7659d09594740799073bb8bd0ab19cc3ce11628a
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-19  Carlos Garcia Campos  <cgarcia@igalia.com>
2
3         Unreviewed. Fix GObject DOM bindings API break after r196769.
4
5         * html/HTMLTextAreaElement.idl:
6
7 2016-02-18  Gwang Yoon Hwang  <yoon@igalia.com>
8
9         [GTK] Limit the number of tiles according to the visible area
10         https://bugs.webkit.org/show_bug.cgi?id=126122
11
12         Reviewed by Carlos Garcia Campos.
13
14         TextureMapperTiledBackingStore creates tiles for whole layer bounds, which
15         means it creates the huge amount of textures if there is an excessively big
16         layer.  Not only it wastes the memory and the CPU time, it even can crash GPU
17         drivers.
18
19         This patch modifies TextureMapperTiledBackingStore to take into account the
20         visible area with a coverage multiplier when creating tiles.
21
22         * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
23         (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
24         Set a flag to recalculate the visible area of the layer when there are
25         geometric changes.
26         (WebCore::GraphicsLayerTextureMapper::setContentsToImage):
27         (WebCore::GraphicsLayerTextureMapper::flushCompositingStateForThisLayerOnly):
28         (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIncludingSubLayers):
29         (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded):
30         (WebCore::GraphicsLayerTextureMapper::markVisibleRectAsDirty):
31         (WebCore::GraphicsLayerTextureMapper::selfOrAncestorHasActiveTransformAnimation):
32         (WebCore::GraphicsLayerTextureMapper::computeTransformedVisibleRect):
33         Compute the inverse transform matrix to map a global visible are to
34         the local visible area.
35         (WebCore::clampToContentsRectIfRectIsInfinite):
36         (WebCore::GraphicsLayerTextureMapper::transformedVisibleRect):
37         * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
38         (WebCore::TextureMapperTiledBackingStore::paintToTextureMapper):
39         In HiDPI, the directly composited image is uploaded to the unscaled
40         texture to reduce memory usages. So we should apply device scale
41         factor to render it correctly.
42         (WebCore::TextureMapperTiledBackingStore::createOrDestroyTilesIfNeeded):
43         Create tiles which covered by visible rect with a coverage multiplier.
44
45 2016-02-18  Brent Fulgham  <bfulgham@apple.com>
46
47         Extend HashCountedSet with a method to efficiently set the count of an entry
48         https://bugs.webkit.org/show_bug.cgi?id=154352
49
50         Reviewed by Geoffrey Garen.
51
52         Tested by new TestWebKitAPI tests.
53
54         * loader/ResourceLoadStatistics.cpp:
55         (WebCore::decodeHashCountedSet): Update to use new HashCountedSet::add method.
56
57 2016-02-18  Commit Queue  <commit-queue@webkit.org>
58
59         Unreviewed, rolling out r196790.
60         https://bugs.webkit.org/show_bug.cgi?id=154439
61
62         made fast/events/wheelevent-basic-actual.txt fail in WK2
63         (Requested by alexchristensen on #webkit).
64
65         Reverted changeset:
66
67         "Wheel event callback removing the window causes crash in
68         WebCore."
69         https://bugs.webkit.org/show_bug.cgi?id=150871
70         http://trac.webkit.org/changeset/196790
71
72 2016-02-18  Commit Queue  <commit-queue@webkit.org>
73
74         Unreviewed, rolling out r196791.
75         https://bugs.webkit.org/show_bug.cgi?id=154438
76
77         broke windows build (Requested by alexchristensen on #webkit).
78
79         Reverted changeset:
80
81         "Extend HashCountedSet with a method to efficiently set the
82         count of an entry"
83         https://bugs.webkit.org/show_bug.cgi?id=154352
84         http://trac.webkit.org/changeset/196791
85
86 2016-02-18  Chris Dumez  <cdumez@apple.com>
87
88         window.history / window.navigator should not be replaceable
89         https://bugs.webkit.org/show_bug.cgi?id=154412
90
91         Reviewed by Ryosuke Niwa.
92
93         window.history / window.navigator should not be replaceable as per
94         the latest HTML specification:
95         https://html.spec.whatwg.org/multipage/browsers.html#the-window-object
96
97         Firefox and Chrome already match the specification. This patch aligns
98         our behavior.
99
100         No new tests, already covered by existing tests.
101
102         * page/DOMWindow.idl:
103
104 2016-02-18  Chris Dumez  <cdumez@apple.com>
105
106         HTMLTableHeaderCellElement.scope should only return known values
107         https://bugs.webkit.org/show_bug.cgi?id=154423
108         <rdar://problem/24731018>
109
110         Reviewed by Ryosuke Niwa.
111
112         HTMLTableHeaderCellElement.scope should only return known values as per:
113         - https://html.spec.whatwg.org/multipage/tables.html#dom-th-scope
114
115         Known values are document here:
116         - https://html.spec.whatwg.org/multipage/tables.html#attr-th-scope
117
118         No new tests, already covered by existing test.
119
120         * CMakeLists.txt:
121         * WebCore.vcxproj/WebCore.vcxproj:
122         * WebCore.vcxproj/WebCore.vcxproj.filters:
123         * WebCore.xcodeproj/project.pbxproj:
124         * html/HTMLElementsAllInOne.cpp:
125         * html/HTMLTableHeaderCellElement.cpp: Copied from Source/WebCore/html/HTMLTableHeaderCellElement.h.
126         (WebCore::HTMLTableHeaderCellElement::scope):
127         (WebCore::HTMLTableHeaderCellElement::setScope):
128         * html/HTMLTableHeaderCellElement.h:
129         * html/HTMLTableHeaderCellElement.idl:
130
131 2016-02-18  Brent Fulgham  <bfulgham@apple.com>
132
133         Extend HashCountedSet with a method to efficiently set the count of an entry
134         https://bugs.webkit.org/show_bug.cgi?id=154352
135
136         Reviewed by Geoffrey Garen.
137
138         Tested by new TestWebKitAPI tests.
139
140         * loader/ResourceLoadStatistics.cpp:
141         (WebCore::decodeHashCountedSet): Update to use new HashCountedSet::add method.
142
143 2016-02-18  Simon Fraser  <simon.fraser@apple.com>
144
145         Wheel event callback removing the window causes crash in WebCore.
146         https://bugs.webkit.org/show_bug.cgi?id=150871
147
148         Reviewed by Brent Fulgham.
149         
150         Null check the FrameView before using it, since the iframe may have been removed
151         from its parent document inside the event handler.
152
153         Test: fast/events/wheel-event-destroys-frame.html
154
155         * page/mac/EventHandlerMac.mm:
156         (WebCore::EventHandler::platformCompleteWheelEvent):
157
158 2016-02-18  Brady Eidson  <beidson@apple.com>
159
160         Modern IDB: Fix IDBGetResult encoder/decoder.
161         https://bugs.webkit.org/show_bug.cgi?id=154421
162
163         Reviewed by Alex Christensen.
164
165         No new tests, as Modern IDB is still disabled for WK2.
166         
167         But if you manually enable it, "Basic IndexedDB Seems To Work"
168
169         * Modules/indexeddb/IDBGetResult.h:
170         (WebCore::IDBGetResult::encode):
171         (WebCore::IDBGetResult::decode):
172
173 2016-02-18  Myles C. Maxfield  <mmaxfield@apple.com>
174
175         Addressing post-review comments after r196747.
176
177         Unreviewed.
178
179         * css/CSSFontFaceSet.h:
180         * css/FontFaceSet.cpp:
181         (WebCore::FontFaceSet::size):
182         (WebCore::FontFaceSet::clear):
183         * css/FontFaceSet.h:
184
185 2016-02-18  Zalan Bujtas  <zalan@apple.com>
186
187         Soft hyphen is not shown when it is placed at the end of an inline element
188         https://bugs.webkit.org/show_bug.cgi?id=153980
189
190         Reviewed by David Hyatt.
191
192         This patch handles the case when the character at the breaking position does not fit the
193         line and soft-hyphen, as the first breaking opportunity, is followed by this overflowing character.
194         (foo&shy;bar where b overflows the line).
195         In such cases we don't yet have an item in the breaking history so we need to take a look at
196         the current context instead.    
197
198         Test: fast/text/soft-hyphen-as-first-breaking-opportunity.html
199
200         * rendering/line/BreakingContext.h:
201         (WebCore::BreakingContext::InlineIteratorHistory::nextBreakablePosition):
202         (WebCore::BreakingContext::handleText):
203
204 2016-02-18  Andreas Kling  <akling@apple.com>
205
206         Fake memory pressure handler should log detailed memory breakdown.
207         <https://webkit.org/b/154415>
208
209         Reviewed by Antti Koivisto.
210
211         Piggyback on the RESOURCE_USAGE code to implement some detailed memory footprint diffing
212         and have the fake memory handler dump before/after/diff after it runs.
213
214         * page/ResourceUsageThread.h:
215         (WebCore::TagInfo::TagInfo):
216         * page/cocoa/ResourceUsageThreadCocoa.mm:
217         (WebCore::logFootprintComparison):
218         (WebCore::displayNameForVMTag):
219         (WebCore::pagesPerVMTag):
220         (WebCore::TagInfo::TagInfo): Deleted.
221         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
222         (WebCore::MemoryPressureHandler::install):
223
224 2016-02-18  Brady Eidson  <beidson@apple.com>
225
226         Modern IDB: Implement server->client operations in WK2.
227         https://bugs.webkit.org/show_bug.cgi?id=154411
228
229         Reviewed by Alex Christensen.
230
231         No change in behavior yet; Just laying the groundwork.
232     
233         * Modules/indexeddb/client/IDBConnectionToServer.h:
234         * Modules/indexeddb/server/IDBServer.h:
235         * Modules/indexeddb/shared/IDBTransactionInfo.h:
236         (WebCore::IDBTransactionInfo::encode):
237         (WebCore::IDBTransactionInfo::decode):
238
239 2016-02-18  Csaba Osztrogonác  <ossy@webkit.org>
240
241         Fix unused-const-variable warning on non Cocoa platforms
242         https://bugs.webkit.org/show_bug.cgi?id=154394
243
244         Reviewed by Michael Catanzaro.
245
246         * html/HTMLPlugInImageElement.cpp:
247
248 2016-02-18  Brady Eidson  <beidson@apple.com>
249
250         Modern IDB: Implement client->server operations in WK2.
251         https://bugs.webkit.org/show_bug.cgi?id=154400
252
253         Reviewed by Alex Christensen.
254
255         No change in behavior yet; Just laying the groundwork.
256
257         * Modules/indexeddb/server/IDBServer.h:
258         * Modules/indexeddb/server/UniqueIDBDatabase.h:
259         * Modules/indexeddb/shared/IDBIndexInfo.h:
260         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
261
262 2016-02-18  Chris Dumez  <cdumez@apple.com>
263
264         [Unforgeable] operations should not be writable as per Web IDL
265         https://bugs.webkit.org/show_bug.cgi?id=154396
266         <rdar://problem/24721063>
267
268         Reviewed by Ryosuke Niwa.
269
270         [Unforgeable] operations should not be writable as per the Web IDL specification:
271         http://heycam.github.io/webidl/#es-operations
272
273         They were currently non-configurable in WebKit but still writable.
274
275         No new tests, already covered by existing test.
276
277         * bindings/scripts/CodeGeneratorJS.pm:
278         Mark [Unforgeable] operations as ReadOnly.
279
280         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
281         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
282         * bindings/scripts/test/JS/JSTestObj.cpp:
283         * bindings/scripts/test/ObjC/DOMTestObj.h:
284         * bindings/scripts/test/ObjC/DOMTestObj.mm:
285         * bindings/scripts/test/TestObj.idl:
286         Add bindings test coverage for [Unforgeable].
287
288 2016-02-18  Chris Dumez  <cdumez@apple.com>
289
290         Fix behavior of reflecting unsigned long IDL attributes that are limited to only non-negative numbers greater than zero
291         https://bugs.webkit.org/show_bug.cgi?id=154398
292
293         Reviewed by Ryosuke Niwa.
294
295         Fix behavior of reflecting unsigned long IDL attributes that are limited
296         to only non-negative numbers greater than zero to comply with:
297         - https://html.spec.whatwg.org/#limited-to-only-non-negative-numbers-greater-than-zero
298
299         This patch updates the following IDL attributes:
300         - colgroup.span
301         - col.span
302         - input.size
303         - textarea.cols
304         - textareal.rows
305
306         All of them now:
307         - Have "unsigned long" type on IDL size and "unsigned" type on native
308           side.
309         - On getting, return the value if it is in the range [1; 2147483647],
310           otherwise return the default value.
311         - On setting, set to the input value if it is in the range
312           [1; 2147483647], otherwise, set to the default value.
313
314         Note that as per the specification, we are supposed to throw an
315         IndexSizeError exception when trying to set those attributes to zero.
316         However, we instead use the default value to match other browsers.
317         It would be risky to be the only browser to throw in this case.
318
319         No new tests, already covered by existing test.
320
321         * html/HTMLInputElement.cpp:
322         (WebCore::HTMLInputElement::parseAttribute):
323         (WebCore::HTMLInputElement::setSize):
324         * html/HTMLTableColElement.cpp:
325         (WebCore::HTMLTableColElement::parseAttribute):
326         (WebCore::HTMLTableColElement::setSpan):
327         * html/HTMLTableColElement.h:
328         * html/HTMLTableColElement.idl:
329         * html/HTMLTextAreaElement.cpp:
330         (WebCore::HTMLTextAreaElement::parseAttribute):
331         (WebCore::HTMLTextAreaElement::setCols):
332         (WebCore::HTMLTextAreaElement::setRows):
333         (WebCore::HTMLTextAreaElement::shouldUseInputMethod): Deleted.
334         * html/HTMLTextAreaElement.h:
335         * html/HTMLTextAreaElement.idl:
336         * html/parser/HTMLParserIdioms.h:
337         (WebCore::limitToOnlyNonNegativeNumbersGreaterThanZero):
338
339 2016-02-18  David Kilzer  <ddkilzer@apple.com>
340
341         Remove redundant ASSERT_WITH_MESSAGE_UNUSED() from SOFT_LINK_FRAMEWORK_FOR_SOURCE() macro
342
343         Follow-up fix noted by Andy Estes for:
344
345             [Cocoa] Always check the return value of dlopen() and dlsym() in Release builds
346             <http://webkit.org/b/154364>
347
348         * platform/mac/SoftLinking.h:
349         (SOFT_LINK_FRAMEWORK_FOR_SOURCE): Remove redundant
350         ASSERT_WITH_MESSAGE_UNUSED().
351
352 2016-02-18  Andreas Kling  <akling@apple.com>
353
354         Reduce tiling coverage immediately when memory pressure hits.
355         <https://webkit.org/b/154374>
356
357         Reviewed by Simon Fraser.
358
359         We already had a policy that reduced tiling coverage to a minimum while the system
360         is under memory pressure. However, that policy wouldn't kick in immediately after
361         receiving the pressure notification, but the next time we flush compositing state.
362
363         This change makes it happen sooner, improving our chances to escape death!
364
365         * page/Page.h:
366         * page/Page.cpp:
367         (WebCore::Page::forEachPage):
368
369             Add a little helper for visiting every Page.
370
371         * platform/MemoryPressureHandler.cpp:
372         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
373
374             When under critical memory pressure, schedule a compositing flush in all Pages.
375             This ensures that the reduced tiling coverage policy takes effect, allowing us to
376             immediately drop several tiles in each visible web view.
377
378         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
379         (WebCore::MemoryPressureHandler::install):
380
381             To ensure that this behavior is testable with the fake memory pressure notification,
382             make the fake handler set the "in memory pressure" state just like the real one would.
383             I don't know why we were not doing this previously, it was just an oversight.
384             After the simulation completes, it schedules a runloop callback that resets the
385             "in memory pressure" state.
386
387 2016-02-17  Myles C. Maxfield  <mmaxfield@apple.com>
388
389         [Font Loading] Implement FontFaceSet
390         https://bugs.webkit.org/show_bug.cgi?id=153348
391
392         Reviewed by Simon Fraser.
393
394         The CSS Font Loading spec includes a FontFaceSet object which represents
395         a collection of FontFaces. This patch implements such an object, and
396         backs it with a vector of FontFaces. Similarly to the FontFace object,
397         FontFaceSet is separated into a FontFaceSet frontend object and a
398         CSSFontFaceSet backend object, which actually owns the FontFace objects.
399         All the interaction with Promises is performed in the frontend object.
400
401         This patch does not implement the EventTarget part of the FontFaceSet
402         API, so the only way to know when a font is finished loading is by using
403         the associated Promise objects.
404
405         The CSS Font Loading spec describes how the Document should vend an
406         instance of FontFaceSet which represents the font faces currently
407         associated with the Document. However, that functionality is
408         forthcoming. Currently, the only way to get a FontFaceSet is to create
409         one yourself (using the constructor). Therefore, this patch does not
410         implement the spec's notion of a "CSS-connected font face."
411
412         Test: fast/text/font-face-set-javascript.html
413
414         * CMakeLists.txt: Add new files.
415         * DerivedSources.make: Ditto.
416         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
417         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
418         * WebCore.xcodeproj/project.pbxproj: Ditto.
419         * bindings/js/JSFontFaceSetCustom.cpp: Added.
420         (WebCore::JSFontFaceSet::ready): Use the Promise member.
421         (WebCore::JSFontFaceSet::entries): Use existing iterator code.
422         (WebCore::JSFontFaceSet::keys):
423         (WebCore::JSFontFaceSet::values):
424         * css/CSSAllInOne.cpp: Add new files.
425         * css/CSSFontFace.cpp: We now have a collection of clients (instead of
426         just one). Also, we need to keep a pointer to our FontFace wrapper.
427         (WebCore::CSSFontFace::CSSFontFace):
428         (WebCore::CSSFontFace::addClient):
429         (WebCore::CSSFontFace::removeClient):
430         (WebCore::CSSFontFace::setStatus): Rename the delegate callback to be
431         more clear.
432         (WebCore::CSSFontFace::fontLoaded):
433         (WebCore::CSSFontFace::addedToSegmentedFontFace): Deleted.
434         (WebCore::CSSFontFace::removedFromSegmentedFontFace): Deleted.
435         * css/CSSFontFace.h: Same as above.
436         (WebCore::CSSFontFace::create):
437         (WebCore::CSSFontFace::Client::~Client):
438         (WebCore::CSSFontFace::Client::kick):
439         (WebCore::CSSFontFace::Client::stateChanged):
440         (WebCore::CSSFontFace::wrapper):
441         (WebCore::CSSFontFaceClient::~CSSFontFaceClient): Deleted.
442         * css/CSSFontFaceSet.cpp: Added. Initial imlementation.
443         (WebCore::CSSFontFaceSet::CSSFontFaceSet):
444         (WebCore::CSSFontFaceSet::~CSSFontFaceSet):
445         (WebCore::CSSFontFaceSet::incrementActiveCount):
446         (WebCore::CSSFontFaceSet::decrementActiveCount):
447         (WebCore::CSSFontFaceSet::has):
448         (WebCore::CSSFontFaceSet::add):
449         (WebCore::CSSFontFaceSet::remove):
450         (WebCore::extractFamilies):
451         (WebCore::familiesIntersect): Because this is an initial imlementation,
452         this function is not optimized. A subsequent patch (which implements
453         Document.fonts) will optimize this.
454         (WebCore::CSSFontFaceSet::matchingFaces):
455         (WebCore::CSSFontFaceSet::load):
456         (WebCore::CSSFontFaceSet::check):
457         (WebCore::CSSFontFaceSet::stateChanged):
458         * css/CSSFontFaceSet.h: Added.
459         (WebCore::CSSFontFaceSetClient::~CSSFontFaceSetClient):
460         (WebCore::CSSFontFaceSet::size):
461         (WebCore::CSSFontFaceSet::operator[]):
462         (WebCore::CSSFontFaceSet::status):
463         * css/CSSFontSelector.cpp:
464         (WebCore::CSSFontSelector::familyNameFromPrimitive):
465         (WebCore::CSSFontSelector::registerLocalFontFacesForFamily):
466         (WebCore::CSSFontSelector::addFontFaceRule):
467         (WebCore::familyNameFromPrimitive): Deleted.
468         (WebCore::CSSFontSelector::kick): Deleted.
469         * css/CSSFontSelector.h:
470         * css/CSSSegmentedFontFace.cpp:
471         (WebCore::CSSSegmentedFontFace::~CSSSegmentedFontFace):
472         (WebCore::CSSSegmentedFontFace::appendFontFace):
473         (WebCore::CSSSegmentedFontFace::kick):
474         (WebCore::CSSSegmentedFontFace::fontLoaded): Deleted.
475         * css/CSSSegmentedFontFace.h:
476         * css/FontFace.cpp:
477         (WebCore::FontFace::FontFace):
478         (WebCore::FontFace::~FontFace):
479         (WebCore::FontFace::stateChanged): Renamed to make its purpose clearer.
480         (WebCore::FontFace::kick): Deleted.
481         * css/FontFace.h:
482         * css/FontFaceSet.cpp: Added.
483         (WebCore::createPromise):
484         (WebCore::FontFaceSet::FontFaceSet):
485         (WebCore::FontFaceSet::~FontFaceSet):
486         (WebCore::FontFaceSet::Iterator::Iterator):
487         (WebCore::FontFaceSet::Iterator::next):
488         (WebCore::FontFaceSet::PendingPromise::PendingPromise):
489         (WebCore::FontFaceSet::PendingPromise::~PendingPromise):
490         (WebCore::FontFaceSet::has):
491         (WebCore::FontFaceSet::size):
492         (WebCore::FontFaceSet::add):
493         (WebCore::FontFaceSet::remove):
494         (WebCore::FontFaceSet::clear):
495         (WebCore::FontFaceSet::load): Most of the complexity of loading is
496         due to the promises involved. Rather than use the Javascript function
497         Promise.all(), this patch builds a data structure to represent the
498         promises which need to be resolved. When fonts finish loading, we look
499         at the data structure to determine which promises to resolve.
500         (WebCore::FontFaceSet::check):
501         (WebCore::FontFaceSet::status):
502         (WebCore::FontFaceSet::canSuspendForDocumentSuspension):
503         (WebCore::FontFaceSet::startedLoading):
504         (WebCore::FontFaceSet::completedLoading):
505         (WebCore::FontFaceSet::fulfillPromise): Keep the promise alive.
506         (WebCore::FontFaceSet::faceFinished):
507         * css/FontFaceSet.h: Added.
508         (WebCore::FontFaceSet::create):
509         (WebCore::FontFaceSet::load):
510         (WebCore::FontFaceSet::check):
511         (WebCore::FontFaceSet::createIterator):
512         (WebCore::FontFaceSet::PendingPromise::create):
513         * css/FontFaceSet.idl: Added.
514         * dom/EventNames.h:
515         * dom/EventTargetFactory.in:
516
517 2016-02-17  Mark Lam  <mark.lam@apple.com>
518
519         Callers of JSString::value() should check for exceptions thereafter.
520         https://bugs.webkit.org/show_bug.cgi?id=154346
521
522         Reviewed by Geoffrey Garen.
523
524         No new tests.  The crash that results from this issue is dependent on a race
525         condition where an OutOfMemory error occurs precisely at the point where the
526         JSString::value() function is called on a rope JSString.
527
528         * bindings/js/JSHTMLAllCollectionCustom.cpp:
529         (WebCore::callHTMLAllCollection):
530         * bindings/js/JSStorageCustom.cpp:
531         (WebCore::JSStorage::putDelegate):
532         - Added a comment at the site of the exception check to clarify the meaning of
533           the return value.
