6a0661d0045bc7c22d90c28ec9e229c409d5a9bf
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-23  David Kilzer  <ddkilzer@apple.com>
2
3         Remove unused HarfBuzzFaceCoreText.cpp
4         <https://webkit.org/b/159065>
5
6         Reviewed by Myles C. Maxfield.
7
8         * platform/graphics/harfbuzz/HarfBuzzFaceCoreText.cpp: Removed.
9
10 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
11
12         Web Inspector: Memory Timeline sometimes shows impossible value for bmalloc size (underflowed)
13         https://bugs.webkit.org/show_bug.cgi?id=158110
14         <rdar://problem/26498584>
15
16         Reviewed by Andreas Kling.
17
18         IOSurface memory backing Canvas element buffers should be classified as "GC Owned",
19         but should not be considered a part of bmalloc. In fact, the actual memory cost is
20         external to the Web Content Process. The majority of extra memory reporters tend
21         to report extra memory that is also allocated in bmalloc. However, some report
22         non-bmalloc memory, such as the IOSurfaces here.
23         
24         Continue to report the memory cost without changes to inform the Heap for garbage
25         collection. However, also keep better accounting of GCOwned memory that is external
26         to the process for better accounting for the Resource Usage overlay and Web Inspector
27         Memory timeline.
28         
29         This is a bit of a game where we want to display the best possible number for
30         "GCOwned memory" in the tools, but some of that memory shows up in the other
31         regions (bmalloc, system malloc, etc). Already many sizes are estimates
32         (ReportExtraMemory, reportExtraMemory ignores small allocations), so we just focus
33         on getting the largest sources of allocations, such as Canvas IOSurfaces here,
34         into the right bucket. ResourceUsageThreadCocoa continues to subtract the "extra"
35         memory from bmalloc. So, we should address other large sources of "extra memory"
36         not in bmalloc. A likely candidate is HTMLMediaElement which uses the deprecated
37         reporting right now.
38
39         * bindings/scripts/CodeGeneratorJS.pm:
40         (GenerateImplementation):
41         * bindings/scripts/IDLAttributes.txt:
42         Add a way to report External memory, dependent on reporting Extra memory.
43
44         * html/HTMLCanvasElement.cpp:
45         (WebCore::HTMLCanvasElement::externalMemoryCost):
46         * html/HTMLCanvasElement.h:
47         * html/HTMLCanvasElement.idl:
48         Report external memory cost just like extra memory.
49
50         * page/ResourceUsageData.cpp:
51         (WebCore::ResourceUsageData::ResourceUsageData):
52         * page/ResourceUsageData.h:
53         (WebCore::MemoryCategoryInfo::totalSize):
54         * page/cocoa/ResourceUsageOverlayCocoa.mm:
55         (WebCore::RingBuffer::at):
56         (WebCore::appendDataToHistory):
57         (WebCore::ResourceUsageOverlay::platformDraw):
58         * page/cocoa/ResourceUsageThreadCocoa.mm:
59         (WebCore::categoryForVMTag):
60         (WebCore::ResourceUsageThread::platformThreadBody):
61         Do not count the GCOwned External memory as dirty memory.
62         Include External memory output in the overlay.
63
64         * inspector/InspectorMemoryAgent.cpp:
65         (WebCore::InspectorMemoryAgent::collectSample):
66         When sizing the JavaScript portion, include both the GC Owned
67         category's dirty and external memory. Ultimately we will
68         want this everywhere in case things change.
69
70         * platform/graphics/ImageBuffer.cpp:
71         (WebCore::memoryCost):
72         (WebCore::externalMemoryCost):
73         * platform/graphics/ImageBuffer.h:
74         * platform/graphics/cg/ImageBufferCG.cpp:
75         (WebCore::ImageBuffer::memoryCost):
76         (WebCore::ImageBuffer::externalMemoryCost):
77         Report IOSurface total bytes as extra memory and external memory
78         so that it can be tracked as GC Owned memory that is separate from
79         regular (bmalloc/other) in process memory.
80
81 2016-06-23  Alexey Proskuryakov  <ap@apple.com>
82
83         Handle (0, 0) ranges from Lookup
84         https://bugs.webkit.org/show_bug.cgi?id=159062
85         rdar://problem/26960385
86
87         Reviewed by Tim Horton.
88
89         * editing/mac/DictionaryLookup.mm: (WebCore::DictionaryLookup::rangeAtHitTestResult):
90         Paper over <https://bugs.webkit.org/show_bug.cgi?id=159063>, which seems too involved
91         to fix now.
92
93 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
94
95         Web Inspector: first heap snapshot taken when a page is reloaded happens before the reload navigation
96         https://bugs.webkit.org/show_bug.cgi?id=158995
97         <rdar://problem/26923778>
98
99         Reviewed by Brian Burg.
100
101         When the "Heap" instrument is included in the Timeline list
102         of instruments, defer starting it in an auto-capture scenario
103         until after the page does its first navigation.
104
105         AutoCapture on the backend happens when it is enabled at
106         the main resource starts loading. In that case it proceeds
107         through the following phases:
108
109             No Auto Capture:
110                 None
111
112             Auto Capture:
113                 BeforeLoad -> FirstNavigation -> AfterFirstNavigation
114
115         When toggling instruments for backend initiated capture
116         most instruments do not care and will just start/stop.
117
118         * inspector/InspectorInstrumentation.cpp:
119         (WebCore::InspectorInstrumentation::didCommitLoadImpl):
120         Inform the TimelineAgent that the main frame navigated.
121         Do this after informing the HeapAgent (so any potential
122         snapshot does not get cleared) and PageAgent (so the
123         frontend knows the page navigated before the agent starts).
124
125         * inspector/InspectorTimelineAgent.h:
126         * inspector/InspectorTimelineAgent.cpp:
127         (WebCore::InspectorTimelineAgent::internalStop):
128         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
129         (WebCore::InspectorTimelineAgent::mainFrameNavigated):
130         Update the auto capture phase transitions.
131
132         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
133         Only start the heap agent during the None phase (console.profile)
134         or with the first navigation (auto capture page navigation).
135
136 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
137
138         Web Inspector: Snapshots should be cleared at some point
139         https://bugs.webkit.org/show_bug.cgi?id=157907
140         <rdar://problem/26373610>
141
142         Reviewed by Timothy Hatcher.
143
144         * CMakeLists.txt:
145         * WebCore.xcodeproj/project.pbxproj:
146         * inspector/InspectorAllInOne.cpp:
147         New specialized agent.
148
149         * inspector/InspectorController.cpp:
150         (WebCore::InspectorController::InspectorController):
151         Construct a specialized HeapAgent.
152
153         * inspector/PageHeapAgent.h:
154         * inspector/PageHeapAgent.cpp:
155         (WebCore::PageHeapAgent::PageHeapAgent):
156         (WebCore::PageHeapAgent::enable):
157         (WebCore::PageHeapAgent::disable):
158         (WebCore::PageHeapAgent::mainFrameNavigated):
159         Clear backend snapshots on page navigations.
160         Set the PageHeapAgent instrumenting agent on enable/disable.
161
162         * inspector/InstrumentingAgents.cpp:
163         (WebCore::InstrumentingAgents::reset):
164         * inspector/InstrumentingAgents.h:
165         (WebCore::InstrumentingAgents::pageHeapAgent):
166         (WebCore::InstrumentingAgents::setPageHeapAgent):
167         Active PageHeapAgent.
168
169         * inspector/InspectorInstrumentation.cpp:
170         (WebCore::InspectorInstrumentation::didCommitLoadImpl):
171         Inform the PageHeapAgent when the mainframe navigates.
172
173 2016-06-23  Joseph Pecoraro  <pecoraro@apple.com>
174
175         CSSComputedStyleDeclaration::length should recalculate styles if needed to provide the correct value
176         https://bugs.webkit.org/show_bug.cgi?id=159053
177         <rdar://problem/26638119>
178
179         Reviewed by Simon Fraser.
180
181         Test: fast/css/variables/custom-property-computed-style-length-update.html
182
183         * css/CSSComputedStyleDeclaration.cpp:
184         (WebCore::CSSComputedStyleDeclaration::length):
185
186 2016-06-23  John Wilander  <wilander@apple.com>
187
188         Enable window.open() for existing versions of Secret Society
189         https://bugs.webkit.org/show_bug.cgi?id=159049
190         <rdar://problem/26528349>
191
192         Reviewed by Andy Estes.
193
194         The Secret Society Hidden Mystery app has a broken version check treating iOS 10
195         as iOS 1 on iPads. Therefore it believes it can use window.open() in a tap
196         handler. We should allow the existing versions of the app to do this to not break
197         them.
198
199         No new tests. Tested manually in the app.
200
201         * page/DOMWindow.cpp:
202         (WebCore::DOMWindow::allowPopUp):
203             Now checks with Settings whether it should allow a popup even though it is
204             not processing a user gesture.
205         * page/Settings.in:
206             Added setting allowWindowOpenWithoutUserGesture.
207         * platform/RuntimeApplicationChecks.h:
208         * platform/RuntimeApplicationChecks.mm:
209         (WebCore::IOSApplication::isTheSecretSocietyHiddenMystery):
210             Added.
211
212 2016-06-23  Chris Dumez  <cdumez@apple.com>
213
214         Only call sqlite3_initialize() when a SQLite database is actually being opened
215         https://bugs.webkit.org/show_bug.cgi?id=159033
216
217         Reviewed by Brady Eidson.
218
219         Only call sqlite3_initialize() when a SQLite database is actually being opened
220         instead of doing it unconditionally. sqlite3_initialize() was previously called
221         in the SQLiteDatabase constructor which gets called on WebContent process
222         initialization because a DatabaseTracker is constructed on initialization and
223         DatabaseTracker has a SQLiteDatabase data member.
224
225         * platform/sql/SQLiteDatabase.cpp:
226         (WebCore::initializeSQLiteIfNecessary):
227         (WebCore::SQLiteDatabase::open):
228         (WebCore::SQLiteDatabase::SQLiteDatabase): Deleted.
229         * platform/sql/SQLiteDatabase.h:
230
231 2016-06-23  Adam Bergkvist  <adam.bergkvist@ericsson.com>
232
233         WebRTC: Align 'update ICE connection/gathering state' steps with the WebRTC 1.0 specification
234         https://bugs.webkit.org/show_bug.cgi?id=159054
235
236         Reviewed by Eric Carlson.
237
238         Add checks for same state and closed RTCPeerConnection in the 'update ICE connection state'
239         and 'update ICE gathering state' routines as described in [1].
240
241         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#update-ice-gathering-state
242
243         No change in current behavior.
244
245         * Modules/mediastream/RTCPeerConnection.cpp:
246         (WebCore::RTCPeerConnection::updateIceGatheringState):
247         (WebCore::RTCPeerConnection::updateIceConnectionState):
248
249 2016-06-23  Adam Bergkvist  <adam.bergkvist@ericsson.com>
250
251         WebRTC: Add support for RTCPeerConnection legacy MediaStream-based API
252         https://bugs.webkit.org/show_bug.cgi?id=158940
253
254         Reviewed by Eric Carlson.
255
256         Implement the legacy MediaStream-based RTCPeerConnection API as JS built-ins. The
257         getRemoteStreams() function and the 'addstream' event are partly implemented with native
258         code.
259
260         Test: fast/mediastream/RTCPeerConnection-legacy-stream-based-api.html
261
262         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
263         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
264         (WebCore::MediaEndpointPeerConnection::getRemoteStreams):
265         The getRemoteStreams() function and the 'addstream' event is backed up by native code.
266         * Modules/mediastream/MediaEndpointPeerConnection.h:
267         * Modules/mediastream/MediaStream.idl:
268         * Modules/mediastream/PeerConnectionBackend.h:
269         * Modules/mediastream/RTCPeerConnection.h:
270         * Modules/mediastream/RTCPeerConnection.idl:
271         * Modules/mediastream/RTCPeerConnection.js:
272         (initializeRTCPeerConnection):
273         (getLocalStreams):
274         (getRemoteStreams):
275         (getStreamById):
276         (addStream):
277         (removeStream):
278         Legacy API implemented as JS built-ins.
279         * bindings/js/JSDOMGlobalObject.cpp:
280         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
281         * bindings/js/WebCoreBuiltinNames.h:
282
283 2016-06-23  Carlos Garcia Campos  <cgarcia@igalia.com>
284
285         Unreviewed. Fix the build with CSS Shapes disabled.
286
287         * css/StyleBuilderConverter.h:
288
289 2016-06-23  Carlos Garcia Campos  <cgarcia@igalia.com>
290
291         [Soup] Clean up SocketStreamHandle soup implementation
292         https://bugs.webkit.org/show_bug.cgi?id=159024
293
294         Reviewed by Žan Doberšek.
295
296         Stop using a global HashMap to "acivate"/"deactivate" handles, and just take a reference of the handle and
297         pass the ownership to the callbacks, using a GCancellable to cancel all async operations.
298
299         * platform/network/soup/SocketStreamHandle.h:
300         (WebCore::SocketStreamHandle::create):
301         (WebCore::SocketStreamHandle::id): Deleted.
302         * platform/network/soup/SocketStreamHandleSoup.cpp:
303         (WebCore::SocketStreamHandle::SocketStreamHandle):
304         (WebCore::SocketStreamHandle::connected):
305         (WebCore::SocketStreamHandle::connectedCallback):
306         (WebCore::SocketStreamHandle::readBytes):
307         (WebCore::SocketStreamHandle::readReadyCallback):
308         (WebCore::SocketStreamHandle::didFail):
309         (WebCore::SocketStreamHandle::platformSend):
310         (WebCore::SocketStreamHandle::platformClose):
311         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
312         (WebCore::SocketStreamHandle::writeReadyCallback):
313         (WebCore::getHandleFromId): Deleted.
314         (WebCore::deactivateHandle): Deleted.
315         (WebCore::activateHandle): Deleted.
316         (WebCore::SocketStreamHandle::~SocketStreamHandle): Deleted.
317         (WebCore::connectedCallback): Deleted.
318         (WebCore::readReadyCallback): Deleted.
319         (WebCore::writeReadyCallback): Deleted.
320
321 2016-06-22  Brady Eidson  <beidson@apple.com>
322
323         DatabaseProcess doesn't handle WebProcesses going away uncleanly.
324         https://bugs.webkit.org/show_bug.cgi?id=158894
325
326         Reviewed by Alex Christensen.
327
328         No new tests (Covered by additions to existing API test).
329
330         * Modules/indexeddb/server/IDBConnectionToClient.cpp:
331         (WebCore::IDBServer::IDBConnectionToClient::registerDatabaseConnection):
332         (WebCore::IDBServer::IDBConnectionToClient::unregisterDatabaseConnection):
333         (WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):
334         * Modules/indexeddb/server/IDBConnectionToClient.h:
335         
336         * Modules/indexeddb/server/IDBServer.cpp:
337         (WebCore::IDBServer::IDBServer::unregisterConnection): Call connectionToClientClosed() on
338           the connection, which cleans up after it in the server.
339         
340         * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
341         (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection):
342         (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection):
343
344 2016-06-22  Benjamin Poulain  <bpoulain@apple.com>
345
346         AX: Add support for CSS4 :focus-within pseudo
347         https://bugs.webkit.org/show_bug.cgi?id=140144
348
349         Reviewed by Antti Koivisto.
350
351         Tests: fast/css/pseudo-focus-within-basics.html
352                fast/css/pseudo-focus-within-inside-shadow-dom.html
353                fast/css/pseudo-focus-within-style-sharing-1.html
354                fast/css/pseudo-focus-within-style-sharing-2.html
355                fast/selectors/focus-within-style-update.html
356
357         * css/CSSSelector.cpp:
358         (WebCore::CSSSelector::selectorText):
359         * css/CSSSelector.h:
360         * css/SelectorChecker.cpp:
361         (WebCore::SelectorChecker::checkOne):
362         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
363         * cssjit/SelectorCompiler.cpp:
364         (WebCore::SelectorCompiler::addPseudoClassType):
365         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
366         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasFocusWithin):
367         * dom/ContainerNode.cpp:
368         (WebCore::destroyRenderTreeIfNeeded):
369         * dom/Element.cpp:
370         (WebCore::Element::~Element):
371         (WebCore::Element::setFocus):
372         (WebCore::Element::unregisterNamedFlowContentElement):
373         (WebCore::Element::setIsNamedFlowContentElement):
374         (WebCore::Element::clearIsNamedFlowContentElement):
375         (WebCore::Element::setStyleAffectedByFocusWithin):
376         (WebCore::Element::rareDataStyleAffectedByFocusWithin):
377         (WebCore::Element::rareDataIsNamedFlowContentElement):
378         * dom/Element.h:
379         (WebCore::Element::hasFocusWithin):
380         (WebCore::Element::styleAffectedByFocusWithin):
381         (WebCore::Element::isNamedFlowContentElement):
382         (WebCore::Element::setHasFocusWithin):
383         * dom/ElementRareData.h:
384         (WebCore::ElementRareData::styleAffectedByFocusWithin):
385         (WebCore::ElementRareData::setStyleAffectedByFocusWithin):
386         (WebCore::ElementRareData::isNamedFlowContentElement):
387         (WebCore::ElementRareData::setIsNamedFlowContentElement):
388         (WebCore::ElementRareData::ElementRareData):
389         (WebCore::ElementRareData::resetComputedStyle):
390         * dom/Node.h:
391         (WebCore::Node::flagHasFocusWithin):
392         (WebCore::Node::isNamedFlowContentNode): Deleted.
393         (WebCore::Node::setIsNamedFlowContentNode): Deleted.
394         (WebCore::Node::clearIsNamedFlowContentNode): Deleted.
395         * rendering/RenderNamedFlowThread.cpp:
396         (WebCore::RenderNamedFlowThread::clearContentElements):
397         (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
398         (WebCore::RenderNamedFlowThread::unregisterNamedFlowContentElement):
399         (WebCore::nextNodeInsideContentElement):
400         * style/RenderTreeUpdater.cpp:
401         (WebCore::RenderTreeUpdater::updateElementRenderer):
402         * style/StyleRelations.cpp:
403         (WebCore::Style::commitRelationsToRenderStyle):
404         (WebCore::Style::commitRelations):
405         * style/StyleRelations.h:
406         * style/StyleSharingResolver.cpp:
407         (WebCore::Style::SharingResolver::canShareStyleWithElement):
408
409 2016-06-22  Oliver Hunt  <oliver@apple.com>
410
411         Integrate WebKit's CFURLConnection with App Transport Security
412         https://bugs.webkit.org/show_bug.cgi?id=159039
413         <rdar://problem/26953685>
414
415         Reviewed by Alex Christensen.
416
417         Pass additional options to NSURLConnect initialiser to identify that
418         this connection is for WebKit content loading.
419
420         * platform/network/mac/ResourceHandleMac.mm:
421         (WebCore::ResourceHandle::createNSURLConnection):
422
423 2016-06-20  Jeremy Jones  <jeremyj@apple.com>
424
425         Adopt commitPriority to get rid of the 2 AVPL solution for PiP
426         https://bugs.webkit.org/show_bug.cgi?id=158949
427         rdar://problem/26867866
428
429         Reviewed by Simon Fraser.
430
431         No new tests because there is no behavior change. This reverts changes from 
432         https://bugs.webkit.org/show_bug.cgi?id=158148 and instead uses -[CAContext commitPriority:]
433         to prevent flicker when moving a layer between contexts. 
434         commitPriority allows the layer to be added to the destination context before it is 
435         removed from the source context.
436
437         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: remove m_secondaryVideoLayer.
438         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
439         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): ditto.
440         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds): ditto.
441         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto.
442         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity): ditto.
443         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: ditto
444         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): ditto
445         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: ditto
446         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):ditto
447         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: ditto
448         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm: ditto
449         (WebCore::VideoFullscreenLayerManager::setVideoLayer): ditto
450         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer): ditto and adopt commitPriority.
451         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenFrame): ditto
452         (WebCore::VideoFullscreenLayerManager::setVideoLayers): Deleted. 
453         (WebCore::VideoFullscreenLayerManager::didDestroyVideoLayer): remove m_secondaryVideoLayer.
454         * platform/spi/cocoa/QuartzCoreSPI.h: Add commitPriority.
455
456 2016-06-22  Simon Fraser  <simon.fraser@apple.com>
457
458         REGRESSION (r201629): Weird button glitching on github.com
459         https://bugs.webkit.org/show_bug.cgi?id=159031
460         rdar://problem/26880332
461
462         Reviewed by Tim Horton.
463
464         r201629 changed the logic slightly when creating an image buffer for a scaled context;
465         it set the buffer context's scale to the scale in the source context, but this failed
466         to take into account the rounding up of the buffer size, which the old code did.
467
468         Fix by reverting to the old behavior.
469
470         Since buffer sizes can only be integral, changed compatibleBufferSize() to return
471         an IntSize.
472
473         Test: fast/backgrounds/scaled-gradient-background.html
474
475         * platform/graphics/ImageBuffer.cpp:
476         (WebCore::ImageBuffer::createCompatibleBuffer):
477         (WebCore::ImageBuffer::compatibleBufferSize):
478         * platform/graphics/ImageBuffer.h:
479         * platform/graphics/IntRect.h:
480         (WebCore::IntRect::area):
481         * platform/graphics/IntSize.h:
482         (WebCore::IntSize::area): Make this return an unsigned.
483
484 2016-06-22  Anders Carlsson  <andersca@apple.com>
485
486         Inline the last of the Apple Pay WebCore code
487         https://bugs.webkit.org/show_bug.cgi?id=159032
488
489         Reviewed by Tim Horton.
490
491         * loader/EmptyClients.cpp:
492         (WebCore::fillWithEmptyClients):
493         * page/MainFrame.cpp:
494         (WebCore::MainFrame::MainFrame):
495         * page/MainFrame.h:
496         * page/PageConfiguration.h:
497         * platform/cocoa/ThemeCocoa.mm:
498         (WebCore::passKitBundle):
499         (WebCore::loadPassKitPDFPage):
500         (WebCore::applePayButtonLogoBlack):
501         (WebCore::applePayButtonLogoWhite):
502         (WebCore::drawApplePayButton):
503         (WebCore::ThemeCocoa::drawNamedImage):
504
505 2016-06-22  Anders Carlsson  <andersca@apple.com>
506
507         Exception is not thrown when shipping method is an invalid amount
508         https://bugs.webkit.org/show_bug.cgi?id=159030
509         rdar://problem/26700413
510
511         Reviewed by Tim Horton.
512
513         * Modules/applepay/ApplePaySession.cpp:
514         (WebCore::createShippingMethods):
515         Bail if createShippingMethod returns Nullopt.
516
517         (WebCore::createPaymentRequest):
518         Bail if createShippingMethods returns Nullopt.
519
520 2016-06-22  Anders Carlsson  <andersca@apple.com>
521
522         Exception is not thrown when shipping method is an invalid amount
523         https://bugs.webkit.org/show_bug.cgi?id=159029
524         rdar://problem/26700413
525
526         Reviewed by Tim Horton.
527
528         * Modules/applepay/PaymentRequest.h:
529         Change ShippingMethod::amount to be a signed 64-bit integer.
530
531         * Modules/applepay/PaymentRequestValidator.cpp:
532         (WebCore::PaymentRequestValidator::validate):
533         Call validateShippingMethods.
534
535         (WebCore::PaymentRequestValidator::validateShippingMethods):
536         Validate all the shipping methods.
537
538         (WebCore::PaymentRequestValidator::validateShippingMethod):
539         Check that the amount is >= 0.
540
541         * Modules/applepay/PaymentRequestValidator.h:
542         Add new members.
543
544 2016-06-22  Adam Bergkvist  <adam.bergkvist@ericsson.com>
545
546         WebRTC: Add support for the negotiationneeded event in MediaEndpointPeerConnection
547         https://bugs.webkit.org/show_bug.cgi?id=158985
548
549         Reviewed by Eric Carlson.
550
551         Implement MediaEndpointPeerConnection's isNegotiationNeeded, markAsNeedingNegotiation and
552         clearNegotiationNeededState functions. The calls to these functions are already up-to-date.
