController isPlayingOnExternalScreen]):
792         (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]):
793
794 2016-02-08  Commit Queue  <commit-queue@webkit.org>
795
796         Unreviewed, rolling out r196253.
797         https://bugs.webkit.org/show_bug.cgi?id=153990
798
799         Caused several crashes in GTK+ bots (Requested by KaL on
800         #webkit).
801
802         Reverted changeset:
803
804         "[GTK] WebKitWebView should send crossing events to the
805         WebProcess"
806         https://bugs.webkit.org/show_bug.cgi?id=153740
807         http://trac.webkit.org/changeset/196253
808
809 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
810
811         WebAVPlayerController should implement currentTimeWithinEndTimes.
812         https://bugs.webkit.org/show_bug.cgi?id=153983
813         rdar://problem/22864621
814
815         Reviewed by Eric Carlson.
816
817         Implement currentTimeWithinEndTimes in terms of seekToTime and AVTiming. This is a trivial
818         implementation becuase AVPlayer start and end times aren't used.
819
820         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
821         (-[WebAVPlayerController currentTimeWithinEndTimes]):
822         (-[WebAVPlayerController setCurrentTimeWithinEndTimes:]):
823         (+[WebAVPlayerController keyPathsForValuesAffectingCurrentTimeWithinEndTimes]):
824
825 2016-02-08  Carlos Garcia Campos  <cgarcia@igalia.com>
826
827         [GTK] WebKitWebView should send crossing events to the WebProcess
828         https://bugs.webkit.org/show_bug.cgi?id=153740
829
830         Reviewed by Michael Catanzaro.
831
832         Update the target element under the mouse also when only updating
833         scrollbars, so that if the mouse enters the page when the window
834         is not active, the scroll animator is notified that the mouse
835         entered the scrollable area.
836
837         * page/EventHandler.cpp:
838         (WebCore::EventHandler::handleMouseMoveEvent): Call
839         updateMouseEventTargetNode() before early returning in case of
840         only updating scrollbars.
841
842 2016-02-08  Jeremy Jones  <jeremyj@apple.com>
843
844         WebVideoFullscreenInterface should handle video resizing.
845         https://bugs.webkit.org/show_bug.cgi?id=153982
846         rdar://problem/22031249
847
848         Reviewed by Eric Carlson.
849
850         Video fullscreen can be initiated before video dimension are available.
851         Protect against an initial width or height of zero and observe resize events 
852         to update once video dimensions become available or change.
853
854         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
855         (WebVideoFullscreenModelVideoElement::updateForEventName):
856         (WebVideoFullscreenModelVideoElement::observedEventNames):
857         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
858         (-[WebAVPlayerLayer layoutSublayers]):
859         (-[WebAVPlayerLayer videoRect]):
860         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
861
862 2016-02-08  Adrien Plazas  <aplazas@igalia.com>
863
864         Indent inline box test fails due to assertion in VisibleSelection::selectionFromContentsOfNode()
865         https://bugs.webkit.org/show_bug.cgi?id=153824
866
867         Reviewed by Michael Catanzaro.
868
869         * editing/markup.cpp:
870         (WebCore::highestAncestorToWrapMarkup):
871
872 2016-02-07  Sam Weinig  <sam@webkit.org>
873
874         Remove unused enum ScrollbarOverlayState.
875
876         Rubber-stamped by Dan Bernstein.
877
878         * platform/ScrollTypes.h:
879
880 2016-02-07  Sam Weinig  <sam@webkit.org>
881
882         Remove unnecessary respondsToSelector checks for methods that exist on all supported platforms
883         https://bugs.webkit.org/show_bug.cgi?id=153970
884
885         Reviewed by Dan Bernstein.
886
887         -[NSScrollerImp mouseEnteredScroller], -[NSScrollerImp expansionTransitionProgress],
888         -[NSScrollerImpPair contentAreaScrolledInDirection:], and -[NSScrollerImp setExpanded:]
889         are now available on all supported OS's. No need to check for them.
890
891         * platform/mac/ScrollAnimatorMac.mm:
892         (macScrollbarTheme):
893         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
894         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
895         (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
896         (WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
897         (WebCore::ScrollAnimatorMac::sendContentAreaScrolled):
898         (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
899         (supportsUIStateTransitionProgress): Deleted.
900         (supportsExpansionTransitionProgress): Deleted.
901         (supportsContentAreaScrolledInDirection): Deleted.
902         * platform/mac/ScrollbarThemeMac.mm:
903         (+[WebScrollbarPrefsObserver appearancePrefsChanged:]):
904         (+[WebScrollbarPrefsObserver behaviorPrefsChanged:]):
905         (WebCore::ScrollbarThemeMac::scrollbarThickness):
906
907 2016-02-07  Sam Weinig  <sam@webkit.org>
908
909         Use modern SPI header idiom for NSScrollerImp and NSScrollerImpPair
910         https://bugs.webkit.org/show_bug.cgi?id=153969
911
912         Reviewed by Dan Bernstein.
913
914         * WebCore.xcodeproj/project.pbxproj:
915         Add new file NSScrollerImpSPI.h
916
917         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
918         Use new include of NSScrollerImpSPI.h.
919
920         * platform/ScrollbarThemeComposite.h:
921         Define ScrollbarPainter more precisely as NSScrollerImp * now that the type is available to us.
922
923         * platform/mac/NSScrollerImpDetails.h:
924         Remove NSObject category based SPI usage with the modern one NSScrollerImpSPI.h
925
926         * platform/mac/NSScrollerImpDetails.mm:
927         (WebCore::recommendedScrollerStyle):
928         Simplify recommendedScrollerStyle() now that all OS's we ship on have +[NSScroller preferredScrollerStyle].
929
930         * platform/mac/ScrollAnimatorMac.mm:
931         (supportsUIStateTransitionProgress):
932         (supportsExpansionTransitionProgress):
933         (supportsContentAreaScrolledInDirection):
934         Stop using NSClassFromString now that we can reference the classes explicitly.
935
936         (-[WebScrollbarPainterControllerDelegate invalidate]):
937         (-[WebScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
938         (-[WebScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
939         (-[WebScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
940         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
941         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
942         (-[WebScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
943         (-[WebScrollbarPainterDelegate layer]):
944         (-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]):
945         (-[WebScrollbarPainterDelegate convertRectToLayer:]):
946         (-[WebScrollbarPainterDelegate shouldUseLayerPerPartForScrollerImp:]):
947         (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
948         (-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
949         (-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
950         (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
951         (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
952         (-[WebScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
953         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
954         (WebCore::ScrollAnimatorMac::lockOverlayScrollbarStateToHidden):
955         (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
956         (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
957         (WebCore::ScrollAnimatorMac::updateScrollerStyle):
958         Add proper conforming to protocols and replace ids with proper types.
959
960         * platform/mac/ScrollbarThemeMac.mm:
961         (WebCore::supportsExpandedScrollbars):
962         (WebCore::ScrollbarThemeMac::registerScrollbar):
963         (WebCore::ScrollbarThemeMac::scrollbarThickness):
964         (WebCore::ScrollbarThemeMac::setUpContentShadowLayer):
965         Stop using NSClassFromString now that we can reference the classes explicitly.
966
967         * platform/spi/mac/NSScrollerImpSPI.h: Added.
968
969 2016-02-07  Zalan Bujtas  <zalan@apple.com>
970
971         Outline does not clip when ancestor has overflow: hidden and requires layer.
972         https://bugs.webkit.org/show_bug.cgi?id=153901
973
974         Now that outline is part of visual overflow, we no longer need the special outline cliprect.
975         PaintPhaseChildOutlines drawing will switch to foreground cliprect. It ensures proper overflow clipping
976         at parent level. PaintPhaseSelfOutline drawing will start using the visual overflow inflated background cliprect.
977         With this change, outline will be using the same cliprects as the other visual overflow properties (box-shadow etc). 
978
979         Reviewed by David Hyatt.
980
981         Test: fast/repaint/outline-with-overflow-hidden-ancestor.html
982
983         * rendering/LayerFragment.h:
984         (WebCore::LayerFragment::setRects):
985         (WebCore::LayerFragment::moveBy): Deleted.
986         (WebCore::LayerFragment::intersect): Deleted.
987         * rendering/RenderLayer.cpp:
988         (WebCore::RenderLayer::collectFragments):
989         (WebCore::RenderLayer::paintOutlineForFragments):
990         (WebCore::RenderLayer::calculateClipRects):
991         (WebCore::RenderLayer::paintForegroundForFragments): Deleted.
992         * rendering/RenderLayer.h:
993         * rendering/RenderTreeAsText.cpp:
994         (WebCore::write):
995         (WebCore::writeLayers):
996
997 2016-02-07  Daniel Bates  <dabates@apple.com>
998
999         CSP: Allow Web Workers initiated from an isolated world to bypass the main world Content Security Policy
1000         https://bugs.webkit.org/show_bug.cgi?id=153622
1001         <rdar://problem/24400023>
1002
1003         Reviewed by Gavin Barraclough.
1004
1005         Fixes an issue where Web Workers initiated from an isolated world (say, a Safari Content Script Extension)
1006         would be subject to the Content Security Policy of the page.
1007
1008         Currently code in an isolated world that does not execute in a Web Worker is exempt from the CSP of
1009         the page. However, code that runs inside a Web Worker that was initiated from an isolated world is
1010         subject to the CSP of the page. Instead, such Web Worker code should also be exempt from the CSP of
1011         the page.
1012
1013         Tests: http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-eval.html
1014                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-blob-xhr.html
1015                http/tests/security/isolatedWorld/bypass-main-world-csp-worker.html
1016
1017         * Modules/websockets/WebSocket.cpp:
1018         (WebCore::WebSocket::connect): Modified to ask the script execution context whether to bypass the
1019         main world Content Security Policy now that script execution context knows this information.
1020         * bindings/js/ScriptController.cpp:
1021         (WebCore::ScriptController::shouldBypassMainWorldContentSecurityPolicy): Deleted; moved logic from here...
1022         * bindings/js/ScriptController.h:
1023         * dom/Document.cpp:
1024         (WebCore::Document::shouldBypassMainWorldContentSecurityPolicy): ...to here.
1025         * dom/Document.h:
1026         * dom/ScriptExecutionContext.h:
1027         (WebCore::ScriptExecutionContext::shouldBypassMainWorldContentSecurityPolicy): Added; defaults to false -
1028         do not bypass the main world Content Security Policy.
1029         * page/EventSource.cpp:
1030         (WebCore::EventSource::create): Modified to ask the script execution context whether to bypass the
1031         main world Content Security Policy now that script execution context knows this information.
1032         * page/csp/ContentSecurityPolicy.cpp:
1033         (WebCore::ContentSecurityPolicy::shouldBypassMainWorldContentSecurityPolicy): Deleted.
1034         * page/csp/ContentSecurityPolicy.h:
1035         * workers/AbstractWorker.cpp:
1036         (WebCore::AbstractWorker::resolveURL): Bypass the main world Content Security Policy if applicable.
1037         Added FIXME comment to enforce the child-src directive of the document's CSP (as opposed to the script-src
1038         directive) on the worker's script URL. Also, scriptExecutionContext()->contentSecurityPolicy() should
1039         always be non-null just as we expect scriptExecutionContext()->securityOrigin() to be non-null. Assert
1040         this invariant to catch cases where a ScriptExecutionContext is not properly initialized.
1041         * workers/DedicatedWorkerGlobalScope.cpp:
1042         (WebCore::DedicatedWorkerGlobalScope::create): Modified to take boolean argument shouldBypassMainWorldContentSecurityPolicy
1043         as to whether to bypass the main world Content Security Policy and only apply the Content Security
1044         Policy headers when shouldBypassMainWorldContentSecurityPolicy is false.
1045         (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1046         as to whether to bypass the main world Content Security Policy.
1047         * workers/DedicatedWorkerGlobalScope.h:
1048         * workers/DedicatedWorkerThread.cpp:
1049         (WebCore::DedicatedWorkerThread::DedicatedWorkerThread): Ditto.
1050         (WebCore::DedicatedWorkerThread::createWorkerGlobalScope): Ditto.
1051         * workers/DedicatedWorkerThread.h:
1052         * workers/Worker.cpp:
1053         (WebCore::Worker::create): Store whether we should bypass the main world Content Security Policy so
1054         that we can pass it to WorkerMessagingProxy::startWorkerGlobalScope() in Worker::notifyFinished().
1055         We need to store this decision here as opposed to determining it at any later time (say, in Worker::notifyFinished())
1056         because it is dependent on the current JavaScript program stack at the time this function is invoked.
1057         (WebCore::Worker::notifyFinished): Pass whether to bypass the main world Content Security Policy.
1058         * workers/Worker.h:
1059         * workers/WorkerGlobalScope.cpp:
1060         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Modified to take a boolean as to whether to bypass the
1061         main world Content Security Policy and store it in a member field. Also, always instantiate a Content
1062         Security Policy object as our current code assumes that one is always created.
1063         * workers/WorkerGlobalScope.h:
1064         * workers/WorkerGlobalScopeProxy.h:
1065         * workers/WorkerMessagingProxy.cpp:
1066         (WebCore::WorkerMessagingProxy::startWorkerGlobalScope): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1067         as to whether to bypass the main world Content Security Policy.
1068         * workers/WorkerMessagingProxy.h:
1069         * workers/WorkerThread.cpp:
1070         (WebCore::WorkerThreadStartupData::WorkerThreadStartupData): Modified to take a boolean argument as to
1071         whether to bypass the main world Content Security Policy and store it in a member field.
1072         (WebCore::WorkerThread::WorkerThread): Pass through a boolean argument shouldBypassMainWorldContentSecurityPolicy
1073         as to whether to bypass the main world Content Security Policy.
1074         (WebCore::WorkerThread::workerThread): Ditto.
1075         * workers/WorkerThread.h:
1076         * xml/XMLHttpRequest.cpp:
1077         (WebCore::XMLHttpRequest::open): Modified to ask the script execution context whether to bypass the
1078         main world Content Security Policy now that script execution context knows this information.
1079
1080 2016-02-07  Dan Bernstein  <mitz@apple.com>
1081
1082         [Cocoa] Replace __has_include guards around inclusion of Apple-internal-SDK headers with USE(APPLE_INTERNAL_SDK)
1083         https://bugs.webkit.org/show_bug.cgi?id=153963
1084
1085         Reviewed by Sam Weinig.
1086
1087         * accessibility/mac/AXObjectCacheMac.mm:
1088         * crypto/CommonCryptoUtilities.cpp:
1089         * crypto/CommonCryptoUtilities.h:
1090         * editing/mac/TextUndoInsertionMarkupMac.h:
1091         * editing/mac/TextUndoInsertionMarkupMac.mm:
1092         * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
1093         * platform/graphics/cg/ImageSourceCG.cpp:
1094         * platform/graphics/mac/PDFDocumentImageMac.mm:
1095         * platform/network/ios/NetworkStateNotifierIOS.mm:
1096         * platform/network/mac/BlobDataFileReferenceMac.mm:
1097         * platform/network/mac/ResourceHandleMac.mm:
1098         * rendering/RenderThemeMac.mm:
1099
1100 2016-02-07  Carlos Garcia Campos  <cgarcia@igalia.com>
1101
1102         REGRESSION(r195661): [GTK] Scrollbar tests crashing after overlay scrollbar groundwork
1103         https://bugs.webkit.org/show_bug.cgi?id=153695
1104
1105         Reviewed by Michael Catanzaro.
1106
1107         The problem is that ScrollAnimation objects are not destroyed by
1108         the ScrollAnimator destructor, because I forgot to add a virtual
1109         destructor for ScrollAnimation in r195661.
1110
1111         * platform/ScrollAnimation.h:
1112         (WebCore::ScrollAnimation::~ScrollAnimation):
1113
1114 2016-02-06  Chris Dumez  <cdumez@apple.com>
1115
1116         Prevent cross-origin access to window.history
1117         https://bugs.webkit.org/show_bug.cgi?id=153931
1118
1119         Reviewed by Darin Adler.
1120
1121         Prevent cross-origin access to window.history to match the specification [1]
1122         and the behavior of other browsers (tested Firefox and Chrome).
