Fix build.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-21  Anders Carlsson  <andersca@apple.com>
2
3         Fix build.
4
5         * Configurations/FeatureDefines.xcconfig:
6
7 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
8
9         Unreviewed, rolling out r202302, r202303, r202305, and
10         r202306.
11
12         Roll out the rollouts because of breaking the build.
13
14         Reverted changesets:
15
16         "Unreviewed, rolling out r200678."
17         https://bugs.webkit.org/show_bug.cgi?id=157453
18         http://trac.webkit.org/changeset/202302
19
20         "Unreviewed, rolling out r200619."
21         https://bugs.webkit.org/show_bug.cgi?id=131443
22         http://trac.webkit.org/changeset/202303
23
24         "Unreviewed, attempt to fix the build after r202303."
25         http://trac.webkit.org/changeset/202305
26
27         "Unreviewed, attempt to fix the build after r202303."
28         http://trac.webkit.org/changeset/202306
29
30 2016-06-21  Chris Dumez  <cdumez@apple.com>
31
32         Unreviewed, attempt to fix the build after r202303.
33
34         * bindings/js/JSDOMIterator.h:
35         (WebCore::IteratorInspector::decltype):
36         (WebCore::IteratorInspector::test):
37
38 2016-06-21  Chris Dumez  <cdumez@apple.com>
39
40         Unreviewed, attempt to fix the build after r202303.
41
42         * bindings/js/JSDOMIterator.h:
43         (WebCore::toJS):
44
45 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
46
47         Unreviewed, rolling out r200619.
48
49         This incompleted feature broke http://m.yahoo.co.jp. Roll it
50         out together with r200678.
51
52         Reverted changeset:
53
54         "NodeList should be iterable"
55         https://bugs.webkit.org/show_bug.cgi?id=131443
56         http://trac.webkit.org/changeset/200619
57
58 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
59
60         Unreviewed, rolling out r200678.
61
62         This incompleted feature broke http://m.yahoo.co.jp. Roll it
63         out together with r200619.
64
65         Reverted changeset:
66
67         "Ensure DOM iterators remain done"
68         https://bugs.webkit.org/show_bug.cgi?id=157453
69         http://trac.webkit.org/changeset/200678
70
71 2016-06-21  Anders Carlsson  <andersca@apple.com>
72
73         Begin moving the Apple Pay code to the open source repository
74         https://bugs.webkit.org/show_bug.cgi?id=158998
75
76         Reviewed by Tim Horton.
77
78         * Configurations/FeatureDefines.xcconfig:
79         Add ENABLE_APPLE_PAY.
80
81         * Modules/applepay/PaymentCoordinator.cpp: Added.
82         * Modules/applepay/PaymentCoordinator.h: Added.
83         * Modules/applepay/PaymentCoordinatorClient.h: Added.
84         * Modules/applepay/PaymentRequest.cpp: Added.
85         * Modules/applepay/PaymentRequest.h: Added.
86         * Modules/applepay/cocoa/PaymentCocoa.mm: Added.
87         * WebCore.xcodeproj/project.pbxproj:
88         Add new files.
89
90         * dom/EventNames.h:
91         Add new event names.
92
93         * page/MainFrame.h:
94         Use a forward declaration.
95
96 2016-06-21  Said Abou-Hallawa  <sabouhallawa@apple,com>
97
98         Add system tracing points for requestAnimationFrame() workflow
99         https://bugs.webkit.org/show_bug.cgi?id=158723
100
101         Reviewed by Simon Fraser.
102
103         Add trace points for requestAnimationFrame().
104
105         * dom/ScriptedAnimationController.cpp:
106         (WebCore::ScriptedAnimationController::requestAnimationFrameEnabled):
107         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
108         (WebCore::ScriptedAnimationController::windowScreenDidChange):
109         (WebCore::ScriptedAnimationController::scheduleAnimation):
110         * dom/ScriptedAnimationController.h:
111         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
112         (WebCore::DisplayRefreshMonitorIOS::requestRefreshCallback):
113         (WebCore::DisplayRefreshMonitorIOS::displayLinkFired):
114
115 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
116
117         [iOS] Typing text into a text field or text area causes screen to scroll down (hiding text entry)
118         https://bugs.webkit.org/show_bug.cgi?id=158970
119
120         Reviewed by Ryosuke Niwa.
121
122         insertTextWithoutSendingTextEvent() should only reveal the selection up to the main frame on iOS,
123         since the UI process can zoom and scroll the view to the text input.
124
125         Test: fast/forms/ios/typing-in-input-in-iframe.html
126
127         * editing/Editor.cpp:
128         (WebCore::Editor::insertTextWithoutSendingTextEvent):
129
130 2016-06-21  Adam Bergkvist  <adam.bergkvist@ericsson.com>
131
132         WebRTC: Remove unused MediaEndpointClient::gotRemoteSource function
133         https://bugs.webkit.org/show_bug.cgi?id=158986
134
135         Reviewed by Eric Carlson.
136
137         Remote sources are explicitly created with MediaEndpoint::createMutedRemoteSource so the
138         MediaEndpointClient::gotRemoteSource can be removed.
139
140         No change in behavior.
141
142         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
143         (WebCore::MediaEndpointPeerConnection::gotRemoteSource): Deleted.
144         * Modules/mediastream/MediaEndpointPeerConnection.h:
145         * platform/mediastream/MediaEndpoint.h:
146
147 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
148
149         Focus event dispatched in iframe causes parent document to scroll incorrectly
150         https://bugs.webkit.org/show_bug.cgi?id=158629
151         rdar://problem/26521616
152
153         Reviewed by Tim Horton.
154
155         When focussing elements in iframes, the page could scroll to an incorrect location.
156         This happened because code in Element::focus() tried to disable scrolling on focus,
157         but did so only for the current frame, so ancestor frames got programmatically scrolled.
158         On iOS we handle the scrolling in the UI process, so never want the web process to
159         do programmatic scrolling.
160
161         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
162         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
163         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
164
165         Tests: fast/forms/ios/focus-input-in-iframe.html
166                fast/forms/ios/programmatic-focus-input-in-iframe.html
167
168         * dom/Document.h:
169         * dom/Element.cpp:
170         (WebCore::Element::scrollIntoView):
171         (WebCore::Element::scrollIntoViewIfNeeded):
172         (WebCore::Element::scrollIntoViewIfNotVisible):
173         (WebCore::Element::focus):
174         (WebCore::Element::updateFocusAppearance):
175         * dom/Element.h:
176         * editing/Editor.cpp:
177         (WebCore::Editor::insertTextWithoutSendingTextEvent):
178         (WebCore::Editor::revealSelectionAfterEditingOperation):
179         (WebCore::Editor::findStringAndScrollToVisible):
180         * editing/FrameSelection.cpp:
181         (WebCore::FrameSelection::updateAndRevealSelection):
182         (WebCore::FrameSelection::revealSelection):
183         (WebCore::FrameSelection::FrameSelection): Deleted.
184         * editing/FrameSelection.h:
185         * html/HTMLInputElement.cpp:
186         (WebCore::HTMLInputElement::updateFocusAppearance):
187         * html/HTMLTextAreaElement.cpp:
188         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
189         * page/ContextMenuController.cpp:
190         (WebCore::ContextMenuController::contextMenuItemSelected):
191         * page/FrameView.cpp:
192         (WebCore::FrameView::scrollToAnchor):
193         * rendering/RenderLayer.cpp:
194         (WebCore::RenderLayer::scrollRectToVisible):
195         (WebCore::RenderLayer::autoscroll):
196         * rendering/RenderLayer.h:
197         * rendering/RenderObject.cpp:
198         (WebCore::RenderObject::scrollRectToVisible):
199         * rendering/RenderObject.h:
200
201 2016-06-21  Frederic Wang  <fwang@igalia.com>
202
203         Implement RenderMathMLOperator::layoutBlock
204         https://bugs.webkit.org/show_bug.cgi?id=157521
205
206         Reviewed by Brent Fulgham.
207
208         No new tests, already covered by existing tests.
209
210         Add an initial implementation of RenderMathMLOperator::layoutBlock, which will perform
211         special layout when the MathOperator is used. We also improved how the logical height is
212         calculated and avoid updating the style when stretchTo is called.
213
214         * rendering/mathml/RenderMathMLOperator.cpp:
215         (WebCore::RenderMathMLOperator::stretchTo):
216         (WebCore::RenderMathMLOperator::layoutBlock):
217         (WebCore::RenderMathMLOperator::computeLogicalHeight): Deleted.
218         * rendering/mathml/RenderMathMLOperator.h:
219
220 2016-06-21  Chris Dumez  <cdumez@apple.com>
221
222         Unreviewed, roll out r202268 as it looks like it was a ~50% regression on Dromaeo DOM Core
223
224         * bindings/scripts/CodeGeneratorJS.pm:
225         (GenerateImplementation):
226         (GeneratePrototypeDeclaration):
227         * bindings/scripts/test/JS/JSInterfaceName.cpp:
228         (WebCore::JSInterfaceNamePrototype::finishCreation):
229         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
230         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
231         (WebCore::JSTestActiveDOMObject::createPrototype): Deleted.
232         (WebCore::JSTestActiveDOMObject::prototype): Deleted.
233         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
234         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
235         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
236         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
237         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
238         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
239         (WebCore::JSTestCustomNamedGetter::JSTestCustomNamedGetter): Deleted.
240         (WebCore::JSTestCustomNamedGetter::createPrototype): Deleted.
241         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
242         (WebCore::JSTestEventConstructorPrototype::finishCreation):
243         (WebCore::JSTestEventConstructor::createPrototype): Deleted.
244         (WebCore::JSTestEventConstructor::prototype): Deleted.
245         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
246         (WebCore::JSTestEventTargetPrototype::finishCreation):
247         (WebCore::JSTestEventTarget::JSTestEventTarget): Deleted.
248         (WebCore::JSTestEventTarget::createPrototype): Deleted.
249         * bindings/scripts/test/JS/JSTestException.cpp:
250         (WebCore::JSTestExceptionPrototype::finishCreation):
251         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
252         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
253         * bindings/scripts/test/JS/JSTestInterface.cpp:
254         (WebCore::JSTestInterfacePrototype::finishCreation):
255         (WebCore::jsTestInterfaceImplementsStr2): Deleted.
256         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
257         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
258         (WebCore::JSTestJSBuiltinConstructor::JSTestJSBuiltinConstructor): Deleted.
259         (WebCore::JSTestJSBuiltinConstructor::createPrototype): Deleted.
260         (WebCore::JSTestJSBuiltinConstructor::destroy): Deleted.
261         (WebCore::jsTestJSBuiltinConstructorTestAttributeCustom): Deleted.
262         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
263         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
264         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener): Deleted.
265         (WebCore::JSTestMediaQueryListListener::createPrototype): Deleted.
266         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
267         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
268         * bindings/scripts/test/JS/JSTestNode.cpp:
269         (WebCore::JSTestNodePrototype::finishCreation):
270         (WebCore::JSTestNode::JSTestNode): Deleted.
271         (WebCore::JSTestNode::prototype): Deleted.
272         (WebCore::jsTestNodeName): Deleted.
273         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
274         (WebCore::JSTestNondeterministicPrototype::finishCreation):
275         (WebCore::JSTestNondeterministic::JSTestNondeterministic): Deleted.
276         (WebCore::JSTestNondeterministic::prototype): Deleted.
277         (WebCore::JSTestNondeterministic::destroy): Deleted.
278         * bindings/scripts/test/JS/JSTestObj.cpp:
279         (WebCore::JSTestObjPrototype::finishCreation):
280         (WebCore::JSTestObj::JSTestObj): Deleted.
281         (WebCore::JSTestObj::createPrototype): Deleted.
282         (WebCore::JSTestObj::prototype): Deleted.
283         (WebCore::JSTestObj::destroy): Deleted.
284         (WebCore::JSTestObj::getOwnPropertySlot): Deleted.
285         (WebCore::JSTestObj::getOwnPropertySlotByIndex): Deleted.
286         (WebCore::jsTestObjReadOnlyLongAttr): Deleted.
287         (WebCore::jsTestObjReadOnlyStringAttr): Deleted.
288         (WebCore::jsTestObjReadOnlyTestObjAttr): Deleted.
289         (WebCore::jsTestObjConstructorStaticReadOnlyLongAttr): Deleted.
290         (WebCore::jsTestObjConstructorStaticStringAttr): Deleted.
291         (WebCore::jsTestObjConstructorTestSubObj): Deleted.
292         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor): Deleted.
293         (WebCore::jsTestObjEnumAttr): Deleted.
294         (WebCore::jsTestObjByteAttr): Deleted.
295         (WebCore::jsTestObjOctetAttr): Deleted.
296         (WebCore::jsTestObjShortAttr): Deleted.
297         (WebCore::jsTestObjClampedShortAttr): Deleted.
298         (WebCore::jsTestObjEnforceRangeShortAttr): Deleted.
299         (WebCore::jsTestObjUnsignedShortAttr): Deleted.
300         (WebCore::jsTestObjLongAttr): Deleted.
301         (WebCore::jsTestObjLongLongAttr): Deleted.
302         (WebCore::jsTestObjReflectedCustomBooleanAttr): Deleted.
303         (WebCore::jsTestObjReflectedCustomURLAttr): Deleted.
304         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
305         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
306         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
307         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
308         (WebCore::JSTestOverrideBuiltins::JSTestOverrideBuiltins): Deleted.
309         (WebCore::JSTestOverrideBuiltins::createPrototype): Deleted.
310         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
311         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
312         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface): Deleted.
313         (WebCore::JSTestSerializedScriptValueInterface::prototype): Deleted.
314         (WebCore::JSTestSerializedScriptValueInterface::destroy): Deleted.
315         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
316         (WebCore::JSTestTypedefsPrototype::finishCreation):
317         (WebCore::JSTestTypedefs::JSTestTypedefs): Deleted.
318         (WebCore::JSTestTypedefs::createPrototype): Deleted.
319         (WebCore::JSTestTypedefs::prototype): Deleted.
320         (WebCore::JSTestTypedefs::destroy): Deleted.
321         (WebCore::jsTestTypedefsUnsignedLongLongAttr): Deleted.
322         (WebCore::jsTestTypedefsImmutableSerializedScriptValue): Deleted.
323         (WebCore::jsTestTypedefsAttrWithGetterException): Deleted.
324         * bindings/scripts/test/JS/JSattribute.cpp:
325         (WebCore::JSattributePrototype::finishCreation):
326         * bindings/scripts/test/JS/JSreadonly.cpp:
327         (WebCore::JSreadonlyPrototype::finishCreation):
328
329 2016-06-21  Keith Miller  <keith_miller@apple.com>
330
331         It should be easy to add a private global helper function for builtins
332         https://bugs.webkit.org/show_bug.cgi?id=158893
333
334         Reviewed by Mark Lam.
335
336         Add JSCJSValueInlines.h to fix build issues.
337
338         * platform/mock/mediasource/MockBox.cpp:
339
340 2016-06-21  Amir Alavi  <aalavi@apple.com>
341
342         Upstream WKHTTPCookiesForURL from WebKitSystemInterface to OpenSource
343         https://bugs.webkit.org/show_bug.cgi?id=158967
344
345         Reviewed by Brent Fulgham.
346
347         * platform/ios/WebCoreSystemInterfaceIOS.mm:
348         * platform/mac/WebCoreSystemInterface.h:
349         * platform/mac/WebCoreSystemInterface.mm:
350         * platform/network/mac/CookieJarMac.mm:
351         (WebCore::httpCookiesForURL): Upstreamed from WebKitSystemInterface.
352         (WebCore::cookiesForURL): Changed to call httpCookiesForURL.
353         (WebCore::deleteCookie): Ditto.
354         * platform/spi/cf/CFNetworkSPI.h:
355
356 2016-06-21  Chris Dumez  <cdumez@apple.com>
357
358         Unreviewed, rolling out r202231.
359
360         Seems to have regressed PLT on both iOS and Mac (very obvious
361         on iOS Warm PLT)
362
363         Reverted changeset:
364
365         "When navigating, discard decoded image data that is only live
366         due to page cache."
367         https://bugs.webkit.org/show_bug.cgi?id=158941
368         http://trac.webkit.org/changeset/202231
369
370 2016-06-21  Youenn Fablet  <youennf@gmail.com>
371
372         Add bindings generator support to add a native JS function to both a 'name' and a private '@name' slot
373         https://bugs.webkit.org/show_bug.cgi?id=158777
374
375         Reviewed by Eric Carlson.
376
377         Adding a new PublicIdentifier keyword to cover the case of the same function exposed publicly and privately.
378         Renaming Private keyword to PrivateIdentifier.
379         Functions exposed both publicly and privately should set both keywords.
380         By default, functions are publically exposed.
381
382         Updated binding generator to generate public exposure except if PrivateIdentifer is set and PublicIdentifier is
383         not set.
384
385         Keeping skipping of ObjC/GObject binding for PrivateIdentifier-only functions.
386
387         Covered by rebased binding tests.
388
389         * Modules/fetch/FetchHeaders.idl:
390         * Modules/fetch/FetchResponse.idl:
391         * Modules/mediastream/MediaDevices.idl:
392         * Modules/mediastream/RTCPeerConnection.idl:
393         * bindings/scripts/CodeGeneratorGObject.pm:
394         (SkipFunction):
395         * bindings/scripts/CodeGeneratorJS.pm:
396         (GeneratePropertiesHashTable):
397         (GenerateImplementation):
398         * bindings/scripts/CodeGeneratorObjC.pm:
399         (SkipFunction):
400         * bindings/scripts/IDLAttributes.txt:
401         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
402         (webkit_dom_test_obj_private_also_method):
403         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
404         * bindings/scripts/test/JS/JSTestObj.cpp:
405         (WebCore::JSTestObjPrototype::finishCreation):
406         (WebCore::jsTestObjPrototypeFunctionPrivateMethod):
407         (WebCore::jsTestObjPrototypeFunctionPrivateAlsoMethod):
408         * bindings/scripts/test/ObjC/DOMTestObj.h:
409         * bindings/scripts/test/ObjC/DOMTestObj.mm:
410         (-[DOMTestObj privateAlsoMethod:]):
411         * bindings/scripts/test/TestObj.idl:
412
413 2016-06-21  Dan Bernstein  <mitz@apple.com>
414
415         Inlined some picture-in-picture code.
416         https://bugs.webkit.org/show_bug.cgi?id=158977
417
418         Reviewed by Eric Carlsson.
419
420         This code was written primarily by Ada Chan, and originally reviewed by Alex Christensen,
421         Anders Carlsson, Conrad Shultz, Dan Bernstein, Eric Carlson, Jer Noble, Jeremy Jones,
422         Jon Lee, Remy Demarest, and Zach Li.
423
424         * English.lproj/Localizable.strings:
425           Updated using update-webkit-localizable-strings.
426
427         * Modules/mediacontrols/mediaControlsApple.css:
428         (video:-webkit-full-screen::-webkit-media-controls-panel .picture-in-picture-button):
429
430         * Modules/mediacontrols/mediaControlsApple.js:
431         (Controller.prototype.configureFullScreenControls):
432
433         * WebCore.xcodeproj/project.pbxproj: Added PIPSPI.h.
434
435         * html/HTMLMediaElement.cpp: Inlined code from HTMLMediaElementAdditions.cpp.
436
437         * html/HTMLVideoElement.cpp: Inlined code from HTMLVideoElementSupportsFullscreenAdditions.cpp.
438
439         * platform/LocalizedStrings.cpp:
440         (WebCore::contextMenuItemTagEnterVideoEnhancedFullscreen): Brought in from ContextMenuLocalizedStringsAdditions.cpp.
441         (WebCore::contextMenuItemTagExitVideoEnhancedFullscreen): Ditto.
442         (WebCore::AXARIAContentGroupText): Made updates that should have been part of r198543.