553
554         Test: fast/mediastream/RTCPeerConnection-more-media-to-negotiate.html
555
556         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
557         (WebCore::MediaEndpointPeerConnection::markAsNeedingNegotiation):
558         * Modules/mediastream/MediaEndpointPeerConnection.h:
559         * Modules/mediastream/RTCPeerConnection.cpp:
560         (WebCore::RTCPeerConnection::scheduleNegotiationNeededEvent):
561
562 2016-06-22  Adam Bergkvist  <adam.bergkvist@ericsson.com>
563
564         WebRTC: Replace RTCPeerConnection custom constructor with a JS built-in constructor
565         https://bugs.webkit.org/show_bug.cgi?id=158832
566
567         Reviewed by Eric Carlson and Youenn Fablet.
568
569         Use a JS built-in constructor instead of a custom constructor. This makes it easier to
570         initialize private fields for functions implemented as JS built-ins. The constructor
571         behavior is in need of updating, but that is left to a follow-up change [1].
572
573         [1] http://webkit.org/b/158936
574         No change in behavior.
575
576         * CMakeLists.txt:
577         * Modules/mediastream/RTCPeerConnection.cpp:
578         (WebCore::RTCPeerConnection::create):
579         (WebCore::RTCPeerConnection::RTCPeerConnection):
580         (WebCore::RTCPeerConnection::~RTCPeerConnection):
581         (WebCore::RTCPeerConnection::initializeWith):
582         * Modules/mediastream/RTCPeerConnection.h:
583         * Modules/mediastream/RTCPeerConnection.idl:
584         * Modules/mediastream/RTCPeerConnection.js:
585         (initializeRTCPeerConnection):
586         Add JS built-in constructor function.
587         * WebCore.xcodeproj/project.pbxproj:
588         * bindings/js/JSRTCPeerConnectionCustom.cpp: Removed.
589         (WebCore::constructJSRTCPeerConnection): Deleted.
590
591 2016-06-22  Youenn Fablet  <youenn@apple.com>
592
593         CrossOriginPreflightChecker should call DocumentThreadableLoader preflightFailure instead of didFailLoading
594         https://bugs.webkit.org/show_bug.cgi?id=158984
595
596         Reviewed by Darin Adler.
597
598         No change of behavior.
599
600         Calling DocumentThreadableLoader preflightFailure instead of didFailLoading for any preflight error case.
601
602         * loader/CrossOriginPreflightChecker.cpp:
603         (WebCore::CrossOriginPreflightChecker::notifyFinished): Directly calling preflightFailure callback.
604         (WebCore::CrossOriginPreflightChecker::doPreflight): Ditto.
605         (WebCore::CrossOriginPreflightChecker::handleLoadingFailure): Deleted.
606         (WebCore::CrossOriginPreflightChecker::redirectReceived): Deleted (should have been removed as part of
607         https://bugs.webkit.org/show_bug.cgi?id=111008).
608         * loader/CrossOriginPreflightChecker.h:
609
610 2016-06-22  Youenn Fablet  <youennf@gmail.com>
611
612         JSDOMIterator forEach should support second optional parameter
613         https://bugs.webkit.org/show_bug.cgi?id=159020
614
615         Reviewed by Chris Dumez.
616
617         Covered by beefed up test.
618
619         * bindings/js/JSDOMIterator.h:
620         (WebCore::iteratorForEach): Setting callback thisValue to the second argument passed to forEach.
621
622 2016-06-22  Jer Noble  <jer.noble@apple.com>
623
624         Media controls stop working after exiting PiP
625         https://bugs.webkit.org/show_bug.cgi?id=159026
626         <rdar://problem/26753579>
627
628         Reviewed by Eric Carlson.
629
630         Do not slave setting WebVideoFullscreenModelVideoElement::setVideoElement() to
631         WebPlaybackSessionModelVideoElement::setMediaElement(). After all, someone else
632         (i.e., the media controls) may still be using it.
633
634         * platform/cocoa/WebVideoFullscreenModelVideoElement.mm:
635         (WebVideoFullscreenModelVideoElement::setVideoElement): Deleted.
636         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
637         (WebVideoFullscreenControllerContext::didCleanupFullscreen):
638         (WebVideoFullscreenControllerContext::setUpFullscreen):
639
640 2016-06-22  Jer Noble  <jer.noble@apple.com>
641
642         Update document's isPlayingMedia() state whenever media element's media state changes
643         https://bugs.webkit.org/show_bug.cgi?id=159018
644         <rdar://problem/26586630>
645
646         Reviewed by Beth Dakin.
647
648         The Document can end up with a stale m_mediaState if its own value isn't updated when
649         its constituent HTMLMediaElement's m_mediaStates change.
650
651         * html/HTMLMediaElement.cpp:
652         (WebCore::HTMLMediaElement::updateMediaState):
653
654 2016-06-22  Simon Fraser  <simon.fraser@apple.com>
655
656         Crash under GraphicsLayerCA::recursiveCommitChanges() with deep layer trees
657         https://bugs.webkit.org/show_bug.cgi?id=159023
658         rdar://problem/25377842
659
660         Reviewed by Tim Horton.
661
662         Having an on-stack DisplayList::Recorder increased the stack frame size significantly,
663         causing stack exhaustion with deep layer trees, despite the existing depth check.
664
665         Make the Recorder heap-allocated to fix this.
666
667         Tested by LayoutTests/compositing//layer-creation/deep-tree.html.
668
669         * platform/graphics/ca/GraphicsLayerCA.cpp:
670         (WebCore::GraphicsLayerCA::recursiveCommitChanges):
671
672 2016-06-22  Carlos Garcia Campos  <cgarcia@igalia.com>
673
674         [GTK] Add support for variadic parameters to GObject DOM bindings
675         https://bugs.webkit.org/show_bug.cgi?id=158942
676
677         Reviewed by Michael Catanzaro.
678
679         Generate code for functions having variadic parameters.
680
681         * bindings/scripts/CodeGeneratorGObject.pm:
682         (GenerateFunction):
683         (SkipFunction):
684         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
685         (webkit_dom_test_obj_variadic_string_method):
686         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
687
688 2016-06-21  Benjamin Poulain  <bpoulain@apple.com>
689
690         :hover CSS pseudo-class sometimes keeps matching ever after mouse has left the element
691         https://bugs.webkit.org/show_bug.cgi?id=158340
692
693         Reviewed by Simon Fraser.
694
695         When removing a hovered subtree from the document, we were getting
696         into an inconsistent state where m_hoveredElement is in the detached
697         subtree and we have no way of clearing the existing IsHovered flags.
698
699         What happens is:
700         -The root "a" has an child "b" that is hovered.
701         -"a" starts being removed from the tree, its renderer is destroyed.
702         -RenderTreeUpdater::tearDownRenderers() pushes "a" on the teardownStack
703          and calls hoveredElementDidDetach().
704         -hoveredElementDidDetach() is called with "a". "a" is not the hovered
705          element, the function does nothing.
706         -RenderTreeUpdater::tearDownRenderers() pushes "b" on the teardownStack
707          and calls hoveredElementDidDetach().
708         -hoveredElementDidDetach() is called with "b". The next parent with a renderer
709          is "a", m_hoveredElement is set to "a".
710         -"a"'s parent is set to nullptr.
711
712         -> We have a m_hoveredElement on the root of a detached tree, making
713            it impossible to clear the real dirty tree.
714
715         This patch changes the order in which we clear the flags.
716         It is done in the order in which we clear the renderers to ensure
717         the last element with a dead renderer is the last to update m_hoveredElement.
718
719         Tests: fast/css/ancestor-of-hovered-element-detached.html
720                fast/css/ancestor-of-hovered-element-removed.html
721
722         * Source/WebCore/style/RenderTreeUpdater.cpp:
723
724 2016-06-21  Youenn Fablet  <youennf@gmail.com>
725
726         [Fetch API] Rename 'origin-only' referrer policy to 'origin'
727         https://bugs.webkit.org/show_bug.cgi?id=158982
728
729         Reviewed by Alex Christensen.
730
731         Covered by updated tests.
732
733         * Modules/fetch/FetchRequest.cpp:
734         (WebCore::setReferrerPolicy): Renaming origin-only to origin.
735         * Modules/fetch/FetchRequest.idl: Ditto.
736         * loader/FetchOptions.h: Ditto.
737
738 2016-06-21  Chris Dumez  <cdumez@apple.com>
739
740         Let the compiler generate the move constructor and assignment operator for ScriptExecutionContext::Task
741         https://bugs.webkit.org/show_bug.cgi?id=159013
742
743         Reviewed by Brady Eidson.
744
745         Let the compiler generate the move constructor and assignment operator for
746         ScriptExecutionContext::Task. We previously manually defined the move
747         constructor but there is no need as it doesn't do anything special.
748
749         * dom/ScriptExecutionContext.h:
750
751 2016-06-21  Dean Jackson  <dino@apple.com>
752
753         DumpRenderTree crashed in com.apple.WebCore: WebCore::HTMLSelectElement::updateSelectedState
754         https://bugs.webkit.org/show_bug.cgi?id=159009
755         <rdar://problem/23454623>
756
757         Reviewed by Jon Lee.
758
759         It seems we can get bogus indices from UIKit's implementation
760         of UIWebSelectMultiplePicker. Guard against this situation.
761
762         Covered by running the existing tests in WebKit1 with Guard Malloc,
763         such as fast/spatial-navigation/snav-multiple-select-optgroup.html
764
765         * html/HTMLSelectElement.cpp:
766         (WebCore::HTMLSelectElement::updateSelectedState): Early return
767         if we get an index out of range.
768
769 2016-06-21  Chris Dumez  <cdumez@apple.com>
770
771         Pass ScriptExecutionContext::Task as rvalue reference
772         https://bugs.webkit.org/show_bug.cgi?id=159007
773
774         Reviewed by Anders Carlsson.
775
776         Pass ScriptExecutionContext::Task as rvalue reference since its non-copyable
777         and has to be moved in.
778
779         * workers/WorkerLoaderProxy.h:
780         * workers/WorkerMessagingProxy.cpp:
781         (WebCore::WorkerMessagingProxy::postTaskToLoader):
782         (WebCore::WorkerMessagingProxy::postTaskForModeToWorkerGlobalScope):
783         * workers/WorkerMessagingProxy.h:
784         * workers/WorkerRunLoop.cpp:
785         (WebCore::WorkerRunLoop::postTask):
786         (WebCore::WorkerRunLoop::postTaskAndTerminate):
787         (WebCore::WorkerRunLoop::postTaskForMode):
788         (WebCore::WorkerRunLoop::Task::Task):
789         * workers/WorkerRunLoop.h:
790
791 2016-06-21  Anders Carlsson  <andersca@apple.com>
792
793         Include IdentifierInlines.h.
794
795         * bindings/js/JSApplePayShippingMethodSelectedEventCustom.cpp:
796
797 2016-06-21  Anders Carlsson  <andersca@apple.com>
798
799         Add PaymentHeaders.h file.
800
801         * Modules/applepay/PaymentHeaders.h: Added.
802         * WebCore.xcodeproj/project.pbxproj:
803
804 2016-06-21  Anders Carlsson  <andersca@apple.com>
805
806         Make a bunch of Apple Pay headers private instead of project.
807
808         * WebCore.xcodeproj/project.pbxproj:
809
810 2016-06-21  Anders Carlsson  <andersca@apple.com>
811
812         Move the last Apple Pay WebCore files to the open source repository
813         https://bugs.webkit.org/show_bug.cgi?id=159005
814
815         Reviewed by Tim Horton.
816
817         * DerivedSources.make:
818         * Modules/applepay/ApplePayPaymentAuthorizedEvent.cpp: Added.
819         * Modules/applepay/ApplePayPaymentAuthorizedEvent.h: Added.
820         * Modules/applepay/ApplePayPaymentAuthorizedEvent.idl: Added.
821         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.cpp: Added.
822         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.h: Added.
823         * Modules/applepay/ApplePayPaymentMethodSelectedEvent.idl: Added.
824         * Modules/applepay/ApplePaySession.cpp: Added.
825         * Modules/applepay/ApplePaySession.h: Added.
826         * Modules/applepay/ApplePaySession.idl: Added.
827         * Modules/applepay/ApplePayShippingContactSelectedEvent.cpp: Added.
828         * Modules/applepay/ApplePayShippingContactSelectedEvent.h: Added.
829         * Modules/applepay/ApplePayShippingContactSelectedEvent.idl: Added.
830         * Modules/applepay/ApplePayShippingMethodSelectedEvent.cpp: Added.
831         * Modules/applepay/ApplePayShippingMethodSelectedEvent.h: Added.
832         * Modules/applepay/ApplePayShippingMethodSelectedEvent.idl: Added.
833         * Modules/applepay/ApplePayValidateMerchantEvent.cpp: Added.
834         * Modules/applepay/ApplePayValidateMerchantEvent.h: Added.
835         * Modules/applepay/ApplePayValidateMerchantEvent.idl: Added.
836         * Modules/applepay/Payment.h: Added.
837         * Modules/applepay/PaymentAuthorizationStatus.h: Added.
838         * Modules/applepay/PaymentContact.h: Added.
839         * Modules/applepay/PaymentMerchantSession.h: Added.
840         * Modules/applepay/PaymentMethod.h: Added.
841         * Modules/applepay/PaymentRequestValidator.cpp: Added.
842         * Modules/applepay/PaymentRequestValidator.h: Added.
843         * Modules/applepay/cocoa/PaymentContactCocoa.mm: Added.
844         * Modules/applepay/cocoa/PaymentMethodCocoa.mm: Added.
845         * WebCore.xcodeproj/project.pbxproj:
846         * bindings/js/JSApplePayPaymentAuthorizedEventCustom.cpp: Added.
847         * bindings/js/JSApplePayPaymentMethodSelectedEventCustom.cpp: Added.
848         * bindings/js/JSApplePaySessionCustom.cpp: Added.
849         * bindings/js/JSApplePayShippingContactSelectedEventCustom.cpp: Added.
850         * bindings/js/JSApplePayShippingMethodSelectedEventCustom.cpp: Added.
851         * dom/EventNames.in:
852         * dom/EventTargetFactory.in:
853
854 2016-06-21  Anders Carlsson  <andersca@apple.com>
855
856         Fix build.
857
858         * Configurations/FeatureDefines.xcconfig:
859
860 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
861
862         Unreviewed, rolling out r202302, r202303, r202305, and
863         r202306.
864
865         Roll out the rollouts because of breaking the build.
866
867         Reverted changesets:
868
869         "Unreviewed, rolling out r200678."
870         https://bugs.webkit.org/show_bug.cgi?id=157453
871         http://trac.webkit.org/changeset/202302
872
873         "Unreviewed, rolling out r200619."
874         https://bugs.webkit.org/show_bug.cgi?id=131443
875         http://trac.webkit.org/changeset/202303
876
877         "Unreviewed, attempt to fix the build after r202303."
878         http://trac.webkit.org/changeset/202305
879
880         "Unreviewed, attempt to fix the build after r202303."
881         http://trac.webkit.org/changeset/202306
882
883 2016-06-21  Chris Dumez  <cdumez@apple.com>
884
885         Unreviewed, attempt to fix the build after r202303.
886
887         * bindings/js/JSDOMIterator.h:
888         (WebCore::IteratorInspector::decltype):
889         (WebCore::IteratorInspector::test):
890
891 2016-06-21  Chris Dumez  <cdumez@apple.com>
892
893         Unreviewed, attempt to fix the build after r202303.
894
895         * bindings/js/JSDOMIterator.h:
896         (WebCore::toJS):
897
898 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
899
900         Unreviewed, rolling out r200619.
901
902         This incompleted feature broke http://m.yahoo.co.jp. Roll it
903         out together with r200678.
904
905         Reverted changeset:
906
907         "NodeList should be iterable"
908         https://bugs.webkit.org/show_bug.cgi?id=131443
909         http://trac.webkit.org/changeset/200619
910
911 2016-06-21  Jiewen Tan  <jiewen_tan@apple.com>
912
913         Unreviewed, rolling out r200678.
914
915         This incompleted feature broke http://m.yahoo.co.jp. Roll it
916         out together with r200619.
917
918         Reverted changeset:
919
920         "Ensure DOM iterators remain done"
921         https://bugs.webkit.org/show_bug.cgi?id=157453
922         http://trac.webkit.org/changeset/200678
923
924 2016-06-21  Anders Carlsson  <andersca@apple.com>
925
926         Begin moving the Apple Pay code to the open source repository
927         https://bugs.webkit.org/show_bug.cgi?id=158998
928
929         Reviewed by Tim Horton.
930
931         * Configurations/FeatureDefines.xcconfig:
932         Add ENABLE_APPLE_PAY.
933
934         * Modules/applepay/PaymentCoordinator.cpp: Added.
935         * Modules/applepay/PaymentCoordinator.h: Added.
936         * Modules/applepay/PaymentCoordinatorClient.h: Added.
937         * Modules/applepay/PaymentRequest.cpp: Added.
938         * Modules/applepay/PaymentRequest.h: Added.
939         * Modules/applepay/cocoa/PaymentCocoa.mm: Added.
940         * WebCore.xcodeproj/project.pbxproj:
941         Add new files.
942
943         * dom/EventNames.h:
944         Add new event names.
945
946         * page/MainFrame.h:
947         Use a forward declaration.
948
949 2016-06-21  Said Abou-Hallawa  <sabouhallawa@apple,com>
950
951         Add system tracing points for requestAnimationFrame() workflow
952         https://bugs.webkit.org/show_bug.cgi?id=158723
953
954         Reviewed by Simon Fraser.
955
956         Add trace points for requestAnimationFrame().
957
958         * dom/ScriptedAnimationController.cpp:
959         (WebCore::ScriptedAnimationController::requestAnimationFrameEnabled):
960         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
961         (WebCore::ScriptedAnimationController::windowScreenDidChange):
962         (WebCore::ScriptedAnimationController::scheduleAnimation):
963         * dom/ScriptedAnimationController.h:
964         * platform/graphics/ios/DisplayRefreshMonitorIOS.mm:
965         (WebCore::DisplayRefreshMonitorIOS::requestRefreshCallback):
966         (WebCore::DisplayRefreshMonitorIOS::displayLinkFired):
967
968 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
969
970         [iOS] Typing text into a text field or text area causes screen to scroll down (hiding text entry)
971         https://bugs.webkit.org/show_bug.cgi?id=158970
972
973         Reviewed by Ryosuke Niwa.
974
975         insertTextWithoutSendingTextEvent() should only reveal the selection up to the main frame on iOS,
976         since the UI process can zoom and scroll the view to the text input.
977
978         Test: fast/forms/ios/typing-in-input-in-iframe.html
979
980         * editing/Editor.cpp:
981         (WebCore::Editor::insertTextWithoutSendingTextEvent):
982
983 2016-06-21  Adam Bergkvist  <adam.bergkvist@ericsson.com>
984
985         WebRTC: Remove unused MediaEndpointClient::gotRemoteSource function
986         https://bugs.webkit.org/show_bug.cgi?id=158986
987
988         Reviewed by Eric Carlson.
989
990         Remote sources are explicitly created with MediaEndpoint::createMutedRemoteSource so the
991         MediaEndpointClient::gotRemoteSource can be removed.
992
993         No change in behavior.
994
995         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
996         (WebCore::MediaEndpointPeerConnection::gotRemoteSource): Deleted.
997         * Modules/mediastream/MediaEndpointPeerConnection.h:
998         * platform/mediastream/MediaEndpoint.h:
999
1000 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
1001
1002         Focus event dispatched in iframe causes parent document to scroll incorrectly
1003         https://bugs.webkit.org/show_bug.cgi?id=158629
1004         rdar://problem/26521616
1005
1006         Reviewed by Tim Horton.
1007
1008         When focussing elements in iframes, the page could scroll to an incorrect location.
1009         This happened because code in Element::focus() tried to disable scrolling on focus,
1010         but did so only for the current frame, so ancestor frames got programmatically scrolled.
1011         On iOS we handle the scrolling in the UI process, so never want the web process to
1012         do programmatic scrolling.
1013
1014         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
1015         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
1016         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
1017
1018         Tests: fast/forms/ios/focus-input-in-iframe.html
1019                fast/forms/ios/programmatic-focus-input-in-iframe.html
1020
1021         * dom/Document.h:
1022         * dom/Element.cpp:
1023         (WebCore::Element::scrollIntoView):
1024         (WebCore::Element::scrollIntoViewIfNeeded):
1025         (WebCore::Element::scrollIntoViewIfNotVisible):
1026         (WebCore::Element::focus):
1027         (WebCore::Element::updateFocusAppearance):
1028         * dom/Element.h:
1029         * editing/Editor.cpp:
1030         (WebCore::Editor::insertTextWithoutSendingTextEvent):
1031         (WebCore::Editor::revealSelectionAfterEditingOperation):
1032         (WebCore::Editor::findStringAndScrollToVisible):
1033         * editing/FrameSelection.cpp:
1034         (WebCore::FrameSelection::updateAndRevealSelection):
1035         (WebCore::FrameSelection::revealSelection):
1036         (WebCore::FrameSelection::FrameSelection): Deleted.
1037         * editing/FrameSelection.h:
1038         * html/HTMLInputElement.cpp:
1039         (WebCore::HTMLInputElement::updateFocusAppearance):
1040         * html/HTMLTextAreaElement.cpp:
1041         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
1042         * page/ContextMenuController.cpp:
1043         (WebCore::ContextMenuController::contextMenuItemSelected):
1044         * page/FrameView.cpp:
1045         (WebCore::FrameView::scrollToAnchor):
1046         * rendering/RenderLayer.cpp:
1047         (WebCore::RenderLayer::scrollRectToVisible):
1048         (WebCore::RenderLayer::autoscroll):
1049         * rendering/RenderLayer.h:
1050         * rendering/RenderObject.cpp:
1051         (WebCore::RenderObject::scrollRectToVisible):
1052         * rendering/RenderObject.h:
1053
1054 2016-06-21  Frederic Wang  <fwang@igalia.com>
1055
1056         Implement RenderMathMLOperator::layoutBlock
1057         https://bugs.webkit.org/show_bug.cgi?id=157521
1058
1059         Reviewed by Brent Fulgham.
1060
1061         No new tests, already covered by existing tests.
1062
1063         Add an initial implementation of RenderMathMLOperator::layoutBlock, which will perform
1064         special layout when the MathOperator is used. We also improved how the logical height is
1065         calculated and avoid updating the style when stretchTo is called.
1066
1067         * rendering/mathml/RenderMathMLOperator.cpp:
1068         (WebCore::RenderMathMLOperator::stretchTo):
1069         (WebCore::RenderMathMLOperator::layoutBlock):
1070         (WebCore::RenderMathMLOperator::computeLogicalHeight): Deleted.
1071         * rendering/mathml/RenderMathMLOperator.h:
1072
1073 2016-06-21  Chris Dumez  <cdumez@apple.com>
1074
1075         Unreviewed, roll out r202268 as it looks like it was a ~50% regression on Dromaeo DOM Core
1076
1077         * bindings/scripts/CodeGeneratorJS.pm:
1078         (GenerateImplementation):
1079         (GeneratePrototypeDeclaration):
1080         * bindings/scripts/test/JS/JSInterfaceName.cpp:
1081         (WebCore::JSInterfaceNamePrototype::finishCreation):
1082         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1083         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
1084         (WebCore::JSTestActiveDOMObject::createPrototype): Deleted.