534
535 2016-02-17  David Kilzer  <ddkilzer@apple.com>
536
537         [Cocoa] Always check the return value of dlopen() and dlsym() in Release builds
538         <http://webkit.org/b/154364>
539
540         Reviewed by Alexey Proskuryakov.
541
542         * platform/mac/SoftLinking.h:
543         (SOFT_LINK_LIBRARY): Change ASSERT_WITH_MESSAGE() to
544         RELEASE_ASSERT_WITH_MESSAGE().
545         (SOFT_LINK_FRAMEWORK): Ditto.
546         (SOFT_LINK_PRIVATE_FRAMEWORK): Ditto.
547         (SOFT_LINK_STAGED_FRAMEWORK): Ditto.
548         (SOFT_LINK_FRAMEWORK_IN_UMBRELLA): Ditto.
549         (SOFT_LINK): Ditto.
550         (SOFT_LINK_POINTER): Ditto.
551         (SOFT_LINK_CONSTANT): Ditto.
552         (SOFT_LINK_FRAMEWORK_FOR_SOURCE): Add
553         RELEASE_ASSERT_WITH_MESSAGE() when soft-link is not
554         optional.
555
556 2016-02-17  Chris Dumez  <cdumez@apple.com>
557
558         Regression(r196648): http://w3c-test.org/html/dom/interfaces.html redirects at the end of the test
559         https://bugs.webkit.org/show_bug.cgi?id=154357
560
561         Reviewed by Alexey Proskuryakov.
562
563         Make location.assign() / location.replace()'s parameter mandatory,
564         as per the specification:
565         https://html.spec.whatwg.org/multipage/browsers.html#the-location-interface
566
567         Previously, calling location.assign() / location.replace() without
568         parameter would be identical to calling location.assign("undefined") /
569         location.replace("undefined"), which is not useful.
570
571         After r196648, http://w3c-test.org/html/dom/interfaces.html was able to
572         test location.assign() / location.replace() further because they are now
573         on the instance (where they should be) instead of the prototype. One of
574         these tests calls these functions without parameter, expecting them to
575         throw an exception. However, in WebKit, it would not throw and it would
576         redirect us to http://w3c-test.org/html/dom/undefined.
577
578         Firefox and Chrome both follow the specification already and throw in
579         this case.
580
581         No new tests, already covered by existing test.
582
583         * page/Location.idl:
584         Make location.assign() / location.replace()'s parameter mandatory,
585         as per the specification.
586
587 2016-02-17  Commit Queue  <commit-queue@webkit.org>
588
589         Unreviewed, rolling out r196738.
590         https://bugs.webkit.org/show_bug.cgi?id=154380
591
592         broke css3/calc/transforms-translate.html (Requested by
593         alexchristensen on #webkit).
594
595         Reverted changeset:
596
597         "WebKitCSSMatrix transformList with calculated relative length
598         crashes Safari."
599         https://bugs.webkit.org/show_bug.cgi?id=153333
600         http://trac.webkit.org/changeset/196738
601
602 2016-02-17  Dean Jackson  <dino@apple.com>
603
604         WebKitCSSMatrix transformList with calculated relative length crashes Safari.
605         https://bugs.webkit.org/show_bug.cgi?id=153333
606         <rdar://problem/17198383>
607
608         Reviewed by Simon Fraser.
609
610         WebKitCSSMatrix objects should fail to construct when not
611         using absolute lengths.
612
613         Updated existing tests:
614         - transforms/cssmatrix-2d-interface.xhtml
615         - transforms/cssmatrix-3d-interface.xhtml
616
617         * css/StyleBuilderConverter.h:
618         (WebCore::StyleBuilderConverter::convertTransform): Tell transformsForValue
619         that we don't require absolute lengths.
620         * css/TransformFunctions.cpp:
621         (WebCore::convertToFloatLength): Add an optional parameter that will
622         cause the conversion to fail if the primitive value has a non-absolute
623         length.
624         (WebCore::transformsForValue): Pass the parameter for requiring an
625         absolute length on to convertToFloatLength when necessary.
626         * css/TransformFunctions.h:
627         * css/WebKitCSSMatrix.cpp:
628         (WebCore::WebKitCSSMatrix::setMatrixValue): In this case we do
629         require all transform strings to have absolute lengths, not ones
630         that depend on the font size or are calculated.
631
632 2016-02-17  Commit Queue  <commit-queue@webkit.org>
633
634         Unreviewed, rolling out r196712.
635         https://bugs.webkit.org/show_bug.cgi?id=154371
636
637         This change caused 5 API test failures on ios-simulator
638         (Requested by ryanhaddad on #webkit).
639
640         Reverted changeset:
641
642         "[iOS] Purge GraphicsServices font cache on memory warning."
643         https://bugs.webkit.org/show_bug.cgi?id=154343
644         http://trac.webkit.org/changeset/196712
645
646 2016-02-17  Brady Eidson  <beidson@apple.com>
647
648         Modern IDB: More Encoder/Decoder/Messaging scaffolding for WK2 IPC.
649         https://bugs.webkit.org/show_bug.cgi?id=154356
650
651         Reviewed by Alex Christensen.
652
653         No change in behavior yet; Just laying the groundwork.
654
655         * Modules/indexeddb/shared/IDBDatabaseInfo.h:
656         (WebCore::IDBDatabaseInfo::encode):
657         (WebCore::IDBDatabaseInfo::decode):
658
659         * Modules/indexeddb/shared/IDBError.h:
660         (WebCore::IDBError::encode):
661         (WebCore::IDBError::decode):
662
663         * Modules/indexeddb/shared/IDBRequestData.h:
664         (WebCore::IDBRequestData::decode):
665
666         * Modules/indexeddb/shared/IDBResultData.h:
667         (WebCore::IDBResultData::encode):
668         (WebCore::IDBResultData::decode):
669
670 2016-02-17  Saam barati  <sbarati@apple.com>
671
672         Implement Proxy [[Get]]
673         https://bugs.webkit.org/show_bug.cgi?id=154081
674
675         Reviewed by Michael Saboff.
676
677         Tests are in JavaScriptCore.
678
679         * bindings/js/JSCryptoAlgorithmDictionary.cpp:
680         (WebCore::getProperty):
681         (WebCore::getHashAlgorithm):
682         * bindings/js/JSCryptoKeySerializationJWK.cpp:
683         (WebCore::getJSArrayFromJSON):
684         (WebCore::getStringFromJSON):
685         (WebCore::getBooleanFromJSON):
686         * bindings/js/JSDOMWindowCustom.cpp:
687         (WebCore::DialogHandler::returnValue):
688         * bindings/js/JSDictionary.cpp:
689         (WebCore::JSDictionary::tryGetProperty):
690         * bindings/js/JSStorageCustom.cpp:
691         (WebCore::JSStorage::deleteProperty):
692         (WebCore::JSStorage::deletePropertyByIndex):
693         (WebCore::JSStorage::putDelegate):
694         * bindings/js/SerializedScriptValue.cpp:
695         (WebCore::CloneSerializer::getProperty):
696         * testing/Internals.cpp:
697         (WebCore::Internals::isReadableStreamDisturbed):
698
699 2016-02-17  Simon Fraser  <simon.fraser@apple.com>
700
701         PDFPlugin's scrollableArea container is not properly unregistered when page is going into the PageCache
702         https://bugs.webkit.org/show_bug.cgi?id=148182
703
704         Reviewed by Brent Fulgham.
705
706         When handling Command-arrow key while showing a scrollable PDF, the timing of PDFPlugin
707         teardown and navigation could result in PDFPlugin::destroy() getting the wrong FrameView,
708         so the old FrameView was left with a stale pointer in its scrollableAreaSet.
709
710         Fix this by adding an explicit willDetatchRenderer() which is called on the plugin
711         before the Frame gets a new FrameView.
712
713         Also narrow the scope of the RefPtr<Widget> in HTMLPlugInElement::defaultEventHandler()
714         so that the Widget is not kept alive over a possible navigation.
715
716         I was unable to make an automated test, because reproducing the bug requires handling
717         a Command-arrow key event in a way that the last ref to a Widget is held over the event
718         handling, and this wasn't possible in an iframe.
719
720         * html/HTMLPlugInElement.cpp:
721         (WebCore::HTMLPlugInElement::defaultEventHandler):
722         * html/HTMLPlugInImageElement.cpp:
723         (WebCore::HTMLPlugInImageElement::willDetachRenderers):
724         * plugins/PluginViewBase.h:
725         (WebCore::PluginViewBase::willDetatchRenderer):
726         * style/StyleTreeResolver.cpp:
727         (WebCore::Style::detachRenderTree): Drive-by nullptr.
728
729 2016-02-17  Brady Eidson  <beidson@apple.com>
730
731         Modern IDB: Encoder/Decoder/Messaging scaffolding for WK2 IPC.
732         https://bugs.webkit.org/show_bug.cgi?id=154351
733
734         Reviewed by Alex Christensen.
735
736         No change in behavior yet; Just laying the groundwork.
737
738         * Modules/indexeddb/IDBDatabaseIdentifier.h:
739         (WebCore::IDBDatabaseIdentifier::encode):
740         (WebCore::IDBDatabaseIdentifier::decode):
741         
742         * Modules/indexeddb/shared/IDBCursorInfo.h:
743         (WebCore::IDBCursorInfo::encode):
744         (WebCore::IDBCursorInfo::decode):
745         
746         * Modules/indexeddb/shared/IDBIndexInfo.h:
747         (WebCore::IDBIndexInfo::encode):
748         (WebCore::IDBIndexInfo::decode):
749         
750         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
751         (WebCore::IDBObjectStoreInfo::encode):
752         (WebCore::IDBObjectStoreInfo::decode):
753         
754         * Modules/indexeddb/shared/IDBRequestData.h:
755         (WebCore::IDBRequestData::encode):
756         (WebCore::IDBRequestData::decode):
757         
758         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
759         (WebCore::IDBResourceIdentifier::encode):
760         (WebCore::IDBResourceIdentifier::decode):
761         
762         * Modules/indexeddb/shared/IDBTransactionInfo.h:
763         (WebCore::IDBTransactionInfo::encode):
764         (WebCore::IDBTransactionInfo::decode):
765
766 2016-02-17  Andreas Kling  <akling@apple.com>
767
768         [iOS] Purge GraphicsServices font cache on memory warning.
769         <https://webkit.org/b/154343>
770
771         Reviewed by Antti Koivisto.
772
773         The GS font cache was holding on to the last retain on CSS fonts after they stop being used.
774         Call SPI to purge it on memory pressure.
775
776         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
777         (WebCore::MemoryPressureHandler::platformReleaseMemory):
778         * platform/spi/ios/GraphicsServicesSPI.h:
779
780 2016-02-17  Chris Dumez  <cdumez@apple.com>
781
782         Regression(r196648): window.showModalDialog is no longer undefined if the client does not allow showing modal dialog
783         https://bugs.webkit.org/show_bug.cgi?id=154330
784
785         Reviewed by Gavin Barraclough.
786
787         window.showModalDialog is no longer undefined if the client does not
788         allow showing modal dialog after r196648. This patch fixes the issue
789         and add test coverage for this.
790
791         Test: fast/dom/Window/forbid-showModalDialog.html
792
793         * bindings/js/JSDOMWindowCustom.cpp:
794         (WebCore::JSDOMWindow::getOwnPropertySlot):
795         - Move the DOMWindow::canShowModalDialog() check *before* checking
796           for static properties as showModalDialog is now in the static
797           property table after r196648.
798         - Add check for Base::getOwnPropertySlot() first to support overriding
799           window.showModalDialog (This behavior matches Firefox).
800         - Return false if DOMWindow::canShowModalDialog() returns false as this
801           seems cleaner than claiming that the property is there but undefined.
802
803         * page/DOMWindow.cpp:
804         (WebCore::DOMWindow::canShowModalDialogNow): Deleted.
805         This was indentical to canShowModalDialog().
806
807         (WebCore::DOMWindow::canShowModalDialog):
808         (WebCore::DOMWindow::setCanShowModalDialogOverride):
809         (WebCore::DOMWindow::showModalDialog):
810         * page/DOMWindow.h:
811         * testing/Internals.cpp:
812         (WebCore::Internals::setCanShowModalDialogOverride):
813         * testing/Internals.h:
814         * testing/Internals.idl:
815         Add support for overriding the ChromeClient's canShowModalDialog
816         decision and hook it up to Internals to add layout test coverage.
817
818 2016-02-17  Brady Eidson  <beidson@apple.com>
819
820         Modern IDB: More WK2 IPC Scaffolding.
821         https://bugs.webkit.org/show_bug.cgi?id=154317
822
823         Reviewed by Alex Christensen.
824
825         No change in behavior yet; Just laying the groundwork.
826
827         * Modules/indexeddb/shared/IDBCursorInfo.cpp:
828         (WebCore::IDBCursorInfo::IDBCursorInfo):
829         * Modules/indexeddb/shared/IDBCursorInfo.h:
830         (WebCore::IDBCursorInfo::decode):
831         * Modules/indexeddb/shared/IDBError.h:
832         (WebCore::IDBError::decode):
833         * Modules/indexeddb/shared/IDBIndexInfo.h:
834         (WebCore::IDBIndexInfo::decode):
835         * Modules/indexeddb/shared/IDBObjectStoreInfo.h:
836         (WebCore::IDBObjectStoreInfo::decode):
837         * Modules/indexeddb/shared/IDBRequestData.cpp:
838         (WebCore::IDBRequestData::IDBRequestData):
839         * Modules/indexeddb/shared/IDBRequestData.h:
840         (WebCore::IDBRequestData::decode):
841         * Modules/indexeddb/shared/IDBResourceIdentifier.cpp:
842         (WebCore::IDBResourceIdentifier::IDBResourceIdentifier):
843         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
844         (WebCore::IDBResourceIdentifier::decode):
845         * Modules/indexeddb/shared/IDBResultData.cpp:
846         (WebCore::IDBResultData::IDBResultData):
847         * Modules/indexeddb/shared/IDBResultData.h:
848         (WebCore::IDBResultData::decode):
849         * Modules/indexeddb/shared/IDBTransactionInfo.cpp:
850         (WebCore::IDBTransactionInfo::IDBTransactionInfo):
851         * Modules/indexeddb/shared/IDBTransactionInfo.h:
852         (WebCore::IDBTransactionInfo::decode):
853         * WebCore.xcodeproj/project.pbxproj:
854
855 2016-02-17  Eric Carlson  <eric.carlson@apple.com>
856
857         [Win] Allow ports to disable automatic text track selection
858         https://bugs.webkit.org/show_bug.cgi?id=154322
859         <rdar://problem/24623986>
860
861         Reviewed by Brent Fulgham.
862
863         * page/CaptionUserPreferencesMediaAF.cpp:
864         (MTEnableCaption2015BehaviorPtr): Implement for Windows.
865
866 2016-02-17  Gavin Barraclough  <barraclough@apple.com>
867
868         JSDOMWindow::put should not do the same thing twice
869         https://bugs.webkit.org/show_bug.cgi?id=154334
870
871         Reviewed by Chris Dumez.
872
873         It either calls JSGlobalObject::put or Base::put. Hint: these are basically the same thing.
874         In the latter case it might call lookupPut. That's redundant; JSObject::put handles static
875         table entries.
876
877         * bindings/js/JSDOMWindowCustom.cpp:
878         (WebCore::JSDOMWindow::put):
879             - just call Base::put.
880         (WebCore::JSDOMWindow::putByIndex):
881             - just call Base::putByIndex.
882
883 2016-02-17  Nan Wang  <n_wang@apple.com>
884
885         AX: Implement sentence related text marker functions using TextIterator
886         https://bugs.webkit.org/show_bug.cgi?id=154312
887
888         Reviewed by Chris Fleizach.
889
890         Using CharacterOffset to implement sentence related text marker calls. Reused
891         logic from VisibleUnits class. Also fixed an issue where paragraph navigation
892         should skip preceding and following BR nodes.
893
894         Test: accessibility/mac/text-marker-sentence-nav.html
895
896         * accessibility/AXObjectCache.cpp:
897         (WebCore::resetNodeAndOffsetForReplacedNode):
898         (WebCore::setRangeStartOrEndWithCharacterOffset):
899         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
900         (WebCore::AXObjectCache::previousCharacterOffset):
901         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
902         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
903         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
904         (WebCore::AXObjectCache::leftWordRange):
905         (WebCore::AXObjectCache::rightWordRange):
906         (WebCore::AXObjectCache::characterBefore):
907         (WebCore::characterOffsetNodeIsBR):
908         (WebCore::parentEditingBoundary):
909         (WebCore::AXObjectCache::nextBoundary):
910         (WebCore::AXObjectCache::previousBoundary):
911         (WebCore::AXObjectCache::paragraphForCharacterOffset):
912         (WebCore::AXObjectCache::nextParagraphEndCharacterOffset):
913         (WebCore::AXObjectCache::previousParagraphStartCharacterOffset):
914         (WebCore::AXObjectCache::startCharacterOffsetOfSentence):
915         (WebCore::AXObjectCache::endCharacterOffsetOfSentence):
916         (WebCore::AXObjectCache::sentenceForCharacterOffset):
917         (WebCore::AXObjectCache::nextSentenceEndCharacterOffset):
918         (WebCore::AXObjectCache::previousSentenceStartCharacterOffset):
919         (WebCore::AXObjectCache::rootAXEditableElement):
920         (WebCore::startWordBoundary): Deleted.
921         (WebCore::endWordBoundary): Deleted.
922         (WebCore::AXObjectCache::nextWordBoundary): Deleted.
923         (WebCore::AXObjectCache::previousWordBoundary): Deleted.
924         * accessibility/AXObjectCache.h:
925         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
926         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
927         * editing/VisibleUnits.cpp:
928         (WebCore::startWordBoundary):
929         (WebCore::startOfWord):
930         (WebCore::endWordBoundary):
931         (WebCore::startSentenceBoundary):
932         (WebCore::startOfSentence):
933         (WebCore::endSentenceBoundary):
934         * editing/VisibleUnits.h:
935
936 2016-02-17  Manuel Rego Casasnovas  <rego@igalia.com>
937
938         [css-grid] GridSpan refactoring
939         https://bugs.webkit.org/show_bug.cgi?id=153868
940
941         Reviewed by Sergio Villar Senin.
942
943         Add new enum to know if a GridSpan is definite or indefinite.
944         That way we don't need GridUnresolvedSpan class (which is removed).
945         We can always have two GridSpans in GridCoordinate,
946         if the position is "auto" the GridSpan will be marked as indefinite.
947         This will allow in a follow-up patch to avoid repeated calls
948         to methods that resolve positions.
949
950         Most operations in GridSpan are restricted to definite GridSpans (access
951         to positions, iterator, etc.). For indefinite GridSpans we only need to
952         know that they're indefinite, we shouldn't use the rest of the data.
953
954         No new tests, no change of behavior.
955
956         * css/CSSGridTemplateAreasValue.cpp:
957         (WebCore::stringForPosition):
958         * css/CSSParser.cpp:
959         (WebCore::CSSParser::parseGridTemplateAreasRow):
960         * css/StyleBuilderConverter.h:
961         (WebCore::StyleBuilderConverter::createImplicitNamedGridLinesFromGridArea):
962         * rendering/RenderGrid.cpp:
963         (WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
964         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
965         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
966         (WebCore::RenderGrid::insertItemIntoGrid):
967         (WebCore::RenderGrid::placeItemsOnGrid):
968         (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
969         (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
970         (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
971         (WebCore::RenderGrid::offsetAndBreadthForPositionedChild):
972         (WebCore::RenderGrid::gridAreaBreadthForChildIncludingAlignmentOffsets):
973         (WebCore::RenderGrid::columnAxisOffsetForChild):
974         (WebCore::RenderGrid::rowAxisOffsetForChild):
975         (WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Deleted.
976         (WebCore::RenderGrid::autoPlacementMinorAxisDirection): Deleted.
977         (WebCore::RenderGrid::populateGridPositions): Deleted.
978         * rendering/style/GridCoordinate.h:
979         (WebCore::GridSpan::definiteGridSpan):
980         (WebCore::GridSpan::indefiniteGridSpan):
981         (WebCore::GridSpan::operator==):
982         (WebCore::GridSpan::integerSpan):
983         (WebCore::GridSpan::resolvedInitialPosition):
984         (WebCore::GridSpan::resolvedFinalPosition):
985         (WebCore::GridSpan::begin):
986         (WebCore::GridSpan::end):
987         (WebCore::GridSpan::isDefinite):
988         (WebCore::GridSpan::GridSpan):
989         (WebCore::GridCoordinate::GridCoordinate):
990         * rendering/style/GridResolvedPosition.cpp:
991         (WebCore::initialPositionSide):
992         (WebCore::finalPositionSide):
993         (WebCore::adjustGridPositionsFromStyle):
994         (WebCore::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition):
995         (WebCore::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
996         (WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
997         (WebCore::resolveGridPositionAgainstOppositePosition):
998         (WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):
999         (WebCore::GridResolvedPosition::resolveGridPositionsFromStyle):
1000         (WebCore::implicitNamedGridLineForSide): Deleted.
1001         (WebCore::GridResolvedPosition::isNonExistentNamedLineOrArea): Deleted.
1002         (WebCore::resolveNamedGridLinePositionFromStyle): Deleted.
1003         (WebCore::resolveGridPositionFromStyle): Deleted.
1004         * rendering/style/GridResolvedPosition.h:
1005         (WebCore::GridResolvedPosition::GridResolvedPosition): Deleted.
1006         (WebCore::GridResolvedPosition::operator*): Deleted.
1007         (WebCore::GridResolvedPosition::operator++): Deleted.
1008         (WebCore::GridResolvedPosition::operator==): Deleted.
1009
1010 2016-02-17  Chris Dumez  <cdumez@apple.com>
1011
1012         Window should have its 'constructor' property on the prototype
1013         https://bugs.webkit.org/show_bug.cgi?id=154037
1014         <rdar://problem/24689078>
1015
1016         Reviewed by Gavin Barraclough.
1017
1018         Window should have its 'constructor' property on the prototype as per
1019         the Web IDL specification:
1020         http://heycam.github.io/webidl/#interface-prototype-object
1021
1022         Firefox and Chrome already match the specification.
1023
1024         No new tests, covered by:
1025         - fast/dom/Window/window-constructor-settable.html
1026         - fast/dom/Window/window-constructor.html
1027         - http/tests/security/cross-origin-window-property-access.html
1028         - imported/w3c/web-platform-tests/html/dom/interfaces.html
1029
1030         * bindings/scripts/CodeGeneratorJS.pm:
1031         (ConstructorShouldBeOnInstance): Deleted.
1032         Drop this routine as all constructors are now on the prototype.
1033
1034         (InstancePropertyCount):
1035         Do not account for constructor properties as these can only be
1036         on the prototype now.
1037
1038         (PrototypePropertyCount):
1039         Increment the property count by 1 if the interface has a constructor
1040         property (e.g. [NoInterfaceObject] interfaces do not have one).
1041
1042         (GeneratePropertiesHashTable):
1043         Stop calling ConstructorShouldBeOnInstance() as it no longer exists.
1044         Always generated the "constructor" property if:
1045         1. We are generating the prototype hash table.
1046         and
1047         2. The interface needs a constructor (i.e. not marked as
1048            [NoInterfaceObject]).
1049
1050         (GenerateImplementation):
1051         - Drop code handling the case where ConstructorShouldBeOnInstance()
1052           returns true as constructors are not always on the prototype and
1053           the ConstructorShouldBeOnInstance() routine has been dropped.