443
444         * platform/mac/WebVideoFullscreenInterfaceMac.h: Removed USE(APPLE_INTERNAL_SDK) guards.
445         * platform/mac/WebVideoFullscreenInterfaceMac.mm: Inlined WebVideoFullscreenInterfaceMacAdditions.mm.
446
447         * platform/spi/mac/PIPSPI.h: Added.
448
449         * rendering/HitTestResult.cpp: Inlined HitTestResultAdditions.cpp.
450
451         * rendering/RenderThemeMac.mm:
452         (WebCore::RenderThemeMac::mediaControlsStyleSheet): Removed include of
453           RenderThemeMacMediaControlsStyleSheetAdditions.mm now that the content is in
454           mediaControlsApple.css.
455         (WebCore::RenderThemeMac::mediaControlsScript): Removed include of
456           RenderThemeMacMediaControlsScriptAdditions.mm now that the content is in mediaControlsApple.js.
457
458 2016-06-21  Miguel Gomez  <magomez@igalia.com>
459
460         [GStreamer] video orientation support
461         https://bugs.webkit.org/show_bug.cgi?id=148524
462
463         Reviewed by Philippe Normand.
464
465         Rotate video frames to follow the orientation metadata in the video file.
466         When accelerated compositing is disabled, the rotation is performed by a videoflip element added
467         to the playbin.
468         When accelerated compositing is enabled, the rotation is peformed by the TextureMapper in response
469         to a rotation flag set on the frame buffers.
470
471         Test: media/video-orientation.html
472
473         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
474         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
475         Handle the GST_MESSAGE_TAG message from the bin.
476         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
477         Add the videflip element to the bin when accelerated compositing is disabled.
478         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
479         (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
480         Receive and use extra flags for the TextureMapper.
481         (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
482         (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
483         When using accelerated compositing, transpose the video size if the rotation is 90 or 270 degrees.
484         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
485         Add rotation flag to frame holder and layer buffer.
486         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
487         Use rotation flag when requesting the TextureMapper to draw.
488         (WebCore::MediaPlayerPrivateGStreamerBase::setVideoSourceRotation):
489         Function to store the video rotation.
490         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
491         Add bits to store the video rotation.
492         * platform/graphics/texmap/TextureMapperGL.cpp:
493         (WebCore::TextureMapperGL::drawTexturedQuadWithProgram):
494         Modify the patternTransform according to the rotation flag passed.
495         * platform/graphics/texmap/TextureMapperGL.h:
496         Add new flags to handle the video souce rotation.
497         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
498         (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
499         Change the drawTexture method used so custom flags can be passed.
500         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
501         (WebCore::TextureMapperPlatformLayerBuffer::setExtraFlags):
502         New method to set TextureMapper flags.
503
504 2016-06-20  Frederic Wang  <fwang@igalia.com>
505
506         Use the MathOperator to handle some non-stretchy operators
507         https://bugs.webkit.org/show_bug.cgi?id=157519
508
509         Reviewed by Brent Fulgham.
510
511         To prepare for the removal of anonymous text node from the render classes of token elements
512         we use MathOperator to handle two cases where the actual text to display may not be
513         available in the DOM: mfenced and minus operators. This change removes support for the
514         case of mfenced operators with multiple characters since that it is not supported by
515         MathOperator. It is a edge case that is not used in practice since fences and separators are
516         only made of a single character. However, it would still be possible to duplicate some
517         code/logic to add it back if that turns out to be necessary.
518
519         No new tests, already covered by existing tests.
520
521         * rendering/mathml/MathOperator.cpp:
522         (WebCore::MathOperator::MathOperator): Rename UndefinedOperator.
523         (WebCore::RenderMathMLOperator::firstLineBaseline): Improve rounding of ascent so that mfenced operators are correctly aligned.
524         * rendering/mathml/MathOperator.h: Rename UndefinedOperator, since it can now be used to draw non-stretchy operators.
525         (WebCore::MathOperator::isStretched): Deleted. This function is no longer used by RenderMathMLOperator.
526         (WebCore::MathOperator::unstretch): Deleted. This function is no longer used by RenderMathMLOperator.
527         * rendering/mathml/RenderMathMLOperator.cpp:
528         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Use useMathOperator.
529         (WebCore::RenderMathMLOperator::rebuildTokenContent): Set the MathOperator when useMathOperator() is true.
530         When the operator is not likely to stretch we just leave its type as NormalOperator.
531         (WebCore::RenderMathMLOperator::useMathOperator): Helper function to determine when MathOperator should be used.
532         (WebCore::RenderMathMLOperator::firstLineBaseline): Use useMathOperator.
533         (WebCore::RenderMathMLOperator::computeLogicalHeight): Ditto.
534         (WebCore::RenderMathMLOperator::paint): Ditto.
535         (WebCore::RenderMathMLOperator::paintChildren): Ditto.
536         * rendering/mathml/RenderMathMLOperator.h: Declare useMathOperator.
537
538 2016-06-19  Gavin & Ellie Barraclough  <barraclough@apple.com>
539
540         Don't eagerly reify DOM Prototype properties
541         https://bugs.webkit.org/show_bug.cgi?id=158557
542
543         Reviewed by Andreas Kling.
544
545         We were eagerly reifying these properties to avoid virtualizing getOwnPropertySlot,
546         but since bug #158059 this does not require a method table call in any case.
547         Eagerly reifying these values likely has some CPU and memory cost on page load.
548
549         * bindings/scripts/CodeGeneratorJS.pm:
550         (GenerateImplementation):
551             - should generate compressed index for hashtable,
552               prototype object ClassInfo should contain static table,
553               don't reifyStaticProperties for prototype objects.
554         (GeneratePrototypeDeclaration):
555             - Set HasStaticPropertyTable for DOM prototype objects.
556         * bindings/scripts/test/JS/JSInterfaceName.cpp:
557         (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype):
558         (WebCore::JSInterfaceNamePrototype::finishCreation):
559         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
560         (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
561         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
562         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
563         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype):
564         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
565         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
566         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::JSTestCustomConstructorWithNoInterfaceObjectPrototype):
567         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
568         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
569         (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype):
570         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
571         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
572         (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
573         (WebCore::JSTestEventConstructorPrototype::finishCreation):
574         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
575         (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
576         (WebCore::JSTestEventTargetPrototype::finishCreation):
577         * bindings/scripts/test/JS/JSTestException.cpp:
578         (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
579         (WebCore::JSTestExceptionPrototype::finishCreation):
580         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
581         (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype):
582         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
583         * bindings/scripts/test/JS/JSTestInterface.cpp:
584         (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
585         (WebCore::JSTestInterfacePrototype::finishCreation):
586         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
587         (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype):
588         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
589         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
590         (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
591         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
592         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
593         (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
594         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
595         * bindings/scripts/test/JS/JSTestNode.cpp:
596         (WebCore::JSTestNodePrototype::JSTestNodePrototype):
597         (WebCore::JSTestNodePrototype::finishCreation):
598         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
599         (WebCore::JSTestNondeterministicPrototype::JSTestNondeterministicPrototype):
600         (WebCore::JSTestNondeterministicPrototype::finishCreation):
601         * bindings/scripts/test/JS/JSTestObj.cpp:
602         (WebCore::JSTestObjPrototype::JSTestObjPrototype):
603         (WebCore::JSTestObjPrototype::finishCreation):
604         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
605         (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
606         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
607         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
608         (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype):
609         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
610         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
611         (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
612         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
613         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
614         (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):
615         (WebCore::JSTestTypedefsPrototype::finishCreation):
616         * bindings/scripts/test/JS/JSattribute.cpp:
617         (WebCore::JSattributePrototype::JSattributePrototype):
618         (WebCore::JSattributePrototype::finishCreation):
619         * bindings/scripts/test/JS/JSreadonly.cpp:
620         (WebCore::JSreadonlyPrototype::JSreadonlyPrototype):
621         (WebCore::JSreadonlyPrototype::finishCreation):
622
623 2016-06-20  Adam Bergkvist  <adam.bergkvist@ericsson.com>
624
625         WebRTC: RTCIceCandidate init dictionary don't handle explicit null or undefined values correctly
626         https://bugs.webkit.org/show_bug.cgi?id=158873
627
628         Reviewed by Alejandro G. Castro.
629
630         Prevent explicit null and undefined values from being converted to "null" and "undefined"
631         strings.
632
633         Test: Extended fast/mediastream/RTCIceCandidate.html
634
635         * Modules/mediastream/RTCIceCandidate.cpp:
636         (WebCore::RTCIceCandidate::create):
637
638 2016-06-20  Commit Queue  <commit-queue@webkit.org>
639
640         Unreviewed, rolling out r202252.
641         https://bugs.webkit.org/show_bug.cgi?id=158974
642
643         See rdar://problem/26867866 for details (Requested by ap on
644         #webkit).
645
646         Reverted changeset:
647
648         "Adopt commitPriority to get rid of the 2 AVPL solution for
649         PiP"
650         https://bugs.webkit.org/show_bug.cgi?id=158949
651         http://trac.webkit.org/changeset/202252
652
653 2016-06-20  Commit Queue  <commit-queue@webkit.org>
654
655         Unreviewed, rolling out r202243.
656         https://bugs.webkit.org/show_bug.cgi?id=158972
657
658         Broke Windows build and iOS tests (Requested by ap on
659         #webkit).
660
661         Reverted changeset:
662
663         "Focus event dispatched in iframe causes parent document to
664         scroll incorrectly"
665         https://bugs.webkit.org/show_bug.cgi?id=158629
666         http://trac.webkit.org/changeset/202243
667
668 2016-06-20  Chris Dumez  <cdumez@apple.com>
669
670         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks()
671         https://bugs.webkit.org/show_bug.cgi?id=158968
672
673         Reviewed by Ryosuke Niwa.
674
675         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks():
676         - Use modern ancestorsOfType<HTMLAnchorElement>() to traverse anchor ancestors
677           instead of traversing by hand.
678         - Use NodeTraversal::next() to traverse the tree until we find endNode and
679           use a for loop instead of a while loop. Previously, the logic the determine
680           the next node was at the end of the loop and was identical behavior-wise
681           to NodeTraversal::next(). However, the previous code for a lot less efficient
682           because it was calling Node::childNodes() to get a NodeList of the children,
683           then calling length() on it to check if we had children and finally use
684           the first item in the list as next node. This was very inefficient because
685           NodeList::length() would need to traverse all children to figure out the
686           length and would cache all the children in a Vector in CollectionIndexCache.
687
688         * dom/ElementAncestorIterator.h:
689         (WebCore::ancestorsOfType):
690         * dom/ElementIterator.h:
691         (WebCore::findElementAncestorOfType):
692         (WebCore::findElementAncestorOfType<Element>):
693         Update ancestorsOfType() to take a Node instead of an Element. There are no
694         performance benefits to taking an Element here and it is a valid use case to
695         want an Element ancestor of a non-Element node.
696
697         * editing/cocoa/DataDetection.mm:
698         (WebCore::searchForLinkRemovingExistingDDLinks):
699         (WebCore::dataDetectorTypeForCategory): Deleted.
700
701 2016-06-20  Commit Queue  <commit-queue@webkit.org>
702
703         Unreviewed, rolling out r202248.
704         https://bugs.webkit.org/show_bug.cgi?id=158960
705
706         breaks builds on the simulator (Requested by keith_mi_ on
707         #webkit).
708
709         Reverted changeset:
710
711         "It should be easy to add a private global helper function for
712         builtins"
713         https://bugs.webkit.org/show_bug.cgi?id=158893
714         http://trac.webkit.org/changeset/202248
715
716 2016-06-20  Jeremy Jones  <jeremyj@apple.com>
717
718         Adopt commitPriority to get rid of the 2 AVPL solution for PiP
719         https://bugs.webkit.org/show_bug.cgi?id=158949
720         rdar://problem/26867866
721
722         Reviewed by Simon Fraser.
723
724         No new tests because there is no behavior change. This reverts changes from 
725         https://bugs.webkit.org/show_bug.cgi?id=158148 and instead uses -[CAContext commitPriority:]
726         to prevent flicker when moving a layer between contexts. 
727         commitPriority allows the layer to be added to the destination context before it is 
728         removed from the source context.
729
730         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: remove m_secondaryVideoLayer.
731         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
732         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): ditto.
733         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds): ditto.
734         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto.
735         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity): ditto.
736         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: ditto
737         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): ditto
738         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: ditto
739         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):ditto
740         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: ditto
741         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm: ditto
742         (WebCore::VideoFullscreenLayerManager::setVideoLayer): ditto
743         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer): ditto and adopt commitPriority.
744         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenFrame): ditto
745         (WebCore::VideoFullscreenLayerManager::setVideoLayers): Deleted. 
746         (WebCore::VideoFullscreenLayerManager::didDestroyVideoLayer): remove m_secondaryVideoLayer.
747         * platform/spi/cocoa/QuartzCoreSPI.h: Add commitPriority.
748
749 2016-06-20  Zalan Bujtas  <zalan@apple.com>
750
751         Set the end position on the placeholder BidiRun properly.
752         https://bugs.webkit.org/show_bug.cgi?id=158958
753
754         Reviewed by Myles C. Maxfield.
755         rdar://problem/26609266
756
757         The second paramenter for BidiRun indicates the end position and not the length of the run.
758         This was regressed at r102875 where only the start position was changed from 0 to pos.
759
760         Test: fast/text/international/bidi-style-in-isolate-crash.html
761
762         * rendering/InlineIterator.h:
763         (WebCore::addPlaceholderRunForIsolatedInline):
764
765 2016-06-20  Fujii Hironori  <Hironori.Fujii@sony.com>
766
767         A composition underline is placed to wrong position in RTL
768         https://bugs.webkit.org/show_bug.cgi?id=158602
769
770         Reviewed by Myles C. Maxfield.
771
772         InlineTextBox::paintCompositionUnderline does not take RTL into
773         account.  The position of composition underline should be
774         mirrored in RTL.
775
776         Test: editing/input/composition-underline-rtl.html
777
778         * rendering/InlineTextBox.cpp:
779         (WebCore::mirrorRTLSegment): New helper function to convert RTL start position to LTR.
780         (WebCore::InlineTextBox::paintDecoration): Use mirrorRTLSegment.
781         (WebCore::InlineTextBox::paintCompositionUnderline): Ditto.
782
783 2016-06-20  Keith Miller  <keith_miller@apple.com>
784
785         It should be easy to add a private global helper function for builtins
786         https://bugs.webkit.org/show_bug.cgi?id=158893
787
788         Reviewed by Mark Lam.
789
790         Add JSCJSValueInlines.h to fix build issues.
791
792         * platform/mock/mediasource/MockBox.cpp:
793
794 2016-06-20  Benjamin Poulain  <benjamin@webkit.org>
795
796         :default CSS pseudo-class should match checkboxes+radios with a `checked` attribute
797         https://bugs.webkit.org/show_bug.cgi?id=156230
798
799         Reviewed by Alex Christensen.
800
801         This patch update the :default pseudo class matching to be closer to the spec:
802         https://html.spec.whatwg.org/multipage/scripting.html#selector-default
803
804         The main remaining difference with the spec is the definition of "default button".
805         This is an unrelated problem that should be addressed separately.
806
807         The implementation was missing support for:
808         -input elements of type "checkbox" or "radio" with the "checked" attribute defined.
809         -option elements with the "selected" attribute defined.
810
811         The existing support for default button was pretty bad, I fixed that too.
812         The owner form now has a resetDefaultButton() API. When a Form Associated Element
813         becomes a submit button or loses that property, the element calls its form
814         to update the style as needed.
815
816         Whenever the submit button changes, 2 elements needs to have their style invalidated:
817         -The former default button.
818         -The new default button.
819         To invalidate the former button, FormElement now caches the computed
820         default button. When the default button changes, the cached value is invalidated
821         in addition to the new value.
822
823         Computing the new default button takes linear time in the number of form associated element.
824         To mitigate that, resetDefaultButton() is only called when changes are related
825         to submit buttons. Since those changes are rare, I don't expect the invalidation
826         to be a problem.
827
828         Tests: fast/css/pseudo-default-basics.html
829                fast/selectors/default-style-update.html
830
831         * css/SelectorChecker.cpp:
832         (WebCore::SelectorChecker::checkOne):
833         * css/SelectorCheckerTestFunctions.h:
834         (WebCore::matchesDefaultPseudoClass):
835         (WebCore::isDefaultButtonForForm): Deleted.
836         * cssjit/SelectorCompiler.cpp:
837         (WebCore::SelectorCompiler::addPseudoClassType):
838         * dom/Element.cpp:
839         (WebCore::Element::matchesValidPseudoClass):
840         (WebCore::Element::matchesInvalidPseudoClass):
841         (WebCore::Element::matchesDefaultPseudoClass):
842         * dom/Element.h:
843         (WebCore::Element::matchesValidPseudoClass): Deleted.
844         (WebCore::Element::matchesInvalidPseudoClass): Deleted.
845         (WebCore::Element::isDefaultButtonForForm): Deleted.
846         * html/HTMLButtonElement.cpp:
847         (WebCore::HTMLButtonElement::parseAttribute):
848         (WebCore::HTMLButtonElement::matchesDefaultPseudoClass):
849         * html/HTMLButtonElement.h:
850         * html/HTMLFormControlElement.cpp:
851         (WebCore::HTMLFormControlElement::isDefaultButtonForForm): Deleted.
852         * html/HTMLFormControlElement.h:
853         * html/HTMLFormElement.cpp:
854         (WebCore::HTMLFormElement::~HTMLFormElement):
855         (WebCore::HTMLFormElement::registerFormElement):
856         (WebCore::HTMLFormElement::removeFormElement):
857         (WebCore::HTMLFormElement::defaultButton):
858         (WebCore::HTMLFormElement::resetDefaultButton):
859         * html/HTMLFormElement.h:
860         * html/HTMLInputElement.cpp:
861         (WebCore::HTMLInputElement::updateType):
862         (WebCore::HTMLInputElement::parseAttribute):
863         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
864         * html/HTMLInputElement.h:
865         * html/HTMLOptionElement.cpp:
866         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
867         (WebCore::HTMLOptionElement::parseAttribute):
868         * html/HTMLOptionElement.h:
869         * style/StyleSharingResolver.cpp:
870         (WebCore::Style::SharingResolver::canShareStyleWithElement):
871         (WebCore::Style::canShareStyleWithControl): Deleted.
872
873 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
874
875         Focus event dispatched in iframe causes parent document to scroll incorrectly
876         https://bugs.webkit.org/show_bug.cgi?id=158629
877         rdar://problem/26521616
878
879         Reviewed by Tim Horton.
880
881         When focussing elements in iframes, the page could scroll to an incorrect location.
882         This happened because code in Element::focus() tried to disable scrolling on focus,
883         but did so only for the current frame, so ancestor frames got programmatically scrolled.
884         On iOS we handle the scrolling in the UI process, so never want the web process to
885         do programmatic scrolling.
886
887         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
888         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
889         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
890
891         Tests: fast/forms/ios/focus-input-in-iframe.html
892                fast/forms/ios/programmatic-focus-input-in-iframe.html
893
894         * dom/Document.h:
895         * dom/Element.cpp:
896         (WebCore::Element::scrollIntoView):
897         (WebCore::Element::scrollIntoViewIfNeeded):
898         (WebCore::Element::scrollIntoViewIfNotVisible):
899         (WebCore::Element::focus):
900         (WebCore::Element::updateFocusAppearance):
901         * dom/Element.h:
902         * editing/Editor.cpp:
903         (WebCore::Editor::insertTextWithoutSendingTextEvent):
904         (WebCore::Editor::revealSelectionAfterEditingOperation):
905         (WebCore::Editor::findStringAndScrollToVisible):
906         * editing/FrameSelection.cpp:
907         (WebCore::FrameSelection::updateAndRevealSelection):
908         (WebCore::FrameSelection::revealSelection):
909         (WebCore::FrameSelection::FrameSelection): Deleted.