1085         (WebCore::JSTestActiveDOMObject::prototype): Deleted.
1086         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
1087         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
1088         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
1089         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
1090         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
1091         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
1092         (WebCore::JSTestCustomNamedGetter::JSTestCustomNamedGetter): Deleted.
1093         (WebCore::JSTestCustomNamedGetter::createPrototype): Deleted.
1094         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1095         (WebCore::JSTestEventConstructorPrototype::finishCreation):
1096         (WebCore::JSTestEventConstructor::createPrototype): Deleted.
1097         (WebCore::JSTestEventConstructor::prototype): Deleted.
1098         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1099         (WebCore::JSTestEventTargetPrototype::finishCreation):
1100         (WebCore::JSTestEventTarget::JSTestEventTarget): Deleted.
1101         (WebCore::JSTestEventTarget::createPrototype): Deleted.
1102         * bindings/scripts/test/JS/JSTestException.cpp:
1103         (WebCore::JSTestExceptionPrototype::finishCreation):
1104         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
1105         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
1106         * bindings/scripts/test/JS/JSTestInterface.cpp:
1107         (WebCore::JSTestInterfacePrototype::finishCreation):
1108         (WebCore::jsTestInterfaceImplementsStr2): Deleted.
1109         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1110         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
1111         (WebCore::JSTestJSBuiltinConstructor::JSTestJSBuiltinConstructor): Deleted.
1112         (WebCore::JSTestJSBuiltinConstructor::createPrototype): Deleted.
1113         (WebCore::JSTestJSBuiltinConstructor::destroy): Deleted.
1114         (WebCore::jsTestJSBuiltinConstructorTestAttributeCustom): Deleted.
1115         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1116         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
1117         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener): Deleted.
1118         (WebCore::JSTestMediaQueryListListener::createPrototype): Deleted.
1119         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
1120         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
1121         * bindings/scripts/test/JS/JSTestNode.cpp:
1122         (WebCore::JSTestNodePrototype::finishCreation):
1123         (WebCore::JSTestNode::JSTestNode): Deleted.
1124         (WebCore::JSTestNode::prototype): Deleted.
1125         (WebCore::jsTestNodeName): Deleted.
1126         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1127         (WebCore::JSTestNondeterministicPrototype::finishCreation):
1128         (WebCore::JSTestNondeterministic::JSTestNondeterministic): Deleted.
1129         (WebCore::JSTestNondeterministic::prototype): Deleted.
1130         (WebCore::JSTestNondeterministic::destroy): Deleted.
1131         * bindings/scripts/test/JS/JSTestObj.cpp:
1132         (WebCore::JSTestObjPrototype::finishCreation):
1133         (WebCore::JSTestObj::JSTestObj): Deleted.
1134         (WebCore::JSTestObj::createPrototype): Deleted.
1135         (WebCore::JSTestObj::prototype): Deleted.
1136         (WebCore::JSTestObj::destroy): Deleted.
1137         (WebCore::JSTestObj::getOwnPropertySlot): Deleted.
1138         (WebCore::JSTestObj::getOwnPropertySlotByIndex): Deleted.
1139         (WebCore::jsTestObjReadOnlyLongAttr): Deleted.
1140         (WebCore::jsTestObjReadOnlyStringAttr): Deleted.
1141         (WebCore::jsTestObjReadOnlyTestObjAttr): Deleted.
1142         (WebCore::jsTestObjConstructorStaticReadOnlyLongAttr): Deleted.
1143         (WebCore::jsTestObjConstructorStaticStringAttr): Deleted.
1144         (WebCore::jsTestObjConstructorTestSubObj): Deleted.
1145         (WebCore::jsTestObjTestSubObjEnabledBySettingConstructor): Deleted.
1146         (WebCore::jsTestObjEnumAttr): Deleted.
1147         (WebCore::jsTestObjByteAttr): Deleted.
1148         (WebCore::jsTestObjOctetAttr): Deleted.
1149         (WebCore::jsTestObjShortAttr): Deleted.
1150         (WebCore::jsTestObjClampedShortAttr): Deleted.
1151         (WebCore::jsTestObjEnforceRangeShortAttr): Deleted.
1152         (WebCore::jsTestObjUnsignedShortAttr): Deleted.
1153         (WebCore::jsTestObjLongAttr): Deleted.
1154         (WebCore::jsTestObjLongLongAttr): Deleted.
1155         (WebCore::jsTestObjReflectedCustomBooleanAttr): Deleted.
1156         (WebCore::jsTestObjReflectedCustomURLAttr): Deleted.
1157         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
1158         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
1159         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
1160         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
1161         (WebCore::JSTestOverrideBuiltins::JSTestOverrideBuiltins): Deleted.
1162         (WebCore::JSTestOverrideBuiltins::createPrototype): Deleted.
1163         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1164         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
1165         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface): Deleted.
1166         (WebCore::JSTestSerializedScriptValueInterface::prototype): Deleted.
1167         (WebCore::JSTestSerializedScriptValueInterface::destroy): Deleted.
1168         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1169         (WebCore::JSTestTypedefsPrototype::finishCreation):
1170         (WebCore::JSTestTypedefs::JSTestTypedefs): Deleted.
1171         (WebCore::JSTestTypedefs::createPrototype): Deleted.
1172         (WebCore::JSTestTypedefs::prototype): Deleted.
1173         (WebCore::JSTestTypedefs::destroy): Deleted.
1174         (WebCore::jsTestTypedefsUnsignedLongLongAttr): Deleted.
1175         (WebCore::jsTestTypedefsImmutableSerializedScriptValue): Deleted.
1176         (WebCore::jsTestTypedefsAttrWithGetterException): Deleted.
1177         * bindings/scripts/test/JS/JSattribute.cpp:
1178         (WebCore::JSattributePrototype::finishCreation):
1179         * bindings/scripts/test/JS/JSreadonly.cpp:
1180         (WebCore::JSreadonlyPrototype::finishCreation):
1181
1182 2016-06-21  Keith Miller  <keith_miller@apple.com>
1183
1184         It should be easy to add a private global helper function for builtins
1185         https://bugs.webkit.org/show_bug.cgi?id=158893
1186
1187         Reviewed by Mark Lam.
1188
1189         Add JSCJSValueInlines.h to fix build issues.
1190
1191         * platform/mock/mediasource/MockBox.cpp:
1192
1193 2016-06-21  Amir Alavi  <aalavi@apple.com>
1194
1195         Upstream WKHTTPCookiesForURL from WebKitSystemInterface to OpenSource
1196         https://bugs.webkit.org/show_bug.cgi?id=158967
1197
1198         Reviewed by Brent Fulgham.
1199
1200         * platform/ios/WebCoreSystemInterfaceIOS.mm:
1201         * platform/mac/WebCoreSystemInterface.h:
1202         * platform/mac/WebCoreSystemInterface.mm:
1203         * platform/network/mac/CookieJarMac.mm:
1204         (WebCore::httpCookiesForURL): Upstreamed from WebKitSystemInterface.
1205         (WebCore::cookiesForURL): Changed to call httpCookiesForURL.
1206         (WebCore::deleteCookie): Ditto.
1207         * platform/spi/cf/CFNetworkSPI.h:
1208
1209 2016-06-21  Chris Dumez  <cdumez@apple.com>
1210
1211         Unreviewed, rolling out r202231.
1212
1213         Seems to have regressed PLT on both iOS and Mac (very obvious
1214         on iOS Warm PLT)
1215
1216         Reverted changeset:
1217
1218         "When navigating, discard decoded image data that is only live
1219         due to page cache."
1220         https://bugs.webkit.org/show_bug.cgi?id=158941
1221         http://trac.webkit.org/changeset/202231
1222
1223 2016-06-21  Youenn Fablet  <youennf@gmail.com>
1224
1225         Add bindings generator support to add a native JS function to both a 'name' and a private '@name' slot
1226         https://bugs.webkit.org/show_bug.cgi?id=158777
1227
1228         Reviewed by Eric Carlson.
1229
1230         Adding a new PublicIdentifier keyword to cover the case of the same function exposed publicly and privately.
1231         Renaming Private keyword to PrivateIdentifier.
1232         Functions exposed both publicly and privately should set both keywords.
1233         By default, functions are publically exposed.
1234
1235         Updated binding generator to generate public exposure except if PrivateIdentifer is set and PublicIdentifier is
1236         not set.
1237
1238         Keeping skipping of ObjC/GObject binding for PrivateIdentifier-only functions.
1239
1240         Covered by rebased binding tests.
1241
1242         * Modules/fetch/FetchHeaders.idl:
1243         * Modules/fetch/FetchResponse.idl:
1244         * Modules/mediastream/MediaDevices.idl:
1245         * Modules/mediastream/RTCPeerConnection.idl:
1246         * bindings/scripts/CodeGeneratorGObject.pm:
1247         (SkipFunction):
1248         * bindings/scripts/CodeGeneratorJS.pm:
1249         (GeneratePropertiesHashTable):
1250         (GenerateImplementation):
1251         * bindings/scripts/CodeGeneratorObjC.pm:
1252         (SkipFunction):
1253         * bindings/scripts/IDLAttributes.txt:
1254         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
1255         (webkit_dom_test_obj_private_also_method):
1256         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
1257         * bindings/scripts/test/JS/JSTestObj.cpp:
1258         (WebCore::JSTestObjPrototype::finishCreation):
1259         (WebCore::jsTestObjPrototypeFunctionPrivateMethod):
1260         (WebCore::jsTestObjPrototypeFunctionPrivateAlsoMethod):
1261         * bindings/scripts/test/ObjC/DOMTestObj.h:
1262         * bindings/scripts/test/ObjC/DOMTestObj.mm:
1263         (-[DOMTestObj privateAlsoMethod:]):
1264         * bindings/scripts/test/TestObj.idl:
1265
1266 2016-06-21  Dan Bernstein  <mitz@apple.com>
1267
1268         Inlined some picture-in-picture code.
1269         https://bugs.webkit.org/show_bug.cgi?id=158977
1270
1271         Reviewed by Eric Carlsson.
1272
1273         This code was written primarily by Ada Chan, and originally reviewed by Alex Christensen,
1274         Anders Carlsson, Conrad Shultz, Dan Bernstein, Eric Carlson, Jer Noble, Jeremy Jones,
1275         Jon Lee, Remy Demarest, and Zach Li.
1276
1277         * English.lproj/Localizable.strings:
1278           Updated using update-webkit-localizable-strings.
1279
1280         * Modules/mediacontrols/mediaControlsApple.css:
1281         (video:-webkit-full-screen::-webkit-media-controls-panel .picture-in-picture-button):
1282
1283         * Modules/mediacontrols/mediaControlsApple.js:
1284         (Controller.prototype.configureFullScreenControls):
1285
1286         * WebCore.xcodeproj/project.pbxproj: Added PIPSPI.h.
1287
1288         * html/HTMLMediaElement.cpp: Inlined code from HTMLMediaElementAdditions.cpp.
1289
1290         * html/HTMLVideoElement.cpp: Inlined code from HTMLVideoElementSupportsFullscreenAdditions.cpp.
1291
1292         * platform/LocalizedStrings.cpp:
1293         (WebCore::contextMenuItemTagEnterVideoEnhancedFullscreen): Brought in from ContextMenuLocalizedStringsAdditions.cpp.
1294         (WebCore::contextMenuItemTagExitVideoEnhancedFullscreen): Ditto.
1295         (WebCore::AXARIAContentGroupText): Made updates that should have been part of r198543.
1296
1297         * platform/mac/WebVideoFullscreenInterfaceMac.h: Removed USE(APPLE_INTERNAL_SDK) guards.
1298         * platform/mac/WebVideoFullscreenInterfaceMac.mm: Inlined WebVideoFullscreenInterfaceMacAdditions.mm.
1299
1300         * platform/spi/mac/PIPSPI.h: Added.
1301
1302         * rendering/HitTestResult.cpp: Inlined HitTestResultAdditions.cpp.
1303
1304         * rendering/RenderThemeMac.mm:
1305         (WebCore::RenderThemeMac::mediaControlsStyleSheet): Removed include of
1306           RenderThemeMacMediaControlsStyleSheetAdditions.mm now that the content is in
1307           mediaControlsApple.css.
1308         (WebCore::RenderThemeMac::mediaControlsScript): Removed include of
1309           RenderThemeMacMediaControlsScriptAdditions.mm now that the content is in mediaControlsApple.js.
1310
1311 2016-06-21  Miguel Gomez  <magomez@igalia.com>
1312
1313         [GStreamer] video orientation support
1314         https://bugs.webkit.org/show_bug.cgi?id=148524
1315
1316         Reviewed by Philippe Normand.
1317
1318         Rotate video frames to follow the orientation metadata in the video file.
1319         When accelerated compositing is disabled, the rotation is performed by a videoflip element added
1320         to the playbin.
1321         When accelerated compositing is enabled, the rotation is peformed by the TextureMapper in response
1322         to a rotation flag set on the frame buffers.
1323
1324         Test: media/video-orientation.html
1325
1326         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1327         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1328         Handle the GST_MESSAGE_TAG message from the bin.
1329         (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
1330         Add the videflip element to the bin when accelerated compositing is disabled.
1331         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1332         (WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
1333         Receive and use extra flags for the TextureMapper.
1334         (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
1335         (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
1336         When using accelerated compositing, transpose the video size if the rotation is 90 or 270 degrees.
1337         (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
1338         Add rotation flag to frame holder and layer buffer.
1339         (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
1340         Use rotation flag when requesting the TextureMapper to draw.
1341         (WebCore::MediaPlayerPrivateGStreamerBase::setVideoSourceRotation):
1342         Function to store the video rotation.
1343         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
1344         Add bits to store the video rotation.
1345         * platform/graphics/texmap/TextureMapperGL.cpp:
1346         (WebCore::TextureMapperGL::drawTexturedQuadWithProgram):
1347         Modify the patternTransform according to the rotation flag passed.
1348         * platform/graphics/texmap/TextureMapperGL.h:
1349         Add new flags to handle the video souce rotation.
1350         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
1351         (WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
1352         Change the drawTexture method used so custom flags can be passed.
1353         * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
1354         (WebCore::TextureMapperPlatformLayerBuffer::setExtraFlags):
1355         New method to set TextureMapper flags.
1356
1357 2016-06-20  Frederic Wang  <fwang@igalia.com>
1358
1359         Use the MathOperator to handle some non-stretchy operators
1360         https://bugs.webkit.org/show_bug.cgi?id=157519
1361
1362         Reviewed by Brent Fulgham.
1363
1364         To prepare for the removal of anonymous text node from the render classes of token elements
1365         we use MathOperator to handle two cases where the actual text to display may not be
1366         available in the DOM: mfenced and minus operators. This change removes support for the
1367         case of mfenced operators with multiple characters since that it is not supported by
1368         MathOperator. It is a edge case that is not used in practice since fences and separators are
1369         only made of a single character. However, it would still be possible to duplicate some
1370         code/logic to add it back if that turns out to be necessary.
1371
1372         No new tests, already covered by existing tests.
1373
1374         * rendering/mathml/MathOperator.cpp:
1375         (WebCore::MathOperator::MathOperator): Rename UndefinedOperator.
1376         (WebCore::RenderMathMLOperator::firstLineBaseline): Improve rounding of ascent so that mfenced operators are correctly aligned.
1377         * rendering/mathml/MathOperator.h: Rename UndefinedOperator, since it can now be used to draw non-stretchy operators.
1378         (WebCore::MathOperator::isStretched): Deleted. This function is no longer used by RenderMathMLOperator.
1379         (WebCore::MathOperator::unstretch): Deleted. This function is no longer used by RenderMathMLOperator.
1380         * rendering/mathml/RenderMathMLOperator.cpp:
1381         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Use useMathOperator.
1382         (WebCore::RenderMathMLOperator::rebuildTokenContent): Set the MathOperator when useMathOperator() is true.
1383         When the operator is not likely to stretch we just leave its type as NormalOperator.
1384         (WebCore::RenderMathMLOperator::useMathOperator): Helper function to determine when MathOperator should be used.
1385         (WebCore::RenderMathMLOperator::firstLineBaseline): Use useMathOperator.
1386         (WebCore::RenderMathMLOperator::computeLogicalHeight): Ditto.
1387         (WebCore::RenderMathMLOperator::paint): Ditto.
1388         (WebCore::RenderMathMLOperator::paintChildren): Ditto.
1389         * rendering/mathml/RenderMathMLOperator.h: Declare useMathOperator.
1390
1391 2016-06-19  Gavin & Ellie Barraclough  <barraclough@apple.com>
1392
1393         Don't eagerly reify DOM Prototype properties
1394         https://bugs.webkit.org/show_bug.cgi?id=158557
1395
1396         Reviewed by Andreas Kling.
1397
1398         We were eagerly reifying these properties to avoid virtualizing getOwnPropertySlot,
1399         but since bug #158059 this does not require a method table call in any case.
1400         Eagerly reifying these values likely has some CPU and memory cost on page load.
1401
1402         * bindings/scripts/CodeGeneratorJS.pm:
1403         (GenerateImplementation):
1404             - should generate compressed index for hashtable,
1405               prototype object ClassInfo should contain static table,
1406               don't reifyStaticProperties for prototype objects.
1407         (GeneratePrototypeDeclaration):
1408             - Set HasStaticPropertyTable for DOM prototype objects.
1409         * bindings/scripts/test/JS/JSInterfaceName.cpp:
1410         (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype):
1411         (WebCore::JSInterfaceNamePrototype::finishCreation):
1412         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1413         (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype):
1414         (WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
1415         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
1416         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype):
1417         (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):
1418         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
1419         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::JSTestCustomConstructorWithNoInterfaceObjectPrototype):
1420         (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
1421         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
1422         (WebCore::JSTestCustomNamedGetterPrototype::JSTestCustomNamedGetterPrototype):
1423         (WebCore::JSTestCustomNamedGetterPrototype::finishCreation):
1424         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1425         (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype):
1426         (WebCore::JSTestEventConstructorPrototype::finishCreation):
1427         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1428         (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype):
1429         (WebCore::JSTestEventTargetPrototype::finishCreation):
1430         * bindings/scripts/test/JS/JSTestException.cpp:
1431         (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
1432         (WebCore::JSTestExceptionPrototype::finishCreation):
1433         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
1434         (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype):
1435         (WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
1436         * bindings/scripts/test/JS/JSTestInterface.cpp:
1437         (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
1438         (WebCore::JSTestInterfacePrototype::finishCreation):
1439         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
1440         (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype):
1441         (WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
1442         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1443         (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
1444         (WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):
1445         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
1446         (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype):
1447         (WebCore::JSTestNamedConstructorPrototype::finishCreation):
1448         * bindings/scripts/test/JS/JSTestNode.cpp:
1449         (WebCore::JSTestNodePrototype::JSTestNodePrototype):
1450         (WebCore::JSTestNodePrototype::finishCreation):
1451         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1452         (WebCore::JSTestNondeterministicPrototype::JSTestNondeterministicPrototype):
1453         (WebCore::JSTestNondeterministicPrototype::finishCreation):
1454         * bindings/scripts/test/JS/JSTestObj.cpp:
1455         (WebCore::JSTestObjPrototype::JSTestObjPrototype):
1456         (WebCore::JSTestObjPrototype::finishCreation):
1457         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
1458         (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype):
1459         (WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):
1460         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
1461         (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype):
1462         (WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):
1463         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1464         (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
1465         (WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
1466         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1467         (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype):
1468         (WebCore::JSTestTypedefsPrototype::finishCreation):
1469         * bindings/scripts/test/JS/JSattribute.cpp:
1470         (WebCore::JSattributePrototype::JSattributePrototype):
1471         (WebCore::JSattributePrototype::finishCreation):
1472         * bindings/scripts/test/JS/JSreadonly.cpp:
1473         (WebCore::JSreadonlyPrototype::JSreadonlyPrototype):
1474         (WebCore::JSreadonlyPrototype::finishCreation):
1475
1476 2016-06-20  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1477
1478         WebRTC: RTCIceCandidate init dictionary don't handle explicit null or undefined values correctly
1479         https://bugs.webkit.org/show_bug.cgi?id=158873
1480
1481         Reviewed by Alejandro G. Castro.
1482
1483         Prevent explicit null and undefined values from being converted to "null" and "undefined"
1484         strings.
1485
1486         Test: Extended fast/mediastream/RTCIceCandidate.html
1487
1488         * Modules/mediastream/RTCIceCandidate.cpp:
1489         (WebCore::RTCIceCandidate::create):
1490
1491 2016-06-20  Commit Queue  <commit-queue@webkit.org>
1492
1493         Unreviewed, rolling out r202252.
1494         https://bugs.webkit.org/show_bug.cgi?id=158974
1495
1496         See rdar://problem/26867866 for details (Requested by ap on
1497         #webkit).
1498
1499         Reverted changeset:
1500
1501         "Adopt commitPriority to get rid of the 2 AVPL solution for
1502         PiP"
1503         https://bugs.webkit.org/show_bug.cgi?id=158949
1504         http://trac.webkit.org/changeset/202252
1505
1506 2016-06-20  Commit Queue  <commit-queue@webkit.org>
1507
1508         Unreviewed, rolling out r202243.
1509         https://bugs.webkit.org/show_bug.cgi?id=158972
1510
1511         Broke Windows build and iOS tests (Requested by ap on
1512         #webkit).
1513
1514         Reverted changeset:
1515
1516         "Focus event dispatched in iframe causes parent document to
1517         scroll incorrectly"
1518         https://bugs.webkit.org/show_bug.cgi?id=158629
1519         http://trac.webkit.org/changeset/202243
1520
1521 2016-06-20  Chris Dumez  <cdumez@apple.com>
1522
1523         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks()
1524         https://bugs.webkit.org/show_bug.cgi?id=158968
1525
1526         Reviewed by Ryosuke Niwa.
1527
1528         Simplify / Optimize DataDetector's searchForLinkRemovingExistingDDLinks():
1529         - Use modern ancestorsOfType<HTMLAnchorElement>() to traverse anchor ancestors
1530           instead of traversing by hand.
1531         - Use NodeTraversal::next() to traverse the tree until we find endNode and
1532           use a for loop instead of a while loop. Previously, the logic the determine
1533           the next node was at the end of the loop and was identical behavior-wise
1534           to NodeTraversal::next(). However, the previous code for a lot less efficient
1535           because it was calling Node::childNodes() to get a NodeList of the children,
1536           then calling length() on it to check if we had children and finally use
1537           the first item in the list as next node. This was very inefficient because
1538           NodeList::length() would need to traverse all children to figure out the
1539           length and would cache all the children in a Vector in CollectionIndexCache.
1540
1541         * dom/ElementAncestorIterator.h:
1542         (WebCore::ancestorsOfType):
1543         * dom/ElementIterator.h:
1544         (WebCore::findElementAncestorOfType):
1545         (WebCore::findElementAncestorOfType<Element>):
1546         Update ancestorsOfType() to take a Node instead of an Element. There are no
1547         performance benefits to taking an Element here and it is a valid use case to
1548         want an Element ancestor of a non-Element node.
1549
1550         * editing/cocoa/DataDetection.mm:
1551         (WebCore::searchForLinkRemovingExistingDDLinks):
1552         (WebCore::dataDetectorTypeForCategory): Deleted.
