748f99b38d73ae3f55042bb0f772cdc39173a742
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-02-01  David Hyatt  <hyatt@apple.com>
2
3         Reviewed by Oliver Hunt.
4
5         https://bugs.webkit.org/show_bug.cgi?id=53520
6         
7         Remove the physical terminology from IntRect and FloatRect.
8         
9         Now that we have flipped RenderBlocks for vertical-rl and horizontal-bt writing modes,
10         we need to update our terminology to be more accurate.
11
12         I'm borrowing a page from AppKit here (which also supports flipped NSViews) and
13         renaming right() and bottom() to maxX() and maxY().  These terms remain accurate
14         even for flipped rectangles.
15
16         * accessibility/AccessibilityRenderObject.cpp:
17         (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange):
18         * accessibility/mac/AccessibilityObjectWrapper.mm:
19         (-[AccessibilityObjectWrapper position]):
20         * dom/ClientRect.h:
21         (WebCore::ClientRect::right):
22         (WebCore::ClientRect::bottom):
23         * html/HTMLCanvasElement.cpp:
24         (WebCore::HTMLCanvasElement::convertLogicalToDevice):
25         * html/canvas/CanvasRenderingContext2D.cpp:
26         (WebCore::normalizeRect):
27         * inspector/InspectorAgent.cpp:
28         (WebCore::InspectorAgent::drawElementTitle):
29         * page/DOMWindow.cpp:
30         (WebCore::DOMWindow::adjustWindowRect):
31         * page/DragController.cpp:
32         (WebCore::dragLocForSelectionDrag):
33         * page/EventHandler.cpp:
34         (WebCore::EventHandler::sendContextMenuEventForKey):
35         * page/PrintContext.cpp:
36         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
37         (WebCore::PrintContext::pageNumberForElement):
38         * page/SpatialNavigation.cpp:
39         (WebCore::end):
40         (WebCore::areRectsFullyAligned):
41         (WebCore::areRectsMoreThanFullScreenApart):
42         (WebCore::below):
43         (WebCore::rightOf):
44         (WebCore::isRectInDirection):
45         (WebCore::entryAndExitPointsForDirection):
46         (WebCore::virtualRectForDirection):
47         * page/WindowFeatures.cpp:
48         (WebCore::WindowFeatures::WindowFeatures):
49         * platform/ScrollView.cpp:
50         (WebCore::ScrollView::wheelEvent):
51         * platform/Scrollbar.cpp:
52         (WebCore::Scrollbar::setFrameRect):
53         * platform/ScrollbarThemeComposite.cpp:
54         (WebCore::ScrollbarThemeComposite::splitTrack):
55         * platform/chromium/ScrollbarThemeChromium.cpp:
56         (WebCore::ScrollbarThemeChromium::paintTickmarks):
57         * platform/graphics/FloatQuad.h:
58         (WebCore::FloatQuad::FloatQuad):
59         * platform/graphics/FloatRect.cpp:
60         (WebCore::FloatRect::intersects):
61         (WebCore::FloatRect::contains):
62         (WebCore::FloatRect::intersect):
63         (WebCore::FloatRect::unite):
64         (WebCore::enclosingIntRect):
65         * platform/graphics/FloatRect.h:
66         (WebCore::FloatRect::maxX):
67         (WebCore::FloatRect::maxY):
68         (WebCore::FloatRect::contains):
69         * platform/graphics/IntRect.cpp:
70         (WebCore::IntRect::intersects):
71         (WebCore::IntRect::contains):
72         (WebCore::IntRect::intersect):
73         (WebCore::IntRect::unite):
74         * platform/graphics/IntRect.h:
75         (WebCore::IntRect::maxX):
76         (WebCore::IntRect::maxY):
77         (WebCore::IntRect::shiftXEdgeTo):
78         (WebCore::IntRect::shiftMaxXEdgeTo):
79         (WebCore::IntRect::shiftYEdgeTo):
80         (WebCore::IntRect::shiftMaxYEdgeTo):
81         (WebCore::IntRect::contains):
82         * platform/graphics/WidthIterator.cpp:
83         (WebCore::WidthIterator::advance):
84         * platform/graphics/cg/GraphicsContextCG.cpp:
85         (WebCore::GraphicsContext::drawRect):
86         (WebCore::GraphicsContext::fillPath):
87         (WebCore::GraphicsContext::fillRect):
88         * platform/graphics/cg/ImageBufferCG.cpp:
89         (WebCore::getImageData):
90         (WebCore::putImageData):
91         * platform/graphics/cg/ImageCG.cpp:
92         (WebCore::BitmapImage::draw):
93         * platform/graphics/filters/FilterEffect.cpp:
94         (WebCore::FilterEffect::copyImageBytes):
95         * platform/graphics/mac/ComplexTextController.cpp:
96         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
97         * platform/graphics/mac/SimpleFontDataMac.mm:
98         (WebCore::SimpleFontData::platformBoundsForGlyph):
99         * platform/graphics/transforms/AffineTransform.cpp:
100         (WebCore::AffineTransform::mapRect):
101         * platform/graphics/win/FontCGWin.cpp:
102         (WebCore::drawGDIGlyphs):
103         * platform/graphics/win/MediaPlayerPrivateQuickTimeWin.cpp:
104         (WebCore::MediaPlayerPrivate::paint):
105         * platform/gtk/RenderThemeGtk.cpp:
106         (WebCore::centerRectVerticallyInParentInputElement):
107         * platform/mac/WidgetMac.mm:
108         (WebCore::Widget::paint):
109         * rendering/InlineFlowBox.cpp:
110         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
111         (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
112         * rendering/InlineTextBox.cpp:
113         (WebCore::InlineTextBox::selectionRect):
114         (WebCore::InlineTextBox::paint):
115         (WebCore::InlineTextBox::positionForOffset):
116         * rendering/RenderBlock.cpp:
117         (WebCore::RenderBlock::addOverflowFromChildren):
118         (WebCore::RenderBlock::paintChildren):
119         (WebCore::RenderBlock::paintEllipsisBoxes):
120         (WebCore::RenderBlock::inlineSelectionGaps):
121         (WebCore::RenderBlock::adjustPointToColumnContents):
122         (WebCore::RenderBlock::flipForWritingModeIncludingColumns):
123         (WebCore::RenderBlock::adjustForColumns):
124         * rendering/RenderBlock.h:
125         (WebCore::RenderBlock::FloatingObject::right):
126         (WebCore::RenderBlock::FloatingObject::bottom):
127         * rendering/RenderBox.cpp:
128         (WebCore::RenderBox::reflectedRect):
129         (WebCore::RenderBox::localCaretRect):
130         (WebCore::RenderBox::addShadowOverflow):
131         (WebCore::RenderBox::addLayoutOverflow):
132         (WebCore::RenderBox::visualOverflowRectForPropagation):
133         (WebCore::RenderBox::layoutOverflowRectForPropagation):
134         (WebCore::RenderBox::flipForWritingMode):
135         * rendering/RenderFrameSet.cpp:
136         (WebCore::RenderFrameSet::paintColumnBorder):
137         (WebCore::RenderFrameSet::paintRowBorder):
138         * rendering/RenderInline.cpp:
139         (WebCore::RenderInline::paintOutlineForLine):
140         * rendering/RenderLayer.cpp:
141         (WebCore::RenderLayer::getRectToExpose):
142         (WebCore::cornerRect):
143         (WebCore::RenderLayer::positionOverflowControls):
144         (WebCore::RenderLayer::overflowBottom):
145         (WebCore::RenderLayer::overflowRight):
146         (WebCore::RenderLayer::paintResizer):
147         * rendering/RenderLineBoxList.cpp:
148         (WebCore::RenderLineBoxList::rangeIntersectsRect):
149         (WebCore::RenderLineBoxList::paint):
150         * rendering/RenderListItem.cpp:
151         (WebCore::RenderListItem::positionListMarker):
152         * rendering/RenderListMarker.cpp:
153         (WebCore::RenderListMarker::paint):
154         * rendering/RenderObject.cpp:
155         (WebCore::RenderObject::repaintAfterLayoutIfNeeded):
156         * rendering/RenderOverflow.h:
157         (WebCore::RenderOverflow::RenderOverflow):
158         (WebCore::RenderOverflow::addLayoutOverflow):
159         (WebCore::RenderOverflow::addVisualOverflow):
160         (WebCore::RenderOverflow::setLayoutOverflow):
161         (WebCore::RenderOverflow::setVisualOverflow):
162         (WebCore::RenderOverflow::resetLayoutOverflow):
163         * rendering/RenderReplaced.cpp:
164         (WebCore::RenderReplaced::shouldPaint):
165         * rendering/RenderScrollbarTheme.cpp:
166         (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
167         * rendering/RenderTable.cpp:
168         (WebCore::RenderTable::paint):
169         * rendering/RenderTableCell.cpp:
170         (WebCore::RenderTableCell::paint):
171         * rendering/RenderTableSection.cpp:
172         (WebCore::RenderTableSection::paintObject):
173         * rendering/RenderText.cpp:
174         (WebCore::RenderText::absoluteQuads):
175         * rendering/RenderTextControlSingleLine.cpp:
176         (WebCore::RenderTextControlSingleLine::forwardEvent):
177         * rendering/RenderThemeMac.mm:
178         (WebCore::RenderThemeMac::paintMenuListButtonGradients):
179         (WebCore::RenderThemeMac::paintMenuListButton):
180         (WebCore::RenderThemeMac::paintSliderTrack):
181         * rendering/RenderView.cpp:
182         (WebCore::RenderView::computeRectForRepaint):
183         (WebCore::RenderView::docBottom):
184         (WebCore::RenderView::docRight):
185         * rendering/RootInlineBox.cpp:
186         (WebCore::RootInlineBox::paddedLayoutOverflowRect):
187         * rendering/svg/RenderSVGInlineText.cpp:
188         (WebCore::RenderSVGInlineText::localCaretRect):
189
190 2011-02-01  Beth Dakin  <bdakin@apple.com>
191
192         Reviewed by Sam Weinig.
193
194         Fix for <rdar://problem/8492788> Adopt WKScrollbarPainterController
195
196         Lots of new WebCoreSystemInterface functions to export.
197         * WebCore.exp.in:
198         * platform/mac/WebCoreSystemInterface.h:
199         * platform/mac/WebCoreSystemInterface.mm:
200
201         Let the scrollAnimator know when the mouse has
202         moved anywhere inside the page, and when the mouse 
203         has moved in or out of the window. 
204         * page/EventHandler.cpp:
205         (WebCore::EventHandler::mouseMoved):
206         (WebCore::EventHandler::updateMouseEventTargetNode):
207
208         Let the scrollAnimator know when the window has become
209         active or inactive.
210         * page/FocusController.cpp:
211         (WebCore::FocusController::setActive):
212         
213         Let the scrollAnimator know when all of these things
214         are happening.
215         * page/FrameView.cpp:
216         (WebCore::FrameView::setContentsSize):
217         (WebCore::FrameView::didMoveOnscreen):
218         (WebCore::FrameView::willMoveOffscreen):
219         (WebCore::FrameView::currentMousePosition):
220         (WebCore::FrameView::contentsResized):
221         
222         New functions called through WebKit2 that allow the
223         scrollAnimator to know when a live resize starts and ends.
224         (WebCore::FrameView::willStartLiveResize):
225         (WebCore::FrameView::willEndLiveResize):
226         * page/FrameView.h:
227         
228         New functions on ScrollAnimator that pass information
229         to the WKPainterController when we're using one.
230         * platform/ScrollAnimator.h:
231         (WebCore::ScrollAnimator::scrollableArea):
232         (WebCore::ScrollAnimator::contentAreaWillPaint):
233         (WebCore::ScrollAnimator::mouseEnteredContentArea):
234         (WebCore::ScrollAnimator::mouseExitedContentArea):
235         (WebCore::ScrollAnimator::mouseMovedInContentArea):
236         (WebCore::ScrollAnimator::willStartLiveResize):
237         (WebCore::ScrollAnimator::contentsResized):
238         (WebCore::ScrollAnimator::willEndLiveResize):
239         (WebCore::ScrollAnimator::contentAreaDidShow):
240         (WebCore::ScrollAnimator::contentAreaDidHide):
241         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
242         (WebCore::ScrollAnimatorMac::scrollbarPainterDelegate):
243         (WebCore::ScrollAnimatorMac::setPainterForPainterController):
244         (WebCore::ScrollAnimatorMac::removePainterFromPainterController):
245         (WebCore::ScrollAnimatorMac::notityPositionChanged):
246         (WebCore::ScrollAnimatorMac::contentAreaWillPaint):
247         (WebCore::ScrollAnimatorMac::mouseEnteredContentArea):
248         (WebCore::ScrollAnimatorMac::mouseExitedContentArea):
249         (WebCore::ScrollAnimatorMac::mouseMovedInContentArea):
250         (WebCore::ScrollAnimatorMac::willStartLiveResize):
251         (WebCore::ScrollAnimatorMac::contentsResized):
252         (WebCore::ScrollAnimatorMac::willEndLiveResize):
253         (WebCore::ScrollAnimatorMac::contentAreaDidShow):
254         (WebCore::ScrollAnimatorMac::contentAreaDidHide):
255         
256         Let the scrollAnimator know when this is happening.
257         * platform/ScrollView.cpp:
258         (WebCore::ScrollView::paint):
259         
260         New function lets the scrollAnimator get the current 
261         mouse position.
262         * platform/ScrollView.h:
263         (WebCore::ScrollView::currentMousePosition):
264         
265         New function that returns the scrollAnimator when needed.
266         * platform/ScrollableArea.h:
267         (WebCore::ScrollableArea::scrollAnimator):
268         
269         Keep track of if we're in a live resize using a new memeber
270         variable.
271         * platform/mac/ScrollAnimatorMac.h:
272         (WebCore::ScrollAnimatorMac::inLiveResize):
273         * platform/mac/ScrollAnimatorMac.mm:
274         (WebCore::view):
275         
276         New delegates for the WKPainter and WKPainterController
277         (-[ScrollbarPainterControllerDelegate initWithScrollAnimator:WebCore::]):
278         (-[ScrollbarPainterControllerDelegate contentAreaRectForScrollerImpPair:]):
279         (-[ScrollbarPainterControllerDelegate inLiveResizeForScrollerImpPair:]):
280         (-[ScrollbarPainterControllerDelegate mouseLocationInContentAreaForScrollerImpPair:]):
281         (-[ScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
282         (-[ScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
283         (-[ScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
284         (-[ScrollKnobAnimation initWithScrollbarPainter:forScrollAnimator:WebCore::animateKnobAlphaTo:duration:]):
285         (-[ScrollKnobAnimation setCurrentProgress:]):
286         (-[ScrollbarPainterDelegate initWithScrollAnimator:WebCore::]):
287         (-[ScrollbarPainterDelegate convertRectToBacking:]):
288         (-[ScrollbarPainterDelegate convertRectFromBacking:]):
289         (-[ScrollbarPainterDelegate layer]):
290         (-[ScrollbarPainterDelegate setUpAnimation:scrollerPainter:animateKnobAlphaTo:duration:]):
291         (-[ScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
292         (-[ScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
293         (-[ScrollbarPainterDelegate scrollerImp:overlayScrollerStateChangedTo:]):
294
295         Get the WKScrollbarPainterRefs to synch up with the 
296         WKScrollbarPainterControllerRefs when appropriate
297         * platform/mac/ScrollbarThemeMac.h:
298         * platform/mac/ScrollbarThemeMac.mm:
299         (WebCore::ScrollbarThemeMac::registerScrollbar):
300         (WebCore::ScrollbarThemeMac::unregisterScrollbar):
301         (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
302         (WebCore::ScrollbarThemeMac::usesOverlayScrollbars):
303
304         Implement ScrollableArea's virtual function contentsSize() for access
305         through the scrollAnimator.
306         * rendering/RenderLayer.h:
307         (WebCore::RenderLayer::contentsSize):
308
309 2011-02-01  Carol Szabo  <carol.szabo@nokia.com>
310
311         Reviewed by David Hyatt.
312
313         layoutTestController.counterValueForElementById does not return the correct value
314         https://bugs.webkit.org/show_bug.cgi?id=53037
315
316         Test: fast/css/counters/deep-before.html
317
318         * rendering/RenderTreeAsText.cpp:
319         (WebCore::counterValueForElement):
320         Modified to use the newly available RenderObject::beforePseudoElement()
321         and RenderObject::afterPseudoElement() instead of the old imperfect
322         algorithm to find the before and after pseudo elements.
323
324 2011-02-01  Anton Muhin  <antonm@chromium.org>
325
326         Reviewed by Adam Barth.
327
328         Allow access for security origin same as this.
329         https://bugs.webkit.org/show_bug.cgi?id=53440
330
331         Hard to test as newly added path currently is never hit.
332
333         * page/SecurityOrigin.cpp:
334         (WebCore::SecurityOrigin::canAccess): allow access if this == other
335
336 2011-01-31  Oliver Hunt  <oliver@apple.com>
337
338         Reviewed by Geoffrey Garen.
339
340         Update JSObject storage for new marking API
341         https://bugs.webkit.org/show_bug.cgi?id=53467
342
343         Update WebCore to handle new anonymous slot behaviour.
344
345         * bindings/js/JSDOMWindowShell.cpp:
346         (WebCore::JSDOMWindowShell::setWindow):
347         * bindings/js/WorkerScriptController.cpp:
348         (WebCore::WorkerScriptController::initScript):
349         * bindings/scripts/CodeGeneratorJS.pm:
350
351 2011-02-01  Xiaomei Ji  <xji@chromium.org>
352
353         Reviewed by David Hyatt.
354
355         Fix a text rendering problem when enclosing block is RTL and text runs
356         are in different directionality.
357         https://bugs.webkit.org/show_bug.cgi?id=34176
358
359         The problem happens in the following example scenario (ABC represents 
360         Hebrew characters):
361         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
362
363         The line consists of 3 text runs -- TextRun1 TextRun2 TextRun3. In which
364         TextRun1 and TextRun2's bidi level are 2, and TextRun3's bidi level is 1.
365         TextRun2 and TextRun3's least common ancestor is not a sibling of TextRun1.
366
367         The visual bidi run order of the text runs is TextRun3 TextRun1 TextRun2.
368
369         Inside RenderBlock::constructLine(), when RenderBlock::createLineBoxes()
370         creates InlineFlowBox for TextRun2, it should check an InlineFlowBox for
371         the run's render object's ancestor (not only its parent) has already 
372         been constructed or has something following it on the line, in which 
373         case, create a new box for TextRun2 instead of sharing the same box with
374         TextRun3.
375
376         In other words, the following 2 div should render the same results
377         (ABC represents Hebrew characters).
378         <div dir=rtl>this is a <span><span>test <span>ABC</span></span></span></div>
379         <div dir=rtl>this is a <span>Test <span>ABC</span></span></div>
380
381         Test: fast/dom/34176.html
382
383         * rendering/RenderBlockLineLayout.cpp:
384         (WebCore::parentIsConstructedOrHaveNext):
385         (WebCore::RenderBlock::createLineBoxes):
386
387 2011-02-01  Abhishek Arya  <inferno@chromium.org>
388
389         Reviewed by Dan Bernstein.
390
391         Do not add a node in the document's stylesheet candidate node list if the
392         node is already removed from document.
393         https://bugs.webkit.org/show_bug.cgi?id=53441
394
395         Test: fast/css/stylesheet-candidate-nodes-crash.xhtml
396
397         * dom/Document.cpp:
398         (WebCore::Document::addStyleSheetCandidateNode):
399
400 2011-02-01  Dave Hyatt  <hyatt@apple.com>
401
402         Reviewed by Darin Adler.
403
404         https://bugs.webkit.org/show_bug.cgi?id=46422, make printing and pagination work
405         with vertical text.
406
407         Change printing functions to check writing-mode and properly swap width and height
408         as needed.
409         
410         Fix the setScrollOrigin function so that the origin doesn't cause
411         scroll spasming during printing (this is only partially successful, but it's better
412         than it was).
413
414         Rewrite computePageRects to handle both RTL documents properly as well as vertical
415         text documents properly.
416
417         * WebCore.exp.in:
418         * page/FrameView.cpp:
419         (WebCore::FrameView::adjustViewSize):
420         (WebCore::FrameView::forceLayoutForPagination):
421         * page/PrintContext.cpp:
422         (WebCore::PrintContext::computePageRects):
423         (WebCore::PrintContext::computePageRectsWithPageSizeInternal):
424         (WebCore::PrintContext::computeAutomaticScaleFactor):
425         (WebCore::PrintContext::spoolPage):
426         (WebCore::PrintContext::spoolRect):
427         * page/PrintContext.h:
428         * page/mac/WebCoreFrameView.h:
429         * platform/ScrollView.cpp:
430         (WebCore::ScrollView::wheelEvent):
431         * platform/ScrollView.h:
432         * platform/mac/ScrollViewMac.mm:
433         (WebCore::ScrollView::platformSetScrollOrigin):
434         * rendering/RenderView.cpp:
435         (WebCore::RenderView::layout):
436
437 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
438
439         Reviewed by Pavel Feldman.
440
441         Web Inspector: Fix profiles reset to avoid clearing heap profiles in Chromium.
442
443         https://bugs.webkit.org/show_bug.cgi?id=53500
444
445         * inspector/InspectorProfilerAgent.cpp:
446         (WebCore::InspectorProfilerAgent::resetFrontendProfiles):
447
448 2011-02-01  Mikhail Naganov  <mnaganov@chromium.org>
449
450         Reviewed by Pavel Feldman.
451
452         Web Inspector: [Chromium] Landing detailed heap snapshots, part 1.
453
454         https://bugs.webkit.org/show_bug.cgi?id=53173
455
456         Adding code for accessing heap snapshot data and
457         performing graph calculations.
458
459         * English.lproj/localizedStrings.js:
460         * inspector/front-end/HeapSnapshot.js:
461         (WebInspector.HeapSnapshotArraySlice): Helper class to avoid array contents copying.
462         (WebInspector.HeapSnapshotEdge): Wrapper for accessing graph edge properties.
463         (WebInspector.HeapSnapshotEdgeIterator):
464         (WebInspector.HeapSnapshotNode): Wrapper for accessing graph node properties.
465         (WebInspector.HeapSnapshotNodeIterator):
466         (WebInspector.HeapSnapshot): Wrapper for the heap snapshot.
467         (WebInspector.HeapSnapshotFilteredOrderedIterator):
468         (WebInspector.HeapSnapshotEdgesProvider):
469         (WebInspector.HeapSnapshotNodesProvider):
470         (WebInspector.HeapSnapshotPathFinder):
471         * inspector/front-end/HeapSnapshotView.js:
472         (WebInspector.HeapSnapshotView.prototype._convertSnapshot):
473
474 2011-02-01  Adam Roben  <aroben@apple.com>
475
476         Fix linker warnings in Release_LTCG builds
477
478         * WebCore.vcproj/WebCore.vcproj: Exclude EventNames.cpp and EventTarget.cpp from all
479         configurations, since they get pulled in via DOMAllInOne.cpp.
480
481 2011-02-01  Alexander Pavlov  <apavlov@chromium.org>
482
483         Reviewed by Yury Semikhatsky.
484
485         Web Inspector: [Chromium] Wrongly labelled context-menu item for links in Web Inspector's side-pane
486         https://bugs.webkit.org/show_bug.cgi?id=53482
487
488         * English.lproj/localizedStrings.js:
489         * inspector/front-end/ElementsPanel.js:
490         (WebInspector.ElementsPanel.prototype.populateHrefContextMenu):
491         * inspector/front-end/inspector.js:
492         (WebInspector.resourceForURL):
493         (WebInspector.openLinkExternallyLabel):
494
495 2011-02-01  Anton Muhin  <antonm@chromium.org>
496
497         Reviewed by Adam Barth.
498
499         Propagate parent document security origin to newly create Document XML response
500         https://bugs.webkit.org/show_bug.cgi?id=53444
501
502         Covered by the existing tests.
503
504         * xml/XMLHttpRequest.cpp:
505         (WebCore::XMLHttpRequest::responseXML):
506
507 2011-02-01  Yury Semikhatsky  <yurys@chromium.org>
508
509         Unreviewed. Rollout r77230 which caused many layout tests
510         crashes on Chromium Debug bots.