910         * editing/FrameSelection.h:
911         * html/HTMLInputElement.cpp:
912         (WebCore::HTMLInputElement::updateFocusAppearance):
913         * html/HTMLTextAreaElement.cpp:
914         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
915         * page/ContextMenuController.cpp:
916         (WebCore::ContextMenuController::contextMenuItemSelected):
917         * page/FrameView.cpp:
918         (WebCore::FrameView::scrollToAnchor):
919         * rendering/RenderLayer.cpp:
920         (WebCore::RenderLayer::scrollRectToVisible):
921         (WebCore::RenderLayer::autoscroll):
922         * rendering/RenderLayer.h:
923         * rendering/RenderObject.cpp:
924         (WebCore::RenderObject::scrollRectToVisible):
925         * rendering/RenderObject.h:
926
927 2016-06-20  Keith Rollin  <krollin@apple.com>
928
929         Remove RefPtr::release() and change calls sites to use WTFMove()
930         https://bugs.webkit.org/show_bug.cgi?id=158369
931
932         Reviewed by Chris Dumez.
933
934         RefPtr::release() releases its managed pointer awkwardly. It's more
935         direct and clearer to use WTFMove to transfer ownership of the managed
936         pointer.
937
938         As part of this cleanup, also change a lot of explicit data types to
939         'auto'.
940
941         No new tests: there's no new functionality, just a refactoring of
942         existing code.
943
944         * Modules/mediasource/SourceBuffer.cpp:
945         (WebCore::removeSamplesFromTrackBuffer):
946         (WebCore::SourceBuffer::provideMediaData):
947         * Modules/mediastream/UserMediaRequest.cpp:
948         (WebCore::UserMediaRequest::start):
949         * Modules/webdatabase/SQLCallbackWrapper.h:
950         (WebCore::SQLCallbackWrapper::clear):
951         * bindings/js/JSDOMWindowCustom.cpp:
952         (WebCore::handlePostMessage):
953         * bindings/js/JSHistoryCustom.cpp:
954         (WebCore::JSHistory::pushState):
955         (WebCore::JSHistory::replaceState):
956         * bindings/js/JSMessagePortCustom.h:
957         (WebCore::handlePostMessage):
958         * bindings/js/ScriptControllerMac.mm:
959         (WebCore::ScriptController::createScriptInstanceForWidget):
960         * bindings/js/SerializedScriptValue.cpp:
961         (WebCore::CloneDeserializer::readTerminal):
962         * css/CSSComputedStyleDeclaration.cpp:
963         (WebCore::ComputedStyleExtractor::copyPropertiesInSet):
964         * css/SVGCSSParser.cpp:
965         (WebCore::CSSParser::parseSVGValue):
966         * css/StyleBuilderConverter.h:
967         (WebCore::StyleBuilderConverter::convertShapeValue):
968         * css/StyleProperties.cpp:
969         (WebCore::StyleProperties::copyPropertiesInSet):
970         * css/StyleResolver.cpp:
971         (WebCore::StyleResolver::loadPendingImages):
972         * dom/InlineStyleSheetOwner.cpp:
973         (WebCore::InlineStyleSheetOwner::clearSheet):
974         * editing/ApplyStyleCommand.cpp:
975         (WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
976         * editing/CompositeEditCommand.cpp:
977         (WebCore::CompositeEditCommand::removeChildrenInRange):
978         (WebCore::CompositeEditCommand::removeNodeAndPruneAncestors):
979         (WebCore::CompositeEditCommand::prune):
980         (WebCore::CompositeEditCommand::replaceSelectedTextInNode):
981         (WebCore::CompositeEditCommand::rebalanceWhitespaceOnTextSubstring):
982         * editing/CreateLinkCommand.cpp:
983         (WebCore::CreateLinkCommand::doApply):
984         * editing/EditingStyle.cpp:
985         (WebCore::EditingStyle::mergeStyle):
986         (WebCore::EditingStyle::mergeStyleFromRulesForSerialization):
987         * editing/Editor.cpp:
988         (WebCore::ClearTextCommand::CreateAndApply):
989         (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
990         * editing/EditorCommand.cpp:
991         (WebCore::executeInsertNode):
992         * editing/InsertTextCommand.cpp:
993         (WebCore::InsertTextCommand::performOverwrite):
994         (WebCore::InsertTextCommand::insertTab):
995         * editing/RemoveNodePreservingChildrenCommand.cpp:
996         (WebCore::RemoveNodePreservingChildrenCommand::doApply):
997         * editing/ReplaceSelectionCommand.cpp:
998         (WebCore::ReplacementFragment::removeNodePreservingChildren):
999         (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
1000         * html/FTPDirectoryDocument.cpp:
1001         (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate):
1002         * html/HTMLFontElement.cpp:
1003         (WebCore::HTMLFontElement::collectStyleForPresentationAttribute):
1004         * html/HTMLFormElement.cpp:
1005         (WebCore::HTMLFormElement::prepareForSubmission):
1006         * html/HTMLTableElement.cpp:
1007         (WebCore::leakBorderStyle):
1008         (WebCore::leakGroupBorderStyle):
1009         * html/parser/HTMLDocumentParser.cpp:
1010         (WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder):
1011         * html/track/InbandDataTextTrack.cpp:
1012         (WebCore::InbandDataTextTrack::addDataCue):
1013         * html/track/InbandGenericTextTrack.cpp:
1014         (WebCore::InbandGenericTextTrack::newCuesParsed):
1015         * html/track/InbandWebVTTTextTrack.cpp:
1016         (WebCore::InbandWebVTTTextTrack::newCuesParsed):
1017         * html/track/TextTrackCueList.cpp:
1018         (WebCore::TextTrackCueList::add):
1019         * inspector/InspectorCSSAgent.cpp:
1020         (WebCore::InspectorCSSAgent::getInlineStylesForNode):
1021         * inspector/InspectorDOMAgent.cpp:
1022         (WebCore::InspectorDOMAgent::pushChildNodesToFrontend):
1023         * inspector/InspectorIndexedDBAgent.cpp:
1024         * inspector/InspectorNetworkAgent.cpp:
1025         (WebCore::InspectorNetworkAgent::loadResource):
1026         * inspector/InspectorStyleSheet.cpp:
1027         (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
1028         * loader/FormSubmission.cpp:
1029         (WebCore::FormSubmission::create):
1030         * loader/FrameLoader.cpp:
1031         (WebCore::FrameLoader::loadURLIntoChildFrame):
1032         (WebCore::FrameLoader::loadURL):
1033         (WebCore::FrameLoader::loadPostRequest):
1034         * loader/ProgressTracker.cpp:
1035         (WebCore::ProgressTracker::finalProgressComplete):
1036         * loader/appcache/ApplicationCacheGroup.cpp:
1037         (WebCore::ApplicationCacheGroup::disassociateDocumentLoader):
1038         (WebCore::ApplicationCacheGroup::didFinishLoading):
1039         (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
1040         * loader/appcache/ApplicationCacheStorage.cpp:
1041         (WebCore::ApplicationCacheStorage::loadCacheGroup):
1042         (WebCore::ApplicationCacheStorage::cacheGroupForURL):
1043         (WebCore::ApplicationCacheStorage::fallbackCacheGroupForURL):
1044         (WebCore::ApplicationCacheStorage::loadCache):
1045         * loader/archive/ArchiveResourceCollection.cpp:
1046         (WebCore::ArchiveResourceCollection::popSubframeArchive):
1047         * loader/archive/cf/LegacyWebArchive.cpp:
1048         (WebCore::LegacyWebArchive::extract):
1049         (WebCore::LegacyWebArchive::create):
1050         (WebCore::LegacyWebArchive::createFromSelection):
1051         * loader/cache/CachedImage.cpp:
1052         (WebCore::CachedImage::createImage):
1053         * loader/icon/IconDatabase.cpp:
1054         (WebCore::IconDatabase::setIconDataForIconURL):
1055         (WebCore::IconDatabase::getOrCreateIconRecord):
1056         (WebCore::IconDatabase::readFromDatabase):
1057         (WebCore::IconDatabase::getImageDataForIconURLFromSQLDatabase):
1058         * page/DOMWindow.cpp:
1059         (WebCore::DOMWindow::sessionStorage):
1060         (WebCore::DOMWindow::localStorage):
1061         * page/EventHandler.cpp:
1062         (WebCore::EventHandler::updateDragAndDrop):
1063         * page/animation/CompositeAnimation.cpp:
1064         (WebCore::CompositeAnimation::updateTransitions):
1065         * page/csp/ContentSecurityPolicy.cpp:
1066         (WebCore::ContentSecurityPolicy::reportViolation):
1067         * page/mac/ServicesOverlayController.mm:
1068         (WebCore::ServicesOverlayController::createOverlayIfNeeded):
1069         (WebCore::ServicesOverlayController::determineActiveHighlight):
1070         * page/scrolling/AsyncScrollingCoordinator.h:
1071         (WebCore::AsyncScrollingCoordinator::releaseScrollingTree):
1072         * page/scrolling/ScrollingStateNode.cpp:
1073         (WebCore::ScrollingStateNode::cloneAndReset):
1074         * page/scrolling/ScrollingStateTree.cpp:
1075         (WebCore::ScrollingStateTree::attachNode):
1076         * platform/audio/HRTFElevation.cpp:
1077         (WebCore::getConcatenatedImpulseResponsesForSubject):
1078         * platform/graphics/DisplayRefreshMonitorManager.cpp:
1079         (WebCore::DisplayRefreshMonitorManager::createMonitorForClient):
1080         * platform/graphics/FontCascadeFonts.cpp:
1081         (WebCore::FontCascadeFonts::glyphDataForSystemFallback):
1082         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
1083         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings):
1084         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
1085         (WebCore::MediaSelectionGroupAVFObjC::updateOptions):
1086         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1087         (WebCore::SourceBufferPrivateAVFObjC::processCodedFrame):
1088         * platform/graphics/ca/GraphicsLayerCA.cpp:
1089         * platform/graphics/ca/PlatformCALayer.cpp:
1090         (WebCore::PlatformCALayer::createCompatibleLayerOrTakeFromPool):
1091         * platform/graphics/cg/ImageBufferDataCG.cpp:
1092         (WebCore::ImageBufferData::getData):
1093         * platform/graphics/filters/FilterEffect.cpp:
1094         (WebCore::FilterEffect::asUnmultipliedImage):
1095         (WebCore::FilterEffect::asPremultipliedImage):
1096         * platform/graphics/mac/ImageMac.mm:
1097         (WebCore::Image::loadPlatformResource):
1098         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1099         (WebCore::GraphicsContext3D::createForCurrentGLContext):
1100         (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
1101         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
1102         (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
1103         * platform/mock/MockRealtimeMediaSourceCenter.cpp:
1104         (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints):
1105         (WebCore::MockRealtimeMediaSourceCenter::createMediaStream):
1106         * platform/network/BlobRegistryImpl.cpp:
1107         (WebCore::BlobRegistryImpl::registerBlobURL):
1108         (WebCore::BlobRegistryImpl::registerBlobURLForSlice):
1109         * platform/network/ResourceHandle.cpp:
1110         (WebCore::ResourceHandle::create):
1111         * platform/network/cf/FormDataStreamCFNet.cpp:
1112         (WebCore::formCreate):
1113         * platform/text/BidiContext.cpp:
1114         (WebCore::BidiContext::copyStackRemovingUnicodeEmbeddingContexts):
1115         * rendering/FilterEffectRenderer.cpp:
1116         (WebCore::FilterEffectRenderer::build):
1117         * rendering/RenderLayer.cpp:
1118         (WebCore::RenderLayer::createScrollbar):
1119         * rendering/RenderListBox.cpp:
1120         (WebCore::RenderListBox::createScrollbar):
1121         * rendering/RenderMenuList.cpp:
1122         (RenderMenuList::createScrollbar):
1123         * rendering/RenderSearchField.cpp:
1124         (WebCore::RenderSearchField::createScrollbar):
1125         * replay/ReplayController.cpp:
1126         (WebCore::ReplayController::unloadSegment):
1127         * svg/SVGFEDiffuseLightingElement.cpp:
1128         (WebCore::SVGFEDiffuseLightingElement::build):
1129         * svg/SVGFESpecularLightingElement.cpp:
1130         (WebCore::SVGFESpecularLightingElement::build):
1131         * svg/properties/SVGListProperty.h:
1132         (WebCore::SVGListProperty::getItemValuesAndWrappers):
1133         (WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
1134         (WebCore::SVGListProperty::removeItemValuesAndWrappers):
1135         * workers/WorkerThread.cpp:
1136         (WebCore::WorkerThread::workerThread):
1137         * xml/XMLHttpRequest.cpp:
1138         (WebCore::XMLHttpRequest::internalAbort):
1139         * xml/XPathStep.cpp:
1140         (WebCore::XPath::Step::nodesInAxis):
1141
1142 2016-06-20  Eric Carlson  <eric.carlson@apple.com>
1143
1144         Crash in PlatformMediaSession::clientWillPausePlayback
1145         https://bugs.webkit.org/show_bug.cgi?id=158953
1146         <rdar://problem/26121125>
1147
1148         Reviewed by Jer Noble.
1149
1150         No new tests, I have not been able to reproduce this in a test.
1151
1152         * html/HTMLMediaElement.cpp:
1153         (WebCore::HTMLMediaElement::stop): Ref the element before calling stopWithoutDestroyingMediaPlayer
1154           because updatePlaybackControlsManager can release the last reference and cause the
1155           destructor to be called.
1156         (WebCore::HTMLMediaElement::suspend): Ditto.
1157
1158 2016-06-20  Alex Christensen  <achristensen@webkit.org>
1159
1160         Clean up ResourceResponseBase after r201943
1161         https://bugs.webkit.org/show_bug.cgi?id=158706
1162
1163         Reviewed by Michael Catanzaro.
1164
1165         * platform/network/ResourceResponseBase.cpp:
1166         (WebCore::ResourceResponseBase::ResourceResponseBase):
1167         (WebCore::ResourceResponseBase::asResourceResponse): Deleted.
1168         * platform/network/ResourceResponseBase.h:
1169         (WebCore::ResourceResponseBase::platformCompare):
1170
1171 2016-06-20  Joseph Pecoraro  <pecoraro@apple.com>
1172
1173         Web Inspector: console.profile should use the new Sampling Profiler
1174         https://bugs.webkit.org/show_bug.cgi?id=153499
1175         <rdar://problem/24352431>
1176
1177         Reviewed by Timothy Hatcher.
1178
1179         Test: inspector/timeline/setInstruments-programmatic-capture.html
1180
1181         * inspector/InspectorTimelineAgent.cpp:
1182         (WebCore::InspectorTimelineAgent::startFromConsole):
1183         (WebCore::InspectorTimelineAgent::stopFromConsole):
1184         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
1185         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
1186         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
1187         (WebCore::InspectorTimelineAgent::toggleInstruments):
1188         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
1189         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
1190         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
1191         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
1192         * inspector/InspectorTimelineAgent.h:
1193         Web implementation of console.profile/profileEnd.
1194         Make helpers for startings / stopping instruments.
1195
1196 2016-06-20  Andreas Kling  <akling@apple.com>
1197
1198         When navigating, discard decoded image data that is only live due to page cache.
1199         <https://webkit.org/b/158941>
1200
1201         Reviewed by Antti Koivisto.
1202
1203         A resource is "live" if it's currently in use by a web page, and "dead" if it's
1204         only kept alive by the memory cache.
1205
1206         This patch adds a mechanism that looks at CachedImage resources to see if all the
1207         clients that make them appear "live" are actually pages in the page cache.
1208
1209         If so, we let the "jettison expensive objects on top-level navigation" mechanism
1210         discard the decoded data for such half-live images. This can reduce the peak
1211         memory usage during navigations quite a bit.
1212
1213         * loader/FrameLoader.cpp:
1214         (WebCore::FrameLoader::commitProvisionalLoad): Move the call to MemoryPressureHandler
1215         before we add the outgoing page to the page cache. This allows the jettisoning code
1216         to make decisions based on which pages were cached *before* the navigation.
1217
1218         * loader/cache/CachedImageClient.h:
1219         (WebCore::CachedImageClient::inPageCache):
1220         * loader/ImageLoader.h:
1221         * loader/ImageLoader.cpp:
1222         (WebCore::ImageLoader::inPageCache):
1223         * rendering/RenderObject.h:
1224         (WebCore::RenderObject::inPageCache): Added a CachedImageClient::inPageCache() virtual
1225         to determine which clients are currently in page cache (answered by their Document.)
1226
1227         * loader/cache/CachedImage.h:
1228         * loader/cache/CachedImage.cpp:
1229         (WebCore::CachedImage::areAllClientsInPageCache): Walks all CachedImageClient clients
1230         and returns true if all of them are inPageCache().
1231
1232         * platform/MemoryPressureHandler.cpp:
1233         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
1234         Walk all the known CachedImages and nuke decoded data for those that have some but
1235         are only considered live due to clients in the page cache.
1236
1237 2016-06-20  Chris Dumez  <cdumez@apple.com>
1238
1239         Unreviewed, fix post-landing review comment from Darin on r202188.
1240
1241         * platform/network/CacheValidation.cpp:
1242         (WebCore::parseCacheHeader):
1243
1244 2016-06-19  Antti Koivisto  <antti@apple.com>
1245
1246         Updating class name of a shadow host does not update the style applied by :host()
1247         https://bugs.webkit.org/show_bug.cgi?id=158900
1248         <rdar://problem/26883707>
1249
1250         Reviewed by Simon Fraser.
1251
1252         Test: fast/shadow-dom/shadow-host-style-update.html
1253
1254         Teach style invalidation optimization code about :host.
1255
1256         * style/AttributeChangeInvalidation.cpp:
1257         (WebCore::Style::mayBeAffectedByHostStyle):
1258         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
1259         * style/ClassChangeInvalidation.cpp:
1260         (WebCore::Style::computeClassChange):
1261         (WebCore::Style::mayBeAffectedByHostStyle):
1262         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
1263         * style/IdChangeInvalidation.cpp:
1264         (WebCore::Style::mayBeAffectedByHostStyle):
1265         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
1266
1267 2016-06-19  Gavin & Ellie Barraclough  <barraclough@apple.com>
1268
1269         Remove hasStaticPropertyTable (part 5: done!)
1270         https://bugs.webkit.org/show_bug.cgi?id=158431
1271
1272         Reviewed by Chris Dumez.
1273
1274         * bindings/scripts/CodeGeneratorJS.pm:
1275         (GenerateHeader):
1276             - remove hasStaticPropertyTable.