1553
1554 2016-06-20  Commit Queue  <commit-queue@webkit.org>
1555
1556         Unreviewed, rolling out r202248.
1557         https://bugs.webkit.org/show_bug.cgi?id=158960
1558
1559         breaks builds on the simulator (Requested by keith_mi_ on
1560         #webkit).
1561
1562         Reverted changeset:
1563
1564         "It should be easy to add a private global helper function for
1565         builtins"
1566         https://bugs.webkit.org/show_bug.cgi?id=158893
1567         http://trac.webkit.org/changeset/202248
1568
1569 2016-06-20  Jeremy Jones  <jeremyj@apple.com>
1570
1571         Adopt commitPriority to get rid of the 2 AVPL solution for PiP
1572         https://bugs.webkit.org/show_bug.cgi?id=158949
1573         rdar://problem/26867866
1574
1575         Reviewed by Simon Fraser.
1576
1577         No new tests because there is no behavior change. This reverts changes from 
1578         https://bugs.webkit.org/show_bug.cgi?id=158148 and instead uses -[CAContext commitPriority:]
1579         to prevent flicker when moving a layer between contexts. 
1580         commitPriority allows the layer to be added to the destination context before it is 
1581         removed from the source context.
1582
1583         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h: remove m_secondaryVideoLayer.
1584         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: ditto
1585         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): ditto.
1586         (WebCore::MediaPlayerPrivateAVFoundationObjC::syncTextTrackBounds): ditto.
1587         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoLayer): ditto.
1588         (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoLayerGravity): ditto.
1589         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: ditto
1590         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer): ditto
1591         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: ditto
1592         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::createPreviewLayers):ditto
1593         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.h: ditto
1594         * platform/graphics/avfoundation/objc/VideoFullscreenLayerManager.mm: ditto
1595         (WebCore::VideoFullscreenLayerManager::setVideoLayer): ditto
1596         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenLayer): ditto and adopt commitPriority.
1597         (WebCore::VideoFullscreenLayerManager::setVideoFullscreenFrame): ditto
1598         (WebCore::VideoFullscreenLayerManager::setVideoLayers): Deleted. 
1599         (WebCore::VideoFullscreenLayerManager::didDestroyVideoLayer): remove m_secondaryVideoLayer.
1600         * platform/spi/cocoa/QuartzCoreSPI.h: Add commitPriority.
1601
1602 2016-06-20  Zalan Bujtas  <zalan@apple.com>
1603
1604         Set the end position on the placeholder BidiRun properly.
1605         https://bugs.webkit.org/show_bug.cgi?id=158958
1606
1607         Reviewed by Myles C. Maxfield.
1608         rdar://problem/26609266
1609
1610         The second paramenter for BidiRun indicates the end position and not the length of the run.
1611         This was regressed at r102875 where only the start position was changed from 0 to pos.
1612
1613         Test: fast/text/international/bidi-style-in-isolate-crash.html
1614
1615         * rendering/InlineIterator.h:
1616         (WebCore::addPlaceholderRunForIsolatedInline):
1617
1618 2016-06-20  Fujii Hironori  <Hironori.Fujii@sony.com>
1619
1620         A composition underline is placed to wrong position in RTL
1621         https://bugs.webkit.org/show_bug.cgi?id=158602
1622
1623         Reviewed by Myles C. Maxfield.
1624
1625         InlineTextBox::paintCompositionUnderline does not take RTL into
1626         account.  The position of composition underline should be
1627         mirrored in RTL.
1628
1629         Test: editing/input/composition-underline-rtl.html
1630
1631         * rendering/InlineTextBox.cpp:
1632         (WebCore::mirrorRTLSegment): New helper function to convert RTL start position to LTR.
1633         (WebCore::InlineTextBox::paintDecoration): Use mirrorRTLSegment.
1634         (WebCore::InlineTextBox::paintCompositionUnderline): Ditto.
1635
1636 2016-06-20  Keith Miller  <keith_miller@apple.com>
1637
1638         It should be easy to add a private global helper function for builtins
1639         https://bugs.webkit.org/show_bug.cgi?id=158893
1640
1641         Reviewed by Mark Lam.
1642
1643         Add JSCJSValueInlines.h to fix build issues.
1644
1645         * platform/mock/mediasource/MockBox.cpp:
1646
1647 2016-06-20  Benjamin Poulain  <benjamin@webkit.org>
1648
1649         :default CSS pseudo-class should match checkboxes+radios with a `checked` attribute
1650         https://bugs.webkit.org/show_bug.cgi?id=156230
1651
1652         Reviewed by Alex Christensen.
1653
1654         This patch update the :default pseudo class matching to be closer to the spec:
1655         https://html.spec.whatwg.org/multipage/scripting.html#selector-default
1656
1657         The main remaining difference with the spec is the definition of "default button".
1658         This is an unrelated problem that should be addressed separately.
1659
1660         The implementation was missing support for:
1661         -input elements of type "checkbox" or "radio" with the "checked" attribute defined.
1662         -option elements with the "selected" attribute defined.
1663
1664         The existing support for default button was pretty bad, I fixed that too.
1665         The owner form now has a resetDefaultButton() API. When a Form Associated Element
1666         becomes a submit button or loses that property, the element calls its form
1667         to update the style as needed.
1668
1669         Whenever the submit button changes, 2 elements needs to have their style invalidated:
1670         -The former default button.
1671         -The new default button.
1672         To invalidate the former button, FormElement now caches the computed
1673         default button. When the default button changes, the cached value is invalidated
1674         in addition to the new value.
1675
1676         Computing the new default button takes linear time in the number of form associated element.
1677         To mitigate that, resetDefaultButton() is only called when changes are related
1678         to submit buttons. Since those changes are rare, I don't expect the invalidation
1679         to be a problem.
1680
1681         Tests: fast/css/pseudo-default-basics.html
1682                fast/selectors/default-style-update.html
1683
1684         * css/SelectorChecker.cpp:
1685         (WebCore::SelectorChecker::checkOne):
1686         * css/SelectorCheckerTestFunctions.h:
1687         (WebCore::matchesDefaultPseudoClass):
1688         (WebCore::isDefaultButtonForForm): Deleted.
1689         * cssjit/SelectorCompiler.cpp:
1690         (WebCore::SelectorCompiler::addPseudoClassType):
1691         * dom/Element.cpp:
1692         (WebCore::Element::matchesValidPseudoClass):
1693         (WebCore::Element::matchesInvalidPseudoClass):
1694         (WebCore::Element::matchesDefaultPseudoClass):
1695         * dom/Element.h:
1696         (WebCore::Element::matchesValidPseudoClass): Deleted.
1697         (WebCore::Element::matchesInvalidPseudoClass): Deleted.
1698         (WebCore::Element::isDefaultButtonForForm): Deleted.
1699         * html/HTMLButtonElement.cpp:
1700         (WebCore::HTMLButtonElement::parseAttribute):
1701         (WebCore::HTMLButtonElement::matchesDefaultPseudoClass):
1702         * html/HTMLButtonElement.h:
1703         * html/HTMLFormControlElement.cpp:
1704         (WebCore::HTMLFormControlElement::isDefaultButtonForForm): Deleted.
1705         * html/HTMLFormControlElement.h:
1706         * html/HTMLFormElement.cpp:
1707         (WebCore::HTMLFormElement::~HTMLFormElement):
1708         (WebCore::HTMLFormElement::registerFormElement):
1709         (WebCore::HTMLFormElement::removeFormElement):
1710         (WebCore::HTMLFormElement::defaultButton):
1711         (WebCore::HTMLFormElement::resetDefaultButton):
1712         * html/HTMLFormElement.h:
1713         * html/HTMLInputElement.cpp:
1714         (WebCore::HTMLInputElement::updateType):
1715         (WebCore::HTMLInputElement::parseAttribute):
1716         (WebCore::HTMLInputElement::matchesDefaultPseudoClass):
1717         * html/HTMLInputElement.h:
1718         * html/HTMLOptionElement.cpp:
1719         (WebCore::HTMLOptionElement::matchesDefaultPseudoClass):
1720         (WebCore::HTMLOptionElement::parseAttribute):
1721         * html/HTMLOptionElement.h:
1722         * style/StyleSharingResolver.cpp:
1723         (WebCore::Style::SharingResolver::canShareStyleWithElement):
1724         (WebCore::Style::canShareStyleWithControl): Deleted.
1725
1726 2016-06-20  Simon Fraser  <simon.fraser@apple.com>
1727
1728         Focus event dispatched in iframe causes parent document to scroll incorrectly
1729         https://bugs.webkit.org/show_bug.cgi?id=158629
1730         rdar://problem/26521616
1731
1732         Reviewed by Tim Horton.
1733
1734         When focussing elements in iframes, the page could scroll to an incorrect location.
1735         This happened because code in Element::focus() tried to disable scrolling on focus,
1736         but did so only for the current frame, so ancestor frames got programmatically scrolled.
1737         On iOS we handle the scrolling in the UI process, so never want the web process to
1738         do programmatic scrolling.
1739
1740         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
1741         rather than manually prohibiting frame scrolling. Pass SelectionRevealMode through various callers,
1742         and use RevealUpToMainFrame for iOS, allowing the UI process to do the zoomToRect: for the main frame.
1743
1744         Tests: fast/forms/ios/focus-input-in-iframe.html
1745                fast/forms/ios/programmatic-focus-input-in-iframe.html
1746
1747         * dom/Document.h:
1748         * dom/Element.cpp:
1749         (WebCore::Element::scrollIntoView):
1750         (WebCore::Element::scrollIntoViewIfNeeded):
1751         (WebCore::Element::scrollIntoViewIfNotVisible):
1752         (WebCore::Element::focus):
1753         (WebCore::Element::updateFocusAppearance):
1754         * dom/Element.h:
1755         * editing/Editor.cpp:
1756         (WebCore::Editor::insertTextWithoutSendingTextEvent):
1757         (WebCore::Editor::revealSelectionAfterEditingOperation):
1758         (WebCore::Editor::findStringAndScrollToVisible):
1759         * editing/FrameSelection.cpp:
1760         (WebCore::FrameSelection::updateAndRevealSelection):
1761         (WebCore::FrameSelection::revealSelection):
1762         (WebCore::FrameSelection::FrameSelection): Deleted.
1763         * editing/FrameSelection.h:
1764         * html/HTMLInputElement.cpp:
1765         (WebCore::HTMLInputElement::updateFocusAppearance):
1766         * html/HTMLTextAreaElement.cpp:
1767         (WebCore::HTMLTextAreaElement::updateFocusAppearance):
1768         * page/ContextMenuController.cpp:
1769         (WebCore::ContextMenuController::contextMenuItemSelected):
1770         * page/FrameView.cpp:
1771         (WebCore::FrameView::scrollToAnchor):
1772         * rendering/RenderLayer.cpp:
1773         (WebCore::RenderLayer::scrollRectToVisible):
1774         (WebCore::RenderLayer::autoscroll):
1775         * rendering/RenderLayer.h:
1776         * rendering/RenderObject.cpp:
1777         (WebCore::RenderObject::scrollRectToVisible):
1778         * rendering/RenderObject.h:
1779
1780 2016-06-20  Keith Rollin  <krollin@apple.com>
1781
1782         Remove RefPtr::release() and change calls sites to use WTFMove()
1783         https://bugs.webkit.org/show_bug.cgi?id=158369
1784
1785         Reviewed by Chris Dumez.
1786
1787         RefPtr::release() releases its managed pointer awkwardly. It's more
1788         direct and clearer to use WTFMove to transfer ownership of the managed
1789         pointer.
1790
1791         As part of this cleanup, also change a lot of explicit data types to
1792         'auto'.
1793
1794         No new tests: there's no new functionality, just a refactoring of
1795         existing code.
1796
1797         * Modules/mediasource/SourceBuffer.cpp:
1798         (WebCore::removeSamplesFromTrackBuffer):
1799         (WebCore::SourceBuffer::provideMediaData):
1800         * Modules/mediastream/UserMediaRequest.cpp:
1801         (WebCore::UserMediaRequest::start):
1802         * Modules/webdatabase/SQLCallbackWrapper.h:
1803         (WebCore::SQLCallbackWrapper::clear):
1804         * bindings/js/JSDOMWindowCustom.cpp:
1805         (WebCore::handlePostMessage):
1806         * bindings/js/JSHistoryCustom.cpp:
1807         (WebCore::JSHistory::pushState):
1808         (WebCore::JSHistory::replaceState):
1809         * bindings/js/JSMessagePortCustom.h:
1810         (WebCore::handlePostMessage):
1811         * bindings/js/ScriptControllerMac.mm:
1812         (WebCore::ScriptController::createScriptInstanceForWidget):
1813         * bindings/js/SerializedScriptValue.cpp:
1814         (WebCore::CloneDeserializer::readTerminal):
1815         * css/CSSComputedStyleDeclaration.cpp:
1816         (WebCore::ComputedStyleExtractor::copyPropertiesInSet):
1817         * css/SVGCSSParser.cpp:
1818         (WebCore::CSSParser::parseSVGValue):
1819         * css/StyleBuilderConverter.h:
1820         (WebCore::StyleBuilderConverter::convertShapeValue):
1821         * css/StyleProperties.cpp:
1822         (WebCore::StyleProperties::copyPropertiesInSet):
1823         * css/StyleResolver.cpp:
1824         (WebCore::StyleResolver::loadPendingImages):
1825         * dom/InlineStyleSheetOwner.cpp:
1826         (WebCore::InlineStyleSheetOwner::clearSheet):
1827         * editing/ApplyStyleCommand.cpp:
1828         (WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
1829         * editing/CompositeEditCommand.cpp:
1830         (WebCore::CompositeEditCommand::removeChildrenInRange):
1831         (WebCore::CompositeEditCommand::removeNodeAndPruneAncestors):
1832         (WebCore::CompositeEditCommand::prune):
1833         (WebCore::CompositeEditCommand::replaceSelectedTextInNode):
1834         (WebCore::CompositeEditCommand::rebalanceWhitespaceOnTextSubstring):
1835         * editing/CreateLinkCommand.cpp:
1836         (WebCore::CreateLinkCommand::doApply):
1837         * editing/EditingStyle.cpp:
1838         (WebCore::EditingStyle::mergeStyle):
1839         (WebCore::EditingStyle::mergeStyleFromRulesForSerialization):
1840         * editing/Editor.cpp:
1841         (WebCore::ClearTextCommand::CreateAndApply):
1842         (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
1843         * editing/EditorCommand.cpp:
1844         (WebCore::executeInsertNode):
1845         * editing/InsertTextCommand.cpp:
1846         (WebCore::InsertTextCommand::performOverwrite):
1847         (WebCore::InsertTextCommand::insertTab):
1848         * editing/RemoveNodePreservingChildrenCommand.cpp:
1849         (WebCore::RemoveNodePreservingChildrenCommand::doApply):
1850         * editing/ReplaceSelectionCommand.cpp:
1851         (WebCore::ReplacementFragment::removeNodePreservingChildren):
1852         (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
1853         * html/FTPDirectoryDocument.cpp:
1854         (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate):
1855         * html/HTMLFontElement.cpp:
1856         (WebCore::HTMLFontElement::collectStyleForPresentationAttribute):
1857         * html/HTMLFormElement.cpp:
1858         (WebCore::HTMLFormElement::prepareForSubmission):
1859         * html/HTMLTableElement.cpp:
1860         (WebCore::leakBorderStyle):
1861         (WebCore::leakGroupBorderStyle):
1862         * html/parser/HTMLDocumentParser.cpp:
1863         (WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder):
1864         * html/track/InbandDataTextTrack.cpp:
1865         (WebCore::InbandDataTextTrack::addDataCue):
1866         * html/track/InbandGenericTextTrack.cpp:
1867         (WebCore::InbandGenericTextTrack::newCuesParsed):
1868         * html/track/InbandWebVTTTextTrack.cpp:
1869         (WebCore::InbandWebVTTTextTrack::newCuesParsed):
1870         * html/track/TextTrackCueList.cpp:
1871         (WebCore::TextTrackCueList::add):
1872         * inspector/InspectorCSSAgent.cpp:
1873         (WebCore::InspectorCSSAgent::getInlineStylesForNode):
1874         * inspector/InspectorDOMAgent.cpp:
1875         (WebCore::InspectorDOMAgent::pushChildNodesToFrontend):
1876         * inspector/InspectorIndexedDBAgent.cpp:
1877         * inspector/InspectorNetworkAgent.cpp:
1878         (WebCore::InspectorNetworkAgent::loadResource):
1879         * inspector/InspectorStyleSheet.cpp:
1880         (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
1881         * loader/FormSubmission.cpp:
1882         (WebCore::FormSubmission::create):
1883         * loader/FrameLoader.cpp:
1884         (WebCore::FrameLoader::loadURLIntoChildFrame):
1885         (WebCore::FrameLoader::loadURL):
1886         (WebCore::FrameLoader::loadPostRequest):
1887         * loader/ProgressTracker.cpp:
1888         (WebCore::ProgressTracker::finalProgressComplete):
1889         * loader/appcache/ApplicationCacheGroup.cpp:
1890         (WebCore::ApplicationCacheGroup::disassociateDocumentLoader):
1891         (WebCore::ApplicationCacheGroup::didFinishLoading):
1892         (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
1893         * loader/appcache/ApplicationCacheStorage.cpp:
1894         (WebCore::ApplicationCacheStorage::loadCacheGroup):
1895         (WebCore::ApplicationCacheStorage::cacheGroupForURL):
1896         (WebCore::ApplicationCacheStorage::fallbackCacheGroupForURL):
1897         (WebCore::ApplicationCacheStorage::loadCache):
1898         * loader/archive/ArchiveResourceCollection.cpp:
1899         (WebCore::ArchiveResourceCollection::popSubframeArchive):
1900         * loader/archive/cf/LegacyWebArchive.cpp:
1901         (WebCore::LegacyWebArchive::extract):
1902         (WebCore::LegacyWebArchive::create):
1903         (WebCore::LegacyWebArchive::createFromSelection):
1904         * loader/cache/CachedImage.cpp:
1905         (WebCore::CachedImage::createImage):
1906         * loader/icon/IconDatabase.cpp:
1907         (WebCore::IconDatabase::setIconDataForIconURL):
1908         (WebCore::IconDatabase::getOrCreateIconRecord):
1909         (WebCore::IconDatabase::readFromDatabase):
1910         (WebCore::IconDatabase::getImageDataForIconURLFromSQLDatabase):
1911         * page/DOMWindow.cpp:
1912         (WebCore::DOMWindow::sessionStorage):
1913         (WebCore::DOMWindow::localStorage):
1914         * page/EventHandler.cpp:
1915         (WebCore::EventHandler::updateDragAndDrop):
1916         * page/animation/CompositeAnimation.cpp:
1917         (WebCore::CompositeAnimation::updateTransitions):
1918         * page/csp/ContentSecurityPolicy.cpp:
1919         (WebCore::ContentSecurityPolicy::reportViolation):
1920         * page/mac/ServicesOverlayController.mm:
1921         (WebCore::ServicesOverlayController::createOverlayIfNeeded):
1922         (WebCore::ServicesOverlayController::determineActiveHighlight):
1923         * page/scrolling/AsyncScrollingCoordinator.h:
1924         (WebCore::AsyncScrollingCoordinator::releaseScrollingTree):
1925         * page/scrolling/ScrollingStateNode.cpp:
1926         (WebCore::ScrollingStateNode::cloneAndReset):
1927         * page/scrolling/ScrollingStateTree.cpp:
1928         (WebCore::ScrollingStateTree::attachNode):
1929         * platform/audio/HRTFElevation.cpp:
1930         (WebCore::getConcatenatedImpulseResponsesForSubject):
1931         * platform/graphics/DisplayRefreshMonitorManager.cpp:
1932         (WebCore::DisplayRefreshMonitorManager::createMonitorForClient):
1933         * platform/graphics/FontCascadeFonts.cpp:
1934         (WebCore::FontCascadeFonts::glyphDataForSystemFallback):
1935         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
1936         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings):
1937         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
1938         (WebCore::MediaSelectionGroupAVFObjC::updateOptions):
1939         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
1940         (WebCore::SourceBufferPrivateAVFObjC::processCodedFrame):
1941         * platform/graphics/ca/GraphicsLayerCA.cpp:
1942         * platform/graphics/ca/PlatformCALayer.cpp:
1943         (WebCore::PlatformCALayer::createCompatibleLayerOrTakeFromPool):
1944         * platform/graphics/cg/ImageBufferDataCG.cpp:
1945         (WebCore::ImageBufferData::getData):
1946         * platform/graphics/filters/FilterEffect.cpp:
1947         (WebCore::FilterEffect::asUnmultipliedImage):
1948         (WebCore::FilterEffect::asPremultipliedImage):
1949         * platform/graphics/mac/ImageMac.mm:
1950         (WebCore::Image::loadPlatformResource):
1951         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1952         (WebCore::GraphicsContext3D::createForCurrentGLContext):
1953         (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
1954         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
1955         (WebCore::RealtimeMediaSourceCenterMac::createMediaStream):
1956         * platform/mock/MockRealtimeMediaSourceCenter.cpp:
1957         (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints):
1958         (WebCore::MockRealtimeMediaSourceCenter::createMediaStream):
1959         * platform/network/BlobRegistryImpl.cpp:
1960         (WebCore::BlobRegistryImpl::registerBlobURL):
1961         (WebCore::BlobRegistryImpl::registerBlobURLForSlice):
1962         * platform/network/ResourceHandle.cpp:
1963         (WebCore::ResourceHandle::create):
1964         * platform/network/cf/FormDataStreamCFNet.cpp:
1965         (WebCore::formCreate):
1966         * platform/text/BidiContext.cpp:
1967         (WebCore::BidiContext::copyStackRemovingUnicodeEmbeddingContexts):
1968         * rendering/FilterEffectRenderer.cpp:
1969         (WebCore::FilterEffectRenderer::build):
1970         * rendering/RenderLayer.cpp:
1971         (WebCore::RenderLayer::createScrollbar):
1972         * rendering/RenderListBox.cpp:
1973         (WebCore::RenderListBox::createScrollbar):
1974         * rendering/RenderMenuList.cpp:
1975         (RenderMenuList::createScrollbar):
1976         * rendering/RenderSearchField.cpp:
1977         (WebCore::RenderSearchField::createScrollbar):
1978         * replay/ReplayController.cpp:
1979         (WebCore::ReplayController::unloadSegment):
1980         * svg/SVGFEDiffuseLightingElement.cpp:
1981         (WebCore::SVGFEDiffuseLightingElement::build):
1982         * svg/SVGFESpecularLightingElement.cpp:
1983         (WebCore::SVGFESpecularLightingElement::build):
1984         * svg/properties/SVGListProperty.h:
1985         (WebCore::SVGListProperty::getItemValuesAndWrappers):
1986         (WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
1987         (WebCore::SVGListProperty::removeItemValuesAndWrappers):
1988         * workers/WorkerThread.cpp:
1989         (WebCore::WorkerThread::workerThread):
1990         * xml/XMLHttpRequest.cpp:
1991         (WebCore::XMLHttpRequest::internalAbort):
1992         * xml/XPathStep.cpp:
1993         (WebCore::XPath::Step::nodesInAxis):
1994
1995 2016-06-20  Eric Carlson  <eric.carlson@apple.com>
1996
1997         Crash in PlatformMediaSession::clientWillPausePlayback
1998         https://bugs.webkit.org/show_bug.cgi?id=158953
1999         <rdar://problem/26121125>
2000
2001         Reviewed by Jer Noble.
2002
2003         No new tests, I have not been able to reproduce this in a test.
2004
2005         * html/HTMLMediaElement.cpp:
2006         (WebCore::HTMLMediaElement::stop): Ref the element before calling stopWithoutDestroyingMediaPlayer
2007           because updatePlaybackControlsManager can release the last reference and cause the
2008           destructor to be called.