1054         - Drop code handling [CustomProxyToJSObject]. Now that the constructor
1055           is always on the prototype, we never need to cast thisValue to a
1056           JSDOMWindow (by calling toJSDOMWindow). In the Window case, thisValue
1057           is now casted to a JSDOMWindowPrototype*, similarly to other interfaces
1058           so we don't need a special casting function anymore.
1059         - Stop generating security checks. This only impacts Window as it is the
1060           only interface marked as [CheckSecurity]. The cross-origin checking code
1061           as it was would not work when "constructor" is on the prototype because
1062           thisValue is a JSDOMWindowPrototype, not a JSDOMWindow and we have no
1063           way of getting the wrapped window. Also, the security check is no longer
1064           needed because:
1065           1. Accessing crossOriginWindow.constructor will not work now that
1066              constructor is on the prototype because
1067              JSDOMWindow::getOwnPropertySlot() already prevents access to the
1068              prototype in the cross-origin case.
1069           2. "constructor" is a value property, not a getter/setter. Therefore,
1070              it is no possible to use the getter/setter from a same origin window
1071              instance and call it on a cross origin window.
1072
1073 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1074
1075         Add a way to test ScrollAnimator
1076         https://bugs.webkit.org/show_bug.cgi?id=153479
1077
1078         Reviewed by Michael Catanzaro.
1079
1080         Tests: fast/scrolling/overlay-scrollbars-scroll-corner.html
1081                fast/scrolling/scroll-animator-basic-events.html
1082                fast/scrolling/scroll-animator-overlay-scrollbars-hovered.html
1083                fast/scrolling/scroll-animator-select-list-events.html
1084
1085         * CMakeLists.txt:
1086         * WebCore.xcodeproj/project.pbxproj:
1087         * page/FrameView.cpp:
1088         (WebCore::FrameView::usesMockScrollAnimator):
1089         (WebCore::FrameView::logMockScrollAnimatorMessage):
1090         * page/FrameView.h:
1091         * page/Settings.cpp:
1092         (WebCore::Settings::setUsesMockScrollAnimator):
1093         (WebCore::Settings::usesMockScrollAnimator):
1094         * page/Settings.h:
1095         * platform/ScrollableArea.cpp:
1096         (WebCore::ScrollableArea::scrollAnimator):
1097         * platform/ScrollableArea.h:
1098         (WebCore::ScrollableArea::usesMockScrollAnimator):
1099         (WebCore::ScrollableArea::logMockScrollAnimatorMessage):
1100         * platform/mock/ScrollAnimatorMock.cpp: Added.
1101         (WebCore::ScrollAnimatorMock::create):
1102         (WebCore::ScrollAnimatorMock::ScrollAnimatorMock):
1103         (WebCore::ScrollAnimatorMock::~ScrollAnimatorMock):
1104         (WebCore::ScrollAnimatorMock::didAddVerticalScrollbar):
1105         (WebCore::ScrollAnimatorMock::didAddHorizontalScrollbar):
1106         (WebCore::ScrollAnimatorMock::willRemoveVerticalScrollbar):
1107         (WebCore::ScrollAnimatorMock::willRemoveHorizontalScrollbar):
1108         (WebCore::ScrollAnimatorMock::mouseEnteredContentArea):
1109         (WebCore::ScrollAnimatorMock::mouseMovedInContentArea):
1110         (WebCore::ScrollAnimatorMock::mouseExitedContentArea):
1111         (WebCore::ScrollAnimatorMock::mouseEnteredScrollbar):
1112         (WebCore::ScrollAnimatorMock::mouseExitedScrollbar):
1113         (WebCore::ScrollAnimatorMock::mouseIsDownInScrollbar):
1114         * platform/mock/ScrollAnimatorMock.h: Added.
1115         * platform/mock/ScrollbarThemeMock.cpp:
1116         (WebCore::ScrollbarThemeMock::usesOverlayScrollbars):
1117         * platform/mock/ScrollbarThemeMock.h:
1118         * rendering/RenderLayer.cpp:
1119         (WebCore::RenderLayer::usesMockScrollAnimator):
1120         (WebCore::RenderLayer::logMockScrollAnimatorMessage):
1121         * rendering/RenderLayer.h:
1122         * rendering/RenderListBox.cpp:
1123         (WebCore::RenderListBox::usesMockScrollAnimator):
1124         (WebCore::RenderListBox::logMockScrollAnimatorMessage):
1125         * rendering/RenderListBox.h:
1126         * testing/Internals.cpp:
1127         (WebCore::Internals::resetToConsistentState):
1128         (WebCore::Internals::setUsesMockScrollAnimator):
1129         * testing/Internals.h:
1130         * testing/Internals.idl:
1131
1132 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1133
1134         Unreviewed. Enable overlay scrollbars in GTK+ after r196641.
1135
1136         This was blocked by bug #153404, but the commit that introduced
1137         the regression was rolled out in r196641.
1138
1139         * platform/gtk/ScrollbarThemeGtk.cpp:
1140         (WebCore::ScrollbarThemeGtk::ScrollbarThemeGtk):
1141
1142 2016-02-16  Gavin Barraclough  <barraclough@apple.com>
1143
1144         JSDOMWindow::getOwnPropertySlot should just call getStaticPropertySlot
1145         https://bugs.webkit.org/show_bug.cgi?id=154257
1146
1147         Reviewed by Chris Dumez.
1148
1149         * bindings/js/JSDOMWindowCustom.cpp:
1150         (WebCore::JSDOMWindow::getOwnPropertySlot):
1151             - JSDOMWindow::getOwnPropertySlot should just call getStaticPropertySlot
1152
1153 2016-02-16  Gavin Barraclough  <barraclough@apple.com>
1154
1155         JSDOMWindow::getOwnPropertySlot should not search photo chain
1156         https://bugs.webkit.org/show_bug.cgi?id=154102
1157
1158         Reviewed by Chris Dumez.
1159
1160         Should only return *own* properties.
1161
1162         * bindings/js/JSDOMWindowCustom.cpp:
1163         (WebCore::jsDOMWindowGetOwnPropertySlotNamedItemGetter):
1164
1165 2016-02-16  Alex Christensen  <achristensen@webkit.org>
1166
1167         CMake build fix.
1168
1169         * PlatformMac.cmake:
1170
1171 2016-02-16  Chris Dumez  <cdumez@apple.com>
1172
1173         Navigator.geolocation should not be marked a [Replaceable] and should be on the prototype
1174         https://bugs.webkit.org/show_bug.cgi?id=154304
1175         <rdar://problem/24685092>
1176
1177         Reviewed by Gavin Barraclough.
1178
1179         1. Drop the [Replaceable] IDL extended attribute for navigator.geolocation
1180            as this does not match other browsers or the specification:
1181            - https://dev.w3.org/geo/api/spec-source.html#geolocation_interface
1182         2. Move Navigator attributes to the prototype, where they should be as
1183            per the Web IDL specification.
1184
1185         The previous behavior was meant as a workaround for a bug in the Amazon
1186         iOS app (rdar://problem/16332749). However, I have confirmed that the
1187         latest Amazon App no longer has any issue with those changes.
1188
1189         Test: js/navigator-set-geolocation.html
1190
1191         * Modules/geolocation/NavigatorGeolocation.idl:
1192         * bindings/scripts/CodeGeneratorJS.pm:
1193         (InterfaceRequiresAttributesOnInstanceForCompatibility): Deleted.
1194
1195 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1196
1197         REGRESSION(r196268): WTFCrashWithSecurityImplication on SVG path animation tests
1198         https://bugs.webkit.org/show_bug.cgi?id=154221
1199
1200         Reviewed by Brent Fulgham.
1201
1202         In r196268, a destructor was added to SVGListPropertyTearOff that notifies
1203         its wrapper (the SVGAnimatedListPropertyTearoff) about its deletion. This
1204         allows the wrapper to nullify any references to the wrapped content.
1205         
1206         We needed to do the same thing for SVGPathSegListPropertyTearOff. Both
1207         SVGPathSegListPropertyTearOff and SVGListPropertyTearOff inherit from
1208         SVGListProperty and both hold pointers to SVGAnimatedListPropertyTearOff
1209         which needs to be notified.
1210         
1211         Tests: exiting svg path animation tests should not crash.
1212
1213         * svg/properties/SVGPathSegListPropertyTearOff.h:
1214         (WebCore::SVGPathSegListPropertyTearOff::~SVGPathSegListPropertyTearOff):
1215
1216 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
1217
1218         REGRESSION (r190430): WTFCrashWithSecurityImplication in:void SVGRootInlineBox::layoutCharactersInTextBoxes()
1219         https://bugs.webkit.org/show_bug.cgi?id=154185
1220
1221         Reviewed by Ryosuke Niwa.
1222
1223         This is a regression caused by adding support for HTMLSlotElement. The
1224         crash happens when adding an HTMLSlotElement to anther element which should
1225         not have it as a child like SVGTextElement for example. In this case, we
1226         were creating a RenderText which should not be happen inside an SVG document.
1227         The RenderText::createTextBox() was creating InlineTextBox for the slot's
1228         text and attach it to the SVGRootInlineBox. In layoutCharactersInTextBoxes(),
1229         the assumption is the inline box is either SVGInlineTextBox or SVGInlineFlowBox.
1230         But since we have an InlineTextBox instead, the crash happens when casting
1231         the InlineTextBox to SVGInlineFlowBox.
1232
1233         The fix is for createRenderTreeForSlotAssignees() to not create a renderer
1234         when the parent element should not have a renderer for the this element.
1235         This is the same thing we do for createRenderer() which handles the non
1236         HTMLSlotElement case and which is called also from createRenderTreeRecursively().
1237         
1238         Test: fast/shadow-dom/text-slot-child-crash.svg
1239
1240         * style/StyleTreeResolver.cpp:
1241         (WebCore::Style::moveToFlowThreadIfNeeded):
1242         (WebCore::Style::TreeResolver::createRenderer): Delete the check for
1243         shouldCreateRenderer() and handling the case when resolvedStyle is null
1244         since these are handled by the caller createRenderTreeRecursively().
1245         
1246         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
1247         Assert shouldCreateRenderer() is true for this element.
1248         
1249         (WebCore::Style::TreeResolver::createRenderTreeRecursively): Don't create
1250         the renderer if shouldCreateRenderer() returns false. Also handle the case
1251         when resolvedStyle is null and pass the new style to createRenderer().
1252         
1253         * style/StyleTreeResolver.h:
1254
1255 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
1256
1257         Every RenderLayer should not have to remove itself from the scrollableArea set
1258         https://bugs.webkit.org/show_bug.cgi?id=154311
1259
1260         Reviewed by Zalan Bujtas.
1261
1262         A subset of RenderLayers are are scrollable, and get registered on the FrameView,
1263         but we pay the cost of a hash lookup for removal on every RenderLayer, which is a waste.
1264         
1265         Store a bit that tells RenderLayer that it's in the set and needs to be removed.
1266
1267         * rendering/RenderLayer.cpp:
1268         (WebCore::RenderLayer::RenderLayer):
1269         (WebCore::RenderLayer::~RenderLayer):
1270         (WebCore::RenderLayer::calculateClipRects):
1271         * rendering/RenderLayer.h:
1272
1273 2016-02-16  Daniel Bates  <dabates@apple.com>
1274
1275         CSP: Update violation report 'Content-Type' header
1276         https://bugs.webkit.org/show_bug.cgi?id=153166
1277         <rdar://problem/24383327>
1278
1279         Reviewed by Brent Fulgham.
1280
1281         Inspired by Blink patch:
1282         <https://src.chromium.org/viewvc/blink?view=rev&revision=154215>
1283
1284         Post the Content Security Policy violation report with Content-Type application/csp-report as
1285         per section Reporting of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/>.
1286
1287         Currently we post CSP violation reports with Content-Type application/json.
1288
1289         * html/parser/XSSAuditorDelegate.cpp:
1290         (WebCore::XSSAuditorDelegate::didBlockScript): Use report type ViolationReportType::XSSAuditor to PingLoader.
1291         * loader/PingLoader.cpp:
1292         (WebCore::PingLoader::sendViolationReport): Modified to take argument of type ViolationReportType
1293         to determine the appropriate Content-Type header to use for the report. For a XSS Auditor violation report
1294         we use Content-Type application/json. For a Content Security Policy violation report we use Content-Type
1295         application/csp-report. Additionally, pass a ASCIILiteral() to ResourceRequestBase::setHTTPMethod()
1296         as opposed to a constant string literal to avoid a copy of a constant string literal.
1297         * loader/PingLoader.h: Add enum class ViolationReportType.
1298         * page/csp/ContentSecurityPolicy.cpp:
1299         (WebCore::ContentSecurityPolicy::reportViolation): Use report type ViolationReportType::ContentSecurityPolicy.
1300
1301 2016-02-16  Alex Christensen  <achristensen@webkit.org>
1302
1303         Add checks before redirecting with NetworkSession
1304         https://bugs.webkit.org/show_bug.cgi?id=154298
1305
1306         Reviewed by Andy Estes.
1307
1308         This fixes http/tests/security/cors-post-redirect-307.html and 
1309         http/tests/navigation/post-307-response.html when using NetworkSession.
1310
1311         * platform/network/ResourceRequestBase.h:
1312         WEBCORE_EXPORT some functions newly used in WebKit2.
1313
1314 2016-02-16  Daniel Bates  <dabates@apple.com>
1315
1316         CSP: Fix parsing of 'host/path' source expressions
1317         https://bugs.webkit.org/show_bug.cgi?id=153170
1318         <rdar://problem/24383407>
1319
1320         Reviewed by Brent Fulgham.
1321
1322         Merged from Blink (patch by Mike West):
1323         <https://src.chromium.org/viewvc/blink?revision=154875&view=revision>
1324
1325         Fixes an issue where a source of the form example.com/A/ was incorrectly considered
1326         invalid and hence such a requested resource would be blocked. A source of this form
1327         is valid by the definition of host-source in section Source List Syntax of the Content
1328         Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.
1329
1330         * page/csp/ContentSecurityPolicySourceList.cpp:
1331         (WebCore::ContentSecurityPolicySourceList::parseSource):
1332
1333 2016-02-16  Daniel Bates  <dabates@apple.com>
1334
1335         CSP: Disallow an empty host in a host-source source expression
1336         https://bugs.webkit.org/show_bug.cgi?id=153168
1337         <rdar://problem/24383366>
1338
1339         Reviewed by Brent Fulgham.
1340
1341         Merged from Blink (patch by rob@robwu.nl):
1342         <https://src.chromium.org/viewvc/blink?revision=180407&view=revision>
1343
1344         * page/csp/ContentSecurityPolicySourceList.cpp:
1345         (WebCore::ContentSecurityPolicySourceList::parseSource):
1346
1347 2016-02-16  Brady Eidson  <beidson@apple.com>
1348
1349         Modern IDB: WK2 IPC Scaffolding.
1350         https://bugs.webkit.org/show_bug.cgi?id=154296
1351
1352         Reviewed by Alex Christensen.
1353         
1354         No change in behavior yet; Just laying the groundwork.
1355
1356         * Modules/indexeddb/client/IDBConnectionToServer.h:
1357         * Modules/indexeddb/server/IDBConnectionToClient.h:
1358         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
1359
1360 2016-02-16  Chris Dumez  <cdumez@apple.com>
1361
1362         [Web IDL] Operations should be on the instance for global objects or if [Unforgeable]
1363         https://bugs.webkit.org/show_bug.cgi?id=154120
1364         <rdar://problem/24613231>
1365
1366         Reviewed by Gavin Barraclough.
1367
1368         Operations should be on the instance for global objects or if
1369         [Unforgeable] as per the Web IDL specification:
1370         - http://heycam.github.io/webidl/#es-operations
1371         - http://heycam.github.io/webidl/#dfn-unforgeable-on-an-interface
1372
1373         This patch implements this behavior in order to align
1374         with the specification and other browsers.
1375
1376         No new tests, already covered by existing tests.
1377
1378         * bindings/js/JSDOMWindowCustom.cpp:
1379         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1380         Update function names now that they have "Instance" in their
1381         name instead of "Prototype".
1382
1383         (WebCore::JSDOMWindow::getOwnPropertySlot):
1384         - Update function names now that they have "Instance" in their
1385           name instead of "Prototype".
1386         - Move the functions hard-coding *before* the static table check
1387           now that these functions are in the static table to maintain
1388           the previous behavior.
1389
1390         * bindings/js/JSLocationCustom.cpp:
1391         (WebCore::JSLocation::getOwnPropertySlotDelegate):
1392         Update function names now that they have "Instance" in their
1393         name instead of "Prototype".
1394
1395         * bindings/scripts/CodeGeneratorJS.pm:
1396         - Move functions to the instance if their interface is a global
1397           object or if they are marked as [Unforgeable]. Operations are
1398           now treated more like attributes, as they can now be either on
1399           the instance or the prototype. In a lot of places, I now use
1400           the naming "properties" instead of "attributes" as "properties"
1401           refer both "attributes" and "operations" / "functions".
1402
1403         * bindings/scripts/test/JS/JSTestInterface.cpp:
1404         * bindings/scripts/test/JS/JSTestObj.cpp:
1405         Rebaseline bindings tests.
1406
1407 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
1408
1409         Rollout r188659. This broke scrolling of iframes and overflow when
1410         navigating back to a page in the page cache.
1411         
1412         The fix was overly agressive and had no layout test. I will fix the original
1413         issue a different way.
1414
1415         * history/CachedFrame.cpp:
1416         (WebCore::CachedFrame::CachedFrame):
1417         * page/FrameView.cpp:
1418         (WebCore::FrameView::clearScrollableAreas): Deleted.
1419         * page/FrameView.h:
1420
1421 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1422
1423         [GTK] No hover-horizontal scrolling available
1424         https://bugs.webkit.org/show_bug.cgi?id=122859
1425
1426         Reviewed by Michael Catanzaro.
1427
1428         This is a regression of WebKit2, because in WebKit1 we used native
1429         widgets for frame scrollbars that handled this automatically. Now
1430         we need to also check if the mouse is over frame scrollbars to
1431         adjust the wheel event.
1432
1433         Test: platform/gtk/scrollbars/main-frame-scrollbar-horizontal-wheel-scroll.html
1434
1435         * page/EventHandler.cpp:
1436         (WebCore::EventHandler::handleWheelEvent): Pass the adjusted wheel
1437         event to platformCompleteWheelEvent().
1438         * page/gtk/EventHandlerGtk.cpp:
1439         (WebCore::EventHandler::shouldTurnVerticalTicksIntoHorizontal):
1440         Check also frame scrollbars.
1441
1442 2016-02-16  Antti Koivisto  <antti@apple.com>
1443
1444         Factor id mutation style invalidation code into a class
1445         https://bugs.webkit.org/show_bug.cgi?id=154287
1446
1447         Reviewed by Andreas Kling.
1448
1449         Also add a cheap basic optimization that avoids descendant invalidation if they can not be affected.
1450
1451         It would be easy to implement fine grained invalidation like with classes and attribute selectors.
1452         However dynamic id changes are not common enough (nor recommended) to pay the memory cost of
1453         the required data structures.
1454
1455         Test: fast/css/style-invalidation-id-change-descendants.html
1456
1457         * CMakeLists.txt:
1458         * WebCore.vcxproj/WebCore.vcxproj:
1459         * WebCore.xcodeproj/project.pbxproj:
1460         * css/RuleFeature.cpp:
1461         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
1462         (WebCore::RuleFeatureSet::add):
1463         (WebCore::RuleFeatureSet::clear):
1464         * css/RuleFeature.h:
1465         * dom/Element.cpp:
1466         (WebCore::makeIdForStyleResolution):
1467         (WebCore::Element::attributeChanged):
1468         (WebCore::checkNeedsStyleInvalidationForIdChange): Deleted.
1469         * style/IdChangeInvalidation.cpp: Added.
1470         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
1471         * style/IdChangeInvalidation.h: Added.
1472         (WebCore::Style::IdChangeInvalidation::IdChangeInvalidation):
1473         (WebCore::Style::IdChangeInvalidation::~IdChangeInvalidation):
1474
1475 2016-02-16  Andreas Kling  <akling@apple.com>
1476
1477         Drop StyleResolver and SelectorQueryCache when entering PageCache.
1478         <https://webkit.org/b/154238>
1479
1480         Reviewed by Antti Koivisto.
1481
1482         Stop keeping these around for cached pages to save lots of memory.
1483         We can easily rebuild them if a cached navigation occurs, and this
1484         way we also don't need to worry about invalidating style for cached
1485         pages in all the right places.
1486
1487         Restoring a cached page will now lead to a forced style recalc.
1488         We don't try to defer this (beyond a zero-timer) since it's going
1489         to happen anyway, and it's nicer to front-load the cost rather than
1490         stuttering on the first user content interaction.
1491
1492         * dom/Document.cpp:
1493         (WebCore::Document::setInPageCache):
1494         * history/CachedPage.cpp:
1495         (WebCore::CachedPage::restore):
1496         (WebCore::CachedPage::clear): Deleted.
1497         * history/CachedPage.h:
1498         (WebCore::CachedPage::markForVisitedLinkStyleRecalc): Deleted.
1499         (WebCore::CachedPage::markForFullStyleRecalc): Deleted.
1500         * history/PageCache.cpp:
1501         (WebCore::PageCache::markPagesForVisitedLinkStyleRecalc): Deleted.
1502         (WebCore::PageCache::markPagesForFullStyleRecalc): Deleted.
1503         * history/PageCache.h:
1504         * page/Frame.cpp:
1505         (WebCore::Frame::setPageAndTextZoomFactors): Deleted.
1506         * page/Page.cpp:
1507         (WebCore::Page::setViewScaleFactor): Deleted.
1508         (WebCore::Page::setDeviceScaleFactor): Deleted.
1509         (WebCore::Page::setPagination): Deleted.
1510         (WebCore::Page::setPaginationLineGridEnabled): Deleted.
1511         (WebCore::Page::setVisitedLinkStore): Deleted.
1512
1513 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1514
1515         [GTK] clicking on the scrollbar trough steps rather than jumps to the clicked position
1516         https://bugs.webkit.org/show_bug.cgi?id=115363
1517
1518         Reviewed by Michael Catanzaro.
1519
1520         Allow ScrollbarTheme to decide the behavior of a button press event,
1521         instead of only deciding whether to center on thumb or not. This
1522         way we can match the current GTK+ behavior in WebKit, without
1523         affecting other ports.
1524
1525         * platform/ScrollTypes.h: Add ScrollbarButtonPressAction enum.
1526         * platform/Scrollbar.cpp:
1527         (WebCore::Scrollbar::mouseDown): Ask ScrollbarTheme to handle the
1528         event for the pressed part and do the requested action.
1529         * platform/ScrollbarTheme.cpp:
1530         (WebCore::ScrollbarTheme::handleMousePressEvent): Add default
1531         implementation. It's equivalent to the previous default implementation.
1532         * platform/ScrollbarTheme.h:
1533         * platform/gtk/ScrollbarThemeGtk.cpp:
1534         (WebCore::ScrollbarThemeGtk::handleMousePressEvent): Match current
1535         GTK+ behavior: left click centers on thumb and right click
1536         scrolls. Dragging the thumb works for left and middle buttons.
1537         * platform/gtk/ScrollbarThemeGtk.h:
1538         * platform/ios/ScrollbarThemeIOS.h: Remove shouldCenterOnThumb,
1539         and don't override handleMousePressEvent since iOS wants the
1540         default behavior.
1541         * platform/ios/ScrollbarThemeIOS.mm:
1542         * platform/mac/ScrollbarThemeMac.h: Override handleMousePressEvent
1543         and remove shouldCenterOnThumb.