511
512         Async event handlers should not fire within a modal dialog
513         https://bugs.webkit.org/show_bug.cgi?id=53202
514
515         * dom/Document.cpp:
516         (WebCore::Document::Document):
517         * dom/EventQueue.cpp:
518         (WebCore::EventQueue::EventQueue):
519         (WebCore::EventQueue::enqueueEvent):
520         (WebCore::EventQueue::pendingEventTimerFired):
521         * dom/EventQueue.h:
522
523 2011-02-01  Zoltan Herczeg  <zherczeg@webkit.org>
524
525         Reviewed by Dirk Schulze.
526
527         LightElement changes does not require relayout.
528         https://bugs.webkit.org/show_bug.cgi?id=53232
529
530         When an attribute of a LightElement changes, it
531         send an update message to the lighting filters
532         to update its corresponding LightSource objects,
533         and repaint the filters.
534
535         Duplicated 'id' attributes removed from svg-filter-animation.svg.
536
537         Existing dynamic-update tests covers this feature.
538
539         5x speedup on manual-tests/svg-filter-animation.svg
540
541         * manual-tests/svg-filter-animation.svg:
542         * platform/graphics/filters/DistantLightSource.h:
543         * platform/graphics/filters/FEDiffuseLighting.cpp:
544         (WebCore::FEDiffuseLighting::setLightingColor):
545         (WebCore::FEDiffuseLighting::setSurfaceScale):
546         (WebCore::FEDiffuseLighting::setDiffuseConstant):
547         (WebCore::FEDiffuseLighting::setKernelUnitLengthX):
548         (WebCore::FEDiffuseLighting::setKernelUnitLengthY):
549         * platform/graphics/filters/FEDiffuseLighting.h:
550         * platform/graphics/filters/LightSource.cpp:
551         (WebCore::PointLightSource::setX):
552         (WebCore::PointLightSource::setY):
553         (WebCore::PointLightSource::setZ):
554         (WebCore::SpotLightSource::setX):
555         (WebCore::SpotLightSource::setY):
556         (WebCore::SpotLightSource::setZ):
557         (WebCore::SpotLightSource::setPointsAtX):
558         (WebCore::SpotLightSource::setPointsAtY):
559         (WebCore::SpotLightSource::setPointsAtZ):
560         (WebCore::SpotLightSource::setSpecularExponent):
561         (WebCore::SpotLightSource::setLimitingConeAngle):
562         (WebCore::DistantLightSource::setAzimuth):
563         (WebCore::DistantLightSource::setElevation):
564         (WebCore::LightSource::setAzimuth):
565         (WebCore::LightSource::setElevation):
566         (WebCore::LightSource::setX):
567         (WebCore::LightSource::setY):
568         (WebCore::LightSource::setZ):
569         (WebCore::LightSource::setPointsAtX):
570         (WebCore::LightSource::setPointsAtY):
571         (WebCore::LightSource::setPointsAtZ):
572         (WebCore::LightSource::setSpecularExponent):
573         (WebCore::LightSource::setLimitingConeAngle):
574         * platform/graphics/filters/LightSource.h:
575         * platform/graphics/filters/PointLightSource.h:
576         * platform/graphics/filters/SpotLightSource.h:
577         * rendering/svg/RenderSVGResourceFilter.cpp:
578         (WebCore::RenderSVGResourceFilter::primitiveAttributeChanged):
579         * svg/SVGFEDiffuseLightingElement.cpp:
580         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
581         (WebCore::SVGFEDiffuseLightingElement::lightElementAttributeChanged):
582         (WebCore::SVGFEDiffuseLightingElement::build):
583         (WebCore::SVGFEDiffuseLightingElement::findLightElement):
584         (WebCore::SVGFEDiffuseLightingElement::findLight):
585         * svg/SVGFEDiffuseLightingElement.h:
586         * svg/SVGFELightElement.cpp:
587         (WebCore::SVGFELightElement::svgAttributeChanged):
588         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
589         (WebCore::SVGFilterPrimitiveStandardAttributes::setFilterEffectAttribute):
590         * svg/SVGFilterPrimitiveStandardAttributes.h:
591
592 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
593
594         Reviewed by Dimitri Glazkov.
595
596         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
597         https://bugs.webkit.org/show_bug.cgi?id=53289
598
599         Moving the nested class DocumentOrderedMap from Document into separate files,
600         updating code where necessary.
601
602         No new tests. (refactoring)
603
604         * Android.mk:
605         * CMakeLists.txt:
606         * GNUMakefile.am:
607         * WebCore.gypi:
608         * WebCore.pro:
609         * WebCore.vcproj/WebCore.vcproj:
610         * WebCore.xcodeproj/project.pbxproj:
611         * dom/Document.cpp:
612         (WebCore::Document::getElementById):
613         (WebCore::Document::getImageMap):
614         * dom/Document.h:
615         * dom/DocumentOrderedMap.cpp: Added.
616         (WebCore::keyMatchesId):
617         (WebCore::keyMatchesMapName):
618         (WebCore::keyMatchesLowercasedMapName):
619         (WebCore::DocumentOrderedMap::clear):
620         (WebCore::DocumentOrderedMap::add):
621         (WebCore::DocumentOrderedMap::remove):
622         (WebCore::DocumentOrderedMap::get):
623         (WebCore::DocumentOrderedMap::getElementById):
624         (WebCore::DocumentOrderedMap::getElementByMapName):
625         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
626         * dom/DocumentOrderedMap.h: Added.
627         (WebCore::DocumentOrderedMap::contains):
628         (WebCore::DocumentOrderedMap::containsMultiple):
629         * dom/DOMAllInOne.cpp:
630
631 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
632
633         Reviewed by Martin Robinson.
634
635         [Gtk] atk_text_set_caret_offset fails for list items
636         https://bugs.webkit.org/show_bug.cgi?id=53388
637
638         Allow using text ranges across list items.
639
640         * accessibility/gtk/AccessibilityObjectAtk.cpp:
641         (WebCore::AccessibilityObject::allowsTextRanges): Add list items
642         to the list of accessibility objects supporting text ranges.
643
644 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
645
646         Reviewed by Martin Robinson.
647
648         [GTK] character range extents is off when the end of a wrapped line is included
649         https://bugs.webkit.org/show_bug.cgi?id=53323
650
651         Fixed wrong calculation getting the range extents.
652
653         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
654         (webkit_accessible_text_get_range_extents): Removed '+1' since the
655         requested interval shouldn't include the last character.
656
657 2011-02-01  Mario Sanchez Prada  <msanchez@igalia.com>
658
659         Reviewed by Martin Robinson.
660
661         [GTK] Caret Offset is one off at the end of wrapped lines
662         https://bugs.webkit.org/show_bug.cgi?id=53300
663
664         Consider linebreaks as special cases.
665
666         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
667         (objectAndOffsetUnignored): In order to avoid getting wrong values
668         when around linebreaks, we need to workaround this by explicitly
669         avoiding those '\n' text nodes from affecting the result of
670         calling to TextIterator:rangeLength().
671
672 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
673
674         Unreviewed, rolling out r77229.
675         http://trac.webkit.org/changeset/77229
676         https://bugs.webkit.org/show_bug.cgi?id=53289
677
678         revert mysterious build breakage
679
680         * Android.mk:
681         * CMakeLists.txt:
682         * GNUmakefile.am:
683         * WebCore.gypi:
684         * WebCore.pro:
685         * WebCore.vcproj/WebCore.vcproj:
686         * WebCore.xcodeproj/project.pbxproj:
687         * dom/DOMAllInOne.cpp:
688         * dom/Document.cpp:
689         (WebCore::Document::DocumentOrderedMap::clear):
690         (WebCore::Document::DocumentOrderedMap::add):
691         (WebCore::Document::DocumentOrderedMap::remove):
692         (WebCore::Document::DocumentOrderedMap::get):
693         (WebCore::keyMatchesId):
694         (WebCore::Document::getElementById):
695         (WebCore::keyMatchesMapName):
696         (WebCore::keyMatchesLowercasedMapName):
697         (WebCore::Document::getImageMap):
698         * dom/Document.h:
699         (WebCore::Document::DocumentOrderedMap::contains):
700         (WebCore::Document::DocumentOrderedMap::containsMultiple):
701         * dom/DocumentOrderedMap.cpp: Removed.
702         * dom/DocumentOrderedMap.h: Removed.
703
704 2011-02-01  Mihai Parparita  <mihaip@chromium.org>
705
706         Reviewed by James Robinson.
707
708         Async event handlers should not fire within a modal dialog
709         https://bugs.webkit.org/show_bug.cgi?id=53202
710
711         Asychronous events that use EventQueue would currently fire while a
712         modal dialog (e.g. window.alert()) was up. Change EventQueue to use a
713         SuspendableTimer (which automatically gets suspended while dialogs are
714         up and in other cases where JS execution is not allowed).
715         
716         Test: fast/events/scroll-event-during-modal-dialog.html
717
718         * dom/Document.cpp:
719         (WebCore::Document::Document):
720         * dom/EventQueue.cpp:
721         (WebCore::EventQueueTimer::EventQueueTimer):
722         (WebCore::EventQueueTimer::fired):
723         (WebCore::EventQueue::EventQueue):
724         (WebCore::EventQueue::enqueueEvent):
725         (WebCore::EventQueue::pendingEventTimerFired):
726         * dom/EventQueue.h:
727         (WebCore::EventQueue::create):
728
729 2011-02-01  Roland Steiner  <rolandsteiner@chromium.org>
730
731         Reviewed by Dimitri Glazkov.
732
733         Bug 53289 - DOM: Move DocumentOrderedMap from Document into separate files
734         https://bugs.webkit.org/show_bug.cgi?id=53289
735
736         Moving the nested class DocumentOrderedMap from Document into separate files,
737         updating code where necessary.
738
739         No new tests. (refactoring)
740
741         * Android.mk:
742         * CMakeLists.txt:
743         * GNUMakefile.am:
744         * WebCore.gypi:
745         * WebCore.pro:
746         * WebCore.vcproj/WebCore.vcproj:
747         * WebCore.xcodeproj/project.pbxproj:
748         * dom/Document.cpp:
749         (WebCore::Document::getElementById):
750         (WebCore::Document::getImageMap):
751         * dom/Document.h:
752         * dom/DocumentOrderedMap.cpp: Added.
753         (WebCore::keyMatchesId):
754         (WebCore::keyMatchesMapName):
755         (WebCore::keyMatchesLowercasedMapName):
756         (WebCore::DocumentOrderedMap::clear):
757         (WebCore::DocumentOrderedMap::add):
758         (WebCore::DocumentOrderedMap::remove):
759         (WebCore::DocumentOrderedMap::get):
760         (WebCore::DocumentOrderedMap::getElementById):
761         (WebCore::DocumentOrderedMap::getElementByMapName):
762         (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
763         * dom/DocumentOrderedMap.h: Added.
764         (WebCore::DocumentOrderedMap::contains):
765         (WebCore::DocumentOrderedMap::containsMultiple):
766         * dom/DOMAllInOne.cpp:
767
768 2011-02-01  Naoki Takano  <takano.naoki@gmail.com>
769
770         Reviewed by Darin Fisher.
771
772         [Chromium] Autofill should work with HTML5 form elements
773         https://bugs.webkit.org/show_bug.cgi?id=51809
774         http://crbug.com/65654
775
776         No new tests, because this fix is for Chromium project and hard to test only in WebKit project.
777
778         * html/InputType.h: Insert comment for canSetSuggestedValue().
779         * html/TextFieldInputType.cpp:
780         (WebCore::TextFieldInputType::canSetSuggestedValue): Implemented to return always true for that all text filed inputs can be completed.
781         * html/TextFieldInputType.h: Declare canSetSuggestedValue().
782         * html/TextInputType.cpp: Delete canSetSuggestedValue() not to return true anymore.
783         * html/TextInputType.h: Delete canSetSuggestedValue() not to return true anymore.
784
785 2011-02-01  Kent Tamura  <tkent@chromium.org>
786
787         Reviewed by Dan Bernstein.
788
789         REGRESSION (r65062): Safari loops forever under WebCore::plainTextToMallocAllocatedBuffer()
790         https://bugs.webkit.org/show_bug.cgi?id=53272
791
792         * editing/TextIterator.cpp:
793         (WebCore::TextIterator::handleTextBox): Pass the appropriate renderer to emitText().
794
795 2011-01-31  Alexey Proskuryakov  <ap@apple.com>
796
797         Reviewed by Maciej Stachowiak.
798
799         https://bugs.webkit.org/show_bug.cgi?id=53466
800         Move WebKit2 to printing via API methods
801
802         * WebCore.exp.in: Export IntRect::scale().
803
804 2011-01-31  Patrick Gansterer  <paroga@webkit.org>
805
806         Reviewed by Adam Barth.
807
808         Remove obsolete comment after r41871
809         https://bugs.webkit.org/show_bug.cgi?id=53406
810
811         * dom/Document.h:
812
813 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
814
815         Fix according to reviewer comments: can just use Color::black now.
816
817         * platform/graphics/ShadowBlur.cpp:
818         (WebCore::ShadowBlur::drawInsetShadow):
819         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
820
821 2011-01-31  Simon Fraser  <simon.fraser@apple.com>
822
823         Reviewed by Sam Weinig.
824
825         Clean up ShadowBlur
826         https://bugs.webkit.org/show_bug.cgi?id=53472
827
828         Some minor ShadowBlur cleanup.
829
830         * platform/graphics/ShadowBlur.h:
831         * platform/graphics/ShadowBlur.cpp:
832         (WebCore::ShadowBlur::ShadowBlur): Use m_blurRadius rather than the radius
833         paramter.
834         (WebCore::ShadowBlur::adjustBlurRadius): Renamed from adjustBlurDistance.
835         (WebCore::ShadowBlur::calculateLayerBoundingRect): Rename layerFloatRect to
836         layerRect. Make frameSize a float.
837         (WebCore::ShadowBlur::beginShadowLayer): This now takes a precomputed
838         layerRect rather than calling calculateLayerBoundingRect() to compute
839         it itself, since we were calling calculateLayerBoundingRect() twice.
840         (WebCore::ShadowBlur::drawRectShadow): Optimize to call calculateLayerBoundingRect()
841         only once. The shadowRect variable was unused, so two return paths could be
842         collapsed into one.
843         (WebCore::ShadowBlur::drawInsetShadow): Call calculateLayerBoundingRect() before
844         beginShadowLayer() now.
845         (WebCore::ShadowBlur::drawRectShadowWithoutTiling): The layerRect gets passed in.
846         We always used alpha=1, so no need to pass that in.
847         (WebCore::ShadowBlur::drawRectShadowWithTiling): We always used alpha=1, so no need to
848         pass that in. Move shadowRect down to first use.
849         ShadowBlur::clipBounds() was unused.
850
851 2011-01-31  No'am Rosenthal  <noam.rosenthal@nokia.com>
852
853         Reviewed by Kenneth Rohde Christiansen.
854
855         [Qt] QWebElements example from QtWebKit Bridge documentation does not work at all
856         https://bugs.webkit.org/show_bug.cgi?id=46748
857
858         This problem disappears when we register QWebElement using qRegisterMetaType, which we now do in QtInstance.
859         Added a regression test to tst_QWebFrame.
860
861         * bridge/qt/qt_instance.cpp:
862         (JSC::Bindings::QtInstance::QtInstance):
863
864 2011-01-27  MORITA Hajime  <morrita@google.com>
865
866         Reviewed by Dimitri Glazkov.
867         
868         Convert <progress> shadow DOM to a DOM-based shadow.
869         https://bugs.webkit.org/show_bug.cgi?id=50660
870
871         * Removed RenderProgress::m_valuePart, moved the shadow node
872           to the shadow root of HTMLProgressElement.
873         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
874           ProgressBarValueElement is defined only for overriding
875           shadowPseudoId().
876         
877         No new tests. No behavioral change.
878
879         * css/CSSSelector.cpp:
880         (WebCore::CSSSelector::pseudoId):
881         (WebCore::nameToPseudoTypeMap):
882         (WebCore::CSSSelector::extractPseudoType):
883         * css/CSSSelector.h:
884         * html/HTMLProgressElement.cpp:
885         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
886         (WebCore::ProgressBarValueElement::shadowPseudoId):
887         (WebCore::ProgressBarValueElement::create):
888         (WebCore::ProgressBarValueElement::detach):
889         (WebCore::HTMLProgressElement::parseMappedAttribute):
890         (WebCore::HTMLProgressElement::attach):
891         (WebCore::HTMLProgressElement::valuePart):
892         (WebCore::HTMLProgressElement::didElementStateChange):
893         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
894         * html/HTMLProgressElement.h:
895         * rendering/RenderProgress.cpp:
896         (WebCore::RenderProgress::~RenderProgress):
897         (WebCore::RenderProgress::updateFromElement):
898         (WebCore::RenderProgress::layoutParts):
899         (WebCore::RenderProgress::shouldHaveParts):
900         (WebCore::RenderProgress::valuePart):
901         * rendering/RenderProgress.h:
902         * rendering/style/RenderStyleConstants.h:
903
904 2011-01-31  Charlie Reis  <creis@chromium.org>
905
906         Reviewed by Mihai Parparita.
907
908         Add sanity check to help diagnose bug 52819
909         https://bugs.webkit.org/show_bug.cgi?id=53402
910
911         Crash early if the children of fromItem look invalid.
912
913         * loader/HistoryController.cpp:
914
915 2011-01-31  Kalle Vahlman  <kalle.vahlman@movial.com>
916
917         Reviewed by Andreas Kling.
918
919         [Qt] canvas.drawImage(HTMLVideoElement) doesn't work with Qt Multimedia backend
920         https://bugs.webkit.org/show_bug.cgi?id=53325
921
922         Reimplement paintCurrentFrameInContext() rather than delegate the
923         rendering to paint() to make sure we really do get the video frame
924         content into the GraphicsContext, regardless of accelerated
925         compositing and the video scene state.
926
927         * platform/graphics/qt/MediaPlayerPrivateQt.cpp:
928         (WebCore::MediaPlayerPrivateQt::paintCurrentFrameInContext):
929         * platform/graphics/qt/MediaPlayerPrivateQt.h:
930
931 2011-01-31  Emil A Eklund  <eae@chromium.org>
932
933         Reviewed by Darin Adler.
934
935         Setting "selected" attribute to false should have no effect in single line <select>
936         https://bugs.webkit.org/show_bug.cgi?id=52436
937
938         Change SelectElement::setSelectedIndex to select the first selectable
939         option when the select state of all options is set to false as required
940         by the HTML5 specification.
941
942         Test: fast/dom/HTMLSelectElement/selected-false.html
943
944         * dom/SelectElement.cpp:
945         (WebCore::SelectElement::setSelectedIndex):
946
947 2011-01-31  Alexander Pavlov  <apavlov@chromium.org>
948
949         Reviewed by Yury Semikhatsky.
950
951         Web Inspector: Console source references need a left-margin
952         https://bugs.webkit.org/show_bug.cgi?id=53308
953
954         * inspector/front-end/inspector.css:
955         (.console-message-url): Added a 4px margin on the left.
956
957 2011-01-31  Carol Szabo  <carol.szabo@nokia.com>
958
959         Reviewed by David Hyatt.
960
961         Code Changes only.
962
963         It is needlessly expensive to find the generating node from an anonymous renderer of a pseudoelement.
964         https://bugs.webkit.org/show_bug.cgi?id=53024
965
966         No new tests. No change in functionality
967
968         * rendering/RenderObject.h:
969         (WebCore::RenderObject::before):
970         (WebCore::RenderObject::after):
971         (WebCore::RenderObject::generatingNode):
972         Added new accessors for the use of the CSS 2.1 counters code
973         (mainlyly)
974         * rendering/RenderObjectChildList.cpp:
975         (WebCore::beforeAfterContainer):
976         (WebCore::RenderObjectChildList::invalidateCounters):
977         (WebCore::RenderObjectChildList::before):
978         (WebCore::RenderObjectChildList::after):
979         Refactored the code to take advantage of the new accessors.
980         (WebCore::RenderObjectChildList::updateBeforeAfterContent):
981         Changed to store the generating node in the :before and :after
982         renderers.
983         * rendering/RenderObjectChildList.h:
984
985 2011-01-31  Krithigassree Sambamurthy  <krithigassree.sambamurthy@nokia.com>
986
987         Reviewed by David Hyatt.
988
989         Add background-clip to background shorthand
990         https://bugs.webkit.org/show_bug.cgi?id=52080
991
992         Added background-clip to background-shorthand. Also made changes to
993         include webkitMaskClip to the mask shorthand to keep both in sync.
994
995         * css/CSSParser.cpp:
996         (WebCore::CSSParser::parseValue):
997         (WebCore::CSSParser::parseFillShorthand):
998
999 2011-01-31  Darin Adler  <darin@apple.com>
1000
1001         Reviewed by Adele Peterson.
1002
1003         WKView should support scrollPageDown:, scrollPageUp:, scrollToBeg and other similar selectors
1004         https://bugs.webkit.org/show_bug.cgi?id=53460
1005
1006         * editing/EditorCommand.cpp:
1007         (WebCore::executeScrollPageBackward): Added.
1008         (WebCore::executeScrollPageForward): Added.
1009         (WebCore::executeScrollToBeginningOfDocument): Added.
1010         (WebCore::executeScrollToEndOfDocument): Added.
1011         (WebCore::createCommandMap): Added the four commands above to the map.
1012
1013 2011-01-31  Dan Bernstein  <mitz@apple.com>
1014
1015         Reviewed by Adele Peterson.
1016
1017         Inter-ideograph justification should apply to hiragana and katakana as well
1018         https://bugs.webkit.org/show_bug.cgi?id=53464
1019
1020         Changed the test for expansion opportunities from isCJKIdeograph() to isCJKIdeographOrSymbol().
1021
1022         * platform/graphics/Font.cpp:
1023         (WebCore::Font::expansionOpportunityCount):
1024         * platform/graphics/WidthIterator.cpp:
1025         (WebCore::WidthIterator::advance):
1026         * platform/graphics/mac/ComplexTextController.cpp:
1027         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
1028
1029 2011-01-31  Dimitri Glazkov  <dglazkov@chromium.org>
1030
1031         Reviewed by James Robinson.
1032
1033         REGRESSION(r76951): Appearance of media controls changed slightly on Qt/Chromium ports
1034         https://bugs.webkit.org/show_bug.cgi?id=53314
1035
1036         Fixes media/controls-strict.html on Chromium.
1037
1038         * css/mediaControlsChromium.css:
1039         (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
1040             Added proper box-sizing to avoid differences between strict/quirks mode.
1041
1042 2011-01-31  Kent Tamura  <tkent@chromium.org>
1043
1044         Reviewed by Dimitri Glazkov.
1045
1046         Validation message bubble shouldn't inherit text-security style
1047         https://bugs.webkit.org/show_bug.cgi?id=53457
1048
1049         No new tests because the validation message feature depends on timers
1050         and is enabled only in Chromium port.
1051
1052         * css/html.css:
1053         (::-webkit-validation-bubble): Reset -webkit-text-security.
1054
1055 2011-01-31  Michael Saboff  <msaboff@apple.com>
1056
1057         Reviewed by Geoffrey Garen.
1058
1059         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
1060         https://bugs.webkit.org/show_bug.cgi?id=53271
1061
1062         Reapplying this patch again. 
1063         The removal of this patch in <http://trac.webkit.org/changeset/77125>
1064         as part of https://bugs.webkit.org/show_bug.cgi?id=53418,
1065         removed the both the first (failing) patch (r76893) and this fixed 
1066         patch (r76969).  This patch includes slight changes necessitated by
1067         r77151.
1068
1069         Reapplying this patch with the change that the second ASSERT in 
1070         RootObject::removeRuntimeObject was changed to use
1071         .uncheckedGet() instead of the failing .get().  The object in question
1072         could be in the process of being GC'ed.  The get() call will not return
1073         such an object while the uncheckedGet() call will return the (unsafe) 
1074         object.  This is the behavior we want.