2009         (WebCore::HTMLMediaElement::suspend): Ditto.
2010
2011 2016-06-20  Alex Christensen  <achristensen@webkit.org>
2012
2013         Clean up ResourceResponseBase after r201943
2014         https://bugs.webkit.org/show_bug.cgi?id=158706
2015
2016         Reviewed by Michael Catanzaro.
2017
2018         * platform/network/ResourceResponseBase.cpp:
2019         (WebCore::ResourceResponseBase::ResourceResponseBase):
2020         (WebCore::ResourceResponseBase::asResourceResponse): Deleted.
2021         * platform/network/ResourceResponseBase.h:
2022         (WebCore::ResourceResponseBase::platformCompare):
2023
2024 2016-06-20  Joseph Pecoraro  <pecoraro@apple.com>
2025
2026         Web Inspector: console.profile should use the new Sampling Profiler
2027         https://bugs.webkit.org/show_bug.cgi?id=153499
2028         <rdar://problem/24352431>
2029
2030         Reviewed by Timothy Hatcher.
2031
2032         Test: inspector/timeline/setInstruments-programmatic-capture.html
2033
2034         * inspector/InspectorTimelineAgent.cpp:
2035         (WebCore::InspectorTimelineAgent::startFromConsole):
2036         (WebCore::InspectorTimelineAgent::stopFromConsole):
2037         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
2038         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
2039         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
2040         (WebCore::InspectorTimelineAgent::toggleInstruments):
2041         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
2042         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
2043         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
2044         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
2045         * inspector/InspectorTimelineAgent.h:
2046         Web implementation of console.profile/profileEnd.
2047         Make helpers for startings / stopping instruments.
2048
2049 2016-06-20  Andreas Kling  <akling@apple.com>
2050
2051         When navigating, discard decoded image data that is only live due to page cache.
2052         <https://webkit.org/b/158941>
2053
2054         Reviewed by Antti Koivisto.
2055
2056         A resource is "live" if it's currently in use by a web page, and "dead" if it's
2057         only kept alive by the memory cache.
2058
2059         This patch adds a mechanism that looks at CachedImage resources to see if all the
2060         clients that make them appear "live" are actually pages in the page cache.
2061
2062         If so, we let the "jettison expensive objects on top-level navigation" mechanism
2063         discard the decoded data for such half-live images. This can reduce the peak
2064         memory usage during navigations quite a bit.
2065
2066         * loader/FrameLoader.cpp:
2067         (WebCore::FrameLoader::commitProvisionalLoad): Move the call to MemoryPressureHandler
2068         before we add the outgoing page to the page cache. This allows the jettisoning code
2069         to make decisions based on which pages were cached *before* the navigation.
2070
2071         * loader/cache/CachedImageClient.h:
2072         (WebCore::CachedImageClient::inPageCache):
2073         * loader/ImageLoader.h:
2074         * loader/ImageLoader.cpp:
2075         (WebCore::ImageLoader::inPageCache):
2076         * rendering/RenderObject.h:
2077         (WebCore::RenderObject::inPageCache): Added a CachedImageClient::inPageCache() virtual
2078         to determine which clients are currently in page cache (answered by their Document.)
2079
2080         * loader/cache/CachedImage.h:
2081         * loader/cache/CachedImage.cpp:
2082         (WebCore::CachedImage::areAllClientsInPageCache): Walks all CachedImageClient clients
2083         and returns true if all of them are inPageCache().
2084
2085         * platform/MemoryPressureHandler.cpp:
2086         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
2087         Walk all the known CachedImages and nuke decoded data for those that have some but
2088         are only considered live due to clients in the page cache.
2089
2090 2016-06-20  Chris Dumez  <cdumez@apple.com>
2091
2092         Unreviewed, fix post-landing review comment from Darin on r202188.
2093
2094         * platform/network/CacheValidation.cpp:
2095         (WebCore::parseCacheHeader):
2096
2097 2016-06-19  Antti Koivisto  <antti@apple.com>
2098
2099         Updating class name of a shadow host does not update the style applied by :host()
2100         https://bugs.webkit.org/show_bug.cgi?id=158900
2101         <rdar://problem/26883707>
2102
2103         Reviewed by Simon Fraser.
2104
2105         Test: fast/shadow-dom/shadow-host-style-update.html
2106
2107         Teach style invalidation optimization code about :host.
2108
2109         * style/AttributeChangeInvalidation.cpp:
2110         (WebCore::Style::mayBeAffectedByHostStyle):
2111         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
2112         * style/ClassChangeInvalidation.cpp:
2113         (WebCore::Style::computeClassChange):
2114         (WebCore::Style::mayBeAffectedByHostStyle):
2115         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
2116         * style/IdChangeInvalidation.cpp:
2117         (WebCore::Style::mayBeAffectedByHostStyle):
2118         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
2119
2120 2016-06-19  Gavin & Ellie Barraclough  <barraclough@apple.com>
2121
2122         Remove hasStaticPropertyTable (part 5: done!)
2123         https://bugs.webkit.org/show_bug.cgi?id=158431
2124
2125         Reviewed by Chris Dumez.
2126
2127         * bindings/scripts/CodeGeneratorJS.pm:
2128         (GenerateHeader):
2129             - remove hasStaticPropertyTable.
2130         * bindings/scripts/test/JS/JSInterfaceName.h:
2131         (WebCore::JSInterfaceName::create):
2132         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
2133         (WebCore::JSTestActiveDOMObject::create):
2134         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
2135         (WebCore::JSTestClassWithJSBuiltinConstructor::create):
2136         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
2137         (WebCore::JSTestCustomConstructorWithNoInterfaceObject::create):
2138         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
2139         (WebCore::JSTestCustomNamedGetter::create):
2140         * bindings/scripts/test/JS/JSTestEventConstructor.h:
2141         (WebCore::JSTestEventConstructor::create):
2142         * bindings/scripts/test/JS/JSTestEventTarget.h:
2143         (WebCore::JSTestEventTarget::create):
2144         * bindings/scripts/test/JS/JSTestException.h:
2145         (WebCore::JSTestException::create):
2146         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
2147         (WebCore::JSTestGenerateIsReachable::create):
2148         * bindings/scripts/test/JS/JSTestGlobalObject.h:
2149         * bindings/scripts/test/JS/JSTestInterface.h:
2150         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
2151         (WebCore::JSTestJSBuiltinConstructor::create):
2152         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
2153         (WebCore::JSTestMediaQueryListListener::create):
2154         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
2155         (WebCore::JSTestNamedConstructor::create):
2156         * bindings/scripts/test/JS/JSTestNode.h:
2157         * bindings/scripts/test/JS/JSTestNondeterministic.h:
2158         (WebCore::JSTestNondeterministic::create):
2159         * bindings/scripts/test/JS/JSTestObj.h:
2160         (WebCore::JSTestObj::create):
2161         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
2162         (WebCore::JSTestOverloadedConstructors::create):
2163         * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
2164         (WebCore::JSTestOverrideBuiltins::create):
2165         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
2166         (WebCore::JSTestSerializedScriptValueInterface::create):
2167         * bindings/scripts/test/JS/JSTestTypedefs.h:
2168         (WebCore::JSTestTypedefs::create):
2169         * bindings/scripts/test/JS/JSattribute.h:
2170         (WebCore::JSattribute::create):
2171         * bindings/scripts/test/JS/JSreadonly.h:
2172         (WebCore::JSreadonly::create):
2173
2174 2016-06-19  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2175
2176         The JSBuiltinConstructor feature can't handle a JS interface extending an other JS interface
2177         https://bugs.webkit.org/show_bug.cgi?id=158834
2178
2179         Reviewed by Eric Carlson.
2180
2181         No change of behavior.
2182
2183         * bindings/scripts/CodeGeneratorJS.pm:
2184         (GenerateHeader): Explicitly setting DOMWrapped type definition from
2185         JSXX class deriving from another JSYY class.
2186         * bindings/scripts/test/JS/JSTestEventTarget.h: Rebased.
2187         * bindings/scripts/test/JS/JSTestNode.h: Ditto.
2188
2189 2016-06-18  Antti Koivisto  <antti@apple.com>
2190
2191         Use time literals in WebCore
2192         https://bugs.webkit.org/show_bug.cgi?id=158905
2193
2194         Reviewed by Andreas Kling.
2195
2196         std::chrono::milliseconds(1) -> 1ms etc.
2197
2198         * dom/Document.cpp:
2199         (WebCore::Document::minimumLayoutDelay):
2200         (WebCore::Document::elapsedTime):
2201         * fileapi/FileReader.cpp:
2202         (WebCore::FileReader::create):
2203         * inspector/InspectorOverlay.cpp:
2204         (WebCore::InspectorOverlay::showPaintRect):
2205         * loader/CrossOriginPreflightResultCache.cpp:
2206         (WebCore::CrossOriginPreflightResultCache::CrossOriginPreflightResultCache):
2207         * loader/ProgressTracker.cpp:
2208         (WebCore::ProgressTracker::progressStarted):
2209         * loader/cache/CachedResource.cpp:
2210         (WebCore::CachedResource::freshnessLifetime):
2211         * page/ChromeClient.h:
2212         * page/DOMTimer.cpp:
2213         (WebCore::DOMTimer::intervalClampedToMinimum):
2214         (WebCore::DOMTimer::alignedFireTime):
2215         * page/DOMTimer.h:
2216         * page/FrameView.cpp:
2217         (WebCore::FrameView::scrollPositionChanged):
2218         * page/ResourceUsageThread.cpp:
2219         (WebCore::ResourceUsageThread::threadBody):
2220         * page/Settings.cpp:
2221         (WebCore::Settings::Settings):
2222         * page/mac/ServicesOverlayController.mm:
2223         (WebCore::ServicesOverlayController::remainingTimeUntilHighlightShouldBeShown):
2224         * platform/graphics/FontCache.cpp:
2225         (WebCore::FontCache::fontForFamily):
2226         * platform/network/CacheValidation.cpp:
2227         (WebCore::computeCurrentAge):
2228         (WebCore::computeFreshnessLifetimeForHTTPFamily):
2229
2230 2016-06-17  Benjamin Poulain  <benjamin@webkit.org>
2231
2232         :indeterminate pseudo-class should match radios whose group has no checked radio
2233         https://bugs.webkit.org/show_bug.cgi?id=156270
2234
2235         Reviewed by Simon Fraser.
2236
2237         The pseudo-class ":indeterminate" is supposed to match radio buttons
2238         for which the entire group has no checked button.
2239         Spec: https://html.spec.whatwg.org/#pseudo-classes:selector-indeterminate
2240
2241         The change is straightforward with one non-obvious choice:
2242         I added matchesIndeterminatePseudoClass() in addition to shouldAppearIndeterminate().
2243
2244         The reason is shouldAppearIndeterminate() is used for styling and AX of elements
2245         with an indeterminate states (check boxes and progress element). There is no such
2246         UI for radio boxes.
2247         I could have extended shouldAppearIndeterminate() to radio box
2248         then filter out this case in RenderTheme. The problem is doing that would also requires
2249         changes to the repaint logic to match :indeterminate. It seemed overkill to me to
2250         change repaint() for a case that is never used in practice.
2251
2252         Tests: fast/css/pseudo-indeterminate-radio-buttons-basics.html
2253                fast/css/pseudo-indeterminate-with-radio-buttons-style-invalidation.html
2254                fast/selectors/detached-radio-button-checked-and-indeterminate-states.html
2255                fast/selectors/pseudo-indeterminate-with-radio-buttons-style-update.html
2256
2257         * css/SelectorCheckerTestFunctions.h:
2258         (WebCore::shouldAppearIndeterminate):
2259         * dom/Element.cpp:
2260         (WebCore::Element::matchesIndeterminatePseudoClass):
2261         * dom/Element.h:
2262         * dom/RadioButtonGroups.cpp:
2263         (WebCore::RadioButtonGroup::setCheckedButton):
2264         (WebCore::RadioButtonGroup::updateCheckedState):
2265         (WebCore::RadioButtonGroup::remove):
2266         (WebCore::RadioButtonGroup::setNeedsStyleRecalcForAllButtons):
2267         (WebCore::RadioButtonGroups::hasCheckedButton):
2268         * dom/RadioButtonGroups.h:
2269         * html/CheckboxInputType.cpp:
2270         (WebCore::CheckboxInputType::matchesIndeterminatePseudoClass):
2271         (WebCore::CheckboxInputType::shouldAppearIndeterminate):
2272         (WebCore::CheckboxInputType::supportsIndeterminateAppearance): Deleted.
2273         * html/CheckboxInputType.h:
2274         * html/HTMLInputElement.cpp:
2275         (WebCore::HTMLInputElement::setChecked):
2276         (WebCore::HTMLInputElement::matchesIndeterminatePseudoClass):
2277         (WebCore::HTMLInputElement::shouldAppearIndeterminate):
2278         (WebCore::HTMLInputElement::radioButtonGroups):
2279         * html/HTMLInputElement.h:
2280         * html/InputType.cpp:
2281         (WebCore::InputType::matchesIndeterminatePseudoClass):
2282         (WebCore::InputType::shouldAppearIndeterminate):
2283         (WebCore::InputType::supportsIndeterminateAppearance): Deleted.
2284         * html/InputType.h:
2285         * html/RadioInputType.cpp:
2286         (WebCore::RadioInputType::matchesIndeterminatePseudoClass):
2287         (WebCore::RadioInputType::willDispatchClick): Deleted.
2288         (WebCore::RadioInputType::didDispatchClick): Deleted.
2289         (WebCore::RadioInputType::supportsIndeterminateAppearance): Deleted.
2290         The iOS specific code is just plain wrong.
2291         It was changing the indeterminate state of the input element.
2292         The spec clearly says that state is only used by checkbox:
2293         https://html.spec.whatwg.org/#dom-input-indeterminate
2294
2295         Moreover, the style update would not change the indeterminate state
2296         of other buttons in the Button Group, which is just bizarre.
2297         RenderThemeIOS does not make use of any of this with the current style.
2298
2299         * html/RadioInputType.h:
2300         * style/StyleSharingResolver.cpp:
2301         (WebCore::Style::SharingResolver::canShareStyleWithElement):
2302         (WebCore::Style::canShareStyleWithControl): Deleted.
2303         (WebCore::Style::SharingResolver::sharingCandidateHasIdenticalStyleAffectingAttributes): Deleted.
2304         Style sharing is unified behind the selector matching which is neat.
2305
2306 2016-06-17  Commit Queue  <commit-queue@webkit.org>
2307
2308         Unreviewed, rolling out r202152.
2309         https://bugs.webkit.org/show_bug.cgi?id=158897
2310
2311         The new test is very unstable, timing out frequently
2312         (Requested by ap on #webkit).
2313
2314         Reverted changeset:
2315
2316         "Web Inspector: console.profile should use the new Sampling
2317         Profiler"
2318         https://bugs.webkit.org/show_bug.cgi?id=153499
2319         http://trac.webkit.org/changeset/202152
2320
2321 2016-06-17  Commit Queue  <commit-queue@webkit.org>
2322
2323         Unreviewed, rolling out r202068, r202115, and r202128.
2324         https://bugs.webkit.org/show_bug.cgi?id=158896
2325
2326         The new test is very unstable, timing out frequently
2327         (Requested by ap on #webkit).
2328
2329         Reverted changesets:
2330
2331         "decompose4 return value is unchecked, leading to potentially
2332         uninitialized data."
2333         https://bugs.webkit.org/show_bug.cgi?id=158761
2334         http://trac.webkit.org/changeset/202068
2335
2336         "[mac] LayoutTest transforms/undecomposable.html is a flaky
2337         timeout"
2338         https://bugs.webkit.org/show_bug.cgi?id=158816
2339         http://trac.webkit.org/changeset/202115
2340
2341         "[mac] LayoutTest transforms/undecomposable.html is a flaky
2342         timeout"
2343         https://bugs.webkit.org/show_bug.cgi?id=158816
2344         http://trac.webkit.org/changeset/202128
2345
2346 2016-06-17  Chris Fleizach  <cfleizach@apple.com>
2347
2348         AX: HTML indeterminate IDL attribute not mapped to checkbox value=2 for native checkboxes
2349         https://bugs.webkit.org/show_bug.cgi?id=158876
2350         <rdar://problem/26842619>
2351
2352         Reviewed by Joanmarie Diggs.
2353
2354         The indeterminate state was not being reported for native checkboxes. 
2355
2356         Also the isIndeterminate() method was relying on whether the appearance changed, which does not happen on Mac, so that
2357         was not being reported correctly. Changed that to check the actual attribute.
2358
2359         Test: accessibility/checkbox-mixed-value.html
2360
2361         * accessibility/AccessibilityNodeObject.cpp:
2362         (WebCore::AccessibilityNodeObject::isIndeterminate):
2363         (WebCore::AccessibilityNodeObject::isPressed):
2364         (WebCore::AccessibilityNodeObject::checkboxOrRadioValue):
2365         * accessibility/AccessibilityObject.cpp:
2366         (WebCore::AccessibilityObject::checkboxOrRadioValue):
2367
2368 2016-06-17  Dean Jackson  <dino@apple.com>
2369
2370         REGRESSION (r199819): CrashTracer: [GraphicsContext3D::getInternalFramebufferSize
2371         https://bugs.webkit.org/show_bug.cgi?id=158895
2372         <rdar://problem/26423617>
2373
2374         Reviewed by Zalan Bujtas.
2375
2376         In r199819 we started resetting contexts if the page had too
2377         many. Unfortunately there were entry points in the WebGL context
2378         that didn't check for the validity of the object before trying
2379         to access the lower level objects.
2380
2381         Test: webgl/many-contexts-access-after-loss.html
2382
2383         * html/canvas/WebGLRenderingContextBase.cpp:
2384         (WebCore::WebGLRenderingContextBase::drawingBufferWidth): Return 0 if we're lost.
2385         (WebCore::WebGLRenderingContextBase::drawingBufferHeight): Ditto.
2386
2387 2016-06-17  Daniel Bates  <dabates@apple.com>
2388
2389         Unreviewed, rolling out r202186.
2390
2391         Broke the Apple Windows, Apple Yosemite, GTK, and WinCairo
2392         builds.
2393
2394         Reverted changeset:
2395
2396         "File scheme should not allow access of a resource on a
2397         different volume."
2398         https://bugs.webkit.org/show_bug.cgi?id=158552
2399         http://trac.webkit.org/changeset/202186
2400
2401 2016-06-17  Daniel Bates  <dabates@apple.com>
2402
2403         Unreviewed, rolling out r202187.
2404
2405         202186
2406
2407         Reverted changeset:
2408
2409         "Unreviewed clean-up after r202186."
2410         http://trac.webkit.org/changeset/202187
2411
2412 2016-06-17  Chris Dumez  <cdumez@apple.com>
2413
2414         Optimize parseCacheHeader() by using StringView
2415         https://bugs.webkit.org/show_bug.cgi?id=158891
2416
2417         Reviewed by Darin Adler.
2418
2419         Optimize parseCacheHeader() and avoid some temporary String allocations
2420         by using StringView. We now strip the whitespaces in the input string
2421         at the beginning of the function, at the same as as we strip the
2422         control characters. We are then able to leverage StringView in the
2423         rest of the function to get substrings without the need for extra
2424         String allocations.
2425
2426         * platform/network/CacheValidation.cpp:
2427         (WebCore::isControlCharacterOrSpace):
2428         (WebCore::trimToNextSeparator):
2429         (WebCore::parseCacheHeader):
2430
2431 2016-06-17  Brent Fulgham  <bfulgham@apple.com>
2432
2433         Unreviewed clean-up after r202186.
2434
2435         * platform/FileSystem.cpp:
2436         (WebCore::filesHaveSameVolume): Don't use C-style formatting.
2437
2438 2016-06-17  Pranjal Jumde  <pjumde@apple.com>
2439
2440         File scheme should not allow access of a resource on a different volume.
2441         https://bugs.webkit.org/show_bug.cgi?id=158552
2442         <rdar://problem/15307582>
2443
2444         Reviewed by Brent Fulgham.
2445
2446         Tests: Tools/TestWebKitAPI/Tests/mac/CrossPartitionFileSchemeAccess.mm
2447
2448         * page/SecurityOrigin.cpp:
2449         (WebCore::SecurityOrigin::canDisplay):
2450         * platform/FileSystem.cpp:
2451         (WebCore::platformFileStat):
2452         (WebCore::filesHaveSameVolume):
2453         Returns true if the files are on the same volume
2454         * platform/FileSystem.h:
2455
2456 2016-06-17  Antoine Quint  <graouts@apple.com>
2457
2458         Web video playback controls should have RTL volume slider
2459         https://bugs.webkit.org/show_bug.cgi?id=158856
2460         <rdar://problem/25971769>
2461
2462         Reviewed by Tim Horton.
2463
2464         We reproduce the system used to propagate the page scale factor from the WebPage to the media controls to
2465         propagate the user interface layout direction.
2466
2467         The Page exposes a new setUserInterfaceLayoutDirection() method which is set by the WebPage. The Page
2468         then notifies the Document of a change, which propagates down to registered media elements, and finally sets
2469         the usesLTRUserInterfaceLayoutDirection property on the media controller object in the injected JavaScript.
2470         Based on the value of that property we toggle a new .uses-ltr-user-interface-layout-direction CSS class on the
2471         .volume-box which applies a translate to the right and flips the volume controls on the x axis.
2472
2473         Since we're setting a new JS property from HTMLMediaController, we refactor much of the code out of the existing
2474         pageScaleFactorChanged() and setPageScaleFactorProperty() into the new setControllerJSProperty() method so that
2475         can easily set a named JS property with a given JSValue.
2476
2477         For testing purposes, we expose the WebCore::Page::setUserInterfaceLayoutDirection() method through Internals.
2478
2479         Test: fullscreen/video-controls-rtl.html
2480
2481         * Modules/mediacontrols/mediaControlsApple.css:
2482         (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box:not(.uses-ltr-user-interface-layout-direction)):
2483         * Modules/mediacontrols/mediaControlsApple.js:
2484         (Controller.prototype.set usesLTRUserInterfaceLayoutDirection):
2485         * WebCore.xcodeproj/project.pbxproj:
2486         * dom/Document.cpp:
2487         (WebCore::Document::registerForUserInterfaceLayoutDirectionChangedCallbacks):
2488         (WebCore::Document::unregisterForUserInterfaceLayoutDirectionChangedCallbacks):
2489         (WebCore::Document::userInterfaceLayoutDirectionChanged):
2490         * dom/Document.h:
2491         * html/HTMLMediaElement.cpp:
2492         (WebCore::HTMLMediaElement::registerWithDocument):
2493         (WebCore::HTMLMediaElement::unregisterWithDocument):
2494         (WebCore::HTMLMediaElement::updatePageScaleFactorJSProperty):
2495         (WebCore::HTMLMediaElement::updateUsesLTRUserInterfaceLayoutDirectionJSProperty):
2496         (WebCore::HTMLMediaElement::setControllerJSProperty):
2497         (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
2498         (WebCore::HTMLMediaElement::pageScaleFactorChanged):
2499         (WebCore::HTMLMediaElement::userInterfaceLayoutDirectionChanged):
2500         (WebCore::setPageScaleFactorProperty): Deleted.
2501         * html/HTMLMediaElement.h:
2502         * page/Page.cpp:
2503         (WebCore::Page::setUserInterfaceLayoutDirection):
2504         * page/Page.h:
2505         (WebCore::Page::userInterfaceLayoutDirection):
2506         * platform/UserInterfaceLayoutDirection.h: Renamed from Source/WebKit2/UIProcess/UserInterfaceLayoutDirection.h.