1123
1124         [1] https://html.spec.whatwg.org/multipage/browsers.html#security-window
1125
1126         No new tests, already covered by existing tests that
1127         were updated in this patch.
1128
1129         * bindings/js/JSHistoryCustom.cpp:
1130         (WebCore::JSHistory::pushState):
1131         (WebCore::JSHistory::replaceState):
1132         (WebCore::JSHistory::state): Deleted.
1133         * page/DOMWindow.idl:
1134         * page/History.idl:
1135
1136 2016-02-06  Beth Dakin  <bdakin@apple.com>
1137
1138         ScrollbarPainters needs to be deallocated on the main thread
1139         https://bugs.webkit.org/show_bug.cgi?id=153932
1140         -and corresponding-
1141         rdar://problem/24015483
1142
1143         Reviewed by Dan Bernstein.
1144
1145         Darin pointed out that this was still race-y. There was still a race 
1146         condition between the destruction of the two local variables and the
1147         destruction of the lambda on the main thread. This should fix that. 
1148         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
1149         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1150         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1151         (WebCore::ScrollingTreeFrameScrollingNodeMac::releaseReferencesToScrollbarPaintersOnTheMainThread):
1152         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1153
1154 2016-02-06  Darin Adler  <darin@apple.com>
1155
1156         Finish auditing call sites of upper() and lower(), eliminate many, and rename the functions
1157         https://bugs.webkit.org/show_bug.cgi?id=153905
1158
1159         Reviewed by Sam Weinig.
1160
1161         * Modules/mediasource/MediaSource.cpp:
1162         (WebCore::MediaSource::isTypeSupported): Use convertToASCIILowercase on MIME type.
1163
1164         * accessibility/AccessibilityObject.cpp:
1165         (WebCore::AccessibilityObject::selectText): Use new names for lower and upper. Also
1166         tweaked style a tiny bit and used u_toupper rather than converting an entire
1167         string to uppercase.
1168
1169         * dom/Document.cpp:
1170         (WebCore::Document::addImageElementByCaseFoldedUsemap): Renamed to reflect the use
1171         of case folding rather than lowercasing.
1172         (WebCore::Document::removeImageElementByCaseFoldedUsemap): Ditto.
1173         (WebCore::Document::imageElementByCaseFoldedUsemap): Ditto.
1174         * dom/Document.h: Ditto.
1175         * dom/DocumentOrderedMap.cpp:
1176         (WebCore::DocumentOrderedMap::getElementByCaseFoldedMapName): Ditto.
1177         (WebCore::DocumentOrderedMap::getElementByCaseFoldedUsemap): Ditto.
1178         * dom/DocumentOrderedMap.h: Ditto.
1179
1180         * dom/TreeScope.cpp:
1181         (WebCore::TreeScope::getImageMap): Removed unneeded special case for null string.
1182         Simplified logic for cases where the URL does not have a "#" character in it.
1183         Use case folding instead of lowercase.
1184
1185         * editing/cocoa/HTMLConverter.mm:
1186         (HTMLConverter::_processText): Removed unneded special case for the empty string.
1187         Use makCapitalized instead of Cocoa function for "capitalize". Use upper and lower
1188         functions by their new names.
1189
1190         * html/HTMLImageElement.cpp:
1191         (WebCore::HTMLImageElement::parseAttribute): Use case folding instead of
1192         lowerasing for the usemap attribute.
1193         (WebCore::HTMLImageElement::insertedInto): Ditto.
1194         (WebCore::HTMLImageElement::removedFrom): Ditto.
1195         (WebCore::HTMLImageElement::matchesCaseFoldedUsemap): Ditto.
1196         * html/HTMLImageElement.h: Rename since usemap is case folded now, not lowercased.
1197
1198         * html/HTMLMapElement.cpp:
1199         (WebCore::HTMLMapElement::imageElement): Use case folding instead of lowercasing
1200         for usemap.
1201         (WebCore::HTMLMapElement::parseAttribute): Ditto.
1202
1203         * platform/Language.cpp:
1204         (WebCore::canonicalLanguageIdentifier): Use convertToASCIILowercase for language code.
1205         (WebCore::indexOfBestMatchingLanguageInList): Ditto.
1206
1207         * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
1208         (WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Use new name for the upper function.
1209
1210         * platform/network/HTTPParsers.cpp:
1211         (WebCore::parseContentTypeOptionsHeader): Use equalLettersIgnoringASCIICase instead
1212         of lowercasing to check for a specific header value.
1213
1214         * platform/network/MIMEHeader.cpp:
1215         (WebCore::retrieveKeyValuePairs): Use convertToASCIILowercase for MIME header name.
1216         (WebCore::MIMEHeader::parseContentTransferEncoding): Use equalLettersIgnoringASCIICase
1217         instead of lowercasing.
1218
1219         * platform/network/cf/ResourceHandleCFNet.cpp:
1220         (WebCore::allowsAnyHTTPSCertificateHosts): Make this hash ASCII case-insensitive.
1221         (WebCore::clientCertificates): Ditto.
1222         (WebCore::ResourceHandle::createCFURLConnection): Remove call to lower since the
1223         set is now ASCII case-insensitive.
1224         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1225         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1226
1227         * platform/network/curl/CookieJarCurl.cpp:
1228         (WebCore::getNetscapeCookieFormat): Use equalLettersIgnoringASCIICase instead of
1229         lowercasing.
1230
1231         * platform/network/curl/MultipartHandle.cpp:
1232         (WebCore::MultipartHandle::didReceiveResponse): Use convertToASCIILowercase to
1233         make a MIME type lowercase.
1234
1235         * platform/network/curl/ResourceHandleCurl.cpp:
1236         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Removed unneeded
1237         conversion to lowercase now that the set is ASCII case-insensitive.
1238         (WebCore::ResourceHandle::setClientCertificate): Removed code that populates a map
1239         that is then never used for anything.
1240
1241         * platform/network/curl/ResourceHandleManager.cpp:
1242         (WebCore::headerCallback): Use convertToASCIILowercase for MIME type.
1243
1244         * platform/network/curl/SSLHandle.cpp: Made hash maps keyed by host names
1245         ASCII case-insensitive.
1246         (WebCore::addAllowedClientCertificate): Removed lowercasing since the map itself
1247         is now ASCII case insensitve.
1248         (WebCore::setSSLClientCertificate): Ditto. Also use auto for iterator type so we
1249         don't have to write out the map type.
1250         (WebCore::sslIgnoreHTTPSCertificate): Ditto.
1251         (WebCore::certVerifyCallback): Ditto.
1252
1253         * platform/network/soup/ResourceHandleSoup.cpp: Made hash maps keyed by host names
1254         ASCII case-insensitive.
1255         (WebCore::allowsAnyHTTPSCertificateHosts): Ditto.
1256         (WebCore::handleUnignoredTLSErrors): Ditto.
1257         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Ditto.
1258         (WebCore::ResourceHandle::setClientCertificate): Ditto.
1259
1260         * platform/text/LocaleToScriptMappingDefault.cpp: Made hash maps keyed by script
1261         names ASCII case-insensitive. USE WTF_ARRAY_LENGTH as appropriate.
1262         (WebCore::scriptNameToCode): Use modern style to initialize the map. Removed
1263         unnecessary lowercasing of the script name before looking at the map.
1264         (WebCore::localeToScriptCodeForFontSelection): Ditto.
1265
1266         * platform/text/win/LocaleWin.cpp:
1267         (WebCore::convertLocaleNameToLCID): Made map ASCII case-insensitive and removed
1268         unneeded lowercasing.
1269
1270         * platform/win/PasteboardWin.cpp:
1271         (WebCore::clipboardTypeFromMIMEType): Use equalLettersIgnoringASCIICase instead
1272         of lowercasing.
1273
1274         * rendering/RenderText.cpp:
1275         (WebCore::applyTextTransform): Use new names for the upper and lower functions.
1276
1277         * xml/XMLHttpRequest.cpp:
1278         (WebCore::XMLHttpRequest::responseIsXML): Remove unneeded lowercasing, since
1279         DOMImplementation now has ASCII case-insensitive handling of MIME types.
1280
1281 2016-02-06  Zalan Bujtas  <zalan@apple.com>
1282
1283         Outline should contribute to visual overflow.
1284         https://bugs.webkit.org/show_bug.cgi?id=153299
1285
1286         This patch eliminates the special outline handling (RenderView::setMaximalOutlineSize).
1287         Now that outline is part of visual overflow, we don't have to inflate the layers to accomodate
1288         outline borders.
1289         This patch fixes several focusring related repaint issues. However when both the outline: auto
1290         and the descendant renderer are composited, we still don't paint properly in certain cases. -not a regression.
1291         (Also when parent renderer has overflow: hidden repaint does not take outline into account. -regression.)
1292         It changes column behavior (see TestExpectations) since outline behaves now like any other visual overflow properties.
1293
1294         Reviewed by David Hyatt.
1295
1296         Test: fast/repaint/focus-ring-repaint.html
1297               fast/repaint/focus-ring-repaint-with-negative-offset.html
1298
1299         * css/html.css: resetting to old behavior.
1300         (:focus):
1301         (input:focus, textarea:focus, isindex:focus, keygen:focus, select:focus):
1302         * rendering/InlineFlowBox.cpp:
1303         (WebCore::InlineFlowBox::addToLine):
1304         (WebCore::InlineFlowBox::addOutlineVisualOverflow):
1305         (WebCore::InlineFlowBox::computeOverflow):
1306         (WebCore::InlineFlowBox::paint): Deleted.
1307         * rendering/InlineFlowBox.h:
1308         * rendering/RenderBlock.cpp:
1309         (WebCore::RenderBlock::computeOverflow):
1310         (WebCore::RenderBlock::outlineStyleForRepaint):
1311         (WebCore::RenderBlock::paint): Deleted.
1312         * rendering/RenderBlockFlow.cpp:
1313         (WebCore::RenderBlockFlow::layoutBlock): Deleted.
1314         (WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren): Deleted.
1315         * rendering/RenderBlockLineLayout.cpp:
1316         (WebCore::RenderBlockFlow::addOverflowFromInlineChildren):
1317         * rendering/RenderBox.cpp:
1318         (WebCore::RenderBox::addVisualEffectOverflow):
1319         (WebCore::RenderBox::applyVisualEffectOverflow):
1320         (WebCore::RenderBox::clippedOverflowRectForRepaint): Deleted.
1321         * rendering/RenderBoxModelObject.h:
1322         * rendering/RenderDetailsMarker.cpp:
1323         (WebCore::RenderDetailsMarker::paint): Deleted.
1324         * rendering/RenderElement.cpp:
1325         (WebCore::RenderElement::insertChildInternal):
1326         (WebCore::RenderElement::styleDidChange):
1327         (WebCore::RenderElement::repaintAfterLayoutIfNeeded):
1328         (WebCore::RenderElement::issueRepaintForOutlineAuto):
1329         (WebCore::RenderElement::updateOutlineAutoAncestor):
1330         (WebCore::RenderElement::computeMaxOutlineSize): Deleted.
1331         (WebCore::RenderElement::styleWillChange): Deleted.
1332         * rendering/RenderElement.h:
1333         (WebCore::RenderElement::hasContinuation):
1334         * rendering/RenderInline.cpp:
1335         (WebCore::RenderInline::paintOutlineForLine): Deleted.
1336         * rendering/RenderLayer.cpp:
1337         (WebCore::RenderLayer::calculateClipRects):
1338         * rendering/RenderLineBoxList.cpp:
1339         (WebCore::RenderLineBoxList::anyLineIntersectsRect):
1340         (WebCore::RenderLineBoxList::lineIntersectsDirtyRect):
1341         (WebCore::RenderLineBoxList::paint):
1342         (WebCore::isOutlinePhase): Deleted.
1343         * rendering/RenderLineBoxList.h:
1344         * rendering/RenderListBox.cpp:
1345         (WebCore::RenderListBox::computePreferredLogicalWidths):
1346         * rendering/RenderListMarker.cpp:
1347         (WebCore::RenderListMarker::paint): Deleted.
1348         * rendering/RenderObject.cpp:
1349         (WebCore::RenderObject::propagateRepaintToParentWithOutlineAutoIfNeeded): The renderer with outline: auto is responsible for
1350         painting focusring around the descendants. If we issued repaint only on the descendant when it changes,
1351         the focusring would not refresh properly. We have to find the ancestor with outline: auto, inflate the repaint rect and
1352         issue the repaint on the ancestor if we crossed repaint container.
1353  
1354         (WebCore::RenderObject::repaintUsingContainer):
1355         (WebCore::RenderObject::adjustRectForOutlineAndShadow):
1356         (WebCore::RenderObject::setHasOutlineAutoAncestor):
1357         (WebCore::RenderObject::adjustRectWithMaximumOutline): Deleted.
1358         
1359         * rendering/RenderObject.h: We mark the descendants of outline: auto so that
1360         when a child renderer changes we can propagate the repaint to the ancestor with outline.
1361
1362         (WebCore::RenderObject::hasOutlineAutoAncestor):
1363         (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
1364         * rendering/RenderRegion.cpp:
1365         (WebCore::RenderRegion::overflowRectForFlowThreadPortion):
1366         * rendering/RenderReplaced.cpp:
1367         (WebCore::RenderReplaced::shouldPaint): Deleted.
1368         (WebCore::RenderReplaced::clippedOverflowRectForRepaint): Deleted.
1369         * rendering/RenderTable.cpp:
1370         (WebCore::RenderTable::paint): Deleted.
1371         * rendering/RenderTableCell.cpp:
1372         (WebCore::RenderTableCell::clippedOverflowRectForRepaint): Deleted.
1373         (WebCore::RenderTableCell::paintCollapsedBorders): Deleted.
1374         * rendering/RenderTableRow.cpp:
1375         (WebCore::RenderTableRow::layout):
1376         (WebCore::RenderTableRow::clippedOverflowRectForRepaint): Deleted.
1377         * rendering/RenderTableSection.cpp:
1378         (WebCore::RenderTableSection::layoutRows):
1379         (WebCore::RenderTableSection::computeOverflowFromCells): Deleted.
1380         (WebCore::RenderTableSection::paintObject): Deleted.
1381         * rendering/RenderTheme.h:
1382         (WebCore::RenderTheme::platformFocusRingWidth):
1383         * rendering/RenderView.cpp:
1384         (WebCore::RenderView::setMaximalOutlineSize): Deleted.
1385         * rendering/RenderView.h:
1386         * rendering/style/RenderStyle.cpp:
1387         (WebCore::RenderStyle::changeAffectsVisualOverflow):
1388         (WebCore::RenderStyle::outlineWidth):
1389         * rendering/style/RenderStyle.h:
1390
1391 2016-02-06  Andreas Kling  <akling@apple.com>
1392
1393         [iOS] Throw away linked code when navigating to a new page.
1394         <https://webkit.org/b/153851>
1395
1396         Reviewed by Gavin Barraclough.
1397
1398         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
1399         Linked code is tied to a specific global object, and as we're creating a new one for the
1400         new page, none of it is useful to us here.
1401
1402         In the event that the user navigates back, the cost of relinking some code will be far
1403         lower than the memory cost of keeping all of it around.
1404
1405         This landed previously but was rolled out due to a Speedometer regression. I've made one
1406         minor but important change here: only throw away code if we're navigating away from an
1407         existing history item. Or in other words, don't throw away code for "force peeks" or any
1408         other navigations that are not traditional top-level main frame navigations.
1409
1410         * bindings/js/GCController.cpp:
1411         (WebCore::GCController::deleteAllLinkedCode):
1412         * bindings/js/GCController.h:
1413         * loader/FrameLoader.cpp:
1414         (WebCore::FrameLoader::commitProvisionalLoad):
1415
1416 2016-02-06  Konstantin Tokarev  <annulen@yandex.ru>
1417
1418         Added implementations of AXObjectCache methods for !HAVE(ACCESSIBILITY).
1419         https://bugs.webkit.org/show_bug.cgi?id=153924
1420
1421         Reviewed by Andreas Kling.
1422
1423         No new tests needed.
1424
1425         * accessibility/AXObjectCache.h:
1426         (WebCore::AXObjectCache::ariaModalNode): Added stub implementation.
1427         (WebCore::AXObjectCache::postLiveRegionChangeNotification): Ditto.