1075
1076         Precautionary change.
1077         Changed RootObject to use WeakGCMap instead of HashSet.
1078         Found will looking for another issue, but can't produce a test case
1079         that is problematic.  THerefore there aren't any new tests.
1080
1081         * bridge/runtime_root.cpp:
1082         (JSC::Bindings::RootObject::invalidate):
1083         (JSC::Bindings::RootObject::addRuntimeObject):
1084         (JSC::Bindings::RootObject::removeRuntimeObject):
1085         * bridge/runtime_root.h:
1086
1087 2011-01-31  Andreas Kling  <kling@webkit.org>
1088
1089         Unbreak Qt build after r77151.
1090
1091         * bridge/qt/qt_instance.cpp:
1092         (JSC::Bindings::QtInstance::removeCachedMethod):
1093         (JSC::Bindings::QtInstance::markAggregate):
1094
1095 2011-01-31  takano takumi  <takano@apple.com>
1096
1097         Reviewed by Dave Hyatt.
1098
1099         Implement text-combine rendering code
1100         https://bugs.webkit.org/show_bug.cgi?id=50621
1101
1102         Test: fast/text/international/text-combine-image-test.html
1103
1104         * Android.mk: Added RenderCombineText.cpp/h
1105         * CMakeLists.txt: Added RenderCombineText.cpp/h
1106         * GNUmakefile.am: Added RenderCombineText.cpp/h
1107         * WebCore.exp.in:
1108         * WebCore.gypi: Added RenderCombineText.cpp/h
1109         * WebCore.pro: Added RenderCombineText.cpp/h
1110         * WebCore.vcproj/WebCore.vcproj: Added RenderCombineText.cpp/h
1111         * WebCore.xcodeproj/project.pbxproj: Added RenderCombineText.cpp/h
1112         * css/CSSFontFaceSource.cpp:
1113         (WebCore::CSSFontFaceSource::getFontData):
1114         - Added fontDescription.widthVariant to SimpleFontData creation.
1115         * css/CSSStyleSelector.cpp:
1116         (WebCore::CSSStyleSelector::applyProperty):
1117         - Changed to set "Unique" flag to RenderStyle in case of TextCombine.
1118         * dom/Text.cpp:
1119         (WebCore::Text::createRenderer):
1120         - Changed to create RenderCombineText in case of TextCombine.
1121         * loader/cache/CachedFont.cpp:
1122         (WebCore::CachedFont::platformDataFromCustomData):
1123         - Added FontWidthVariant as an argument for FontPlatformData creation.
1124         * loader/cache/CachedFont.h:
1125         - Ditto.
1126         * platform/graphics/Font.h:
1127         (WebCore::Font::widthVariant):
1128         - The accessor to FontWidthVariant member variable.
1129         * platform/graphics/FontCache.cpp:
1130         - Made cache to incorporate FontWidthVariant value.
1131         (WebCore::FontPlatformDataCacheKey::FontPlatformDataCacheKey):
1132         (WebCore::FontPlatformDataCacheKey::operator==):
1133         (WebCore::computeHash):
1134         (WebCore::FontCache::getCachedFontPlatformData):
1135         * platform/graphics/FontDescription.h:
1136         - Add a member variable that holds a width variant - none, half-width, third-width, and quarter-width.
1137         (WebCore::FontDescription::FontDescription):
1138         (WebCore::FontDescription::widthVariant):
1139         (WebCore::FontDescription::setWidthVariant):
1140         (WebCore::FontDescription::operator==):
1141         * platform/graphics/FontWidthVariant.h: Added.
1142         * platform/graphics/cairo/FontCustomPlatformData.h:
1143         - Changed to carry FontWidthVariant value.
1144         * platform/graphics/cocoa/FontPlatformData.h:
1145         - Changed to carry FontWidthVariant value.
1146         (WebCore::FontPlatformData::FontPlatformData):
1147         (WebCore::FontPlatformData::widthVariant):
1148         (WebCore::FontPlatformData::hash):
1149         (WebCore::FontPlatformData::operator==):
1150         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
1151         (WebCore::FontPlatformData::FontPlatformData):
1152         - Changed to carry FontWidthVariant value.
1153         (WebCore::FontPlatformData::operator=):
1154         - Ditto.
1155         (WebCore::mapFontWidthVariantToCTFeatureSelector):
1156         - A function to map a FontWidthVariant value to a CoreText's text spacing feature selector.
1157         (WebCore::FontPlatformData::ctFont):
1158         - Changed to create CTFont with text spacing variant based on FontWidthVariant.
1159         * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
1160         (WebCore::FontCustomPlatformData::fontPlatformData):
1161         - Changed to carry FontWidthVariant value.
1162         * platform/graphics/haiku/FontCustomPlatformData.cpp:
1163         (WebCore::FontCustomPlatformData::fontPlatformData):
1164         - Changed to carry FontWidthVariant value.
1165         * platform/graphics/haiku/FontCustomPlatformData.h:
1166         * platform/graphics/mac/FontCacheMac.mm:
1167         (WebCore::FontCache::createFontPlatformData):
1168         - Changed to carry FontWidthVariant value.
1169         * platform/graphics/mac/FontCustomPlatformData.cpp:
1170         (WebCore::FontCustomPlatformData::fontPlatformData):
1171         - Changed to carry FontWidthVariant value.
1172         * platform/graphics/mac/FontCustomPlatformData.h:
1173         - Ditto.
1174         * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
1175         (WebCore::shouldUseCoreText):
1176         - Changed to skip CT path when width variant is specified.
1177         * platform/graphics/pango/FontCustomPlatformDataPango.cpp:
1178         (WebCore::FontCustomPlatformData::fontPlatformData):
1179         - Ditto.
1180         * platform/graphics/qt/FontCustomPlatformData.h:
1181         - Ditto.
1182         * platform/graphics/qt/FontCustomPlatformDataQt.cpp:
1183         (WebCore::FontCustomPlatformData::fontPlatformData):
1184         - Ditto.
1185         * platform/graphics/skia/FontCustomPlatformData.cpp:
1186         (WebCore::FontCustomPlatformData::fontPlatformData):
1187         - Ditto.
1188         * platform/graphics/skia/FontCustomPlatformData.h:
1189         - Ditto.
1190         * platform/graphics/win/FontCustomPlatformData.cpp:
1191         (WebCore::FontCustomPlatformData::fontPlatformData):
1192         - Ditto.
1193         * platform/graphics/win/FontCustomPlatformData.h:
1194         - Ditto.
1195         * platform/graphics/win/FontCustomPlatformDataCairo.cpp:
1196         - Ditto.
1197         (WebCore::FontCustomPlatformData::fontPlatformData):
1198         - Ditto.
1199         * platform/graphics/win/FontCustomPlatformDataCairo.h:
1200         - Ditto.
1201         * platform/graphics/wince/FontCustomPlatformData.cpp:
1202         (WebCore::FontCustomPlatformData::fontPlatformData):
1203         - Ditto.
1204         * platform/graphics/wince/FontCustomPlatformData.h:
1205         - Ditto.
1206         * platform/graphics/wx/FontCustomPlatformData.cpp:
1207         (WebCore::FontCustomPlatformData::fontPlatformData):
1208         - Ditto.
1209         * platform/graphics/wx/FontCustomPlatformData.h:
1210         - Ditto.
1211         * rendering/InlineTextBox.cpp:
1212         (WebCore::InlineTextBox::paint):
1213         - In case of RenderCombineText, we don't rotate text even in vertical writing. Also, we render original text
1214         instead of text returned from text().
1215         * rendering/RenderBlock.cpp:
1216         (WebCore::RenderBlock::computeInlinePreferredLogicalWidths):
1217         - Made to call RenderCombinedText's prepareTextCombine() here.
1218         * rendering/RenderBlockLineLayout.cpp:
1219         (WebCore::textWidth):
1220         - Made to always use the render object's width() in case of TextCombine.
1221         (WebCore::RenderBlock::findNextLineBreak):
1222         - Made to call RenderCombinedText's prepareTextCombine() here.
1223         * rendering/RenderCombineText.cpp: Added. A subclass of RenderText.
1224         (WebCore::RenderCombineText::RenderCombineText):
1225         (WebCore::RenderCombineText::styleDidChange):
1226         - Clear the flag that indicated the font has been prepared for combining. The font will be reinitialized in
1227         the next call of RenderBlock::findNextLineBreak().
1228         (WebCore::RenderCombineText::setTextInternal):
1229         - Ditto.
1230         (WebCore::RenderCombineText::width):
1231         - Returns 1-em width in case of font combine.
1232         (WebCore::RenderCombineText::adjustTextOrigin):
1233         - Adjust drawing origin point in case of font combine.
1234         (WebCore::RenderCombineText::charactersToRender):
1235         - Return original text instead of current text in case of font combine.
1236         (WebCore::RenderCombineText::combineText):
1237         - This function tries to pack passed text with; 1) the current font as is, 2) the font created
1238         from the descriptor with half-width variant specified, 3) the font with third-width variant, 4) the font
1239         with quarter-width variant.
1240         - If a suitable font successfully found, replace the current font with the new font. If no appropriate font found,
1241         we give up text-combine as the CSS spec describes.
1242         - If a new font found, we replace the text with 0xFFFC. This is needed for a combined text block to be able to
1243         behave like a single character against text decorations.
1244         * rendering/RenderCombineText.h: Added.
1245         (WebCore::RenderCombineText::isCombined):
1246         (WebCore::RenderCombineText::combinedTextWidth):
1247         - Returns 1-em width in case of font combine.
1248         (WebCore::RenderCombineText::renderName):
1249         (WebCore::toRenderCombineText):
1250         * rendering/RenderText.cpp:
1251         (WebCore::RenderText::widthFromCache):
1252         - Made to call RenderCombineText's combinedTextWidth when the text is combined.
1253         * rendering/RenderingAllInOne.cpp: Added RenderCombineText.cpp
1254         * rendering/style/RenderStyle.h:
1255         (WebCore::InheritedFlags::hasTextCombine):
1256         - Added for a quick test of TextCombine.
1257
1258 2011-01-31  Oliver Hunt  <oliver@apple.com>
1259
1260         Convert markstack to a slot visitor API
1261         https://bugs.webkit.org/show_bug.cgi?id=53219
1262
1263         rolling r77098, r77099, r77100, r77109, and
1264         r77111 back in, along with a few more Qt fix attempts.
1265
1266         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
1267         * WebCore.exp.in:
1268         * bindings/js/DOMWrapperWorld.h:
1269         (WebCore::DOMWrapperWorld::globalData):
1270         * bindings/js/JSAudioConstructor.cpp:
1271         (WebCore::JSAudioConstructor::JSAudioConstructor):
1272         * bindings/js/JSDOMBinding.cpp:
1273         (WebCore::markDOMNodesForDocument):
1274         (WebCore::markDOMObjectWrapper):
1275         (WebCore::markDOMNodeWrapper):
1276         * bindings/js/JSDOMGlobalObject.cpp:
1277         (WebCore::JSDOMGlobalObject::markChildren):
1278         (WebCore::JSDOMGlobalObject::setInjectedScript):
1279         (WebCore::JSDOMGlobalObject::injectedScript):
1280         * bindings/js/JSDOMGlobalObject.h:
1281         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1282         (WebCore::getDOMConstructor):
1283         * bindings/js/JSDOMWindowCustom.cpp:
1284         (WebCore::JSDOMWindow::setLocation):
1285         (WebCore::DialogHandler::dialogCreated):
1286         * bindings/js/JSDOMWindowShell.cpp:
1287         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1288         (WebCore::JSDOMWindowShell::setWindow):
1289         (WebCore::JSDOMWindowShell::markChildren):
1290         (WebCore::JSDOMWindowShell::unwrappedObject):
1291         * bindings/js/JSDOMWindowShell.h:
1292         (WebCore::JSDOMWindowShell::window):
1293         (WebCore::JSDOMWindowShell::setWindow):
1294         * bindings/js/JSDeviceMotionEventCustom.cpp:
1295         (WebCore::createAccelerationObject):
1296         (WebCore::createRotationRateObject):
1297         * bindings/js/JSEventListener.cpp:
1298         (WebCore::JSEventListener::JSEventListener):
1299         (WebCore::JSEventListener::markJSFunction):
1300         * bindings/js/JSEventListener.h:
1301         (WebCore::JSEventListener::jsFunction):
1302         * bindings/js/JSHTMLDocumentCustom.cpp:
1303         (WebCore::JSHTMLDocument::setAll):
1304         * bindings/js/JSImageConstructor.cpp:
1305         (WebCore::JSImageConstructor::JSImageConstructor):
1306         * bindings/js/JSImageDataCustom.cpp:
1307         (WebCore::toJS):
1308         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1309         (WebCore::JSJavaScriptCallFrame::scopeChain):
1310         (WebCore::JSJavaScriptCallFrame::scopeType):
1311         * bindings/js/JSNodeFilterCondition.cpp:
1312         (WebCore::JSNodeFilterCondition::markAggregate):
1313         (WebCore::JSNodeFilterCondition::acceptNode):
1314         * bindings/js/JSNodeFilterCondition.h:
1315         * bindings/js/JSNodeFilterCustom.cpp:
1316         * bindings/js/JSOptionConstructor.cpp:
1317         (WebCore::JSOptionConstructor::JSOptionConstructor):
1318         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1319         (WebCore::JSSQLResultSetRowList::item):
1320         * bindings/js/ScriptCachedFrameData.cpp:
1321         (WebCore::ScriptCachedFrameData::restore):
1322         * bindings/js/ScriptObject.cpp:
1323         (WebCore::ScriptGlobalObject::set):
1324         * bindings/js/SerializedScriptValue.cpp:
1325         (WebCore::CloneDeserializer::putProperty):
1326         * bindings/scripts/CodeGeneratorJS.pm:
1327         * bridge/qt/qt_class.cpp:
1328         (JSC::Bindings::QtClass::fallbackObject):
1329         * bridge/qt/qt_instance.cpp:
1330         (JSC::Bindings::QtInstance::QtInstance):
1331         (JSC::Bindings::QtInstance::removeCachedMethod):
1332         (JSC::Bindings::QtInstance::markAggregate):
1333         * bridge/qt/qt_instance.h:
1334         * bridge/qt/qt_runtime.cpp:
1335         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1336         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1337         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1338         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1339         * bridge/qt/qt_runtime.h:
1340         * dom/Document.h:
1341
1342 2011-01-31  Dan Winship  <danw@gnome.org>
1343
1344         Reviewed by Gustavo Noronha Silva.
1345
1346         wss (websockets ssl) support for gtk via new gio TLS support
1347         https://bugs.webkit.org/show_bug.cgi?id=50344
1348
1349         Update to use GPollableOutputStream and GTlsConnection to
1350         implement wss URLs
1351
1352         * platform/network/soup/SocketStreamHandle.h:
1353         * platform/network/soup/SocketStreamHandleSoup.cpp:
1354         (WebCore::SocketStreamHandle::SocketStreamHandle):
1355         (WebCore::SocketStreamHandle::connected):
1356         (WebCore::SocketStreamHandle::platformSend):
1357         (WebCore::SocketStreamHandle::beginWaitingForSocketWritability):
1358         (WebCore::writeReadyCallback):
1359
1360 2011-01-31  Abhishek Arya  <inferno@chromium.org>
1361
1362         Reviewed by Dimitri Glazkov.
1363
1364         Check the textarea node still exists in document before casting
1365         it to HTMLTextAreaElement.
1366         https://bugs.webkit.org/show_bug.cgi?id=53429
1367
1368         Test: fast/forms/textarea-node-removed-from-document-crash.html
1369
1370         * rendering/RenderTextControlMultiLine.cpp:
1371         (WebCore::RenderTextControlMultiLine::~RenderTextControlMultiLine):
1372
1373 2011-01-27  Abhishek Arya  <inferno@chromium.org>
1374
1375         Reviewed by Dave Hyatt.
1376
1377         If beforeChild is wrapped in an anonymous table section, we need to
1378         go the parent to find it and use it before adding childs to table.
1379         https://bugs.webkit.org/show_bug.cgi?id=53276
1380
1381         We need to make sure that beforeChild's parent is "this" before calling
1382         RenderBox::addChild. The previous condition in while is too restrictive
1383         and fails to calculate the right beforeChild value when its display
1384         style is table caption.
1385         Test: fast/table/before-child-non-table-section-add-table-crash.html
1386
1387         * rendering/RenderTable.cpp:
1388         (WebCore::RenderTable::addChild):
1389
1390 2011-01-31  Shane Stephens  <shanestephens@google.com>
1391
1392         Reviewed by Simon Fraser.
1393
1394         AffineTransform::translateRight incorrectly computes a translateLeft.
1395         https://bugs.webkit.org/show_bug.cgi?id=52551
1396
1397         Removed translateRight and converted all uses to perform standard
1398         matrix multiplication.
1399
1400         No new tests because patch doesn't modify functionality.
1401
1402         * platform/graphics/transforms/AffineTransform.cpp:
1403         * platform/graphics/transforms/AffineTransform.h:
1404         (WebCore::AffineTransform::translation):
1405         * rendering/svg/RenderSVGResourceMarker.cpp:
1406         (WebCore::RenderSVGResourceMarker::localToParentTransform):
1407         * rendering/svg/RenderSVGRoot.cpp:
1408         (WebCore::RenderSVGRoot::localToRepaintContainerTransform):
1409         (WebCore::RenderSVGRoot::localToParentTransform):
1410         * rendering/svg/RenderSVGViewportContainer.cpp:
1411         (WebCore::RenderSVGViewportContainer::localToParentTransform):
1412         * rendering/svg/SVGTextLayoutEngine.cpp:
1413         (WebCore::SVGTextLayoutEngine::finalizeTransformMatrices):
1414
1415 2011-01-31  Mario Sanchez Prada  <msanchez@igalia.com>
1416
1417         Reviewed by Martin Robinson.
1418
1419         [Gtk] atk_text_set_caret_offset returns True even when it is unsuccessful
1420         https://bugs.webkit.org/show_bug.cgi?id=53389
1421
1422         Return FALSE when not able to set the caret at the specified offset.
1423
1424         * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
1425         (webkit_accessible_text_set_caret_offset): Return FALSE when the
1426         range created is NULL and adjust offset to account for list markers.
1427
1428 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
1429
1430         Reviewed by Yury Semikhatsky.
1431
1432         Web Inspector: copy HAR to clipboard instead of saving blob on export.
1433         https://bugs.webkit.org/show_bug.cgi?id=53328
1434
1435         * inspector/front-end/NetworkPanel.js:
1436         (WebInspector.NetworkPanel.prototype._exportAll):
1437         (WebInspector.NetworkPanel.prototype._exportResource):
1438
1439 2011-01-30  Pavel Feldman  <pfeldman@chromium.org>
1440
1441         Reviewed by Timothy Hatcher.
1442
1443         Web Inspector: speed up network panel rendering.
1444         https://bugs.webkit.org/show_bug.cgi?id=53397
1445
1446         * inspector/front-end/DataGrid.js:
1447         (WebInspector.DataGrid.prototype.get scrollContainer):
1448         * inspector/front-end/NetworkPanel.js:
1449         (WebInspector.NetworkPanel.prototype.elementsToRestoreScrollPositionsFor):
1450         (WebInspector.NetworkPanel.prototype._positionSummaryBar):
1451         (WebInspector.NetworkPanel.prototype._createTable):
1452         (WebInspector.NetworkPanel.prototype._exportResource):
1453         (WebInspector.NetworkPanel.prototype._onScroll):
1454         * inspector/front-end/networkPanel.css:
1455         (.network-sidebar .data-grid.small tr.offscreen):
1456         (.network-sidebar .data-grid tr.offscreen):
1457         (.network-sidebar .data-grid tr.offscreen td):
1458
1459 2011-01-31  Peter Varga  <pvarga@webkit.org>
1460
1461         Reviewed by Andreas Kling.
1462
1463         Remove wrec from WebCore
1464         https://bugs.webkit.org/show_bug.cgi?id=53298
1465
1466         No new tests needed.
1467
1468         * Android.jscbindings.mk:
1469         * ForwardingHeaders/wrec/WREC.h: Removed.
1470         * WebCore.vcproj/WebCore.vcproj:
1471         * WebCore.vcproj/copyForwardingHeaders.cmd:
1472
1473 2011-01-31  Sheriff Bot  <webkit.review.bot@gmail.com>
1474
1475         Unreviewed, rolling out r76969.
1476         http://trac.webkit.org/changeset/76969
1477         https://bugs.webkit.org/show_bug.cgi?id=53418
1478
1479         "It is causing crashes in GTK+ and Leopard bots" (Requested by
1480         alexg__ on #webkit).
1481
1482         * bridge/runtime_root.cpp:
1483         (JSC::Bindings::RootObject::invalidate):
1484         (JSC::Bindings::RootObject::addRuntimeObject):
1485         (JSC::Bindings::RootObject::removeRuntimeObject):
1486         * bridge/runtime_root.h:
1487
1488 2011-01-31  Antti Koivisto  <antti@apple.com>
1489
1490         Not reviewed.
1491
1492         Spelling.
1493
1494         * css/CSSSelectorList.h:
1495         (WebCore::CSSSelectorList::next):
1496
1497 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
1498
1499         Unreviewed. Fix Chromium compilation on Linux.
1500
1501         * platform/graphics/ShadowBlur.cpp: added PLATFORM(CHROMIUM) guard
1502         * platform/graphics/ShadowBlur.h: added missing ColorSpace.h header include
1503
1504 2011-01-31  Yury Semikhatsky  <yurys@chromium.org>
1505
1506         Unreviewed. Fix Chromium compilation on Mac broken by r77101.
1507
1508         * WebCore.gypi: add ShadowBlur.{h,cpp} to the gypi file.
1509
1510 2011-01-31  Mikhail Naganov  <mnaganov@chromium.org>
1511
1512         Reviewed by Yury Semikhatsky.
1513
1514         WebInspector: Change button title from "Clear CPU profiles" to "Clear all profiles".
1515
1516         https://bugs.webkit.org/show_bug.cgi?id=53309
1517
1518         * English.lproj/localizedStrings.js:
1519         * inspector/front-end/ProfilesPanel.js:
1520         (WebInspector.ProfilesPanel):
1521
1522 2011-01-31  Carlos Garcia Campos  <cgarcia@igalia.com>
1523
1524         Unreviewed, fix the build with current GTK+ 3.x.
1525
1526         * plugins/gtk/gtk2xtbin.c:
1527         * plugins/gtk/gtk2xtbin.h:
1528
1529 2011-01-30  Kenichi Ishibashi  <bashi@google.com>
1530
1531         Reviewed by Kent Tamura.
1532
1533         Dangling form associated elements should not be registered on the document
1534         https://bugs.webkit.org/show_bug.cgi?id=53223
1535
1536         Adds insertedIntoDocument() and remvoedFromDocument() to
1537         FormAssociatedElement class to register the element on the document
1538         if and only if it actually inserted into (removed from) the document.
1539
1540         Test: fast/forms/dangling-form-element-crash.html
1541
1542         * html/FormAssociatedElement.cpp:
1543         (WebCore::FormAssociatedElement::insertedIntoDocument): Added.
1544         (WebCore::FormAssociatedElement::removedFromDocument): Ditto.
1545         (WebCore::FormAssociatedElement::insertedIntoTree): Don't register
1546         the element to a document.
1547         (WebCore::FormAssociatedElement::removedFromTree): Don't unregister
1548         the element from a document.
1549         * html/FormAssociatedElement.h:
1550         * html/HTMLFormControlElement.cpp:
1551         (WebCore::HTMLFormControlElement::insertedIntoDocument): Added.
1552         (WebCore::HTMLFormControlElement::removedFromDocument): Ditto.
1553         * html/HTMLFormControlElement.h:
1554         * html/HTMLObjectElement.cpp:
1555         (WebCore::HTMLObjectElement::insertedIntoDocument): Calls
1556         FormAssociatedElement::insertedIntoDocument().
1557         (WebCore::HTMLObjectElement::removedFromDocument): Calls
1558         FormAssociatedElement::removedFromDocument().
1559
1560 2011-01-30  Csaba Osztrogonác  <ossy@webkit.org>
1561
1562         Unreviewed, rolling out r77098, r77099, r77100, r77109, and
1563         r77111.