1277         * bindings/scripts/test/JS/JSInterfaceName.h:
1278         (WebCore::JSInterfaceName::create):
1279         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
1280         (WebCore::JSTestActiveDOMObject::create):
1281         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
1282         (WebCore::JSTestClassWithJSBuiltinConstructor::create):
1283         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
1284         (WebCore::JSTestCustomConstructorWithNoInterfaceObject::create):
1285         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
1286         (WebCore::JSTestCustomNamedGetter::create):
1287         * bindings/scripts/test/JS/JSTestEventConstructor.h:
1288         (WebCore::JSTestEventConstructor::create):
1289         * bindings/scripts/test/JS/JSTestEventTarget.h:
1290         (WebCore::JSTestEventTarget::create):
1291         * bindings/scripts/test/JS/JSTestException.h:
1292         (WebCore::JSTestException::create):
1293         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
1294         (WebCore::JSTestGenerateIsReachable::create):
1295         * bindings/scripts/test/JS/JSTestGlobalObject.h:
1296         * bindings/scripts/test/JS/JSTestInterface.h:
1297         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
1298         (WebCore::JSTestJSBuiltinConstructor::create):
1299         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
1300         (WebCore::JSTestMediaQueryListListener::create):
1301         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
1302         (WebCore::JSTestNamedConstructor::create):
1303         * bindings/scripts/test/JS/JSTestNode.h:
1304         * bindings/scripts/test/JS/JSTestNondeterministic.h:
1305         (WebCore::JSTestNondeterministic::create):
1306         * bindings/scripts/test/JS/JSTestObj.h:
1307         (WebCore::JSTestObj::create):
1308         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
1309         (WebCore::JSTestOverloadedConstructors::create):
1310         * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
1311         (WebCore::JSTestOverrideBuiltins::create):
1312         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
1313         (WebCore::JSTestSerializedScriptValueInterface::create):
1314         * bindings/scripts/test/JS/JSTestTypedefs.h:
1315         (WebCore::JSTestTypedefs::create):
1316         * bindings/scripts/test/JS/JSattribute.h:
1317         (WebCore::JSattribute::create):
1318         * bindings/scripts/test/JS/JSreadonly.h:
1319         (WebCore::JSreadonly::create):
1320
1321 2016-06-19  Youenn Fablet  <youenn.fablet@crf.canon.fr>
1322
1323         The JSBuiltinConstructor feature can't handle a JS interface extending an other JS interface
1324         https://bugs.webkit.org/show_bug.cgi?id=158834
1325
1326         Reviewed by Eric Carlson.
1327
1328         No change of behavior.
1329
1330         * bindings/scripts/CodeGeneratorJS.pm:
1331         (GenerateHeader): Explicitly setting DOMWrapped type definition from
1332         JSXX class deriving from another JSYY class.
1333         * bindings/scripts/test/JS/JSTestEventTarget.h: Rebased.
1334         * bindings/scripts/test/JS/JSTestNode.h: Ditto.
1335
1336 2016-06-18  Antti Koivisto  <antti@apple.com>
1337
1338         Use time literals in WebCore
1339         https://bugs.webkit.org/show_bug.cgi?id=158905
1340
1341         Reviewed by Andreas Kling.
1342
1343         std::chrono::milliseconds(1) -> 1ms etc.
1344
1345         * dom/Document.cpp:
1346         (WebCore::Document::minimumLayoutDelay):
1347         (WebCore::Document::elapsedTime):
1348         * fileapi/FileReader.cpp:
1349         (WebCore::FileReader::create):
1350         * inspector/InspectorOverlay.cpp:
1351         (WebCore::InspectorOverlay::showPaintRect):
1352         * loader/CrossOriginPreflightResultCache.cpp:
1353         (WebCore::CrossOriginPreflightResultCache::CrossOriginPreflightResultCache):
1354         * loader/ProgressTracker.cpp:
1355         (WebCore::ProgressTracker::progressStarted):
1356         * loader/cache/CachedResource.cpp:
1357         (WebCore::CachedResource::freshnessLifetime):
1358         * page/ChromeClient.h:
1359         * page/DOMTimer.cpp:
1360         (WebCore::DOMTimer::intervalClampedToMinimum):
1361         (WebCore::DOMTimer::alignedFireTime):
1362         * page/DOMTimer.h:
1363         * page/FrameView.cpp:
1364         (WebCore::FrameView::scrollPositionChanged):
1365         * page/ResourceUsageThread.cpp:
1366         (WebCore::ResourceUsageThread::threadBody):
1367         * page/Settings.cpp:
1368         (WebCore::Settings::Settings):
1369         * page/mac/ServicesOverlayController.mm:
1370         (WebCore::ServicesOverlayController::remainingTimeUntilHighlightShouldBeShown):
1371         * platform/graphics/FontCache.cpp:
1372         (WebCore::FontCache::fontForFamily):
1373         * platform/network/CacheValidation.cpp:
1374         (WebCore::computeCurrentAge):
1375         (WebCore::computeFreshnessLifetimeForHTTPFamily):
1376
1377 2016-06-17  Benjamin Poulain  <benjamin@webkit.org>
1378
1379         :indeterminate pseudo-class should match radios whose group has no checked radio
1380         https://bugs.webkit.org/show_bug.cgi?id=156270
1381
1382         Reviewed by Simon Fraser.
1383
1384         The pseudo-class ":indeterminate" is supposed to match radio buttons
1385         for which the entire group has no checked button.
1386         Spec: https://html.spec.whatwg.org/#pseudo-classes:selector-indeterminate
1387
1388         The change is straightforward with one non-obvious choice:
1389         I added matchesIndeterminatePseudoClass() in addition to shouldAppearIndeterminate().
1390
1391         The reason is shouldAppearIndeterminate() is used for styling and AX of elements
1392         with an indeterminate states (check boxes and progress element). There is no such
1393         UI for radio boxes.
1394         I could have extended shouldAppearIndeterminate() to radio box
1395         then filter out this case in RenderTheme. The problem is doing that would also requires
1396         changes to the repaint logic to match :indeterminate. It seemed overkill to me to
1397         change repaint() for a case that is never used in practice.
1398
1399         Tests: fast/css/pseudo-indeterminate-radio-buttons-basics.html
1400                fast/css/pseudo-indeterminate-with-radio-buttons-style-invalidation.html
1401                fast/selectors/detached-radio-button-checked-and-indeterminate-states.html
1402                fast/selectors/pseudo-indeterminate-with-radio-buttons-style-update.html
1403
1404         * css/SelectorCheckerTestFunctions.h:
1405         (WebCore::shouldAppearIndeterminate):
1406         * dom/Element.cpp:
1407         (WebCore::Element::matchesIndeterminatePseudoClass):
1408         * dom/Element.h:
1409         * dom/RadioButtonGroups.cpp:
1410         (WebCore::RadioButtonGroup::setCheckedButton):
1411         (WebCore::RadioButtonGroup::updateCheckedState):
1412         (WebCore::RadioButtonGroup::remove):
1413         (WebCore::RadioButtonGroup::setNeedsStyleRecalcForAllButtons):
1414         (WebCore::RadioButtonGroups::hasCheckedButton):
1415         * dom/RadioButtonGroups.h:
1416         * html/CheckboxInputType.cpp:
1417         (WebCore::CheckboxInputType::matchesIndeterminatePseudoClass):
1418         (WebCore::CheckboxInputType::shouldAppearIndeterminate):
1419         (WebCore::CheckboxInputType::supportsIndeterminateAppearance): Deleted.
1420         * html/CheckboxInputType.h:
1421         * html/HTMLInputElement.cpp:
1422         (WebCore::HTMLInputElement::setChecked):
1423         (WebCore::HTMLInputElement::matchesIndeterminatePseudoClass):
1424         (WebCore::HTMLInputElement::shouldAppearIndeterminate):
1425         (WebCore::HTMLInputElement::radioButtonGroups):
1426         * html/HTMLInputElement.h:
1427         * html/InputType.cpp:
1428         (WebCore::InputType::matchesIndeterminatePseudoClass):
1429         (WebCore::InputType::shouldAppearIndeterminate):
1430         (WebCore::InputType::supportsIndeterminateAppearance): Deleted.
1431         * html/InputType.h:
1432         * html/RadioInputType.cpp:
1433         (WebCore::RadioInputType::matchesIndeterminatePseudoClass):
1434         (WebCore::RadioInputType::willDispatchClick): Deleted.
1435         (WebCore::RadioInputType::didDispatchClick): Deleted.
1436         (WebCore::RadioInputType::supportsIndeterminateAppearance): Deleted.
1437         The iOS specific code is just plain wrong.
1438         It was changing the indeterminate state of the input element.
1439         The spec clearly says that state is only used by checkbox:
1440         https://html.spec.whatwg.org/#dom-input-indeterminate
1441
1442         Moreover, the style update would not change the indeterminate state
1443         of other buttons in the Button Group, which is just bizarre.
1444         RenderThemeIOS does not make use of any of this with the current style.
1445
1446         * html/RadioInputType.h:
1447         * style/StyleSharingResolver.cpp:
1448         (WebCore::Style::SharingResolver::canShareStyleWithElement):
1449         (WebCore::Style::canShareStyleWithControl): Deleted.
1450         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes): Deleted.
1451         Style sharing is unified behind the selector matching which is neat.
1452
1453 2016-06-17  Commit Queue  <commit-queue@webkit.org>
1454
1455         Unreviewed, rolling out r202152.
1456         https://bugs.webkit.org/show_bug.cgi?id=158897
1457
1458         The new test is very unstable, timing out frequently
1459         (Requested by ap on #webkit).
1460
1461         Reverted changeset:
1462
1463         "Web Inspector: console.profile should use the new Sampling
1464         Profiler"
1465         https://bugs.webkit.org/show_bug.cgi?id=153499
1466         http://trac.webkit.org/changeset/202152
1467
1468 2016-06-17  Commit Queue  <commit-queue@webkit.org>
1469
1470         Unreviewed, rolling out r202068, r202115, and r202128.
1471         https://bugs.webkit.org/show_bug.cgi?id=158896
1472
1473         The new test is very unstable, timing out frequently
1474         (Requested by ap on #webkit).
1475
1476         Reverted changesets:
1477
1478         "decompose4 return value is unchecked, leading to potentially
1479         uninitialized data."
1480         https://bugs.webkit.org/show_bug.cgi?id=158761
1481         http://trac.webkit.org/changeset/202068
1482
1483         "[mac] LayoutTest transforms/undecomposable.html is a flaky
1484         timeout"
1485         https://bugs.webkit.org/show_bug.cgi?id=158816
1486         http://trac.webkit.org/changeset/202115
1487
1488         "[mac] LayoutTest transforms/undecomposable.html is a flaky
1489         timeout"
1490         https://bugs.webkit.org/show_bug.cgi?id=158816
1491         http://trac.webkit.org/changeset/202128
1492
1493 2016-06-17  Chris Fleizach  <cfleizach@apple.com>
1494
1495         AX: HTML indeterminate IDL attribute not mapped to checkbox value=2 for native checkboxes
1496         https://bugs.webkit.org/show_bug.cgi?id=158876
1497         <rdar://problem/26842619>
1498
1499         Reviewed by Joanmarie Diggs.
1500
1501         The indeterminate state was not being reported for native checkboxes. 
1502
1503         Also the isIndeterminate() method was relying on whether the appearance changed, which does not happen on Mac, so that
1504         was not being reported correctly. Changed that to check the actual attribute.
1505
1506         Test: accessibility/checkbox-mixed-value.html
1507
1508         * accessibility/AccessibilityNodeObject.cpp:
1509         (WebCore::AccessibilityNodeObject::isIndeterminate):
1510         (WebCore::AccessibilityNodeObject::isPressed):
1511         (WebCore::AccessibilityNodeObject::checkboxOrRadioValue):
1512         * accessibility/AccessibilityObject.cpp:
1513         (WebCore::AccessibilityObject::checkboxOrRadioValue):
1514
1515 2016-06-17  Dean Jackson  <dino@apple.com>
1516
1517         REGRESSION (r199819): CrashTracer: [GraphicsContext3D::getInternalFramebufferSize
1518         https://bugs.webkit.org/show_bug.cgi?id=158895
1519         <rdar://problem/26423617>
1520
1521         Reviewed by Zalan Bujtas.
1522
1523         In r199819 we started resetting contexts if the page had too
1524         many. Unfortunately there were entry points in the WebGL context
1525         that didn't check for the validity of the object before trying
1526         to access the lower level objects.
1527
1528         Test: webgl/many-contexts-access-after-loss.html
1529
1530         * html/canvas/WebGLRenderingContextBase.cpp:
1531         (WebCore::WebGLRenderingContextBase::drawingBufferWidth): Return 0 if we're lost.
1532         (WebCore::WebGLRenderingContextBase::drawingBufferHeight): Ditto.
1533
1534 2016-06-17  Daniel Bates  <dabates@apple.com>
1535
1536         Unreviewed, rolling out r202186.
1537
1538         Broke the Apple Windows, Apple Yosemite, GTK, and WinCairo
1539         builds.
1540
1541         Reverted changeset:
1542
1543         "File scheme should not allow access of a resource on a
1544         different volume."
1545         https://bugs.webkit.org/show_bug.cgi?id=158552
1546         http://trac.webkit.org/changeset/202186
1547
1548 2016-06-17  Daniel Bates  <dabates@apple.com>
1549
1550         Unreviewed, rolling out r202187.
1551
1552         202186
1553
1554         Reverted changeset:
1555
1556         "Unreviewed clean-up after r202186."
1557         http://trac.webkit.org/changeset/202187
1558
1559 2016-06-17  Chris Dumez  <cdumez@apple.com>
1560
1561         Optimize parseCacheHeader() by using StringView
1562         https://bugs.webkit.org/show_bug.cgi?id=158891
1563
1564         Reviewed by Darin Adler.
1565
1566         Optimize parseCacheHeader() and avoid some temporary String allocations
1567         by using StringView. We now strip the whitespaces in the input string
1568         at the beginning of the function, at the same as as we strip the
1569         control characters. We are then able to leverage StringView in the
1570         rest of the function to get substrings without the need for extra
1571         String allocations.
1572
1573         * platform/network/CacheValidation.cpp:
1574         (WebCore::isControlCharacterOrSpace):
1575         (WebCore::trimToNextSeparator):
1576         (WebCore::parseCacheHeader):
1577
1578 2016-06-17  Brent Fulgham  <bfulgham@apple.com>
1579
1580         Unreviewed clean-up after r202186.
1581
1582         * platform/FileSystem.cpp:
1583         (WebCore::filesHaveSameVolume): Don't use C-style formatting.
1584
1585 2016-06-17  Pranjal Jumde  <pjumde@apple.com>
1586
1587         File scheme should not allow access of a resource on a different volume.
1588         https://bugs.webkit.org/show_bug.cgi?id=158552
1589         <rdar://problem/15307582>
1590
1591         Reviewed by Brent Fulgham.
1592
1593         Tests: Tools/TestWebKitAPI/Tests/mac/CrossPartitionFileSchemeAccess.mm
1594
1595         * page/SecurityOrigin.cpp:
1596         (WebCore::SecurityOrigin::canDisplay):
1597         * platform/FileSystem.cpp:
1598         (WebCore::platformFileStat):
1599         (WebCore::filesHaveSameVolume):
1600         Returns true if the files are on the same volume
1601         * platform/FileSystem.h:
1602
1603 2016-06-17  Antoine Quint  <graouts@apple.com>
1604
1605         Web video playback controls should have RTL volume slider
1606         https://bugs.webkit.org/show_bug.cgi?id=158856
1607         <rdar://problem/25971769>
1608
1609         Reviewed by Tim Horton.
1610
1611         We reproduce the system used to propagate the page scale factor from the WebPage to the media controls to
1612         propagate the user interface layout direction.
1613
1614         The Page exposes a new setUserInterfaceLayoutDirection() method which is set by the WebPage. The Page
1615         then notifies the Document of a change, which propagates down to registered media elements, and finally sets
1616         the usesLTRUserInterfaceLayoutDirection property on the media controller object in the injected JavaScript.
1617         Based on the value of that property we toggle a new .uses-ltr-user-interface-layout-direction CSS class on the
1618         .volume-box which applies a translate to the right and flips the volume controls on the x axis.
1619
1620         Since we're setting a new JS property from HTMLMediaController, we refactor much of the code out of the existing
1621         pageScaleFactorChanged() and setPageScaleFactorProperty() into the new setControllerJSProperty() method so that
1622         can easily set a named JS property with a given JSValue.
1623
1624         For testing purposes, we expose the WebCore::Page::setUserInterfaceLayoutDirection() method through Internals.
1625
1626         Test: fullscreen/video-controls-rtl.html
1627
1628         * Modules/mediacontrols/mediaControlsApple.css:
1629         (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box:not(.uses-ltr-user-interface-layout-direction)):
1630         * Modules/mediacontrols/mediaControlsApple.js:
1631         (Controller.prototype.set usesLTRUserInterfaceLayoutDirection):
1632         * WebCore.xcodeproj/project.pbxproj:
1633         * dom/Document.cpp:
1634         (WebCore::Document::registerForUserInterfaceLayoutDirectionChangedCallbacks):
1635         (WebCore::Document::unregisterForUserInterfaceLayoutDirectionChangedCallbacks):
1636         (WebCore::Document::userInterfaceLayoutDirectionChanged):
1637         * dom/Document.h:
1638         * html/HTMLMediaElement.cpp:
1639         (WebCore::HTMLMediaElement::registerWithDocument):
1640         (WebCore::HTMLMediaElement::unregisterWithDocument):
1641         (WebCore::HTMLMediaElement::updatePageScaleFactorJSProperty):
1642         (WebCore::HTMLMediaElement::updateUsesLTRUserInterfaceLayoutDirectionJSProperty):
1643         (WebCore::HTMLMediaElement::setControllerJSProperty):
1644         (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
1645         (WebCore::HTMLMediaElement::pageScaleFactorChanged):
1646         (WebCore::HTMLMediaElement::userInterfaceLayoutDirectionChanged):
1647         (WebCore::setPageScaleFactorProperty): Deleted.
1648         * html/HTMLMediaElement.h:
1649         * page/Page.cpp:
1650         (WebCore::Page::setUserInterfaceLayoutDirection):
1651         * page/Page.h:
1652         (WebCore::Page::userInterfaceLayoutDirection):
1653         * platform/UserInterfaceLayoutDirection.h: Renamed from Source/WebKit2/UIProcess/UserInterfaceLayoutDirection.h.
1654         * testing/Internals.cpp:
1655         (WebCore::Internals::setUserInterfaceLayoutDirection):
1656         * testing/Internals.h:
1657         * testing/Internals.idl:
1658
1659 2016-06-17  Chris Dumez  <cdumez@apple.com>
1660
1661         TouchEvent should have a constructor
1662         https://bugs.webkit.org/show_bug.cgi?id=158883
1663         <rdar://problem/26063585>
1664
1665         Reviewed by Benjamin Poulain.
1666
1667         TouchEvent should have a constructor:
1668         - https://w3c.github.io/touch-events/#touchevent-interface
1669
1670         Chrome already ships this:
1671         - https://bugs.chromium.org/p/chromium/issues/detail?id=508675
1672
1673         Test: fast/events/touch/touch-event-constructor.html
1674
1675         * bindings/js/JSDictionary.cpp:
1676         (WebCore::JSDictionary::convertValue):
1677         * bindings/js/JSDictionary.h:
1678         * dom/TouchEvent.cpp:
1679         (WebCore::TouchEvent::TouchEvent):
1680         * dom/TouchEvent.h:
1681         * dom/TouchEvent.idl:
1682
1683 2016-06-17  Zalan Bujtas  <zalan@apple.com>
1684
1685         Potential null dereferencing on a detached positioned renderer.
1686         https://bugs.webkit.org/show_bug.cgi?id=158879
1687
1688         Reviewed by Simon Fraser.
1689
1690         This patch fixes the case when the while loop to search for the absolute positioned ancestor
1691         returns null (it happens when positioned renderer has been detached from the render tree).
1692
1693         Speculative fix.
1694
1695         * rendering/RenderBlock.cpp:
1696         (WebCore::RenderBlock::markFixedPositionObjectForLayoutIfNeeded):
1697         * rendering/RenderBlock.h:
1698
1699 2016-06-17  Chris Dumez  <cdumez@apple.com>
1700
1701         URL hash setter does not remove fragment identifier if argument is an empty string
1702         https://bugs.webkit.org/show_bug.cgi?id=158869
1703         <rdar://problem/26863430>
1704
1705         Reviewed by Darin Adler.
1706
1707         URL hash setter and URLUtils hash setter should remove the fragment identifier
1708         if set to "#" or "":
1709         - https://url.spec.whatwg.org/#dom-url-hash
1710         - https://html.spec.whatwg.org/multipage/semantics.html#dom-hyperlink-hash
1711
1712         This patch aligns our behavior with the specification and with other browsers
1713         (tested Firefox and Chrome).