1428         (WebCore::AXObjectCache::rangeForNodeContents): Ditto.
1429         (WebCore::AXObjectCache::setIsSynchronizingSelection): Ditto.
1430         (WebCore::AXObjectCache::setTextSelectionIntent): Ditto.
1431         (WebCore::AXAttributeCacheEnabler::AXAttributeCacheEnabler): Ditto.
1432         (WebCore::AXAttributeCacheEnabler::~AXAttributeCacheEnabler): Ditto.
1433
1434 2016-02-04  Antti Koivisto  <antti@apple.com>
1435
1436         Use scope stack instead of nested TreeResolvers for shadow trees
1437         https://bugs.webkit.org/show_bug.cgi?id=153893
1438
1439         Reviewed by Andreas Kling.
1440
1441         Make TreeResolver per-document. This is a step towards iterative style resolve.
1442
1443         This is done replacing use of nested TreeResolvers with a scope stack that maintains
1444         the style resolver and the selector filter for the current tree scope.
1445
1446         * style/StyleTreeResolver.cpp:
1447         (WebCore::Style::ensurePlaceholderStyle):
1448         (WebCore::Style::TreeResolver::Scope::Scope):
1449         (WebCore::Style::TreeResolver::TreeResolver):
1450         (WebCore::Style::shouldCreateRenderer):
1451         (WebCore::Style::TreeResolver::styleForElement):
1452         (WebCore::Style::TreeResolver::createRenderTreeForShadowRoot):
1453         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
1454         (WebCore::Style::TreeResolver::createRenderTreeRecursively):
1455         (WebCore::Style::TreeResolver::resolveLocally):
1456         (WebCore::Style::TreeResolver::resolveShadowTree):
1457         (WebCore::Style::TreeResolver::resolveBeforeOrAfterPseudoElement):
1458         (WebCore::Style::TreeResolver::resolveChildren):
1459         (WebCore::Style::TreeResolver::resolveSlotAssignees):
1460         (WebCore::Style::TreeResolver::resolveRecursively):
1461         (WebCore::Style::TreeResolver::resolve):
1462         (WebCore::Style::detachRenderTree):
1463         * style/StyleTreeResolver.h:
1464         (WebCore::Style::TreeResolver::scope):
1465         (WebCore::Style::TreeResolver::pushScope):
1466         (WebCore::Style::TreeResolver::pushEnclosingScope):
1467         (WebCore::Style::TreeResolver::popScope):
1468
1469 2016-02-06  Commit Queue  <commit-queue@webkit.org>
1470
1471         Unreviewed, rolling out r196104.
1472         https://bugs.webkit.org/show_bug.cgi?id=153940
1473
1474         Regressed Speedometer on iOS (Requested by kling on #webkit).
1475
1476         Reverted changeset:
1477
1478         "[iOS] Throw away linked code when navigating to a new page."
1479         https://bugs.webkit.org/show_bug.cgi?id=153851
1480         http://trac.webkit.org/changeset/196104
1481
1482 2016-02-05  Beth Dakin  <bdakin@apple.com>
1483
1484         ScrollbarPainters needs to be deallocated on the main thread
1485         https://bugs.webkit.org/show_bug.cgi?id=153932
1486         -and corresponding-
1487         rdar://problem/24015483
1488
1489         Reviewed by Geoff Garen.
1490
1491         Follow-up fix since the first one was still race-y.
1492         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1493         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1494         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1495
1496 2016-02-05  Beth Dakin  <bdakin@apple.com>
1497
1498         ScrollbarPainters needs to be deallocated on the main thread
1499         https://bugs.webkit.org/show_bug.cgi?id=153932
1500         -and corresponding-
1501         rdar://problem/24015483
1502
1503         Reviewed by Tim Horton.
1504
1505         Ensure the the destructor of ScrollingTreeFrameScrollingNodeMac and the 
1506         assignments done in this class are not responsible for deallocating the 
1507         ScrollbarPainter. 
1508         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
1509         (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac):
1510         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
1511
1512 2016-02-05  Chris Dumez  <cdumez@apple.com>
1513
1514         Instance property getters / setters cannot be called on another instance of the same type
1515         https://bugs.webkit.org/show_bug.cgi?id=153895
1516
1517         Reviewed by Gavin Barraclough.
1518
1519         It should be possible to call instance property getters / setters on
1520         other instances of the same type, as per the WEB IDL specification:
1521         - http://heycam.github.io/webidl/#dfn-attribute-getter
1522         - http://heycam.github.io/webidl/#dfn-attribute-setter
1523
1524         This matches the behavior of Firefox.
1525
1526         The issue without our bindings was that the getters / setters were
1527         using |slotBase| instead of |thisValue| and therefore ended up using
1528         the instance the getter was taken from instead of the actual target
1529         object.
1530
1531         Test:
1532         js/instance-property-getter-other-instance.html
1533         js/instance-property-setter-other-instance.html
1534
1535         * bindings/scripts/CodeGeneratorJS.pm:
1536         (GenerateImplementation):
1537         - Have instance getters / setters use thisValue instead of slotBase.
1538         - In the case of interfaces that have attributes on the instance for
1539           compatibility reasons, try the prototype object if |thisValue| does
1540           does have the right type, instead of using slotBase like previously.
1541           I believe this maintains the original compatibility intention while
1542           also behaving correctly when called on another instance.
1543
1544         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1545         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1546         * bindings/scripts/test/JS/JSTestException.cpp:
1547         * bindings/scripts/test/JS/JSTestInterface.cpp:
1548         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1549         * bindings/scripts/test/JS/JSTestNode.cpp:
1550         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1551         * bindings/scripts/test/JS/JSTestObj.cpp:
1552         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1553         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1554         * bindings/scripts/test/JS/JSattribute.cpp:
1555         Rebaseline bindings tests.
1556
1557 2016-02-05  Brady Eidson  <beidson@apple.com>
1558
1559         Modern IDB: UniqueIDBDatabase's m_databaseInfo is unsafely used from multiple threads.
1560         https://bugs.webkit.org/show_bug.cgi?id=153912
1561
1562         Reviewed by Alex Christensen.
1563
1564         No new tests (Anything testable about this patch is already covered by existing tests).
1565
1566         * Modules/indexeddb/server/IDBBackingStore.h:
1567
1568         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
1569         (WebCore::IDBServer::MemoryIDBBackingStore::infoForObjectStore):
1570         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
1571
1572         Teach the SQLiteIDBBackingStore to actually keep its m_databaseInfo up to date as it changes,
1573         and to revert it when version change transactions abort:
1574         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
1575         (WebCore::IDBServer::SQLiteIDBBackingStore::beginTransaction):
1576         (WebCore::IDBServer::SQLiteIDBBackingStore::abortTransaction):
1577         (WebCore::IDBServer::SQLiteIDBBackingStore::commitTransaction):
1578         (WebCore::IDBServer::SQLiteIDBBackingStore::createObjectStore):
1579         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteObjectStore):
1580         (WebCore::IDBServer::SQLiteIDBBackingStore::createIndex):
1581         (WebCore::IDBServer::SQLiteIDBBackingStore::deleteIndex):
1582         (WebCore::IDBServer::SQLiteIDBBackingStore::infoForObjectStore):
1583         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
1584
1585         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
1586         (WebCore::IDBServer::UniqueIDBDatabase::performPutOrAdd): Use the IDBBackingStore's copy of the 
1587           IDBObjectStoreInfo, meant only for the database thread, instead of the UniqueIDBDatabase's copy, 
1588           which is meant only for the main thread.
1589
1590 2016-02-05  Alex Christensen  <achristensen@webkit.org>
1591
1592         Clean up Blob code
1593         https://bugs.webkit.org/show_bug.cgi?id=153910
1594
1595         Reviewed by Alexey Proskuryakov.
1596
1597         No new tests, no change in behavior.
1598
1599         * css/StyleSheet.h:
1600         * fileapi/Blob.cpp:
1601         (WebCore::Blob::Blob):
1602         (WebCore::Blob::normalizedContentType):
1603         (WebCore::Blob::isNormalizedContentType):
1604         (WebCore::Blob::registry):
1605         * fileapi/Blob.h:
1606         * fileapi/BlobURL.cpp:
1607         (WebCore::BlobURL::createPublicURL):
1608         * fileapi/BlobURL.h:
1609         (WebCore::BlobURL::BlobURL):
1610         (WebCore::BlobURL::blobProtocol): Deleted.
1611         * platform/PlatformStrategies.cpp:
1612         (WebCore::setPlatformStrategies):
1613         (WebCore::hasPlatformStrategies): Deleted.
1614         * platform/PlatformStrategies.h:
1615         * platform/network/BlobRegistry.cpp:
1616         (WebCore::blobRegistry):
1617         * platform/network/BlobRegistry.h:
1618         * platform/network/BlobRegistryImpl.cpp:
1619         (WebCore::BlobRegistryImpl::~BlobRegistryImpl):
1620         (WebCore::createResourceHandle):
1621         (WebCore::registerBlobResourceHandleConstructor):
1622         (WebCore::BlobRegistryImpl::createResourceHandle):
1623         (WebCore::BlobRegistryImpl::appendStorageItems):
1624         (WebCore::BlobRegistryImpl::registerFileBlobURL):
1625         (WebCore::BlobRegistryImpl::registerBlobURL):
1626         * platform/network/BlobRegistryImpl.h:
1627         * platform/network/BlobResourceHandle.cpp:
1628         (WebCore::BlobResourceHandle::loadResourceSynchronously):
1629         (WebCore::BlobResourceHandle::BlobResourceHandle):
1630         * platform/network/ResourceHandle.h:
1631
1632 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
1633
1634         [GTK] Scrollbars incorrectly rendered with older versions of GTK+
1635         https://bugs.webkit.org/show_bug.cgi?id=153861
1636
1637         Reviewed by Michael Catanzaro.
1638
1639         The theme doesn't really know it's a scrollbar. Older versions of
1640         GTK+ require to explicitly add the scrollbar style class to the
1641         child GtkStyleContext.
1642
1643         * platform/gtk/ScrollbarThemeGtk.cpp:
1644         (WebCore::createChildStyleContext):
1645
1646 2016-02-05  Carlos Garcia Campos  <cgarcia@igalia.com>
1647
1648         [GTK] Scrollbars not correctly rendered in non GNOME environments
1649         https://bugs.webkit.org/show_bug.cgi?id=153860
1650
1651         Reviewed by Michael Catanzaro.
1652
1653         I noticed this in a matchbox environment, where there's no
1654         gnome-setting-daemon running. The problem is only with the
1655         scrollbars, because we initialize the GtkSettings in
1656         RenderThemeGtk and notify the ScrollbarTheme when it changes, but
1657         ScrollbarTheme is created before RenderThemeGtk so we initialize
1658         the theme properties before the GtkSettings have been
1659         initialized. We can just let the ScrollbarTheme monitor the
1660         theme itself instead of relying on being notified by the WebCore
1661         layer.
1662
1663         * platform/gtk/ScrollbarThemeGtk.cpp:
1664         (WebCore::themeChangedCallback):
1665         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1666         * rendering/RenderThemeGtk.cpp:
1667         (WebCore::gtkStyleChangedCallback): Deleted.
1668
1669 2016-02-05  Youenn Fablet  <youenn.fablet@crf.canon.fr>
1670
1671         Remove DOMWrapped parameter from JSKeyValueIterator
1672         https://bugs.webkit.org/show_bug.cgi?id=153859
1673
1674         Reviewed by Sam Weinig.
1675
1676         No change in behavior.
1677
1678         Using std::declval to infer DOMWrapped from JSWrapper::wrapped.
1679
1680         * bindings/js/JSFetchHeadersCustom.cpp:
1681         (WebCore::JSFetchHeaders::entries):
1682         (WebCore::JSFetchHeaders::keys):
1683         (WebCore::JSFetchHeaders::values):
1684         * bindings/js/JSKeyValueIterator.h:
1685         (WebCore::createIterator):
1686         (WebCore::JSKeyValueIterator<JSWrapper>::destroy):
1687         (WebCore::JSKeyValueIterator<JSWrapper>::next):
1688         (WebCore::JSKeyValueIteratorPrototypeFunctionNext):
1689         (WebCore::JSKeyValueIteratorPrototype<JSWrapper>::finishCreation):
1690
1691 2016-02-05  Nan Wang  <n_wang@apple.com>
1692
1693         AX: WebKit hanging when VoiceOver attempts to focus in on page
1694         https://bugs.webkit.org/show_bug.cgi?id=153899
1695         <rdar://problem/24506603>
1696
1697         Reviewed by Chris Fleizach.
1698
1699         The VisiblePosition to CharacterOffset conversion will lead to an infinite loop if the
1700         nextVisiblePostion call is returning the original VisiblePosition. Fixed it by breaking out
1701         of the loop early in that situation. 
1702
1703         Test: accessibility/text-marker/character-offset-visible-position-conversion-hang.html
1704
1705         * accessibility/AXObjectCache.cpp:
1706         (WebCore::AXObjectCache::characterOffsetFromVisiblePosition):
1707
1708 2016-02-04  Joseph Pecoraro  <pecoraro@apple.com>
1709
1710         Web Inspector: InspectorTimelineAgent doesn't need to recompile functions because it now uses the sampling profiler
1711         https://bugs.webkit.org/show_bug.cgi?id=153500
1712         <rdar://problem/24352458>
1713
1714         Reviewed by Timothy Hatcher.
1715
1716         * bindings/js/JSDOMWindowBase.cpp:
1717         (WebCore::JSDOMWindowBase::supportsLegacyProfiling):
1718         (WebCore::JSDOMWindowBase::supportsRichSourceInfo):
1719         (WebCore::JSDOMWindowBase::supportsProfiling): Deleted.
1720         * bindings/js/JSDOMWindowBase.h:
1721         * bindings/js/JSWorkerGlobalScopeBase.cpp:
1722         (WebCore::JSWorkerGlobalScopeBase::supportsLegacyProfiling):
1723         (WebCore::JSWorkerGlobalScopeBase::supportsProfiling): Deleted.
1724         * bindings/js/JSWorkerGlobalScopeBase.h:
1725         * inspector/InspectorController.h:
1726         * inspector/InspectorController.cpp:
1727         (WebCore::InspectorController::legacyProfilerEnabled):
1728         (WebCore::InspectorController::setLegacyProfilerEnabled):
1729         Be more explicit about enabling legacy profiling.
1730
1731         * inspector/InspectorTimelineAgent.cpp:
1732         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
1733         (WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend): Deleted.
1734         TimelineAgent doesn't need to recompile if using the sampling profiler.
1735         This breaks console.profile, but console.profile should move to using
1736         the sampling profiler as well.
1737
1738         (WebCore::InspectorTimelineAgent::startFromConsole):
1739         (WebCore::InspectorTimelineAgent::stopFromConsole):
1740         (WebCore::startProfiling): Deleted.
1741         (WebCore::stopProfiling): Deleted.
1742         Inlined the use once static functions.
1743
1744         * page/PageConsoleClient.cpp:
1745         (WebCore::PageConsoleClient::profile):
1746         (WebCore::PageConsoleClient::profileEnd):
1747         Added FIXMEs for improving console.profile and profileEnd.
1748
1749         * testing/Internals.cpp:
1750         (WebCore::Internals::resetToConsistentState):
1751         (WebCore::Internals::setLegacyJavaScriptProfilingEnabled):
1752         (WebCore::Internals::setJavaScriptProfilingEnabled): Deleted.
1753         * testing/Internals.h:
1754         * testing/Internals.idl:
1755         Be more explicit about enabling legacy profiling.
1756
1757 2016-02-04  Brent Fulgham  <bfulgham@apple.com>
1758
1759         Follow-up: Add "WebKit built-in PDF" Plugin to set of publicly visible plugins
1760         https://bugs.webkit.org/show_bug.cgi?id=153657
1761         <rdar://problem/24413107>
1762
1763         Reviewed by Darin Adler.
1764
1765         * plugins/PluginData.cpp:
1766         (WebCore::shouldBePubliclyVisible): Revise comments to provide a
1767         better explanation of the function and why it exists.