1564         http://trac.webkit.org/changeset/77098
1565         http://trac.webkit.org/changeset/77099
1566         http://trac.webkit.org/changeset/77100
1567         http://trac.webkit.org/changeset/77109
1568         http://trac.webkit.org/changeset/77111
1569         https://bugs.webkit.org/show_bug.cgi?id=53219
1570
1571         Qt build is broken
1572
1573         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
1574         * WebCore.exp.in:
1575         * bindings/js/DOMWrapperWorld.h:
1576         * bindings/js/JSAudioConstructor.cpp:
1577         (WebCore::JSAudioConstructor::JSAudioConstructor):
1578         * bindings/js/JSDOMBinding.cpp:
1579         (WebCore::markDOMNodesForDocument):
1580         (WebCore::markDOMObjectWrapper):
1581         (WebCore::markDOMNodeWrapper):
1582         * bindings/js/JSDOMGlobalObject.cpp:
1583         (WebCore::JSDOMGlobalObject::markChildren):
1584         (WebCore::JSDOMGlobalObject::setInjectedScript):
1585         (WebCore::JSDOMGlobalObject::injectedScript):
1586         * bindings/js/JSDOMGlobalObject.h:
1587         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1588         (WebCore::getDOMConstructor):
1589         * bindings/js/JSDOMWindowCustom.cpp:
1590         (WebCore::JSDOMWindow::setLocation):
1591         (WebCore::DialogHandler::dialogCreated):
1592         * bindings/js/JSDOMWindowShell.cpp:
1593         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1594         (WebCore::JSDOMWindowShell::setWindow):
1595         (WebCore::JSDOMWindowShell::markChildren):
1596         (WebCore::JSDOMWindowShell::unwrappedObject):
1597         * bindings/js/JSDOMWindowShell.h:
1598         (WebCore::JSDOMWindowShell::window):
1599         (WebCore::JSDOMWindowShell::setWindow):
1600         * bindings/js/JSDeviceMotionEventCustom.cpp:
1601         (WebCore::createAccelerationObject):
1602         (WebCore::createRotationRateObject):
1603         * bindings/js/JSEventListener.cpp:
1604         (WebCore::JSEventListener::JSEventListener):
1605         (WebCore::JSEventListener::markJSFunction):
1606         * bindings/js/JSEventListener.h:
1607         (WebCore::JSEventListener::jsFunction):
1608         * bindings/js/JSHTMLDocumentCustom.cpp:
1609         (WebCore::JSHTMLDocument::setAll):
1610         * bindings/js/JSImageConstructor.cpp:
1611         (WebCore::JSImageConstructor::JSImageConstructor):
1612         * bindings/js/JSImageDataCustom.cpp:
1613         (WebCore::toJS):
1614         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1615         (WebCore::JSJavaScriptCallFrame::scopeChain):
1616         (WebCore::JSJavaScriptCallFrame::scopeType):
1617         * bindings/js/JSNodeFilterCondition.cpp:
1618         (WebCore::JSNodeFilterCondition::markAggregate):
1619         (WebCore::JSNodeFilterCondition::acceptNode):
1620         * bindings/js/JSNodeFilterCondition.h:
1621         * bindings/js/JSNodeFilterCustom.cpp:
1622         * bindings/js/JSOptionConstructor.cpp:
1623         (WebCore::JSOptionConstructor::JSOptionConstructor):
1624         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1625         (WebCore::JSSQLResultSetRowList::item):
1626         * bindings/js/ScriptCachedFrameData.cpp:
1627         (WebCore::ScriptCachedFrameData::restore):
1628         * bindings/js/ScriptObject.cpp:
1629         (WebCore::ScriptGlobalObject::set):
1630         * bindings/js/SerializedScriptValue.cpp:
1631         (WebCore::CloneDeserializer::putProperty):
1632         * bindings/scripts/CodeGeneratorJS.pm:
1633         * bridge/qt/qt_instance.cpp:
1634         (JSC::Bindings::QtInstance::QtInstance):
1635         (JSC::Bindings::QtInstance::removeCachedMethod):
1636         (JSC::Bindings::QtInstance::markAggregate):
1637         * bridge/qt/qt_instance.h:
1638         * bridge/qt/qt_runtime.cpp:
1639         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1640         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1641         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1642         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1643         * bridge/qt/qt_runtime.h:
1644         * bridge/runtime_root.cpp:
1645         (JSC::Bindings::RootObject::invalidate):
1646         * bridge/runtime_root.h:
1647         * dom/Document.h:
1648
1649 2011-01-30  Sheriff Bot  <webkit.review.bot@gmail.com>
1650
1651         Unreviewed, rolling out r77107.
1652         http://trac.webkit.org/changeset/77107
1653         https://bugs.webkit.org/show_bug.cgi?id=53412
1654
1655         Caused 5 new form-related test crashes (Requested by smfr on
1656         #webkit).
1657
1658         * css/CSSSelector.cpp:
1659         (WebCore::CSSSelector::pseudoId):
1660         (WebCore::nameToPseudoTypeMap):
1661         (WebCore::CSSSelector::extractPseudoType):
1662         * css/CSSSelector.h:
1663         * html/HTMLProgressElement.cpp:
1664         (WebCore::HTMLProgressElement::parseMappedAttribute):
1665         (WebCore::HTMLProgressElement::attach):
1666         * html/HTMLProgressElement.h:
1667         * rendering/RenderProgress.cpp:
1668         (WebCore::RenderProgress::~RenderProgress):
1669         (WebCore::RenderProgress::updateFromElement):
1670         (WebCore::RenderProgress::layoutParts):
1671         (WebCore::RenderProgress::shouldHaveParts):
1672         * rendering/RenderProgress.h:
1673         * rendering/style/RenderStyleConstants.h:
1674
1675 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1676
1677         Reviewed by Sam Weinig.
1678
1679         Enhance ShadowBlur to render inset box shadows
1680         https://bugs.webkit.org/show_bug.cgi?id=51567
1681         
1682         Use ShadowBlur for inset box-shadows with CG. It 
1683         currently lacks a tiled version, but is still much
1684         faster than CG shadows.
1685
1686         Test: fast/box-shadow/inset-box-shadow-radius.html
1687
1688         * platform/graphics/ShadowBlur.cpp:
1689         * platform/graphics/ShadowBlur.h: New method for inset
1690         shadows.
1691         (WebCore::ShadowBlur::drawInsetShadow): 
1692
1693         * platform/graphics/GraphicsContext.cpp: #ifdef out
1694         fillRectWithRoundedHole() for CG.
1695
1696         * platform/graphics/cg/GraphicsContextCG.cpp:
1697         (WebCore::GraphicsContext::fillRectWithRoundedHole): If there's
1698         a shadow with a radius > 0, use ShadowBlur.
1699
1700 2011-01-28  Kenneth Russell  <kbr@google.com>
1701
1702         Reviewed by Chris Marrin.
1703
1704         WebGL shows PNG Textures with indexed colors too dark
1705         https://bugs.webkit.org/show_bug.cgi?id=47477
1706
1707         Properly handle indexed PNG images by re-rendering them as RGBA
1708         images before upload. Verified with this layout test and the test
1709         cases from bugs 47477 and 53269.
1710
1711         * platform/graphics/cg/GraphicsContext3DCG.cpp:
1712         (WebCore::GraphicsContext3D::getImageData):
1713
1714 2011-01-27  MORITA Hajime  <morrita@google.com>
1715
1716         Reviewed by Dimitri Glazkov.
1717         
1718         Convert <progress> shadow DOM to a DOM-based shadow.
1719         https://bugs.webkit.org/show_bug.cgi?id=50660
1720
1721         * Removed RenderProgress::m_valuePart, moved the shadow node
1722           to the shadow root of HTMLProgressElement.
1723         * Removed hard-coded pseudo ID for -webkit-progress-bar-value.
1724           ProgressBarValueElement is defined only for overriding
1725           shadowPseudoId().
1726         
1727         No new tests. No behavioral change.
1728
1729         * css/CSSSelector.cpp:
1730         (WebCore::CSSSelector::pseudoId):
1731         (WebCore::nameToPseudoTypeMap):
1732         (WebCore::CSSSelector::extractPseudoType):
1733         * css/CSSSelector.h:
1734         * html/HTMLProgressElement.cpp:
1735         (WebCore::ProgressBarValueElement::ProgressBarValueElement):
1736         (WebCore::ProgressBarValueElement::shadowPseudoId):
1737         (WebCore::ProgressBarValueElement::create):
1738         (WebCore::HTMLProgressElement::parseMappedAttribute):
1739         (WebCore::HTMLProgressElement::attach):
1740         (WebCore::HTMLProgressElement::valuePart):
1741         (WebCore::HTMLProgressElement::didElementStateChange):
1742         (WebCore::HTMLProgressElement::createShadowSubtreeIfNeeded):
1743         * html/HTMLProgressElement.h:
1744         * rendering/RenderProgress.cpp:
1745         (WebCore::RenderProgress::~RenderProgress):
1746         (WebCore::RenderProgress::updateFromElement):
1747         (WebCore::RenderProgress::layoutParts):
1748         (WebCore::RenderProgress::shouldHaveParts):
1749         (WebCore::RenderProgress::valuePart):
1750         * rendering/RenderProgress.h:
1751         * rendering/style/RenderStyleConstants.h:
1752
1753 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1754
1755         Reviewed by Ariya Hidayat.
1756
1757         Enhance ShadowBlur to render inset box shadows; Part 1.
1758         https://bugs.webkit.org/show_bug.cgi?id=51567
1759         
1760         Add a new method to GraphicsContext to render a rect with a rounded hole,
1761         for use by inset box-shadow code. Knowledge that we're rendering a rounded
1762         hole will enable ShadowBlur to be used here in future.
1763
1764         * platform/graphics/GraphicsContext.cpp:
1765         (WebCore::GraphicsContext::fillRectWithRoundedHole):
1766         * platform/graphics/GraphicsContext.h:
1767         * rendering/RenderBoxModelObject.cpp:
1768         (WebCore::RenderBoxModelObject::paintBoxShadow):
1769
1770 2011-01-23  MORITA Hajime  <morrita@google.com>
1771
1772         Reviewed by Eric Seidel.
1773
1774         REGRESSION: Inset shadow with too large border radius misses rounded corner.
1775         https://bugs.webkit.org/show_bug.cgi?id=52800
1776
1777         The refactoring on r76083 broke the invariant between border
1778         IntRect and its radii because RoundedIntRect::setRect() is called
1779         after getRoundedInnerBorderWithBorderWidths(), which enforces the
1780         invariant. Th rounded-rect clipping code verifies the invariant,
1781         and discard the invalid radii, that results broken paintings.
1782         
1783         This change moved setRect() before
1784         getRoundedInnerBorderWithBorderWidths() not to modify the valid
1785         RoundedIntRect value.
1786         
1787         Test: fast/box-shadow/inset-with-extraordinary-radii-and-border.html
1788
1789         * rendering/RenderBoxModelObject.cpp:
1790         (WebCore::RenderBoxModelObject::paintBoxShadow):
1791
1792 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1793
1794         Attempt to fix Windows build by adding ShadowBlur.cpp/h to the
1795         vcproj.
1796
1797         * WebCore.vcproj/WebCore.vcproj:
1798
1799 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1800
1801         Reviewed by Dan Bernstein.
1802
1803         -webkit-box-shadow causes awful scroll/resize/redraw performance
1804         https://bugs.webkit.org/show_bug.cgi?id=22102
1805         
1806         Use ShadowBlur for CG, whe rendering shadows on rects and
1807         rounded rects outside of canvas.
1808         
1809         CG shadows with a radius of more than 8px do not render
1810         correctly. We preserve this incorrect rendering by compensating
1811         for it when rending -webkit-box-shadow. Calls that should use
1812         this deprecated radius behavior now use setLegacyShadow().
1813
1814         Test: fast/box-shadow/box-shadow-transformed.html
1815         
1816         * html/canvas/CanvasRenderingContext2D.cpp: Use setLegacyShadow()
1817         for canvas, to indicate that it should use the deprecated radius
1818         behavior.
1819         (WebCore::CanvasRenderingContext2D::setAllAttributesToDefault): Ditto.
1820         (WebCore::CanvasRenderingContext2D::setShadow): Ditto.
1821         (WebCore::CanvasRenderingContext2D::applyShadow): Ditto.
1822         
1823         * platform/graphics/GraphicsContext.cpp:
1824         (WebCore::GraphicsContext::setLegacyShadow): Set the m_state.shadowsUseLegacyRadius bit.
1825         
1826         * platform/graphics/GraphicsContext.h:
1827         (WebCore::GraphicsContextState::GraphicsContextState): Add a 
1828         shadowsUseLegacyRadius bit to the state.
1829         
1830         * platform/graphics/cg/GraphicsContextCG.cpp:
1831         (WebCore::radiusToLegacyRadius): Map from the actual radius to one
1832         that approximates CG behavior.
1833         (WebCore::hasBlurredShadow): Helper that returns true if we have a shadow
1834         with a non-zero blur radius.
1835         (WebCore::GraphicsContext::fillRect): Use ShadowBlur if not canvas.
1836         (WebCore::GraphicsContext::fillRoundedRect): Ditto.
1837         (WebCore::GraphicsContext::setPlatformShadow): Comment.
1838
1839         * rendering/RenderBoxModelObject.cpp:
1840         (WebCore::RenderBoxModelObject::paintBoxShadow): Call setLegacyShadow()
1841         for -webkit-box-shadow.
1842
1843         * platform/graphics/ShadowBlur.cpp: 
1844         (WebCore::ShadowBlur::calculateLayerBoundingRect): Fix some pixel crack issues
1845         by rounding up the blur radius.
1846         (WebCore::ShadowBlur::drawRectShadow): Ditto
1847         (WebCore::ShadowBlur::drawRectShadowWithTiling): Ditto.
1848
1849 2011-01-30  Oliver Hunt  <oliver@apple.com>
1850
1851         Try to fix Qt build (again).
1852
1853         * bridge/qt/qt_runtime.cpp:
1854         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1855         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1856
1857 2011-01-30  Oliver Hunt  <oliver@apple.com>
1858
1859         Try to fix Qt build.
1860
1861         * bridge/qt/qt_instance.cpp:
1862         (JSC::Bindings::QtInstance::QtInstance):
1863         (JSC::Bindings::QtInstance::removeCachedMethod):
1864         (JSC::Bindings::QtInstance::markAggregate):
1865         * bridge/qt/qt_instance.h:
1866
1867 2011-01-30  Oliver Hunt  <oliver@apple.com>
1868
1869         Convert markstack to a slot visitor API
1870         https://bugs.webkit.org/show_bug.cgi?id=53219
1871
1872         rolling r77006 and r77020 back in.
1873
1874         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
1875         * WebCore.exp.in:
1876         * bindings/js/DOMWrapperWorld.h:
1877         (WebCore::DOMWrapperWorld::globalData):
1878         * bindings/js/JSAudioConstructor.cpp:
1879         (WebCore::JSAudioConstructor::JSAudioConstructor):
1880         * bindings/js/JSDOMBinding.cpp:
1881         (WebCore::markDOMNodesForDocument):
1882         (WebCore::markDOMObjectWrapper):
1883         (WebCore::markDOMNodeWrapper):
1884         * bindings/js/JSDOMGlobalObject.cpp:
1885         (WebCore::JSDOMGlobalObject::markChildren):
1886         (WebCore::JSDOMGlobalObject::setInjectedScript):
1887         (WebCore::JSDOMGlobalObject::injectedScript):
1888         * bindings/js/JSDOMGlobalObject.h:
1889         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
1890         (WebCore::getDOMConstructor):
1891         * bindings/js/JSDOMWindowCustom.cpp:
1892         (WebCore::JSDOMWindow::setLocation):
1893         (WebCore::DialogHandler::dialogCreated):
1894         * bindings/js/JSDOMWindowShell.cpp:
1895         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
1896         (WebCore::JSDOMWindowShell::setWindow):
1897         (WebCore::JSDOMWindowShell::markChildren):
1898         (WebCore::JSDOMWindowShell::unwrappedObject):
1899         * bindings/js/JSDOMWindowShell.h:
1900         (WebCore::JSDOMWindowShell::window):
1901         (WebCore::JSDOMWindowShell::setWindow):
1902         * bindings/js/JSDeviceMotionEventCustom.cpp:
1903         (WebCore::createAccelerationObject):
1904         (WebCore::createRotationRateObject):
1905         * bindings/js/JSEventListener.cpp:
1906         (WebCore::JSEventListener::JSEventListener):
1907         (WebCore::JSEventListener::markJSFunction):
1908         * bindings/js/JSEventListener.h:
1909         (WebCore::JSEventListener::jsFunction):
1910         * bindings/js/JSHTMLDocumentCustom.cpp:
1911         (WebCore::JSHTMLDocument::setAll):
1912         * bindings/js/JSImageConstructor.cpp:
1913         (WebCore::JSImageConstructor::JSImageConstructor):
1914         * bindings/js/JSImageDataCustom.cpp:
1915         (WebCore::toJS):
1916         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
1917         (WebCore::JSJavaScriptCallFrame::scopeChain):
1918         (WebCore::JSJavaScriptCallFrame::scopeType):
1919         * bindings/js/JSNodeFilterCondition.cpp:
1920         (WebCore::JSNodeFilterCondition::markAggregate):
1921         (WebCore::JSNodeFilterCondition::acceptNode):
1922         * bindings/js/JSNodeFilterCondition.h:
1923         * bindings/js/JSNodeFilterCustom.cpp:
1924         * bindings/js/JSOptionConstructor.cpp:
1925         (WebCore::JSOptionConstructor::JSOptionConstructor):
1926         * bindings/js/JSSQLResultSetRowListCustom.cpp:
1927         (WebCore::JSSQLResultSetRowList::item):
1928         * bindings/js/ScriptCachedFrameData.cpp:
1929         (WebCore::ScriptCachedFrameData::restore):
1930         * bindings/js/ScriptObject.cpp:
1931         (WebCore::ScriptGlobalObject::set):
1932         * bindings/js/SerializedScriptValue.cpp:
1933         (WebCore::CloneDeserializer::putProperty):
1934         * bindings/scripts/CodeGeneratorJS.pm:
1935         * bridge/qt/qt_runtime.cpp:
1936         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
1937         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
1938         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
1939         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
1940         * bridge/qt/qt_runtime.h:
1941         * bridge/runtime_root.cpp:
1942         (JSC::Bindings::RootObject::invalidate):
1943         * bridge/runtime_root.h:
1944         * dom/Document.h:
1945
1946 2011-01-30  Simon Fraser  <simon.fraser@apple.com>
1947
1948         Reviewed by Sam Weinig.
1949
1950         Make ContextShadow code cross-platform
1951         https://bugs.webkit.org/show_bug.cgi?id=51312
1952
1953         Add a new class, ShadowBlur, that contains most of the
1954         code from ContextShadow, but is fully cross-platform.
1955         It depends on one new method, GraphicsContext::clipBounds(),
1956         which platforms will have to implement.
1957         
1958         Add ShadowBlur to the Mac Xcode project, but don't use it
1959         anywhere yet.
1960
1961         * WebCore.xcodeproj/project.pbxproj:
1962         * platform/graphics/GraphicsContext.cpp:
1963         (WebCore::GraphicsContext::clipBounds):
1964         * platform/graphics/GraphicsContext.h:
1965         * platform/graphics/ShadowBlur.cpp: Added.
1966         (WebCore::roundUpToMultipleOf32):
1967         (WebCore::ScratchBuffer::ScratchBuffer):
1968         (WebCore::ScratchBuffer::getScratchBuffer):
1969         (WebCore::ScratchBuffer::scheduleScratchBufferPurge):
1970         (WebCore::ScratchBuffer::timerFired):
1971         (WebCore::ScratchBuffer::clearScratchBuffer):
1972         (WebCore::ScratchBuffer::shared):
1973         (WebCore::ShadowBlur::ShadowBlur):
1974         (WebCore::ShadowBlur::blurLayerImage):
1975         (WebCore::ShadowBlur::adjustBlurDistance):
1976         (WebCore::ShadowBlur::calculateLayerBoundingRect):
1977         (WebCore::ShadowBlur::beginShadowLayer):
1978         (WebCore::ShadowBlur::endShadowLayer):
1979         (WebCore::ShadowBlur::drawRectShadow):
1980         (WebCore::ShadowBlur::drawRectShadowWithoutTiling):
1981         (WebCore::ShadowBlur::drawRectShadowWithTiling):
1982         (WebCore::ShadowBlur::clipBounds):
1983         * platform/graphics/ShadowBlur.h: Added.
1984         (WebCore::ShadowBlur::setShadowsIgnoreTransforms):
1985         (WebCore::ShadowBlur::shadowsIgnoreTransforms):
1986         * platform/graphics/cg/GraphicsContextCG.cpp:
1987         (WebCore::GraphicsContext::clipBounds):
1988
1989 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
1990
1991         Reviewed by Dan Bernstein.
1992
1993         CSS3 gradients with em-based stops fail to repaint when font size changes
1994         https://bugs.webkit.org/show_bug.cgi?id=51845
1995         
1996         Mark as uncacheable gradidients whose color stops depend on font size,
1997         and don't attempt to put these into CSSImageGeneratorValue's image cache.
1998         This means we return a new gradient each time, which is fairly cheap, and
1999         fixes repaint issues under changing font size.
2000
2001         Test: fast/repaint/gradients-em-stops-repaint.html
2002
2003         * css/CSSGradientValue.cpp:
2004         (WebCore::CSSGradientValue::image):
2005         (WebCore::CSSGradientValue::isCacheable):
2006         * css/CSSGradientValue.h:
2007
2008 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2009
2010         Undo try to fix the Qt build.
2011         
2012         My guess didn't work.
2013
2014         * WebCore.pro:
2015
2016 2011-01-29  Geoffrey Garen  <ggaren@apple.com>
2017
2018         Try to fix the Qt build.
2019
2020         * WebCore.pro: Added platform/text/CharacterNames.h.
2021
2022 2011-01-28  Geoffrey Garen  <ggaren@apple.com>
2023
2024         Reviewed by Maciej Stachowiak.
2025
2026         Some more Heap cleanup.
2027         https://bugs.webkit.org/show_bug.cgi?id=53357
2028         
2029         Updated for JavaScriptCore changes.
2030
2031         * bindings/js/ScriptGCEvent.cpp:
2032         (WebCore::ScriptGCEvent::getHeapSize):
2033
2034 2011-01-29  Adam Barth  <abarth@webkit.org>
2035
2036         Reviewed by Daniel Bates.
2037
2038         Fix XSSFilter crash when extracting the source for a token twice
2039         https://bugs.webkit.org/show_bug.cgi?id=53368
2040
2041         Previously, it was unsafe to extract the source for the same token
2042         twice because the HTMLSourceTracker would advance its internal
2043         representation of the SegmentedString.  This patch introduces a cache
2044         to make calling HTMLSourceTracker::sourceForToken multiple times safe.
2045
2046         * html/parser/HTMLSourceTracker.cpp:
2047         (WebCore::HTMLSourceTracker::end):
2048         (WebCore::HTMLSourceTracker::sourceForToken):
2049         * html/parser/HTMLSourceTracker.h:
2050
2051 2011-01-29  Maciej Stachowiak  <mjs@apple.com>
2052
2053         Reviewed by Dan Bernstein.
2054
2055         Fix fat build for both 32-bit and 64-bit under llvm-gcc 4.2
2056         https://bugs.webkit.org/show_bug.cgi?id=53386
2057
2058         * platform/mac/ScrollAnimatorMac.mm:
2059         (WebCore::elasticDeltaForReboundDelta):
2060         (WebCore::scrollWheelMultiplier):
2061         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
2062         (WebCore::ScrollAnimatorMac::beginScrollGesture):
2063         (WebCore::roundTowardZero):
2064         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
2065
2066 2011-01-29  Daniel Bates  <dbates@rim.com>
2067
2068         Reviewed by Maciej Stachowiak.
2069
2070         Remove reference to ${CMAKE_SOURCE_DIR}/Source in CMake files
2071         https://bugs.webkit.org/show_bug.cgi?id=53382
2072
2073         Our file system hierarchy ensures that CMAKE_SOURCE_DIR is defined to be /Source.
2074         So, ${CMAKE_SOURCE_DIR}/Source evaluates to the non-existent directory /Source/Source.
2075         Therefore, we should remove such references.
2076
2077         * CMakeLists.txt:
2078
2079 2011-01-29  Sam Weinig  <sam@webkit.org>
2080
2081         Reviewed by Jon Honeycutt.
2082
2083         Fix 32-bit build on the Mac.
2084
2085         * platform/mac/ScrollAnimatorMac.mm:
2086         (WebCore::roundTowardZero):
2087         (WebCore::roundToDevicePixelTowardZero):
2088         Use floats instead of doubles to avoid double-to-float conversion
2089         issues.