1714
1715         This patch also updates HTMLAnchorElement to inherit URLUtils to avoid code
1716         duplication. HTMLAnchorElement already implements URLUtils in the IDL, as per
1717         the specification:
1718         - https://html.spec.whatwg.org/multipage/semantics.html#htmlanchorelement
1719
1720         No new tests, rebaselined existing tests.
1721
1722         * html/HTMLAnchorElement.cpp:
1723         (WebCore::HTMLAnchorElement::origin): Deleted.
1724         (WebCore::HTMLAnchorElement::text): Deleted.
1725         (WebCore::HTMLAnchorElement::setText): Deleted.
1726         (WebCore::HTMLAnchorElement::toString): Deleted.
1727         (WebCore::HTMLAnchorElement::isLiveLink): Deleted.
1728         (WebCore::HTMLAnchorElement::sendPings): Deleted.
1729         (WebCore::HTMLAnchorElement::handleClick): Deleted.
1730         (WebCore::HTMLAnchorElement::eventType): Deleted.
1731         (WebCore::HTMLAnchorElement::treatLinkAsLiveForEventType): Deleted.
1732         (WebCore::isEnterKeyKeydownEvent): Deleted.
1733         (WebCore::shouldProhibitLinks): Deleted.
1734         (WebCore::HTMLAnchorElement::willRespondToMouseClickEvents): Deleted.
1735         (WebCore::rootEditableElementMap): Deleted.
1736         (WebCore::HTMLAnchorElement::rootEditableElementForSelectionOnMouseDown): Deleted.
1737         (WebCore::HTMLAnchorElement::clearRootEditableElementForSelectionOnMouseDown): Deleted.
1738         (WebCore::HTMLAnchorElement::setRootEditableElementForSelectionOnMouseDown): Deleted.
1739         * html/HTMLAnchorElement.h:
1740         (WebCore::HTMLAnchorElement::invalidateCachedVisitedLinkHash): Deleted.
1741         * html/URLUtils.h:
1742         (WebCore::URLUtils<T>::setHash):
1743
1744 2016-06-17  John Wilander  <wilander@apple.com>
1745
1746         Ignore case in the check for security origin inheritance
1747         https://bugs.webkit.org/show_bug.cgi?id=158878
1748
1749         Reviewed by Alex Christensen.
1750
1751         Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
1752         "Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII 
1753         case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for 
1754         those two lines instead of using ==. URL::parse normalizes letters in the scheme 
1755         and host by using toASCIILower, but does not normalize letters elsewhere in the 
1756         URL, such as in the "blank" or "srcdoc" in the above URLs."
1757
1758         Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
1759
1760         * platform/URL.cpp:
1761         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
1762
1763 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
1764
1765         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
1766         https://bugs.webkit.org/show_bug.cgi?id=158868
1767
1768         Reviewed by Alex Christensen.
1769
1770         Fix compilation errors in Node.cpp when we enable DUMP_NODE_STATISTICS
1771
1772         * dom/Node.cpp:
1773         (WebCore::Node::dumpStatistics):
1774
1775 2016-06-17  Per Arne Vollan  <pvollan@apple.com>
1776
1777         [Win] Scrolling in popup menu scrolls past last entry.
1778         https://bugs.webkit.org/show_bug.cgi?id=158870
1779
1780         Reviewed by Brent Fulgham.
1781
1782         When the popup has a scrollbar, the content size is not equal to the popup window size.
1783   
1784         * platform/win/PopupMenuWin.cpp:
1785         (WebCore::PopupMenuWin::contentsSize):
1786
1787 2016-06-17  Frederic Wang  <fwang@igalia.com>
1788
1789         Refactor RenderMathMLRoot layout function to avoid using flexbox
1790         https://bugs.webkit.org/show_bug.cgi?id=153987
1791
1792         Reviewed by Brent Fulgham.
1793
1794         No new tests, already covered by existing tests.
1795         A case for RTL root has been added to roots.xhtml.
1796
1797         We reimplement RenderMathMLRoot without any flexbox or anonymous.
1798         The anonymous RenderMathMLRadicalOperator used to draw the radical sign is replaced with
1799         the MathOperator class introduced in bug 152244.
1800         msqrt (row of children under a square root) is now implemented directly in RenderMathMLRoot,
1801         so RenderMathMLSquareRoot is removed and RenderMathMLRoot now inherits from RenderMathMLRow.
1802
1803         * CMakeLists.txt: Remove files for RenderMathMLRadicalOperator and RenderMathMLSquareRoot.
1804         * WebCore.xcodeproj/project.pbxproj: ditto.
1805         * accessibility/AccessibilityRenderObject.cpp: Update code now that we do not use any
1806         radical wrappers.
1807         (WebCore::AccessibilityRenderObject::isMathRow): Now that RenderMathMLRoot inherits from
1808         RenderMathMLRow, we must exclude MathRoot or otherwise some accessibility code may treat
1809         roots as rows.
1810         (WebCore::AccessibilityRenderObject::mathRadicandObject): Return the first child for
1811         Root/SquareRoot or nullptr.
1812         (WebCore::AccessibilityRenderObject::mathRootIndexObject): Return the second child for
1813         Root and nullptr for SquareRoot.
1814         * mathml/MathMLInlineContainerElement.cpp:
1815         (WebCore::MathMLInlineContainerElement::childrenChanged): We no longer need a special case
1816         for msqrt, it is treated as a normal RenderMathMLRow.
1817         (WebCore::MathMLInlineContainerElement::createElementRenderer): Make msqrt create a
1818         RenderMathMLRoot object.
1819         * rendering/RenderObject.h:
1820         (WebCore::RenderObject::isRenderMathMLRadicalOperator): Deleted.
1821         * rendering/mathml/RenderMathMLBlock.cpp:
1822         (WebCore::RenderMathMLBlock::mirrorIfNeeded): New function to mirror a child horizontal
1823         offset according to the parent width.
1824         (WebCore::RenderMathMLBlock::renderName):
1825         * rendering/mathml/RenderMathMLBlock.h:
1826         (WebCore::RenderMathMLBlock::mirrorIfNeeded): Moved from RenderMathMLScripts, just forward
1827         call to the other mirrorIfNeeded function.
1828         * rendering/mathml/RenderMathMLOperator.cpp: We no longer need this trailingSpaceError hack.
1829         (WebCore::RenderMathMLOperator::trailingSpaceError): Deleted.
1830         * rendering/mathml/RenderMathMLOperator.h: ditto.
1831         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Removed. The radical sign is now drawn
1832         with a MathOperator.
1833         * rendering/mathml/RenderMathMLRadicalOperator.h: Removed.
1834         * rendering/mathml/RenderMathMLRoot.cpp: Complete refactoring to avoid using flexbox and
1835         anonymous wrappers.
1836         (WebCore::RenderMathMLRoot::RenderMathMLRoot): Set m_kind parameters to distinguish between
1837         square root and general root and set the MathOperator member to draw the radical sign.
1838         (WebCore::RenderMathMLRoot::isValid): Helper function to verify whether the child list is valid.
1839         (WebCore::RenderMathMLRoot::getBase): Get the base of an mroot.
1840         (WebCore::RenderMathMLRoot::getIndex): Get the index of an mroot.
1841         (WebCore::RenderMathMLRoot::styleDidChange): Be sure to keep the style of the
1842         MathOperator in sync with ours ; no need to skip empty roots.
1843         (WebCore::RenderMathMLRoot::updateFromElement): Call the function from the new parent class ;
1844         no need to skip empty roots.
1845         (WebCore::RenderMathMLRoot::updateStyle): Remove the isEmpty ASSERT as it is valid to have
1846         empty square root. Set the m_kernBeforeDegree, m_kernBeforeDegree members.
1847         No need to set style for anonymous.
1848         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths): Implement this function.
1849         (WebCore::RenderMathMLRoot::layoutBlock): Implement this function.
1850         (WebCore::RenderMathMLRoot::paintChildren): Implement this function.
1851         (WebCore::RenderMathMLRoot::paint): Remove the trailingSpaceError hack ;
1852         paint the radical sign via MathOperator::paint
1853         (WebCore::RenderMathMLRoot::baseWrapper): Deleted.
1854         (WebCore::RenderMathMLRoot::radicalWrapper): Deleted.
1855         (WebCore::RenderMathMLRoot::indexWrapper): Deleted.
1856         (WebCore::RenderMathMLRoot::radicalOperator): Deleted.
1857         (WebCore::RenderMathMLRoot::restructureWrappers): Deleted.
1858         (WebCore::RenderMathMLRoot::addChild): Deleted.
1859         (WebCore::RenderMathMLRoot::firstLineBaseline): Deleted.
1860         (WebCore::RenderMathMLRoot::layout): Deleted.
1861         (WebCore::RenderMathMLRootWrapper::createAnonymousWrapper): Deleted.
1862         (WebCore::RenderMathMLRootWrapper::removeChildWithoutRestructuring): Deleted.
1863         (WebCore::RenderMathMLRootWrapper::removeChild): Deleted.
1864         * rendering/mathml/RenderMathMLRoot.h: Make RenderMathMLRoot inherit from RenderMathMLRow.
1865         Make RenderMathMLRoot support <msqrt>.
1866         Remove all the anonymous wrapper stuff and instead use a MathOperator for the radical symbol.
1867         Update function declaration to implement layout without flexbox and add some helper functions.
1868         * rendering/mathml/RenderMathMLRow.cpp: Allow to get the exact metrics of the chid row,
1869         for use in RenderMathMLRoot.
1870         (WebCore::RenderMathMLRow::computeLineVerticalStretch): rename parameters.
1871         (WebCore::RenderMathMLRow::layoutRowItems): Set parameters to the final ascent, descent and
1872         logical width of the chid row. Set the temporary logical width for RenderMathRoot before
1873         laying the children out.
1874         (WebCore::RenderMathMLRow::layoutBlock): Rename parameters ; add a dummy logicalWidth
1875         parameter.
1876         * rendering/mathml/RenderMathMLRow.h: Make some functions accessible or overridable by
1877         RenderMathMLRoot. Make layoutRowItems return the final ascent, descent and logical width
1878         after the chid row is laid out.
1879         * rendering/mathml/RenderMathMLScripts.cpp: Move mirrorIfNeeded to RenderMathMLBlock.
1880         (WebCore::RenderMathMLScripts::mirrorIfNeeded): Deleted.
1881         * rendering/mathml/RenderMathMLScripts.h: Move mirrorIfNeeded to RenderMathMLBlock.
1882         * rendering/mathml/RenderMathMLSquareRoot.cpp: Removed.
1883         * rendering/mathml/RenderMathMLSquareRoot.h: Removed.
1884         * rendering/mathml/MathOperator.cpp:
1885         (WebCore::MathOperator::paint): Apply a mirroring scale transform to radical symbol
1886         in RTL direction.
1887
1888 2016-06-17  Chris Dumez  <cdumez@apple.com>
1889
1890         Drop some unnecessary header includes
1891         https://bugs.webkit.org/show_bug.cgi?id=158864
1892
1893         Reviewed by Alexey Proskuryakov.
1894
1895         Drop some unnecessary header includes to try and reduce build times.
1896
1897         * WebCore.xcodeproj/project.pbxproj:
1898         * accessibility/AccessibilityList.cpp:
1899         * css/CSSComputedStyleDeclaration.cpp:
1900         * css/MediaQueryMatcher.cpp:
1901         * css/StyleMedia.cpp:
1902         * css/TransformFunctions.cpp:
1903         * dom/NodeRenderStyle.h:
1904         * dom/PseudoElement.h:
1905         (isType): Deleted.
1906         * html/HTMLTitleElement.cpp:
1907         * html/shadow/MediaControlElementTypes.h:
1908         * html/shadow/MediaControls.cpp:
1909         * inspector/InspectorDOMAgent.h:
1910         * inspector/InspectorLayerTreeAgent.h:
1911         * inspector/InspectorPageAgent.cpp:
1912         * page/scrolling/AsyncScrollingCoordinator.cpp:
1913         * page/scrolling/ScrollingCoordinator.h:
1914         * rendering/BidiRun.h:
1915         * rendering/BorderEdge.h:
1916         * rendering/RenderElement.h:
1917         * rendering/RenderObject.h:
1918         (WebCore::AnnotatedRegionValue::operator==): Deleted.
1919         (WebCore::AnnotatedRegionValue::operator!=): Deleted.
1920         * rendering/RenderObjectEnums.h: Added.
1921         * rendering/RenderTheme.h:
1922         * rendering/SimpleLineLayoutFlowContents.h:
1923         * rendering/SimpleLineLayoutTextFragmentIterator.h:
1924         * rendering/TextPainter.h:
1925         * rendering/style/RenderStyle.h:
1926         (WebCore::pseudoElementRendererIsNeeded):
1927         * rendering/style/ShapeValue.cpp:
1928         * rendering/style/ShapeValue.h:
1929         * style/ClassChangeInvalidation.cpp:
1930         * style/ClassChangeInvalidation.h:
1931         * style/InlineTextBoxStyle.h:
1932         * style/StyleUpdate.cpp:
1933
1934 2016-06-17  Andreas Kling  <akling@apple.com>
1935
1936         [iOS] Throw away linked code when navigating to a new page.
1937         <https://webkit.org/b/153851>
1938
1939         Reviewed by Antti Koivisto.
1940
1941         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
1942         Linked code is tied to a specific global object, and as we're creating a new one for the
1943         new page, none of it is useful to us here.
1944
1945         In the event that the user navigates back, the cost of relinking some code will be far
1946         lower than the memory cost of keeping all of it around.
1947
1948         This was in-tree before but was rolled out due to regressing JSBench. It was a slowdown
1949         due to the benchmark harness using top-level navigations to drive the tests.
1950         This new version avoids that problem by only throwing out code if we haven't navigated
1951         in the last 2 seconds. This also prevents excessive work in response to redirects.
1952
1953         I've also moved this into MemoryPressureHandler so we don't make a mess in FrameLoader.
1954
1955         * loader/FrameLoader.cpp:
1956         (WebCore::FrameLoader::commitProvisionalLoad):
1957         * platform/MemoryPressureHandler.cpp:
1958         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
1959         * platform/MemoryPressureHandler.h:
1960
1961 2016-06-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
1962
1963         CORS preflight with a non-200 response should be a preflight failure
1964         https://bugs.webkit.org/show_bug.cgi?id=111008
1965
1966         Reviewed by Darin Adler.
1967
1968         Covered by rebased tests.
1969
1970         * Modules/fetch/FetchResponse.h: Making use of ResourceResponse::isSuccessful.
1971         * loader/CrossOriginPreflightChecker.cpp:
1972         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Checking that response status is code is
1973         successful. If not, calling preflight failure callback.
1974         (WebCore::CrossOriginPreflightChecker::startPreflight): Putting in manual redirection mode so that redirection
1975         responses are processed as other responses.
1976         * loader/ResourceLoaderOptions.h:
1977         (WebCore::ResourceLoaderOptions::fetchOptions): Adding a non-const getter and fixing const getter to return a
1978         const reference.
1979         (WebCore::ResourceLoaderOptions::setFetchOptions): Passing options by reference.
1980         * platform/network/ResourceResponseBase.cpp:
1981         (WebCore::ResourceResponseBase::isSuccessful): Utility function.
1982         * platform/network/ResourceResponseBase.h:
1983
1984 2016-06-17  Frederic Wang  <fwang@igalia.com>
1985
1986         MathOperator: Add fallback mechanisms for stretching and mirroring radical symbols
1987         https://bugs.webkit.org/show_bug.cgi?id=156836
1988
1989         Reviewed by Sergio Villar Senin.
1990
1991         Some platforms do not have OpenType MATH fonts pre-installed and thus can not draw stretchy
1992         operators using size variants or glyph assembly. This is especially problematic for the
1993         radical symbol which is used to write roots. Currently, we have some fallback code to draw
1994         that symbol using graphical primitives but it is a bit complex and makes the style of radical
1995         inconsistent with the font used. We solve these issues by just scaling the base glyph via a
1996         scale transform. Such scale transform is also used to mirror the radical symbol so that we
1997         have some support for right-to-left roots until we can do glyph-level mirroring
1998         via the OpenType rtlm feature.
1999
2000         Test: mathml/radical-fallback.html
2001
2002         * rendering/mathml/MathOperator.cpp: Add a constant for the code point U+221A of the radical.
2003         (WebCore::MathOperator::reset): In general, we don't need any vertical scaling for radical
2004         symbols so m_radicalVerticalScale is initialized to 1.
2005         (WebCore::MathOperator::calculateStretchyData): If we don't have a font with a MATH table and we
2006         try streching a radical, then we update the vertical metrics to match the target size and
2007         set m_radicalVerticalScale to the value necessary to make the base glyph scaled to that size.
2008         (WebCore::MathOperator::paint): For a radical operator, we may apply a scale transform of
2009         parameters (radicalHorizontalScale, m_radicalVerticalScale) in order to support RTL
2010         mirroring or vertical stretching.
2011         * rendering/mathml/MathOperator.h: We add a m_radicalVerticalScale member to indicate the
2012         scaling to apply to the base radical glyph when the stretchy fallback is necessary.
2013         (WebCore::MathOperator::isStretched): The operator is also considered stretched when the
2014         m_radicalVerticalScale is applied to the base size.
2015         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Remove code specific to the old fallback mechanism.
2016         * rendering/mathml/RenderMathMLRadicalOperator.h: Ditto.
2017
2018 2016-06-16  Commit Queue  <commit-queue@webkit.org>
2019
2020         Unreviewed, rolling out r202147.
2021         https://bugs.webkit.org/show_bug.cgi?id=158867
2022
2023         Broke scrolling tests on iOS Simulator (Requested by ap on
2024         #webkit).
2025
2026         Reverted changeset:
2027
2028         "Focus event dispatched in iframe causes parent document to
2029         scroll incorrectly"
2030         https://bugs.webkit.org/show_bug.cgi?id=158629
2031         http://trac.webkit.org/changeset/202147
2032
2033 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
2034
2035         :in-range & :out-of-range CSS pseudo-classes shouldn't match disabled or readonly inputs
2036         https://bugs.webkit.org/show_bug.cgi?id=156530
2037
2038         Reviewed by Simon Fraser.
2039
2040         Elements should only match :in-range and :out-of-range
2041         when they are candidate for constraint validation.
2042
2043         Tests: fast/css/pseudo-in-range-on-disabled-input-basics.html
2044                fast/css/pseudo-in-range-on-readonly-input-basics.html
2045                fast/css/pseudo-in-range-out-of-range-on-disabled-input-trivial.html
2046                fast/css/pseudo-out-of-range-on-disabled-input-basics.html
2047                fast/css/pseudo-out-of-range-on-readonly-input-basics.html
2048                fast/selectors/in-range-out-of-range-style-update.html
2049
2050         * html/BaseDateAndTimeInputType.cpp:
2051         (WebCore::BaseDateAndTimeInputType::minOrMaxAttributeChanged):
2052         * html/NumberInputType.cpp:
2053         (WebCore::NumberInputType::minOrMaxAttributeChanged):
2054         I forgot to handle style update in r202143.
2055         This is covered by the new style invalidation test.
2056
2057         * html/BaseDateAndTimeInputType.h:
2058         * html/HTMLInputElement.cpp:
2059         (WebCore::HTMLInputElement::isInRange):
2060         (WebCore::HTMLInputElement::isOutOfRange):
2061
2062 2016-06-16  Frederic Wang  <fwang@igalia.com>
2063
2064         Add separate MathOperator for selection/measuring/drawing of stretchy operators
2065         https://bugs.webkit.org/show_bug.cgi?id=152244
2066
2067         Reviewed by Brent Fulgham.
2068
2069         We complete the class to select, measure and draw stretchy operators that is independent
2070         from RenderMathMLOperator. That way, we will be able use stretchy operator without having
2071         to introduce & manage anonymous RenderMathMLOperator's
2072         (e.g for <mroot>, <msqrt> and <mfenced>).