1768
1769 2016-02-04  Jonathan Davis  <jond@apple.com>
1770
1771         Add Fetch API and CSS Variables to feature status
1772         https://bugs.webkit.org/show_bug.cgi?id=153896
1773
1774         Reviewed by Timothy Hatcher.
1775
1776         * features.json:
1777
1778 2016-02-04  Daniel Bates  <dabates@apple.com>
1779
1780         WebKit for iOS Simulator fails to build with public iOS SDK
1781         https://bugs.webkit.org/show_bug.cgi?id=153881
1782
1783         Reviewed by Alex Christensen.
1784
1785         Make constants have internal linkage to match the Apple Internal SDK.
1786
1787         * platform/spi/ios/MobileGestaltSPI.h:
1788
1789 2016-02-04  Chris Dumez  <cdumez@apple.com>
1790
1791         Object.getOwnPropertyDescriptor() returns incomplete descriptor for instance properties
1792         https://bugs.webkit.org/show_bug.cgi?id=153817
1793
1794         Reviewed by Geoffrey Garen.
1795
1796         Update the bindings generator so that property getters / setters now
1797         make sure |this| has the right type and throw a TypeError if it does
1798         not, as per:
1799         - http://heycam.github.io/webidl/#dfn-attribute-getter (step 2.4.2)
1800         - http://heycam.github.io/webidl/#dfn-attribute-setter (step 3.5)
1801
1802         This was an issue when doing something like:
1803         Object.getOwnPropertyDescriptor(window, "location").get.call(nonWindow)
1804
1805         We would call toJSDOMWindow(thisValue), which would return null as
1806         thisValue is not a JSDOMWindow. We would then dereference this null
1807         pointer and crash. We now do a null check and throw a TypeError in
1808         this case, as per the Web IDL specification.
1809
1810         The generated bindings still have some non-spec compliant behavior
1811         though:
1812         1. The getters / setters of instance properties use slotBase instead
1813            of thisValue, which means that calling instanceA's getter on
1814            instanceB returns instanceA's property insteas of instanceB's.
1815         2. Global object property getters should not require an explicit
1816            |this| so calling the following should work:
1817            - Object.getOwnPropertyDescriptor(window, "location").get.call()
1818            We currently throw in this case.
1819
1820         These issues will be addressed in follow-up patches.
1821
1822         Tests: js/getOwnPropertyDescriptor-unforgeable-attributes.html
1823                js/getOwnPropertyDescriptor-window-attributes.html
1824                js/instance-property-getter-other-instance.html
1825
1826         * bindings/scripts/CodeGeneratorJS.pm:
1827         (GenerateImplementation):
1828         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1829         (WebCore::jsTestActiveDOMObjectExcitingAttr):
1830         * bindings/scripts/test/JS/JSTestException.cpp:
1831         (WebCore::jsTestExceptionName):
1832         * bindings/scripts/test/JS/JSTestObj.cpp:
1833         (WebCore::jsTestObjConstructorTestSubObj):
1834         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor):
1835         (WebCore::jsTestObjConditionalAttr4Constructor):
1836         (WebCore::jsTestObjConditionalAttr5Constructor):
1837         (WebCore::jsTestObjConditionalAttr6Constructor):
1838         (WebCore::jsTestObjContentDocument):
1839         (WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
1840         (WebCore::setJSTestObjConditionalAttr4Constructor):
1841         (WebCore::setJSTestObjConditionalAttr5Constructor):
1842         (WebCore::setJSTestObjConditionalAttr6Constructor):
1843         (WebCore::setJSTestObjConstructor): Deleted.
1844         (WebCore::setJSTestObjConstructorStaticStringAttr): Deleted.
1845         (WebCore::setJSTestObjConditionalAttr3): Deleted.
1846         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1847         (WebCore::jsTestTypedefsConstructorTestSubObj):
1848
1849 2016-02-04  Brady Eidson  <beidson@apple.com>
1850
1851         Modern IDB: LayoutTest imported/w3c/indexeddb/keyorder-private.html is flaky.
1852         https://bugs.webkit.org/show_bug.cgi?id=153438.
1853
1854         Reviewed by Alex Christensen.
1855
1856         Tests: storage/indexeddb/modern/idbkey-array-equality-private.html
1857                storage/indexeddb/modern/idbkey-array-equality.html
1858
1859         * Modules/indexeddb/IDBKeyData.cpp:
1860         (WebCore::IDBKeyData::loggingString):
1861         (WebCore::IDBKeyData::operator==): Fix obvious bug.
1862
1863 2016-02-04  Chris Dumez  <cdumez@apple.com>
1864
1865         Unreviewed, fix the EFL clean build after r196123
1866         https://bugs.webkit.org/show_bug.cgi?id=153875
1867
1868         * CMakeLists.txt:
1869         * PlatformGTK.cmake:
1870         * PlatformMac.cmake:
1871         * html/DOMSettableTokenList.h:
1872         * html/DOMSettableTokenList.idl:
1873
1874 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
1875
1876         PageGroup::captionPreferences should return a reference
1877         https://bugs.webkit.org/show_bug.cgi?id=153877
1878         <rdar://problem/24506917>
1879
1880         Reviewed by Jer Noble.
1881
1882         No new tests, no functional change.
1883
1884         * Modules/mediacontrols/MediaControlsHost.cpp:
1885         (WebCore::MediaControlsHost::sortedTrackListForMenu):
1886         (WebCore::MediaControlsHost::displayNameForTrack):
1887         (WebCore::MediaControlsHost::captionMenuOffItem):
1888         (WebCore::MediaControlsHost::captionDisplayMode):
1889         * dom/Document.cpp:
1890         (WebCore::Document::registerForCaptionPreferencesChangedCallbacks):
1891         * html/HTMLMediaElement.cpp:
1892         (WebCore::HTMLMediaElement::HTMLMediaElement):
1893         (WebCore::HTMLMediaElement::addTextTrack):
1894         (WebCore::HTMLMediaElement::configureTextTrackGroup):
1895         (WebCore::HTMLMediaElement::setSelectedTextTrack):
1896         (WebCore::HTMLMediaElement::configureTextTracks):
1897         (WebCore::HTMLMediaElement::captionPreferencesChanged):
1898         (WebCore::HTMLMediaElement::mediaPlayerPreferredAudioCharacteristics):
1899         * html/shadow/MediaControlElements.cpp:
1900         (WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
1901         (WebCore::MediaControlClosedCaptionsTrackListElement::rebuildTrackListMenu):
1902         (WebCore::MediaControlTextTrackContainerElement::updateActiveCuesFontSize):
1903         * page/PageGroup.cpp:
1904         (WebCore::PageGroup::captionPreferencesChanged):
1905         (WebCore::PageGroup::captionPreferences):
1906         * page/PageGroup.h:
1907         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
1908         (WebVideoFullscreenModelVideoElement::updateLegibleOptions):
1909         * testing/InternalSettings.cpp:
1910         (WebCore::InternalSettings::setShouldDisplayTrackKind):
1911         (WebCore::InternalSettings::shouldDisplayTrackKind):
1912         * testing/Internals.cpp:
1913         (WebCore::Internals::resetToConsistentState):
1914         (WebCore::Internals::Internals):
1915         (WebCore::Internals::userPreferredAudioCharacteristics):
1916         (WebCore::Internals::setUserPreferredAudioCharacteristic):
1917         (WebCore::Internals::captionsStyleSheetOverride):
1918         (WebCore::Internals::setCaptionsStyleSheetOverride):
1919         (WebCore::Internals::setPrimaryAudioTrackLanguageOverride):
1920         (WebCore::Internals::setCaptionDisplayMode):
1921
1922 2016-02-04  Konstantin Tokarev  <annulen@yandex.ru>
1923
1924         Removed unused Settings::setPrivateBrowsingEnabled.
1925         https://bugs.webkit.org/show_bug.cgi?id=153869
1926
1927         Reviewed by Alexey Proskuryakov.
1928
1929         Implementation of Settings::setPrivateBrowsingEnabled was removed
1930         in r166661, but declaration is still here.
1931
1932         No new tests needed.
1933
1934         * page/Settings.h:
1935         (WebCore::Settings::setPrivateBrowsingEnabled): Deleted.
1936
1937 2016-02-04  Eric Carlson  <eric.carlson@apple.com>
1938
1939         Don't discard in-band cues with negative start times
1940         https://bugs.webkit.org/show_bug.cgi?id=153867
1941         <rdar://problem/19588632>
1942
1943         Reviewed by Jer Noble.
1944
1945         No new tests, updated and un-skipped http/tests/media/track-in-band-hls-metadata.html.
1946
1947         * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
1948         (WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue):  ASSERT if passed negative time value.
1949         (WebCore::InbandMetadataTextTrackPrivateAVF::updatePendingCueEndTimes): Ditto. Correct logging.
1950
1951         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1952         (WebCore::MediaPlayerPrivateAVFoundationObjC::processCue): ASSERT if passed negative time value.
1953         (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive): Convert negative cue times to zero.
1954         (-[WebCoreAVFMovieObserver legibleOutput:didOutputAttributedStrings:nativeSampleBuffers:forItemTime:]):
1955           Ditto.
1956
1957 2016-02-04  Hyemi Shin  <hyemi.sin@samsung.com>
1958
1959         Specify an exception for createChannelMerger, createChannelSplitter and createPeriodicWave
1960         https://bugs.webkit.org/show_bug.cgi?id=150925
1961
1962         Reviewed by Darin Adler.
1963
1964         createChannelMerger and createChannelSplitter should throw INDEX_SIZE_ERR
1965         for invalid numberOfInputs value.
1966         createPeriodicWave should throw INDEX_SIZE_ERR for invalid lengths of parameters.
1967
1968         Tests: webaudio/audiochannelmerger-basic.html
1969                webaudio/audiochannelsplitter.html
1970                webaudio/periodicwave-lengths.html
1971
1972         * Modules/webaudio/AudioContext.cpp:
1973         (WebCore::AudioContext::createChannelSplitter):
1974         (WebCore::AudioContext::createChannelMerger):
1975         (WebCore::AudioContext::createPeriodicWave):
1976
1977 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
1978
1979         [Fetch API] Add support for iterating over Headers
1980         https://bugs.webkit.org/show_bug.cgi?id=153787
1981
1982         Reviewed by Darin Adler.
1983
1984         Relanding, updating bindings/js/JSKeyValueIterator.h for Windows bots.
1985
1986         Covered by updated tests.
1987         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
1988         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
1989         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
1990
1991         * CMakeLists.txt:
1992         * Modules/fetch/FetchHeaders.cpp:
1993         (WebCore::FetchHeaders::Iterator::next):
1994         (WebCore::FetchHeaders::Iterator::Iterator):
1995         * Modules/fetch/FetchHeaders.h:
1996         (WebCore::FetchHeaders::createIterator):
1997         * Modules/fetch/FetchHeaders.idl:
1998         * WebCore.xcodeproj/project.pbxproj:
1999         * bindings/js/JSBindingsAllInOne.cpp:
2000         * bindings/js/JSDOMBinding.h:
2001         (WebCore::jsPair):
2002         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2003         (WebCore::JSFetchHeaders::entries):
2004         (WebCore::JSFetchHeaders::keys):
2005         (WebCore::JSFetchHeaders::values):
2006         * bindings/js/JSKeyValueIterator.h: Added.
2007         (WebCore::JSKeyValueIteratorPrototype::create):
2008         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2009         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2010         (WebCore::createIterator):
2011         (WebCore::DOMWrapped>::destroy):
2012         (WebCore::DOMWrapped>::next):
2013         (WebCore::DOMWrapped>::finishCreation):
2014
2015 2016-02-04  Chris Dumez  <cdumez@apple.com>
2016
2017         Merge DOMTokenList and DOMSettableTokenList
2018         https://bugs.webkit.org/show_bug.cgi?id=153677
2019         <rdar://problem/24419675>
2020
2021         Reviewed by Sam Weinig.
2022
2023         Merge DOMTokenList and DOMSettableTokenList, as per a recent
2024         specification change:
2025         - https://github.com/whatwg/dom/pull/120
2026         - https://github.com/whatwg/html/issues/361
2027
2028         No new tests, already covered by existing tests.
2029
2030         * CMakeLists.txt:
2031         * DerivedSources.cpp:
2032         * WebCore.vcxproj/WebCore.vcxproj:
2033         * WebCore.vcxproj/WebCore.vcxproj.filters:
2034         * WebCore.xcodeproj/project.pbxproj:
2035         * dom/Element.idl:
2036         * dom/Node.h:
2037         * dom/NodeRareData.h:
2038         * html/AttributeDOMTokenList.h:
2039         * html/DOMSettableTokenList.cpp: Removed.
2040         * html/DOMSettableTokenList.h:
2041         * html/DOMSettableTokenList.idl:
2042         * html/DOMTokenList.cpp:
2043         (WebCore::DOMTokenList::setValue):
2044         * html/DOMTokenList.h:
2045         * html/DOMTokenList.idl:
2046         * html/HTMLAnchorElement.idl:
2047         * html/HTMLAreaElement.idl:
2048         * html/HTMLElement.cpp:
2049         * html/HTMLElement.idl:
2050         * html/HTMLIFrameElement.cpp:
2051         (WebCore::HTMLIFrameElement::sandbox):
2052         * html/HTMLIFrameElement.h:
2053         * html/HTMLIFrameElement.idl:
2054         * html/HTMLLinkElement.cpp:
2055         (WebCore::HTMLLinkElement::sizes):
2056         * html/HTMLLinkElement.h:
2057         * html/HTMLLinkElement.idl:
2058         * html/HTMLOutputElement.cpp:
2059         (WebCore::HTMLOutputElement::htmlFor):
2060         * html/HTMLOutputElement.h:
2061         * html/HTMLOutputElement.idl:
2062         * html/HTMLTableCellElement.idl:
2063         * page/DOMWindow.cpp:
2064         * page/DOMWindow.idl:
2065
2066 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2067
2068         Unreviewed.
2069         Reverting r196115 and r19116, related tohttps://bugs.webkit.org/show_bug.cgi?id=153787.
2070
2071 2016-02-04  Alejandro G. Castro  <alex@igalia.com>
2072
2073         [GTK] Implement mediastream mediaplayer
2074         https://bugs.webkit.org/show_bug.cgi?id=153541
2075
2076         Reviewed by Martin Robinson.
2077
2078         Added the implementation of the mediaplayer for the
2079         mediastream. The code was implemented by Philippe Normand and
2080         Alessandro Decina.
2081
2082         * PlatformGTK.cmake: Added the file to the compilation.
2083         * html/HTMLMediaElement.cpp:
2084         (WebCore::HTMLMediaElement::setSrcObject): Set the src of the
2085         media element to the mediastream.
2086         * platform/graphics/MediaPlayer.cpp:
2087         (WebCore::buildMediaEnginesVector): Register the mediastream
2088         mediaplayer as an option in the media engines vector.
2089         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.cpp: Added.
2090         (WebCore::MediaPlayerPrivateGStreamerOwr::MediaPlayerPrivateGStreamerOwr):
2091         (WebCore::MediaPlayerPrivateGStreamerOwr::~MediaPlayerPrivateGStreamerOwr):
2092         (WebCore::MediaPlayerPrivateGStreamerOwr::play):
2093         (WebCore::MediaPlayerPrivateGStreamerOwr::pause):
2094         (WebCore::MediaPlayerPrivateGStreamerOwr::hasVideo):
2095         (WebCore::MediaPlayerPrivateGStreamerOwr::hasAudio):
2096         (WebCore::MediaPlayerPrivateGStreamerOwr::currentTime):
2097         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2098         (WebCore::MediaPlayerPrivateGStreamerOwr::loadingFailed):
2099         (WebCore::MediaPlayerPrivateGStreamerOwr::didLoadingProgress):
2100         (WebCore::MediaPlayerPrivateGStreamerOwr::internalLoad):
2101         (WebCore::MediaPlayerPrivateGStreamerOwr::stop):
2102         (WebCore::MediaPlayerPrivateGStreamerOwr::registerMediaEngine):
2103         (WebCore::MediaPlayerPrivateGStreamerOwr::getSupportedTypes):
2104         (WebCore::MediaPlayerPrivateGStreamerOwr::supportsType):
2105         (WebCore::MediaPlayerPrivateGStreamerOwr::isAvailable):
2106         (WebCore::MediaPlayerPrivateGStreamerOwr::createGSTAudioSinkBin):
2107         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceStopped):
2108         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceMutedChanged):
2109         (WebCore::MediaPlayerPrivateGStreamerOwr::sourceSettingsChanged):
2110         (WebCore::MediaPlayerPrivateGStreamerOwr::preventSourceFromStopping):
2111         (WebCore::MediaPlayerPrivateGStreamerOwr::createVideoSink):
2112         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerOwr.h: Added.