2090
2091 2011-01-29  Simon Fraser  <simon.fraser@apple.com>
2092
2093         Reviewed by Adam Barth.
2094
2095         Use clampToInteger() functions in a few places
2096         https://bugs.webkit.org/show_bug.cgi?id=53363
2097         
2098         * css/CSSStyleSelector.cpp:
2099         (WebCore::CSSStyleSelector::applyProperty): Use clampToInteger() for z-index.
2100         (WebCore::CSSStyleSelector::createTransformOperations): Use clampToPositiveInteger().
2101         * platform/graphics/transforms/PerspectiveTransformOperation.cpp: Ditto.
2102         (WebCore::PerspectiveTransformOperation::blend): Ditto.
2103
2104 2011-01-29  Patrick Gansterer  <paroga@webkit.org>
2105
2106         Reviewed by David Kilzer.
2107
2108         Move CharacterNames.h into WTF directory
2109         https://bugs.webkit.org/show_bug.cgi?id=49618
2110
2111         * ForwardingHeaders/wtf/unicode/CharacterNames.h: Added.
2112         * GNUmakefile.am:
2113         * WebCore.gypi:
2114         * WebCore.vcproj/WebCore.vcproj:
2115         * WebCore.xcodeproj/project.pbxproj:
2116         * accessibility/AccessibilityObject.cpp:
2117         * accessibility/AccessibilityRenderObject.cpp:
2118         * bindings/cpp/WebDOMHTMLDocumentCustom.cpp:
2119         * bindings/js/JSHTMLDocumentCustom.cpp:
2120         * dom/Position.cpp:
2121         * dom/SelectElement.cpp:
2122         * editing/CompositeEditCommand.cpp:
2123         * editing/Editor.cpp:
2124         * editing/HTMLInterchange.cpp:
2125         * editing/InsertTextCommand.cpp:
2126         * editing/MarkupAccumulator.cpp:
2127         * editing/TextIterator.cpp:
2128         * editing/VisibleSelection.cpp:
2129         * editing/htmlediting.cpp:
2130         * editing/htmlediting.h:
2131         * editing/markup.cpp:
2132         * html/FTPDirectoryDocument.cpp:
2133         * html/HTMLFormControlElement.cpp:
2134         * html/parser/HTMLTreeBuilder.cpp:
2135         * loader/appcache/ManifestParser.cpp:
2136         * platform/chromium/PopupMenuChromium.cpp:
2137         * platform/graphics/Font.h:
2138         * platform/graphics/FontFastPath.cpp:
2139         * platform/graphics/GlyphPageTreeNode.cpp:
2140         * platform/graphics/StringTruncator.cpp:
2141         * platform/graphics/mac/ComplexTextController.cpp:
2142         * platform/graphics/mac/ComplexTextControllerATSUI.cpp:
2143         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2144         * platform/mac/PasteboardMac.mm:
2145         * platform/text/TextCodecICU.cpp:
2146         * platform/text/mac/TextCodecMac.cpp:
2147         * platform/text/transcoder/FontTranscoder.cpp:
2148         * rendering/RenderBlockLineLayout.cpp:
2149         * rendering/RenderFlexibleBox.cpp:
2150         * rendering/RenderListMarker.cpp:
2151         * rendering/RenderText.cpp:
2152         * rendering/RenderTextControl.cpp:
2153         * rendering/RenderTreeAsText.cpp:
2154         * rendering/break_lines.cpp:
2155         * rendering/mathml/RenderMathMLOperator.h:
2156         * websockets/WebSocketHandshake.cpp:
2157         * wml/WMLTableElement.cpp:
2158
2159 2011-01-29  Dan Winship  <danw@gnome.org>
2160
2161         Reviewed by Xan Lopez.
2162
2163         [GTK] Remove HAVE_LIBSOUP_2_29_90 conditionals; we depend on
2164         libsoup 2.33.1 now.
2165         https://bugs.webkit.org/show_bug.cgi?id=50675
2166
2167         * platform/network/soup/CookieJarSoup.cpp:
2168         (WebCore::defaultCookieJar):
2169         (WebCore::setCookies):
2170         * platform/network/soup/ResourceHandleSoup.cpp:
2171         (WebCore::ResourceHandle::prepareForURL):
2172         (WebCore::restartedCallback):
2173         (WebCore::startHttp):
2174         * platform/network/soup/ResourceRequestSoup.cpp:
2175         (WebCore::ResourceRequest::updateSoupMessage):
2176         (WebCore::ResourceRequest::toSoupMessage):
2177         (WebCore::ResourceRequest::updateFromSoupMessage):
2178
2179 2011-01-29  Adam Barth  <abarth@webkit.org>
2180
2181         Reviewed by Daniel Bates.
2182
2183         XSSFilter should replace URLs with about:blank instead of the empty string
2184         https://bugs.webkit.org/show_bug.cgi?id=53370
2185
2186         Using the empty string will make the URL complete to the current
2187         document's URL, which isn't really what we want.  Instead, we want to
2188         use about:blank, which is safe.
2189
2190         * html/parser/XSSFilter.cpp:
2191         (WebCore::XSSFilter::filterObjectToken):
2192         (WebCore::XSSFilter::filterEmbedToken):
2193
2194 2011-01-29  Adam Barth  <abarth@webkit.org>
2195
2196         Reviewed by Daniel Bates.
2197
2198         XSSFilter should pass xssAuditor/script-tag-addslashes*
2199         https://bugs.webkit.org/show_bug.cgi?id=53365
2200
2201         We need to canonicalize strings to avoid being tricked by addslashes.
2202
2203         * html/parser/XSSFilter.cpp:
2204         (WebCore::HTMLNames::isNonCanonicalCharacter):
2205             - This function is copied from the XSSAuditor (with some tweaks).
2206               We'll eventually remove the XSSAuditor once we've got XSSFilter
2207               working properly.
2208         (WebCore::HTMLNames::canonicalize):
2209         (WebCore::HTMLNames::decodeURL):
2210         (WebCore::XSSFilter::isContainedInRequest):
2211
2212 2011-01-29  Adam Barth  <abarth@webkit.org>
2213
2214         Reviewed by Daniel Bates.
2215
2216         XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
2217         and xssAuditor/script-tag-post-*
2218         https://bugs.webkit.org/show_bug.cgi?id=53364
2219
2220         We're supposed to allow loading same-origin resources even if they
2221         appear as part of the request.
2222
2223         Also, we're supposed to look at the POST data too.  :)
2224
2225         * html/parser/XSSFilter.cpp:
2226         (WebCore::XSSFilter::eraseAttributeIfInjected):
2227         (WebCore::XSSFilter::isSameOriginResource):
2228             - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
2229               eventually remove the XSSAuditor version when XSSFilter is done.
2230         * html/parser/XSSFilter.h:
2231
2232 2011-01-29  Adam Barth  <abarth@webkit.org>
2233
2234         Reviewed by Daniel Bates.
2235
2236         XSSFilter should pass 16 of the xssAuditor/script-tag* tests
2237         https://bugs.webkit.org/show_bug.cgi?id=53362
2238
2239         Turns out we need to replace the src attribute of script tags with
2240         about:blank to avoid loading the main document URL as a script.  Also,
2241         move misplaced return statement that was triggering the console message
2242         too often.
2243
2244         * html/parser/HTMLToken.h:
2245         (WebCore::HTMLToken::appendToAttributeValue):
2246         * html/parser/XSSFilter.cpp:
2247         (WebCore::XSSFilter::filterScriptToken):
2248         (WebCore::XSSFilter::eraseAttributeIfInjected):
2249         * html/parser/XSSFilter.h:
2250
2251 2011-01-28  Jon Honeycutt  <jhoneycutt@apple.com>
2252
2253         Downloads in WK2 on Windows should write resume data to bundle
2254         https://bugs.webkit.org/show_bug.cgi?id=53282
2255         <rdar://problem/8753077>
2256
2257         Reviewed by Alice Liu.
2258
2259         * WebCore.vcproj/WebCore.vcproj:
2260         Added new files to project.
2261
2262         * platform/network/cf/DownloadBundle.h: Added.
2263         * platform/network/win/DownloadBundleWin.cpp: Added.
2264         (WebCore::DownloadBundle::magicNumber):
2265         Moved from WebKit's WebDownload so that WebKit and WebKit2 can share
2266         it.
2267         (WebCore::DownloadBundle::fileExtension):
2268         Ditto.
2269         (WebCore::DownloadBundle::appendResumeData):
2270         Ditto - but modified to return bool rather than HRESULT and to clean up
2271         whitespace.
2272         (WebCore::DownloadBundle::extractResumeData):
2273         Ditto - modified to clean up whitespace.
2274
2275 2011-01-29  Sheriff Bot  <webkit.review.bot@gmail.com>
2276
2277         Unreviewed, rolling out r77050.
2278         http://trac.webkit.org/changeset/77050
2279         https://bugs.webkit.org/show_bug.cgi?id=53371
2280
2281         Caused a crash in Chromium's test_shell_tests (Requested by
2282         rniwa on #webkit).
2283
2284         * html/parser/HTMLTreeBuilder.cpp:
2285         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
2286         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
2287         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
2288         * html/parser/HTMLTreeBuilder.h:
2289
2290 2011-01-28  Eric Seidel  <eric@webkit.org>
2291
2292         Reviewed by Darin Adler.
2293
2294         HTML5 TreeBuilder regressed a Peacekeeper DOM test by 40%
2295         https://bugs.webkit.org/show_bug.cgi?id=48719
2296
2297         It's unclear exactly what the Peacekeeper benchmark is testing,
2298         because I haven't found a way to run it myself.
2299
2300         However, I constructed a benchmark which shows at least one possible slow point.
2301         The HTML5 spec talks about creating a new document for every time we use
2302         the fragment parsing algorithm.  Document() it turns out, it a huge bloated
2303         mess, and the constructor and destructor do a huge amount of work.
2304         To avoid constructing (or destructing) documents for each innerHTML call,
2305         this patch adds a shared dummy document used by all innerHTML calls.
2306
2307         This patch brings us from 7x slower than Safari 5 on tiny-innerHTML
2308         to only 1.5x slower than Safari 5.  I'm sure there is more work to do here.
2309
2310         Saving a shared Document like this is error prone.  Currently
2311         DummyDocumentFactory::releaseDocument() calls removeAllChildren()
2312         in an attempt to clear the Document's state. However it's possible
2313         that that call is not sufficient and we'll have future bugs here.
2314
2315         * html/parser/HTMLTreeBuilder.cpp:
2316         (WebCore::DummyDocumentFactory::createDummyDocument):
2317         (WebCore::DummyDocumentFactory::releaseDocument):
2318         (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext):
2319         (WebCore::HTMLTreeBuilder::FragmentParsingContext::document):
2320         (WebCore::HTMLTreeBuilder::FragmentParsingContext::finished):
2321         * html/parser/HTMLTreeBuilder.h:
2322
2323 2011-01-28  Johnny Ding  <jnd@chromium.org>
2324
2325         Reviewed by Adam Barth.
2326
2327         Gesture API: Don't use current gesture status to set "forceUserGesture" parameter when calling ScriptController::executeScript.
2328         The "forceUserGesture" parameter should be only set when you are definitely sure that the running script is from a hyper-link.
2329         https://bugs.webkit.org/show_bug.cgi?id=53244
2330
2331         Test: fast/events/popup-blocked-from-iframe-src.html
2332
2333         * bindings/ScriptControllerBase.cpp:
2334         (WebCore::ScriptController::executeIfJavaScriptURL):
2335
2336 2011-01-28  Simon Fraser  <simon.fraser@apple.com>
2337
2338         Reviewed by Gavin Barraclough.
2339
2340         Add various clampToInt() methods to MathExtras.h
2341         https://bugs.webkit.org/show_bug.cgi?id=52910
2342
2343         Use clampToInteger() from MathExtras.h
2344
2345         * css/CSSParser.cpp:
2346         (WebCore::CSSParser::parseCounter):
2347
2348 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
2349
2350         Unreviewed, rolling out r77006 and r77020.
2351         http://trac.webkit.org/changeset/77006
2352         http://trac.webkit.org/changeset/77020
2353         https://bugs.webkit.org/show_bug.cgi?id=53360
2354
2355         "Broke Windows tests" (Requested by rniwa on #webkit).
2356
2357         * ForwardingHeaders/runtime/WriteBarrier.h: Removed.
2358         * WebCore.exp.in:
2359         * bindings/js/DOMWrapperWorld.h:
2360         * bindings/js/JSAudioConstructor.cpp:
2361         (WebCore::JSAudioConstructor::JSAudioConstructor):
2362         * bindings/js/JSDOMBinding.cpp:
2363         (WebCore::markDOMNodesForDocument):
2364         (WebCore::markDOMObjectWrapper):
2365         (WebCore::markDOMNodeWrapper):
2366         * bindings/js/JSDOMGlobalObject.cpp:
2367         (WebCore::JSDOMGlobalObject::markChildren):
2368         (WebCore::JSDOMGlobalObject::setInjectedScript):
2369         (WebCore::JSDOMGlobalObject::injectedScript):
2370         * bindings/js/JSDOMGlobalObject.h:
2371         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2372         (WebCore::getDOMConstructor):
2373         * bindings/js/JSDOMWindowCustom.cpp:
2374         (WebCore::JSDOMWindow::setLocation):
2375         (WebCore::DialogHandler::dialogCreated):
2376         * bindings/js/JSDOMWindowShell.cpp:
2377         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2378         (WebCore::JSDOMWindowShell::setWindow):
2379         (WebCore::JSDOMWindowShell::markChildren):
2380         (WebCore::JSDOMWindowShell::unwrappedObject):
2381         * bindings/js/JSDOMWindowShell.h:
2382         (WebCore::JSDOMWindowShell::window):
2383         (WebCore::JSDOMWindowShell::setWindow):
2384         * bindings/js/JSDeviceMotionEventCustom.cpp:
2385         (WebCore::createAccelerationObject):
2386         (WebCore::createRotationRateObject):
2387         * bindings/js/JSEventListener.cpp:
2388         (WebCore::JSEventListener::JSEventListener):
2389         (WebCore::JSEventListener::markJSFunction):
2390         * bindings/js/JSEventListener.h:
2391         (WebCore::JSEventListener::jsFunction):
2392         * bindings/js/JSHTMLDocumentCustom.cpp:
2393         (WebCore::JSHTMLDocument::setAll):
2394         * bindings/js/JSImageConstructor.cpp:
2395         (WebCore::JSImageConstructor::JSImageConstructor):
2396         * bindings/js/JSImageDataCustom.cpp:
2397         (WebCore::toJS):
2398         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2399         (WebCore::JSJavaScriptCallFrame::scopeChain):
2400         (WebCore::JSJavaScriptCallFrame::scopeType):
2401         * bindings/js/JSNodeFilterCondition.cpp:
2402         (WebCore::JSNodeFilterCondition::markAggregate):
2403         (WebCore::JSNodeFilterCondition::acceptNode):
2404         * bindings/js/JSNodeFilterCondition.h:
2405         * bindings/js/JSNodeFilterCustom.cpp:
2406         * bindings/js/JSOptionConstructor.cpp:
2407         (WebCore::JSOptionConstructor::JSOptionConstructor):
2408         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2409         (WebCore::JSSQLResultSetRowList::item):
2410         * bindings/js/ScriptCachedFrameData.cpp:
2411         (WebCore::ScriptCachedFrameData::restore):
2412         * bindings/js/ScriptObject.cpp:
2413         (WebCore::ScriptGlobalObject::set):
2414         * bindings/js/SerializedScriptValue.cpp:
2415         (WebCore::CloneDeserializer::putProperty):
2416         * bindings/scripts/CodeGeneratorJS.pm:
2417         * bridge/qt/qt_runtime.cpp:
2418         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2419         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2420         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2421         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2422         * bridge/qt/qt_runtime.h:
2423         * bridge/runtime_root.cpp:
2424         (JSC::Bindings::RootObject::invalidate):
2425         * bridge/runtime_root.h:
2426         * dom/Document.h:
2427
2428 2011-01-28  Adam Barth  <abarth@webkit.org>
2429
2430         Reviewed by Eric Seidel.
2431
2432         XSSFilter should log to the console when it blocks something
2433         https://bugs.webkit.org/show_bug.cgi?id=53354
2434
2435         This patch refactors a bunch of methods in XSSFilter to return a bool
2436         indicating whether they blocked anything.  Using this bool, we decide
2437         whether to log to the console.  We're using the same log message as the
2438         XSSAuditor, but it seems likely we can improve this message in the
2439         future (especially by piping in the correct line number, which is now
2440         accessible via the parser).
2441
2442         * html/parser/XSSFilter.cpp:
2443         (WebCore::HTMLNames::isNameOfInlineEventHandler):
2444         (WebCore::XSSFilter::filterToken):
2445         (WebCore::XSSFilter::filterTokenInitial):
2446         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
2447         (WebCore::XSSFilter::filterScriptToken):
2448         (WebCore::XSSFilter::filterObjectToken):
2449         (WebCore::XSSFilter::filterEmbedToken):
2450         (WebCore::XSSFilter::filterAppletToken):
2451         (WebCore::XSSFilter::filterMetaToken):
2452         (WebCore::XSSFilter::filterBaseToken):
2453         (WebCore::XSSFilter::eraseInlineEventHandlersIfInjected):
2454         * html/parser/XSSFilter.h:
2455
2456 2011-01-28  Adam Barth  <abarth@webkit.org>
2457
2458         Reviewed by Daniel Bates.
2459
2460         Wire up settings->xssAuditorEnabled to XSSFilter
2461         https://bugs.webkit.org/show_bug.cgi?id=53345
2462
2463         * html/parser/XSSFilter.cpp:
2464         (WebCore::XSSFilter::XSSFilter):
2465         (WebCore::XSSFilter::filterToken):
2466         * html/parser/XSSFilter.h:
2467
2468 2011-01-28  Adam Barth  <abarth@webkit.org>
2469
2470         Reviewed by Daniel Bates.
2471
2472         Teach XSSFilter about <meta> and <base> tags
2473         https://bugs.webkit.org/show_bug.cgi?id=53339
2474
2475         I'm not 100% sure we need to block <meta http-equiv>, but it seems
2476         prudent given how powerful that attribute is.  We definitely need to
2477         block injection of <base href> because that can redirect script tags
2478         that use relative URLs.
2479
2480         * html/parser/XSSFilter.cpp:
2481         (WebCore::XSSFilter::filterToken):
2482         (WebCore::XSSFilter::filterMetaToken):
2483         (WebCore::XSSFilter::filterBaseToken):
2484         * html/parser/XSSFilter.h:
2485
2486 2011-01-28  Adam Barth  <abarth@webkit.org>
2487
2488         Reviewed by Daniel Bates.
2489
2490         Teach XSSFilter about <applet>
2491         https://bugs.webkit.org/show_bug.cgi?id=53338
2492
2493         HTML5 is pretty light on information about how the <applet> tag works.
2494         According to this site:
2495
2496         http://download.oracle.com/javase/1.4.2/docs/guide/misc/applet.html
2497
2498         The "code" and "object" attributes are the essential attributes for
2499         determining which piece of Java to run.  We might need to expand to the
2500         codebase and archive attributes at some point, but hopefully code and
2501         object will be sufficient.
2502
2503         * html/parser/XSSFilter.cpp:
2504         (WebCore::XSSFilter::filterToken):
2505         (WebCore::XSSFilter::filterAppletToken):
2506         * html/parser/XSSFilter.h:
2507
2508 2011-01-28  Adam Barth  <abarth@webkit.org>
2509
2510         Reviewed by Daniel Bates.
2511
2512         Teach the XSSFilter about object and embed tags
2513         https://bugs.webkit.org/show_bug.cgi?id=53336
2514
2515         For <object> and <embed>, we filter out attribute values that either
2516         indicate which piece of media to load or which plugin to load.  In a
2517         perfect world, we'd only need to filter out the URLs of the media, but
2518         some plug-ins (like Flash) have lots of fun places you can hide the
2519         URL (e.g., the "movie" <param>).
2520
2521         * html/parser/XSSFilter.cpp:
2522         (WebCore::XSSFilter::filterToken):
2523         (WebCore::XSSFilter::filterScriptToken):
2524         (WebCore::XSSFilter::filterObjectToken):
2525         (WebCore::XSSFilter::filterEmbedToken):
2526         (WebCore::XSSFilter::eraseAttributeIfInjected):
2527         * html/parser/XSSFilter.h:
2528
2529 2011-01-28  Oliver Hunt  <oliver@apple.com>
2530
2531         Fix Qt build.
2532
2533         * bridge/qt/qt_runtime.cpp:
2534         (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
2535         (JSC::Bindings::QtRuntimeMetaMethod::markChildren):
2536         (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
2537         (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
2538         * bridge/qt/qt_runtime.h:
2539
2540 2011-01-28  Antti Koivisto  <antti@apple.com>
2541
2542         Reviewed by Simon Fraser.
2543
2544         CSS styles are shared based on uninitialized property values
2545         https://bugs.webkit.org/show_bug.cgi?id=53285
2546         
2547         Null test.
2548
2549         * dom/NamedNodeMap.cpp:
2550         (WebCore::NamedNodeMap::mappedMapsEquivalent):
2551
2552 2011-01-27  Oliver Hunt  <oliver@apple.com>
2553
2554         Reviewed by Geoffrey Garen.
2555
2556         Convert markstack to a slot visitor API
2557         https://bugs.webkit.org/show_bug.cgi?id=53219
2558
2559         Update WebCore to the new marking apis, correct bindings
2560         codegen. 
2561
2562         * ForwardingHeaders/runtime/WriteBarrier.h: Added.