2073
2074         No new tests, already covered by existing tests.
2075
2076         * rendering/mathml/MathOperator.cpp:
2077         (WebCore::ascentForGlyph): Add this helper function to get glyph ascent.
2078         (WebCore::descentForGlyph): Add this helper function to get glyph descent.
2079         (WebCore::MathOperator::reset): Initialize all the data and calculate ascent/descent of the
2080         base glyph.
2081         (WebCore::MathOperator::setSizeVariant): Set the width/ascent/descent.
2082         (WebCore::MathOperator::setGlyphAssembly): Ditto.
2083         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Remove the STIX Word hack and
2084         change m_maxPreferredWidth to use the actual width instead.
2085         (WebCore::MathOperator::stretchTo): New functions to execute the actual operator streching.
2086         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Add a FIXME for bug 155434.
2087         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Align all the glyph baselines on
2088         the same axis, given by m_ascent.
2089         Add a FIXME for bug 155434.
2090         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
2091         (WebCore::MathOperator::paint): Public function to do the painting.
2092         (WebCore::MathOperator::paintVerticalGlyphAssembly): Deleted.
2093         * rendering/mathml/MathOperator.h: Update declarations and make most of the members private.
2094         (WebCore::MathOperator::ascent): Function to expose m_ascent.
2095         (WebCore::MathOperator::descent): Function to expose m_descent.
2096         * rendering/mathml/RenderMathMLOperator.cpp:
2097         (WebCore::RenderMathMLOperator::stretchTo): Forward the stretching call to MathOperator.
2098         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Unfold advanceForGlyph
2099         since we delete RenderMathMLOperator::advanceForGlyph. Just rely on
2100         MathOperator::maxPreferredWidth to determine the preferred width of stretchy operators.
2101         For horizontal operators, we just use the width of the base glyph.
2102         Finally, we remove the dirty flag on preferred logical width.
2103         (WebCore::RenderMathMLOperator::rebuildTokenContent): Reinit the MathOperator instance.
2104         (WebCore::RenderMathMLOperator::updateFromElement): Force more updates of
2105         RenderMathMLOperator to avoid test breakage.
2106         (WebCore::RenderMathMLOperator::styleDidChange): Call MathOperator::reset to take into
2107         account style change.
2108         (WebCore::RenderMathMLOperator::updateStyle): Remove unused code.
2109         (WebCore::RenderMathMLOperator::firstLineBaseline): Use MathOperator::ascent() function.
2110         (WebCore::RenderMathMLOperator::computeLogicalHeight): Use MathOperator::ascent() and
2111         MathOperator::descent() functions to calculate the height.
2112         (WebCore::RenderMathMLOperator::paint): Only stretched operators are treated specially.
2113         We center horizontal operator and forward the paint() call to MathOperator.
2114         (WebCore::RenderMathMLOperator::trailingSpaceError): The error is now just the difference
2115         between the values returned by MathOperator::maxPreferredWidth() and
2116         MathOperator::width().
2117         (WebCore::boundsForGlyph): Deleted.
2118         (WebCore::heightForGlyph): Deleted.
2119         (WebCore::advanceWidthForGlyph): Deleted.
2120         (WebCore::RenderMathMLOperator::updateStyle): Deleted.
2121
2122 2016-06-16  Jiewen Tan  <jiewen_tan@apple.com>
2123
2124         CSP: Content Security Policy should allow '*' to match the originating page's scheme
2125         https://bugs.webkit.org/show_bug.cgi?id=158811
2126         <rdar://problem/26819568>
2127
2128         Reviewed by Daniel Bates.
2129
2130         Tests: security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star.html
2131                security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star.html
2132                security/contentSecurityPolicy/script-with-file-url-allowed-by-script-src-star.html
2133                security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star.html
2134
2135         * page/csp/ContentSecurityPolicySourceList.cpp:
2136         (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):
2137
2138 2016-06-16  Chris Dumez  <cdumez@apple.com>
2139
2140         Add HTTPHeaderMap::set() overload taking a NSString*
2141         https://bugs.webkit.org/show_bug.cgi?id=158857
2142
2143         Reviewed by Darin Adler.
2144
2145         Add HTTPHeaderMap::set() overloading taking a NSString* in addition to
2146         the one taking a CFStringRef. It is useful for the Cocoa implementation
2147         of ResourceRequest::doUpdateResourceRequest().
2148
2149         * platform/network/HTTPHeaderMap.h:
2150         (WebCore::HTTPHeaderMap::set):
2151
2152 2016-06-16  Joseph Pecoraro  <pecoraro@apple.com>
2153
2154         Web Inspector: console.profile should use the new Sampling Profiler
2155         https://bugs.webkit.org/show_bug.cgi?id=153499
2156         <rdar://problem/24352431>
2157
2158         Reviewed by Timothy Hatcher.
2159
2160         Test: inspector/timeline/setInstruments-programmatic-capture.html
2161
2162         * inspector/InspectorTimelineAgent.cpp:
2163         (WebCore::InspectorTimelineAgent::startFromConsole):
2164         (WebCore::InspectorTimelineAgent::stopFromConsole):
2165         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
2166         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
2167         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
2168         (WebCore::InspectorTimelineAgent::toggleInstruments):
2169         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
2170         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
2171         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
2172         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
2173         * inspector/InspectorTimelineAgent.h:
2174         Web implementation of console.profile/profileEnd.
2175         Make helpers for startings / stopping instruments.
2176
2177 2016-06-16  John Wilander  <wilander@apple.com>
2178
2179         Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
2180         https://bugs.webkit.org/show_bug.cgi?id=158855
2181         <rdar://problem/26142632>
2182
2183         Reviewed by Alex Christensen.
2184
2185         Tests: http/tests/dom/window-open-about-blank-and-access-document.html
2186                http/tests/dom/window-open-about-webkit-org-and-access-document.html
2187
2188         Document.cpp previously checked whether a document should inherit its owner's 
2189         security origin by checking if the URL is either empty or blank. URL.cpp in 
2190         turn only checks if the protocol is "about:" in the isBlankURL() function. 
2191         Thus all about:* URLs inherited security origin. This patch restricts 
2192         security origin inheritance to empty, about:blank, and about:srcdoc URLs.
2193
2194         Quotes and links from the WHATWG spec regarding about:srcdoc:
2195
2196         7.1 Browsing contexts
2197         A browsing context can have a creator browsing context, the browsing context 
2198         that was responsible for its creation. If a browsing context has a parent 
2199         browsing context, then that is its creator browsing context. Otherwise, if the 
2200         browsing context has an opener browsing context, then that is its creator 
2201         browsing context. Otherwise, the browsing context has no creator browsing 
2202         context.
2203         https://html.spec.whatwg.org/multipage/browsers.html#concept-document-bc
2204
2205         7.1.1 Nested browsing contexts
2206         Certain elements (for example, iframe elements) can instantiate further 
2207         browsing contexts. These are called nested browsing contexts. If a browsing 
2208         context P has a Document D with an element E that nests another browsing 
2209         context C inside it, then C is said to be nested through D, and E is said to 
2210         be the browsing context container of C. If the browsing context container 
2211         element E is in the Document D, then P is said to be the parent browsing 
2212         context of C and C is said to be a child browsing context of P. Otherwise, 
2213         the nested browsing context C has no parent browsing context.
2214         https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-context
2215
2216         4.8.5 The iframe element
2217         The iframe element represents a nested browsing context.
2218         ...
2219         If the srcdoc attribute is specified
2220             Navigate the element's child browsing context to a new response whose 
2221             url list consists of about:srcdoc ...
2222         https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-srcdoc
2223
2224         * dom/Document.cpp:
2225         (WebCore::Document::initSecurityContext):
2226             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
2227         (WebCore::Document::initContentSecurityPolicy):
2228             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
2229         (WebCore::shouldInheritSecurityOriginFromOwner): Deleted.
2230             Moved to URL::shouldInheritSecurityOriginFromOwner() and restricted the check.
2231         * platform/URL.cpp:
2232         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
2233         * platform/URL.h:
2234             Moved the function from Document and restricted the check to only allow
2235             security origin inheritance for empty, about:blank, and about:srcdoc URLs.
2236
2237 2016-06-16  Simon Fraser  <simon.fraser@apple.com>
2238
2239         [iOS] Focus event dispatched in iframe causes parent document to scroll incorrectly
2240         https://bugs.webkit.org/show_bug.cgi?id=158629
2241         rdar://problem/26521616
2242
2243         Reviewed by Enrica Casucci.
2244
2245         When focussing elements in iframes, the page could scroll to an incorrect location.
2246         This happened because code in Element::focus() tried to disable scrolling on focus,
2247         but did so only for the current frame, so ancestor frames got programmatically scrolled.
2248         On iOS we handle the scrolling in the UI process, so never want the web process to
2249         do programmatic scrolling.
2250
2251         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
2252         rather than manually prohibiting frame scrolling.
2253
2254         Tests: fast/forms/ios/focus-input-in-iframe.html
2255                fast/forms/ios/programmatic-focus-input-in-iframe.html
2256
2257         * dom/Element.cpp:
2258         (WebCore::Element::focus):
2259         * history/CachedPage.cpp:
2260         (WebCore::CachedPage::restore):
2261
2262 2016-06-16  Zalan Bujtas  <zalan@apple.com>
2263
2264         [New Block-Inside-Inline Model] Do not attempt to re-run margin collapsing on the block sequence.
2265         https://bugs.webkit.org/show_bug.cgi?id=158854
2266
2267         Reviewed by David Hyatt.
2268
2269         Test: fast/block/inside-inlines/crash-on-first-line-change.html
2270
2271         * rendering/RenderBlockLineLayout.cpp:
2272         (WebCore::RenderBlockFlow::marginCollapseLinesFromStart):
2273
2274 2016-06-16  Ting-Wei Lan  <lantw44@gmail.com>
2275
2276         Include cstdlib before using std::atexit
2277         https://bugs.webkit.org/show_bug.cgi?id=158681
2278
2279         Reviewed by Brent Fulgham.
2280
2281         * platform/graphics/PlatformDisplay.cpp:
2282
2283 2016-06-16  Chris Dumez  <cdumez@apple.com>
2284
2285         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
2286         https://bugs.webkit.org/show_bug.cgi?id=158853
2287
2288         Reviewed by Brent Fulgham.
2289
2290         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
2291         as m_bestFitImageURL data member is an AtomicString. This avoids constructing a String and
2292         then atomizing it.
2293
2294         * html/HTMLImageElement.cpp:
2295         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
2296
2297 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
2298
2299         :in-range & :out-of-range CSS pseudo-classes shouldn't match inputs without range limitations
2300         https://bugs.webkit.org/show_bug.cgi?id=156558
2301
2302         Reviewed by Simon Fraser.
2303
2304         The pseudo selectors :in-range and :out-of-range should only
2305         apply if:
2306         -minimum/maximum are defined for the input type
2307         -the input value is/is-not suffering from underflow/overflow.
2308
2309         Only certain types have a valid minimum and maximum:
2310         -number
2311         -range
2312         -date
2313         -month
2314         -week
2315         -time
2316         -datetime-local
2317
2318         Of those, only one has a default minimum and maximum: range.
2319         For all the others, the minimum or maximum is only defined
2320         if the min/max attribute is defined and valid.
2321
2322         This patch addresses these constraints for number and range.
2323         The date types range validation is severely broken and is
2324         left untouched. It really needs a clean rewrite.
2325
2326         Tests: fast/css/pseudo-in-range-basics.html
2327                fast/css/pseudo-in-range-out-of-range-trivial.html
2328                fast/css/pseudo-out-of-range-basics.html
2329
2330         * html/DateInputType.cpp:
2331         (WebCore::DateInputType::createStepRange):
2332         * html/DateTimeInputType.cpp:
2333         (WebCore::DateTimeInputType::createStepRange):
2334         * html/DateTimeLocalInputType.cpp:
2335         (WebCore::DateTimeLocalInputType::createStepRange):
2336         * html/InputType.cpp:
2337         (WebCore::InputType::isInRange):
2338         (WebCore::InputType::isOutOfRange):
2339         Notice the isEmpty() shortcut.
2340         A value can only overflow/underflow if it is not empty.
2341
2342         * html/MonthInputType.cpp:
2343         (WebCore::MonthInputType::createStepRange):
2344         * html/NumberInputType.cpp:
2345         (WebCore::NumberInputType::createStepRange):
2346         * html/RangeInputType.cpp:
2347         (WebCore::RangeInputType::createStepRange):
2348         * html/StepRange.cpp:
2349         (WebCore::StepRange::StepRange):
2350         * html/StepRange.h:
2351         (WebCore::StepRange::hasRangeLimitations):
2352         * html/WeekInputType.cpp:
2353         (WebCore::WeekInputType::createStepRange):
2354
2355 2016-06-16  Anders Carlsson  <andersca@apple.com>
2356
2357         Fix macOS Sierra build
2358         https://bugs.webkit.org/show_bug.cgi?id=158849
2359
2360         Reviewed by Tim Horton.
2361
2362         Add WebCore:: qualifiers for IOSurface, to avoid conflicts with the IOSurface Objective-C class.
2363         
2364         Also, add an asLayerContents() getter that will return an id that's suitable for setting 
2365         as the contents of a CALayer.
2366
2367         * platform/graphics/cocoa/IOSurface.h:
2368         * platform/graphics/cocoa/IOSurface.mm:
2369
2370 2016-06-16  Andreas Kling  <akling@apple.com>
2371
2372         REGRESSION(r196217): 3% JSBench regression on iPhone 5.
2373         <https://webkit.org/b/158848>
2374         <rdar://problem/26609622>
2375
2376         Unreviewed rollout.
2377
2378         Don't jettison linked code on every top-level navigation as that was hurting JSBench on iPhone 5.
2379
2380         * loader/FrameLoader.cpp:
2381         (WebCore::FrameLoader::commitProvisionalLoad):
2382
2383 2016-06-16  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2384
2385         WebRTC: Check type of this in RTCPeerConnection JS built-in functions
2386         https://bugs.webkit.org/show_bug.cgi?id=151303
2387
2388         Reviewed by Youenn Fablet.
2389
2390         Check type of 'this' in RTCPeerConnection JS built-in functions.
2391
2392         Test: fast/mediastream/RTCPeerConnection-js-built-ins-check-this.html
2393
2394         * Modules/mediastream/RTCPeerConnection.js:
2395         (createOffer):
2396         (createAnswer):
2397         (setLocalDescription):
2398         (setRemoteDescription):
2399         (addIceCandidate):
2400         (getStats):
2401         Reject if 'this' isn't of type RTCPeerConnection.
2402         * Modules/mediastream/RTCPeerConnectionInternals.js:
2403         (isRTCPeerConnection):
2404         Add helper function to perform type check. Needs further robustifying.
2405
2406 2016-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
2407
2408         Sporadic crash in HashTableAddResult following CSSValuePool::createFontFamilyValue
2409         https://bugs.webkit.org/show_bug.cgi?id=158297
2410
2411         Reviewed by Darin Adler.
2412
2413         In an effort to reduce the flash of unstyled content, we force all elements
2414         to have display: none during an external stylesheet load. We do this by
2415         ignoring the CSS cascade and forcing all elements to have a placeholder style
2416         which hardcodes display: none. (This is necessary to make elements created by
2417         script during the stylesheet load not flash.)
2418
2419         This style is exposed to web content via getComputedStyle(), which means it
2420         needs to maintain the invariant that font-families can never be null strings.
2421         We enforce this by forcing the font-family to be the standard font name.
2422
2423         Test: fast/text/placeholder-renderstyle-null-font.html
2424
2425         * style/StyleTreeResolver.cpp:
2426         (WebCore::Style::ensurePlaceholderStyle):
2427
2428 2016-06-16  Chris Dumez  <cdumez@apple.com>
2429
2430         Avoid some temporary String allocations for common HTTP headers in ResourceResponse::platformLazyInit()
2431         https://bugs.webkit.org/show_bug.cgi?id=158827
2432
2433         Reviewed by Darin Adler.
2434
2435         Add a HTTPHeaderMap::set() overload taking in a CFStringRef. The
2436         implementation has a fast path which gets the internal characters
2437         of the CFStringRef when possible and constructs a StringView for
2438         it in order to call findHTTPHeaderName(). As a result, we avoid
2439         allocating a temporary String when findHTTPHeaderName() succeeds.
2440
2441         This new HTTPHeaderMap::set() overload is called from both the
2442         CF and Cocoa implementations of ResourceResponse::platformLazyInit().
2443
2444         I have confirmed locally on both Mac and iOS that the fast path
2445         is used ~93% of the time. CFStringGetCStringPtr() returns null in
2446         rare cases, causing the regular code path to be used.
2447
2448         * platform/network/HTTPHeaderMap.cpp:
2449         (WebCore::HTTPHeaderMap::set):
2450         * platform/network/HTTPHeaderMap.h:
2451
2452 2016-06-15  Zalan Bujtas  <zalan@apple.com>
2453
2454         Decouple the percent height and positioned descendants maps.
2455         https://bugs.webkit.org/show_bug.cgi?id=158773
2456
2457         Reviewed by David Hyatt and Chris Dumez.
2458
2459         We track renderers with percent height across multiple containers using
2460         HashMap<const RenderBox*, std::unique_ptr<HashSet<const RenderBlock*>>>.
2461         We also use the same data structure to track positioned descendants.
2462         However a positioned renderer can have only one containing block so tracking it
2463         with a 1:many type is defective.
2464         It allows multiple inserts for positioned descendants, which could lead to
2465         inconsistent layout state as the rendering logic expects these type of renderers
2466         with only one containing block.
2467         This patch decouples percent height and positioned tracking by introducing
2468         the PositionedDescendantsMap class. This class is responsible for tracking
2469         the positioned descendants inbetween layouts.
2470
2471         No change in functionality.
2472
2473         Tests: fast/block/positioning/change-containing-block-for-absolute-positioned.html
2474                fast/block/positioning/change-containing-block-for-fixed-positioned.html
2475
2476         * rendering/RenderBlock.cpp:
2477         (WebCore::insertIntoTrackedRendererMaps):
2478         (WebCore::removeFromTrackedRendererMaps):
2479         (WebCore::PositionedDescendantsMap::addDescendant): Add more defensive ASSERT_NOT_REACHED
2480         to the double insert branch when webkit.org/b/158772 gets fixed.
2481         (WebCore::PositionedDescendantsMap::removeDescendant):
2482         (WebCore::PositionedDescendantsMap::removeContainingBlock):
2483         (WebCore::PositionedDescendantsMap::positionedRenderers):
2484         (WebCore::positionedDescendantsMap):
2485         (WebCore::removeBlockFromPercentageDescendantAndContainerMaps):
2486         (WebCore::RenderBlock::~RenderBlock):
2487         (WebCore::RenderBlock::positionedObjects):
2488         (WebCore::RenderBlock::insertPositionedObject):
2489         (WebCore::RenderBlock::removePositionedObject):
2490         (WebCore::RenderBlock::addPercentHeightDescendant):
2491         (WebCore::RenderBlock::removePercentHeightDescendant):
2492         (WebCore::RenderBlock::percentHeightDescendants):
2493         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
2494         (WebCore::removeBlockFromDescendantAndContainerMaps): Deleted.
2495         * rendering/RenderBlock.h:
2496
2497 2016-06-15  David Kilzer  <ddkilzer@apple.com>
2498
2499         Move SoftLinking.h to platform/cococa from platform/mac
2500         <https://webkit.org/b/158825>
2501
2502         Reviewed by Andy Estes.
2503
2504         * PlatformMac.cmake: Update for new directory.
2505         * WebCore.xcodeproj/project.pbxproj: Ditto.