1544         * platform/mac/ScrollbarThemeMac.mm:
1545         (WebCore::shouldCenterOnThumb): Same implementation just made it
1546         static to be used as helper.
1547         (WebCore::ScrollbarThemeMac::handleMousePressEvent): Return the
1548         desired action keeping the same behavior.
1549         * platform/win/ScrollbarThemeWin.cpp:
1550         (WebCore::ScrollbarThemeWin::handleMousePressEvent): Ditto.
1551         * platform/win/ScrollbarThemeWin.h:
1552         * rendering/RenderScrollbarTheme.h:
1553
1554 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1555
1556         Mouse cursor doesn't change when entering scrollbars
1557         https://bugs.webkit.org/show_bug.cgi?id=154243
1558
1559         Reviewed by Simon Fraser.
1560
1561         If the scrollbar is over or very close to text or a link, when
1562         entering the scrollbar the cursor is not changed, keeping the beam
1563         or hand cursor when using the scrollbar. Same happens for image
1564         documents where the magnifier cursor is used and it remains when
1565         entering the scrollbars. We should use pointer cursor always for
1566         scrollbars.
1567
1568         * page/EventHandler.cpp:
1569         (WebCore::EventHandler::updateCursor): Request also to include
1570         frame scrollbars in hit test result.
1571         (WebCore::EventHandler::selectCursor): Use always pointer cursor
1572         for scrollbars.
1573
1574 2016-02-15  Antti Koivisto  <antti@apple.com>
1575
1576         Optimize style invalidations for attribute selectors
1577         https://bugs.webkit.org/show_bug.cgi?id=154242
1578
1579         Reviewed by Andreas Kling.
1580
1581         Currently we invalidate the whole element subtree if there are any attribute selectors for the changed attribute.
1582         This is slow as generally few if any elements are really affected. Using attribute selectors for dynamic styling
1583         should be performant.
1584
1585         This patch implements optimization strategy for attributes similar to what we already have for classes:
1586
1587         - Collect a map of all rules that contains descendant-affecting attribute selectors for a given attribute.
1588         - When an attribute value changes check if there are any such rules for it.
1589         - Check if the value change affects the results of any of the attribute selectors.
1590         - Only if it does invalidate the exact descendant elements affected by the rules.
1591
1592         Test: fast/css/style-invalidation-attribute-change-descendants.html
1593
1594         * WebCore.xcodeproj/project.pbxproj:
1595         * css/DocumentRuleSets.cpp:
1596         (WebCore::DocumentRuleSets::ancestorClassRules):
1597         (WebCore::DocumentRuleSets::ancestorAttributeRulesForHTML):
1598
1599             Create optimization RuleSets when needed.
1600
1601         * css/DocumentRuleSets.h:
1602         (WebCore::DocumentRuleSets::uncommonAttribute):
1603         (WebCore::DocumentRuleSets::features):
1604         * css/RuleFeature.cpp:
1605         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
1606         (WebCore::makeAttributeSelectorKey):
1607         (WebCore::RuleFeatureSet::collectFeatures):
1608
1609             Collect rules with descendant affecting attribute selectors.
1610
1611         (WebCore::RuleFeatureSet::add):
1612         (WebCore::RuleFeatureSet::clear):
1613         (WebCore::RuleFeatureSet::shrinkToFit):
1614         * css/RuleFeature.h:
1615         * css/SelectorChecker.cpp:
1616         (WebCore::anyAttributeMatches):
1617         (WebCore::SelectorChecker::attributeSelectorMatches):
1618
1619             Expose function for matching single attribute selectors.
1620
1621         (WebCore::canMatchHoverOrActiveInQuirksMode):
1622         * css/SelectorChecker.h:
1623         * dom/Attr.cpp:
1624         (WebCore::Attr::setValue):
1625         (WebCore::Attr::childrenChanged):
1626         * dom/Element.cpp:
1627         (WebCore::Element::setAttributeInternal):
1628         (WebCore::makeIdForStyleResolution):
1629         (WebCore::Element::attributeChanged):
1630         (WebCore::Element::removeAttributeInternal):
1631         (WebCore::Element::addAttributeInternal):
1632         (WebCore::Element::removeAttribute):
1633
1634             Add AttributeChangeInvalidation where needed.
1635
1636         (WebCore::Element::needsStyleInvalidation):
1637
1638             Move to Element from ClassChangeInvalidation.
1639
1640         (WebCore::Element::willModifyAttribute):
1641
1642             No more full style invalidation on attribute change.
1643
1644         * style/AttributeChangeInvalidation.cpp: Added.
1645         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
1646
1647             Invalidate local style.
1648             Check if we need to invalidate descendants by looking into ancestorAttributeRules.
1649
1650         (WebCore::Style::AttributeChangeInvalidation::invalidateDescendants):
1651
1652             Use StyleInvalidationAnalysis to invalidate the subtree for the relevant rules.
1653
1654         * style/AttributeChangeInvalidation.h: Added.
1655         (WebCore::Style::AttributeChangeInvalidation::needsInvalidation):
1656         (WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):
1657         (WebCore::Style::AttributeChangeInvalidation::~AttributeChangeInvalidation):
1658
1659             If needed, invalidate descendants before and after attribute change to catch rules that start and stop applying.
1660
1661 2016-02-16  Chris Dumez  <cdumez@apple.com>
1662
1663         Do security checks early in JSDOMWindow::put*()
1664         https://bugs.webkit.org/show_bug.cgi?id=154270
1665
1666         Reviewed by Gavin Barraclough.
1667
1668         Do security checks early in JSDOMWindow::put() / JSDOMWindow::putByIndex()
1669         and return as soon as possible. This makes it less error-prone as we need
1670         to do the security check only once, at the top of the function.
1671
1672         Also lock down the security further by calling lookupPut() only if the
1673         property name is "location". The "location" property is the only one that
1674         can be set cross-origin. Previously, trying to set a property such as
1675         "name" (which cannot be set cross-origin) relied on the attribute setter
1676         doing the security check when getting called. The new check is less error
1677         prone and will correctly prevent overriding window's method cross-origin
1678         once these move down from the prototype (Bug 154120).
1679
1680         Finally, the previous code was failing to set the "location" property
1681         cross-origin after the window has been reified. This patch fixes the
1682         issue by always calling the original "location" property setter from the
1683         static table in the cross-origin case.
1684
1685         Test: http/tests/security/cross-origin-reified-window-location-setting.html
1686
1687         * bindings/js/JSDOMWindowCustom.cpp:
1688         (WebCore::JSDOMWindow::put):
1689         (WebCore::JSDOMWindow::putByIndex):
1690
1691 2016-02-15  Brent Fulgham  <bfulgham@apple.com>
1692
1693         [Mac] Gather some rudimentary statistics during resource load 
1694         https://bugs.webkit.org/show_bug.cgi?id=153575
1695         <rdar://problem/24075254>
1696
1697         Reviewed by Brady Eidson.
1698
1699         Tested by: http/tests/navigation/statistics.html
1700
1701         * CMakeLists.txt:
1702         * PlatformWin.cmake:
1703         * WebCore.xcodeproj/project.pbxproj:
1704         * dom/Document.cpp:
1705         (WebCore::Document::updateLastHandledUserGestureTimestamp): Log user interaction
1706         with the ResourceLoadObserver.
1707         * loader/DocumentLoader.cpp:
1708         (WebCore::DocumentLoader::willSendRequest): Track load statistics if the
1709         user interacted with the document.
1710         * loader/ResourceLoadObserver.cpp: Added.
1711         * loader/ResourceLoadObserver.h: Added.
1712         * loader/ResourceLoadStatistics.cpp: Added.
1713         * loader/ResourceLoadStatistics.h: Added.
1714         * loader/SubresourceLoader.cpp:
1715         (WebCore::SubresourceLoader::willSendRequestInternal): Track load statistics.
1716         * page/Settings.cpp:
1717         (WebCore::Settings::setResourceLoadStatisticsEnabled): Added.
1718         * page/Settings.h:
1719         (WebCore::Settings::resourceLoadStatisticsEnabled): Added.
1720         * platform/Logging.h:
1721         * testing/Internals.cpp:
1722         (WebCore::Internals::resourceLoadStatisticsForOrigin):
1723         (WebCore::Internals::setResourceLoadStatisticsEnabled):
1724         * testing/Internals.h:
1725         * testing/Internals.idl:
1726
1727 2016-02-15  Chris Dumez  <cdumez@apple.com>
1728
1729         The following properties should exist on the global object: AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
1730         https://bugs.webkit.org/show_bug.cgi?id=154250
1731         <rdar://problem/24660829>
1732
1733         Reviewed by Eric Carlson.
1734
1735         The following properties should exist on the global object:
1736         - AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
1737
1738         These interfaces are not marked as [NoInterfaceObject] in:
1739         - https://html.spec.whatwg.org/#audiotracklist-and-videotracklist-objects
1740
1741         No new tests, already covered by existing tests.
1742
1743         * html/track/AudioTrack.idl:
1744         * html/track/AudioTrackList.idl:
1745         * html/track/VideoTrack.idl:
1746         * html/track/VideoTrackList.idl:
1747
1748 2016-02-15  Sam Weinig  <sam@webkit.org>
1749
1750         Stop using NSMapTable in places where we were only using it to be GC safe
1751         <rdar://problem/24063723>
1752         https://bugs.webkit.org/show_bug.cgi?id=154264
1753
1754         Reviewed by Dan Bernstein.
1755
1756         Switch from NSMapTable to HashMap.
1757
1758         * WebCore.xcodeproj/project.pbxproj:
1759         * bindings/objc/DOMInternal.h:
1760         * bindings/objc/DOMInternal.mm:
1761         * bindings/objc/WebScriptObject.mm:
1762         * bridge/objc/objc_instance.mm:
1763         * platform/spi/cocoa/NSPointerFunctionsSPI.h: Removed. No longer used.
1764
1765 2016-02-15  Myles C. Maxfield  <mmaxfield@apple.com>
1766
1767         [Font Loading] Implement FontFace JavaScript object
1768         https://bugs.webkit.org/show_bug.cgi?id=153345
1769
1770         Reviewed by Antti Koivisto.
1771
1772         Test: fast/text/font-face-javascript.html
1773
1774         This patch implements the FontFace Javascript object. This object mostly consists of
1775         style getters / setters, which we implement by parsing input strings and generating
1776         output strings similarly to getComputedStyle(). This object also has a load() function
1777         which returns a promise which will be fulfilled or rejected depending on the load.
1778         There is also a "loaded" attribute which exposes this promise directly. Also, a status
1779         field is exposed so script knows what the state of the load is.
1780
1781         Currently, loading depends on our CachedResourceLoader which is part of the Document,
1782         so this API is not available in a non-document context.
1783
1784         Another caveat is that immediate-mode font loading (where the content provides an
1785         ArrayBuffer containing the bytes of the font file) is forthcoming. This requires
1786         changing the relationship between CSSFontFaceSource and CachedFont.
1787
1788         CSSFontFace has been modified to keep a strong reference to the CSSFontSelector. This
1789         is because the lifetime of the CSSFontFace can now outlive the CSSFontSelector. When
1790         the CSSFontSelector is removed from the Document, it explicitly clears its constituent
1791         CSSFontFaces, thereby breaking the reference cycle.
1792
1793         Test: fast/text/font-face-javascript-expected.html
1794
1795         * CMakeLists.txt: Add new files.
1796         * DerivedSources.cpp: Ditto.
1797         * DerivedSources.make: Ditto.
1798         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
1799         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
1800         * WebCore.xcodeproj/project.pbxproj: Ditto.
1801         * bindings/js/JSDOMPromise.cpp:
1802         (WebCore::DeferredWrapper::globalObject): Remove whitespace.
1803         (WebCore::DeferredWrapper::deferred): Allow access to the inner JSC object.
1804         * bindings/js/JSDOMPromise.h:
1805         (WebCore::DOMPromise::deferred): Ditto.
1806         * bindings/js/JSFontFaceCustom.cpp: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
1807         (WebCore::JSFontFace::loaded):
1808         (WebCore::JSFontFace::load):
1809         * css/CSSFontFace.cpp:
1810         (WebCore::CSSFontFace::CSSFontFace): 
1811         (WebCore::CSSFontFace::adoptSource):
1812         (WebCore::CSSFontFace::updateStatus): Enforce the state machine's transitions.
1813         (WebCore::CSSFontFace::fontLoaded):
1814         (WebCore::CSSFontFace::pump):
1815         (WebCore::CSSFontFace::load):
1816         * css/CSSFontFace.h:
1817         (WebCore::CSSFontFaceClient::~CSSFontFaceClient):
1818         (WebCore::CSSFontFace::create):
1819         (WebCore::CSSFontFace::status):
1820         * css/CSSFontSelector.cpp:
1821         (WebCore::CSSFontSelector::appendSources): Update for new CSSFontFace API.
1822         (WebCore::CSSFontSelector::registerLocalFontFacesForFamily): Ditto.
1823         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
1824         (WebCore::CSSFontSelector::kick): Ditto.
1825         (WebCore::appendSources): Deleted.
1826         (WebCore::registerLocalFontFacesForFamily): Deleted.
1827         * css/CSSFontSelector.h:
1828         * css/CSSUnicodeRangeValue.cpp: Use for serializing the "unicodeRange" property.
1829         * css/FontFace.cpp:
1830         (WebCore::createPromise): Implement the remaining Javascript API functions.
1831         (WebCore::valueFromDictionary):
1832         (WebCore::FontFace::create):
1833         (WebCore::FontFace::FontFace):
1834         (WebCore::FontFace::parseString):
1835         (WebCore::FontFace::status):
1836         (WebCore::FontFace::kick):
1837         (WebCore::FontFace::load):
1838         (WebCore::FontFace::fulfillPromise):
1839         (WebCore::FontFace::rejectPromise):
1840         (WebCore::parseString): Deleted.
1841         * css/FontFace.h:
1842         (WebCore::FontFace::promise):
1843         (WebCore::FontFace::backing):
1844         (WebCore::FontFace::create): Deleted.
1845         * css/FontFace.idl: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
1846
1847 2016-02-15  Jer Noble  <jer.noble@apple.com>
1848
1849         Null-deref crash in DefaultAudioDestinationNode::suspend()
1850         https://bugs.webkit.org/show_bug.cgi?id=154248
1851
1852         Reviewed by Alex Christensen.
1853
1854         Drive-by fix: AudioContext should be a reference, not a pointer.
1855
1856         * Modules/webaudio/AnalyserNode.cpp:
1857         (WebCore::AnalyserNode::AnalyserNode):
1858         * Modules/webaudio/AnalyserNode.h:
1859         (WebCore::AnalyserNode::create):
1860         * Modules/webaudio/AudioBasicInspectorNode.cpp:
1861         (WebCore::AudioBasicInspectorNode::AudioBasicInspectorNode):
1862         (WebCore::AudioBasicInspectorNode::connect):
1863         (WebCore::AudioBasicInspectorNode::disconnect):
1864         (WebCore::AudioBasicInspectorNode::checkNumberOfChannelsForInput):
1865         (WebCore::AudioBasicInspectorNode::updatePullStatus):
1866         * Modules/webaudio/AudioBasicInspectorNode.h:
1867         * Modules/webaudio/AudioBasicProcessorNode.cpp:
1868         (WebCore::AudioBasicProcessorNode::AudioBasicProcessorNode):
1869         (WebCore::AudioBasicProcessorNode::checkNumberOfChannelsForInput):
1870         * Modules/webaudio/AudioBasicProcessorNode.h:
1871         * Modules/webaudio/AudioBufferSourceNode.cpp:
1872         (WebCore::AudioBufferSourceNode::create):
1873         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
1874         (WebCore::AudioBufferSourceNode::renderFromBuffer):
1875         (WebCore::AudioBufferSourceNode::setBuffer):
1876         (WebCore::AudioBufferSourceNode::startPlaying):
1877         (WebCore::AudioBufferSourceNode::looping):
1878         (WebCore::AudioBufferSourceNode::setLooping):
1879         * Modules/webaudio/AudioBufferSourceNode.h:
1880         * Modules/webaudio/AudioContext.cpp:
1881         (WebCore::AudioContext::AudioContext):
1882         (WebCore::AudioContext::createBufferSource):
1883         (WebCore::AudioContext::createMediaElementSource):
1884         (WebCore::AudioContext::createMediaStreamDestination):
1885         (WebCore::AudioContext::createScriptProcessor):
1886         (WebCore::AudioContext::createBiquadFilter):
1887         (WebCore::AudioContext::createWaveShaper):
1888         (WebCore::AudioContext::createPanner):
1889         (WebCore::AudioContext::createConvolver):
1890         (WebCore::AudioContext::createDynamicsCompressor):
1891         (WebCore::AudioContext::createAnalyser):
1892         (WebCore::AudioContext::createGain):
1893         (WebCore::AudioContext::createDelay):
1894         (WebCore::AudioContext::createChannelSplitter):
1895         (WebCore::AudioContext::createChannelMerger):
1896         (WebCore::AudioContext::createOscillator):
1897         * Modules/webaudio/AudioContext.h:
1898         (WebCore::operator==):
1899         (WebCore::operator!=):
1900         * Modules/webaudio/AudioDestinationNode.cpp:
1901         (WebCore::AudioDestinationNode::AudioDestinationNode):
1902         (WebCore::AudioDestinationNode::render):
1903         (WebCore::AudioDestinationNode::updateIsEffectivelyPlayingAudio):
1904         * Modules/webaudio/AudioDestinationNode.h:
1905         * Modules/webaudio/AudioNode.cpp:
1906         (WebCore::AudioNode::AudioNode):
1907         (WebCore::AudioNode::connect):
1908         (WebCore::AudioNode::disconnect):
1909         (WebCore::AudioNode::setChannelCount):
1910         (WebCore::AudioNode::setChannelCountMode):
1911         (WebCore::AudioNode::setChannelInterpretation):
1912         (WebCore::AudioNode::scriptExecutionContext):
1913         (WebCore::AudioNode::processIfNecessary):
1914         (WebCore::AudioNode::checkNumberOfChannelsForInput):
1915         (WebCore::AudioNode::propagatesSilence):
1916         (WebCore::AudioNode::pullInputs):
1917         (WebCore::AudioNode::enableOutputsIfNecessary):
1918         (WebCore::AudioNode::deref):
1919         (WebCore::AudioNode::finishDeref):
1920         * Modules/webaudio/AudioNode.h:
1921         (WebCore::AudioNode::context):
1922         * Modules/webaudio/AudioNodeInput.cpp:
1923         (WebCore::AudioNodeInput::connect):
1924         (WebCore::AudioNodeInput::disconnect):
1925         (WebCore::AudioNodeInput::disable):
1926         (WebCore::AudioNodeInput::enable):
1927         (WebCore::AudioNodeInput::updateInternalBus):
1928         (WebCore::AudioNodeInput::bus):
1929         (WebCore::AudioNodeInput::internalSummingBus):
1930         (WebCore::AudioNodeInput::sumAllConnections):
1931         (WebCore::AudioNodeInput::pull):
1932         * Modules/webaudio/AudioNodeOutput.cpp:
1933         (WebCore::AudioNodeOutput::setNumberOfChannels):
1934         (WebCore::AudioNodeOutput::updateNumberOfChannels):
1935         (WebCore::AudioNodeOutput::propagateChannelCount):
1936         (WebCore::AudioNodeOutput::pull):
1937         (WebCore::AudioNodeOutput::bus):
1938         (WebCore::AudioNodeOutput::fanOutCount):
1939         (WebCore::AudioNodeOutput::paramFanOutCount):
1940         (WebCore::AudioNodeOutput::addInput):
1941         (WebCore::AudioNodeOutput::removeInput):
1942         (WebCore::AudioNodeOutput::disconnectAllInputs):
1943         (WebCore::AudioNodeOutput::addParam):
1944         (WebCore::AudioNodeOutput::removeParam):
1945         (WebCore::AudioNodeOutput::disconnectAllParams):
1946         (WebCore::AudioNodeOutput::disable):
1947         (WebCore::AudioNodeOutput::enable):
1948         * Modules/webaudio/AudioNodeOutput.h:
1949         (WebCore::AudioNodeOutput::context):
1950         * Modules/webaudio/AudioParam.cpp:
1951         (WebCore::AudioParam::value):
1952         (WebCore::AudioParam::smooth):
1953         (WebCore::AudioParam::calculateSampleAccurateValues):
1954         (WebCore::AudioParam::calculateFinalValues):
1955         (WebCore::AudioParam::calculateTimelineValues):
1956         (WebCore::AudioParam::connect):
1957         (WebCore::AudioParam::disconnect):
1958         * Modules/webaudio/AudioParam.h:
1959         (WebCore::AudioParam::create):
1960         (WebCore::AudioParam::AudioParam):
1961         * Modules/webaudio/AudioParamTimeline.cpp:
1962         (WebCore::AudioParamTimeline::valueForContextTime):
1963         * Modules/webaudio/AudioParamTimeline.h:
1964         * Modules/webaudio/AudioScheduledSourceNode.cpp:
1965         (WebCore::AudioScheduledSourceNode::AudioScheduledSourceNode):
1966         (WebCore::AudioScheduledSourceNode::updateSchedulingInfo):
1967         (WebCore::AudioScheduledSourceNode::start):
1968         (WebCore::AudioScheduledSourceNode::finish):
1969         * Modules/webaudio/AudioScheduledSourceNode.h:
1970         * Modules/webaudio/AudioSummingJunction.cpp:
1971         (WebCore::AudioSummingJunction::AudioSummingJunction):
1972         (WebCore::AudioSummingJunction::~AudioSummingJunction):
1973         (WebCore::AudioSummingJunction::changedOutputs):
1974         (WebCore::AudioSummingJunction::updateRenderingState):
1975         * Modules/webaudio/AudioSummingJunction.h:
1976         (WebCore::AudioSummingJunction::context):
1977         * Modules/webaudio/BiquadFilterNode.cpp:
1978         (WebCore::BiquadFilterNode::BiquadFilterNode):
1979         * Modules/webaudio/BiquadFilterNode.h:
1980         (WebCore::BiquadFilterNode::create):
1981         * Modules/webaudio/BiquadProcessor.cpp:
1982         (WebCore::BiquadProcessor::BiquadProcessor):
1983         * Modules/webaudio/BiquadProcessor.h:
1984         * Modules/webaudio/ChannelMergerNode.cpp:
1985         (WebCore::ChannelMergerNode::create):
1986         (WebCore::ChannelMergerNode::ChannelMergerNode):
1987         (WebCore::ChannelMergerNode::checkNumberOfChannelsForInput):
1988         * Modules/webaudio/ChannelMergerNode.h:
1989         * Modules/webaudio/ChannelSplitterNode.cpp:
1990         (WebCore::ChannelSplitterNode::create):
1991         (WebCore::ChannelSplitterNode::ChannelSplitterNode):
1992         * Modules/webaudio/ChannelSplitterNode.h:
1993         * Modules/webaudio/ConvolverNode.cpp:
1994         (WebCore::ConvolverNode::ConvolverNode):
1995         (WebCore::ConvolverNode::setBuffer):
1996         * Modules/webaudio/ConvolverNode.h:
1997         (WebCore::ConvolverNode::create):
1998         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
1999         (WebCore::DefaultAudioDestinationNode::DefaultAudioDestinationNode):
2000         (WebCore::DefaultAudioDestinationNode::resume):
2001         (WebCore::DefaultAudioDestinationNode::suspend):
2002         (WebCore::DefaultAudioDestinationNode::close):
2003         * Modules/webaudio/DefaultAudioDestinationNode.h:
2004         (WebCore::DefaultAudioDestinationNode::create):
2005         * Modules/webaudio/DelayNode.cpp:
2006         (WebCore::DelayNode::DelayNode):
2007         * Modules/webaudio/DelayNode.h:
2008         (WebCore::DelayNode::create):
2009         * Modules/webaudio/DelayProcessor.cpp:
2010         (WebCore::DelayProcessor::DelayProcessor):
2011         * Modules/webaudio/DelayProcessor.h:
2012         * Modules/webaudio/DynamicsCompressorNode.cpp:
2013         (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
2014         * Modules/webaudio/DynamicsCompressorNode.h:
2015         (WebCore::DynamicsCompressorNode::create):
2016         * Modules/webaudio/GainNode.cpp:
2017         (WebCore::GainNode::GainNode):
2018         (WebCore::GainNode::checkNumberOfChannelsForInput):
2019         * Modules/webaudio/GainNode.h:
2020         (WebCore::GainNode::create):
2021         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
2022         (WebCore::MediaElementAudioSourceNode::create):
2023         (WebCore::MediaElementAudioSourceNode::MediaElementAudioSourceNode):
2024         (WebCore::MediaElementAudioSourceNode::setFormat):
2025         * Modules/webaudio/MediaElementAudioSourceNode.h:
2026         * Modules/webaudio/MediaStreamAudioDestinationNode.cpp:
2027         (WebCore::MediaStreamAudioDestinationNode::create):
2028         (WebCore::MediaStreamAudioDestinationNode::MediaStreamAudioDestinationNode):
2029         * Modules/webaudio/MediaStreamAudioDestinationNode.h:
2030         * Modules/webaudio/MediaStreamAudioSourceNode.cpp:
2031         (WebCore::MediaStreamAudioSourceNode::MediaStreamAudioSourceNode):
2032         (WebCore::MediaStreamAudioSourceNode::setFormat):
2033         * Modules/webaudio/OfflineAudioDestinationNode.cpp:
2034         (WebCore::OfflineAudioDestinationNode::OfflineAudioDestinationNode):
2035         (WebCore::OfflineAudioDestinationNode::offlineRender):
2036         (WebCore::OfflineAudioDestinationNode::notifyComplete):
2037         * Modules/webaudio/OfflineAudioDestinationNode.h:
2038         (WebCore::OfflineAudioDestinationNode::create):
2039         * Modules/webaudio/OscillatorNode.cpp:
2040         (WebCore::OscillatorNode::create):
2041         (WebCore::OscillatorNode::OscillatorNode):
2042         * Modules/webaudio/OscillatorNode.h:
2043         * Modules/webaudio/PannerNode.cpp:
2044         (WebCore::PannerNode::PannerNode):
2045         (WebCore::PannerNode::pullInputs):
2046         (WebCore::PannerNode::process):
2047         (WebCore::PannerNode::listener):
2048         (WebCore::PannerNode::setPanningModel):
2049         * Modules/webaudio/PannerNode.h:
2050         (WebCore::PannerNode::create):
2051         * Modules/webaudio/ScriptProcessorNode.cpp:
2052         (WebCore::ScriptProcessorNode::create):
2053         (WebCore::ScriptProcessorNode::ScriptProcessorNode):
2054         (WebCore::ScriptProcessorNode::initialize):
2055         (WebCore::ScriptProcessorNode::fireProcessEvent):
2056         * Modules/webaudio/ScriptProcessorNode.h:
2057         * Modules/webaudio/WaveShaperNode.cpp:
2058         (WebCore::WaveShaperNode::WaveShaperNode):
2059         (WebCore::WaveShaperNode::setOversample):
2060         * Modules/webaudio/WaveShaperNode.h:
2061         (WebCore::WaveShaperNode::create):