2563         * WebCore.exp.in:
2564         * bindings/js/DOMWrapperWorld.h:
2565         (WebCore::DOMWrapperWorld::globalData):
2566         * bindings/js/JSAudioConstructor.cpp:
2567         (WebCore::JSAudioConstructor::JSAudioConstructor):
2568         * bindings/js/JSDOMBinding.cpp:
2569         (WebCore::markDOMNodesForDocument):
2570         (WebCore::markDOMObjectWrapper):
2571         (WebCore::markDOMNodeWrapper):
2572         * bindings/js/JSDOMGlobalObject.cpp:
2573         (WebCore::JSDOMGlobalObject::markChildren):
2574         (WebCore::JSDOMGlobalObject::setInjectedScript):
2575         (WebCore::JSDOMGlobalObject::injectedScript):
2576         * bindings/js/JSDOMGlobalObject.h:
2577         (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
2578         (WebCore::getDOMConstructor):
2579         * bindings/js/JSDOMWindowCustom.cpp:
2580         (WebCore::JSDOMWindow::setLocation):
2581         (WebCore::DialogHandler::dialogCreated):
2582         * bindings/js/JSDOMWindowShell.cpp:
2583         (WebCore::JSDOMWindowShell::JSDOMWindowShell):
2584         (WebCore::JSDOMWindowShell::setWindow):
2585         (WebCore::JSDOMWindowShell::markChildren):
2586         (WebCore::JSDOMWindowShell::unwrappedObject):
2587         * bindings/js/JSDOMWindowShell.h:
2588         (WebCore::JSDOMWindowShell::window):
2589         (WebCore::JSDOMWindowShell::setWindow):
2590         * bindings/js/JSEventListener.cpp:
2591         (WebCore::JSEventListener::JSEventListener):
2592         (WebCore::JSEventListener::markJSFunction):
2593         * bindings/js/JSEventListener.h:
2594         (WebCore::JSEventListener::jsFunction):
2595         * bindings/js/JSHTMLDocumentCustom.cpp:
2596         (WebCore::JSHTMLDocument::setAll):
2597         * bindings/js/JSImageConstructor.cpp:
2598         (WebCore::JSImageConstructor::JSImageConstructor):
2599         * bindings/js/JSImageDataCustom.cpp:
2600         (WebCore::toJS):
2601         * bindings/js/JSJavaScriptCallFrameCustom.cpp:
2602         (WebCore::JSJavaScriptCallFrame::scopeChain):
2603         (WebCore::JSJavaScriptCallFrame::scopeType):
2604         * bindings/js/JSNodeFilterCondition.cpp:
2605         (WebCore::JSNodeFilterCondition::markAggregate):
2606         (WebCore::JSNodeFilterCondition::acceptNode):
2607         * bindings/js/JSNodeFilterCondition.h:
2608         * bindings/js/JSNodeFilterCustom.cpp:
2609         * bindings/js/JSOptionConstructor.cpp:
2610         (WebCore::JSOptionConstructor::JSOptionConstructor):
2611         * bindings/js/JSSQLResultSetRowListCustom.cpp:
2612         (WebCore::JSSQLResultSetRowList::item):
2613         * bindings/js/ScriptCachedFrameData.cpp:
2614         (WebCore::ScriptCachedFrameData::restore):
2615         * bindings/js/ScriptObject.cpp:
2616         (WebCore::ScriptGlobalObject::set):
2617         * bindings/js/SerializedScriptValue.cpp:
2618         (WebCore::CloneDeserializer::putProperty):
2619         * bindings/scripts/CodeGeneratorJS.pm:
2620         * dom/Document.h:
2621
2622 2011-01-28  Sam Weinig  <sam@webkit.org>
2623
2624         Reviewed by Anders Carlsson.
2625
2626         Keyboard scrolling doesn’t work in WebKit2
2627         <rdar://problem/8909672>
2628
2629         * platform/mac/ScrollAnimatorMac.mm:
2630         (-[ScrollAnimationHelperDelegate convertSizeToBacking:]):
2631         (-[ScrollAnimationHelperDelegate convertSizeFromBacking:]):
2632         Add additional necessary delegate methods.
2633
2634 2011-01-29  Darin Adler  <darin@apple.com>
2635
2636         Reviewed by Dan Bernstein.
2637
2638         Re-land this patch with the missing null check that caused crashes in layout tests.
2639
2640         Changing cursor style has no effect until the mouse moves
2641         https://bugs.webkit.org/show_bug.cgi?id=14344
2642         rdar://problem/7563712
2643
2644         No tests added because we don't have infrastructure for testing actual cursor
2645         changes (as opposed to cursor style computation) at this time. We might add it later.
2646
2647         * page/EventHandler.cpp:
2648         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
2649         * page/EventHandler.h: Ditto.
2650
2651         * rendering/RenderObject.cpp:
2652         (WebCore::areNonIdenticalCursorListsEqual): Added.
2653         (WebCore::areCursorsEqual): Added.
2654         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
2655         cursor styles changed.
2656
2657 2011-01-28  Justin Schuh  <jschuh@chromium.org>
2658
2659         Reviewed by Eric Seidel.
2660
2661         We should hold RefPtrs to SVG font faces
2662         https://bugs.webkit.org/show_bug.cgi?id=53270
2663
2664         Test: svg/custom/use-multiple-on-nested-disallowed-font.html
2665
2666         * css/CSSFontFaceSource.cpp:
2667         (WebCore::CSSFontFaceSource::getFontData):
2668         * css/CSSFontFaceSource.h:
2669         * svg/SVGFontFaceElement.cpp:
2670         (WebCore::SVGFontFaceElement::associatedFontElement):
2671         * svg/SVGFontFaceElement.h:
2672
2673 2011-01-28  Zhenyao Mo  <zmo@google.com>
2674
2675         Reviewed by Kenneth Russell.
2676
2677         uniformN*v should generate INVALID_VALUE of the array size is not a multiple of N
2678         https://bugs.webkit.org/show_bug.cgi?id=53306
2679
2680         * html/canvas/WebGLRenderingContext.cpp:
2681         (WebCore::WebGLRenderingContext::validateUniformMatrixParameters):
2682
2683 2011-01-28  Tom Sepez  <tsepez@chromium.org>
2684
2685         Reviewed by Eric Seidel.
2686
2687         NULL pointer crash in TextIterator::handleTextBox()
2688         https://bugs.webkit.org/show_bug.cgi?id=53267
2689
2690         Test: fast/css/rtl-nth-child-first-letter-crash.html
2691
2692         * editing/TextIterator.cpp:
2693         (WebCore::TextIterator::handleTextBox):
2694
2695 2011-01-28  Adrienne Walker  <enne@google.com>
2696
2697         Reviewed by Kenneth Russell.
2698
2699         [chromium] Remove a spurious diagnostic CRASH check.
2700         https://bugs.webkit.org/show_bug.cgi?id=52379
2701
2702         * platform/graphics/chromium/LayerTilerChromium.cpp:
2703         (WebCore::LayerTilerChromium::invalidateRect):
2704
2705 2011-01-28  Dan Bernstein  <mitz@apple.com>
2706
2707         Reviewed by Sam Weinig.
2708
2709         <rdar://problem/4761512> <select> can't display right-to-left (rtl) languages
2710         https://bugs.webkit.org/show_bug.cgi?id=19785
2711
2712         Changed <select> pop-up menus on Mac OS X Snow Leopard and later to have their items aligned in the
2713         direction corresponding to the writing direction of the <select> element, with the checkmarks
2714         on the "start" side, and use the <option>'s writing direction rather than "natural". Made the
2715         pop-up button match the menu by adding a Chrome boolean function, selectItemAlignmentFollowsMenuWritingDirection(),
2716         which returns true for this pop-up behavior.
2717
2718         * loader/EmptyClients.h:
2719         (WebCore::EmptyChromeClient::selectItemAlignmentFollowsMenuWritingDirection): Added.
2720         * manual-tests/pop-up-alignment-and-direction.html: Added.
2721         * page/Chrome.cpp:
2722         (WebCore::Chrome::selectItemAlignmentFollowsMenuWritingDirection): Added. Calls through to the
2723         client.
2724         * page/Chrome.h:
2725         * page/ChromeClient.h:
2726         * platform/PopupMenuStyle.h:
2727         (WebCore::PopupMenuStyle::PopupMenuStyle): Added hasTextDirectionOverride parameter and member
2728         variable initialization.
2729         (WebCore::PopupMenuStyle::hasTextDirectionOverride): Added this accessor.
2730         * platform/mac/PopupMenuMac.mm:
2731         (WebCore::PopupMenuMac::populate): Set the pop-up's layout direction and items' text alignment
2732         to match the menu's writing direction. Set items' writing direction and direction override
2733         according to their styles.
2734         * rendering/RenderMenuList.cpp:
2735         (WebCore::RenderMenuList::RenderMenuList): Removed unncesaary initialization of a smart pointer.
2736         (WebCore::RenderMenuList::adjustInnerStyle): If the alignment of items in the menu follows the
2737         menu's writing direction, use that alignment for the button as well. Also in this mode, use the
2738         item's writing direction and override setting.
2739         (WebCore::RenderMenuList::setTextFromOption): Store the option element's style.
2740         (WebCore::RenderMenuList::itemStyle): Pass the text direction override value.
2741         (WebCore::RenderMenuList::menuStyle): Ditto. Also use the button's direction, not the inner text's.
2742         * rendering/RenderMenuList.h:
2743         * rendering/RenderTextControlSingleLine.cpp:
2744         (WebCore::RenderTextControlSingleLine::menuStyle): Pass the text direction override value.
2745
2746 2011-01-28  Adam Barth  <abarth@webkit.org>
2747
2748         Reviewed by Daniel Bates.
2749
2750         Teach XSSFilter how to filter <script> elements
2751         https://bugs.webkit.org/show_bug.cgi?id=53279
2752
2753         This patch adds the ability for the XSSFilter to block injected
2754         <script> elements.  Handling script elements is slightly subtle because
2755         these elements act very differently depending on whether they have a
2756         src attribute.
2757         
2758         In the "src case", which check whether the src attribute was present in
2759         the request.  In the "non-src case", we check whether the start tag and
2760         the body of the script element was included in the request.  Checking
2761         for the whole start tag means we miss out on some attribute splitting
2762         attacks inside of script tags, but that doesn't seem like that big a
2763         deal.
2764
2765         This patch also introduces some amount of state into the XSSFilter
2766         because inline script elements span multiple tokens.  There's a lot of
2767         tuning and optimization left in these cases, some of which I've noted
2768         with FIXMEs.
2769
2770         To test this patch, I played around with some of the existing
2771         XSSAuditor tests.  Hopefully I'll be able to run the test suite more
2772         systematically in the future.
2773
2774         * html/parser/HTMLToken.h:
2775         (WebCore::HTMLToken::eraseCharacters):
2776         (WebCore::HTMLToken::eraseValueOfAttribute):
2777         * html/parser/XSSFilter.cpp:
2778         (WebCore::HTMLNames::hasName):
2779         (WebCore::HTMLNames::findAttributeWithName):
2780         (WebCore::HTMLNames::isNameOfScriptCarryingAttribute):
2781         (WebCore::XSSFilter::XSSFilter):
2782         (WebCore::XSSFilter::filterToken):
2783         (WebCore::XSSFilter::filterTokenAfterScriptStartTag):
2784         (WebCore::XSSFilter::filterScriptToken):
2785         (WebCore::XSSFilter::snippetForRange):
2786         (WebCore::XSSFilter::snippetForAttribute):
2787         * html/parser/XSSFilter.h:
2788
2789 2011-01-28  Adam Barth  <abarth@webkit.org>
2790
2791         Reviewed by Daniel Bates.
2792
2793         Sketch out new XSS filter design (disabled by default)
2794         https://bugs.webkit.org/show_bug.cgi?id=53205
2795
2796         This patch adds a basic sketch of the new XSS filter design.  Rather
2797         than watching scripts as they execute, in this design, we watch tokens
2798         emitted by the tokenizer.  We then map the tokens directly back into
2799         input characters, which lets us skip all the complicated logic related
2800         to HTML entities and double-decoding of JavaScript URLs.
2801
2802         This patch contains only the bare essentially machinery.  I'll add more
2803         in future patches and eventually remove the previous code once this
2804         code is up and running correctly.
2805
2806         * Android.mk:
2807         * CMakeLists.txt:
2808         * GNUmakefile.am:
2809         * WebCore.gypi:
2810         * WebCore.pro:
2811         * WebCore.vcproj/WebCore.vcproj:
2812         * WebCore.xcodeproj/project.pbxproj:
2813         * html/parser/HTMLDocumentParser.cpp:
2814         (WebCore::HTMLDocumentParser::HTMLDocumentParser):
2815         (WebCore::HTMLDocumentParser::pumpTokenizer):
2816         (WebCore::HTMLDocumentParser::sourceForToken):
2817         * html/parser/HTMLDocumentParser.h:
2818         * html/parser/XSSFilter.cpp: Added.
2819         * html/parser/XSSFilter.h: Added.
2820
2821 2011-01-28  Michael Saboff  <msaboff@apple.com>
2822
2823         Reviewed by Geoffrey Garen.
2824
2825         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
2826         https://bugs.webkit.org/show_bug.cgi?id=53271
2827
2828         Reapplying this patch with the change that the second ASSERT in 
2829         RootObject::removeRuntimeObject was changed to use
2830         .uncheckedGet() instead of the failing .get().  The object in question
2831         could be in the process of being GC'ed.  The get() call will not return
2832         such an object while the uncheckedGet() call will return the (unsafe) 
2833         object.  This is the behavior we want.
2834
2835         Precautionary change.
2836         Changed RootObject to use WeakGCMap instead of HashSet.
2837         Found will looking for another issue, but can't produce a test case
2838         that is problematic.  THerefore there aren't any new tests.
2839
2840         * bridge/runtime_root.cpp:
2841         (JSC::Bindings::RootObject::invalidate):
2842         (JSC::Bindings::RootObject::addRuntimeObject):
2843         (JSC::Bindings::RootObject::removeRuntimeObject):
2844         * bridge/runtime_root.h:
2845
2846 2011-01-28  Adam Roben  <aroben@apple.com>
2847
2848         Notify CACFLayerTreeHost when the context is flushed
2849
2850         LegacyCACFLayerTreeHost was keeping this a secret, which meant that WebCore's animation
2851         timers were never starting.
2852
2853         Fixes <http://webkit.org/b/53302> [Windows 7 Release Tests] changesets 76853, 76856, and
2854         76858 broke ~36 animations, compositing, and transitions tests
2855
2856         Reviewed by Sam Weinig.
2857
2858         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
2859         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): Call up to the base class after we
2860         start our render timer.
2861
2862 2011-01-28  Antti Koivisto  <antti@apple.com>
2863
2864         Reviewed by Dan Bernstein.
2865
2866         Remove dead code that tried to map from CSS values to parser values
2867         https://bugs.webkit.org/show_bug.cgi?id=53318
2868
2869         * css/CSSFunctionValue.cpp:
2870         * css/CSSFunctionValue.h:
2871         * css/CSSPrimitiveValue.cpp:
2872         * css/CSSPrimitiveValue.h:
2873         * css/CSSValue.h:
2874         * css/CSSValueList.cpp:
2875         * css/CSSValueList.h:
2876
2877 2011-01-28  Enrica Casucci  <enrica@apple.com>
2878
2879         Reviewed by Adam Roben.
2880
2881         Some drag and drop tests fail since r76824
2882         https://bugs.webkit.org/show_bug.cgi?id=53304
2883
2884         There were '||' instead of '&&' in the checks for valid
2885         clipboard content.
2886         
2887         * platform/win/ClipboardWin.cpp:
2888         (WebCore::ClipboardWin::getData):
2889         (WebCore::ClipboardWin::types):
2890         (WebCore::ClipboardWin::files):
2891
2892 2011-01-28  Martin Robinson  <mrobinson@igalia.com>
2893
2894         [GTK] AudioProcessingEvent.h and JSJavaScriptAudioNode.h: No such file or directory
2895         https://bugs.webkit.org/show_bug.cgi?id=52889
2896
2897         Build fix for WebAudio. Include WebAudio source files on the source
2898         list when WebAudio is enabled.
2899
2900         * GNUmakefile.am: Include missing source files.
2901
2902 2011-01-28  Sam Weinig  <sam@webkit.org>
2903
2904         Reviewed by Maciej Stachowiak.
2905
2906         Add basic rubber banding support
2907         <rdar://problem/8219429>
2908         https://bugs.webkit.org/show_bug.cgi?id=53277
2909
2910         * page/EventHandler.cpp:
2911         (WebCore::EventHandler::handleGestureEvent):
2912         Pass gesture events to the FrameView.
2913
2914         * platform/ScrollAnimator.cpp:
2915         (WebCore::ScrollAnimator::handleGestureEvent):
2916         * platform/ScrollAnimator.h:
2917         Add stubbed out implementation.
2918
2919         * platform/ScrollView.cpp:
2920         (WebCore::ScrollView::ScrollView):
2921         (WebCore::ScrollView::overhangAmount):
2922         (WebCore::ScrollView::wheelEvent):
2923         * platform/ScrollView.h:
2924         * platform/ScrollableArea.cpp:
2925         (WebCore::ScrollableArea::ScrollableArea):
2926         (WebCore::ScrollableArea::handleGestureEvent):
2927         * platform/ScrollableArea.h:
2928         (WebCore::ScrollableArea::constrainsScrollingToContentEdge):
2929         (WebCore::ScrollableArea::setConstrainsScrollingToContentEdge):
2930         Move constrains scrolling bit to ScrollableArea from ScrollView.
2931
2932         (WebCore::ScrollableArea::contentsSize):
2933         (WebCore::ScrollableArea::overhangAmount):
2934         Add additional virtual functions for information needed by the animator.
2935
2936         * platform/mac/ScrollAnimatorMac.h:
2937         * platform/mac/ScrollAnimatorMac.mm:
2938         (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
2939         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaX):
2940         (WebCore::ScrollAnimatorMac::immediateScrollByDeltaY):
2941         (WebCore::elasticDeltaForTimeDelta):
2942         (WebCore::elasticDeltaForReboundDelta):
2943         (WebCore::reboundDeltaForElasticDelta):
2944         (WebCore::scrollWheelMultiplier):
2945         (WebCore::ScrollAnimatorMac::handleWheelEvent):
2946         (WebCore::ScrollAnimatorMac::handleGestureEvent):
2947         (WebCore::ScrollAnimatorMac::pinnedInDirection):
2948         (WebCore::ScrollAnimatorMac::allowsVerticalStretching):
2949         (WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
2950         (WebCore::ScrollAnimatorMac::smoothScrollWithEvent):
2951         (WebCore::ScrollAnimatorMac::beginScrollGesture):
2952         (WebCore::ScrollAnimatorMac::endScrollGesture):
2953         (WebCore::ScrollAnimatorMac::snapRubberBand):
2954         (WebCore::roundTowardZero):
2955         (WebCore::roundToDevicePixelTowardZero):
2956         (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
2957         Implement basic rubber banding.
2958
2959 2011-01-28  Dan Bernstein  <mitz@apple.com>
2960
2961         Reviewed by Anders Carlsson.
2962
2963         Changing unicode-bidi doesn’t force layout
2964         https://bugs.webkit.org/show_bug.cgi?id=53311
2965
2966         Test: fast/dynamic/unicode-bidi.html
2967
2968         * rendering/style/RenderStyle.cpp:
2969         (WebCore::RenderStyle::diff): Return a layout difference if unicode-bidi values differ.
2970
2971 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
2972
2973         Reviewed by Kent Tamura.
2974
2975         Change HTMLInputElement-derived parts of media element shadow DOM to use shadowPseudoId.
2976         https://bugs.webkit.org/show_bug.cgi?id=53122
2977
2978         This is the first step in converting HTMLMediaElement to the new shadow DOM.
2979
2980         Should not regress any existing tests. No observable change in behavior.
2981
2982         * css/CSSSelector.cpp:
2983         (WebCore::CSSSelector::pseudoId): Removed now-unnecessary hard-coded pseudo-element selectors.
2984         (WebCore::nameToPseudoTypeMap): Ditto.
2985         (WebCore::CSSSelector::extractPseudoType): Ditto.
2986         * css/CSSSelector.h: Ditto.
2987         * css/mediaControls.css: Added proper initial values, now that elements use the proper selector pipeline.
2988         * rendering/MediaControlElements.cpp:
2989         (WebCore::MediaControlInputElement::MediaControlInputElement): Removed the switch statement,
2990             which is now replaced with virtual shadowPseudoId on each corresponding class.
2991         (WebCore::MediaControlInputElement::styleForElement): Changed to use element pipeline.
2992         (WebCore::MediaControlMuteButtonElement::MediaControlMuteButtonElement): Changed to set
2993             display type in constructor.
2994         (WebCore::MediaControlMuteButtonElement::create): Changed to not take PseudoId as
2995             constructor argument.
2996         (WebCore::MediaControlMuteButtonElement::shadowPseudoId): Added.
2997         (WebCore::MediaControlVolumeSliderMuteButtonElement::MediaControlVolumeSliderMuteButtonElement): Added
2998             to disambiguate from the MediaControlMuteButtonElement.
2999         (WebCore::MediaControlVolumeSliderMuteButtonElement::create): Added.
3000         (WebCore::MediaControlVolumeSliderMuteButtonElement::shadowPseudoId): Added.
3001         (WebCore::MediaControlPlayButtonElement::MediaControlPlayButtonElement): Changed to not take PseudoId as
3002             constructor argument.
3003         (WebCore::MediaControlPlayButtonElement::shadowPseudoId): Added.
3004         (WebCore::MediaControlSeekButtonElement::MediaControlSeekButtonElement): Changed to not take PseudoId as
3005             constructor argument.
3006         (WebCore::MediaControlSeekForwardButtonElement::MediaControlSeekForwardButtonElement): Added.
3007         (WebCore::MediaControlSeekForwardButtonElement::create): Added.
3008         (WebCore::MediaControlSeekForwardButtonElement::shadowPseudoId): Added.
3009         (WebCore::MediaControlSeekBackButtonElement::MediaControlSeekBackButtonElement): Added.
3010         (WebCore::MediaControlSeekBackButtonElement::create): Added.
3011         (WebCore::MediaControlSeekBackButtonElement::shadowPseudoId): Added.
3012         (WebCore::MediaControlRewindButtonElement::MediaControlRewindButtonElement): Added.
3013         (WebCore::MediaControlRewindButtonElement::shadowPseudoId): Added.
3014         (WebCore::MediaControlReturnToRealtimeButtonElement::MediaControlReturnToRealtimeButtonElement): Changed to not take PseudoId as
3015             constructor argument.
3016         (WebCore::MediaControlReturnToRealtimeButtonElement::shadowPseudoId): Added.
3017         (WebCore::MediaControlToggleClosedCaptionsButtonElement::MediaControlToggleClosedCaptionsButtonElement): Changed to not take PseudoId as
3018             constructor argument.
3019         (WebCore::MediaControlToggleClosedCaptionsButtonElement::shadowPseudoId): Added.
3020         (WebCore::MediaControlTimelineElement::MediaControlTimelineElement): Changed to not take PseudoId as
3021             constructor argument.
3022         (WebCore::MediaControlTimelineElement::shadowPseudoId): Added.
3023         (WebCore::MediaControlVolumeSliderElement::MediaControlVolumeSliderElement): Changed to not take PseudoId as
3024             constructor argument.
3025         (WebCore::MediaControlVolumeSliderElement::shadowPseudoId): Added.
3026         (WebCore::MediaControlFullscreenButtonElement::MediaControlFullscreenButtonElement): Changed to not take PseudoId as
3027             constructor argument.
3028         (WebCore::MediaControlFullscreenButtonElement::shadowPseudoId): Added.
3029         * rendering/MediaControlElements.h:
3030         (WebCore::MediaControlSeekForwardButtonElement::isForwardButton): Added.
3031         (WebCore::MediaControlSeekBackButtonElement::isForwardButton): Added.
3032         * rendering/RenderMedia.cpp:
3033         (WebCore::RenderMedia::createMuteButton): Changed to use new constructor.
3034         (WebCore::RenderMedia::createSeekBackButton): Ditto.
3035         (WebCore::RenderMedia::createSeekForwardButton): Ditto.
3036         (WebCore::RenderMedia::createVolumeSliderMuteButton): Ditto.
3037         * rendering/style/RenderStyleConstants.h: Removed constants that are no longer used.
3038
3039 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
3040
3041         Reviewed by Eric Carlson.
3042
3043         Split MediaControls out of RenderMedia.
3044         https://bugs.webkit.org/show_bug.cgi?id=53252
3045
3046         Near-mechanical moving of stuff, no change in behavior, thus no new tests.
3047
3048         * Android.mk: Added MediaControls to build system.
3049         * CMakeLists.txt: Ditto.
3050         * GNUmakefile.am: Ditto.
3051         * WebCore.gypi: Ditto.
3052         * WebCore.pro: Ditto.
3053         * WebCore.vcproj/WebCore.vcproj: Ditto.
3054         * WebCore.xcodeproj/project.pbxproj: Ditto.
3055         * html/HTMLMediaElement.cpp:
3056         (WebCore::HTMLMediaElement::defaultEventHandler): Changed to forward events to MediaControls.
3057         * html/shadow/MediaControls.cpp: Copied all controls-related methods from
3058             Source/WebCore/rendering/RenderMedia.cpp, pulled them into their own class called MediaControls. 
3059         * html/shadow/MediaControls.h: Ditto from Source/WebCore/rendering/RenderMedia.h.