2506         * platform/cocoa/SoftLinking.h: Renamed from Source/WebCore/platform/mac/SoftLinking.h.
2507
2508 2016-06-15  Chris Dumez  <cdumez@apple.com>
2509
2510         [Cocoa] Clean up / optimize ResourceResponse::platformLazyInit(InitLevel)
2511         https://bugs.webkit.org/show_bug.cgi?id=158809
2512
2513         Reviewed by Darin Adler.
2514
2515         Clean up / optimize ResourceResponse::platformLazyInit(InitLevel).
2516
2517         * platform/network/HTTPParsers.cpp:
2518         (WebCore::extractReasonPhraseFromHTTPStatusLine):
2519         * platform/network/HTTPParsers.h:
2520         Have extractReasonPhraseFromHTTPStatusLine() return an AtomicString as the
2521         Reason is stored as an AtomicString on ResourceResponse. Have the
2522         implementation use StringView::subString()::toAtomicString().
2523
2524         * platform/network/cocoa/ResourceResponseCocoa.mm:
2525         (WebCore::stripLeadingAndTrailingDoubleQuote):
2526         Move the stripLeadingAndTrailingDoubleQuote logic from platformLazyInit()
2527         to its own function. Have it use StringView::subString()::toAtomicString()
2528         to avoid unnecessarily atomizing the textEncodingName that has surrounding
2529         double-quotes.
2530
2531         (WebCore::initializeHTTPHeaders):
2532         Move HTTP headers initialization to its own function for clarity.
2533
2534         (WebCore::extractHTTPStatusText):
2535         Move HTTP status Text extraction to its own function for clarity.
2536
2537         (WebCore::ResourceResponse::platformLazyInit):
2538         - The function is streamlined a bit because most of the logic was moved
2539           into separate functions.
2540         - Drop unnecessary (initLevel >= CommonFieldsOnly) check in the first
2541           if case and replace with an assertion. This function is always called
2542           with CommonFieldsOnly or above (AllFields).
2543         - Drop unnecessary (m_initLevel < AllFields) check in the second if
2544           case as this is always true. If not, we would have returned early
2545           at the beginning of the function when checking
2546           m_initLevel >= initLevel.
2547         - Use AutodrainedPool instead of NSAutoreleasePool for convenience and have
2548           only 1 pool instead of 2.
2549         - Drop unnecessary copyNSURLResponseStatusLine() function and call directly
2550           CFHTTPMessageCopyResponseStatusLine() since we already have a
2551           CFHTTPMessageRef at the call site.
2552
2553 2016-06-15  Tim Horton  <timothy_horton@apple.com>
2554
2555         <attachment> elements jump around a lot around when subtitle text changes slightly
2556         https://bugs.webkit.org/show_bug.cgi?id=158818
2557         <rdar://problem/24450270>
2558
2559         Reviewed by Simon Fraser.
2560
2561         Test: fast/attachment/attachment-subtitle-resize.html
2562
2563         * rendering/RenderAttachment.cpp:
2564         (WebCore::RenderAttachment::layout):
2565         * rendering/RenderAttachment.h:
2566         * rendering/RenderThemeMac.mm:
2567         (WebCore::AttachmentLayout::AttachmentLayout):
2568         (WebCore::RenderThemeMac::paintAttachment):
2569         In order to avoid changes to the centered subtitle text causing the whole
2570         attachment to bounce around a lot, make it so that attachment width can only
2571         increase, never decrease, and round the subtitle's width up to the nearest
2572         increment of 10px when determining its affect on the whole element's width.
2573         Also, center the attachment in its element, instead of left-aligning it,
2574         so that the extra width we may have is evenly distributed between the two sides.
2575
2576 2016-06-15  Ryan Haddad  <ryanhaddad@apple.com>
2577
2578         Reset bindings test results after r202105
2579
2580         Unreviewed test gardening.
2581
2582         * bindings/scripts/test/JS/JSTestObj.cpp:
2583
2584 2016-06-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2585
2586         WebRTC: (Refactor) Align the structure of RTCPeerConnection.idl with the header file
2587         https://bugs.webkit.org/show_bug.cgi?id=158779
2588
2589         Reviewed by Eric Carlson.
2590
2591         Restructure RTCPeerConnection.idl to make it easer to read and extend in the future.
2592
2593         No change in behavior.
2594
2595         * Modules/mediastream/RTCPeerConnection.idl:
2596
2597 2016-06-15  Chris Dumez  <cdumez@apple.com>
2598
2599         Drop some unnecessary header includes
2600         https://bugs.webkit.org/show_bug.cgi?id=158788
2601
2602         Reviewed by Alexey Proskuryakov.
2603
2604         Drop some unnecessary header includes in headers to speed up build time.
2605
2606         * Modules/encryptedmedia/MediaKeySession.cpp:
2607         * Modules/gamepad/GamepadManager.cpp:
2608         * Modules/indexeddb/IDBDatabase.cpp:
2609         * Modules/indexeddb/IDBOpenDBRequest.cpp:
2610         * Modules/indexeddb/IDBRequest.cpp:
2611         * Modules/indexeddb/IDBTransaction.cpp:
2612         * Modules/mediasource/MediaSource.cpp:
2613         * Modules/mediasource/SourceBuffer.cpp:
2614         * Modules/mediasource/SourceBufferList.cpp:
2615         * Modules/mediastream/MediaStream.cpp:
2616         * Modules/mediastream/MediaStreamTrack.cpp:
2617         * Modules/speech/SpeechSynthesis.cpp:
2618         * Modules/webaudio/AudioScheduledSourceNode.cpp:
2619         * Modules/webaudio/ScriptProcessorNode.cpp:
2620         * bindings/scripts/CodeGeneratorJS.pm:
2621         (GenerateImplementation):
2622         * dom/CharacterData.cpp:
2623         * dom/ContainerNode.cpp:
2624         * dom/DOMNamedFlowCollection.cpp:
2625         * dom/DeviceMotionController.cpp:
2626         * dom/DeviceOrientationController.cpp:
2627         * dom/Document.cpp:
2628         * dom/Document.h:
2629         * dom/DocumentEventQueue.cpp:
2630         * dom/DocumentOrderedMap.h:
2631         * dom/Element.cpp:
2632         * dom/Event.cpp:
2633         * dom/EventDispatcher.cpp:
2634         * dom/EventTarget.cpp:
2635         * dom/EventTarget.h:
2636         * dom/KeyboardEvent.cpp:
2637         * dom/MessageEvent.cpp:
2638         * dom/MessagePort.cpp:
2639         * dom/ScriptElement.cpp:
2640         * dom/ScriptExecutionContext.cpp:
2641         * dom/ScriptExecutionContext.h:
2642         * dom/SecurityContext.h:
2643         * dom/SimulatedClick.cpp:
2644         * dom/TextEvent.cpp:
2645         * dom/WebKitNamedFlow.cpp:
2646         * editing/FrameSelection.cpp:
2647         * fileapi/FileReader.cpp:
2648         * html/HTMLLinkElement.cpp:
2649         * html/HTMLPlugInImageElement.cpp:
2650         * html/HTMLStyleElement.cpp:
2651         * html/HTMLSummaryElement.cpp:
2652         * html/HTMLTrackElement.cpp:
2653         * html/HTMLVideoElement.cpp:
2654         * html/InputType.cpp:
2655         * html/MediaController.cpp:
2656         * html/TextFieldInputType.cpp:
2657         * html/canvas/WebGLRenderingContextBase.cpp:
2658         * html/parser/HTMLScriptRunner.cpp:
2659         * html/shadow/MediaControlElementTypes.cpp:
2660         * html/shadow/MediaControls.cpp:
2661         * html/shadow/MediaControlsApple.cpp:
2662         * html/shadow/SliderThumbElement.cpp:
2663         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
2664         * inspector/InspectorIndexedDBAgent.cpp:
2665         * loader/DocumentLoader.cpp:
2666         * loader/ImageLoader.cpp:
2667         * loader/PolicyChecker.cpp:
2668         * mathml/MathMLSelectElement.cpp:
2669         * page/DOMWindow.h:
2670         * page/EventSource.cpp:
2671         * page/FrameView.cpp:
2672         * page/Performance.cpp:
2673         * page/csp/ContentSecurityPolicy.cpp:
2674         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2675         * platform/network/HTTPHeaderMap.h:
2676         * platform/network/ResourceHandle.cpp:
2677         * rendering/RenderEmbeddedObject.cpp:
2678         * rendering/RenderSnapshottedPlugIn.cpp:
2679         * svg/SVGSVGElement.cpp:
2680         * svg/SVGUseElement.cpp:
2681         * svg/animation/SVGSMILElement.cpp:
2682         * workers/WorkerGlobalScope.h:
2683         * xml/XMLHttpRequest.cpp:
2684         * xml/XMLHttpRequestProgressEventThrottle.cpp:
2685         * xml/XMLHttpRequestUpload.cpp:
2686
2687 2016-06-15  Antti Koivisto  <antti@apple.com>
2688
2689         GoogleMaps transit schedule explorer comes up blank initially
2690         https://bugs.webkit.org/show_bug.cgi?id=158803
2691         rdar://problem/25818080
2692
2693         Reviewed by Andreas Kling.
2694
2695         In case we had something like
2696
2697         .foo bar { ... }
2698
2699         and later a new stylesheet was added dynamically that contained
2700
2701         .foo baz { ... }
2702
2703         we would fail to add the new rules to the descendant invalidation rule sets for ".foo". This could
2704         cause some style invalidations to be missed.
2705
2706         * css/DocumentRuleSets.cpp:
2707         (WebCore::DocumentRuleSets::collectFeatures):
2708
2709         Reset the ancestorClassRules and ancestorAttributeRulesForHTML rule set caches when new style sheets
2710         are added (==collectFeatures is called).
2711
2712 2016-06-15  Javier Fernandez  <jfernandez@igalia.com>
2713
2714         [css-sizing] Item borders are missing with 'min-width:-webkit-fill-available' and zero available width
2715         https://bugs.webkit.org/show_bug.cgi?id=158258
2716
2717         Reviewed by Darin Adler.
2718
2719         The "fill-available" size is defined as the containing block's size less
2720         the box's border and padding size. However, when used for min-width we
2721         should ensure we don't get negative values as result of logical width
2722         computation.
2723
2724         http://www.w3.org/TR/css-sizing-3/#fill-available-sizing
2725
2726         This patch ensure fill-available value computed value will be always
2727         greater than box's boder and padding width.
2728
2729         Test: fast/css-intrinsic-dimensions/fill-available-with-zero-width.html
2730
2731         * rendering/RenderBox.cpp:
2732         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
2733
2734 2016-06-15  Alex Christensen  <achristensen@webkit.org>
2735
2736         Fix 2d canvas transform after r192900
2737         https://bugs.webkit.org/show_bug.cgi?id=158725
2738         rdar://problem/26774230
2739
2740         Reviewed by Dean Jackson.
2741
2742         Test: fast/canvas/canvas-transform-inverse.html
2743
2744         * html/canvas/CanvasRenderingContext2D.cpp:
2745         (WebCore::CanvasRenderingContext2D::transform):
2746         r192900 was intended to have no change in behavior, but I made a typo.
2747         We need to apply the inverse of the original transform to the path to be correct.
2748         This affects transforms applied to the canvas during the creation of a path.
2749
2750 2016-06-15  Eric Carlson  <eric.carlson@apple.com>
2751
2752         [iOS] Make HTMLMediaElement.muted mutable
2753         https://bugs.webkit.org/show_bug.cgi?id=158787
2754         <rdar://problem/24452567>
2755
2756         Reviewed by Dean Jackson.
2757
2758         Tests: media/audio-playback-restriction-removed-muted.html
2759                media/audio-playback-restriction-removed-track-enabled.html
2760
2761         * html/HTMLMediaElement.cpp:
2762         (WebCore::HTMLMediaElement::audioTrackEnabledChanged): Remove most behavior restrictions if
2763           the track state was changed as a result of a user gesture.
2764         (WebCore::HTMLMediaElement::setMuted): Ditto.
2765         (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Add mask 
2766           parameter so caller can choose which restrictions are removed.
2767         * html/HTMLMediaElement.h:
2768
2769         * html/MediaElementSession.cpp:
2770         (WebCore::restrictionName): Drive-by fix: remove duplicate label.
2771         * html/MediaElementSession.h:
2772
2773         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
2774         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2775         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Set muted on AVPlayer if setMuted
2776           was called before the player was created.
2777         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Drive-by fix: return early if there
2778           is no AVPlayer, not if we won't have metadata yet.
2779         (WebCore::MediaPlayerPrivateAVFoundationObjC::setMuted): New.
2780
2781 2016-06-15  Romain Bellessort  <romain.bellessort@crf.canon.fr>
2782
2783         Enabling Shadow DOM for all platforms
2784         https://bugs.webkit.org/show_bug.cgi?id=158738
2785
2786         Reviewed by Ryosuke Niwa.
2787
2788         No new tests (no new behavior to be tested).
2789
2790         Removed Shadow DOM from options (enabled by default)
2791         (comprises removal of corresponding preprocessor directives)
2792
2793         * Configurations/FeatureDefines.xcconfig:
2794         * DerivedSources.make:
2795         * bindings/generic/RuntimeEnabledFeatures.h:
2796         * bindings/js/JSDocumentFragmentCustom.cpp:
2797         * bindings/js/JSNodeCustom.cpp:
2798         * css/CSSGrammar.y.in:
2799         * css/CSSParser.cpp:
2800         * css/CSSParserValues.cpp:
2801         * css/CSSParserValues.h:
2802         * css/CSSSelector.cpp:
2803         * css/CSSSelector.h:
2804         * css/ElementRuleCollector.cpp:
2805         * css/ElementRuleCollector.h:
2806         * css/RuleSet.cpp:
2807         * css/RuleSet.h:
2808         * css/SelectorChecker.cpp:
2809         * css/SelectorChecker.h:
2810         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
2811         * css/StyleResolver.cpp:
2812         * cssjit/SelectorCompiler.cpp:
2813         * dom/ComposedTreeAncestorIterator.h:
2814         * dom/ComposedTreeIterator.cpp:
2815         * dom/ComposedTreeIterator.h:
2816         * dom/ContainerNode.cpp:
2817         * dom/Document.cpp:
2818         * dom/Document.h:
2819         * dom/Element.cpp:
2820         * dom/Element.h:
2821         * dom/Element.idl:
2822         * dom/Event.idl:
2823         * dom/EventPath.cpp:
2824         * dom/Node.cpp:
2825         * dom/Node.h:
2826         * dom/NonDocumentTypeChildNode.idl:
2827         * dom/ShadowRoot.cpp:
2828         * dom/ShadowRoot.h:
2829         * dom/ShadowRoot.idl:
2830         * dom/SlotAssignment.cpp:
2831         * dom/SlotAssignment.h:
2832         * html/HTMLSlotElement.cpp:
2833         * html/HTMLSlotElement.h:
2834         * html/HTMLSlotElement.idl:
2835         * html/HTMLTagNames.in:
2836         * page/FocusController.cpp:
2837         * style/StyleSharingResolver.cpp:
2838         * style/StyleTreeResolver.cpp:
2839
2840 2016-06-15  Andreas Kling  <akling@apple.com>
2841
2842         [Cocoa] Add two notify listeners for poking the garbage collector.
2843         <https://webkit.org/b/158783>
2844
2845         Reviewed by Antti Koivisto.
2846
2847         Add two new notify listeners:
2848
2849         - com.apple.WebKit.fullGC
2850
2851             Trigger a full garbage collection in the main WebCore VM immediately.
2852
2853         - com.apple.WebKit.deleteAllCode
2854
2855             Throw away all of JSC's linked and unlinked code, and do a full GC.
2856
2857         These will make it easier to diagnose memory growth issues by having a lever that
2858         eliminates many of the large object graphs without going after behavior-changing things
2859         like the memory cache.
2860
2861         * platform/MemoryPressureHandler.cpp:
2862         (WebCore::MemoryPressureHandler::platformInitialize):
2863         * platform/MemoryPressureHandler.h:
2864         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
2865         (WebCore::MemoryPressureHandler::platformInitialize):
2866
2867 2016-06-15  Antti Koivisto  <antti@apple.com>
2868
2869         Vary:Cookie validation doesn't work in private browsing
2870         https://bugs.webkit.org/show_bug.cgi?id=158616
2871         <rdar://problem/26755067>
2872
2873         Reviewed by Andreas Kling.
2874
2875         There wasn't a way to get cookie based on SessionID from WebCore.
2876
2877         * platform/CookiesStrategy.h:
2878
2879             Add a cookie retrival function that takes SessionID instead of NetworkStorageSession.
2880
2881         * platform/network/CacheValidation.cpp:
2882         (WebCore::headerValueForVary):
2883
2884             Use it.
2885
2886         (WebCore::verifyVaryingRequestHeaders):
2887
2888 2016-06-15  Per Arne Vollan  <pvollan@apple.com>
2889
2890         [Win] The test accessibility/selected-text-range-aria-elements.html is failing.
2891         https://bugs.webkit.org/show_bug.cgi?id=158732
2892
2893         Reviewed by Brent Fulgham.
2894
2895         Implement support for getting selected text range.
2896
2897         * accessibility/win/AccessibilityObjectWrapperWin.cpp:
2898         (WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue):
2899
2900 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
2901
2902         Addressing post-review comments after r201971
2903         https://bugs.webkit.org/show_bug.cgi?id=158450
2904
2905         Unreviewed.
2906
2907         * css/CSSFontFaceSet.cpp:
2908         (WebCore::CSSFontFaceSet::add):
2909         (WebCore::CSSFontFaceSet::remove):
2910
2911 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
2912
2913         Honor bidi unicode codepoints
2914         https://bugs.webkit.org/show_bug.cgi?id=149170
2915         <rdar://problem/26527378>
2916
2917         Reviewed by Simon Fraser.
2918
2919         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
2920         unexpected output when they are present. Fix by considering such code points as
2921         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
2922         the codepoints fully in our Bidi algorithm.
2923
2924         Test: fast/text/isolate-ignore.html
2925
2926         * platform/graphics/Font.cpp:
2927         (WebCore::createAndFillGlyphPage):
2928         * platform/text/BidiResolver.h:
2929         (WebCore::Subclass>::createBidiRunsForLine):
2930
2931 2016-06-14  Antoine Quint  <graouts@apple.com>
2932
2933         [iOS] Play glyph is pixelated when the page zoom is large
2934         https://bugs.webkit.org/show_bug.cgi?id=158770
2935         <rdar://problem/26092124>
2936
2937         Reviewed by Dean Jackson.
2938
2939         Use the same technique that we use to scale the video controls by using a combination
2940         of CSS "zoom" and "transform" properties to have the video play glyph scaled at its
2941         native size regardless of page zoom.
2942
2943         * Modules/mediacontrols/mediaControlsiOS.js:
2944         (ControllerIOS.prototype.set pageScaleFactor):
2945
2946 2016-06-14  Chris Dumez  <cdumez@apple.com>
2947
2948         Regression(r201534): Compile time greatly regressed
2949         https://bugs.webkit.org/show_bug.cgi?id=158765
2950         <rdar://problem/26587342>
2951
2952         Reviewed by Darin Adler.
2953
2954         Compile time greatly regressed by r201534 due to Document.h now including
2955         TextAutoSizing.h. Move the TextAutoSizingTraits back to Document.h to
2956         restore pre-r201534 behavior.
2957
2958         * WebCore.xcodeproj/project.pbxproj:
2959         * dom/Document.cpp:
2960         (WebCore::TextAutoSizingTraits::constructDeletedValue):
2961         (WebCore::TextAutoSizingTraits::isDeletedValue):
2962         * dom/Document.h:
2963         * rendering/TextAutoSizing.h:
2964         (WebCore::TextAutoSizingTraits::constructDeletedValue): Deleted.
2965         (WebCore::TextAutoSizingTraits::isDeletedValue): Deleted.