2062
2063 2016-02-15  Jer Noble  <jer.noble@apple.com>
2064
2065         Null-deref crash in DefaultAudioDestinationNode::suspend()
2066         https://bugs.webkit.org/show_bug.cgi?id=154248
2067
2068         Reviewed by Alex Christensen.
2069
2070         Null-check scriptExecutionContext() before deref.
2071
2072         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
2073         (WebCore::DefaultAudioDestinationNode::resume):
2074         (WebCore::DefaultAudioDestinationNode::suspend):
2075         (WebCore::DefaultAudioDestinationNode::close):
2076
2077 2016-02-15  Chris Dumez  <cdumez@apple.com>
2078
2079         XMLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
2080         https://bugs.webkit.org/show_bug.cgi?id=154230
2081
2082         Reviewed by Alex Christensen.
2083
2084         MLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
2085         as per:
2086         https://xhr.spec.whatwg.org/#xmlhttprequesteventtarget
2087
2088         Firefox and Chrome already match the specification.
2089
2090         No new tests, already covered by existing tests.
2091
2092         * CMakeLists.txt:
2093         * DerivedSources.make:
2094         * WebCore.vcxproj/WebCore.vcxproj:
2095         * WebCore.vcxproj/WebCore.vcxproj.filters:
2096         * WebCore.xcodeproj/project.pbxproj:
2097         * xml/XMLHttpRequest.h:
2098         * xml/XMLHttpRequest.idl:
2099         * xml/XMLHttpRequestEventTarget.h: Added.
2100         * xml/XMLHttpRequestEventTarget.idl: Copied from Source/WebCore/xml/XMLHttpRequestUpload.idl.
2101         * xml/XMLHttpRequestUpload.h:
2102         * xml/XMLHttpRequestUpload.idl:
2103
2104 2016-02-15  Jiewen Tan  <jiewen_tan@apple.com>
2105
2106         Refine SimulatedMouseEvent to support Event.isTrusted
2107         https://bugs.webkit.org/show_bug.cgi?id=154133
2108         <rdar://problem/24616246>
2109
2110         Reviewed by Darin Adler.
2111
2112         This patch extracts everything related to create/dispatch SimulatedMouseEvent from MouseEvent.h/cpp
2113         and EventDispatcher.h/cpp, and produces SimulateClick.h/cpp which will handle simulated click solely.
2114         After that, we hide the SimulatedMouseEvent and only expose simulateClick to be called. The reason is
2115         that we both want to tell whether the call sites are from user agent/bindings and keep the
2116         SimulatedMouseEvent intact.
2117
2118         Also, this patch separate Element::dispatchSimulatedClick into two: one for the user agent, and another
2119         for the bindings. Therefore, HTMLElement.click will be treated as untrusted.
2120
2121         Some of the changes in this patch referred Blink r200401:
2122         https://codereview.chromium.org/1285793004
2123
2124         Modified test:
2125         LayoutTests/imported/blink/fast/events/event-trusted.html
2126
2127         * CMakeLists.txt:
2128         * WebCore.xcodeproj/project.pbxproj:
2129         * dom/Element.cpp:
2130         (WebCore::Element::dispatchSimulatedClick):
2131         (WebCore::Element::dispatchSimulatedClickForBindings):
2132         * dom/Element.h:
2133         * dom/EventDispatcher.cpp:
2134         (WebCore::EventDispatcher::dispatchSimulatedClick): Deleted.
2135         * dom/EventDispatcher.h:
2136         * dom/MouseEvent.cpp:
2137         (WebCore::SimulatedMouseEvent::create): Deleted.
2138         (WebCore::SimulatedMouseEvent::~SimulatedMouseEvent): Deleted.
2139         (WebCore::SimulatedMouseEvent::SimulatedMouseEvent): Deleted.
2140         * dom/MouseEvent.h:
2141         * dom/SimulatedClick.cpp: Added.
2142         (WebCore::simulateMouseEvent):
2143         (WebCore::simulateClick):
2144         * dom/SimulatedClick.h: Added.
2145         * html/HTMLElement.cpp:
2146         (WebCore::HTMLElement::click):
2147
2148 2016-02-15  Joseph Pecoraro  <pecoraro@apple.com>
2149
2150         Web Inspector: Web Workers have no access to console for debugging
2151         https://bugs.webkit.org/show_bug.cgi?id=26237
2152
2153         Reviewed by Timothy Hatcher.
2154
2155         This adds the most basic console message support to Workers.
2156         Messages logged from workers get surfaced through the Page's console.
2157         This lacks support for logging and interacting with arguments,
2158         which would be addressed when adding more complete Worker
2159         debugging tools.
2160
2161         Test: inspector/console/messageAdded-from-worker.html
2162
2163         * CMakeLists.txt:
2164         * WebCore.xcodeproj/project.pbxproj:
2165         Add new files.
2166
2167         * bindings/js/WorkerScriptController.cpp:
2168         (WebCore::WorkerScriptController::~WorkerScriptController):
2169         (WebCore::WorkerScriptController::initScript):
2170         Set the ConsoleClient for the Worker's global object. We route
2171         the messages to the Page's console.
2172
2173         * bindings/js/WorkerScriptController.h:
2174         * workers/WorkerConsoleClient.h: Added.
2175         * workers/WorkerConsoleClient.cpp: Added.
2176         (WebCore::WorkerConsoleClient::WorkerConsoleClient):
2177         (WebCore::WorkerConsoleClient::~WorkerConsoleClient):
2178         (WebCore::WorkerConsoleClient::profile):
2179         (WebCore::WorkerConsoleClient::profileEnd):
2180         (WebCore::WorkerConsoleClient::count):
2181         (WebCore::WorkerConsoleClient::time):
2182         (WebCore::WorkerConsoleClient::timeEnd):
2183         (WebCore::WorkerConsoleClient::timeStamp):
2184         Stub most console methods in a Worker.
2185
2186         (WebCore::WorkerConsoleClient::messageWithTypeAndLevel):
2187         Send worker log messages to the global scope and on to the main page.
2188
2189         * workers/WorkerGlobalScope.h:
2190         * workers/WorkerGlobalScope.cpp:
2191         (WebCore::WorkerGlobalScope::addConsoleMessage):
2192         (WebCore::WorkerGlobalScope::addMessageToWorkerConsole):
2193         Ideally we want to converge on simple addConsoleMessage
2194         APIs that just take a ConsoleMessage, without a barrage
2195         of parameters. Add these versions now.
2196
2197 2016-02-15  Alex Christensen  <achristensen@webkit.org>
2198
2199         CMake build fix.
2200
2201         * PlatformMac.cmake:
2202
2203 2016-02-15  Chris Dumez  <cdumez@apple.com>
2204
2205         Regression(r196563): It is no longer possible to call window.addEventListener without an explicit 'this'
2206         https://bugs.webkit.org/show_bug.cgi?id=154245
2207
2208         Reviewed by Ryosuke Niwa.
2209
2210         This patch adds support for calling the EventListener API without an
2211         explicit 'this' value. If no explicit 'this' value is passed, then we
2212         fall back to using the global object. This matches Chrome and Firefox's
2213         behavior. It also fixes the Dromaeo/cssquery-dojo.html test.
2214
2215         Test: fast/dom/Window/addEventListener-implicit-this.html
2216
2217         * bindings/scripts/CodeGeneratorJS.pm:
2218         (GenerateFunctionCastedThis):
2219
2220 2016-02-14  Gavin Barraclough  <barraclough@apple.com>
2221
2222         Organize, deduplicate & comment JSDOMWindowCustom getOwnPropertySlot
2223         https://bugs.webkit.org/show_bug.cgi?id=154224
2224
2225         Reviewed by Chris Dumez.
2226
2227         * bindings/js/JSDOMWindowCustom.cpp:
2228         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
2229         (WebCore::jsDOMWindowGetOwnPropertySlotNamedItemGetter):
2230         (WebCore::JSDOMWindow::getOwnPropertySlot):
2231         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
2232             - organized property access sequence into a more logical order, removed
2233               duplicated code & added comments.
2234         (WebCore::namedItemGetter): Deleted.
2235             - there was no need for a custom callback here; merged functionality into
2236               jsDOMWindowGetOwnPropertySlotNamedItemGetter.
2237         (WebCore::jsDOMWindowGetOwnPropertySlotCrossOrigin): Deleted.
2238             - renamed to jsDOMWindowGetOwnPropertySlotRestrictedAccess
2239               (this now also handles frameless access).
2240
2241 2016-02-15  Daniel Bates  <dabates@apple.com>
2242
2243         CSP: 'sandbox' should be ignored in report-only mode
2244         https://bugs.webkit.org/show_bug.cgi?id=153167
2245         <rdar://problem/22708669>
2246
2247         Reviewed by Brent Fulgham.
2248
2249         Merged from Blink (patch by Mike West):
2250         <https://src.chromium.org/viewvc/blink?revision=165322&view=revision>
2251
2252         * page/csp/ContentSecurityPolicy.cpp:
2253         (WebCore::ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode): Added. Logs a
2254         console message to the console to explain that the specified directive is invalid in
2255         report-only mode.
2256         * page/csp/ContentSecurityPolicy.h:
2257         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2258         (WebCore::ContentSecurityPolicyDirectiveList::applySandboxPolicy): Do not apply sandbox
2259         policy when in report-only mode and call ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode()
2260         to log a message to the console.
2261
2262 2016-02-15  Daniel Bates  <dabates@apple.com>
2263
2264         CSP: Allow schemeless source expressions to match an HTTP or HTTPS resource
2265         https://bugs.webkit.org/show_bug.cgi?id=154177
2266         <rdar://problem/22708772>
2267
2268         Reviewed by Brent Fulgham.
2269
2270         Allow a schemeless source expression to match an HTTP or HTTPS subresource when the page is
2271         delivered over HTTP as per section Matching Source Expressions of the Content Security Policy
2272         2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/> (21 July 2015).
2273
2274         Currently we have logic that implements this functionality, but it is guarded behind the compile-
2275         time macro ENABLE(CSP_NEXT) that is disabled by default. Instead we should always compile such
2276         code. In subsequent commits we will move more code out from under the ENABLE(CSP_NEXT)-guard
2277         towards removing the ENABLE_CSP_NEXT macro entirely.
2278
2279         * page/csp/ContentSecurityPolicy.cpp:
2280         (WebCore::ContentSecurityPolicy::protocolMatchesSelf):
2281
2282 2016-02-15  Konstantin Tokarev  <annulen@yandex.ru>
2283
2284         [cmake] Consolidated Linux-specific file lists.
2285         https://bugs.webkit.org/show_bug.cgi?id=154219
2286
2287         Reviewed by Gyuyoung Kim.
2288
2289         No new tests needed.
2290
2291         * PlatformEfl.cmake: Moved Linux files and include dir to Linux.cmake.
2292         * PlatformGTK.cmake: Ditto.
2293         * platform/Linux.cmake: Added.
2294
2295 2016-02-15  Csaba Osztrogonác  <ossy@webkit.org>
2296
2297         Fix the !(ENABLE(SVG_FONTS) || ENABLE(SVG_OTF_CONVERTER)) build after r196322
2298         https://bugs.webkit.org/show_bug.cgi?id=154104
2299
2300         Reviewed by Myles C. Maxfield.
2301
2302         * css/CSSFontFaceSource.cpp:
2303         (WebCore::CSSFontFaceSource::CSSFontFaceSource):
2304
2305 2016-02-14  Antti Koivisto  <antti@apple.com>
2306
2307         Add test for class change style invalidation optimization
2308         https://bugs.webkit.org/show_bug.cgi?id=154226
2309
2310         Reviewed by Myles Maxfield.
2311
2312         Test for https://trac.webkit.org/r196383
2313
2314         Add internals.styleChangeType function.
2315
2316         Test: fast/css/style-invalidation-class-change-descendants.html
2317
2318         * testing/Internals.cpp:
2319         (WebCore::Internals::nodeNeedsStyleRecalc):
2320         (WebCore::asString):
2321         (WebCore::Internals::styleChangeType):
2322         (WebCore::Internals::description):
2323         * testing/Internals.h:
2324         * testing/Internals.idl:
2325
2326 2016-02-14  Simon Fraser  <simon.fraser@apple.com>
2327
2328         [CSS Filters] When applying an SVG filter on a composited image using CSS the image is rendered without the filter
2329         https://bugs.webkit.org/show_bug.cgi?id=154108
2330
2331         Reviewed by Sam Weinig.
2332         
2333         When checking whether we can directly composite an image, we need to check for software-rendered
2334         filters.
2335
2336         Test: compositing/filters/simple-image-with-svg-filter.html
2337
2338         * rendering/RenderLayerBacking.cpp:
2339         (WebCore::RenderLayerBacking::isDirectlyCompositedImage):
2340
2341 2016-02-14  Chris Dumez  <cdumez@apple.com>
2342
2343         Drop the [EventTarget] WebKit-specific IDL extended attribute
2344         https://bugs.webkit.org/show_bug.cgi?id=154171
2345
2346         Reviewed by Sam Weinig.
2347
2348         Drop the [EventTarget] WebKit-specific IDL extended attribute now that
2349         all interfaces inherit EventTarget when they should.
2350
2351         No new tests, no Web-Exposed behavior change.
2352
2353         * Modules/battery/BatteryManager.idl:
2354         * Modules/encryptedmedia/MediaKeySession.idl:
2355         * Modules/indexeddb/IDBDatabase.idl:
2356         * Modules/indexeddb/IDBOpenDBRequest.idl:
2357         * Modules/indexeddb/IDBRequest.idl:
2358         * Modules/indexeddb/IDBTransaction.idl:
2359         * Modules/mediasession/MediaRemoteControls.idl:
2360         * Modules/mediasource/MediaSource.idl:
2361         * Modules/mediasource/SourceBuffer.idl:
2362         * Modules/mediasource/SourceBufferList.idl:
2363         * Modules/mediastream/MediaStream.idl:
2364         * Modules/mediastream/MediaStreamTrack.idl:
2365         * Modules/mediastream/RTCDTMFSender.idl:
2366         * Modules/mediastream/RTCDataChannel.idl:
2367         * Modules/mediastream/RTCPeerConnection.idl:
2368         * Modules/notifications/Notification.idl:
2369         * Modules/speech/SpeechSynthesisUtterance.idl:
2370         * Modules/webaudio/AudioContext.idl:
2371         * Modules/webaudio/AudioNode.idl:
2372         * Modules/webaudio/OfflineAudioContext.idl:
2373         * Modules/websockets/WebSocket.idl:
2374         * bindings/scripts/CodeGeneratorGObject.pm:
2375         (ImplementsInterface):
2376         (SkipFunction): Deleted.
2377         (GenerateCFile): Deleted.
2378         * bindings/scripts/CodeGeneratorJS.pm:
2379         (InstanceNeedsVisitChildren):
2380         (GenerateImplementation):
2381         * bindings/scripts/IDLAttributes.txt:
2382         * bindings/scripts/test/TestEventTarget.idl:
2383         * bindings/scripts/test/TestNode.idl:
2384         * css/FontLoader.idl:
2385         * dom/EventTarget.idl:
2386         * dom/MessagePort.idl:
2387         * dom/Node.idl:
2388         * dom/WebKitNamedFlow.idl:
2389         * fileapi/FileReader.idl:
2390         * html/MediaController.idl:
2391         * html/track/AudioTrackList.idl:
2392         * html/track/TextTrack.idl:
2393         * html/track/TextTrackCue.idl:
2394         * html/track/TextTrackList.idl:
2395         * html/track/VideoTrackList.idl:
2396         * loader/appcache/DOMApplicationCache.idl:
2397         * page/DOMWindow.idl:
2398         * page/EventSource.idl:
2399         * page/Performance.idl:
2400         * workers/WorkerGlobalScope.idl:
2401         * xml/XMLHttpRequest.idl:
2402         * xml/XMLHttpRequestUpload.idl:
2403
2404 2016-02-14  Chris Dumez  <cdumez@apple.com>
2405
2406         Unreviewed attempt to fix the Mac CMake build after r196136
2407
2408         * PlatformMac.cmake:
2409
2410 2016-02-14  Chris Dumez  <cdumez@apple.com>
2411
2412         Unreviewed attempt to fix the Windows build.
2413
2414         * Modules/webdatabase/Database.cpp:
2415         * bridge/c/c_utility.cpp:
2416         * platform/MemoryPressureHandler.cpp:
2417
2418 2016-02-14  Chris Dumez  <cdumez@apple.com>
2419
2420         Window and WorkerGlobalScope should inherit EventTarget
2421         https://bugs.webkit.org/show_bug.cgi?id=154170
2422         <rdar://problem/24642377>
2423
2424         Reviewed by Darin Adler.
2425
2426         Window and WorkerGlobalScope should inherit EventTarget instead of
2427         duplicating the EventTarget API in their IDL. These were the last
2428         interfaces that needed fixing. The next step will be to get rid
2429         of the [EventTarget] IDL extended attribute and rely entirely
2430         on the EventTarget inheritance.
2431
2432         Test:
2433         - fast/frames/detached-frame-eventListener.html
2434         - Covered by existing tests.
2435
2436         * WebCore.xcodeproj/project.pbxproj:
2437         Add JSEventTargetCustom.h header to the project.
2438
2439         * bindings/js/JSDOMWindowCustom.cpp:
2440         Drop custom bindings for Window's addEventListener() and
2441         removeEventListener(). The only reason these needed custom
2442         code was to add a check for frameless windows. The frameless
2443         Window checks was moved to the respective methods in the
2444         JSEventTarget generated bindings.
2445
2446         * bindings/js/JSDOMWindowShell.cpp:
2447         (WebCore::JSDOMWindowShell::setWindow):
2448         Set WindowPrototype's prototype to EventTarget's prototype.
2449
2450         * bindings/js/JSDOMWindowShell.h:
2451         * bindings/js/JSDictionary.cpp:
2452         Include "DOMWindow.h" to fix the build.
2453
2454         * bindings/js/JSEventTargetCustom.cpp:
2455         (WebCore::JSEventTarget::toWrapped):
2456         Handle DOMWindow and WorkerGlobalScope explicitely in toWrapped()
2457         and get rid of the DOM_EVENT_TARGET_INTERFACES_FOR_EACH(TRY_TO_UNWRAP_WITH_INTERFACE)
2458         now that all interfaces inherit EventTarget when they should.
2459         The reason DOMWindow and WorkerGlobalScope still need special
2460         handling is because their wrappers (JSDOMWindow /
2461         JSWorkerGlobalScope) do not subclass JSEventTarget.
2462
2463         (WebCore::JSEventTargetOrGlobalScope::create):
2464         * bindings/js/JSEventTargetCustom.h: Added.
2465         (WebCore::JSEventTargetOrGlobalScope::wrapped):
2466         (WebCore::JSEventTargetOrGlobalScope::operator JSC::JSObject&):
2467         (WebCore::JSEventTargetOrGlobalScope::JSEventTargetOrGlobalScope):
2468         Add a wrapper type for JSEventTarget / JSDOMWindow and
2469         JSWorkerGlobalScope for use in the generated bindings. This is
2470         needed because JSDOMWindow and JSWorkerGlobalScope do not
2471         subclass JSEventTarget. Subclassing JSEventTarget would be
2472         complicated for them because they already subclass
2473         JSDOMWindowBase / JSWorkerGlobalScopeBase, which subclasses
2474         JSDOMGlobalObject.
2475
2476         * bindings/js/WorkerScriptController.cpp:
2477         (WebCore::WorkerScriptController::initScript):
2478         Set WorkerGlobalScopePrototype's prototype to EventTarget's prototype.
2479
2480         * bindings/scripts/CodeGeneratorJS.pm:
2481         (ShouldGenerateToJSDeclaration):
2482         Do not generate to toJS() implementation for interfaces that use
2483         the [CustomProxyToJSObject] IDL extended attribute, even if they
2484         inherit EventTarget.