2113         (WebCore::MediaPlayerPrivateGStreamerOwr::engineDescription):
2114         (WebCore::MediaPlayerPrivateGStreamerOwr::load):
2115         (WebCore::MediaPlayerPrivateGStreamerOwr::cancelLoad):
2116         (WebCore::MediaPlayerPrivateGStreamerOwr::prepareToPlay):
2117         (WebCore::MediaPlayerPrivateGStreamerOwr::duration):
2118         (WebCore::MediaPlayerPrivateGStreamerOwr::seek):
2119         (WebCore::MediaPlayerPrivateGStreamerOwr::seeking):
2120         (WebCore::MediaPlayerPrivateGStreamerOwr::setRate):
2121         (WebCore::MediaPlayerPrivateGStreamerOwr::setPreservesPitch):
2122         (WebCore::MediaPlayerPrivateGStreamerOwr::paused):
2123         (WebCore::MediaPlayerPrivateGStreamerOwr::hasClosedCaptions):
2124         (WebCore::MediaPlayerPrivateGStreamerOwr::setClosedCaptionsVisible):
2125         (WebCore::MediaPlayerPrivateGStreamerOwr::maxTimeSeekable):
2126         (WebCore::MediaPlayerPrivateGStreamerOwr::buffered):
2127         (WebCore::MediaPlayerPrivateGStreamerOwr::totalBytes):
2128         (WebCore::MediaPlayerPrivateGStreamerOwr::bytesLoaded):
2129         (WebCore::MediaPlayerPrivateGStreamerOwr::canLoadPoster):
2130         (WebCore::MediaPlayerPrivateGStreamerOwr::setPoster):
2131         (WebCore::MediaPlayerPrivateGStreamerOwr::isLiveStream):
2132         (WebCore::MediaPlayerPrivateGStreamerOwr::audioSink):
2133
2134 2016-02-04  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2135
2136         [Fetch API] Add support for iterating over Headers
2137         https://bugs.webkit.org/show_bug.cgi?id=153787
2138
2139         Reviewed by Darin Adler.
2140
2141         Covered by updated tests.
2142         Introducing template class (JSKeyValueIterator) to support key-value iterators in DOM classes.
2143         Using JSKeyValueIterator to implement Headers entries(), keys() and values() as custom methods.
2144         Binding generator should be updated to generate directly these custom methods and handle iterator Symbol.
2145
2146         * CMakeLists.txt:
2147         * Modules/fetch/FetchHeaders.cpp:
2148         (WebCore::FetchHeaders::Iterator::next):
2149         (WebCore::FetchHeaders::Iterator::Iterator):
2150         * Modules/fetch/FetchHeaders.h:
2151         (WebCore::FetchHeaders::createIterator):
2152         * Modules/fetch/FetchHeaders.idl:
2153         * WebCore.xcodeproj/project.pbxproj:
2154         * bindings/js/JSDOMBinding.h:
2155         (WebCore::jsPair):
2156         * bindings/js/JSBindingsAllInOne.cpp:
2157         * bindings/js/JSFetchHeadersCustom.cpp: Added.
2158         (WebCore::JSFetchHeaders::entries):
2159         (WebCore::JSFetchHeaders::keys):
2160         (WebCore::JSFetchHeaders::values):
2161         * bindings/js/JSKeyValueIterator.h: Added.
2162         (WebCore::JSKeyValueIteratorPrototype::create):
2163         (WebCore::JSKeyValueIteratorPrototype::createStructure):
2164         (WebCore::JSKeyValueIteratorPrototype::JSKeyValueIteratorPrototype):
2165         (WebCore::JSKeyValueIteratorPrototypeFuncNext):
2166
2167 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2168
2169         Do not show context menu when right clicking on a scrollbar
2170         https://bugs.webkit.org/show_bug.cgi?id=153493
2171
2172         Reviewed by Michael Catanzaro.
2173
2174         Scrollbars don't currently handle right clicks, but we are showing
2175         the context menu when they are right clicked. This is not desired
2176         at least in GTK+ and I've checked that it isn't consistent with
2177         other applications in Mac either.
2178
2179         Test: fast/events/contextmenu-on-scrollbars.html
2180
2181         * page/EventHandler.cpp:
2182         (WebCore::EventHandler::sendContextMenuEvent):
2183
2184 2016-02-03  Andreas Kling  <akling@apple.com>
2185
2186         [iOS] Throw away linked code when navigating to a new page.
2187         <https://webkit.org/b/153851>
2188
2189         Reviewed by Gavin Barraclough.
2190
2191         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
2192         Linked code is tied to a specific global object, and as we're creating a new one for the
2193         new page, none of it is useful to us here.
2194         In the event that the user navigates back, the cost of relinking some code will be far
2195         lower than the memory cost of keeping all of it around.
2196
2197         * bindings/js/GCController.cpp:
2198         (WebCore::GCController::deleteAllLinkedCode):
2199         * bindings/js/GCController.h:
2200         * loader/FrameLoader.cpp:
2201         (WebCore::FrameLoader::commitProvisionalLoad):
2202
2203 2016-02-03  Alex Christensen  <achristensen@webkit.org>
2204
2205         Report wasBlocked and cannotShowURL errors when using NetworkSession
2206         https://bugs.webkit.org/show_bug.cgi?id=153846
2207
2208         Reviewed by Antti Koivisto.
2209
2210         No new tests, but this fixes http/tests/xmlhttprequest/redirect-cross-origin-2.html
2211         when using NetworkSession.
2212
2213         * platform/URL.h:
2214         WEBCORE_EXPORT because we are using portAllowed in WebKit2 now.
2215
2216 2016-02-03  Jer Noble  <jer.noble@apple.com>
2217
2218         iOS build fix after Yosemite build fix broke iOS build.
2219
2220         * platform/network/cocoa/WebCoreNSURLSession.h:
2221         * platform/network/cocoa/WebCoreNSURLSession.mm:
2222
2223 2016-02-03  Beth Dakin  <bdakin@apple.com>
2224
2225         Accepted candidates should not be autocorrected
2226         https://bugs.webkit.org/show_bug.cgi?id=153813
2227         -and corresponding-
2228         rdar://problem/24066924
2229
2230         Reviewed by Darin Adler.
2231
2232         New document marker to mark inserted candidates. This was we can treat 
2233         inserted candidates just like a RejectedCorrection and we won’t accidentally 
2234         autocorrect them later on.
2235         * dom/DocumentMarker.h:
2236         (WebCore::DocumentMarker::AllMarkers::AllMarkers):
2237         * editing/AlternativeTextController.cpp:
2238         (WebCore::AlternativeTextController::processMarkersOnTextToBeReplacedByResult):
2239
2240         When handling an acceptant candidate, set m_isHandlingAcceptedCandidate to
2241         true while the text is being inserted, and then mark the range as an accepted 
2242         candidate.
2243         * editing/Editor.cpp:
2244         (WebCore::Editor::handleAcceptedCandidate):
2245         * editing/Editor.h:
2246         (WebCore::Editor::isHandlingAcceptedCandidate):
2247
2248         If frame.editor. isHandlingAcceptedCandidate() then return early from 
2249         markMisspellingsAfterTyping.
2250         * editing/TypingCommand.cpp:
2251         (WebCore::TypingCommand::markMisspellingsAfterTyping):
2252
2253         Add some test infrastructure. 
2254         * testing/Internals.cpp:
2255         (WebCore::Internals::handleAcceptedCandidate):
2256         * testing/Internals.h:
2257         * testing/Internals.idl:
2258
2259 2016-02-03  Jer Noble  <jer.noble@apple.com>
2260
2261         [Win] Pass entire request (rather than just URL) to clients of WebCoreAVCFResourceLoader
2262         https://bugs.webkit.org/show_bug.cgi?id=153653
2263
2264         Reviewed by Brent Fulgham.
2265
2266         This will allow those clients to see the byte-range request ("Range:") header and respond
2267         appropriately.
2268
2269         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
2270         (WebCore::WebCoreAVCFResourceLoader::startLoading):
2271
2272 2016-02-03  Jer Noble  <jer.noble@apple.com>
2273
2274         Yosemite build fix; hide the entire WebCoreNSURLSessionDataTask class from Yosemite and prior.
2275
2276         * platform/network/cocoa/WebCoreNSURLSession.h:
2277         * platform/network/cocoa/WebCoreNSURLSession.mm:
2278         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2279         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2280
2281 2016-02-03  Jer Noble  <jer.noble@apple.com>
2282
2283         [EME][Mac] MediaKeys.createSession() fails with initData containing a contentId whose length is > 1/2 the initData.
2284         https://bugs.webkit.org/show_bug.cgi?id=153517
2285         <rdar://problem/24303782>
2286
2287         Reviewed by Eric Carlson.
2288
2289         The length of contentId is given in bytes, not Uint16 characters. Use the former when extracting
2290         the contentId string from the initData.
2291
2292         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
2293         (WebCore::MediaPlayerPrivateAVFoundation::extractKeyURIKeyIDAndCertificateFromInitData):
2294
2295 2016-02-03  Jer Noble  <jer.noble@apple.com>
2296
2297         [Mac] Wrap a resource and resource loader in a NSURLSession-like object for use by lower level frameworks
2298         https://bugs.webkit.org/show_bug.cgi?id=153669
2299
2300         Reviewed by Alex Christensen.
2301
2302         API Test: WebCore.WebCoreNSURLSession
2303
2304         Add a NSURLSession-like object, which wraps a CachedResourceLoader and CachedRawResource, which we can
2305         hand to lower-level frameworks, so that network loads by those frameworks use WebKit's loader.
2306
2307         * platform/network/cocoa/WebCoreNSURLSession.h: Added.
2308         * platform/network/cocoa/WebCoreNSURLSession.mm: Added.
2309         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]):
2310         (-[WebCoreNSURLSession dealloc]):
2311         (-[WebCoreNSURLSession copyWithZone:]):
2312         (-[WebCoreNSURLSession delegateQueue]):
2313         (-[WebCoreNSURLSession configuration]):
2314         (-[WebCoreNSURLSession loader]):
2315         (-[WebCoreNSURLSession finishTasksAndInvalidate]):
2316         (-[WebCoreNSURLSession invalidateAndCancel]):
2317         (-[WebCoreNSURLSession resetWithCompletionHandler:]):
2318         (-[WebCoreNSURLSession flushWithCompletionHandler:]):
2319         (-[WebCoreNSURLSession getTasksWithCompletionHandler:]):
2320         (-[WebCoreNSURLSession getAllTasksWithCompletionHandler:]):
2321         (-[WebCoreNSURLSession dataTaskWithRequest:]):
2322         (-[WebCoreNSURLSession dataTaskWithURL:]):
2323         (-[WebCoreNSURLSession uploadTaskWithRequest:fromFile:]):
2324         (-[WebCoreNSURLSession uploadTaskWithRequest:fromData:]):
2325         (-[WebCoreNSURLSession uploadTaskWithStreamedRequest:]):
2326         (-[WebCoreNSURLSession downloadTaskWithRequest:]):
2327         (-[WebCoreNSURLSession downloadTaskWithURL:]):
2328         (-[WebCoreNSURLSession downloadTaskWithResumeData:]):
2329         (-[WebCoreNSURLSession streamTaskWithHostName:port:]):
2330         (-[WebCoreNSURLSession streamTaskWithNetService:]):
2331         (-[WebCoreNSURLSession isKindOfClass:]):
2332
2333         Add a C++ class which can act as a CachedRawResourceClient, passing the results back to a WebCoreNSURLSessionDataTask:
2334
2335         (WebCore::WebCoreNSURLSessionDataTaskClient::WebCoreNSURLSessionDataTaskClient):
2336         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent):
2337         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
2338         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived):
2339         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived):
2340         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished):
2341
2342         Add a NSURLSessionDataTask-like object, which takes a request, then uses it to create and wrap a CachedRawResource.
2343         Becase NSURSessionDataTask is intended to be used off-main-thread, care must be taken to dispatch back to the main-
2344         (or web-) thread before calling CachedRawResource functions.
2345
2346         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]):
2347         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
2348         (-[WebCoreNSURLSessionDataTask copyWithZone:]):
2349         (-[WebCoreNSURLSessionDataTask _restart]):
2350         (-[WebCoreNSURLSessionDataTask _cancel]):
2351         (-[WebCoreNSURLSessionDataTask _finish]):
2352         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]):
2353         (-[WebCoreNSURLSessionDataTask cancel]):
2354         (-[WebCoreNSURLSessionDataTask suspend]):
2355         (-[WebCoreNSURLSessionDataTask resume]):
2356         (-[WebCoreNSURLSessionDataTask _timingData]):
2357         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]):
2358         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
2359         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
2360         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]):
2361         (-[WebCoreNSURLSessionDataTask resourceFinished:]):
2362         * WebCore.xcodeproj/project.pbxproj: Add new files to project.
2363
2364 2016-02-03  Darin Adler  <darin@apple.com>
2365
2366         Convert another batch of String::lower callsites to something better, typically convertToASCIILowercase
2367         https://bugs.webkit.org/show_bug.cgi?id=153789
2368
2369         Reviewed by Sam Weinig.
2370
2371         * dom/DOMImplementation.cpp:
2372         (WebCore::DOMImplementation::isXMLMIMEType): Use equalLettersIgnoringASCIICase
2373         and the boolean argument to endsWith to ignore ASCII case.
2374         (WebCore::DOMImplementation::isTextMIMEType): Ditto. Also simplified the logic
2375         by removing an if statement.
2376
2377         * dom/Document.cpp:
2378         (WebCore::isSeparator): Deleted. Moved to WindowFeatures.cpp.
2379         (WebCore::processArguments): Ditto.
2380         (WebCore::Document::processViewport): Call the processFeaturesString function
2381         from WindowFeatures.h; the code here was originally just a pasted copy of that code!
2382         (WebCore::Document::processFormatDetection): Ditto.
2383
2384         * html/HTMLCanvasElement.cpp:
2385         (WebCore::HTMLCanvasElement::toEncodingMimeType): Remove now-unneeded
2386         lowercasing of MIME type before calling isSupportedImageMIMETypeForEncoding,
2387         since the MIME type registry now ignores ASCII case. Use convertToASCIILowercase
2388         on the return value, to preserve behavior.
2389         (WebCore::HTMLCanvasElement::toDataURL): Minor coding style tweaks.
2390
2391         * html/HTMLEmbedElement.cpp:
2392         (WebCore::HTMLEmbedElement::parseAttribute): Use convertToASCIILowercase for
2393         the service type here.
2394
2395         * html/HTMLImageElement.cpp:
2396         (WebCore::HTMLImageElement::bestFitSourceFromPictureElement): Remove now-unneeded
2397         lowercasing since MIME type registry now ignores ASCII case. And use
2398         equalLettersIgnoringASCIICase for the case here.
2399
2400         * html/HTMLInputElement.cpp:
2401         (WebCore::parseAcceptAttribute): Use convertToASCIILowercase for the type here.
2402
2403         * html/HTMLLinkElement.cpp:
2404         (WebCore::HTMLLinkElement::parseAttribute): Use convertToASCIILowercase for the
2405         media value here.
2406
2407         * html/HTMLMediaElement.cpp:
2408         (WebCore::HTMLMediaElement::canPlayType): Use convertToASCIILowercase for the
2409         content type here.
2410         (WebCore::HTMLMediaElement::selectNextSourceChild): Ditto.
2411
2412         * html/HTMLObjectElement.cpp:
2413         (WebCore::HTMLObjectElement::parseAttribute): Use convertToASCIILowercase for
2414         the service type here.
2415
2416         * html/HTMLTrackElement.cpp:
2417         (WebCore::HTMLTrackElement::parseAttribute): Use convertToASCIILowercase for
2418         the kind here.