3060         * rendering/MediaControlElements.cpp:
3061         (WebCore::MediaControlTimelineElement::defaultEventHandler): Changed to use MediaControls.
3062         * rendering/RenderMedia.cpp:
3063         (WebCore::RenderMedia::RenderMedia): Moved relevant constructor initializers out to MediaControls.
3064         (WebCore::RenderMedia::destroy): Changed to use MediaControls.
3065         (WebCore::RenderMedia::styleDidChange): Ditto.
3066         (WebCore::RenderMedia::layout): Ditto.
3067         (WebCore::RenderMedia::updateFromElement): Ditto.
3068         * rendering/RenderMedia.h: Updated defs accordingly and removed player() accessor, which
3069             is only used by sub-class RenderVideo.
3070         (WebCore::RenderMedia::controls): Added.
3071         * rendering/RenderVideo.cpp:
3072         (WebCore::RenderVideo::~RenderVideo): Changed to access MediaPlayer* directly from mediaElement().
3073         (WebCore::RenderVideo::calculateIntrinsicSize): Ditto.
3074         (WebCore::RenderVideo::paintReplaced): Ditto.
3075         (WebCore::RenderVideo::updatePlayer): Ditto.
3076         (WebCore::RenderVideo::supportsAcceleratedRendering): Ditto.
3077         (WebCore::RenderVideo::acceleratedRenderingStateChanged): Ditto.
3078
3079 2011-01-28  Pavel Feldman  <pfeldman@chromium.org>
3080
3081         Reviewed by Yury Semikhatsky.
3082
3083         Web Inspector: allow remote debugging with front-end
3084         served from the cloud.
3085         https://bugs.webkit.org/show_bug.cgi?id=53303
3086
3087         * inspector/front-end/inspector.js:
3088
3089 2011-01-28  Aparna Nandyal  <aparna.nand@wipro.com>
3090
3091         Reviewed by Andreas Kling.
3092
3093         Setting value of m_PressedPos to make scrolling smooth
3094
3095         Page scroll popup menu "Scroll here" option not working when cliking above scroll slider/handler.
3096         https://bugs.webkit.org/show_bug.cgi?id=51349
3097
3098         The value of m_PressedPos was getting set before moveThumb() call
3099         in all other scenarios except when "Scroll Here" option is used.
3100         Hence scrolling with this option was not as expected even in cases
3101         where scrolling was happening. The thumb would move in unexpected
3102         direction. m_PressedPos is now set to pressed position so delta is
3103         calculated.
3104         Unable to write a test case as the test needs to click on "Scroll
3105         Here" option of context sensitive menu and QTest is unable to do it.
3106         Besides no new functionality introduced.
3107
3108         * platform/qt/ScrollbarQt.cpp:
3109         (WebCore::Scrollbar::contextMenu):
3110
3111 2011-01-28  Andrey Kosyakov  <caseq@chromium.org>
3112
3113         Reviewed by Pavel Feldman.
3114
3115         Web Inspector: [Extensions API] add JSON schema for extensions API
3116         https://bugs.webkit.org/show_bug.cgi?id=53236
3117
3118         * inspector/front-end/ExtensionAPISchema.json: Added.
3119
3120 2011-01-27  Zhenyao Mo  <zmo@google.com>
3121
3122         Reviewed by Kenneth Russell.
3123
3124         Remove _LENGTH enumerants
3125         https://bugs.webkit.org/show_bug.cgi?id=53259
3126
3127         * html/canvas/WebGLRenderingContext.cpp: Remove queries for *LENGTH.
3128         (WebCore::WebGLRenderingContext::getProgramParameter):
3129         (WebCore::WebGLRenderingContext::getShaderParameter):
3130         * html/canvas/WebGLRenderingContext.idl: Remove *LENGTH.
3131
3132 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
3133
3134         Reviewed by Yury Semikhatsky.
3135
3136         Web Inspector: syntax highlight inline JS and CSS in HTML resources
3137         https://bugs.webkit.org/show_bug.cgi?id=30831
3138
3139         * inspector/front-end/SourceHTMLTokenizer.js:
3140         (WebInspector.SourceHTMLTokenizer):
3141         (WebInspector.SourceHTMLTokenizer.prototype.set line):
3142         (WebInspector.SourceHTMLTokenizer.prototype.nextToken):
3143         * inspector/front-end/SourceHTMLTokenizer.re2js:
3144
3145 2011-01-28  Alexander Pavlov  <apavlov@chromium.org>
3146
3147         Reviewed by Yury Semikhatsky.
3148
3149         Web Inspector: [STYLES] Up/Down-suggestion breaks an existing keyword
3150         https://bugs.webkit.org/show_bug.cgi?id=53295
3151
3152         Select the current word suffix before switching to the next suggestion.
3153
3154         * inspector/front-end/StylesSidebarPane.js:
3155         ():
3156
3157 2011-01-28  Alejandro G. Castro  <alex@igalia.com>
3158
3159         Reviewed by Xan Lopez.
3160
3161         [GTK] Fix dist compilation for the release
3162         https://bugs.webkit.org/show_bug.cgi?id=53290
3163
3164         * GNUmakefile.am: Added inspector files to the extra dist.
3165
3166 2011-01-28  Ilya Sherman  <isherman@chromium.org>
3167
3168         Reviewed by Andreas Kling.
3169
3170         Const-correct HTMLSelectElement and WebSelectElement
3171         https://bugs.webkit.org/show_bug.cgi?id=53293
3172
3173         * html/HTMLSelectElement.cpp:
3174         (WebCore::HTMLSelectElement::value): const.
3175         * html/HTMLSelectElement.h:
3176
3177 2011-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3178
3179         Unreviewed, rolling out r76893.
3180         http://trac.webkit.org/changeset/76893
3181         https://bugs.webkit.org/show_bug.cgi?id=53287
3182
3183         It made some tests crash on GTK and Qt debug bots (Requested
3184         by Ossy on #webkit).
3185
3186         * bridge/runtime_root.cpp:
3187         (JSC::Bindings::RootObject::invalidate):
3188         (JSC::Bindings::RootObject::addRuntimeObject):
3189         (JSC::Bindings::RootObject::removeRuntimeObject):
3190         * bridge/runtime_root.h:
3191
3192 2011-01-27  Greg Coletta  <greg.coletta@nokia.com>
3193
3194         Reviewed by Laszlo Gombos.
3195
3196         Get rid of prefix header dependency for WebKit2 build system
3197         https://bugs.webkit.org/show_bug.cgi?id=50174
3198
3199         Guard EmptyProtocalDefinitions.h to make sure it's not included twice.
3200
3201         * platform/mac/EmptyProtocolDefinitions.h:
3202
3203 2011-01-27  Abhishek Arya  <inferno@chromium.org>
3204
3205         Reviewed by Dan Bernstein.
3206
3207         Recalc table sections if needed before calculating the first line
3208         box baseline.
3209         https://bugs.webkit.org/show_bug.cgi?id=53265
3210
3211         When we try to calculate the baseline position of a table cell,
3212         we recurse through all the child sibling boxes (when children are
3213         non inline) and add their first linebox baseline values. If one of
3214         the children is a table with pending section recalc, we will access
3215         wrong table section values. We recalc table sections if it is needed.
3216
3217         Test: fast/table/recalc-section-first-body-crash-main.html
3218
3219         * rendering/RenderTable.cpp:
3220         (WebCore::RenderTable::firstLineBoxBaseline):
3221
3222 2011-01-27  Adrienne Walker  <enne@google.com>
3223
3224         Reviewed by Kenneth Russell.
3225
3226         [chromium] Add CRASH calls to further debug tiled compositor memcpy crash.
3227         https://bugs.webkit.org/show_bug.cgi?id=52379
3228
3229         Test: LayoutTests/compositing (to verify these weren't triggered)
3230
3231         * platform/graphics/chromium/LayerTilerChromium.cpp:
3232         (WebCore::LayerTilerChromium::invalidateRect):
3233         (WebCore::LayerTilerChromium::update):
3234
3235 2011-01-27  Alexander Pavlov  <apavlov@chromium.org>
3236
3237         Reviewed by Pavel Feldman.
3238
3239         Web Inspector: [STYLES] Cancelled suggestion of a property name results in a visual artifact
3240         https://bugs.webkit.org/show_bug.cgi?id=53242
3241
3242         * inspector/front-end/StylesSidebarPane.js:
3243         (WebInspector.StylePropertyTreeElement.prototype):
3244
3245 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
3246
3247         Unreviewed, rolling out r76891.
3248         http://trac.webkit.org/changeset/76891
3249         https://bugs.webkit.org/show_bug.cgi?id=53280
3250
3251         Makes every layout test crash (Requested by othermaciej on
3252         #webkit).
3253
3254         * page/EventHandler.cpp:
3255         * page/EventHandler.h:
3256         * rendering/RenderObject.cpp:
3257         (WebCore::RenderObject::styleDidChange):
3258
3259 2011-01-27  Ryosuke Niwa  <rniwa@webkit.org>
3260
3261         Unreviewed, rolling out r76839.
3262         http://trac.webkit.org/changeset/76839
3263         https://bugs.webkit.org/show_bug.cgi?id=49744
3264
3265         broke pixel tests
3266
3267         * rendering/RenderBox.cpp:
3268         (WebCore::RenderBox::localCaretRect):
3269
3270 2011-01-27  Emil A Eklund  <eae@chromium.org>
3271
3272         Reviewed by Darin Adler.
3273
3274         contentEditable formatBlock crashes on divs with contenteditable="false"
3275         https://bugs.webkit.org/show_bug.cgi?id=53263
3276
3277         Check if editableRootForPosition returns null for position.
3278
3279         Test: editing/execCommand/format-block-contenteditable-false.html
3280
3281         * editing/FormatBlockCommand.cpp:
3282         (WebCore::FormatBlockCommand::formatRange):
3283
3284 2011-01-27  Dimitri Glazkov  <dglazkov@chromium.org>
3285
3286         Reviewed by Darin Adler.
3287
3288         Remove RenderMedia members that aren't used.
3289         https://bugs.webkit.org/show_bug.cgi?id=53245
3290
3291         Refactoring, no change in behavior, so no new tests.
3292
3293         * rendering/RenderMedia.h: Removed unused member variables.
3294
3295 2011-01-27  Michael Saboff  <msaboff@apple.com>
3296
3297         Reviewed by Darin Adler.
3298
3299         Potentially Unsafe HashSet of RuntimeObject* in RootObject definition
3300         https://bugs.webkit.org/show_bug.cgi?id=53271
3301
3302         Precautionary change.
3303         Changed RootObject to use WeakGCMap instead of HashSet.
3304         Found will looking for another issue, but can't produce a test case
3305         that is problematic.  THerefore there aren't any new tests.
3306
3307         * bridge/runtime_root.cpp:
3308         (JSC::Bindings::RootObject::invalidate):
3309         (JSC::Bindings::RootObject::addRuntimeObject):
3310         (JSC::Bindings::RootObject::removeRuntimeObject):
3311         * bridge/runtime_root.h:
3312
3313 2011-01-27  Kenneth Russell  <kbr@google.com>
3314
3315         Reviewed by James Robinson.
3316
3317         Rename Typed Array slice() to subset()
3318         https://bugs.webkit.org/show_bug.cgi?id=53273
3319
3320         * bindings/js/JSArrayBufferViewHelper.h:
3321         (WebCore::constructArrayBufferView):
3322         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
3323         (WebCore::constructWebGLArray):
3324         * html/canvas/Float32Array.cpp:
3325         (WebCore::Float32Array::subset):
3326         * html/canvas/Float32Array.h:
3327         * html/canvas/Float32Array.idl:
3328         * html/canvas/Int16Array.cpp:
3329         (WebCore::Int16Array::subset):
3330         * html/canvas/Int16Array.h:
3331         * html/canvas/Int16Array.idl:
3332         * html/canvas/Int32Array.cpp:
3333         (WebCore::Int32Array::subset):
3334         * html/canvas/Int32Array.h:
3335         * html/canvas/Int32Array.idl:
3336         * html/canvas/Int8Array.cpp:
3337         (WebCore::Int8Array::subset):
3338         * html/canvas/Int8Array.h:
3339         * html/canvas/Int8Array.idl:
3340         * html/canvas/TypedArrayBase.h:
3341         (WebCore::TypedArrayBase::subsetImpl):
3342         * html/canvas/Uint16Array.cpp:
3343         (WebCore::Uint16Array::subset):
3344         * html/canvas/Uint16Array.h:
3345         * html/canvas/Uint16Array.idl:
3346         * html/canvas/Uint32Array.cpp:
3347         (WebCore::Uint32Array::subset):
3348         * html/canvas/Uint32Array.h:
3349         * html/canvas/Uint32Array.idl:
3350         * html/canvas/Uint8Array.cpp:
3351         (WebCore::Uint8Array::subset):
3352         * html/canvas/Uint8Array.h:
3353         * html/canvas/Uint8Array.idl:
3354
3355 2011-01-27  Darin Adler  <darin@apple.com>
3356
3357         Reviewed by Dan Bernstein.
3358
3359         Changing cursor style has no effect until the mouse moves
3360         https://bugs.webkit.org/show_bug.cgi?id=14344
3361         rdar://problem/7563712
3362
3363         No tests added because we don't have infrastructure for testing actual cursor
3364         changes (as opposed to cursor style computation) at this time. We might add it later.
3365
3366         * page/EventHandler.cpp:
3367         (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon): Added.
3368         * page/EventHandler.h: Ditto.
3369
3370         * rendering/RenderObject.cpp:
3371         (WebCore::areNonIdenticalCursorListsEqual): Added.
3372         (WebCore::areCursorsEqual): Added.
3373         (WebCore::RenderObject::styleDidChange): Call dispatchFakeMouseMoveEventSoon if
3374         cursor styles changed.
3375
3376 2011-01-27  Leo Yang  <leo.yang@torchmobile.com.cn>
3377
3378         Reviewed by Dirk Schulze.
3379
3380         SVG Use Cycle is not detected
3381         https://bugs.webkit.org/show_bug.cgi?id=52544
3382
3383         We should check if SVGUseElement::buildInstanceTree finds problem
3384         for every child node. If it finds problem for any children we must
3385         return immediately because otherwise the foundProblem variable may
3386         be rewritten to false.
3387
3388         Test: svg/custom/recursive-use2.svg
3389
3390         * svg/SVGUseElement.cpp:
3391         (WebCore::SVGUseElement::buildInstanceTree):
3392
3393 2011-01-27  Zhenyao Mo  <zmo@google.com>
3394
3395         Reviewed by Kenneth Russell.
3396
3397         texSubImage2D's format/type needs to match the internalformat/type from the previous texImage2D call
3398         https://bugs.webkit.org/show_bug.cgi?id=53054
3399
3400         Test: fast/canvas/webgl/tex-sub-image-2d-bad-args.html
3401
3402         * html/canvas/WebGLRenderingContext.cpp:
3403         (WebCore::WebGLRenderingContext::texSubImage2DBase): Check format/type match.
3404
3405 2011-01-27  Yi Shen  <yi.4.shen@nokia.com>, Tor Arne Vestbø <tor.arne.vestbo@nokia.com>
3406
3407         Reviewed by Andreas Kling.
3408
3409         [Qt] Add fullscreen media control button for html video
3410         https://bugs.webkit.org/show_bug.cgi?id=51543
3411
3412         Implement media control fullscreen button for QtWebKit html5 video.
3413
3414         * css/mediaControlsQt.css:
3415         (video::-webkit-media-controls-fullscreen-button):
3416         * platform/qt/RenderThemeQt.cpp:
3417         (WebCore::RenderThemeQt::paintMediaFullscreenButton):
3418
3419 2011-01-27  Nate Chapin  <japhet@chromium.org>
3420
3421         Reviewed by Adam Barth.
3422
3423         Remove FrameLoader::url() and update callers to use
3424         Document::url().
3425         https://bugs.webkit.org/show_bug.cgi?id=41165
3426
3427         Refactor, no new tests.
3428
3429         * WebCore.exp.in:
3430         * dom/Document.cpp:
3431         (WebCore::Document::processHttpEquiv):
3432         (WebCore::Document::removePendingSheet):
3433         * history/CachedFrame.cpp:
3434         (WebCore::CachedFrameBase::CachedFrameBase):
3435         * history/PageCache.cpp:
3436         (WebCore::logCanCacheFrameDecision):
3437         (WebCore::PageCache::canCachePageContainingThisFrame):
3438         * html/HTMLFrameElementBase.cpp:
3439         (WebCore::HTMLFrameElementBase::isURLAllowed):
3440         * html/HTMLPlugInImageElement.cpp:
3441         (WebCore::HTMLPlugInImageElement::allowedToLoadFrameURL):
3442         * inspector/InspectorAgent.cpp:
3443         (WebCore::InspectorAgent::inspectedURL):
3444         * inspector/InspectorResourceAgent.cpp:
3445         (WebCore::buildObjectForFrame):
3446         * loader/DocumentWriter.cpp:
3447         (WebCore::DocumentWriter::replaceDocument):
3448         (WebCore::DocumentWriter::deprecatedFrameEncoding):
3449         * loader/FrameLoader.cpp:
3450         * loader/FrameLoader.h:
3451         * loader/HistoryController.cpp:
3452         (WebCore::HistoryController::updateForStandardLoad):
3453         (WebCore::HistoryController::updateForRedirectWithLockedBackForwardList):
3454         (WebCore::HistoryController::updateForSameDocumentNavigation):
3455         * loader/NavigationScheduler.cpp:
3456         (WebCore::ScheduledHistoryNavigation::fire):
3457         (WebCore::NavigationScheduler::scheduleLocationChange):
3458         (WebCore::NavigationScheduler::scheduleRefresh):
3459         * page/FrameView.cpp:
3460         (WebCore::FrameView::updateControlTints):
3461         * page/Location.cpp:
3462         (WebCore::Location::url):
3463         (WebCore::Location::setProtocol):
3464         (WebCore::Location::setHost):
3465         (WebCore::Location::setHostname):
3466         (WebCore::Location::setPort):
3467         (WebCore::Location::setPathname):
3468         (WebCore::Location::setSearch):
3469         (WebCore::Location::setHash):
3470         (WebCore::Location::reload):
3471         * page/Page.cpp:
3472         (WebCore::Page::goToItem):
3473
3474 2011-01-27  Stephen White  <senorblanco@chromium.org>
3475
3476         Reviewed by Darin Adler.
3477
3478         Fix performance regression in ImageQualityController::objectDestroyed().
3479         https://bugs.webkit.org/show_bug.cgi?id=52645
3480
3481         In r72282, I inadvertently introduced this regression by using a
3482         linear search through the hash map on object destruction.  This was
3483         because the hash key consisted of both object pointer and layer id,
3484         but on object destruction we only know the object pointer, requiring
3485         a search to find all the layers. 
3486         By replacing the hash map with two nested hash maps, where the outer key
3487         is the object and the inner key is the layer, we can find all the
3488         relevant data for an object in one hash lookup.
3489
3490         * rendering/RenderBoxModelObject.cpp:
3491         Replace the (object,layer)->size HashMap with object->layer and
3492         layer->size HashMaps.
3493         (WebCore::ImageQualityController::isEmpty):
3494         Implement isEmpty() for the outer HashMap.
3495         (WebCore::ImageQualityController::removeLayer):
3496         When a layer is removed, remove it from the inner hash map.
3497         (WebCore::ImageQualityController::set):
3498         Implement set():  if the inner map exists, set the layer->size tuple
3499         directly.  If not, create a new inner map, set the tuple, and insert
3500         it in the outer map.
3501         (WebCore::ImageQualityController::objectDestroyed):
3502         Look up the object in the outer map only.
3503         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
3504         Cosmetic changes for the renamed now-outer hash map.
3505         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
3506         Do both outer and inner hash map lookups.  Call set() to add/update
3507         entries to the hash maps.  keyDestroyed() is now removeLayer().
3508         (WebCore::imageQualityController):
3509         Make the ImageQualityController a file-static global, so it can be
3510         created and destroyed on the fly.
3511         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
3512         If there is no ImageQualityController, don't call objectDestroyed().
3513         If it's empty, delete it.
3514         * rendering/RenderImage.cpp:
3515         (WebCore::RenderImage::paintIntoRect):
3516         Also pass the Image* as the (void*) layer, since 0 is not a valid
3517         HashMap key.
3518
3519 2011-01-27  Adrienne Walker  <enne@google.com>
3520
3521         Reviewed by James Robinson.
3522
3523         [chromium] Tiled compositor crashes if compositing turned off mid-paint
3524         https://bugs.webkit.org/show_bug.cgi?id=53198
3525
3526         * platform/graphics/chromium/LayerRendererChromium.cpp:
3527         (WebCore::LayerRendererChromium::drawLayers):
3528         * platform/graphics/chromium/LayerTilerChromium.cpp:
3529         (WebCore::LayerTilerChromium::update):
3530         (WebCore::LayerTilerChromium::draw):
3531
3532 2011-01-27  Carol Szabo <carol.szabo@nokia.com>
3533
3534         Reviewed by David Hyatt.
3535
3536         A corrupted counter tree is created when renderers are added to the
3537         tree bypassing RenderObject::addChild
3538         https://bugs.webkit.org/show_bug.cgi?id=51270
3539
3540         No new tests. This patch reimplements the fix for bugs 43812 and
3541         51637 and hence all tests are already there as part of the original
3542         fixes for those bugs.
3543
3544         * rendering/RenderCounter.cpp:
3545         (WebCore::findPlaceForCounter):
3546         Removed old workaround as this patch hopefully fixes the real
3547         problem.
3548         * rendering/RenderObject.cpp:
3549         (WebCore::RenderObject::addChild):
3550         Removed call to counter updater as it was moved to a lower level.
3551         (WebCore::RenderObject::destroy):
3552         Moved attached counter nodes destruction to after the node is
3553         removed from the tree.
3554         * rendering/RenderObjectChildList.cpp:
3555         (WebCore::RenderObjectChildList::removeChildNode):
3556         (WebCore::RenderObjectChildList::appendChildNode):
3557         (WebCore::RenderObjectChildList::insertChildNode):
3558         Added notifications to the Counter system such that the
3559         CounterForest reflects the changes to the RendererTree.
3560         * rendering/RenderWidget.cpp:
3561         (WebCore::RenderWidget::destroy):
3562         Applied the same changes as for RenderObject::destroy()
3563         since RenderObject::destroy() is not called from here.
3564
3565 2011-01-27  Adam Roben  <aroben@apple.com>
3566
3567         Add WKCACFViewLayerTreeHost
3568
3569         This is a class that derives from CACFLayerTreeHost and uses a WKCACFView to render.
3570
3571         Fixes <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost should use
3572         WKCACFView for rendering
3573
3574         * WebCore.vcproj/WebCore.vcproj: Added WKCACFViewLayerTreeHost.{cpp,h}.
3575
3576         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
3577         (WebCore::CACFLayerTreeHost::acceleratedCompositingAvailable): Make the test window have a
3578         non-zero size. WKCACFView will always say it can't render if you pass it a 0-sized window,
3579         so we need a non-empty window to perform a valid test.
3580         (WebCore::CACFLayerTreeHost::create): First try to create a WKCACFViewLayerTreeHost, then
3581         fall back to a LegacyCACFLayerTreeHost.
3582         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Moved code to react to the
3583         context flush from here...
3584         (WebCore::CACFLayerTreeHost::contextDidChange): ...to here. Derived classes are required to
3585         call this function whenever changes are flushed to the context.
3586
3587         * platform/graphics/ca/win/CACFLayerTreeHost.h: Added contextDidChange.
3588
3589         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
3590         (WebCore::LegacyCACFLayerTreeHost::createRenderer):
3591         (WebCore::LegacyCACFLayerTreeHost::resize):
3592         Changed to use flushContext instead of flushing the context manually so that we will always
3593         notify the base class when the context gets flushed.
3594
3595         (WebCore::LegacyCACFLayerTreeHost::flushContext): Added a call to contextDidChange so the
3596         base class will know what happened. Moved code to schedule a render from here...
3597         (WebCore::LegacyCACFLayerTreeHost::contextDidChange): ...to here.
3598
3599         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h: Added contextDidChange.