2485
2486         (GetCastingHelperForThisObject):
2487         To initialize castedThis from thisValue JSValue, we now use the
2488         JSEventTargetOrGlobalScope wrapper for the EventTarget
2489         implementation. This is to work around the fact that JSDOMWindow
2490         and JSWorkerGlobalScope do not subclass JSEventTarget.
2491
2492         (GenerateFunctionCastedThis):
2493         - Drop code handling [WorkerGlobalScope] IDL extended attribute
2494           as there is no such attribute.
2495         - Use auto instead of auto* type for castedThis because
2496           JSEventTargetOrGlobalScope::create() returns a unique_ptr.
2497         - Do not check that castedThis inherits JSEventTarget in the
2498           EventTarget bindings code as this no longer holds true.
2499
2500         (GenerateImplementation):
2501         Generate frameless window() and security checks for EventTarget
2502         methods when thisValue is a JSDOMWindow.
2503
2504         * dom/EventTarget.idl:
2505         Add [JSCustomHeader] IDL Extended attribute as we need a header
2506         to expose JSEventTargetOrGlobalScope class.
2507
2508         * page/DOMWindow.idl:
2509         * workers/WorkerGlobalScope.idl:
2510         Inherit EventTarget and stop duplicating the EventTarget API.
2511         This matches the HTML specification.
2512
2513 2016-02-14  Darin Adler  <darin@apple.com>
2514
2515         Small tweaks to some SimpleLineLayout code
2516         https://bugs.webkit.org/show_bug.cgi?id=154229
2517
2518         Reviewed by Zalan Bujtas.
2519
2520         * rendering/SimpleLineLayoutFunctions.cpp:
2521         (WebCore::SimpleLineLayout::paintFlow): Use std::ceil instead of ceilf.
2522         Use auto instead of const auto& for a for loop where the local object is
2523         copied and not a reference.
2524         (WebCore::SimpleLineLayout::hitTestFlow): Use modern for loop.
2525         (WebCore::SimpleLineLayout::collectFlowOverflow): Use std::ceil instead of
2526         ceilf. Use a modern for loop, and use slightly more descriptive local
2527         variable names.
2528         (WebCore::SimpleLineLayout::computeBoundingBox): Use auto instead of
2529         const auto& as above.
2530         (WebCore::SimpleLineLayout::computeFirstRunLocation): Use auto and use
2531         the name "range" for the range rather than the name "it", since the range
2532         is not an iterator.
2533         (WebCore::SimpleLineLayout::collectAbsoluteRects): Use auto instead of
2534         const auto& as above.
2535         (WebCore::SimpleLineLayout::collectAbsoluteQuads): Ditto.
2536         (WebCore::SimpleLineLayout::showLineLayoutForFlow): Use modern for loop.
2537
2538         * rendering/SimpleLineLayoutResolver.cpp:
2539         (WebCore::SimpleLineLayout::RunResolver::Run::text): Convert from a String
2540         to a StringView using the StringView constructor instead of writing out
2541         explicit 8-bit and 16-bit cases.
2542
2543 2016-02-13  Antti Koivisto  <antti@apple.com>
2544
2545         Factor class change style invalidation code into a class
2546         https://bugs.webkit.org/show_bug.cgi?id=154163
2547
2548         Reviewed by Andreas Kling.
2549
2550         Factor this piece of functionality out of Element and into ClassChangeInvalidation class.
2551
2552         * CMakeLists.txt:
2553         * WebCore.vcxproj/WebCore.vcxproj:
2554         * WebCore.xcodeproj/project.pbxproj:
2555         * dom/Element.cpp:
2556         (WebCore::classStringHasClassName):
2557         (WebCore::Element::classAttributeChanged):
2558         (WebCore::collectClasses): Deleted.
2559         (WebCore::computeClassChange): Deleted.
2560         (WebCore::invalidateStyleForClassChange): Deleted.
2561         * style/ClassChangeInvalidation.cpp: Added.
2562         (WebCore::Style::ClassChangeInvalidation::computeClassChange):
2563         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
2564         * style/ClassChangeInvalidation.h: Added.
2565         (WebCore::Style::ClassChangeInvalidation::needsInvalidation):
2566         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
2567         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
2568
2569 2016-02-13  Myles C. Maxfield  <mmaxfield@apple.com>
2570
2571         [Win] [SVG -> OTF Converter] SVG fonts drawn into ImageBuffers are invisible
2572         https://bugs.webkit.org/show_bug.cgi?id=154222
2573
2574         Reviewed by Antti Koivisto.
2575
2576         Windows ImageBuffer code is sensitive to broken bounding box and
2577         descent code.
2578
2579         Covered by existing tests.
2580
2581         * svg/SVGToOTFFontConversion.cpp:
2582         (WebCore::SVGToOTFFontConverter::appendHHEATable):
2583         (WebCore::SVGToOTFFontConverter::appendOS2Table):
2584         (WebCore::SVGToOTFFontConverter::processGlyphElement):
2585         (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):
2586
2587 2016-02-13  Antti Koivisto  <antti@apple.com>
2588
2589         Add version number for default stylesheet
2590         https://bugs.webkit.org/show_bug.cgi?id=154220
2591
2592         Reviewed by Ryosuke Niwa.
2593
2594         We currently fail to update RuleFeatureSets for shadow trees when the default stylesheet grows
2595         (for example when media controls stylesheet is initialized).
2596
2597         No test since this is not causing known bugs. It is blocking optimizations in shadow trees that
2598         rely on rule features being up-to-date.
2599
2600         * css/CSSDefaultStyleSheets.cpp:
2601         (WebCore::CSSDefaultStyleSheets::loadSimpleDefaultStyle):
2602         (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):
2603
2604             Increment version number when the default stylesheet changes.
2605
2606         * css/CSSDefaultStyleSheets.h:
2607         * css/DocumentRuleSets.cpp:
2608         (WebCore::DocumentRuleSets::appendAuthorStyleSheets):
2609         (WebCore::DocumentRuleSets::collectFeatures):
2610
2611             Store the current default stylesheet version number.
2612
2613         * css/DocumentRuleSets.h:
2614         (WebCore::DocumentRuleSets::features):
2615
2616             Collect features again if the default stylesheet has changed.
2617
2618         * css/StyleResolver.cpp:
2619         (WebCore::StyleResolver::styleForElement):
2620
2621 2016-02-13  Konstantin Tokarev  <annulen@yandex.ru>
2622
2623         [cmake] Consolidate building of GStreamer and OpenWebRTC code.
2624         https://bugs.webkit.org/show_bug.cgi?id=154116
2625
2626         Reviewed by Michael Catanzaro.
2627
2628         No new tests needed.
2629
2630         * PlatformEfl.cmake: Migrated shared code to GStreamer.cmake.
2631         * PlatformGTK.cmake: Ditto.
2632         * platform/GStreamer.cmake: Added.
2633
2634 2016-02-13  Mark Lam  <mark.lam@apple.com>
2635
2636         Add thread violation checks to WebView public APIs.
2637         https://bugs.webkit.org/show_bug.cgi?id=154183
2638
2639         Reviewed by Timothy Hatcher.
2640
2641         No new tests.  Just adding a new thread violation round.
2642
2643         * platform/ThreadCheck.h:
2644         * platform/mac/ThreadCheck.mm:
2645         - Adding WebCoreThreadViolationCheckRoundThree().
2646
2647 2016-02-12  Nan Wang  <n_wang@apple.com>
2648
2649         AX: Implement paragraph related text marker functions using TextIterator
2650         https://bugs.webkit.org/show_bug.cgi?id=154098
2651         <rdar://problem/24269675>
2652
2653         Reviewed by Chris Fleizach.
2654
2655         Using CharacterOffset to implement paragraph related text marker calls. Reused
2656         logic from VisibleUnits class. And refactored textMarkerForCharacterOffset method
2657         to get better performance. Also fixed an issue where we can't navigate through a text
2658         node with line breaks in it using next/previousCharacterOffset call.
2659
2660         Test: accessibility/mac/text-marker-paragraph-nav.html
2661
2662         * accessibility/AXObjectCache.cpp:
2663         (WebCore::AXObjectCache::traverseToOffsetInRange):
2664         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
2665         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
2666         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
2667         (WebCore::AXObjectCache::textMarkerDataForNextCharacterOffset):
2668         (WebCore::AXObjectCache::textMarkerDataForPreviousCharacterOffset):
2669         (WebCore::AXObjectCache::nextNode):
2670         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
2671         (WebCore::AXObjectCache::nextCharacterOffset):
2672         (WebCore::AXObjectCache::previousCharacterOffset):
2673         (WebCore::startWordBoundary):
2674         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
2675         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
2676         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
2677         (WebCore::AXObjectCache::previousWordBoundary):
2678         (WebCore::AXObjectCache::startCharacterOffsetOfParagraph):
2679         (WebCore::AXObjectCache::endCharacterOffsetOfParagraph):
2680         (WebCore::AXObjectCache::paragraphForCharacterOffset):
2681         (WebCore::AXObjectCache::nextParagraphEndCharacterOffset):
2682         (WebCore::AXObjectCache::previousParagraphStartCharacterOffset):
2683         (WebCore::AXObjectCache::rootAXEditableElement):
2684         * accessibility/AXObjectCache.h:
2685         (WebCore::CharacterOffset::remaining):
2686         (WebCore::CharacterOffset::isNull):
2687         (WebCore::CharacterOffset::isEqual):
2688         (WebCore::AXObjectCache::isNodeInUse):
2689         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
2690         (+[WebAccessibilityTextMarker textMarkerWithCharacterOffset:cache:]):
2691         (-[WebAccessibilityObjectWrapper nextMarkerForCharacterOffset:]):
2692         (-[WebAccessibilityObjectWrapper previousMarkerForCharacterOffset:]):
2693         (-[WebAccessibilityObjectWrapper rangeForTextMarkers:]):
2694         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
2695         (startOrEndTextmarkerForRange):
2696         (nextTextMarkerForCharacterOffset):
2697         (previousTextMarkerForCharacterOffset):
2698         (-[WebAccessibilityObjectWrapper nextTextMarkerForCharacterOffset:]):
2699         (-[WebAccessibilityObjectWrapper previousTextMarkerForCharacterOffset:]):
2700         (-[WebAccessibilityObjectWrapper textMarkerForCharacterOffset:]):
2701         (textMarkerForCharacterOffset):
2702         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
2703         (-[WebAccessibilityObjectWrapper nextTextMarkerForNode:offset:]): Deleted.
2704         (-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]): Deleted.
2705         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:ignoreStart:]): Deleted.
2706         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]): Deleted.
2707         * editing/VisibleUnits.cpp:
2708         (WebCore::nextSentencePosition):
2709         (WebCore::findStartOfParagraph):
2710         (WebCore::findEndOfParagraph):
2711         (WebCore::startOfParagraph):
2712         (WebCore::endOfParagraph):
2713         * editing/VisibleUnits.h:
2714
2715 2016-02-12  Ryan Haddad  <ryanhaddad@apple.com>
2716
2717         Reset results for bindings tests after r196520
2718
2719         Unreviewed test gardening.
2720
2721         No new tests needed.
2722
2723         * bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
2724         (webkit_dom_test_event_target_dispatch_event):
2725         * bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
2726         (webkit_dom_test_node_dispatch_event):
2727
2728 2016-02-12  Saam barati  <sbarati@apple.com>
2729
2730         Attempting build fix from https://bugs.webkit.org/show_bug.cgi?id=154144.
2731
2732         * bindings/js/JSDOMGlobalObject.cpp:
2733         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
2734
2735 2016-02-12  Daniel Bates  <dabates@apple.com>
2736
2737         CSP: 'blob:' URLs should not match 'self' in CSP source expression lists.
2738         https://bugs.webkit.org/show_bug.cgi?id=153158
2739         <rdar://problem/24383264>
2740
2741         Reviewed by Brent Fulgham.
2742
2743         A blob URL should not match source 'self' by section Security Considerations for GUID URL schemes
2744         of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/CSP2/> (21 July 2015).
2745
2746         Tests: http/tests/security/contentSecurityPolicy/blob-url-does-not-match-source-self.html
2747                http/tests/security/contentSecurityPolicy/blob-url-matches-source-blob.html
2748
2749         * page/csp/ContentSecurityPolicySourceList.cpp:
2750         (WebCore::ContentSecurityPolicySourceList::matches): Do not make a distinction between URLs that
2751         contain a nested URL (e.g. blob://http://www.example.com/...) and URLs that do not contain a nested
2752         URL. The URL of the requested resource should be matched against the source list source expressions.
2753
2754 2016-02-12  Daniel Bates  <dabates@apple.com>
2755
2756         CSP: Implement child-src directive
2757         https://bugs.webkit.org/show_bug.cgi?id=153562
2758         <rdar://problem/24610087>
2759
2760         Reviewed by Brent Fulgham.
2761
2762         Add support for the child-src directive, <https://w3c.github.io/webappsec-csp/2/#child_src> (29 August 2015),
2763         which formally replaces the deprecated frame-src directive as of the Content Security Policy 2.0 spec. The
2764         child-src directive was first introduced in the Content Security Policy 1.1 spec, <https://www.w3.org/TR/2014/WD-CSP11-20140211/>.
2765
2766         As a side effect of this change, the script URL for a Web Worker is checked against the child-src directive
2767         as opposed to the script-src directive. This is a backward incompatible change from the CSP 1.0 spec.
2768
2769         Tests: http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-blocked.html
2770                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-redirect-blocked.html
2771                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-src-takes-precedence-over-child-src.html
2772                http/tests/security/contentSecurityPolicy/1.1/child-src/worker-redirect-blocked.html
2773                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-redirect.html
2774
2775         * loader/DocumentThreadableLoader.cpp:
2776         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Check child-src directive (if applicable).
2777         * loader/ThreadableLoader.h: Add enum value EnforceChildSrcDirective to enum class ContentSecurityPolicyEnforcement to
2778         enforce the child-src directive on redirect.
2779         * page/csp/ContentSecurityPolicy.cpp:
2780         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Added.
2781         * page/csp/ContentSecurityPolicy.h:
2782         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
2783         (WebCore::ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation): Add message prefix for a child-src violation.
2784         We use the same message prefix as used by Blink.
2785         (WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Added.
2786         (WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Modified to check the frame-src
2787         directive (if specified) before checking the child-src directive by <https://w3c.github.io/webappsec-csp/2/#directive-child-src-nested>.
2788         (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the child-src directive.
2789         * page/csp/ContentSecurityPolicyDirectiveList.h:
2790         * workers/AbstractWorker.cpp:
2791         (WebCore::AbstractWorker::resolveURL): Check if the script URL for the worker is allowed by the child-src directive
2792         as opposed to the script-src directive. This is a backwards incompatible change from the CSP 1.0 spec.
2793         * workers/Worker.cpp:
2794         (WebCore::Worker::create): Enforce the child-src directive on redirects (if applicable).
2795
2796 2016-02-12  Saam barati  <sbarati@apple.com>
2797
2798         The parser doesn't properly protect against global variable references in builtins
2799         https://bugs.webkit.org/show_bug.cgi?id=154144
2800
2801         Reviewed by Geoffrey Garen.
2802
2803         Change JS builtins to no longer reference global variables.
2804
2805         No new tests because old tests cover the issues here.
2806
2807         * Modules/mediastream/NavigatorUserMedia.js:
2808         (webkitGetUserMedia):
2809         * Modules/mediastream/RTCPeerConnection.js:
2810         (addIceCandidate):
2811         (getStats):
2812         * Modules/mediastream/RTCPeerConnectionInternals.js:
2813         (setLocalOrRemoteDescription):
2814         * Modules/plugins/QuickTimePluginReplacement.js:
2815         (Replacement.prototype.handleEvent):
2816         * Modules/streams/ByteLengthQueuingStrategy.js:
2817         (initializeByteLengthQueuingStrategy):
2818         * Modules/streams/CountQueuingStrategy.js:
2819         (initializeCountQueuingStrategy):
2820         * Modules/streams/ReadableStreamInternals.js:
2821         (teeReadableStream):
2822         * bindings/js/JSDOMGlobalObject.cpp:
2823         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
2824         * bindings/js/WebCoreBuiltinNames.h:
2825
2826 2016-02-12  Jiewen Tan  <jiewen_tan@apple.com>
2827
2828         WebKit should expose the DOM 4 Event.isTrusted property
2829         https://bugs.webkit.org/show_bug.cgi?id=76121
2830         <rdar://problem/22558494>
2831
2832         Reviewed by Darin Adler.
2833
2834         Implements Event.isTrusted. The implementation here is slitely different from and better than
2835         the DOM specification. Here Event.isTrusted will be initialized differently depending on the
2836         callers of the constructors/create methods. If the caller is from user agent, the isTrusted
2837         will be true. Otherwise, it will be false. Since a user agent dispatched event can be catched
2838         and re-initialized/redispatched by the bindings, the flag will be unset at *Event::init*Event
2839         and EventTarget::dispatchEventForBindings. As currently there is no way to let user agent to
2840         dispatch a bindings created event, therefore we ensure that the Event.isTrusted is set for
2841         events dispatched by user agent, and unset for those by bindings.
2842
2843         EventTarget::dispatchEvent(Event*, ExceptionCode&) is renamed to EventTarget::dispatchEventForBindings
2844         in this patch as well. So that, together with the improved design of the API, developers in
2845         the future will be less likely using a wrong dispatchEvent method and setting Event.isTrusted
2846         incorrectly comparing to the DOM design.
2847
2848         After this patch, all events that are created by user agent should be dispatched by
2849         EventTarget::dispatchEvent, and those are created by bindings should be dispatched by
2850         EventTarget::dispatchEventForBindings.
2851
2852         Some of the changes in this patch referred Blink r198996:
2853         https://codereview.chromium.org/1241613004
2854
2855         Test: imported/blink/fast/events/event-trusted.html
2856
2857         * bindings/scripts/CodeGeneratorGObject.pm:
2858         (GenerateEventTargetIface):
2859         * dom/Event.cpp:
2860         (WebCore::Event::Event):
2861         (WebCore::Event::initEvent):
2862         * dom/Event.h:
2863         (WebCore::Event::isTrusted):
2864         (WebCore::Event::setUntrusted):
2865         * dom/Event.idl:
2866         * dom/EventTarget.cpp:
2867         (WebCore::EventTarget::dispatchEventForBindings):
2868         (WebCore::EventTarget::dispatchEvent): Deleted.
2869         * dom/EventTarget.h:
2870         * dom/EventTarget.idl:
2871         * page/DOMWindow.idl:
2872         * page/EventHandler.cpp:
2873         (WebCore::EventHandler::dispatchDragEvent):
2874         * workers/WorkerGlobalScope.idl:
2875
2876 2016-02-12  Brady Eidson  <beidson@apple.com>
2877
2878         Modern IDB: IDBObjectStore and IDBIndex need to be ActiveDOMObjects.
2879         https://bugs.webkit.org/show_bug.cgi?id=154153
2880
2881         Reviewed by Alex Christensen.
2882
2883         No new tests (No testable change in behavior).
2884
2885         This is needed so that IDBObjectStore and IDBIndex JS wrappers are not garbage collected
2886         while their IDBTransaction is still in progress.
2887
2888         * Modules/indexeddb/client/IDBIndexImpl.cpp:
2889         (WebCore::IDBClient::IDBIndex::IDBIndex):
2890         (WebCore::IDBClient::IDBIndex::activeDOMObjectName):
2891         (WebCore::IDBClient::IDBIndex::canSuspendForDocumentSuspension):
2892         (WebCore::IDBClient::IDBIndex::hasPendingActivity):
2893         * Modules/indexeddb/client/IDBIndexImpl.h:
2894         
2895         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
2896         (WebCore::IDBClient::IDBObjectStore::create):
2897         (WebCore::IDBClient::IDBObjectStore::IDBObjectStore):
2898         (WebCore::IDBClient::IDBObjectStore::activeDOMObjectName):
2899         (WebCore::IDBClient::IDBObjectStore::canSuspendForDocumentSuspension):
2900         (WebCore::IDBClient::IDBObjectStore::hasPendingActivity):
2901         (WebCore::IDBClient::IDBObjectStore::index):
2902         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
2903         
2904         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
2905         (WebCore::IDBClient::IDBTransaction::objectStore):
2906         (WebCore::IDBClient::IDBTransaction::createObjectStore):
2907         (WebCore::IDBClient::IDBTransaction::createIndex):
2908
2909 2016-02-12  Brady Eidson  <beidson@apple.com>
2910
2911         Modern IDB: Simplify the relationship between IDBObjectStore and IDBIndex.
2912         https://bugs.webkit.org/show_bug.cgi?id=154187
2913
2914         Reviewed by Alex Christensen.
2915
2916         Tests: storage/indexeddb/modern/deleteindex-3-private.html
2917                storage/indexeddb/modern/deleteindex-3.html
2918
2919         Instead of allowing IDBIndex to have two different lifecycle modes, it is now always
2920         owned by an IDBObjectStore.
2921         
2922         To support the case where an IDBIndex is deleted from its IDBObjectStore, the object
2923         store simply hangs on to deleted indexes until it is destroyed itself.
2924         
2925         * Modules/indexeddb/client/IDBIndexImpl.cpp:
2926         (WebCore::IDBClient::IDBIndex::markAsDeleted):
2927         (WebCore::IDBClient::IDBIndex::ref):
2928         (WebCore::IDBClient::IDBIndex::deref):
2929         * Modules/indexeddb/client/IDBIndexImpl.h:
2930         
2931         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
2932         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
2933         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
2934
2935 2016-02-12  Myles C. Maxfield  <mmaxfield@apple.com>
2936
2937         [CSS Font Loading] Implement CSSFontFace Boilerplate
2938         https://bugs.webkit.org/show_bug.cgi?id=154145
2939
2940         Reviewed by Dean Jackson.
2941
2942         The CSS Font Loading spec[1] dictates that the FontFace object needs to have string
2943         accessors and mutators for a bunch of properties. Our CSSFontFace object currently
2944         contains this parsed information, but it isn't accessible via string-based methods.
2945         This patch adds the necessary accessors and mutators, and migrates CSSFontSelector
2946         to use these mutators where necessary.
2947
2948         There is more work to come on CSSFontFace; the next step is to create an .idl file
2949         and hook it up to our CSSFontFace object. In this patch I have left some
2950         unimplemented pieces (for example: where the spec dictates that some operation should
2951         throw a JavaScript exception) which will be implemented in a follow-up patch. This
2952         patch does not have any visible behavior change; I'm separating out the boilerplate
2953         into this patch in order to ease reviewing burden.
2954
2955         This patch separates the externally-facing JavaScript API into a new class, FontFace.
2956         This class owns a CSSFontFace, which provides the backing implementation. There will
2957         be a system of shared ownership of these objects once FontFaceSet is implemented.
2958
2959         No new tests because there is no behavior change.
2960
2961         * CMakeLists.txt: Add new files to CMake builds.
2962         * WebCore.vcxproj/WebCore.vcxproj: Ditto for Windows.
2963         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
2964         * WebCore.xcodeproj/project.pbxproj: Ditto for Cocoa.
2965         * css/CSSAllInOne.cpp: Ditto for All-In-One builds.
2966         * css/CSSFontFace.cpp: Move shared code from CSSFontSelector into CSSFontFace.
2967         (WebCore::CSSFontFace::CSSFontFace):
2968         (WebCore::CSSFontFace::~CSSFontFace):
2969         (WebCore::CSSFontFace::setFamilies):
2970         (WebCore::CSSFontFace::setStyle):
2971         (WebCore::CSSFontFace::setWeight):
2972         (WebCore::CSSFontFace::setUnicodeRange):
2973         (WebCore::CSSFontFace::setVariantLigatures):
2974         (WebCore::CSSFontFace::setVariantPosition):
2975         (WebCore::CSSFontFace::setVariantCaps):
2976         (WebCore::CSSFontFace::setVariantNumeric):
2977         (WebCore::CSSFontFace::setVariantAlternates):
2978         (WebCore::CSSFontFace::setVariantEastAsian):
2979         (WebCore::CSSFontFace::setFeatureSettings):
2980         * css/CSSFontFace.h: Clean up.