2507         * testing/Internals.cpp:
2508         (WebCore::Internals::setUserInterfaceLayoutDirection):
2509         * testing/Internals.h:
2510         * testing/Internals.idl:
2511
2512 2016-06-17  Chris Dumez  <cdumez@apple.com>
2513
2514         TouchEvent should have a constructor
2515         https://bugs.webkit.org/show_bug.cgi?id=158883
2516         <rdar://problem/26063585>
2517
2518         Reviewed by Benjamin Poulain.
2519
2520         TouchEvent should have a constructor:
2521         - https://w3c.github.io/touch-events/#touchevent-interface
2522
2523         Chrome already ships this:
2524         - https://bugs.chromium.org/p/chromium/issues/detail?id=508675
2525
2526         Test: fast/events/touch/touch-event-constructor.html
2527
2528         * bindings/js/JSDictionary.cpp:
2529         (WebCore::JSDictionary::convertValue):
2530         * bindings/js/JSDictionary.h:
2531         * dom/TouchEvent.cpp:
2532         (WebCore::TouchEvent::TouchEvent):
2533         * dom/TouchEvent.h:
2534         * dom/TouchEvent.idl:
2535
2536 2016-06-17  Zalan Bujtas  <zalan@apple.com>
2537
2538         Potential null dereferencing on a detached positioned renderer.
2539         https://bugs.webkit.org/show_bug.cgi?id=158879
2540
2541         Reviewed by Simon Fraser.
2542
2543         This patch fixes the case when the while loop to search for the absolute positioned ancestor
2544         returns null (it happens when positioned renderer has been detached from the render tree).
2545
2546         Speculative fix.
2547
2548         * rendering/RenderBlock.cpp:
2549         (WebCore::RenderBlock::markFixedPositionObjectForLayoutIfNeeded):
2550         * rendering/RenderBlock.h:
2551
2552 2016-06-17  Chris Dumez  <cdumez@apple.com>
2553
2554         URL hash setter does not remove fragment identifier if argument is an empty string
2555         https://bugs.webkit.org/show_bug.cgi?id=158869
2556         <rdar://problem/26863430>
2557
2558         Reviewed by Darin Adler.
2559
2560         URL hash setter and URLUtils hash setter should remove the fragment identifier
2561         if set to "#" or "":
2562         - https://url.spec.whatwg.org/#dom-url-hash
2563         - https://html.spec.whatwg.org/multipage/semantics.html#dom-hyperlink-hash
2564
2565         This patch aligns our behavior with the specification and with other browsers
2566         (tested Firefox and Chrome).
2567
2568         This patch also updates HTMLAnchorElement to inherit URLUtils to avoid code
2569         duplication. HTMLAnchorElement already implements URLUtils in the IDL, as per
2570         the specification:
2571         - https://html.spec.whatwg.org/multipage/semantics.html#htmlanchorelement
2572
2573         No new tests, rebaselined existing tests.
2574
2575         * html/HTMLAnchorElement.cpp:
2576         (WebCore::HTMLAnchorElement::origin): Deleted.
2577         (WebCore::HTMLAnchorElement::text): Deleted.
2578         (WebCore::HTMLAnchorElement::setText): Deleted.
2579         (WebCore::HTMLAnchorElement::toString): Deleted.
2580         (WebCore::HTMLAnchorElement::isLiveLink): Deleted.
2581         (WebCore::HTMLAnchorElement::sendPings): Deleted.
2582         (WebCore::HTMLAnchorElement::handleClick): Deleted.
2583         (WebCore::HTMLAnchorElement::eventType): Deleted.
2584         (WebCore::HTMLAnchorElement::treatLinkAsLiveForEventType): Deleted.
2585         (WebCore::isEnterKeyKeydownEvent): Deleted.
2586         (WebCore::shouldProhibitLinks): Deleted.
2587         (WebCore::HTMLAnchorElement::willRespondToMouseClickEvents): Deleted.
2588         (WebCore::rootEditableElementMap): Deleted.
2589         (WebCore::HTMLAnchorElement::rootEditableElementForSelectionOnMouseDown): Deleted.
2590         (WebCore::HTMLAnchorElement::clearRootEditableElementForSelectionOnMouseDown): Deleted.
2591         (WebCore::HTMLAnchorElement::setRootEditableElementForSelectionOnMouseDown): Deleted.
2592         * html/HTMLAnchorElement.h:
2593         (WebCore::HTMLAnchorElement::invalidateCachedVisitedLinkHash): Deleted.
2594         * html/URLUtils.h:
2595         (WebCore::URLUtils<T>::setHash):
2596
2597 2016-06-17  John Wilander  <wilander@apple.com>
2598
2599         Ignore case in the check for security origin inheritance
2600         https://bugs.webkit.org/show_bug.cgi?id=158878
2601
2602         Reviewed by Alex Christensen.
2603
2604         Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
2605         "Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII 
2606         case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for 
2607         those two lines instead of using ==. URL::parse normalizes letters in the scheme 
2608         and host by using toASCIILower, but does not normalize letters elsewhere in the 
2609         URL, such as in the "blank" or "srcdoc" in the above URLs."
2610
2611         Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
2612
2613         * platform/URL.cpp:
2614         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
2615
2616 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
2617
2618         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
2619         https://bugs.webkit.org/show_bug.cgi?id=158868
2620
2621         Reviewed by Alex Christensen.
2622
2623         Fix compilation errors in Node.cpp when we enable DUMP_NODE_STATISTICS
2624
2625         * dom/Node.cpp:
2626         (WebCore::Node::dumpStatistics):
2627
2628 2016-06-17  Per Arne Vollan  <pvollan@apple.com>
2629
2630         [Win] Scrolling in popup menu scrolls past last entry.
2631         https://bugs.webkit.org/show_bug.cgi?id=158870
2632
2633         Reviewed by Brent Fulgham.
2634
2635         When the popup has a scrollbar, the content size is not equal to the popup window size.
2636   
2637         * platform/win/PopupMenuWin.cpp:
2638         (WebCore::PopupMenuWin::contentsSize):
2639
2640 2016-06-17  Frederic Wang  <fwang@igalia.com>
2641
2642         Refactor RenderMathMLRoot layout function to avoid using flexbox
2643         https://bugs.webkit.org/show_bug.cgi?id=153987
2644
2645         Reviewed by Brent Fulgham.
2646
2647         No new tests, already covered by existing tests.
2648         A case for RTL root has been added to roots.xhtml.
2649
2650         We reimplement RenderMathMLRoot without any flexbox or anonymous.
2651         The anonymous RenderMathMLRadicalOperator used to draw the radical sign is replaced with
2652         the MathOperator class introduced in bug 152244.
2653         msqrt (row of children under a square root) is now implemented directly in RenderMathMLRoot,
2654         so RenderMathMLSquareRoot is removed and RenderMathMLRoot now inherits from RenderMathMLRow.
2655
2656         * CMakeLists.txt: Remove files for RenderMathMLRadicalOperator and RenderMathMLSquareRoot.
2657         * WebCore.xcodeproj/project.pbxproj: ditto.
2658         * accessibility/AccessibilityRenderObject.cpp: Update code now that we do not use any
2659         radical wrappers.
2660         (WebCore::AccessibilityRenderObject::isMathRow): Now that RenderMathMLRoot inherits from
2661         RenderMathMLRow, we must exclude MathRoot or otherwise some accessibility code may treat
2662         roots as rows.
2663         (WebCore::AccessibilityRenderObject::mathRadicandObject): Return the first child for
2664         Root/SquareRoot or nullptr.
2665         (WebCore::AccessibilityRenderObject::mathRootIndexObject): Return the second child for
2666         Root and nullptr for SquareRoot.
2667         * mathml/MathMLInlineContainerElement.cpp:
2668         (WebCore::MathMLInlineContainerElement::childrenChanged): We no longer need a special case
2669         for msqrt, it is treated as a normal RenderMathMLRow.
2670         (WebCore::MathMLInlineContainerElement::createElementRenderer): Make msqrt create a
2671         RenderMathMLRoot object.
2672         * rendering/RenderObject.h:
2673         (WebCore::RenderObject::isRenderMathMLRadicalOperator): Deleted.
2674         * rendering/mathml/RenderMathMLBlock.cpp:
2675         (WebCore::RenderMathMLBlock::mirrorIfNeeded): New function to mirror a child horizontal
2676         offset according to the parent width.
2677         (WebCore::RenderMathMLBlock::renderName):
2678         * rendering/mathml/RenderMathMLBlock.h:
2679         (WebCore::RenderMathMLBlock::mirrorIfNeeded): Moved from RenderMathMLScripts, just forward
2680         call to the other mirrorIfNeeded function.
2681         * rendering/mathml/RenderMathMLOperator.cpp: We no longer need this trailingSpaceError hack.
2682         (WebCore::RenderMathMLOperator::trailingSpaceError): Deleted.
2683         * rendering/mathml/RenderMathMLOperator.h: ditto.
2684         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Removed. The radical sign is now drawn
2685         with a MathOperator.
2686         * rendering/mathml/RenderMathMLRadicalOperator.h: Removed.
2687         * rendering/mathml/RenderMathMLRoot.cpp: Complete refactoring to avoid using flexbox and
2688         anonymous wrappers.
2689         (WebCore::RenderMathMLRoot::RenderMathMLRoot): Set m_kind parameters to distinguish between
2690         square root and general root and set the MathOperator member to draw the radical sign.
2691         (WebCore::RenderMathMLRoot::isValid): Helper function to verify whether the child list is valid.
2692         (WebCore::RenderMathMLRoot::getBase): Get the base of an mroot.
2693         (WebCore::RenderMathMLRoot::getIndex): Get the index of an mroot.
2694         (WebCore::RenderMathMLRoot::styleDidChange): Be sure to keep the style of the
2695         MathOperator in sync with ours ; no need to skip empty roots.
2696         (WebCore::RenderMathMLRoot::updateFromElement): Call the function from the new parent class ;
2697         no need to skip empty roots.
2698         (WebCore::RenderMathMLRoot::updateStyle): Remove the isEmpty ASSERT as it is valid to have
2699         empty square root. Set the m_kernBeforeDegree, m_kernBeforeDegree members.
2700         No need to set style for anonymous.
2701         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths): Implement this function.
2702         (WebCore::RenderMathMLRoot::layoutBlock): Implement this function.
2703         (WebCore::RenderMathMLRoot::paintChildren): Implement this function.
2704         (WebCore::RenderMathMLRoot::paint): Remove the trailingSpaceError hack ;
2705         paint the radical sign via MathOperator::paint
2706         (WebCore::RenderMathMLRoot::baseWrapper): Deleted.
2707         (WebCore::RenderMathMLRoot::radicalWrapper): Deleted.
2708         (WebCore::RenderMathMLRoot::indexWrapper): Deleted.
2709         (WebCore::RenderMathMLRoot::radicalOperator): Deleted.
2710         (WebCore::RenderMathMLRoot::restructureWrappers): Deleted.
2711         (WebCore::RenderMathMLRoot::addChild): Deleted.
2712         (WebCore::RenderMathMLRoot::firstLineBaseline): Deleted.
2713         (WebCore::RenderMathMLRoot::layout): Deleted.
2714         (WebCore::RenderMathMLRootWrapper::createAnonymousWrapper): Deleted.
2715         (WebCore::RenderMathMLRootWrapper::removeChildWithoutRestructuring): Deleted.
2716         (WebCore::RenderMathMLRootWrapper::removeChild): Deleted.
2717         * rendering/mathml/RenderMathMLRoot.h: Make RenderMathMLRoot inherit from RenderMathMLRow.
2718         Make RenderMathMLRoot support <msqrt>.
2719         Remove all the anonymous wrapper stuff and instead use a MathOperator for the radical symbol.
2720         Update function declaration to implement layout without flexbox and add some helper functions.
2721         * rendering/mathml/RenderMathMLRow.cpp: Allow to get the exact metrics of the chid row,
2722         for use in RenderMathMLRoot.
2723         (WebCore::RenderMathMLRow::computeLineVerticalStretch): rename parameters.
2724         (WebCore::RenderMathMLRow::layoutRowItems): Set parameters to the final ascent, descent and
2725         logical width of the chid row. Set the temporary logical width for RenderMathRoot before
2726         laying the children out.
2727         (WebCore::RenderMathMLRow::layoutBlock): Rename parameters ; add a dummy logicalWidth
2728         parameter.
2729         * rendering/mathml/RenderMathMLRow.h: Make some functions accessible or overridable by
2730         RenderMathMLRoot. Make layoutRowItems return the final ascent, descent and logical width
2731         after the chid row is laid out.
2732         * rendering/mathml/RenderMathMLScripts.cpp: Move mirrorIfNeeded to RenderMathMLBlock.
2733         (WebCore::RenderMathMLScripts::mirrorIfNeeded): Deleted.
2734         * rendering/mathml/RenderMathMLScripts.h: Move mirrorIfNeeded to RenderMathMLBlock.
2735         * rendering/mathml/RenderMathMLSquareRoot.cpp: Removed.
2736         * rendering/mathml/RenderMathMLSquareRoot.h: Removed.
2737         * rendering/mathml/MathOperator.cpp:
2738         (WebCore::MathOperator::paint): Apply a mirroring scale transform to radical symbol
2739         in RTL direction.
2740
2741 2016-06-17  Chris Dumez  <cdumez@apple.com>
2742
2743         Drop some unnecessary header includes
2744         https://bugs.webkit.org/show_bug.cgi?id=158864
2745
2746         Reviewed by Alexey Proskuryakov.
2747
2748         Drop some unnecessary header includes to try and reduce build times.
2749
2750         * WebCore.xcodeproj/project.pbxproj:
2751         * accessibility/AccessibilityList.cpp:
2752         * css/CSSComputedStyleDeclaration.cpp:
2753         * css/MediaQueryMatcher.cpp:
2754         * css/StyleMedia.cpp:
2755         * css/TransformFunctions.cpp:
2756         * dom/NodeRenderStyle.h:
2757         * dom/PseudoElement.h:
2758         (isType): Deleted.
2759         * html/HTMLTitleElement.cpp:
2760         * html/shadow/MediaControlElementTypes.h:
2761         * html/shadow/MediaControls.cpp:
2762         * inspector/InspectorDOMAgent.h:
2763         * inspector/InspectorLayerTreeAgent.h:
2764         * inspector/InspectorPageAgent.cpp:
2765         * page/scrolling/AsyncScrollingCoordinator.cpp:
2766         * page/scrolling/ScrollingCoordinator.h:
2767         * rendering/BidiRun.h:
2768         * rendering/BorderEdge.h:
2769         * rendering/RenderElement.h:
2770         * rendering/RenderObject.h:
2771         (WebCore::AnnotatedRegionValue::operator==): Deleted.
2772         (WebCore::AnnotatedRegionValue::operator!=): Deleted.
2773         * rendering/RenderObjectEnums.h: Added.
2774         * rendering/RenderTheme.h:
2775         * rendering/SimpleLineLayoutFlowContents.h:
2776         * rendering/SimpleLineLayoutTextFragmentIterator.h:
2777         * rendering/TextPainter.h:
2778         * rendering/style/RenderStyle.h:
2779         (WebCore::pseudoElementRendererIsNeeded):
2780         * rendering/style/ShapeValue.cpp:
2781         * rendering/style/ShapeValue.h:
2782         * style/ClassChangeInvalidation.cpp:
2783         * style/ClassChangeInvalidation.h:
2784         * style/InlineTextBoxStyle.h:
2785         * style/StyleUpdate.cpp:
2786
2787 2016-06-17  Andreas Kling  <akling@apple.com>
2788
2789         [iOS] Throw away linked code when navigating to a new page.
2790         <https://webkit.org/b/153851>
2791
2792         Reviewed by Antti Koivisto.
2793
2794         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
2795         Linked code is tied to a specific global object, and as we're creating a new one for the
2796         new page, none of it is useful to us here.
2797
2798         In the event that the user navigates back, the cost of relinking some code will be far
2799         lower than the memory cost of keeping all of it around.
2800
2801         This was in-tree before but was rolled out due to regressing JSBench. It was a slowdown
2802         due to the benchmark harness using top-level navigations to drive the tests.
2803         This new version avoids that problem by only throwing out code if we haven't navigated
2804         in the last 2 seconds. This also prevents excessive work in response to redirects.
2805
2806         I've also moved this into MemoryPressureHandler so we don't make a mess in FrameLoader.
2807
2808         * loader/FrameLoader.cpp:
2809         (WebCore::FrameLoader::commitProvisionalLoad):
2810         * platform/MemoryPressureHandler.cpp:
2811         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
2812         * platform/MemoryPressureHandler.h:
2813
2814 2016-06-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2815
2816         CORS preflight with a non-200 response should be a preflight failure
2817         https://bugs.webkit.org/show_bug.cgi?id=111008
2818
2819         Reviewed by Darin Adler.
2820
2821         Covered by rebased tests.
2822
2823         * Modules/fetch/FetchResponse.h: Making use of ResourceResponse::isSuccessful.
2824         * loader/CrossOriginPreflightChecker.cpp:
2825         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Checking that response status is code is
2826         successful. If not, calling preflight failure callback.
2827         (WebCore::CrossOriginPreflightChecker::startPreflight): Putting in manual redirection mode so that redirection
2828         responses are processed as other responses.
2829         * loader/ResourceLoaderOptions.h:
2830         (WebCore::ResourceLoaderOptions::fetchOptions): Adding a non-const getter and fixing const getter to return a
2831         const reference.
2832         (WebCore::ResourceLoaderOptions::setFetchOptions): Passing options by reference.
2833         * platform/network/ResourceResponseBase.cpp:
2834         (WebCore::ResourceResponseBase::isSuccessful): Utility function.
2835         * platform/network/ResourceResponseBase.h:
2836
2837 2016-06-17  Frederic Wang  <fwang@igalia.com>
2838
2839         MathOperator: Add fallback mechanisms for stretching and mirroring radical symbols
2840         https://bugs.webkit.org/show_bug.cgi?id=156836
2841
2842         Reviewed by Sergio Villar Senin.
2843
2844         Some platforms do not have OpenType MATH fonts pre-installed and thus can not draw stretchy
2845         operators using size variants or glyph assembly. This is especially problematic for the
2846         radical symbol which is used to write roots. Currently, we have some fallback code to draw
2847         that symbol using graphical primitives but it is a bit complex and makes the style of radical
2848         inconsistent with the font used. We solve these issues by just scaling the base glyph via a
2849         scale transform. Such scale transform is also used to mirror the radical symbol so that we
2850         have some support for right-to-left roots until we can do glyph-level mirroring
2851         via the OpenType rtlm feature.
2852
2853         Test: mathml/radical-fallback.html
2854
2855         * rendering/mathml/MathOperator.cpp: Add a constant for the code point U+221A of the radical.
2856         (WebCore::MathOperator::reset): In general, we don't need any vertical scaling for radical
2857         symbols so m_radicalVerticalScale is initialized to 1.
2858         (WebCore::MathOperator::calculateStretchyData): If we don't have a font with a MATH table and we
2859         try streching a radical, then we update the vertical metrics to match the target size and
2860         set m_radicalVerticalScale to the value necessary to make the base glyph scaled to that size.
2861         (WebCore::MathOperator::paint): For a radical operator, we may apply a scale transform of
2862         parameters (radicalHorizontalScale, m_radicalVerticalScale) in order to support RTL
2863         mirroring or vertical stretching.
2864         * rendering/mathml/MathOperator.h: We add a m_radicalVerticalScale member to indicate the
2865         scaling to apply to the base radical glyph when the stretchy fallback is necessary.
2866         (WebCore::MathOperator::isStretched): The operator is also considered stretched when the
2867         m_radicalVerticalScale is applied to the base size.
2868         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Remove code specific to the old fallback mechanism.
2869         * rendering/mathml/RenderMathMLRadicalOperator.h: Ditto.
2870
2871 2016-06-16  Commit Queue  <commit-queue@webkit.org>
2872
2873         Unreviewed, rolling out r202147.
2874         https://bugs.webkit.org/show_bug.cgi?id=158867
2875
2876         Broke scrolling tests on iOS Simulator (Requested by ap on
2877         #webkit).
2878
2879         Reverted changeset:
2880
2881         "Focus event dispatched in iframe causes parent document to
2882         scroll incorrectly"
2883         https://bugs.webkit.org/show_bug.cgi?id=158629
2884         http://trac.webkit.org/changeset/202147
2885
2886 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
2887
2888         :in-range & :out-of-range CSS pseudo-classes shouldn't match disabled or readonly inputs
2889         https://bugs.webkit.org/show_bug.cgi?id=156530
2890
2891         Reviewed by Simon Fraser.
2892
2893         Elements should only match :in-range and :out-of-range
2894         when they are candidate for constraint validation.
2895
2896         Tests: fast/css/pseudo-in-range-on-disabled-input-basics.html
2897                fast/css/pseudo-in-range-on-readonly-input-basics.html
2898                fast/css/pseudo-in-range-out-of-range-on-disabled-input-trivial.html
2899                fast/css/pseudo-out-of-range-on-disabled-input-basics.html
2900                fast/css/pseudo-out-of-range-on-readonly-input-basics.html
2901                fast/selectors/in-range-out-of-range-style-update.html
2902
2903         * html/BaseDateAndTimeInputType.cpp:
2904         (WebCore::BaseDateAndTimeInputType::minOrMaxAttributeChanged):
2905         * html/NumberInputType.cpp:
2906         (WebCore::NumberInputType::minOrMaxAttributeChanged):
2907         I forgot to handle style update in r202143.
2908         This is covered by the new style invalidation test.
2909
2910         * html/BaseDateAndTimeInputType.h:
2911         * html/HTMLInputElement.cpp:
2912         (WebCore::HTMLInputElement::isInRange):
2913         (WebCore::HTMLInputElement::isOutOfRange):
2914
2915 2016-06-16  Frederic Wang  <fwang@igalia.com>
2916
2917         Add separate MathOperator for selection/measuring/drawing of stretchy operators
2918         https://bugs.webkit.org/show_bug.cgi?id=152244
2919
2920         Reviewed by Brent Fulgham.
2921
2922         We complete the class to select, measure and draw stretchy operators that is independent
2923         from RenderMathMLOperator. That way, we will be able use stretchy operator without having
2924         to introduce & manage anonymous RenderMathMLOperator's
2925         (e.g for <mroot>, <msqrt> and <mfenced>).
2926
2927         No new tests, already covered by existing tests.
2928
2929         * rendering/mathml/MathOperator.cpp:
2930         (WebCore::ascentForGlyph): Add this helper function to get glyph ascent.
2931         (WebCore::descentForGlyph): Add this helper function to get glyph descent.
2932         (WebCore::MathOperator::reset): Initialize all the data and calculate ascent/descent of the
2933         base glyph.
2934         (WebCore::MathOperator::setSizeVariant): Set the width/ascent/descent.
2935         (WebCore::MathOperator::setGlyphAssembly): Ditto.
2936         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Remove the STIX Word hack and
2937         change m_maxPreferredWidth to use the actual width instead.
2938         (WebCore::MathOperator::stretchTo): New functions to execute the actual operator streching.
2939         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Add a FIXME for bug 155434.
2940         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Align all the glyph baselines on
2941         the same axis, given by m_ascent.
2942         Add a FIXME for bug 155434.
2943         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
2944         (WebCore::MathOperator::paint): Public function to do the painting.
2945         (WebCore::MathOperator::paintVerticalGlyphAssembly): Deleted.
2946         * rendering/mathml/MathOperator.h: Update declarations and make most of the members private.