2966
2967 2016-06-14  Antoine Quint  <graouts@apple.com>
2968
2969         Inline media controls cut off PiP and fullscreen buttons on cnn.com
2970         https://bugs.webkit.org/show_bug.cgi?id=158766
2971         <rdar://problem/24175161>
2972
2973         Reviewed by Dean Jackson.
2974
2975         The display of the picture-in-picture and fullscreen buttons are dependent on the availability
2976         of video tracks through a call to hasVideo(). We need to ensure that the display properties of
2977         both those buttons are updated when the number of video tracks has changed since the controls
2978         may be populated prior to the availability of video tracks.
2979
2980         * Modules/mediacontrols/mediaControlsApple.js:
2981         (Controller.prototype.updateHasVideo):
2982
2983 2016-06-14  Joseph Pecoraro  <pecoraro@apple.com>
2984
2985         Web Inspector: Rename Timeline.setAutoCaptureInstruments to Timeline.setInstruments
2986         https://bugs.webkit.org/show_bug.cgi?id=158762
2987
2988         Reviewed by Timothy Hatcher.
2989
2990         Test: inspector/timeline/setInstruments-errors.html
2991
2992         * inspector/InspectorTimelineAgent.cpp:
2993         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
2994         (WebCore::InspectorTimelineAgent::setInstruments):
2995         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
2996         (WebCore::InspectorTimelineAgent::setAutoCaptureInstruments): Deleted.
2997         * inspector/InspectorTimelineAgent.h:
2998
2999 2016-06-14  Dean Jackson  <dino@apple.com>
3000
3001         decompose4 return value is unchecked, leading to potentially uninitialized data.
3002         https://bugs.webkit.org/show_bug.cgi?id=158761
3003         <rdar://problem/17526268>
3004
3005         Reviewed by Simon Fraser.
3006
3007         WebCore::decompose4 could return early without initializing data.
3008         I now initialize it, but I also started checking the return
3009         value at all the call sites to make sure everything is sensible.
3010
3011         Test: transforms/undecomposable.html
3012
3013         * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
3014         (WebCore::PerspectiveTransformOperation::blend):
3015         * platform/graphics/transforms/RotateTransformOperation.cpp:
3016         (WebCore::RotateTransformOperation::blend):
3017         * platform/graphics/transforms/TransformationMatrix.cpp:
3018         (WebCore::decompose4):
3019         (WebCore::TransformationMatrix::blend4):
3020         * platform/graphics/transforms/TransformationMatrix.h:
3021
3022 2016-06-14  Benjamin Poulain  <bpoulain@apple.com>
3023
3024         Add the unprefixed version of the pseudo element ::placeholder
3025         https://bugs.webkit.org/show_bug.cgi?id=158653
3026
3027         Reviewed by Dean Jackson.
3028
3029         Test: fast/forms/placeholder-pseudo-element-with-webkit-prefix.html
3030
3031         The pseudo element ::-webkit-input-placeholder is stupidly popular
3032         which forces other engines to support this exact name.
3033
3034         The pseudo-element spec provides a new standard name we can adopt
3035         to drop the prefix: https://drafts.csswg.org/css-pseudo-4/#placeholder-pseudo
3036
3037         This patch does just that, make ::placeholder the standard name to select
3038         the placeholder element in the shadow dom of input elements.
3039
3040         Unlike pseudo classes, we did not have any support for prefixes and aliasing.
3041         I want to keep the absurdly efficient matching we currently use for styling
3042         because style updates are more common than stylesheet updates.
3043         With that constraint in mind, the value of CSSSelector has to be the unprefixed
3044         version for both forms of input.
3045
3046         This leaves us with the problem of displaying the CSSSelector for CSSOM.
3047         To differentiate the legacy form from the standard form, I added
3048         a new type of PseudoElement: PseudoElementWebKitCustomLegacyPrefixed.
3049         When parsing, PseudoElementWebKitCustomLegacyPrefixed let us replace
3050         the original value "-webkit-input-placeholder" by the standard value.
3051         When creating the selectorText for CSSOM, PseudoElementWebKitCustomLegacyPrefixed
3052         let us replace the standard for by the legacy form.
3053
3054         * css/CSSParserValues.cpp:
3055         (WebCore::CSSParserSelector::parsePseudoElementSelector):
3056         * css/CSSSelector.cpp:
3057         (WebCore::CSSSelector::pseudoId):
3058         (WebCore::CSSSelector::selectorText):
3059         * css/CSSSelector.h:
3060         (WebCore::CSSSelector::isCustomPseudoElement):
3061         (WebCore::CSSSelector::isWebKitCustomPseudoElement):
3062         * css/SelectorChecker.cpp:
3063         (WebCore::SelectorChecker::matchRecursively):
3064         * css/SelectorPseudoElementTypeMap.in:
3065         * css/html.css:
3066         (::placeholder):
3067         (input::placeholder, isindex::placeholder):
3068         (textarea::placeholder):
3069         (::-webkit-input-placeholder): Deleted.
3070         (input::-webkit-input-placeholder, isindex::-webkit-input-placeholder): Deleted.
3071         (textarea::-webkit-input-placeholder): Deleted.
3072         * features.json:
3073         * html/shadow/TextControlInnerElements.cpp:
3074         (WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
3075
3076 2016-06-14  Doug Russell  <d_russell@apple.com>
3077
3078         AX: Form label text should be exposed as static text if it contains only static text
3079         https://bugs.webkit.org/show_bug.cgi?id=158634
3080
3081         Reviewed by Chris Fleizach.
3082
3083         Use AccessibilityLabel to represent HTMLLabelElement to assistive technology.
3084         AccessibilityLabel::containsOnlyStaticText() searches label subtree to evaluate 
3085         if all children are static text.
3086         AccessibilityLabel::stringValue() consults containsOnlyStaticText() and returns
3087         textUnderElement() if true.
3088         WebAccessibilityObjectWrapperMac consults containsOnlyStaticText() and substitutes
3089         StaticTextRole for LabelRole if true.
3090         Cache containsOnlyStaticText() in the common case when updating children.
3091
3092         Tests: accessibility/mac/label-element-all-text-string-value.html
3093                accessibility/mac/label-element-with-link-string-value.html
3094
3095         * CMakeLists.txt:
3096         * WebCore.xcodeproj/project.pbxproj:
3097         * accessibility/AXObjectCache.cpp:
3098         (WebCore::createFromRenderer):
3099         * accessibility/AccessibilityAllInOne.cpp:
3100         * accessibility/AccessibilityLabel.cpp: Added.
3101         (WebCore::AccessibilityLabel::AccessibilityLabel):
3102         (WebCore::AccessibilityLabel::~AccessibilityLabel):
3103         (WebCore::AccessibilityLabel::create):
3104         (WebCore::AccessibilityLabel::computeAccessibilityIsIgnored):
3105         (WebCore::AccessibilityLabel::stringValue):
3106         (WebCore::childrenContainOnlyStaticText):
3107         (WebCore::AccessibilityLabel::containsOnlyStaticText):
3108         (WebCore::AccessibilityLabel::updateChildrenIfNecessary):
3109         (WebCore::AccessibilityLabel::clearChildren):
3110         (WebCore::AccessibilityLabel::insertChild):
3111         * accessibility/AccessibilityLabel.h: Added.
3112         * accessibility/AccessibilityObject.h:
3113         (WebCore::AccessibilityObject::isLabel):
3114         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3115         (-[WebAccessibilityObjectWrapper role]):
3116
3117 2016-06-14  Commit Queue  <commit-queue@webkit.org>
3118
3119         Unreviewed, rolling out r202057.
3120         https://bugs.webkit.org/show_bug.cgi?id=158749
3121
3122         This change broke the Windows build. (Requested by ryanhaddad
3123         on #webkit).
3124
3125         Reverted changeset:
3126
3127         "Honor bidi unicode codepoints"
3128         https://bugs.webkit.org/show_bug.cgi?id=149170
3129         http://trac.webkit.org/changeset/202057
3130
3131 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
3132
3133         Honor bidi unicode codepoints
3134         https://bugs.webkit.org/show_bug.cgi?id=149170
3135         <rdar://problem/26527378>
3136
3137         Reviewed by Simon Fraser.
3138
3139         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
3140         unexpected output when they are present. Fix by considering such code points as
3141         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
3142         the codepoints fully in our Bidi algorithm.
3143
3144         Test: fast/text/isolate-ignore.html
3145
3146         * platform/graphics/Font.cpp:
3147         (WebCore::createAndFillGlyphPage):
3148         * platform/text/BidiResolver.h:
3149         (WebCore::Subclass>::createBidiRunsForLine):
3150
3151 2016-06-14  Commit Queue  <commit-queue@webkit.org>
3152
3153         Unreviewed, rolling out r200455.
3154         https://bugs.webkit.org/show_bug.cgi?id=158740
3155
3156         hangs twitter/facebook (Requested by mcatanzaro on #webkit).
3157
3158         Reverted changeset:
3159
3160         "[GStreamer] Adaptive streaming issues"
3161         https://bugs.webkit.org/show_bug.cgi?id=144040
3162         http://trac.webkit.org/changeset/200455
3163
3164 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
3165
3166         WebRTC: RTCPeerConnection::addTrack() should throw InvalidAccessError instead of InvalidModificationError.
3167         https://bugs.webkit.org/show_bug.cgi?id=158735
3168
3169         Reviewed by Eric Carlson.
3170
3171         Throw InvalidAccessError instead of InvalidModificationError when track already exists in connection's
3172         set of senders as per specification (https://w3c.github.io/webrtc-pc/#dom-rtcpeerconnection-addtrack).
3173
3174         Updated existing test results: fast/mediastream/RTCPeerConnection-add-removeTrack-expected.txt
3175
3176         * Modules/mediastream/RTCPeerConnection.cpp:
3177         (WebCore::RTCPeerConnection::addTrack):
3178
3179 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3180
3181         WebRTC: Imlement MediaEndpointPeerConnection::addIceCandidate()
3182         https://bugs.webkit.org/show_bug.cgi?id=158690
3183
3184         Reviewed by Eric Carlson.
3185
3186         Implement MediaEndpointPeerConnection::addIceCandidate() that is the MediaEndpoint
3187         implementation of RTCPeerConnection.addIceCandidate() [1].
3188
3189         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-peerconnection-addicecandidate
3190
3191         Test: fast/mediastream/RTCPeerConnection-addIceCandidate.html
3192
3193         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
3194         (WebCore::MediaEndpointPeerConnection::addIceCandidate):
3195         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
3196         Implemented.
3197         * Modules/mediastream/MediaEndpointPeerConnection.h:
3198         * platform/mediastream/MediaEndpoint.h:
3199         Use mid instead of mdescIndex to identify the target media description in the backend.
3200         * platform/mock/MockMediaEndpoint.cpp:
3201         Update mock method signature accordingly.
3202         (WebCore::MockMediaEndpoint::addRemoteCandidate):
3203         * platform/mock/MockMediaEndpoint.h:
3204
3205 2016-06-14  Zalan Bujtas  <zalan@apple.com>
3206
3207         Make RenderBlock::insertInto/RemoveFromTrackedRendererMaps functions static.
3208         https://bugs.webkit.org/show_bug.cgi?id=158722
3209
3210         Reviewed by Simon Fraser.
3211
3212         These functions manipulate static tracker hashmaps. They don't need to be on RenderBlock.
3213         This is also in preparation for decoupling positioned descendant tracking from descendent percentage height handling.
3214         (gPositionedDescendantsMap and gPercentHeightDescendantsMap) 
3215
3216         No change in functionality.
3217
3218         * rendering/RenderBlock.cpp:
3219         (WebCore::insertIntoTrackedRendererMaps):
3220         (WebCore::removeFromTrackedRendererMaps):
3221         (WebCore::removeBlockFromDescendantAndContainerMaps):
3222         (WebCore::RenderBlock::insertPositionedObject):
3223         (WebCore::RenderBlock::addPercentHeightDescendant):
3224         (WebCore::RenderBlock::insertIntoTrackedRendererMaps): Deleted.
3225         (WebCore::RenderBlock::removeFromTrackedRendererMaps): Deleted.
3226         * rendering/RenderBlock.h:
3227
3228 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3229
3230         WebRTC: Add media setup test where media is set up in one direction at a time
3231         https://bugs.webkit.org/show_bug.cgi?id=158691
3232
3233         Reviewed by Eric Carlson.
3234
3235         Add test for setting up media in one direction at a time. This requires a change in sdp.js
3236         to allow an SDP that doesn't contain a stream id or track id (representing
3237         a track being sent). In this test, the first answer doesn't contain any sending media.
3238
3239         Test: fast/mediastream/RTCPeerConnection-media-setup-two-dialogs.html
3240
3241         * Modules/mediastream/sdp.js:
3242
3243 2016-06-14  Chris Dumez  <cdumez@apple.com>
3244
3245         [Cocoa] Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit()
3246         https://bugs.webkit.org/show_bug.cgi?id=158717
3247
3248         Reviewed by Alex Christensen.
3249
3250         Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit() by
3251         calling CFHTTPMessageCopyAllHeaderFields() instead of [NSURLResponse allHeaderFields].
3252
3253         CFHTTPMessageCopyAllHeaderFields() creates only 1 copy while
3254         [NSURLResponse allHeaderFields] creates 2 (see <rdar://problem/26778863>).
3255
3256         * platform/network/cocoa/ResourceResponseCocoa.mm:
3257         (WebCore::addToHTTPHeaderMap):
3258         (WebCore::ResourceResponse::platformLazyInit):
3259
3260 2016-06-14  David Kilzer  <ddkilzer@apple.com>
3261
3262         REGRESSION (r151608): Leak of QTMovieLayer or AVPlayerLayer in -[WebVideoFullscreenController setVideoElement:]
3263         <https://webkit.org/b/158729>
3264
3265         Reviewed by Eric Carlson.
3266
3267         * platform/mac/WebVideoFullscreenController.mm:
3268         (-[WebVideoFullscreenController setVideoElement:]): Use
3269         RetainPtr<> to prevent leaks.
3270         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
3271         Drive-by fix to remove unused <wtf/RetainPtr.h> import.
3272
3273 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
3274
3275         The vector of mediastreams should be passed via a reference to RTCPeerConnection::addTrack()
3276         https://bugs.webkit.org/show_bug.cgi?id=158701
3277
3278         Pass vector of mediastreams by reference.
3279
3280         Reviewed by Youenn Fablet.
3281
3282         * Modules/mediastream/RTCPeerConnection.cpp:
3283         (WebCore::RTCPeerConnection::addTrack):
3284         * Modules/mediastream/RTCPeerConnection.h:
3285
3286 2016-06-14  Ryosuke Niwa  <rniwa@webkit.org>
3287
3288         Crash inside firstPositionInNode in checkLoadCompleteForThisFrame
3289         https://bugs.webkit.org/show_bug.cgi?id=158724
3290
3291         Reviewed by Alex Christensen.
3292
3293         Added null checks for document and document element since they could be nullptr here.
3294
3295         * loader/FrameLoader.cpp:
3296         (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
3297
3298 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
3299
3300         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
3301         https://bugs.webkit.org/show_bug.cgi?id=158431
3302
3303         Unreviewed build fix.
3304
3305         * bindings/js/JSLocationCustom.cpp:
3306         (WebCore::JSLocation::putDelegate):
3307
3308 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
3309
3310         Remove hasStaticPropertyTable (part 4: JSHTMLDocument & JSStorage)
3311         https://bugs.webkit.org/show_bug.cgi?id=158431
3312
3313         Reviewed by Chris Dumez.
3314
3315         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
3316
3317         JSHTMLDocument & JSStorage contain a number of static_asserts claiming that
3318         various methods do not support static properties. These asserts were likely
3319         correct at the time they were added, as JSObject::getOwnPropertySlot and
3320         JSObject::deleteProperty did not support getting / deleting static value.
3321         This is no longer the case, and these asserts are now incorrect.
3322
3323         * bindings/js/JSHTMLDocumentCustom.cpp:
3324         (WebCore::JSHTMLDocument::getOwnPropertySlot):
3325         * bindings/js/JSStorageCustom.cpp:
3326         (WebCore::JSStorage::deleteProperty):
3327         (WebCore::JSStorage::deletePropertyByIndex):
3328         (WebCore::JSStorage::putDelegate):
3329             - remove incorrect static_asserts.
3330
3331 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
3332
3333         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
3334         https://bugs.webkit.org/show_bug.cgi?id=158431
3335
3336         Reviewed by Geoff Garen.
3337
3338         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
3339
3340         JSLocation::putDelegate checks the static property table redundantly.
3341
3342         In the case of same origin access, if the property is not in the static
3343         table the method will call JSObject::put and return true (indicating the
3344         delegate handled the put). If the property is in the static table, the
3345         method will return false (indicating the the delegate did not handle the
3346         access) - in which case the calling function will call JSObject::put.
3347         Checking for the property in the static table is redundant - same origin
3348         access does not require any special handling, and should just always
3349         return false & let the caller handle the put.
3350
3351         In the case of cross origin access, if the property is not in the static
3352         table we return true (indicating the access was handled, and silently
3353         blocking it). If it is a static property, we check the name, and if the
3354         name is not 'href' we also return true, silently blocking. In the case
3355         that the name is 'href' we'll return false, indicating to the caller
3356         that the access was not handled by the delegate, resulting in it taking
3357         place. The additional check of the static table is redundant, since we
3358         only have special behaviour in the case of 'href'. (Moreover it is
3359         unnecesszarily fragile, since if we made a change such that 'href' was no
3360         longer implemented as a static property with would fail.)
3361
3362         - for same origin, always return false.
3363         - for cross origin, return false for 'href', otherwise return true.
3364
3365         * bindings/js/JSLocationCustom.cpp:
3366         (WebCore::JSLocation::putDelegate):
3367             - restructure & remove static table check.
3368
3369 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
3370
3371         Remove hasStaticPropertyTable (part 2: JSPluginElement)
3372         https://bugs.webkit.org/show_bug.cgi?id=158431
3373
3374         Reviewed by Chris Dumez.
3375
3376         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
3377
3378         The check in pluginElementCustomGetOwnPropertySlot was somewhat dubious in the
3379         first place (for types with static properties it would give precedence to both
3380         static and also property storage properties; for types without static properties
3381         it would check neither - an odd asymetry in the case of values in the storage
3382         array, and was depending on an implementation detail that could change).
3383
3384         This is all now redundant anyway. None of these types have static properties.
3385         All properties are now corretcly on the prototype (which is handled appropriately
3386         below). This is just dead code.
3387
3388         * bindings/js/JSPluginElementFunctions.h:
3389         (WebCore::pluginElementCustomGetOwnPropertySlot):
3390             - remove dead code.
3391
3392 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
3393
3394         Remove hasStaticPropertyTable (part 1: DOM bindings)
3395         https://bugs.webkit.org/show_bug.cgi?id=158431
3396
3397         Reviewed by Chris Dumez.
3398
3399         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
3400
3401         * bindings/js/JSDOMBinding.h:
3402         (WebCore::getStaticValueSlotEntryWithoutCaching): Deleted.
3403         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>): Deleted.
3404             - this method is not used anywhere.
3405
3406 2016-06-13  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3407
3408         WebRTC: Imlement MediaEndpointPeerConnection::replaceTrack()
3409         https://bugs.webkit.org/show_bug.cgi?id=158688
3410
3411         Reviewed by Eric Carlson.
3412
3413         Implement MediaEndpointPeerConnection::replaceTrack() that is the MediaEndpoint implementation
3414         of RTCRtpSender.replaceTrack() [1].
3415
3416         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcrtpsender-replacetrack
3417
3418         Updated fast/mediastream/RTCRtpSender-replaceTrack.html
3419
3420         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
3421         (WebCore::MediaEndpointPeerConnection::replaceTrack):
3422         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
3423   &nbs