3600
3601         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp: Added.
3602         (WebCore::WKCACFViewLayerTreeHost::create): If WebKitQuartzCoreAdditions, which provides
3603         WKCACFView, isn't present, bail. Otherwise allocate and return a new host.
3604         (WebCore::WKCACFViewLayerTreeHost::WKCACFViewLayerTreeHost): Initialize members.
3605         (WebCore::WKCACFViewLayerTreeHost::updateViewIfNeeded): Update the view if we previously
3606         marked that we needed to do so, and flush the context if our layer's bounds have changed.
3607         (WebCore::WKCACFViewLayerTreeHost::contextDidChangeCallback): Call through to
3608         contextDidChange.
3609         (WebCore::WKCACFViewLayerTreeHost::contextDidChange): Tell the WKCACFView to start rendering
3610         (if we didn't already), then call up to the base class.
3611         (WebCore::WKCACFViewLayerTreeHost::initializeContext): Set the context's user data, the
3612         view's layer, and hook up our "context did change" callback.
3613         (WebCore::WKCACFViewLayerTreeHost::resize): Mark that the view needs to be updated the next
3614         time we paint.
3615         (WebCore::WKCACFViewLayerTreeHost::createRenderer): Update our view and return whether it is
3616         able to render or not.
3617         (WebCore::WKCACFViewLayerTreeHost::destroyRenderer): Clear out all the info we passed down
3618         to the view.
3619         (WebCore::WKCACFViewLayerTreeHost::lastCommitTime): Call through to the view.
3620         (WebCore::WKCACFViewLayerTreeHost::flushContext): Ditto.
3621         (WebCore::WKCACFViewLayerTreeHost::paint): Update the view so it will draw at the right
3622         size, then call up to the base class.
3623         (WebCore::WKCACFViewLayerTreeHost::render): Invalidate the view using the passed-in dirty
3624         rects, then ask it to draw.
3625
3626         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h: Copied from Source/WebCore/platform/graphics/ca/win/LegacyCACFLayerTreeHost.h.
3627
3628 2011-01-27  Adam Roben  <aroben@apple.com>
3629
3630         Move LegacyCACFLayerTreeHost into its own files
3631
3632         More preparation for <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost
3633         should use WKCACFView for rendering
3634
3635         Reviewed by Simon Fraser.
3636
3637         * WebCore.vcproj/WebCore.vcproj: Added LegacyCACFLayerTreeHost.{cpp,h}.
3638
3639         * platform/graphics/ca/win/CACFLayerTreeHost.cpp: Moved code from here to new files.
3640
3641         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp: Added.
3642         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h: Added.
3643
3644 2011-01-27  Patrick Gansterer  <paroga@webkit.org>
3645
3646         Unreviewed WinCE build fix for r76824.
3647
3648         * platform/wince/DragDataWinCE.cpp:
3649         (WebCore::DragData::dragDataMap):
3650
3651 2011-01-27  Adam Roben  <aroben@apple.com>
3652
3653         Split CACFLayerTreeHost into base and derived classes
3654
3655         The derived class, LegacyCACFLayerTreeHost, contains all the D3D-related code. A later patch
3656         will add a new derived class that replaces the D3D code with a different rendering API.
3657
3658         For now, LegacyCACFLayerTreeHost lives in CACFLayerTreeHost.cpp. This keeps the diff a
3659         little smaller. A later patch will move it to its own source files.
3660
3661         Preparation for <http://webkit.org/b/53251> <rdar://problem/8925496> CACFLayerTreeHost
3662         should use WKCACFView for rendering
3663
3664         Reviewed by Simon Fraser.
3665
3666         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
3667         (WebCore::CACFLayerTreeHost::acceleratedCompositingAvailable): Clear the window before
3668         destroying the host, as that is now the API contract that clients must fulfill.
3669         (WebCore::LegacyCACFLayerTreeHost::create): Added. Simple creator.
3670         (WebCore::CACFLayerTreeHost::create): Now instantiates a LegacyCACFLayerTreeHost. Calls the
3671         new initialize function to perform initialization that has to happen after the vtable has
3672         been set up.
3673
3674         (WebCore::LegacyCACFLayerTreeHost::LegacyCACFLayerTreeHost):
3675         (WebCore::CACFLayerTreeHost::CACFLayerTreeHost):
3676         (WebCore::LegacyCACFLayerTreeHost::initializeContext):
3677         (WebCore::CACFLayerTreeHost::initialize):
3678         Moved some initialization code from the CACFLayerTreeHost constructor into these new
3679         functions.
3680
3681         (WebCore::LegacyCACFLayerTreeHost::~LegacyCACFLayerTreeHost): Added. Moved code here from
3682         ~CACFLayerTreeHost.
3683         (WebCore::CACFLayerTreeHost::~CACFLayerTreeHost): Rather than clearing the window at this
3684         point (which would be too late, since we won't be able to call into the derived class's
3685         virtual functions), just assert that it has already been cleared (or was never set in the
3686         first place).
3687         (WebCore::LegacyCACFLayerTreeHost::createRenderer): Renamed from
3688         CACFLayerTreeHost::createRenderer, and changed to use getters instead of accessing
3689         CACFLayerTreeHost's data members directly.
3690
3691         (WebCore::LegacyCACFLayerTreeHost::destroyRenderer):
3692         (WebCore::CACFLayerTreeHost::destroyRenderer):
3693         Moved some code to the new LegacyCACFLayerTreeHost function.
3694
3695         (WebCore::LegacyCACFLayerTreeHost::resize):
3696         (WebCore::LegacyCACFLayerTreeHost::renderTimerFired):
3697         Moved these functions to LegacyCACFLayerTreeHost.
3698
3699         (WebCore::LegacyCACFLayerTreeHost::paint):
3700         (WebCore::CACFLayerTreeHost::paint):
3701         Moved some code to the new LegacyCACFLayerTreeHost function.
3702
3703         (WebCore::LegacyCACFLayerTreeHost::render):
3704         (WebCore::LegacyCACFLayerTreeHost::renderSoon):
3705         Moved these functions to LegacyCACFLayerTreeHost.
3706
3707         (WebCore::CACFLayerTreeHost::flushPendingLayerChangesNow): Moved code to flush the context
3708         from here...
3709         (WebCore::LegacyCACFLayerTreeHost::flushContext): ...to this new function.
3710
3711         (WebCore::LegacyCACFLayerTreeHost::lastCommitTime): Moved code to get the last commit time
3712         to this new function...
3713         (WebCore::CACFLayerTreeHost::notifyAnimationsStarted): ...from here.
3714
3715         (WebCore::LegacyCACFLayerTreeHost::initD3DGeometry):
3716         (WebCore::LegacyCACFLayerTreeHost::resetDevice):
3717         Moved these functions to LegacyCACFLayerTreeHost.
3718
3719         * platform/graphics/ca/win/CACFLayerTreeHost.h: Made some functions virtual, removed some
3720         members that have moved to LegacyCACFLayerTreeHost, grouped remaining members more
3721         logically, and added some getters used by LegacyCACFLayerTreeHost.
3722
3723 2011-01-27  Adam Roben  <aroben@apple.com>
3724
3725         Move CACFLayerTreeHostClient to its own header file
3726
3727         Rubber-stamped by Steve Falkenburg.
3728
3729         * WebCore.vcproj/WebCore.vcproj: Added CACFLayerTreeHostClient.h. Also let VS have its way
3730         with the file.
3731
3732         * platform/graphics/ca/win/CACFLayerTreeHost.cpp: Added new #include.
3733
3734         * platform/graphics/ca/win/CACFLayerTreeHost.h: Removed CACFLayerTreeHostClient.
3735
3736         * platform/graphics/ca/win/CACFLayerTreeHostClient.h: Added.
3737
3738         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp: Moved some #includes here
3739         from the header file.
3740
3741         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h: Replaced broader #includes
3742         with more specific ones, plus a forward-declaration.
3743
3744 2011-01-27  James Simonsen  <simonjam@chromium.org>
3745
3746         Reviewed by Tony Chang.
3747
3748         [Chromium] Simplify small caps logic in complex text on linux
3749         https://bugs.webkit.org/show_bug.cgi?id=53207
3750
3751         Test: fast/text/atsui-multiple-renderers.html
3752               fast/text/atsui-small-caps-punctuation-size.html
3753
3754         * platform/graphics/chromium/ComplexTextControllerLinux.cpp:
3755         (WebCore::ComplexTextController::nextScriptRun): Remove redundant logic. Case changes in a text run imply FontData changes.
3756         (WebCore::ComplexTextController::setupFontForScriptRun): Update comment to reflect above.
3757
3758 2011-01-27  Adam Barth  <abarth@webkit.org>
3759
3760         In which I attempt to fix the EFL build.
3761
3762         * CMakeLists.txt:
3763
3764 2011-01-25  Levi Weintraub  <leviw@chromium.org>
3765
3766         Reviewed by Darin Adler.
3767
3768         Adding border and padding to the calculation of the local caret rect for RenderBoxes.
3769         Corrected for mistake in r76625
3770
3771         Undo moves caret to invalid position
3772         https://bugs.webkit.org/show_bug.cgi?id=49744
3773
3774         Tests: editing/selection/caret-painting-after-paste-undo-rtl.html
3775                editing/selection/caret-painting-after-paste-undo.html
3776
3777         * rendering/RenderBox.cpp:
3778         (WebCore::RenderBox::localCaretRect):
3779
3780 2011-01-27  Sheriff Bot  <webkit.review.bot@gmail.com>
3781
3782         Unreviewed, rolling out r76825.
3783         http://trac.webkit.org/changeset/76825
3784         https://bugs.webkit.org/show_bug.cgi?id=53256
3785
3786         "caused crashes on GTK and chromium" (Requested by rniwa on
3787         #webkit).
3788
3789         * rendering/RenderBoxModelObject.cpp:
3790         (WebCore::ImageQualityController::keyDestroyed):
3791         (WebCore::ImageQualityController::objectDestroyed):
3792         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
3793         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
3794         (WebCore::imageQualityController):
3795         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
3796
3797 2011-01-27  Adam Barth  <abarth@webkit.org>
3798
3799         Reviewed by Eric Seidel.
3800
3801         Generalize the mechanism view-source uses to remember the source for an HTMLToken
3802         https://bugs.webkit.org/show_bug.cgi?id=53200
3803
3804         Currently view-source tracks the source associated with each HTMLToken.
3805         We want to re-use this mechanism for the new XSS auditor.  This patch
3806         moves this code into its own class so it can be shared between the
3807         view-source parser and the general HTML parser.  This patch also add
3808         support for tracking the source of tokens that span document.write
3809         boundaries.
3810
3811         No functional change.  This code change is somewhat tested by our
3812         view-source layout tests.
3813
3814         * Android.mk:
3815         * GNUmakefile.am:
3816         * WebCore.gypi:
3817         * WebCore.pro:
3818         * WebCore.vcproj/WebCore.vcproj:
3819         * WebCore.xcodeproj/project.pbxproj:
3820             - Fun with updating build files.
3821         * html/parser/HTMLDocumentParser.cpp:
3822         (WebCore::HTMLDocumentParser::pumpTokenizer):
3823             - Teach HTMLDocumentParser to track the source for HTMLTokens.
3824               Currently, this information isn't used, but it will be shortly.
3825               I ran the HTML parser benchmark and this change didn't have a
3826               measurable effect.
3827         * html/parser/HTMLDocumentParser.h:
3828             - Composite in the HTMLSourceTracker.
3829         * html/parser/HTMLSourceTracker.cpp: Added.
3830         (WebCore::HTMLSourceTracker::HTMLSourceTracker):
3831         (WebCore::HTMLSourceTracker::start):
3832         (WebCore::HTMLSourceTracker::end):
3833             - This function should eventualy be folded into HTMLTokenizer.
3834         (WebCore::HTMLSourceTracker::sourceForToken):
3835         * html/parser/HTMLSourceTracker.h: Added.
3836         * html/parser/HTMLToken.h:
3837             - Now HTMLTokens always have a start index of zero.  To do the job
3838               of the old start index, this patch introduces the notion of a
3839               baseOffset.  Unlike the start index (which was used as the base
3840               offset for all the other indicies), the baseOffset can change
3841               over the lifetime of the token.  We need the flexibility to
3842               change the offset for tokens that span document.write boundaries.
3843               Values are now normalized to zero-offset when stored.
3844         (WebCore::HTMLToken::clear):
3845         (WebCore::HTMLToken::setBaseOffset):
3846         (WebCore::HTMLToken::end):
3847         (WebCore::HTMLToken::beginAttributeName):
3848         (WebCore::HTMLToken::endAttributeName):
3849         (WebCore::HTMLToken::beginAttributeValue):
3850         (WebCore::HTMLToken::endAttributeValue):
3851         * html/parser/HTMLViewSourceParser.cpp:
3852             - Updates the HTMLViewSourceParser to use the new
3853               HTMLSourceTracker.
3854         (WebCore::HTMLViewSourceParser::pumpTokenizer):
3855         (WebCore::HTMLViewSourceParser::append):
3856         (WebCore::HTMLViewSourceParser::sourceForToken):
3857             - This function now just calls through to HTMLSourceTracker.
3858         * html/parser/HTMLViewSourceParser.h:
3859         * platform/text/SegmentedString.cpp:
3860         (WebCore::SegmentedString::currentColumn):
3861         (WebCore::SegmentedString::setCurrentPosition):
3862         * platform/text/SegmentedString.h:
3863         (WebCore::SegmentedString::numberOfCharactersConsumed):
3864             - We need to handle the general case now.  The "slow" version
3865               doesn't turn out to be any slower in practice anyway.
3866
3867 2011-01-27  Sam Weinig  <sam@webkit.org>
3868
3869         Fix all the builds.
3870
3871         * platform/ScrollView.cpp:
3872         (WebCore::ScrollView::paintOverhangAreas): Add parameters.
3873
3874 2011-01-27  Sam Weinig  <sam@webkit.org>
3875
3876         Reviewed by Dave Hyatt.
3877
3878         Add ability to do an unconstrained scroll on a ScrollView
3879         https://bugs.webkit.org/show_bug.cgi?id=53249
3880
3881         * platform/ScrollView.cpp:
3882         (WebCore::ScrollView::ScrollView):
3883         Initialize m_constrainsScrollingToContentEdge to true.
3884
3885         (WebCore::ScrollView::setScrollOffset):
3886         Only constrain the offset if the m_constrainsScrollingToContentEdge is set.
3887
3888         (WebCore::ScrollView::updateScrollbars):
3889         Simplify expression converting an IntSize to an IntPoint.
3890         
3891         (WebCore::ScrollView::paint):
3892         Paint the overhang if there is any.
3893         
3894         (WebCore::ScrollView::calculateOverhangAreasForPainting):
3895         Calculate the overhang in viewport coordinates for painting.
3896
3897         * platform/ScrollView.h:
3898         (WebCore::ScrollView::constrainsScrollingToContentEdge):
3899         (WebCore::ScrollView::setConstrainsScrollingToContentEdge):
3900         Add bit to control whether the scroll position should be constrained
3901         to the content edge when set.
3902
3903         * platform/ScrollbarThemeComposite.cpp:
3904         (WebCore::usedTotalSize):
3905         (WebCore::ScrollbarThemeComposite::thumbPosition):
3906         (WebCore::ScrollbarThemeComposite::thumbLength):
3907         * platform/mac/ScrollbarThemeMac.mm:
3908         (WebCore::ScrollbarThemeMac::paint):
3909         Improve calculations of thumb size and position to take overhang into account.
3910
3911 2011-01-27  Dirk Schulze  <krit@webkit.org>
3912
3913         Reviewed by Nikolas Zimmermann.
3914
3915         SVG animation of Paths with segments of different coordinate modes on begin and end
3916         https://bugs.webkit.org/show_bug.cgi?id=52984
3917
3918         At the moment we just support SVG path animations, if the number of segments on the given start path
3919         is the same as the number of segments on the given end path. But a segment on a given position must be identical
3920         on both paths as well. Not only the segment type, also the coordinate mode of the segments must be identical.
3921         If MoveToRel is on the second position on the start path a MoveToRel must be on the second position
3922         of the end path too. According to the SVG spec, at least the coordinate mode can differ. Means, if we have MoveToRel
3923         in the start path, we can use MoveToAbs on the same position in the end path.
3924
3925         This patch fixes the blending code to follow the spec here. It was necessary to track the current position of
3926         both paths, transform coordinates to the same coordinate mode and transform the resulting animation coordinate back
3927         to the coordinate mode of either the start or the end path. Which mode is taken depends on the progress of the
3928         animation.
3929
3930         Tests: svg/animations/animate-path-animation-Cc-Ss.html
3931                svg/animations/animate-path-animation-Ll-Vv-Hh.html
3932                svg/animations/animate-path-animation-Qq-Tt.html
3933                svg/animations/animate-path-animation-cC-sS-inverse.html
3934                svg/animations/animate-path-animation-lL-vV-hH-inverse.html
3935                svg/animations/animate-path-animation-qQ-tT-inverse.html
3936
3937         * svg/SVGPathBlender.cpp:
3938         (WebCore::blendFloatPoint):
3939         (WebCore::blendAnimatedFloat):
3940         (WebCore::SVGPathBlender::blendAnimatedDimensionalFloat):
3941         (WebCore::SVGPathBlender::blendAnimatedFloatPoint):
3942         (WebCore::SVGPathBlender::blendMoveToSegment):
3943         (WebCore::SVGPathBlender::blendLineToSegment):
3944         (WebCore::SVGPathBlender::blendLineToHorizontalSegment):
3945         (WebCore::SVGPathBlender::blendLineToVerticalSegment):
3946         (WebCore::SVGPathBlender::blendCurveToCubicSegment):
3947         (WebCore::SVGPathBlender::blendCurveToCubicSmoothSegment):
3948         (WebCore::SVGPathBlender::blendCurveToQuadraticSegment):
3949         (WebCore::SVGPathBlender::blendCurveToQuadraticSmoothSegment):
3950         (WebCore::SVGPathBlender::blendArcToSegment):
3951         (WebCore::coordinateModeOfCommand):
3952         (WebCore::isSegmentEqual):
3953         (WebCore::SVGPathBlender::blendAnimatedPath):
3954         (WebCore::SVGPathBlender::cleanup):
3955         * svg/SVGPathBlender.h:
3956
3957 2011-01-27  Cris Neckar  <cdn@chromium.org>
3958
3959         Reviewed by Dimitri Glazkov.
3960
3961         Clear the parent on a css keyframe's m_style when removing it from the stylesheet.
3962         https://bugs.webkit.org/show_bug.cgi?id=52320
3963
3964         Test: fast/css/css-keyframe-style-crash.html
3965
3966         * css/CSSRuleList.cpp:
3967         (WebCore::CSSRuleList::deleteRule):
3968         * css/WebKitCSSKeyframesRule.cpp:
3969         (WebCore::WebKitCSSKeyframesRule::~WebKitCSSKeyframesRule):
3970
3971 2011-01-27  Rob Buis  <rwlbuis@gmail.com>
3972
3973         Reviewed by Kent Tamura.
3974
3975         Color changes to option elements in a select multiple aren't drawn immediately
3976         https://bugs.webkit.org/show_bug.cgi?id=49790
3977
3978         Redirect style changes on <option> element to the owner <select> element.
3979
3980         Test: fast/repaint/select-option-background-color.html
3981
3982         * html/HTMLOptionElement.cpp:
3983         (WebCore::HTMLOptionElement::setRenderStyle):
3984
3985 2011-01-19  Stephen White  <senorblanco@chromium.org>
3986
3987         Reviewed by Darin Adler.
3988
3989         Fix performance regression in ImageQualityController::objectDestroyed().
3990         https://bugs.webkit.org/show_bug.cgi?id=52645
3991
3992         In r72282, I inadvertently introduced this regression by using a
3993         linear search through the hash map on object destruction.  This was
3994         because the hash key consisted of both object pointer and layer id,
3995         but on object destruction we only know the object pointer, requiring
3996         a search to find all the layers. 
3997         By replacing the hash map with two nested hash maps, where the outer key
3998         is the object and the inner key is the layer, we can find all the
3999         relevant data for an object in one hash lookup.
4000
4001         * rendering/RenderBoxModelObject.cpp:
4002         Replace the (object,layer)->size HashMap with object->layer and
4003         layer->size HashMaps.
4004         (WebCore::ImageQualityController::isEmpty):
4005         Implement isEmpty() for the outer HashMap.
4006         (WebCore::ImageQualityController::removeLayer):
4007         When a layer is removed, remove it from the inner hash map.
4008         (WebCore::ImageQualityController::set):
4009         Implement set():  if the inner map exists, set the layer->size tuple
4010         directly.  If not, create a new inner map, set the tuple, and insert
4011         it in the outer map.
4012         (WebCore::ImageQualityController::objectDestroyed):
4013         Look up the object in the outer map only.
4014         (WebCore::ImageQualityController::highQualityRepaintTimerFired):
4015         Cosmetic changes for the renamed now-outer hash map.
4016         (WebCore::ImageQualityController::shouldPaintAtLowQuality):
4017         Do both outer and inner hash map lookups.  Call set() to add/update
4018         entries to the hash maps.  keyDestroyed() is now removeLayer().
4019         (WebCore::imageQualityController):
4020         Make the ImageQualityController a file-static global, so it can be
4021         created and destroyed on the fly.
4022         (WebCore::RenderBoxModelObject::~RenderBoxModelObject):
4023         If there is no ImageQualityController, don't call objectDestroyed().
4024         If it's empty, delete it.
4025
4026
4027 2011-01-26  Enrica Casucci  <enrica@apple.com>
4028
4029         Reviewed by Darin Adler and Adam Roben.
4030
4031         WebKit2: add support for drag and drop on Windows
4032         https://bugs.webkit.org/show_bug.cgi?id=52775
4033         <rdar://problem/8514409>
4034         
4035         On Windows the access to the content being dragged is
4036         provided via the IDataObject interface that is made available
4037         to the window that registers itself as drop target.
4038         Since this interface cannot be accessed from the WebProcess,
4039         in every call to one of the methods of the IDropTarget interface
4040         we serialize the content of the drag clipboard and send it over to
4041         the WebProcess.
4042         The bulk of this patch consists in the refactoring needed in DragData
4043         and ClipboardWin classes to extract the data from the serialized object.
4044         
4045         * platform/DragData.cpp:
4046         * platform/DragData.h:
4047         * platform/win/ClipboardUtilitiesWin.cpp:
4048         (WebCore::getWebLocData):
4049         (WebCore::getURL):
4050         (WebCore::getPlainText):
4051         (WebCore::getTextHTML):
4052         (WebCore::getCFHTML):
4053         (WebCore::fragmentFromFilenames):
4054         (WebCore::containsFilenames):
4055         (WebCore::fragmentFromHTML):
4056         (WebCore::containsHTML):
4057         (WebCore::getClipboardData):
4058         * platform/win/ClipboardUtilitiesWin.h:
4059         * platform/win/ClipboardWin.cpp:
4060         (WebCore::Clipboard::create):
4061         (WebCore::ClipboardWin::ClipboardWin):
4062         (WebCore::ClipboardWin::getData):
4063         (WebCore::ClipboardWin::types):
4064         (WebCore::ClipboardWin::files):
4065         (WebCore::ClipboardWin::hasData):
4066         * platform/win/ClipboardWin.h:
4067         (WebCore::ClipboardWin::create):
4068         * platform/win/DragDataWin.cpp:
4069         (WebCore::DragData::DragData):
4070         (WebCore::DragData::containsURL):
4071         (WebCore::DragData::dragDataMap):
4072         (WebCore::DragData::asURL):
4073         (WebCore::DragData::containsFiles):
4074         (WebCore::DragData::asFilenames):
4075         (WebCore::DragData::containsPlainText):
4076         (WebCore::DragData::asPlainText):
4077         (WebCore::DragData::canSmartReplace):
4078         (WebCore::DragData::containsCompatibleContent):
4079         (WebCore::DragData::asFragment):
4080
4081 2011-01-27  Mario Sanchez Prada  <msanchez@igalia.com>
4082
4083         Reviewed by Martin Robinson.
4084