2981         (WebCore::CSSFontFace::create):
2982         (WebCore::CSSFontFace::families):
2983         (WebCore::CSSFontFace::traitsMask):
2984         (WebCore::CSSFontFace::featureSettings):
2985         (WebCore::CSSFontFace::variantSettings):
2986         (WebCore::CSSFontFace::setVariantSettings):
2987         (WebCore::CSSFontFace::setTraitsMask):
2988         (WebCore::CSSFontFace::isLocalFallback):
2989         (WebCore::CSSFontFace::addRange): Deleted.
2990         (WebCore::CSSFontFace::insertFeature): Deleted.
2991         (WebCore::CSSFontFace::setVariantCommonLigatures): Deleted.
2992         (WebCore::CSSFontFace::setVariantDiscretionaryLigatures): Deleted.
2993         (WebCore::CSSFontFace::setVariantHistoricalLigatures): Deleted.
2994         (WebCore::CSSFontFace::setVariantContextualAlternates): Deleted.
2995         (WebCore::CSSFontFace::setVariantPosition): Deleted.
2996         (WebCore::CSSFontFace::setVariantCaps): Deleted.
2997         (WebCore::CSSFontFace::setVariantNumericFigure): Deleted.
2998         (WebCore::CSSFontFace::setVariantNumericSpacing): Deleted.
2999         (WebCore::CSSFontFace::setVariantNumericFraction): Deleted.
3000         (WebCore::CSSFontFace::setVariantNumericOrdinal): Deleted.
3001         (WebCore::CSSFontFace::setVariantNumericSlashedZero): Deleted.
3002         (WebCore::CSSFontFace::setVariantAlternates): Deleted.
3003         (WebCore::CSSFontFace::setVariantEastAsianVariant): Deleted.
3004         (WebCore::CSSFontFace::setVariantEastAsianWidth): Deleted.
3005         (WebCore::CSSFontFace::setVariantEastAsianRuby): Deleted.
3006         (WebCore::CSSFontFace::CSSFontFace): Deleted.
3007         * css/CSSFontSelector.cpp: Migrate shared code into CSSFontFace, and udpate
3008         to use the new API.
3009         (WebCore::appendSources):
3010         (WebCore::registerLocalFontFacesForFamily):
3011         (WebCore::CSSFontSelector::addFontFaceRule):
3012         (WebCore::computeTraitsMask): Deleted.
3013         (WebCore::createFontFace): Deleted.
3014         * css/FontFace.cpp: Added. External JavaScript API. Owns a CSSFontFace.
3015         (WebCore::FontFace::FontFace):
3016         (WebCore::FontFace::~FontFace):
3017         (WebCore::parseString):
3018         (WebCore::FontFace::setFamily):
3019         (WebCore::FontFace::setStyle):
3020         (WebCore::FontFace::setWeight):
3021         (WebCore::FontFace::setStretch):
3022         (WebCore::FontFace::setUnicodeRange):
3023         (WebCore::FontFace::setVariant):
3024         (WebCore::FontFace::setFeatureSettings):
3025         (WebCore::FontFace::family):
3026         (WebCore::FontFace::style):
3027         (WebCore::FontFace::weight):
3028         (WebCore::FontFace::stretch):
3029         (WebCore::FontFace::unicodeRange):
3030         (WebCore::FontFace::variant):
3031         (WebCore::FontFace::featureSettings):
3032         * css/FontFace.h: Added. Ditto.
3033         (WebCore::FontFace::create):
3034         * css/FontVariantBuilder.cpp: Added. Moved code here from FontVariantBuilder.h.
3035         Refactored to support a new client (CSSFontFace).
3036         (WebCore::extractFontVariantLigatures):
3037         (WebCore::extractFontVariantNumeric):
3038         (WebCore::extractFontVariantEastAsian):
3039         (WebCore::computeFontVariant):
3040         * css/FontVariantBuilder.h: Moved code from here into FontVariantBuilder.cpp.
3041         (WebCore::applyValueFontVariantLigatures): Deleted.
3042         (WebCore::applyValueFontVariantNumeric): Deleted.
3043         (WebCore::applyValueFontVariantEastAsian): Deleted.
3044         * css/StyleBuilderCustom.h: Update for new FontVariantBuilder API.
3045         (WebCore::StyleBuilderCustom::applyValueFontVariantLigatures):
3046         (WebCore::StyleBuilderCustom::applyValueFontVariantNumeric):
3047         (WebCore::StyleBuilderCustom::applyValueFontVariantEastAsian):
3048         * platform/text/TextFlags.h: Provide convenience classes.
3049         (WebCore::FontVariantLigaturesValues::FontVariantLigaturesValues):
3050         (WebCore::FontVariantNumericValues::FontVariantNumericValues):
3051         (WebCore::FontVariantEastAsianValues::FontVariantEastAsianValues):
3052
3053 2016-02-12  Jer Noble  <jer.noble@apple.com>
3054
3055         Build fix after r196506; publish MediaResourceLoader.h as a private header so it can be used by
3056         TestWebKitAPI.
3057
3058         * WebCore.xcodeproj/project.pbxproj:
3059
3060 2016-02-11  Jer Noble  <jer.noble@apple.com>
3061
3062         [Mac] Adopt MediaResourceLoader (instead of CachedResourceLoader) in WebCoreNSURLSession.
3063         https://bugs.webkit.org/show_bug.cgi?id=154136
3064
3065         Reviewed by Alex Christensen.
3066
3067         MediaResourceLoader already supports using CORS attribute to verify CORS access requirements
3068         when loading media resources, so use it, rather than CachedResourceLoader, as the backing for
3069         WebCoreNSURLSession.
3070
3071         * platform/network/cocoa/WebCoreNSURLSession.h:
3072         * platform/network/cocoa/WebCoreNSURLSession.mm:
3073         (-[WebCoreNSURLSession delegateQueue]):
3074         (-[WebCoreNSURLSession streamTaskWithNetService:]):
3075         (-[WebCoreNSURLSession isKindOfClass:]):
3076         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
3077         (-[WebCoreNSURLSessionDataTask _restart]):
3078         (-[WebCoreNSURLSessionDataTask _cancel]):
3079         (-[WebCoreNSURLSessionDataTask resume]):
3080         (-[WebCoreNSURLSessionDataTask _timingData]):
3081         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
3082         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
3083         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Deleted.
3084         (-[WebCoreNSURLSession loader]): Deleted.
3085         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent): Deleted.
3086         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived): Deleted.
3087         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived): Deleted.
3088         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived): Deleted.
3089         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished): Deleted.
3090         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]): Deleted.
3091         (-[WebCoreNSURLSessionDataTask _finish]): Deleted.
3092         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
3093         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]): Deleted.
3094         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]): Deleted.
3095         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Deleted.
3096         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3097         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
3098
3099 2016-02-12  Alex Christensen  <achristensen@webkit.org>
3100
3101         Fix non-internal builds when using NetworkSession
3102         https://bugs.webkit.org/show_bug.cgi?id=152285
3103
3104         * platform/spi/cf/CFNetworkSPI.h:
3105         Add SPI declaration used in r194156.
3106
3107 2016-02-12  Andreas Kling  <akling@apple.com>
3108
3109         Throw out all live resource decoded data on memory pressure / suspension.
3110         <https://webkit.org/b/154176>
3111
3112         Reviewed by Antti Koivisto.
3113
3114         When pruning live resource decoded data from the memory cache,
3115         we normally avoid pruning anything that's been painted in the last second.
3116         This is an optimization to avoid getting into image decoding loops.
3117
3118         For memory pressure / process suspension scenarios this doesn't really
3119         make sense though:
3120
3121             - In the pressure case, if we have to render again soon it'll likely
3122               be a new GIF frame which we have to decode anyway.
3123
3124             - In the process suspension case, we might *never* render again,
3125               so we should be good citizens and drop all the decoded data we can.
3126
3127         This patch makes us drop all the decoded data, recently painted or not.
3128
3129         * platform/MemoryPressureHandler.cpp:
3130         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
3131
3132 2016-02-12  Gavin Barraclough  <barraclough@apple.com>
3133
3134         Separate out !allowsAccess path in JSDOMWindowCustom getOwnPropertySlot
3135         https://bugs.webkit.org/show_bug.cgi?id=154156
3136
3137         Reviewed by Chris Dumez.
3138
3139         JSDOMWindowCustom getOwnPropertySlot currently allows cross-origin access to all
3140         static properties, relying on the property to perform the access check. This is
3141         a little insecure, since it is error prone - someone could easily add a property
3142         to the static table without realizing it would be automatcially exposed.
3143
3144         Instead, add a hard-coded filter to restrict access. As a future implementation
3145         we might consider autogenerating this (the properties are already tagged in IDL,
3146         we might be able to track this in a flag on the static table).
3147
3148         By separating out the handling of the same- and cross-origin access we can
3149         simplify & make the policy being enforced much clearer.
3150
3151         * bindings/js/JSDOMBinding.cpp:
3152         (WebCore::objectToStringFunctionGetter): Deleted.
3153             - removed objectToStringFunctionGetter - this duplicated functionality of
3154               nonCachingStaticFunctionGetter.
3155         * bindings/js/JSDOMBinding.h:
3156         (WebCore::objectToStringFunctionGetter): Deleted.
3157             - removed objectToStringFunctionGetter - this duplicated functionality of
3158               nonCachingStaticFunctionGetter.
3159         * bindings/js/JSDOMWindowCustom.cpp:
3160         (WebCore::jsDOMWindowGetOwnPropertySlotDisallowAccess):
3161             - explicitly handle providing access to only the things we do want to allow cross-origin.
3162         (WebCore::JSDOMWindow::getOwnPropertySlot):
3163         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
3164             - push all !allowsAccess handling to jsDOMWindowGetOwnPropertySlotDisallowAccess
3165         (WebCore::childFrameGetter): Deleted.
3166             - this was just a deoptimiztion - moving access into a callback saved very
3167               little & caused more work to be duplicated.
3168
3169 2016-02-12  Sukolsak Sakshuwong  <sukolsak@gmail.com>
3170
3171         Update ICU header files to version 52
3172         https://bugs.webkit.org/show_bug.cgi?id=154160
3173
3174         Reviewed by Alex Christensen.
3175
3176         Update ICU header files to version 52 to allow the use of newer APIs.
3177
3178         No new tests because there is no behavior change.
3179
3180         * icu/unicode/bytestream.h:
3181         * icu/unicode/chariter.h:
3182         * icu/unicode/localpointer.h:
3183         * icu/unicode/platform.h:
3184         * icu/unicode/ptypes.h:
3185         * icu/unicode/putil.h:
3186         * icu/unicode/rep.h:
3187         (Replaceable::Replaceable):
3188         * icu/unicode/std_string.h:
3189         * icu/unicode/strenum.h:
3190         * icu/unicode/stringpiece.h:
3191         * icu/unicode/ubrk.h:
3192         * icu/unicode/uchar.h:
3193         * icu/unicode/ucnv.h:
3194         * icu/unicode/ucol.h:
3195         * icu/unicode/ucoleitr.h:
3196         * icu/unicode/uconfig.h:
3197         * icu/unicode/ucsdet.h:
3198         * icu/unicode/uenum.h:
3199         * icu/unicode/uidna.h:
3200         * icu/unicode/uiter.h:
3201         * icu/unicode/uloc.h:
3202         * icu/unicode/umachine.h:
3203         * icu/unicode/unistr.h:
3204         (UnicodeString::UnicodeString):
3205         (UnicodeString::operator== ):
3206         (UnicodeString::startsWith):
3207         (UnicodeString::setTo):
3208         (UnicodeString::remove):
3209         (UnicodeString::replace): Deleted.
3210         (UnicodeString::extract): Deleted.
3211         (UnicodeString::char32At): Deleted.
3212         (UnicodeString::getChar32Start): Deleted.
3213         (UnicodeString::getChar32Limit): Deleted.
3214         (UnicodeString::getTerminatedBuffer): Deleted.
3215         (UnicodeString::append): Deleted.
3216         (UnicodeString::truncate): Deleted.
3217         * icu/unicode/unorm2.h:
3218         * icu/unicode/uobject.h:
3219         * icu/unicode/urename.h:
3220         * icu/unicode/uscript.h:
3221         * icu/unicode/usearch.h:
3222         * icu/unicode/uset.h:
3223         * icu/unicode/ushape.h:
3224         * icu/unicode/ustring.h:
3225         * icu/unicode/utext.h:
3226         * icu/unicode/utf.h:
3227         * icu/unicode/utf16.h:
3228         * icu/unicode/utf8.h:
3229         * icu/unicode/utf_old.h:
3230         * icu/unicode/utypes.h:
3231         * icu/unicode/uvernum.h:
3232         * icu/unicode/uversion.h:
3233
3234 2016-02-12  Andreas Kling  <akling@apple.com>
3235
3236         [Mac] BitmapImage::decodedDataIsPurgeable() is telling lies and causing massive memory usage.
3237         <https://webkit.org/b/154172>
3238
3239         Reviewed by Antti Koivisto.
3240
3241         The underlying mechanism in CoreAnimation that made this work is no longer in place.
3242
3243         Instead of keeping purgeable frames and juggling volatility bits, we were simply caching
3244         every single frame of large GIF animations, sometimes leading to monstrous memory usage.
3245
3246         Remove the code from WebCore since it's not doing at all what it means to.
3247
3248         Now iOS and Mac will behave the same again, and frame caching decisions will be
3249         made by WebKit, based on total pixel byte size.
3250
3251         * loader/cache/CachedImage.h:
3252         * loader/cache/CachedResource.h:
3253         (WebCore::CachedResource::decodedDataIsPurgeable): Deleted.
3254         * loader/cache/MemoryCache.cpp:
3255         (WebCore::MemoryCache::pruneLiveResourcesToSize): Deleted.
3256         * platform/graphics/BitmapImage.cpp:
3257         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
3258         (WebCore::BitmapImage::destroyDecodedDataIfNecessary): Deleted.
3259         * platform/graphics/BitmapImage.h:
3260         * platform/graphics/Image.h:
3261         (WebCore::Image::decodedDataIsPurgeable): Deleted.
3262         * platform/graphics/cg/BitmapImageCG.cpp:
3263         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
3264         * platform/graphics/cg/ImageSourceCG.cpp:
3265         (WebCore::ImageSource::createFrameAtIndex): Deleted.
3266
3267 2016-02-12  Brady Eidson  <beidson@apple.com>
3268
3269         Modern IDB: Ref cycle between IDBObjectStore and IDBIndex.
3270         https://bugs.webkit.org/show_bug.cgi?id=154110
3271
3272         Reviewed by Darin Adler.
3273
3274         No new tests (Currently untestable).
3275
3276         The lifetime of IDBObjectStore and IDBIndex are closely intertwined, but we have to break the ref cycle.
3277         
3278         This patch does a few semi-gnarly things:
3279         1 - Makes both IDBIndex and IDBObjectStore have a custom marking function so they can add each other as 
3280             opaque roots.
3281         2 - Adds a lock to protect IDBObjectStore's collection of referenced indexes to support #1, as GC marking
3282             can happen on any thread.
3283         3 - Makes IDBIndex not be traditionally RefCounted; Instead, IDBIndex::ref()/deref() simply ref()/deref()
3284             the owning IDBObjectStore.
3285         4 - ...Except when somebody deletes an IDBIndex from its IDBObjectStore. Once that happens, the object
3286             store no longer has a reference back to the index, but the index still needs a reference back to the
3287             object store. To support this, the IDBIndex becomes "traditionally RefCounted" while holding a ref to
3288             its IDBObjectStore.
3289
3290         * CMakeLists.txt:
3291         * WebCore.xcodeproj/project.pbxproj:
3292
3293         * Modules/indexeddb/IDBIndex.h:
3294         (WebCore::IDBIndex::isModern):
3295         * Modules/indexeddb/IDBIndex.idl:
3296         
3297         * Modules/indexeddb/IDBObjectStore.h:
3298         (WebCore::IDBObjectStore::isModern):
3299         * Modules/indexeddb/IDBObjectStore.idl:
3300         
3301         * Modules/indexeddb/client/IDBIndexImpl.cpp:
3302         (WebCore::IDBClient::IDBIndex::objectStore):
3303         (WebCore::IDBClient::IDBIndex::openCursor):
3304         (WebCore::IDBClient::IDBIndex::doCount):
3305         (WebCore::IDBClient::IDBIndex::openKeyCursor):
3306         (WebCore::IDBClient::IDBIndex::doGet):
3307         (WebCore::IDBClient::IDBIndex::doGetKey):
3308         (WebCore::IDBClient::IDBIndex::markAsDeleted):
3309         (WebCore::IDBClient::IDBIndex::ref):
3310         (WebCore::IDBClient::IDBIndex::deref):
3311         (WebCore::IDBClient::IDBIndex::create): Deleted.
3312         * Modules/indexeddb/client/IDBIndexImpl.h:
3313         (WebCore::IDBClient::IDBIndex::modernObjectStore):
3314         
3315         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
3316         (WebCore::IDBClient::IDBObjectStore::createIndex):
3317         (WebCore::IDBClient::IDBObjectStore::index):
3318         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
3319         (WebCore::IDBClient::IDBObjectStore::visitReferencedIndexes):
3320         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
3321         
3322         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
3323         (WebCore::IDBClient::IDBTransaction::createIndex):
3324         * Modules/indexeddb/client/IDBTransactionImpl.h:
3325         
3326         * Modules/indexeddb/legacy/LegacyIndex.cpp:
3327         (WebCore::LegacyIndex::ref):
3328         (WebCore::LegacyIndex::deref):
3329         * Modules/indexeddb/legacy/LegacyIndex.h:
3330         
3331         * bindings/js/JSIDBIndexCustom.cpp: Added.
3332         (WebCore::JSIDBIndex::visitAdditionalChildren):
3333         
3334         * bindings/js/JSIDBObjectStoreCustom.cpp:
3335         (WebCore::JSIDBObjectStore::visitAdditionalChildren):
3336
3337 2016-02-12  Csaba Osztrogonác  <ossy@webkit.org>
3338
3339         [EFL][GTK] Fix ENABLE(SVG_OTF_CONVERTER) build
3340         https://bugs.webkit.org/show_bug.cgi?id=154165
3341
3342         Reviewed by Alex Christensen.
3343
3344         * CMakeLists.txt:
3345         * css/CSSFontFaceSource.cpp:
3346         (WebCore::CSSFontFaceSource::font):
3347         * svg/SVGToOTFFontConversion.cpp:
3348         * svg/SVGToOTFFontConversion.h:
3349
3350 2016-02-12  Chris Dumez  <cdumez@apple.com>
3351
3352         Unreviewed nit fixes after r196466.
3353
3354         * Modules/speech/SpeechSynthesisUtterance.idl: Fix curly bracket
3355           placement.
3356         * bindings/scripts/CodeGeneratorJS.pm:
3357         (GenerateHeader): Use wrappableObject instead of domObject.
3358         * bindings/scripts/test/*: Rebaseline.
3359         * dom/WebKitNamedFlow.idl: Drop unnecessary #if case.
3360
3361 2016-02-12  Carlos Garcia Campos  <cgarcia@igalia.com>
3362
3363         [GTK] Properly handle classes inheriting from EventTarget
3364         https://bugs.webkit.org/show_bug.cgi?id=154158
3365
3366         Reviewed by Michael Catanzaro.
3367
3368         Instead of removing its parent we now handle the case of classes
3369         having EventTarget as parent to make them implement the interface
3370         instead.
3371
3372         * bindings/scripts/CodeGeneratorGObject.pm:
3373         (ShouldBeExposedAsInterface): Whether the parent given class
3374         should be exposed as an interface instead of a parent class.
3375         (GetParentClassName): Return Object as parent for classes having
3376         a parent that should be exposed as an interface.
3377         (GetParentImplClassName): Ditto.
3378         (GetBaseClass): Ditto.
3379         (GetParentGObjType): Ditto.
3380         (SkipFunction): Add FIXME comment.
3381         (ImplementsInterface): Helper function to check if a class
3382         implements the given interface.
3383         (GenerateCFile): Check whether the class implements EventTarget to
3384         generate the interface implementation.
3385         (GenerateInterface): Do not remove the parent class when it's EventTarget.
3386
3387 2016-02-12  Commit Queue  <commit-queue@webkit.org>
3388
3389         Unreviewed, rolling out r196470.
3390         https://bugs.webkit.org/show_bug.cgi?id=154167
3391
3392         Broke some tests (Requested by anttik on #webkit).
3393
3394         Reverted changeset:
3395
3396         "Factor class change style invalidation code into a class"
3397         https://bugs.webkit.org/show_bug.cgi?id=154163
3398         http://trac.webkit.org/changeset/196470
3399
3400 2016-02-12  Antti Koivisto  <antti@apple.com>
3401
3402         Factor class change style invalidation code into a class
3403         https://bugs.webkit.org/show_bug.cgi?id=154163
3404
3405         Reviewed by Andreas Kling.
3406
3407         Factor this piece of functionality out of Element and into ClassChangeInvalidation class.
3408
3409         * CMakeLists.txt:
3410         * WebCore.vcxproj/WebCore.vcxproj:
3411         * WebCore.xcodeproj/project.pbxproj:
3412         * dom/Element.cpp:
3413         (WebCore::classStringHasClassName):
3414         (WebCore::Element::classAttributeChanged):
3415         (WebCore::collectClasses): Deleted.
3416         (WebCore::computeClassChange): Deleted.
3417         (WebCore::invalidateStyleForClassChange): Deleted.
3418         * style/ClassChangeInvalidation.cpp: Added.
3419         (WebCore::Style::ClassChangeInvalidation::computeClassChange):
3420         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
3421         * style/ClassChangeInvalidation.h: Added.
3422         (WebCore::Style::ClassChangeInvalidation::needsInvalidation):
3423         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
3424         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
3425
3426 2016-02-12  Csaba Osztrogonác  <ossy@webkit.org>
3427
3428         GCC buildfix in Source/WebCore/svg/SVGToOTFFontConversion.cpp
3429         https://bugs.webkit.org/show_bug.cgi?id=154162
3430
3431         Reviewed by Andreas Kling.
3432
3433         * svg/SVGToOTFFontConversion.cpp:
3434         (WebCore::SVGToOTFFontConverter::finishAppendingKERNSubtable):
3435
3436 2016-02-12  Andreas Kling  <akling@apple.com>
3437
3438         Don't invalidate the FontCache on memory pressure.
3439         <https://webkit.org/b/154161>
3440
3441         Reviewed by Antti Koivisto.
3442
3443         Invalidating the FontCache does more harm than good:
3444
3445             - Anything that's still in the cache at this point is also
3446               referenced outside the cache, thus will not actually get deleted.
3447
3448             - Future deduplication will fail, leading to more objects.
3449
3450             - The global FontCache generation gets bumped, causing future style
3451               recalcs to be less efficient and breaking style sharing.
3452
3453             - All FontSelector invalidation callbacks will fire, potentially
3454               causing forced full-document style recalcs.
3455
3456         In fact, the only win from invalidating the FontCache comes from some
3457         minor shrinkage in the containers that make up the cache itself.
3458
3459         * platform/MemoryPressureHandler.cpp:
3460         (WebCore::MemoryPressureHandler::releaseCriticalMemory): Deleted.