2419         (WebCore::HTMLTrackElement::ensureTrack): Ditto. Also use fastGetAttribute
2420         since this is neither the style attribute nor an animatable SVG attribute.
2421
2422         * html/parser/HTMLTreeBuilder.cpp:
2423         (WebCore::createCaseMap): Use convertToASCIILowercase for the local names here.
2424
2425         * inspector/DOMPatchSupport.cpp:
2426         (WebCore::DOMPatchSupport::patchNode): Use containsIgnoringASCIICase instead
2427         of combining lower with find == notFound here.
2428         (WebCore::nodeName): Use convertToASCIILowercase here.
2429
2430         * inspector/InspectorOverlay.cpp:
2431         (WebCore::buildObjectForElementData): Use convertToASCIILowercase for node
2432         name here.
2433
2434         * inspector/InspectorPageAgent.cpp:
2435         (WebCore::createXHRTextDecoder): Remove a now-unneeded call to lower since
2436         DOMImplementation::isXMLMIMEType now ignores ASCII case.
2437
2438         * inspector/InspectorStyleSheet.cpp:
2439         (WebCore::lowercasePropertyName): Use convertToASCIILowercase for property
2440         names here. Also use startsWith rather than a hand-written alternative.
2441         (WebCore::InspectorStyle::populateAllProperties): Use the return value of
2442         the add function to avoid doing a double hash table lookp.
2443         (WebCore::InspectorStyle::styleWithProperties): Use convertToASCIILowercase
2444         to lowercase the property name.
2445
2446         * inspector/NetworkResourcesData.cpp:
2447         (WebCore::createOtherResourceTextDecoder): Remove unneeded call to lower since
2448         DOMImplement::isXMLMIMEType now ignores ASCII case.
2449
2450         * loader/CrossOriginAccessControl.cpp:
2451         (WebCore::createAccessControlPreflightRequest): Use convertToASCIILowercase
2452         to lowercase the access control request header field value.
2453
2454         * loader/cache/CachedScript.cpp:
2455         (WebCore::CachedScript::mimeType): Use convertToASCIILowercase on the content type.
2456
2457         * page/CaptionUserPreferencesMediaAF.cpp:
2458         (WebCore::languageIdentifier): Use convertToASCIILowercase on the language code.
2459
2460         * page/DOMWindow.cpp:
2461         (WebCore::DOMWindow::open): Call parseWindowFeatures instead of using the
2462         constructor for WindowFeatures.
2463         (WebCore::DOMWindow::showModalDialog): Call parseDialogFeatures instead of
2464         using the constructor for WindowFeatures.
2465
2466         * page/EventHandler.cpp:
2467         (WebCore::findDropZone): Remove unneeded lowercasing and empty string checking,
2468         and use the option SpaceSplitString already has to convert to lowercase.
2469         (WebCore::EventHandler::handleAccessKey): Remove unneeded call to lower since
2470         getElementByAccessKey now ignores case. Also tweaked coding style a bit.
2471
2472         * page/OriginAccessEntry.cpp:
2473         (WebCore::OriginAccessEntry::OriginAccessEntry): Use convertToASCIILowercase
2474         on the protocol and host.
2475         (WebCore::OriginAccessEntry::matchesOrigin): Ditto.
2476
2477         * page/SecurityOrigin.cpp:
2478         (WebCore::shouldTreatAsUniqueOrigin): Remove unneeded call to lower since
2479         SchemeRegistry now ignores ASCII case.
2480         (WebCore::SecurityOrigin::SecurityOrigin): Use convertToASCIILowercase on
2481         the protocol and host.
2482         (WebCore::SecurityOrigin::setDomainFromDOM): Use convertToASCIILowercase on
2483         the domain.
2484         (WebCore::SecurityOrigin::canDisplay): Remove call to lower since SchemeRegistry
2485         now ignores ASCII case and because this now uses equalIgnoringASCIICase in
2486         one place that used to use exact matching.
2487
2488         * page/WindowFeatures.cpp: Refactored so this is now some helper functions
2489         plus a struct rather than a class.
2490         (WebCore::isSeparator): Renamed this and removed special handling for NUL.
2491         (WebCore::parseWindowFeatures): Moved the code that was formerly in the
2492         WindowFeatures constructor in here. Refactored the parsing into the
2493         processFeaturesString function, shared with the functions in Document that
2494         do the same kind of parsing. Removed the code that converts the entire string
2495         to lowercase before parsing.
2496         (WebCore::processFeaturesString): Moved the improved version of this function
2497         here from Document.cpp; more efficient because it doesn't allocate strings.
2498         (WebCore::setWindowFeature): Changed to be a function private to this file
2499         with internal linkage. Use equalLettersIgnoringASCIICase so we no longer
2500         rely on converting the string to lowercase before parsing.
2501         (WebCore::parseDialogFeatures): Similar refactoring, but also changed all
2502         the default handling to use Optional<> instead of default values.
2503         (WebCore::boolFeature): Changed to use option and to ignore ASCII case.
2504         (WebCore::floatFeature): Ditto.
2505         (WebCore::parseDialogFeaturesMap): Removed the calls to lower, which are
2506         not needed any more.
2507
2508         * page/WindowFeatures.h: Added default values for all the data members,
2509         and removed all the functions from the WindowFeatures struct. Added the two
2510         functions for parsing window and dialog features. Also added the
2511         processFeaturesString function so we can share it with Document.cpp.
2512
2513         * platform/SchemeRegistry.cpp:
2514         (WebCore::SchemeRegistry::removeURLSchemeRegisteredAsLocal): Use
2515         equalLettersIgnoringASCIICase to ignore ASCII case.
2516
2517         * platform/efl/MIMETypeRegistryEfl.cpp:
2518         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
2519         and equalIgnoringASCIICase rather than calling lower.
2520
2521         * platform/graphics/MediaPlayer.cpp:
2522         (WebCore::MediaPlayer::load): Use convertToASCIILowercase on MIME type and
2523         key system.
2524         (WebCore::MediaPlayer::generateKeyRequest): Ditto.
2525         (WebCore::MediaPlayer::addKey): Ditto.
2526         (WebCore::MediaPlayer::cancelKeyRequest): Ditto.
2527
2528         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
2529         (WebCore::Extensions3DOpenGLCommon::Extensions3DOpenGLCommon): Use
2530         convertToASCIILowercase on vendor string.
2531
2532         * platform/gtk/MIMETypeRegistryGtk.cpp:
2533         (WebCore::MIMETypeRegistry::getMIMETypeForExtension): Use a modern for loop,
2534         and equalIgnoringASCIICase rather than calling lower.
2535
2536         * platform/mac/PasteboardMac.mm:
2537         (WebCore::cocoaTypeFromHTMLClipboardType): Use convertToASCIILowercase
2538         on the type. Also did a bit of renaming and tweaking the logic.
2539
2540 2016-02-03  Dave Hyatt  <hyatt@apple.com>
2541
2542         Implement hanging-punctuation property parsing.
2543         https://bugs.webkit.org/show_bug.cgi?id=18109.
2544
2545         Reviewed by Zalan Bujtas.
2546
2547         Added parsing test in fast/css.
2548
2549         * css/CSSComputedStyleDeclaration.cpp:
2550         (WebCore::renderEmphasisPositionFlagsToCSSValue):
2551         (WebCore::hangingPunctuationToCSSValue):
2552         (WebCore::fillRepeatToCSSValue):
2553         (WebCore::ComputedStyleExtractor::propertyValue):
2554         * css/CSSParser.cpp:
2555         (WebCore::CSSParser::parseValue):
2556         (WebCore::CSSParser::parseTextIndent):
2557         (WebCore::CSSParser::parseHangingPunctuation):
2558         (WebCore::CSSParser::parseLineBoxContain):
2559         * css/CSSParser.h:
2560         * css/CSSPrimitiveValueMappings.h:
2561         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
2562         (WebCore::CSSPrimitiveValue::operator HangingPunctuation):
2563         (WebCore::CSSPrimitiveValue::operator LineBreak):
2564         * css/CSSPropertyNames.in:
2565         * css/CSSValueKeywords.in:
2566         * css/StyleBuilderConverter.h:
2567         (WebCore::StyleBuilderConverter::convertRegionBreakInside):
2568         (WebCore::StyleBuilderConverter::convertHangingPunctuation):
2569         * rendering/style/RenderStyle.cpp:
2570         (WebCore::RenderStyle::changeRequiresLayout):
2571         * rendering/style/RenderStyle.h:
2572         * rendering/style/RenderStyleConstants.h:
2573         (WebCore::operator| ):
2574         (WebCore::operator|= ):
2575         * rendering/style/StyleRareInheritedData.cpp:
2576         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
2577         (WebCore::StyleRareInheritedData::operator==):
2578         * rendering/style/StyleRareInheritedData.h:
2579
2580 2016-02-03  Jessie Berlin  <jberlin@webkit.org>
2581
2582         Build fix.
2583
2584         [NSEvent context] has always returned nil. Replace uses with nullptr.
2585
2586         * page/mac/EventHandlerMac.mm:
2587         (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
2588
2589 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2590
2591         [GTK] Layout Test http/tests/appcache/different-https-origin-resource-main.html is failing
2592         https://bugs.webkit.org/show_bug.cgi?id=145253
2593
2594         Reviewed by Michael Catanzaro.
2595
2596         The problem is that when the load is cancelled while the
2597         connection is still being established,
2598         SoupMessage::notify::tls-errors is emitted and the handler calls
2599         ResourceHandleClient::didFail() which can delete the ResourceHandle.
2600
2601         * platform/network/soup/ResourceHandleSoup.cpp:
2602         (WebCore::tlsErrorsChangedCallback): Protect the ResourceHandle
2603         for the scope of the callback because
2604         ResourceHandleClient::didFail() could delete the object.
2605
2606 2016-02-03  Carlos Garcia Campos  <cgarcia@igalia.com>
2607
2608         REGRESSION(r191948): [GStreamer] 4 new timeouts on layout tests.
2609         https://bugs.webkit.org/show_bug.cgi?id=152797
2610
2611         Reviewed by Darin Adler.
2612
2613         Always schedule messages to the main thread, even when the bus
2614         sync handlder was called in the main thread. It seems that
2615         GStreamer expects things to happen in the next main loop
2616         iteration.
2617
2618         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2619         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
2620
2621 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2622
2623         [TexMap] CompositingCoordinator should store the overlay layer, flush it as appropriate
2624         https://bugs.webkit.org/show_bug.cgi?id=152058
2625
2626         Reviewed by Michael Catanzaro.
2627
2628         Previously, the CompositingCoordinator only added the overlay layer to the
2629         layer tree, but flushing its compositing state is also required. For that to
2630         happen, CompositingCoordinator has to store a pointer to the overlay layer
2631         object and flush it in ::flushPendingLayerChanges().
2632
2633         Overlay layers are most prominently used by the Web Inspector to highlight
2634         the DOM elements on the Web page that are being hovered in the inspector.
2635
2636         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
2637         (WebCore::CompositingCoordinator::CompositingCoordinator):
2638         (WebCore::CompositingCoordinator::setRootCompositingLayer):
2639         (WebCore::CompositingCoordinator::flushPendingLayerChanges):
2640         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
2641
2642 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2643
2644         [CoordinatedGraphics] CompositingCoordinator destructor is scheduling layer flushes
2645         https://bugs.webkit.org/show_bug.cgi?id=153823
2646
2647         Reviewed by Carlos Garcia Campos.
2648
2649         Purging the backing stores during the CompositingCoordinator destructor
2650         is also scheduling layer flushes in the object's client, which is an object
2651         of the LayerTreeHost-deriving class that owns the CompositingCoordinator
2652         object in question and is also being destroyed.
2653
2654         In case of ThreadedCoordinatedLayerTreeHost, this scheduling can access
2655         the RunLoop::Timer object which has already been destroyed, causing a
2656         crash. Another problem with this is that we're invoking a virtual function
2657         on an object that's being destructed, which works well enough in this case
2658         but should be discouraged in general.
2659
2660         In order to avoid this, add the m_isDestructing boolean to the
2661         CompositingCoordinator class, flip it to true during the destruction,
2662         and check for its falseness before scheduling a layer flush.
2663
2664         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
2665         (WebCore::CompositingCoordinator::CompositingCoordinator):
2666         (WebCore::CompositingCoordinator::~CompositingCoordinator):
2667         (WebCore::CompositingCoordinator::notifyFlushRequired):
2668         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
2669
2670 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2671
2672         [TexMap] Don't use RELEASE_ASSERT in TextureMapperLayer::computeTransformsRecursive()
2673         https://bugs.webkit.org/show_bug.cgi?id=153822
2674
2675         Reviewed by Carlos Garcia Campos.
2676
2677         * platform/graphics/texmap/TextureMapperLayer.cpp:
2678         (WebCore::TextureMapperLayer::computeTransformsRecursive):
2679         Use ASSERT to check that the m_children members are indeed children
2680         of the current layer, RELEASE_ASSERT probably slipped in unnoticed
2681         at some point.
2682
2683 2016-02-03  Zan Dobersek  <zdobersek@igalia.com>
2684
2685         PlatformPathCairo: Lazily allocate the path surface
2686         https://bugs.webkit.org/show_bug.cgi?id=153821
2687
2688         Reviewed by Carlos Garcia Campos.
2689
2690         Move the static variable that holds the Cairo surface into
2691         the pathSurface() function (previously getPathSurface). This
2692         way the surface will only be allocated once the function is
2693         called for the first time from the CairoPath surface.
2694
2695         No change in functionality, just a cleanup.
2696
2697         * platform/graphics/cairo/PlatformPathCairo.cpp:
2698         (WebCore::pathSurface):
2699         (WebCore::CairoPath::CairoPath):
2700         (WebCore::getPathSurface): Deleted.
2701
2702 2016-02-02  Fujii Hironori  <Hironori.Fujii@jp.sony.com>
2703
2704         ASSERTION FAILED: roundedIntPoint(rendererMappedResult) == roundedIntPoint(result)
2705         https://bugs.webkit.org/show_bug.cgi?id=153576
2706
2707         Reviewed by Darin Adler.
2708
2709         Tests: fast/block/geometry-map-assertion-with-rounding-negative-half.html
2710
2711         The results of roundedIntPoint of FloatPoint and LayoutPoint may be different
2712         because of the uniqueness of LayoutUnit::round introduced by this bug
2713         <https://bugs.webkit.org/show_bug.cgi?id=107208>.
2714         Should convert a FloatPoint to a LayoutPoint before rounding.
2715
2716         * rendering/RenderGeometryMap.cpp:
2717         (WebCore::RenderGeometryMap::mapToContainer):
2718
2719 2016-02-02  Aakash Jain  <aakash_jain@apple.com>
2720
2721         Remove references to CallFrameInlines.h
2722         https://bugs.webkit.org/show_bug.cgi?id=153810
2723
2724         Reviewed by Mark Lam.
2725
2726         * ForwardingHeaders/interpreter/CallFrameInlines.h: Removed.
2727
2728 2016-02-02  Jinyoung Hur  <hur.ims@navercorp.com>
2729
2730         WEBGL_debug_shaders should be disabled for OpenGLES backend also
2731         https://bugs.webkit.org/show_bug.cgi?id=153788
2732
2733         Reviewed by Darin Adler.
2734
2735         WEBGL_debug_shaders extension is disabled for OpenGL backed platform
2736         because the implementation is not fully compliant to the spec yet.
2737         Because this is not an OpenGL-specific problem, WEBGL_debug_shaders extension
2738         should be disabled for OpenGLES backed platforms also.
2739
2740         No new tests, already covered by existing tests.
2741
2742         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
2743         (WebCore::Extensions3DOpenGL::supportsExtension): Deleted.