2947         (WebCore::MathOperator::ascent): Function to expose m_ascent.
2948         (WebCore::MathOperator::descent): Function to expose m_descent.
2949         * rendering/mathml/RenderMathMLOperator.cpp:
2950         (WebCore::RenderMathMLOperator::stretchTo): Forward the stretching call to MathOperator.
2951         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Unfold advanceForGlyph
2952         since we delete RenderMathMLOperator::advanceForGlyph. Just rely on
2953         MathOperator::maxPreferredWidth to determine the preferred width of stretchy operators.
2954         For horizontal operators, we just use the width of the base glyph.
2955         Finally, we remove the dirty flag on preferred logical width.
2956         (WebCore::RenderMathMLOperator::rebuildTokenContent): Reinit the MathOperator instance.
2957         (WebCore::RenderMathMLOperator::updateFromElement): Force more updates of
2958         RenderMathMLOperator to avoid test breakage.
2959         (WebCore::RenderMathMLOperator::styleDidChange): Call MathOperator::reset to take into
2960         account style change.
2961         (WebCore::RenderMathMLOperator::updateStyle): Remove unused code.
2962         (WebCore::RenderMathMLOperator::firstLineBaseline): Use MathOperator::ascent() function.
2963         (WebCore::RenderMathMLOperator::computeLogicalHeight): Use MathOperator::ascent() and
2964         MathOperator::descent() functions to calculate the height.
2965         (WebCore::RenderMathMLOperator::paint): Only stretched operators are treated specially.
2966         We center horizontal operator and forward the paint() call to MathOperator.
2967         (WebCore::RenderMathMLOperator::trailingSpaceError): The error is now just the difference
2968         between the values returned by MathOperator::maxPreferredWidth() and
2969         MathOperator::width().
2970         (WebCore::boundsForGlyph): Deleted.
2971         (WebCore::heightForGlyph): Deleted.
2972         (WebCore::advanceWidthForGlyph): Deleted.
2973         (WebCore::RenderMathMLOperator::updateStyle): Deleted.
2974
2975 2016-06-16  Jiewen Tan  <jiewen_tan@apple.com>
2976
2977         CSP: Content Security Policy should allow '*' to match the originating page's scheme
2978         https://bugs.webkit.org/show_bug.cgi?id=158811
2979         <rdar://problem/26819568>
2980
2981         Reviewed by Daniel Bates.
2982
2983         Tests: security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star.html
2984                security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star.html
2985                security/contentSecurityPolicy/script-with-file-url-allowed-by-script-src-star.html
2986                security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star.html
2987
2988         * page/csp/ContentSecurityPolicySourceList.cpp:
2989         (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):
2990
2991 2016-06-16  Chris Dumez  <cdumez@apple.com>
2992
2993         Add HTTPHeaderMap::set() overload taking a NSString*
2994         https://bugs.webkit.org/show_bug.cgi?id=158857
2995
2996         Reviewed by Darin Adler.
2997
2998         Add HTTPHeaderMap::set() overloading taking a NSString* in addition to
2999         the one taking a CFStringRef. It is useful for the Cocoa implementation
3000         of ResourceRequest::doUpdateResourceRequest().
3001
3002         * platform/network/HTTPHeaderMap.h:
3003         (WebCore::HTTPHeaderMap::set):
3004
3005 2016-06-16  Joseph Pecoraro  <pecoraro@apple.com>
3006
3007         Web Inspector: console.profile should use the new Sampling Profiler
3008         https://bugs.webkit.org/show_bug.cgi?id=153499
3009         <rdar://problem/24352431>
3010
3011         Reviewed by Timothy Hatcher.
3012
3013         Test: inspector/timeline/setInstruments-programmatic-capture.html
3014
3015         * inspector/InspectorTimelineAgent.cpp:
3016         (WebCore::InspectorTimelineAgent::startFromConsole):
3017         (WebCore::InspectorTimelineAgent::stopFromConsole):
3018         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
3019         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
3020         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
3021         (WebCore::InspectorTimelineAgent::toggleInstruments):
3022         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
3023         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
3024         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
3025         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
3026         * inspector/InspectorTimelineAgent.h:
3027         Web implementation of console.profile/profileEnd.
3028         Make helpers for startings / stopping instruments.
3029
3030 2016-06-16  John Wilander  <wilander@apple.com>
3031
3032         Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
3033         https://bugs.webkit.org/show_bug.cgi?id=158855
3034         <rdar://problem/26142632>
3035
3036         Reviewed by Alex Christensen.
3037
3038         Tests: http/tests/dom/window-open-about-blank-and-access-document.html
3039                http/tests/dom/window-open-about-webkit-org-and-access-document.html
3040
3041         Document.cpp previously checked whether a document should inherit its owner's 
3042         security origin by checking if the URL is either empty or blank. URL.cpp in 
3043         turn only checks if the protocol is "about:" in the isBlankURL() function. 
3044         Thus all about:* URLs inherited security origin. This patch restricts 
3045         security origin inheritance to empty, about:blank, and about:srcdoc URLs.
3046
3047         Quotes and links from the WHATWG spec regarding about:srcdoc:
3048
3049         7.1 Browsing contexts
3050         A browsing context can have a creator browsing context, the browsing context 
3051         that was responsible for its creation. If a browsing context has a parent 
3052         browsing context, then that is its creator browsing context. Otherwise, if the 
3053         browsing context has an opener browsing context, then that is its creator 
3054         browsing context. Otherwise, the browsing context has no creator browsing 
3055         context.
3056         https://html.spec.whatwg.org/multipage/browsers.html#concept-document-bc
3057
3058         7.1.1 Nested browsing contexts
3059         Certain elements (for example, iframe elements) can instantiate further 
3060         browsing contexts. These are called nested browsing contexts. If a browsing 
3061         context P has a Document D with an element E that nests another browsing 
3062         context C inside it, then C is said to be nested through D, and E is said to 
3063         be the browsing context container of C. If the browsing context container 
3064         element E is in the Document D, then P is said to be the parent browsing 
3065         context of C and C is said to be a child browsing context of P. Otherwise, 
3066         the nested browsing context C has no parent browsing context.
3067         https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-context
3068
3069         4.8.5 The iframe element
3070         The iframe element represents a nested browsing context.
3071         ...
3072         If the srcdoc attribute is specified
3073             Navigate the element's child browsing context to a new response whose 
3074             url list consists of about:srcdoc ...
3075         https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-srcdoc
3076
3077         * dom/Document.cpp:
3078         (WebCore::Document::initSecurityContext):
3079             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
3080         (WebCore::Document::initContentSecurityPolicy):
3081             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
3082         (WebCore::shouldInheritSecurityOriginFromOwner): Deleted.
3083             Moved to URL::shouldInheritSecurityOriginFromOwner() and restricted the check.
3084         * platform/URL.cpp:
3085         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
3086         * platform/URL.h:
3087             Moved the function from Document and restricted the check to only allow
3088             security origin inheritance for empty, about:blank, and about:srcdoc URLs.
3089
3090 2016-06-16  Simon Fraser  <simon.fraser@apple.com>
3091
3092         [iOS] Focus event dispatched in iframe causes parent document to scroll incorrectly
3093         https://bugs.webkit.org/show_bug.cgi?id=158629
3094         rdar://problem/26521616
3095
3096         Reviewed by Enrica Casucci.
3097
3098         When focussing elements in iframes, the page could scroll to an incorrect location.
3099         This happened because code in Element::focus() tried to disable scrolling on focus,
3100         but did so only for the current frame, so ancestor frames got programmatically scrolled.
3101         On iOS we handle the scrolling in the UI process, so never want the web process to
3102         do programmatic scrolling.
3103
3104         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
3105         rather than manually prohibiting frame scrolling.
3106
3107         Tests: fast/forms/ios/focus-input-in-iframe.html
3108                fast/forms/ios/programmatic-focus-input-in-iframe.html
3109
3110         * dom/Element.cpp:
3111         (WebCore::Element::focus):
3112         * history/CachedPage.cpp:
3113         (WebCore::CachedPage::restore):
3114
3115 2016-06-16  Zalan Bujtas  <zalan@apple.com>
3116
3117         [New Block-Inside-Inline Model] Do not attempt to re-run margin collapsing on the block sequence.
3118         https://bugs.webkit.org/show_bug.cgi?id=158854
3119
3120         Reviewed by David Hyatt.
3121
3122         Test: fast/block/inside-inlines/crash-on-first-line-change.html
3123
3124         * rendering/RenderBlockLineLayout.cpp:
3125         (WebCore::RenderBlockFlow::marginCollapseLinesFromStart):
3126
3127 2016-06-16  Ting-Wei Lan  <lantw44@gmail.com>
3128
3129         Include cstdlib before using std::atexit
3130         https://bugs.webkit.org/show_bug.cgi?id=158681
3131
3132         Reviewed by Brent Fulgham.
3133
3134         * platform/graphics/PlatformDisplay.cpp:
3135
3136 2016-06-16  Chris Dumez  <cdumez@apple.com>
3137
3138         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
3139         https://bugs.webkit.org/show_bug.cgi?id=158853
3140
3141         Reviewed by Brent Fulgham.
3142
3143         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
3144         as m_bestFitImageURL data member is an AtomicString. This avoids constructing a String and
3145         then atomizing it.
3146
3147         * html/HTMLImageElement.cpp:
3148         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
3149
3150 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
3151
3152         :in-range & :out-of-range CSS pseudo-classes shouldn't match inputs without range limitations
3153         https://bugs.webkit.org/show_bug.cgi?id=156558
3154
3155         Reviewed by Simon Fraser.
3156
3157         The pseudo selectors :in-range and :out-of-range should only
3158         apply if:
3159         -minimum/maximum are defined for the input type
3160         -the input value is/is-not suffering from underflow/overflow.
3161
3162         Only certain types have a valid minimum and maximum:
3163         -number
3164         -range
3165         -date
3166         -month
3167         -week
3168         -time
3169         -datetime-local
3170
3171         Of those, only one has a default minimum and maximum: range.
3172         For all the others, the minimum or maximum is only defined
3173         if the min/max attribute is defined and valid.
3174
3175         This patch addresses these constraints for number and range.
3176         The date types range validation is severely broken and is
3177         left untouched. It really needs a clean rewrite.
3178
3179         Tests: fast/css/pseudo-in-range-basics.html
3180                fast/css/pseudo-in-range-out-of-range-trivial.html
3181                fast/css/pseudo-out-of-range-basics.html
3182
3183         * html/DateInputType.cpp:
3184         (WebCore::DateInputType::createStepRange):
3185         * html/DateTimeInputType.cpp:
3186         (WebCore::DateTimeInputType::createStepRange):
3187         * html/DateTimeLocalInputType.cpp:
3188         (WebCore::DateTimeLocalInputType::createStepRange):
3189         * html/InputType.cpp:
3190         (WebCore::InputType::isInRange):
3191         (WebCore::InputType::isOutOfRange):
3192         Notice the isEmpty() shortcut.
3193         A value can only overflow/underflow if it is not empty.
3194
3195         * html/MonthInputType.cpp:
3196         (WebCore::MonthInputType::createStepRange):
3197         * html/NumberInputType.cpp:
3198         (WebCore::NumberInputType::createStepRange):
3199         * html/RangeInputType.cpp:
3200         (WebCore::RangeInputType::createStepRange):
3201         * html/StepRange.cpp:
3202         (WebCore::StepRange::StepRange):
3203         * html/StepRange.h:
3204         (WebCore::StepRange::hasRangeLimitations):
3205         * html/WeekInputType.cpp:
3206         (WebCore::WeekInputType::createStepRange):
3207
3208 2016-06-16  Anders Carlsson  <andersca@apple.com>
3209
3210         Fix macOS Sierra build
3211         https://bugs.webkit.org/show_bug.cgi?id=158849
3212
3213         Reviewed by Tim Horton.
3214
3215         Add WebCore:: qualifiers for IOSurface, to avoid conflicts with the IOSurface Objective-C class.
3216         
3217         Also, add an asLayerContents() getter that will return an id that's suitable for setting 
3218         as the contents of a CALayer.
3219
3220         * platform/graphics/cocoa/IOSurface.h:
3221         * platform/graphics/cocoa/IOSurface.mm:
3222
3223 2016-06-16  Andreas Kling  <akling@apple.com>
3224
3225         REGRESSION(r196217): 3% JSBench regression on iPhone 5.
3226         <https://webkit.org/b/158848>
3227         <rdar://problem/26609622>
3228
3229         Unreviewed rollout.
3230
3231         Don't jettison linked code on every top-level navigation as that was hurting JSBench on iPhone 5.
3232
3233         * loader/FrameLoader.cpp:
3234         (WebCore::FrameLoader::commitProvisionalLoad):
3235
3236 2016-06-16  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3237
3238         WebRTC: Check type of this in RTCPeerConnection JS built-in functions
3239         https://bugs.webkit.org/show_bug.cgi?id=151303
3240
3241         Reviewed by Youenn Fablet.
3242
3243         Check type of 'this' in RTCPeerConnection JS built-in functions.
3244
3245         Test: fast/mediastream/RTCPeerConnection-js-built-ins-check-this.html
3246
3247         * Modules/mediastream/RTCPeerConnection.js:
3248         (createOffer):
3249         (createAnswer):
3250         (setLocalDescription):
3251         (setRemoteDescription):
3252         (addIceCandidate):
3253         (getStats):
3254         Reject if 'this' isn't of type RTCPeerConnection.
3255         * Modules/mediastream/RTCPeerConnectionInternals.js:
3256         (isRTCPeerConnection):
3257         Add helper function to perform type check. Needs further robustifying.
3258
3259 2016-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
3260
3261         Sporadic crash in HashTableAddResult following CSSValuePool::createFontFamilyValue
3262         https://bugs.webkit.org/show_bug.cgi?id=158297
3263
3264         Reviewed by Darin Adler.
3265
3266         In an effort to reduce the flash of unstyled content, we force all elements
3267         to have display: none during an external stylesheet load. We do this by
3268         ignoring the CSS cascade and forcing all elements to have a placeholder style
3269         which hardcodes display: none. (This is necessary to make elements created by
3270         script during the stylesheet load not flash.)
3271
3272         This style is exposed to web content via getComputedStyle(), which means it
3273         needs to maintain the invariant that font-families can never be null strings.
3274         We enforce this by forcing the font-family to be the standard font name.
3275
3276         Test: fast/text/placeholder-renderstyle-null-font.html
3277
3278         * style/StyleTreeResolver.cpp:
3279         (WebCore::Style::ensurePlaceholderStyle):
3280
3281 2016-06-16  Chris Dumez  <cdumez@apple.com>
3282
3283         Avoid some temporary String allocations for common HTTP headers in ResourceResponse::platformLazyInit()
3284         https://bugs.webkit.org/show_bug.cgi?id=158827
3285
3286         Reviewed by Darin Adler.
3287
3288         Add a HTTPHeaderMap::set() overload taking in a CFStringRef. The
3289         implementation has a fast path which gets the internal characters
3290         of the CFStringRef when possible and constructs a StringView for
3291         it in order to call findHTTPHeaderName(). As a result, we avoid
3292         allocating a temporary String when findHTTPHeaderName() succeeds.
3293
3294         This new HTTPHeaderMap::set() overload is called from both the
3295         CF and Cocoa implementations of ResourceResponse::platformLazyInit().
3296
3297         I have confirmed locally on both Mac and iOS that the fast path
3298         is used ~93% of the time. CFStringGetCStringPtr() returns null in
3299         rare cases, causing the regular code path to be used.
3300
3301         * platform/network/HTTPHeaderMap.cpp:
3302         (WebCore::HTTPHeaderMap::set):
3303         * platform/network/HTTPHeaderMap.h:
3304
3305 2016-06-15  Zalan Bujtas  <zalan@apple.com>
3306
3307         Decouple the percent height and positioned descendants maps.
3308         https://bugs.webkit.org/show_bug.cgi?id=158773
3309
3310         Reviewed by David Hyatt and Chris Dumez.
3311
3312         We track renderers with percent height across multiple containers using
3313         HashMap<const RenderBox*, std::unique_ptr<HashSet<const RenderBlock*>>>.
3314         We also use the same data structure to track positioned descendants.
3315         However a positioned renderer can have only one containing block so tracking it
3316         with a 1:many type is defective.
3317         It allows multiple inserts for positioned descendants, which could lead to
3318         inconsistent layout state as the rendering logic expects these type of renderers
3319         with only one containing block.
3320         This patch decouples percent height and positioned tracking by introducing
3321         the PositionedDescendantsMap class. This class is responsible for tracking
3322         the positioned descendants inbetween layouts.
3323
3324         No change in functionality.
3325
3326         Tests: fast/block/positioning/change-containing-block-for-absolute-positioned.html
3327                fast/block/positioning/change-containing-block-for-fixed-positioned.html
3328
3329         * rendering/RenderBlock.cpp:
3330         (WebCore::insertIntoTrackedRendererMaps):
3331         (WebCore::removeFromTrackedRendererMaps):
3332         (WebCore::PositionedDescendantsMap::addDescendant): Add more defensive ASSERT_NOT_REACHED
3333         to the double insert branch when webkit.org/b/158772 gets fixed.
3334         (WebCore::PositionedDescendantsMap::removeDescendant):
3335         (WebCore::PositionedDescendantsMap::removeContainingBlock):
3336         (WebCore::PositionedDescendantsMap::positionedRenderers):
3337         (WebCore::positionedDescendantsMap):
3338         (WebCore::removeBlockFromPercentageDescendantAndContainerMaps):
3339         (WebCore::RenderBlock::~RenderBlock):
3340         (WebCore::RenderBlock::positionedObjects):
3341         (WebCore::RenderBlock::insertPositionedObject):
3342         (WebCore::RenderBlock::removePositionedObject):
3343         (WebCore::RenderBlock::addPercentHeightDescendant):
3344         (WebCore::RenderBlock::removePercentHeightDescendant):
3345         (WebCore::RenderBlock::percentHeightDescendants):
3346         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
3347         (WebCore::removeBlockFromDescendantAndContainerMaps): Deleted.
3348         * rendering/RenderBlock.h:
3349
3350 2016-06-15  David Kilzer  <ddkilzer@apple.com>
3351
3352         Move SoftLinking.h to platform/cococa from platform/mac
3353         <https://webkit.org/b/158825>
3354
3355         Reviewed by Andy Estes.
3356
3357         * PlatformMac.cmake: Update for new directory.
3358         * WebCore.xcodeproj/project.pbxproj: Ditto.
3359         * platform/cocoa/SoftLinking.h: Renamed from Source/WebCore/platform/mac/SoftLinking.h.
3360
3361 2016-06-15  Chris Dumez  <cdumez@apple.com>
3362
3363         [Cocoa] Clean up / optimize ResourceResponse::platformLazyInit(InitLevel)
3364         https://bugs.webkit.org/show_bug.cgi?id=158809
3365
3366         Reviewed by Darin Adler.
3367
3368         Clean up / optimize ResourceResponse::platformLazyInit(InitLevel).
3369
3370         * platform/network/HTTPParsers.cpp:
3371         (WebCore::extractReasonPhraseFromHTTPStatusLine):
3372         * platform/network/HTTPParsers.h:
3373         Have extractReasonPhraseFromHTTPStatusLine() return an AtomicString as the
3374         Reason is stored as an AtomicString on ResourceResponse. Have the
3375         implementation use StringView::subString()::toAtomicString().
3376
3377         * platform/network/cocoa/ResourceResponseCocoa.mm:
3378         (WebCore::stripLeadingAndTrailingDoubleQuote):
3379         Move the stripLeadingAndTrailingDoubleQuote logic from platformLazyInit()
3380         to its own function. Have it use StringView::subString()::toAtomicString()
3381         to avoid unnecessarily atomizing the textEncodingName that has surrounding
3382         double-quotes.
3383
3384         (WebCore::initializeHTTPHeaders):
3385         Move HTTP headers initialization to its own function for clarity.
3386
3387         (WebCore::extractHTTPStatusText):
3388         Move HTTP status Text extraction to its own function for clarity.
3389
3390         (WebCore::ResourceResponse::platformLazyInit):
3391         - The function is streamlined a bit because most of the logic was moved
3392           into separate functions.
3393         - Drop unnecessary (initLevel >= CommonFieldsOnly) check in the first
3394           if case and replace with an assertion. This function is always called
3395           with CommonFieldsOnly or above (AllFields).
3396         - Drop unnecessary (m_initLevel < AllFields) check in the second if
3397           case as this is always true. If not, we would have returned early
3398           at the beginning of the function when checking
3399           m_initLevel >= initLevel.
3400         - Use AutodrainedPool instead of NSAutoreleasePool for convenience and have
3401           only 1 pool instead of 2.
3402         - Drop unnecessary copyNSURLResponseStatusLine() function and call directly
3403           CFHTTPMessageCopyResponseStatusLine() since we already have a
3404           CFHTTPMessageRef at the call site.
3405
3406 2016-06-15  Tim Horton  <timothy_horton@apple.com>
3407
3408         <attachment> elements jump around a lot around when subtitle text changes slightly
3409         https://bugs.webkit.org/show_bug.cgi?id=158818
3410         <rdar://problem/24450270>
3411
3412         Reviewed by Simon Fraser.
3413
3414         Test: fast/attachment/attachment-subtitle-resize.html
3415
3416         * rendering/RenderAttachment.cpp:
3417         (WebCore::RenderAttachment::layout):
3418         * rendering/RenderAttachment.h:
3419         * rendering/RenderThemeMac.mm:
3420         (WebCore::AttachmentLayout::AttachmentLayout):
3421         (WebCore::RenderThemeMac::paintAttachment):
3422         In order to avoid changes to the centered subtitle text causing the whole
3423         attachment to bounce around a lot, make it so that attachment width can only
3424         increase, never decrease, and round the subtitle's width up to the nearest
3425         increment of 10px when determining its affect on the whole element's width.
3426         Also, center the attachment in its element, instead of left-aligning it,
3427         so that the extra width we may have is evenly distributed between the two sides.