2744         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
2745         (WebCore::Extensions3DOpenGLCommon::supports):
2746
2747 2016-02-02  Brady Eidson  <beidson@apple.com>
2748
2749         Modern IDB: storage/indexeddb/cursor-primary-key-order.html fails with SQLite backend.
2750         https://bugs.webkit.org/show_bug.cgi?id=153800
2751
2752         Reviewed by Alex Christensen.
2753
2754         No new tests (Existing tests now unskipped).
2755
2756         The IndexRecords SQL schema did not order things by primaryKey.
2757         
2758         Easy fix to the schema. Sadly requires a migration...
2759
2760         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
2761         (WebCore::IDBServer::v1IndexRecordsTableSchema):
2762         (WebCore::IDBServer::v1IndexRecordsTableSchemaAlternate):
2763         (WebCore::IDBServer::v2IndexRecordsTableSchema):
2764         (WebCore::IDBServer::v2IndexRecordsTableSchemaAlternate):
2765         (WebCore::IDBServer::SQLiteIDBBackingStore::ensureValidIndexRecordsTable):
2766         (WebCore::IDBServer::SQLiteIDBBackingStore::createAndPopulateInitialDatabaseInfo):
2767         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
2768
2769 2016-02-02  Tim Horton  <timothy_horton@apple.com>
2770
2771         <attachment> should attempt to guess the icon from the file extension if all else fails
2772         https://bugs.webkit.org/show_bug.cgi?id=153804
2773         <rdar://problem/24448146>
2774
2775         Reviewed by Anders Carlsson.
2776
2777         Test: fast/attachment/attachment-icon-from-file-extension.html
2778
2779         * platform/graphics/Icon.h:
2780         * platform/graphics/mac/IconMac.mm:
2781         (WebCore::Icon::createIconForFileExtension):
2782         * rendering/RenderThemeMac.mm:
2783         (WebCore::iconForAttachment):
2784         If we can't find an icon any other way, try assuming that the title is a filename,
2785         grab its extension, and have NSWorkspace try to work out an icon for it.
2786
2787 2016-02-02  Antti Koivisto  <antti@apple.com>
2788
2789         Factor style sharing code out of StyleResolver
2790         https://bugs.webkit.org/show_bug.cgi?id=153768
2791
2792         Reviewed by Darin Adler.
2793
2794         Move the code to a new class, Style::SharingResolver.
2795
2796         When resolving document style we query the sharing resolver first before using the regular style resolver.
2797         Other paths that call style resolver were mostly already disabling it with DisallowStyleSharing flag.
2798
2799         * WebCore.xcodeproj/project.pbxproj:
2800         * css/ElementRuleCollector.cpp:
2801         (WebCore::MatchRequest::MatchRequest):
2802         (WebCore::ElementRuleCollector::matchAllRules):
2803         (WebCore::ElementRuleCollector::hasAnyMatchingRules):
2804
2805             More const.
2806
2807         * css/ElementRuleCollector.h:
2808         (WebCore::ElementRuleCollector::setRegionForStyling):
2809         (WebCore::ElementRuleCollector::setMedium):
2810         * css/MediaQueryMatcher.cpp:
2811         (WebCore::MediaQueryMatcher::prepareEvaluator):
2812         * css/StyleMedia.cpp:
2813         (WebCore::StyleMedia::matchMedium):
2814         * css/StyleResolver.cpp:
2815         (WebCore::StyleResolver::State::cacheBorderAndBackground):
2816         (WebCore::StyleResolver::StyleResolver):
2817         (WebCore::StyleResolver::sweepMatchedPropertiesCache):
2818         (WebCore::StyleResolver::State::State):
2819         (WebCore::StyleResolver::State::setStyle):
2820         (WebCore::isAtShadowBoundary):
2821         (WebCore::StyleResolver::styleForElement):
2822         (WebCore::StyleResolver::classNamesAffectedByRules): Deleted.
2823         (WebCore::parentElementPreventsSharing): Deleted.
2824         (WebCore::StyleResolver::locateCousinList): Deleted.
2825         (WebCore::StyleResolver::styleSharingCandidateMatchesRuleSet): Deleted.
2826         (WebCore::StyleResolver::canShareStyleWithControl): Deleted.
2827         (WebCore::elementHasDirectionAuto): Deleted.
2828         (WebCore::StyleResolver::sharingCandidateHasIdenticalStyleAffectingAttributes): Deleted.
2829         (WebCore::StyleResolver::canShareStyleWithElement): Deleted.
2830         (WebCore::StyleResolver::findSiblingForStyleSharing): Deleted.
2831         (WebCore::StyleResolver::locateSharedStyle): Deleted.
2832
2833             Style sharing code moves to SharingResolver.
2834
2835         * css/StyleResolver.h:
2836         (WebCore::StyleResolver::mediaQueryEvaluator):
2837         (WebCore::StyleResolver::State::regionForStyling):
2838         (WebCore::StyleResolver::State::elementLinkState):
2839         (WebCore::StyleResolver::State::setApplyPropertyToRegularStyle):
2840         (WebCore::StyleResolver::State::setApplyPropertyToVisitedLinkStyle):
2841         (WebCore::StyleResolver::state):
2842         (WebCore::StyleResolver::setTextOrientation):
2843         (WebCore::StyleResolver::State::setElementAffectedByClassRules): Deleted.
2844         (WebCore::StyleResolver::State::elementAffectedByClassRules): Deleted.
2845         (WebCore::StyleResolver::styleNotYetAvailable): Deleted.
2846
2847             Placeholder code moves to TreeResolver.
2848
2849         * dom/VisitedLinkState.cpp:
2850         (WebCore::linkAttribute):
2851         (WebCore::VisitedLinkState::invalidateStyleForAllLinks):
2852         (WebCore::linkHashForElement):
2853         (WebCore::VisitedLinkState::invalidateStyleForLink):
2854         (WebCore::VisitedLinkState::determineLinkStateSlowCase):
2855         * dom/VisitedLinkState.h:
2856         (WebCore::VisitedLinkState::determineLinkState):
2857         * html/HTMLFormControlElement.h:
2858         * rendering/RenderElement.cpp:
2859         (WebCore::RenderElement::getUncachedPseudoStyle):
2860         * rendering/RenderNamedFlowFragment.cpp:
2861         (WebCore::RenderNamedFlowFragment::computeStyleInRegion):
2862         * rendering/style/RenderStyle.cpp:
2863         (WebCore::RenderStyle::isStyleAvailable):
2864         (WebCore::RenderStyle::hasUniquePseudoStyle):
2865         * style/StyleSharingResolver.cpp: Added.
2866         (WebCore::Style::SharingResolver::SharingResolver):
2867         (WebCore::Style::parentElementPreventsSharing):
2868         (WebCore::Style::elementHasDirectionAuto):
2869         (WebCore::Style::SharingResolver::searchSimilar):
2870         (WebCore::Style::SharingResolver::findSibling):
2871         (WebCore::Style::SharingResolver::locateCousinList):
2872         (WebCore::Style::canShareStyleWithControl):
2873         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2874         (WebCore::Style::SharingResolver::styleSharingCandidateMatchesRuleSet):
2875         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes):
2876         (WebCore::Style::SharingResolver::classNamesAffectedByRules):
2877         * style/StyleSharingResolver.h: Added.
2878         * style/StyleTreeResolver.cpp:
2879         (WebCore::Style::ensurePlaceholderStyle):
2880         (WebCore::Style::TreeResolver::TreeResolver):
2881         (WebCore::Style::TreeResolver::styleForElement):
2882
2883             Try to use SharingResolver first.
2884             Also move placeholder style handling here, it is only relevant when resolving document style.
2885
2886         (WebCore::Style::postResolutionCallbacksAreSuspended):
2887         (WebCore::Style::isPlaceholderStyle):
2888         * style/StyleTreeResolver.h:
2889         * svg/SVGElement.cpp:
2890         (WebCore::SVGElement::customStyleForRenderer):
2891         * svg/SVGElementRareData.h:
2892         (WebCore::SVGElementRareData::overrideComputedStyle):
2893
2894 2016-02-02  Tim Horton  <timothy_horton@apple.com>
2895
2896         <attachment> icon should be a folder for the custom MIME type multipart/x-folder
2897         https://bugs.webkit.org/show_bug.cgi?id=153795
2898         <rdar://problem/24416632>
2899
2900         Reviewed by Anders Carlsson.
2901
2902         Test: fast/attachment/attachment-folder-icon.html
2903
2904         * rendering/RenderThemeMac.mm:
2905         (WebCore::iconForAttachment):
2906         (WebCore::paintAttachmentIcon):
2907         Mail uses this special MIME type to indicate that something is a folder, which there
2908         isn't a normal non-deprecated MIME type for.
2909
2910 2016-02-02  Brady Eidson  <beidson@apple.com>
2911
2912         Modern IDB: storage/indexeddb/cursor-continue-validity.html fails.
2913         https://bugs.webkit.org/show_bug.cgi?id=153791
2914
2915         Reviewed by Alex Christensen.
2916
2917         No new tests (Existing test now unskipped).
2918
2919         There was a preexisting check in the SQLite cursor for remembering the current record and
2920         refusing to refetch it.
2921         
2922         This check was causing this bug, because we needed to refetch the current record.
2923         
2924         Removing the check (and its associated flag) doesn't regress any other test, and fixes this one.
2925
2926         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
2927         (WebCore::IDBServer::SQLiteIDBCursor::resetAndRebindStatement):
2928         (WebCore::IDBServer::SQLiteIDBCursor::internalAdvanceOnce):
2929         * Modules/indexeddb/server/SQLiteIDBCursor.h:
2930
2931 2016-02-01  Dave Hyatt  <hyatt@apple.com>
2932
2933         Add a line grid pagination SPI to WebKit.
2934         https://bugs.webkit.org/show_bug.cgi?id=153757
2935         <rdar://problem/23041598>
2936
2937         Reviewed by Anders Carlsson.
2938
2939         New tests in fast/multicol/pagination.
2940
2941         * page/Page.cpp:
2942         (WebCore::Page::setPaginationLineGridEnabled):
2943         * page/Page.h:
2944         (WebCore::Page::paginationLineGridEnabled):
2945         Add a boolean to the page to turn the line grid on and off.
2946
2947         * rendering/RenderBox.cpp:
2948         (WebCore::RenderBox::styleDidChange):
2949         Propagate the body's font up to the paginated RenderView so that
2950         it can be used to establish the line grid.
2951
2952         * style/StyleResolveForDocument.cpp:
2953         (WebCore::Style::resolveForDocument):
2954         Set up a line grid with containment snapping by default if the
2955         line grid enabled flag is set.
2956
2957         * testing/Internals.cpp:
2958         (WebCore::Internals::resetToConsistentState):
2959         (WebCore::Internals::setPagination):
2960         (WebCore::Internals::setPaginationLineGridEnabled):
2961         (WebCore::Internals::configurationForViewport):
2962         * testing/Internals.h:
2963         (WebCore::Internals::setPagination):
2964         * testing/Internals.idl:
2965         Add support for testing the grid being enabled.
2966
2967 2016-02-01  Antti Koivisto  <antti@apple.com>
2968
2969         Tab suspension code shouldn't use page cache cacheability logic
2970         https://bugs.webkit.org/show_bug.cgi?id=153680
2971
2972         Reviewed by Andreas Kling.
2973
2974         Most of PageCache::canCache() is unnecessary for tab suspension.
2975
2976         Also improve robustness and introduce 1 minute delay before suspending.
2977
2978         * page/Page.cpp:
2979         (WebCore::Page::setPageActivityState):
2980         (WebCore::Page::setIsVisible):
2981         (WebCore::Page::setIsVisibleInternal):
2982         (WebCore::Page::setIsPrerender):
2983         (WebCore::Page::canTabSuspend):
2984
2985             Include visibility test here.
2986
2987             Instead of calling PageCache::canCache() just check for each frame
2988             - that the document is loaded
2989             - that active DOM objects allow suspension
2990
2991         (WebCore::Page::setIsTabSuspended):
2992         (WebCore::Page::setTabSuspensionEnabled):
2993         (WebCore::Page::updateTabSuspensionState):
2994
2995             Refactor for robustness.
2996
2997         (WebCore::Page::tabSuspensionTimerFired):
2998
2999             Call canTabSuspend, the result might have changed.
3000
3001         (WebCore::Page::scheduleTabSuspension): Deleted.
3002         * page/Page.h:
3003
3004 2016-02-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3005
3006         [JSC] Introduce BytecodeIntrinsic constant rep like @undefined
3007         https://bugs.webkit.org/show_bug.cgi?id=153737
3008
3009         Reviewed by Darin Adler.
3010
3011         * Modules/fetch/FetchHeaders.js:
3012         (initializeFetchHeaders):
3013         * Modules/streams/ReadableStream.js:
3014         (initializeReadableStream):
3015         (closeDestination):
3016         (abortDestination):
3017         (pipeTo):
3018         * Modules/streams/ReadableStreamInternals.js:
3019         (privateInitializeReadableStreamController):
3020         (teeReadableStream):
3021         (isReadableStreamReader):
3022         (errorReadableStream):
3023         (finishClosingReadableStream):
3024         (enqueueInReadableStream):
3025         (readFromReadableStreamReader):
3026         * Modules/streams/ReadableStreamReader.js:
3027         (releaseLock):
3028         * Modules/streams/StreamInternals.js:
3029         (shieldingPromiseResolve):
3030         (promiseInvokeOrNoopNoCatch):
3031         (promiseInvokeOrFallbackOrNoop):
3032         (validateAndNormalizeQueuingStrategy):
3033         * Modules/streams/WritableStream.js:
3034         (initializeWritableStream):
3035         (write):
3036         * Modules/streams/WritableStreamInternals.js:
3037         (errorWritableStream):
3038
3039 2016-02-02  Brady Eidson  <beidson@apple.com>
3040
3041         Modern IDB: storage/indexeddb/dont-wedge.html sometimes ASSERTs.
3042         https://bugs.webkit.org/show_bug.cgi?id=153790
3043
3044         Reviewed by Tim Horton.
3045
3046         No new tests (Failing test now unskipped).
3047
3048         This test uncovered an unhandled race where the main thread tried to perform an OpenDB operation 
3049         multiple times while it was already in-progress on the server thread.
3050
3051         There was already a flag meant to cover this race, and it just needed to be applied to one more site.
3052         
3053         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3054         (WebCore::IDBServer::UniqueIDBDatabase::performCurrentOpenOperation):
3055         (WebCore::IDBServer::UniqueIDBDatabase::openBackingStore):
3056
3057 2016-02-02  Daniel Bates  <dabates@apple.com>
3058
3059         CSP: Support checking content security policy without a script execution context
3060         https://bugs.webkit.org/show_bug.cgi?id=153748
3061         <rdar://problem/24439149>
3062
3063         Reviewed by Darin Alder.
3064
3065         Towards checking a Web Worker's content security policy against a redirected worker
3066         script load or redirected XHR request for an XHR request initiated from it, we should
3067         support instantiating a ContentSecurityPolicy object without a ScriptExecutionContext.
3068
3069         No functionality was changed. So, no new tests.
3070
3071         * dom/Document.cpp:
3072         (WebCore::Document::initSecurityContext): Pass |this| as a reference instead of as a pointer.
3073         * page/csp/ContentSecurityPolicy.cpp: Remove extraneous includes ScriptState.h, TextEncoding.h,
3074         and URL.h as they are included by ContentSecurityPolicy.h, FormDataList.h and FormData.h, respectively.
3075         (WebCore::CSPSource::CSPSource): Take a constant reference to a ContentSecurityPolicy instead
3076         of a pointer since we never expected a null pointer.
3077         (WebCore::CSPSource::schemeMatches): Move logic for checking the protocol of source "self"
3078         from here to ContentSecurityPolicy::protocolMatchesSelf() because we may not have a security
3079         origin if ContentSecurityPolicy was initiated without a ScriptExecutionContext object.
3080         (WebCore::CSPSourceList::allowSelf): Added.
3081         (WebCore::CSPSourceList::CSPSourceList): Take a constant reference to a ContentSecurityPolicy
3082         instead of a pointer since we never expected a null pointer. Remove fields from member
3083         initialization list that can be initialized using C++11 in-class initialization syntax.
3084         (WebCore::CSPSourceList::matches): Call ContentSecurityPolicy::urlMatchesSelf() to match the
3085         effective URL against the URL of source "self".
3086         (WebCore::CSPSourceList::parse): Update code as necessary now that m_policy is a reference
3087         instead of a pointer.
3088         (WebCore::CSPSourceList::parseSource): Simplify code by setting internal member fields directly
3089         instead of via member functions.
3090         (WebCore::CSPSourceList::parsePath): Update code as necessary now that m_policy is a reference
3091         instead of a pointer.