3428
3429 2016-06-15  Ryan Haddad  <ryanhaddad@apple.com>
3430
3431         Reset bindings test results after r202105
3432
3433         Unreviewed test gardening.
3434
3435         * bindings/scripts/test/JS/JSTestObj.cpp:
3436
3437 2016-06-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>
3438
3439         WebRTC: (Refactor) Align the structure of RTCPeerConnection.idl with the header file
3440         https://bugs.webkit.org/show_bug.cgi?id=158779
3441
3442         Reviewed by Eric Carlson.
3443
3444         Restructure RTCPeerConnection.idl to make it easer to read and extend in the future.
3445
3446         No change in behavior.
3447
3448         * Modules/mediastream/RTCPeerConnection.idl:
3449
3450 2016-06-15  Chris Dumez  <cdumez@apple.com>
3451
3452         Drop some unnecessary header includes
3453         https://bugs.webkit.org/show_bug.cgi?id=158788
3454
3455         Reviewed by Alexey Proskuryakov.
3456
3457         Drop some unnecessary header includes in headers to speed up build time.
3458
3459         * Modules/encryptedmedia/MediaKeySession.cpp:
3460         * Modules/gamepad/GamepadManager.cpp:
3461         * Modules/indexeddb/IDBDatabase.cpp:
3462         * Modules/indexeddb/IDBOpenDBRequest.cpp:
3463         * Modules/indexeddb/IDBRequest.cpp:
3464         * Modules/indexeddb/IDBTransaction.cpp:
3465         * Modules/mediasource/MediaSource.cpp:
3466         * Modules/mediasource/SourceBuffer.cpp:
3467         * Modules/mediasource/SourceBufferList.cpp:
3468         * Modules/mediastream/MediaStream.cpp:
3469         * Modules/mediastream/MediaStreamTrack.cpp:
3470         * Modules/speech/SpeechSynthesis.cpp:
3471         * Modules/webaudio/AudioScheduledSourceNode.cpp:
3472         * Modules/webaudio/ScriptProcessorNode.cpp:
3473         * bindings/scripts/CodeGeneratorJS.pm:
3474         (GenerateImplementation):
3475         * dom/CharacterData.cpp:
3476         * dom/ContainerNode.cpp:
3477         * dom/DOMNamedFlowCollection.cpp:
3478         * dom/DeviceMotionController.cpp:
3479         * dom/DeviceOrientationController.cpp:
3480         * dom/Document.cpp:
3481         * dom/Document.h:
3482         * dom/DocumentEventQueue.cpp:
3483         * dom/DocumentOrderedMap.h:
3484         * dom/Element.cpp:
3485         * dom/Event.cpp:
3486         * dom/EventDispatcher.cpp:
3487         * dom/EventTarget.cpp:
3488         * dom/EventTarget.h:
3489         * dom/KeyboardEvent.cpp:
3490         * dom/MessageEvent.cpp:
3491         * dom/MessagePort.cpp:
3492         * dom/ScriptElement.cpp:
3493         * dom/ScriptExecutionContext.cpp:
3494         * dom/ScriptExecutionContext.h:
3495         * dom/SecurityContext.h:
3496         * dom/SimulatedClick.cpp:
3497         * dom/TextEvent.cpp:
3498         * dom/WebKitNamedFlow.cpp:
3499         * editing/FrameSelection.cpp:
3500         * fileapi/FileReader.cpp:
3501         * html/HTMLLinkElement.cpp:
3502         * html/HTMLPlugInImageElement.cpp:
3503         * html/HTMLStyleElement.cpp:
3504         * html/HTMLSummaryElement.cpp:
3505         * html/HTMLTrackElement.cpp:
3506         * html/HTMLVideoElement.cpp:
3507         * html/InputType.cpp:
3508         * html/MediaController.cpp:
3509         * html/TextFieldInputType.cpp:
3510         * html/canvas/WebGLRenderingContextBase.cpp:
3511         * html/parser/HTMLScriptRunner.cpp:
3512         * html/shadow/MediaControlElementTypes.cpp:
3513         * html/shadow/MediaControls.cpp:
3514         * html/shadow/MediaControlsApple.cpp:
3515         * html/shadow/SliderThumbElement.cpp:
3516         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
3517         * inspector/InspectorIndexedDBAgent.cpp:
3518         * loader/DocumentLoader.cpp:
3519         * loader/ImageLoader.cpp:
3520         * loader/PolicyChecker.cpp:
3521         * mathml/MathMLSelectElement.cpp:
3522         * page/DOMWindow.h:
3523         * page/EventSource.cpp:
3524         * page/FrameView.cpp:
3525         * page/Performance.cpp:
3526         * page/csp/ContentSecurityPolicy.cpp:
3527         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
3528         * platform/network/HTTPHeaderMap.h:
3529         * platform/network/ResourceHandle.cpp:
3530         * rendering/RenderEmbeddedObject.cpp:
3531         * rendering/RenderSnapshottedPlugIn.cpp:
3532         * svg/SVGSVGElement.cpp:
3533         * svg/SVGUseElement.cpp:
3534         * svg/animation/SVGSMILElement.cpp:
3535         * workers/WorkerGlobalScope.h:
3536         * xml/XMLHttpRequest.cpp:
3537         * xml/XMLHttpRequestProgressEventThrottle.cpp:
3538         * xml/XMLHttpRequestUpload.cpp:
3539
3540 2016-06-15  Antti Koivisto  <antti@apple.com>
3541
3542         GoogleMaps transit schedule explorer comes up blank initially
3543         https://bugs.webkit.org/show_bug.cgi?id=158803
3544         rdar://problem/25818080
3545
3546         Reviewed by Andreas Kling.
3547
3548         In case we had something like
3549
3550         .foo bar { ... }
3551
3552         and later a new stylesheet was added dynamically that contained
3553
3554         .foo baz { ... }
3555
3556         we would fail to add the new rules to the descendant invalidation rule sets for ".foo". This could
3557         cause some style invalidations to be missed.
3558
3559         * css/DocumentRuleSets.cpp:
3560         (WebCore::DocumentRuleSets::collectFeatures):
3561
3562         Reset the ancestorClassRules and ancestorAttributeRulesForHTML rule set caches when new style sheets
3563         are added (==collectFeatures is called).
3564
3565 2016-06-15  Javier Fernandez  <jfernandez@igalia.com>
3566
3567         [css-sizing] Item borders are missing with 'min-width:-webkit-fill-available' and zero available width
3568         https://bugs.webkit.org/show_bug.cgi?id=158258
3569
3570         Reviewed by Darin Adler.
3571
3572         The "fill-available" size is defined as the containing block's size less
3573         the box's border and padding size. However, when used for min-width we
3574         should ensure we don't get negative values as result of logical width
3575         computation.
3576
3577         http://www.w3.org/TR/css-sizing-3/#fill-available-sizing
3578
3579         This patch ensure fill-available value computed value will be always
3580         greater than box's boder and padding width.
3581
3582         Test: fast/css-intrinsic-dimensions/fill-available-with-zero-width.html
3583
3584         * rendering/RenderBox.cpp:
3585         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
3586
3587 2016-06-15  Alex Christensen  <achristensen@webkit.org>
3588
3589         Fix 2d canvas transform after r192900
3590         https://bugs.webkit.org/show_bug.cgi?id=158725
3591         rdar://problem/26774230
3592
3593         Reviewed by Dean Jackson.
3594
3595         Test: fast/canvas/canvas-transform-inverse.html
3596
3597         * html/canvas/CanvasRenderingContext2D.cpp:
3598         (WebCore::CanvasRenderingContext2D::transform):
3599         r192900 was intended to have no change in behavior, but I made a typo.
3600         We need to apply the inverse of the original transform to the path to be correct.
3601         This affects transforms applied to the canvas during the creation of a path.
3602
3603 2016-06-15  Eric Carlson  <eric.carlson@apple.com>
3604
3605         [iOS] Make HTMLMediaElement.muted mutable
3606         https://bugs.webkit.org/show_bug.cgi?id=158787
3607         <rdar://problem/24452567>
3608
3609         Reviewed by Dean Jackson.
3610
3611         Tests: media/audio-playback-restriction-removed-muted.html
3612                media/audio-playback-restriction-removed-track-enabled.html
3613
3614         * html/HTMLMediaElement.cpp:
3615         (WebCore::HTMLMediaElement::audioTrackEnabledChanged): Remove most behavior restrictions if
3616           the track state was changed as a result of a user gesture.
3617         (WebCore::HTMLMediaElement::setMuted): Ditto.
3618         (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Add mask 
3619           parameter so caller can choose which restrictions are removed.
3620         * html/HTMLMediaElement.h:
3621
3622         * html/MediaElementSession.cpp:
3623         (WebCore::restrictionName): Drive-by fix: remove duplicate label.
3624         * html/MediaElementSession.h:
3625
3626         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
3627         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3628         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Set muted on AVPlayer if setMuted
3629           was called before the player was created.
3630         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Drive-by fix: return early if there
3631           is no AVPlayer, not if we won't have metadata yet.
3632         (WebCore::MediaPlayerPrivateAVFoundationObjC::setMuted): New.
3633
3634 2016-06-15  Romain Bellessort  <romain.bellessort@crf.canon.fr>
3635
3636         Enabling Shadow DOM for all platforms
3637         https://bugs.webkit.org/show_bug.cgi?id=158738
3638
3639         Reviewed by Ryosuke Niwa.
3640
3641         No new tests (no new behavior to be tested).
3642
3643         Removed Shadow DOM from options (enabled by default)
3644         (comprises removal of corresponding preprocessor directives)
3645
3646         * Configurations/FeatureDefines.xcconfig:
3647         * DerivedSources.make:
3648         * bindings/generic/RuntimeEnabledFeatures.h:
3649         * bindings/js/JSDocumentFragmentCustom.cpp:
3650         * bindings/js/JSNodeCustom.cpp:
3651         * css/CSSGrammar.y.in:
3652         * css/CSSParser.cpp:
3653         * css/CSSParserValues.cpp:
3654         * css/CSSParserValues.h:
3655         * css/CSSSelector.cpp:
3656         * css/CSSSelector.h:
3657         * css/ElementRuleCollector.cpp:
3658         * css/ElementRuleCollector.h:
3659         * css/RuleSet.cpp:
3660         * css/RuleSet.h:
3661         * css/SelectorChecker.cpp:
3662         * css/SelectorChecker.h:
3663         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
3664         * css/StyleResolver.cpp:
3665         * cssjit/SelectorCompiler.cpp:
3666         * dom/ComposedTreeAncestorIterator.h:
3667         * dom/ComposedTreeIterator.cpp:
3668         * dom/ComposedTreeIterator.h:
3669         * dom/ContainerNode.cpp:
3670         * dom/Document.cpp:
3671         * dom/Document.h:
3672         * dom/Element.cpp:
3673         * dom/Element.h:
3674         * dom/Element.idl:
3675         * dom/Event.idl:
3676         * dom/EventPath.cpp:
3677         * dom/Node.cpp:
3678         * dom/Node.h:
3679         * dom/NonDocumentTypeChildNode.idl:
3680         * dom/ShadowRoot.cpp:
3681         * dom/ShadowRoot.h:
3682         * dom/ShadowRoot.idl:
3683         * dom/SlotAssignment.cpp:
3684         * dom/SlotAssignment.h:
3685         * html/HTMLSlotElement.cpp:
3686         * html/HTMLSlotElement.h:
3687         * html/HTMLSlotElement.idl:
3688         * html/HTMLTagNames.in:
3689         * page/FocusController.cpp:
3690         * style/StyleSharingResolver.cpp:
3691         * style/StyleTreeResolver.cpp:
3692
3693 2016-06-15  Andreas Kling  <akling@apple.com>
3694
3695         [Cocoa] Add two notify listeners for poking the garbage collector.
3696         <https://webkit.org/b/158783>
3697
3698         Reviewed by Antti Koivisto.
3699
3700         Add two new notify listeners:
3701
3702         - com.apple.WebKit.fullGC
3703
3704             Trigger a full garbage collection in the main WebCore VM immediately.
3705
3706         - com.apple.WebKit.deleteAllCode
3707
3708             Throw away all of JSC's linked and unlinked code, and do a full GC.
3709
3710         These will make it easier to diagnose memory growth issues by having a lever that
3711         eliminates many of the large object graphs without going after behavior-changing things
3712         like the memory cache.
3713
3714         * platform/MemoryPressureHandler.cpp:
3715         (WebCore::MemoryPressureHandler::platformInitialize):
3716         * platform/MemoryPressureHandler.h:
3717         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
3718         (WebCore::MemoryPressureHandler::platformInitialize):
3719
3720 2016-06-15  Antti Koivisto  <antti@apple.com>
3721
3722         Vary:Cookie validation doesn't work in private browsing
3723         https://bugs.webkit.org/show_bug.cgi?id=158616
3724         <rdar://problem/26755067>
3725
3726         Reviewed by Andreas Kling.
3727
3728         There wasn't a way to get cookie based on SessionID from WebCore.
3729
3730         * platform/CookiesStrategy.h:
3731
3732             Add a cookie retrival function that takes SessionID instead of NetworkStorageSession.
3733
3734         * platform/network/CacheValidation.cpp:
3735         (WebCore::headerValueForVary):
3736
3737             Use it.
3738
3739         (WebCore::verifyVaryingRequestHeaders):
3740
3741 2016-06-15  Per Arne Vollan  <pvollan@apple.com>
3742
3743         [Win] The test accessibility/selected-text-range-aria-elements.html is failing.
3744         https://bugs.webkit.org/show_bug.cgi?id=158732
3745
3746         Reviewed by Brent Fulgham.
3747
3748         Implement support for getting selected text range.
3749
3750         * accessibility/win/AccessibilityObjectWrapperWin.cpp:
3751         (WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue):
3752
3753 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
3754
3755         Addressing post-review comments after r201971
3756         https://bugs.webkit.org/show_bug.cgi?id=158450
3757
3758         Unreviewed.
3759
3760         * css/CSSFontFaceSet.cpp:
3761         (WebCore::CSSFontFaceSet::add):
3762         (WebCore::CSSFontFaceSet::remove):
3763
3764 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
3765
3766         Honor bidi unicode codepoints
3767         https://bugs.webkit.org/show_bug.cgi?id=149170
3768         <rdar://problem/26527378>
3769
3770         Reviewed by Simon Fraser.
3771
3772         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
3773         unexpected output when they are present. Fix by considering such code points as
3774         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
3775         the codepoints fully in our Bidi algorithm.
3776
3777         Test: fast/text/isolate-ignore.html
3778
3779         * platform/graphics/Font.cpp:
3780         (WebCore::createAndFillGlyphPage):
3781         * platform/text/BidiResolver.h:
3782         (WebCore::Subclass>::createBidiRunsForLine):
3783
3784 2016-06-14  Antoine Quint  <graouts@apple.com>
3785
3786         [iOS] Play glyph is pixelated when the page zoom is large
3787         https://bugs.webkit.org/show_bug.cgi?id=158770
3788         <rdar://problem/26092124>
3789
3790         Reviewed by Dean Jackson.
3791
3792         Use the same technique that we use to scale the video controls by using a combination
3793         of CSS "zoom" and "transform" properties to have the video play glyph scaled at its
3794         native size regardless of page zoom.
3795
3796         * Modules/mediacontrols/mediaControlsiOS.js:
3797         (ControllerIOS.prototype.set pageScaleFactor):
3798
3799 2016-06-14  Chris Dumez  <cdumez@apple.com>
3800
3801         Regression(r201534): Compile time greatly regressed
3802         https://bugs.webkit.org/show_bug.cgi?id=158765
3803         <rdar://problem/26587342>
3804
3805         Reviewed by Darin Adler.
3806
3807         Compile time greatly regressed by r201534 due to Document.h now including
3808         TextAutoSizing.h. Move the TextAutoSizingTraits back to Document.h to
3809         restore pre-r201534 behavior.
3810
3811         * WebCore.xcodeproj/project.pbxproj:
3812         * dom/Document.cpp:
3813         (WebCore::TextAutoSizingTraits::constructDeletedValue):
3814         (WebCore::TextAutoSizingTraits::isDeletedValue):
3815         * dom/Document.h:
3816         * rendering/TextAutoSizing.h:
3817         (WebCore::TextAutoSizingTraits::constructDeletedValue): Deleted.
3818         (WebCore::TextAutoSizingTraits::isDeletedValue): Deleted.
3819
3820 2016-06-14  Antoine Quint  <graouts@apple.com>
3821
3822         Inline media controls cut off PiP and fullscreen buttons on cnn.com
3823         https://bugs.webkit.org/show_bug.cgi?id=158766
3824         <rdar://problem/24175161>
3825
3826         Reviewed by Dean Jackson.
3827
3828         The display of the picture-in-picture and fullscreen buttons are dependent on the availability
3829         of video tracks through a call to hasVideo(). We need to ensure that the display properties of
3830         both those buttons are updated when the number of video tracks has changed since the controls
3831         may be populated prior to the availability of video tracks.
3832
3833         * Modules/mediacontrols/mediaControlsApple.js:
3834         (Controller.prototype.updateHasVideo):
3835
3836 2016-06-14  Joseph Pecoraro  <pecoraro@apple.com>
3837
3838         Web Inspector: Rename Timeline.setAutoCaptureInstruments to Timeline.setInstruments
3839         https://bugs.webkit.org/show_bug.cgi?id=158762
3840
3841         Reviewed by Timothy Hatcher.
3842
3843         Test: inspector/timeline/setInstruments-errors.html
3844
3845         * inspector/InspectorTimelineAgent.cpp:
3846         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
3847         (WebCore::InspectorTimelineAgent::setInstruments):
3848         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
3849         (WebCore::InspectorTimelineAgent::setAutoCaptureInstruments): Deleted.
3850         * inspector/InspectorTimelineAgent.h:
3851
3852 2016-06-14  Dean Jackson  <dino@apple.com>
3853
3854         decompose4 return value is unchecked, leading to potentially uninitialized data.
3855         https://bugs.webkit.org/show_bug.cgi?id=158761
3856         <rdar://problem/17526268>
3857
3858         Reviewed by Simon Fraser.
3859
3860         WebCore::decompose4 could return early without initializing data.
3861         I now initialize it, but I also started checking the return
3862         value at all the call sites to make sure everything is sensible.
3863
3864         Test: transforms/undecomposable.html
3865
3866         * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
3867         (WebCore::PerspectiveTransformOperation::blend):
3868         * platform/graphics/transforms/RotateTransformOperation.cpp:
3869         (WebCore::RotateTransformOperation::blend):
3870         * platform/graphics/transforms/TransformationMatrix.cpp:
3871         (WebCore::decompose4):
3872         (WebCore::TransformationMatrix::blend4):
3873         * platform/graphics/transforms/TransformationMatrix.h:
3874
3875 2016-06-14  Benjamin Poulain  <bpoulain@apple.com>
3876
3877         Add the unprefixed version of the pseudo element ::placeholder
3878         https://bugs.webkit.org/show_bug.cgi?id=158653
3879
3880         Reviewed by Dean Jackson.
3881
3882         Test: fast/forms/placeholder-pseudo-element-with-webkit-prefix.html
3883
3884         The pseudo element ::-webkit-input-placeholder is stupidly popular
3885         which forces other engines to support this exact name.
3886
3887         The pseudo-element spec provides a new standard name we can adopt
3888         to drop the prefix: https://drafts.csswg.org/css-pseudo-4/#placeholder-pseudo
3889
3890         This patch does just that, make ::placeholder the standard name to select
3891         the placeholder element in the shadow dom of input elements.
3892
3893         Unlike pseudo classes, we did not have any support for prefixes and aliasing.
3894         I want to keep the absurdly efficient matching we currently use for styling
3895         because style updates are more common than stylesheet updates.
3896         With that constraint in mind, the value of CSSSelector has to be the unprefixed
3897         version for both forms of input.
3898
3899         This leaves us with the problem of displaying the CSSSelector for CSSOM.
3900         To differentiate the legacy form from the standard form, I added
3901         a new type of PseudoElement: PseudoElementWebKitCustomLegacyPrefixed.
3902         When parsing, PseudoElementWebKitCustomLegacyPrefixed let us replace
3903         the original value "-webkit-input-placeholder" by the standard value.
3904         When creating the selectorText for CSSOM, PseudoElementWebKitCustomLegacyPrefixed
3905         let us replace the standard for by the legacy form.
3906
3907         * css/CSSParserValues.cpp:
3908         (WebCore::CSSParserSelector::parsePseudoElementSelector):
3909         * css/CSSSelector.cpp:
3910         (WebCore::CSSSelector::pseudoId):
3911         (WebCore::CSSSelector::selectorText):
3912         * css/CSSSelector.h:
3913         (WebCore::CSSSelector::isCustomPseudoElement):
3914         (WebCore::CSSSelector::isWebKitCustomPseudoElement):
3915         * css/SelectorChecker.cpp:
3916         (WebCore::SelectorChecker::matchRecursively):
3917         * css/SelectorPseudoElementTypeMap.in:
3918         * css/html.css:
3919         (::placeholder):
3920         (input::placeholder, isindex::placeholder):
3921         (textarea::placeholder):
3922         (::-webkit-input-placeholder): Deleted.
3923         (input::-webkit-input-placeholder, isindex::-webkit-input-placeholder): Deleted.
3924         (textarea::-webkit-input-placeholder): Deleted.
3925         * features.json:
3926         * html/shadow/TextControlInnerElements.cpp:
3927         (WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
3928
3929 2016-06-14  Doug Russell  <d_russell@apple.com>
3930
3931         AX: Form label text should be exposed as static text if it contains only static text
3932         https://bugs.webkit.org/show_bug.cgi?id=158634
3933
3934         Reviewed by Chris Fleizach.
3935
3936         Use AccessibilityLabel to represent HTMLLabelElement to assistive technology.
3937         AccessibilityLabel::containsOnlyStaticText() searches label subtree to evaluate 
3938         if all children are static text.
3939         AccessibilityLabel::stringValue() consults containsOnlyStaticText() and returns
3940         textUnderElement() if true.
3941         WebAccessibilityObjectWrapperMac consults containsOnlyStaticText() and substitutes
3942         StaticTextRole for LabelRole if true.
3943         Cache containsOnlyStaticText() in the common case when updating children.
3944
3945         Tests: accessibility/mac/label-element-all-text-string-value.html
3946                accessibility/mac/label-element-with-link-string-value.html
3947
3948         * CMakeLists.txt:
3949         * WebCore.xcodeproj/project.pbxproj:
3950         * accessibility/AXObjectCache.cpp:
3951         (WebCore::createFromRenderer):
3952         * accessibility/AccessibilityAllInOne.cpp:
3953         * accessibility/AccessibilityLabel.cpp: Added.
3954         (WebCore::AccessibilityLabel::AccessibilityLabel):
3955         (WebCore::AccessibilityLabel::~AccessibilityLabel):
3956         (WebCore::AccessibilityLabel::create):
3957         (WebCore::AccessibilityLabel::computeAccessibilityIsIgnored):
3958         (WebCore::AccessibilityLabel::stringValue):
3959         (WebCore::childrenContainOnlyStaticText):
3960         (WebCore::AccessibilityLabel::containsOnlyStaticText):
3961         (WebCore::AccessibilityLabel::updateChildrenIfNecessary):
3962         (WebCore::AccessibilityLabel::clearChildren):
3963         (WebCore::AccessibilityLabel::insertChild):
3964         * accessibility/AccessibilityLabel.h: Added.
3965         * accessibility/AccessibilityObject.h:
3966         (WebCore::AccessibilityObject::isLabel):
3967         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3968         (-[WebAccessibilityObjectWrapper role]):
3969
3970 2016-06-14  Commit Queue  <commit-queue@webkit.org>
3971
3972         Unreviewed, rolling out r202057.
3973         https://bugs.webkit.org/show_bug.cgi?id=158749
3974
3975         This change broke the Windows build. (Requested by ryanhaddad
3976         on #webkit).
3977
3978         Reverted changeset:
3979
3980         "Honor bidi unicode codepoints"
3981         https://bugs.webkit.org/show_bug.cgi?id=149170
3982         http://trac.webkit.org/changeset/202057
3983
3984 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
3985
3986         Honor bidi unicode codepoints
3987         https://bugs.webkit.org/show_bug.cgi?id=149170
3988         <rdar://problem/26527378>
3989
3990         Reviewed by Simon Fraser.
3991
3992         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
3993         unexpected output when they are present. Fix by considering such code points as
3994         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
3995         the codepoints fully in our Bidi algorithm.
3996
3997         Test: fast/text/isolate-ignore.html
3998
3999         * platform/graphics/Font.cpp:
4000         (WebCore::createAndFillGlyphPage):
4001         * platform/text/BidiResolver.h:
4002         (WebCore::Subclass>::createBidiRunsForLine):
4003
4004 2016-06-14  Commit Queue  <commit-queue@webkit.org>
4005
4006         Unreviewed, rolling out r200455.
4007         https://bugs.webkit.org/show_bug.cgi?id=158740
4008
4009         hangs twitter/facebook (Requested by mcatanzaro on #webkit).
4010
4011         Reverted changeset:
4012
4013         "[GStreamer] Adaptive streaming issues"
4014         https://bugs.webkit.org/show_bug.cgi?id=144040