3092         (WebCore::CSPDirective::CSPDirective): Take a constant reference to a ContentSecurityPolicy
3093         instead of a pointer since we never expected a null pointer.
3094         (WebCore::CSPDirective::policy): Return a reference to a const ContentSecurityPolicy.
3095         (WebCore::MediaListDirective::MediaListDirective): Take a constant reference to a ContentSecurityPolicy
3096         instead of a pointer since we never expected a null pointer.
3097         (WebCore::MediaListDirective::parse): Update code as necessary now that m_policy is a reference
3098         instead of a pointer.
3099         (WebCore::SourceListDirective::SourceListDirective): Take a constant reference to a ContentSecurityPolicy
3100         instead of a pointer since we never expected a null pointer.
3101         (WebCore::SourceListDirective::allows): Write in terms of CSPSourceList::allowSelf() because we
3102         may not have a security origin to get a URL from if ContentSecurityPolicy was initiated without
3103         a ScriptExecutionContext object.
3104         (WebCore::CSPDirectiveList::reportURIs): Change return type from Vector<URL> to Vector<String>
3105         The caller will convert the strings to URLs with respect to the script execution context.
3106         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3107         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3108         was initiated without a ScriptExecutionContext object.
3109         (WebCore::CSPDirectiveList::CSPDirectiveList): Take a reference to a ContentSecurityPolicy
3110         instead of a pointer since we never expected a null pointer. It would be better to take a const
3111         reference to a ContentSecurityPolicy, but ContentSecurityPolicy::applySandboxPolicy() needs to set
3112         state on ContentSecurityPolicy :(
3113         (WebCore::CSPDirectiveList::create): Ditto.
3114         (WebCore::CSPDirectiveList::reportViolation): Update code as necessary now that m_policy is a reference
3115         instead of a pointer.
3116         (WebCore::CSPDirectiveList::checkEvalAndReportViolation): Ditto.
3117         (WebCore::CSPDirectiveList::checkInlineAndReportViolation): Ditto.
3118         (WebCore::CSPDirectiveList::parseDirective): Ditto.
3119         (WebCore::CSPDirectiveList::parseReportURI): Store the report URI as a string instead of a URL
3120         because we may not have a security origin to compute the absolute URL if ContentSecurityPolicy
3121         was initiated without a ScriptExecutionContext object.
3122         (WebCore::CSPDirectiveList::setCSPDirective): Update code as necessary now that m_policy is a reference
3123         instead of a pointer.
3124         (WebCore::CSPDirectiveList::applySandboxPolicy): Ditto.
3125         (WebCore::CSPDirectiveList::parseReflectedXSS): Ditto.
3126         (WebCore::CSPDirectiveList::addDirective): Ditto.
3127         (WebCore::ContentSecurityPolicy::ContentSecurityPolicy): Modified to take the ScriptExecutionObject
3128         as a reference and compute the CSPSource object for "self" and cache the protocol for "self". Removed
3129         field m_overrideInlineStyleAllowed from the member initialization list and used C++11 in-class
3130         initialization syntax to initialize it. Added overloaded constructor that takes a SecurityOrigin object.
3131         We are not making use of this overloaded constructor at this time. We will in a subsequent patch.
3132         (WebCore::ContentSecurityPolicy::didReceiveHeader): Store the eval disabled error message for
3133         the last parsed policy in a member field instead of using it as part of disabling eval execution
3134         on the script execution context because we may not have such a context.
3135         (WebCore::ContentSecurityPolicy::applyPolicyToScriptExecutionContext): Applies the content security
3136         policy eval and sandbox restrictions to the script execution context.
3137         (WebCore::ContentSecurityPolicy::urlMatchesSelf): Match the specified URL against the URL for
3138         source "self".
3139         (WebCore::ContentSecurityPolicy::protocolMatchesSelf): Match the protocol of the specified URL
3140         against the protocol for source "self".
3141         (WebCore::ContentSecurityPolicy::gatherReportURIs): Modified to use the script execution context
3142         to compute the absolute URL for each report URI.
3143         (WebCore::ContentSecurityPolicy::reportViolation): Bail out if we do not have a script execution
3144         context.
3145         (WebCore::ContentSecurityPolicy::logToConsole): Only log to the console if we have a script
3146         execution context.
3147         (WebCore::ContentSecurityPolicy::reportBlockedScriptExecutionToInspector): Only report blocked
3148         script execution to the Web Inspector if we have a script execution context.
3149         (WebCore::CSPSourceList::addSourceSelf): Deleted.
3150         (WebCore::CSPSourceList::addSourceStar): Deleted.
3151         (WebCore::CSPSourceList::addSourceUnsafeInline): Deleted.
3152         (WebCore::CSPSourceList::addSourceUnsafeEval): Deleted.
3153         (WebCore::CSPDirectiveList::gatherReportURIs): Deleted.
3154         (WebCore::ContentSecurityPolicy::securityOrigin): Deleted.
3155         (WebCore::ContentSecurityPolicy::url): Deleted.
3156         (WebCore::ContentSecurityPolicy::completeURL): Deleted.
3157         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Deleted.
3158         * page/csp/ContentSecurityPolicy.h:
3159         (WebCore::ContentSecurityPolicy::enforceSandboxFlags): Accumulates the parsed sandbox flags. We
3160         will apply the sandbox flags in ContentSecurityPolicy::applyPolicyToScriptExecutionContext().
3161         * workers/WorkerGlobalScope.cpp:
3162         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Instantiate ContentSecurityPolicy.
3163         (WebCore::WorkerGlobalScope::applyContentSecurityPolicyResponseHeaders): Move instantiation of
3164         ContentSecurityPolicy from here to constructor.
3165
3166 2016-02-02  Eric Carlson  <eric.carlson@apple.com>
3167
3168         Allow ports to disable automatic text track selection
3169         https://bugs.webkit.org/show_bug.cgi?id=153761
3170         <rdar://problem/24416768>
3171
3172         Reviewed by Darin Adler.
3173
3174         Test: media/track/track-manual-mode.html
3175
3176         * Modules/mediacontrols/MediaControlsHost.cpp:
3177         (WebCore::MediaControlsHost::manualKeyword): New.
3178         (WebCore::MediaControlsHost::captionDisplayMode): Support 'manual' mode.
3179         * Modules/mediacontrols/MediaControlsHost.h:
3180
3181         * Modules/mediacontrols/mediaControlsApple.js:
3182         (Controller.prototype.buildCaptionMenu): Check the 'off' item when in manual mode.
3183
3184         * html/HTMLMediaElement.cpp:
3185         (WebCore::HTMLMediaElement::addTextTrack): Update m_captionDisplayMode when called for the first
3186           time so it is always correct. Set the track's manual selection mode as appropriate.
3187         (WebCore::HTMLMediaElement::captionPreferencesChanged): Set each track's manual selection 
3188           mode as appropriate.
3189
3190         * html/track/TextTrack.cpp:
3191         (WebCore::TextTrack::kind): Return 'subtitles' for forced tracks when in manual mode.
3192         * html/track/TextTrack.h:
3193
3194         * html/track/TrackBase.h:
3195         (WebCore::TrackBase::kind): Make virtual.
3196
3197         * page/CaptionUserPreferences.cpp:
3198         (WebCore::CaptionUserPreferences::beginBlockingNotifications): New.
3199         (WebCore::CaptionUserPreferences::endBlockingNotifications): Ditto.
3200         (WebCore::CaptionUserPreferences::notify): Don't notify when blocked.
3201         * page/CaptionUserPreferences.h:
3202
3203         * page/CaptionUserPreferencesMediaAF.cpp:
3204         (WebCore::CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF): Set manual mode 
3205           when appropriate.
3206         (WebCore::CaptionUserPreferencesMediaAF::captionDisplayMode): Check manual mode.
3207         (WebCore::CaptionUserPreferencesMediaAF::setCaptionDisplayMode): Ditto.
3208         (WebCore::CaptionUserPreferencesMediaAF::setPreferredLanguage): Ditto.
3209         (WebCore::CaptionUserPreferencesMediaAF::textTrackSelectionScore): Return zero when in manual mode.
3210         (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Consider manual mode. Fix
3211           typos in logging.
3212
3213         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3214         (WebCore::mediaDescriptionForKind): Return 'auxiliary' when in manual mode.
3215
3216         * testing/Internals.cpp:
3217         (WebCore::Internals::setCaptionDisplayMode): Support manual mode.
3218
3219 2016-02-02  Adrien Plazas  <aplazas@igalia.com>
3220
3221         REGRESSION(r195899): ASSERTION FAILED: is<Target>(source) in EventPath::retargetTouch() since r195899
3222         https://bugs.webkit.org/show_bug.cgi?id=153741
3223
3224         Reviewed by Ryosuke Niwa.
3225
3226         * dom/EventDispatcher.cpp:
3227         (WebCore::EventPath::retargetTouch):
3228
3229 2016-02-01  Joseph Pecoraro  <pecoraro@apple.com>
3230
3231         Web Inspector: High Level Memory Overview Instrument
3232         https://bugs.webkit.org/show_bug.cgi?id=153516
3233         <rdar://problem/24356378>
3234
3235         Reviewed by Brian Burg.
3236
3237         Add a new agent that gathers data from the ResourceUsageThread
3238         and sends to the frontend.
3239
3240         Test: inspector/memory/tracking.html
3241
3242         * CMakeLists.txt:
3243         * Configurations/FeatureDefines.xcconfig:
3244         * WebCore.xcodeproj/project.pbxproj:
3245         New files.
3246
3247         * inspector/InspectorController.cpp:
3248         (WebCore::InspectorController::InspectorController):
3249         Add the new agent.
3250
3251         * inspector/InspectorMemoryAgent.h: Added.
3252         * inspector/InspectorMemoryAgent.cpp: Added.
3253         (WebCore::InspectorMemoryAgent::InspectorMemoryAgent):
3254         (WebCore::InspectorMemoryAgent::didCreateFrontendAndBackend):
3255         (WebCore::InspectorMemoryAgent::willDestroyFrontendAndBackend):
3256         (WebCore::InspectorMemoryAgent::startTracking):
3257         (WebCore::InspectorMemoryAgent::stopTracking):
3258         (WebCore::InspectorMemoryAgent::collectSample):
3259         Implement the agent by adding / removing it as a ResourceUsage
3260         observer. When receiving the data forward it to the frontend.
3261
3262 2016-02-01  Alex Christensen  <achristensen@webkit.org>
3263
3264         Fix CMake build.
3265
3266         * PlatformMac.cmake:
3267
3268 2016-02-01  Brady Eidson  <beidson@apple.com>
3269
3270         Modern IDB: Cursors (still) do not keep their opening request alive.
3271         https://bugs.webkit.org/show_bug.cgi?id=153724
3272
3273         Reviewed by Alex Christensen.
3274
3275         No new tests (All existing tests pass without flakiness).
3276
3277         IDBCursors did not properly keep their JS wrappers alive.
3278         Making them ActiveDOMObjects that keep track of how many requests might be in flight fixes this.
3279         This also makes them actually keep their opening-request live via the opaque-root mechanism.
3280         
3281         IDBCursorWithValue also needed to opt in to all of these mechanisms.
3282
3283         * CMakeLists.txt:
3284         * WebCore.xcodeproj/project.pbxproj:
3285
3286         * Modules/indexeddb/IDBCursor.h:
3287         (WebCore::IDBCursor::hasPendingActivity): The base IDBCursor always has no pending activity,
3288           to maintain current behavior in LegacyIDB. This weirdness will go away when LegacyIDB does.
3289         * Modules/indexeddb/IDBCursor.idl:
3290         * Modules/indexeddb/IDBCursorWithValue.idl:
3291
3292         Track a count for all outstanding requests to keep the cursor alive as an ActiveDOMObject.
3293         * Modules/indexeddb/client/IDBCursorImpl.cpp:
3294         (WebCore::IDBClient::IDBCursor::IDBCursor):
3295         (WebCore::IDBClient::IDBCursor::update):
3296         (WebCore::IDBClient::IDBCursor::uncheckedIterateCursor):
3297         (WebCore::IDBClient::IDBCursor::deleteFunction):
3298         (WebCore::IDBClient::IDBCursor::activeDOMObjectName):
3299         (WebCore::IDBClient::IDBCursor::canSuspendForDocumentSuspension):
3300         (WebCore::IDBClient::IDBCursor::hasPendingActivity):
3301         (WebCore::IDBClient::IDBCursor::decrementOutstandingRequestCount):
3302         * Modules/indexeddb/client/IDBCursorImpl.h:
3303         
3304         Rework the "delete" family of functions on the object store to allow for returning a modern IDBRequest.
3305         A lot of this can go away when LegacyIDB does.
3306         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
3307         (WebCore::IDBClient::IDBObjectStore::deleteFunction):
3308         (WebCore::IDBClient::IDBObjectStore::doDelete):
3309         (WebCore::IDBClient::IDBObjectStore::modernDelete):
3310         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
3311         
3312         * Modules/indexeddb/client/IDBRequestImpl.cpp:
3313         (WebCore::IDBClient::IDBRequest::setSource): Setup a ScopeGuard to decrement the cursor's request
3314           count whenever it makes sense to do so.
3315         (WebCore::IDBClient::IDBRequest::dispatchEvent): Clear the ScopeGuard (if it exists) to decrement the count.
3316         (WebCore::IDBClient::IDBRequest::willIterateCursor): Set the ScopeGuard.
3317         (WebCore::IDBClient::IDBRequest::didOpenOrIterateCursor): Clear the ScopeGuard (if it exists) to decrement the count.
3318         * Modules/indexeddb/client/IDBRequestImpl.h:
3319         
3320         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
3321         (WebCore::IDBServer::ScopeGuard::ScopeGuard): Deleted.
3322         (WebCore::IDBServer::ScopeGuard::~ScopeGuard): Deleted.
3323         (WebCore::IDBServer::ScopeGuard::enable): Deleted.
3324         (WebCore::IDBServer::ScopeGuard::disable): Deleted.
3325         
3326         * bindings/js/JSIDBCursorWithValueCustom.cpp: Added.
3327         (WebCore::JSIDBCursorWithValue::visitAdditionalChildren):
3328         
3329         * platform/ScopeGuard.h: Added.
3330         (WebCore::ScopeGuard::ScopeGuard):
3331         (WebCore::ScopeGuard::~ScopeGuard):
3332         (WebCore::ScopeGuard::enable):
3333         (WebCore::ScopeGuard::disable):
3334
3335 2016-02-01  Sun-woo Nam  <sunny.nam@samsung.com>
3336
3337         Free Colormap when XWindow is destroyed.
3338         https://bugs.webkit.org/show_bug.cgi?id=153413
3339
3340         Reviewed by Žan Doberšek.
3341
3342         Colormap is needed to create XWindow and it should be freed when XWindow is destroyed.
3343         Unless Colormap is freed before destroying XWindow, memory leak is suspected.
3344         XFreeColormap therefore is needed on X11Helper.
3345
3346         * platform/graphics/surfaces/glx/X11Helper.cpp: Added XFreeColormap.
3347         (WebCore::X11Helper::destroyWindow):
3348
3349 2016-02-01  Tim Horton  <timothy_horton@apple.com>
3350
3351         Move some SPI declarations into the appropriate SPI header
3352         https://bugs.webkit.org/show_bug.cgi?id=153755
3353
3354         Reviewed by Darin Adler.
3355
3356         * platform/graphics/cocoa/IOSurface.mm:
3357         * platform/spi/cg/CoreGraphicsSPI.h:
3358
3359 2016-02-01  Tim Horton  <timothy_horton@apple.com>
3360
3361         Snapshot surfaces are forever wired after being compressed
3362         https://bugs.webkit.org/show_bug.cgi?id=153751
3363         <rdar://problem/24354546>
3364
3365         Reviewed by Darin Adler.
3366
3367         * platform/graphics/cocoa/IOSurface.mm:
3368         (IOSurface::convertToFormat):
3369         Allow IOSurfaceAccelerator to unwire surfaces after they're transformed.
3370
3371 2016-02-01  Dan Bernstein  <mitz@apple.com>
3372
3373         <rdar://problem/20150072> [iOS] Remove some file upload code only needed before iOS 9
3374         https://bugs.webkit.org/show_bug.cgi?id=153754
3375