3461
3462 2016-02-11  Chris Dumez  <cdumez@apple.com>
3463
3464         [Web IDL] interfaces should inherit EventTarget instead of duplicating the EventTarget API
3465         https://bugs.webkit.org/show_bug.cgi?id=154121
3466         <rdar://problem/24613234>
3467
3468         Reviewed by Gavin Barraclough.
3469
3470         Interfaces should inherit EventTarget instead of duplicating the
3471         EventTarget API in their IDL. Not only the duplication is ugly and
3472         error-prone, but this also does not match the specifications and
3473         have subtle web-exposed differences.
3474
3475         This patch takes care of all interfaces except for DOMWindow and
3476         WorkerGlobalScope. Those will be updated in the follow-up patch
3477         as they will require a little bit more work and testing.
3478
3479         We should also be able to get rid of the [EventTarget] WebKit IDL
3480         attribute in a follow-up.
3481
3482         No new tests, already covered by existing tests.
3483
3484         * Modules/battery/BatteryManager.idl:
3485         * Modules/encryptedmedia/MediaKeySession.idl:
3486         * Modules/indexeddb/IDBDatabase.h:
3487         * Modules/indexeddb/IDBDatabase.idl:
3488         * Modules/indexeddb/IDBRequest.h:
3489         * Modules/indexeddb/IDBRequest.idl:
3490         * Modules/indexeddb/IDBTransaction.h:
3491         * Modules/indexeddb/IDBTransaction.idl:
3492         * Modules/mediasession/MediaRemoteControls.idl:
3493         * Modules/mediasource/MediaSource.h:
3494         * Modules/mediasource/MediaSource.idl:
3495         * Modules/mediasource/SourceBuffer.h:
3496         * Modules/mediasource/SourceBuffer.idl:
3497         * Modules/mediasource/SourceBufferList.h:
3498         * Modules/mediasource/SourceBufferList.idl:
3499         * Modules/mediastream/MediaStream.h:
3500         * Modules/mediastream/MediaStream.idl:
3501         * Modules/mediastream/MediaStreamTrack.h:
3502         * Modules/mediastream/MediaStreamTrack.idl:
3503         * Modules/mediastream/RTCDTMFSender.h:
3504         * Modules/mediastream/RTCDTMFSender.idl:
3505         * Modules/mediastream/RTCDataChannel.h:
3506         * Modules/mediastream/RTCDataChannel.idl:
3507         * Modules/mediastream/RTCPeerConnection.h:
3508         * Modules/mediastream/RTCPeerConnection.idl:
3509         * Modules/notifications/Notification.idl:
3510         * Modules/speech/SpeechSynthesisUtterance.idl:
3511         * Modules/webaudio/AudioContext.idl:
3512         * Modules/webaudio/AudioNode.idl:
3513         * Modules/websockets/WebSocket.idl:
3514         * css/FontLoader.idl:
3515         * dom/EventTarget.h:
3516         * dom/MessagePort.idl:
3517         * dom/Node.h:
3518         * dom/Node.idl:
3519         * dom/WebKitNamedFlow.idl:
3520         * fileapi/FileReader.idl:
3521         * html/MediaController.idl:
3522         * html/track/AudioTrackList.idl:
3523         * html/track/TextTrack.idl:
3524         * html/track/TextTrackCue.idl:
3525         * html/track/TextTrackList.idl:
3526         * html/track/VideoTrackList.idl:
3527         * loader/appcache/DOMApplicationCache.h:
3528         * loader/appcache/DOMApplicationCache.idl:
3529         * page/EventSource.idl:
3530         * page/Performance.h:
3531         * page/Performance.idl:
3532         * workers/Worker.idl:
3533         * xml/XMLHttpRequest.h:
3534         * xml/XMLHttpRequest.idl:
3535         * xml/XMLHttpRequestUpload.idl:
3536         - Drop hardcoded EventTarget operations and inherit EventTarget instead.
3537         - Drop JSGenerateToNativeObject / JSGenerateToJSObject IDL extended
3538           attributes for interfaces inheriting the EventTarget interface as
3539           the bindings generator now does this automatically for us.
3540         - On native side, have EventTarget subclass ScriptWrappable instead of
3541           each of its subclasses doing so. The issue was that
3542           EventTargetOwner::finalize() was calling uncacheWrapper() with an
3543           EventTarget*, which would not clear inlined cached wrapped (see
3544           clearInlineCachedWrapper()) because EventTarget did not subclass
3545           ScriptWrappable. However, cacheWrapper() is called is a specific
3546           subtype pointer (e.g. Node*) and we would decide to create an
3547           inline cached wrapper because Node subclassed ScriptWrappable
3548           (as well as EventTarget).
3549
3550         * WebCore.xcodeproj/project.pbxproj:
3551         Export JSEventTarget.h as private header to fix the build.
3552
3553         * bindings/js/JSDOMBinding.h:
3554         (WebCore::wrapperKey):
3555         (WebCore::getCachedWrapper):
3556         (WebCore::cacheWrapper):
3557         (WebCore::uncacheWrapper):
3558         Use new wrapperKey() function that is generated for each bindings
3559         class that also has wrapperOwner(). This is used instead of the
3560         C cast to void* in order to cast to the base wrapped type to fix
3561         issues with multiple inheritance. The issue was that cacheWrapper()
3562         was getting called with a DOM object subtype pointer (e.g.
3563         AudioContext*) but uncacheWrapper() was getting called with a base
3564         wrapped type pointer (e.g. EventTarget*). Most of our DOM classes
3565         use multiple inheritance and thus the pointer values (used as keys
3566         in the weak map) may differ.
3567
3568         * bindings/js/JSTrackCustom.cpp:
3569         (WebCore::toJS):
3570         Call CREATE_DOM_WRAPPER() with an actual wrapped type (e.g. AudioTrack)
3571         instead of TrackBase type. TrackBase does not have corresponding
3572         generated bindings and therefore does not have a wrapperKey()
3573         function.
3574
3575         * bindings/scripts/CodeGeneratorJS.pm:
3576         (ShouldGenerateToWrapped):
3577         (ShouldGenerateToJSDeclaration):
3578         (GenerateHeader):
3579         - Generate a wrapperKey() utility function along-side wrapperOwner()
3580           to help cast to the base wrapped type.
3581         - Generate toWrapped() / toJS() utility functions for interfaces
3582           that inherit EventTarget as those are required by our
3583           implementation and this avoids having to explicitly have them in
3584           the IDL.
3585
3586         * bindings/scripts/test/*:
3587         Rebaseline bindings tests.
3588
3589 2016-02-11  Brent Fulgham  <bfulgham@apple.com>
3590
3591         Optimize texture-complete checks
3592         https://bugs.webkit.org/show_bug.cgi?id=98308
3593
3594         Reviewed by Dean Jackson.
3595
3596         No new tests: No change in behavior.
3597
3598         * html/canvas/WebGLRenderingContextBase.cpp:
3599         (WebCore::WebGLRenderingContextBase::initializeNewContext): Initially consider all
3600         textures as suspect.
3601         (WebCore::WebGLRenderingContextBase::extensions): New helper function.
3602         (WebCore::WebGLRenderingContextBase::reshape): Mark textures as invalid when appropriate.
3603         (WebCore::WebGLRenderingContextBase::bindTexture): Identify invalid textures and mark
3604         them for later fix-up. Likewise, remove 'known good' textures from the fix-up pass.
3605         (WebCore::WebGLRenderingContextBase::deleteTexture): Remove instances of the deleted texture
3606         from our set of invalid textures.
3607         (WebCore::WebGLRenderingContextBase::checkTextureCompleteness): Only iterate through
3608         the 'bad' textures, rather than checking every single texture.
3609         * html/canvas/WebGLRenderingContextBase.h:
3610
3611 2016-02-11  Alex Christensen  <achristensen@webkit.org>
3612
3613         Assert that IDBTransaction::transitionedToFinishing transitions to finishing.
3614         https://bugs.webkit.org/show_bug.cgi?id=154061
3615
3616         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
3617         (WebCore::IDBClient::IDBTransaction::transitionedToFinishing):
3618         Added assertion that we are transitioning to a finished or finishing state, based on Darin's feedback.
3619
3620 2016-02-11  Enrica Casucci  <enrica@apple.com>
3621
3622         WebContent process crashes when performing data detection on content with existing data detector links.
3623         https://bugs.webkit.org/show_bug.cgi?id=154118
3624         rdar://problem/24511860
3625
3626         Reviewed by Tim Horton.
3627
3628         The DOM mutation caused by removing the existing links, can shift the range endpoints.
3629         We now save the range enpoints as positions so that we can recreate the ranges,
3630         if a DOM mutation occurred.
3631
3632         * editing/cocoa/DataDetection.mm:
3633         (WebCore::removeResultLinksFromAnchor):
3634         (WebCore::searchForLinkRemovingExistingDDLinks):
3635         (WebCore::DataDetection::detectContentInRange):
3636
3637 2016-02-11  Jer Noble  <jer.noble@apple.com>
3638
3639         Make MediaResourceLoader behave more like a CachedResourceLoader.
3640         https://bugs.webkit.org/show_bug.cgi?id=154117
3641
3642         Reviewed by Alex Christensen.
3643
3644         MediaResourceLoader currently can only handle a single request at a time. Split the class
3645         into two, MediaResourceLoader and MediaResource, effectively wrapping CachedResourceLoader
3646         and CachedRawResource respectively. With this devision, the same loader can be used to issue
3647         multiple simultaneous resource requests.
3648
3649         This necessecitates splitting PlatformMediaResource into two classes as well.  To simplify
3650         the HTMLMediaElement, MediaPlayer, and MediaPlayerClient APIs, do not require a client
3651         object when creating the loader; instead, the client is required to create the resource.
3652         This also matches the CachedRawResource API.
3653
3654         * html/HTMLMediaElement.cpp:
3655         (WebCore::HTMLMediaElement::mediaPlayerCreateResourceLoader): Remove the client parameter.
3656         * html/HTMLMediaElement.h:
3657         * loader/MediaResourceLoader.cpp:
3658         (WebCore::MediaResourceLoader::MediaResourceLoader):
3659         (WebCore::MediaResourceLoader::~MediaResourceLoader):
3660         (WebCore::MediaResourceLoader::requestResource): Renamed from start().
3661         (WebCore::MediaResourceLoader::removeResource): Remove resource from live resource list.
3662         (WebCore::MediaResource::create): Utility factory.
3663         (WebCore::MediaResource::MediaResource):
3664         (WebCore::MediaResource::~MediaResource):
3665         (WebCore::MediaResource::stop): Moved from MediaResourceLoader.
3666         (WebCore::MediaResource::setDefersLoading): Ditto.
3667         (WebCore::MediaResource::responseReceived): Ditto.
3668         (WebCore::MediaResource::redirectReceived): Ditto.
3669         (WebCore::MediaResource::dataSent): Ditto.
3670         (WebCore::MediaResource::dataReceived): Ditto.
3671         (WebCore::MediaResource::notifyFinished): Ditto.
3672         (WebCore::MediaResource::getOrCreateReadBuffer): Ditto.
3673         * loader/MediaResourceLoader.h:
3674         * platform/graphics/MediaPlayer.cpp:
3675         (WebCore::MediaPlayer::createResourceLoader):
3676         * platform/graphics/MediaPlayer.h:
3677         (WebCore::MediaPlayerClient::mediaPlayerCreateResourceLoader):
3678         * platform/graphics/PlatformMediaResourceLoader.h:
3679         (WebCore::PlatformMediaResourceClient::~PlatformMediaResourceClient): Renamed from PlatformMediaResourceLoaderClient.
3680         (WebCore::PlatformMediaResourceClient::responseReceived): Client methods now take a reference to the resource.
3681         (WebCore::PlatformMediaResourceClient::redirectReceived): Ditto.
3682         (WebCore::PlatformMediaResourceClient::dataSent): Ditto. 
3683         (WebCore::PlatformMediaResourceClient::dataReceived): Ditto.
3684         (WebCore::PlatformMediaResourceClient::accessControlCheckFailed): Ditto.
3685         (WebCore::PlatformMediaResourceClient::loadFailed): Ditto.
3686         (WebCore::PlatformMediaResourceClient::loadFinished): Ditto.
3687         (WebCore::PlatformMediaResourceClient::getOrCreateReadBuffer): Ditto.
3688         (WebCore::PlatformMediaResourceLoader::PlatformMediaResourceLoader): Ditto.
3689         (WebCore::PlatformMediaResource::PlatformMediaResource): 
3690         (WebCore::PlatformMediaResource::~PlatformMediaResource): 
3691         (WebCore::PlatformMediaResource::setClient):
3692         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
3693         (webKitWebSrcStart):
3694         (webKitWebSrcNeedData):
3695         (webKitWebSrcEnoughData):
3696         (CachedResourceStreamingClient::getOrCreateReadBuffer):
3697         (CachedResourceStreamingClient::responseReceived):
3698         (CachedResourceStreamingClient::dataReceived):
3699         (CachedResourceStreamingClient::accessControlCheckFailed):
3700         (CachedResourceStreamingClient::loadFailed):
3701         (CachedResourceStreamingClient::loadFinished):
3702
3703 2016-02-11  Zalan Bujtas  <zalan@apple.com>
3704
3705         Subpixel rendering: Make focusring painting subpixel aware.
3706         https://bugs.webkit.org/show_bug.cgi?id=154111
3707
3708         Reviewed by David Hyatt.
3709
3710         Do not integral snap focusring rects while collecting them (use device pixel snapping instead
3711         right before passing them to GraphicsContext::drawFocusRing).
3712
3713         Unable to test.
3714
3715         * platform/graphics/GraphicsContext.h:
3716         * platform/graphics/displaylists/DisplayListItems.h:
3717         (WebCore::DisplayList::DrawFocusRingRects::create):
3718         (WebCore::DisplayList::DrawFocusRingRects::rects):
3719         (WebCore::DisplayList::DrawFocusRingRects::DrawFocusRingRects):
3720         * platform/graphics/displaylists/DisplayListRecorder.cpp:
3721         (WebCore::DisplayList::Recorder::drawFocusRing):
3722         * platform/graphics/displaylists/DisplayListRecorder.h:
3723         * platform/graphics/mac/GraphicsContextMac.mm:
3724         (WebCore::GraphicsContext::drawFocusRing):
3725         * rendering/RenderBlock.cpp:
3726         (WebCore::RenderBlock::addFocusRingRectsForInlineChildren):
3727         (WebCore::RenderBlock::addFocusRingRects):
3728         * rendering/RenderBlock.h:
3729         * rendering/RenderBlockFlow.cpp:
3730         (WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren):
3731         * rendering/RenderBlockFlow.h:
3732         * rendering/RenderBox.cpp:
3733         (WebCore::RenderBox::addFocusRingRects):
3734         * rendering/RenderBox.h:
3735         * rendering/RenderElement.cpp:
3736         (WebCore::RenderElement::paintFocusRing):
3737         (WebCore::RenderElement::issueRepaintForOutlineAuto):
3738         * rendering/RenderInline.cpp:
3739         (WebCore::RenderInline::absoluteRects):
3740         (WebCore::RenderInline::addFocusRingRects):
3741         * rendering/RenderInline.h:
3742         * rendering/RenderListBox.cpp:
3743         (WebCore::RenderListBox::addFocusRingRects):
3744         * rendering/RenderListBox.h:
3745         * rendering/RenderObject.cpp:
3746         (WebCore::RenderObject::addPDFURLRect):
3747         (WebCore::RenderObject::absoluteFocusRingQuads):
3748         * rendering/RenderObject.h:
3749         (WebCore::RenderObject::addFocusRingRects):
3750         * rendering/RenderTextControl.cpp:
3751         (WebCore::RenderTextControl::addFocusRingRects):
3752         * rendering/RenderTextControl.h:
3753         * rendering/svg/RenderSVGContainer.cpp:
3754         (WebCore::RenderSVGContainer::addFocusRingRects):
3755         * rendering/svg/RenderSVGContainer.h:
3756         * rendering/svg/RenderSVGImage.cpp:
3757         (WebCore::RenderSVGImage::addFocusRingRects):
3758         * rendering/svg/RenderSVGImage.h:
3759         * rendering/svg/RenderSVGShape.cpp:
3760         (WebCore::RenderSVGShape::addFocusRingRects):
3761         * rendering/svg/RenderSVGShape.h:
3762
3763 2016-02-11  Myles C. Maxfield  <mmaxfield@apple.com>
3764
3765         Addressing post-review comments after r196393
3766
3767         Unreviewed.
3768
3769         * css/CSSFontSelector.cpp:
3770         (WebCore::CSSFontSelector::getFontFace):
3771         * css/CSSSegmentedFontFace.h:
3772
3773 2016-02-11  Antti Koivisto  <antti@apple.com>
3774
3775         Rename Element::style() to Element::cssomStyle()
3776         https://bugs.webkit.org/show_bug.cgi?id=154107
3777
3778         Reviewed by Alex Christensen.
3779
3780         It implements the IDL "style" attribute that returns a CSSOM object.
3781         Inside WebCore "style" generally refers to a RenderStyle.
3782
3783         * dom/Element.cpp:
3784         (WebCore::Element::hasAttributeNS):
3785         (WebCore::Element::cssomStyle):
3786         (WebCore::Element::focus):
3787         (WebCore::Element::style): Deleted.
3788         * dom/Element.h:
3789         (WebCore::Element::tagQName):
3790         * dom/Element.idl:
3791         * dom/StyledElement.cpp:
3792         (WebCore::StyledElement::~StyledElement):
3793         (WebCore::StyledElement::cssomStyle):
3794         (WebCore::StyledElement::style): Deleted.
3795         * dom/StyledElement.h:
3796         (WebCore::StyledElement::synchronizeStyleAttributeInternal):
3797         (WebCore::StyledElement::collectStyleForPresentationAttribute):
3798         * editing/Editor.cpp:
3799         (WebCore::Editor::applyEditingStyleToElement):
3800         * inspector/InspectorCSSAgent.cpp:
3801         (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
3802         (WebCore::InspectorCSSAgent::getInlineStylesForNode):
3803         (WebCore::InspectorCSSAgent::asInspectorStyleSheet):
3804         * inspector/InspectorStyleSheet.cpp:
3805         (WebCore::InspectorStyleSheetForInlineStyle::didModifyElementAttribute):
3806         (WebCore::InspectorStyleSheetForInlineStyle::inlineStyle):
3807         (WebCore::InspectorStyleSheetForInlineStyle::elementStyleText):
3808         * svg/SVGElement.idl:
3809
3810 2016-02-11  Konstantin Tokarev  <annulen@yandex.ru>
3811
3812         [cmake] Consolidate TextureMapper file and include dir lists.
3813         https://bugs.webkit.org/show_bug.cgi?id=154106
3814
3815         Reviewed by Michael Catanzaro.
3816
3817         No new tests needed.
3818
3819         * CMakeLists.txt: Moved texmap include dir and source list to
3820         TextureMapper.cmake, removed non-existent include dir "filters/texmap".
3821         * PlatformEfl.cmake: Moved texmap and coordinatedgraphics include
3822         dirs and source list to TextureMapper.cmake.
3823         * PlatformGTK.cmake: Ditto, also removed non-existent include dir
3824         "texmap/threadedcompositor"
3825         * PlatformWinCairo.cmake: Moved texmap files to TextureMapper.cmake.
3826         * platform/TextureMapper.cmake: Added.
3827
3828 2016-02-11  Chris Dumez  <cdumez@apple.com>
3829
3830         Move 'length' property to the prototype
3831         https://bugs.webkit.org/show_bug.cgi?id=154051
3832         <rdar://problem/24577385>
3833
3834         Reviewed by Darin Adler.
3835
3836         Move 'length' property to the prototype, where it should be. We used to
3837         keep it on the instance because our implementation of
3838         getOwnPropertySlot() was wrong for interfaces with a named property
3839         getter. However, our implementation of getOwnPropertySlot() is now
3840         spec-compliant so this should be OK.
3841
3842         Moving 'length' to the prototype is also a little bit risky in terms of
3843         performance, especially for HTMLCollection / NodeList. However, I did
3844         not see an impact on realistic benchmarks like Speedometer and only saw
3845         a small impact (< 5%) on micro-benchmarks. I propose we make our behavior
3846         correct and monitor performance. If we see any benchmark we care about
3847         regress then we should try and optimize while keeping the attribute on
3848         the prototype.
3849
3850         No new tests, already covered by existing tests.
3851
3852         * bindings/js/JSDOMBinding.h:
3853         (WebCore::getStaticValueSlotEntryWithoutCaching):
3854         * bindings/js/JSHTMLDocumentCustom.cpp:
3855         (WebCore::JSHTMLDocument::getOwnPropertySlot):
3856         (WebCore::JSHTMLDocument::nameGetter): Deleted.
3857         * bindings/js/JSLocationCustom.cpp:
3858         (WebCore::JSLocation::putDelegate):
3859         * bindings/js/JSPluginElementFunctions.h:
3860         (WebCore::pluginElementCustomGetOwnPropertySlot):
3861         * bindings/js/JSStorageCustom.cpp:
3862         (WebCore::JSStorage::deleteProperty):
3863         (WebCore::JSStorage::deletePropertyByIndex):
3864         (WebCore::JSStorage::putDelegate):
3865         Leverage the new hasStaticPropertyTable static property in the
3866         generated bindings for performance.
3867
3868         * bindings/scripts/CodeGeneratorJS.pm:
3869         (GenerateHeader):
3870         Generate a "hasStaticPropertyTable" static const boolean property
3871         for each bindings class so we can check at build time if
3872         ClassInfo::staticPropHashTable is null.
3873
3874         (AttributeShouldBeOnInstance):
3875         Move "length" to the prototype.
3876
3877         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
3878         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
3879         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
3880         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
3881         * bindings/scripts/test/JS/JSTestEventConstructor.h:
3882         * bindings/scripts/test/JS/JSTestEventTarget.h:
3883         * bindings/scripts/test/JS/JSTestException.h:
3884         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
3885         * bindings/scripts/test/JS/JSTestInterface.h:
3886         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
3887         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
3888         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
3889         * bindings/scripts/test/JS/JSTestNode.h:
3890         * bindings/scripts/test/JS/JSTestNondeterministic.h:
3891         * bindings/scripts/test/JS/JSTestObj.h:
3892         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
3893         * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
3894         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
3895         * bindings/scripts/test/JS/JSTestTypedefs.h:
3896         * bindings/scripts/test/JS/JSattribute.h:
3897         * bindings/scripts/test/JS/JSreadonly.h:
3898         Rebaseline bindings tests.
3899
3900
3901 2016-02-11  Csaba Osztrogonác  <ossy@webkit.org>
3902
3903         Fix the !(ENABLE(SHADOW_DOM) || ENABLE(DETAILS_ELEMENT)) after r196281
3904         https://bugs.webkit.org/show_bug.cgi?id=154035
3905
3906         Reviewed by Antti Koivisto.
3907
3908         Follow-up fix after r196365. Removed guards around slotNodeIndex.
3909
3910         * dom/ComposedTreeIterator.h:
3911         (WebCore::ComposedTreeIterator::Context::Context):
3912
3913 2016-02-10  Ryan Haddad  <ryanhaddad@apple.com>
3914
3915         Updating bindings test reference file for JSTestEventConstructor.cpp after r196400
3916
3917         Unreviewed test gardening.
3918
3919         No new tests needed.
3920
3921         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
3922         (WebCore::JSTestEventConstructorConstructor::construct):
3923
3924 2016-02-10  Eric Carlson  <eric.carlson@apple.com>
3925
3926         Update "manual" caption track logic
3927         https://bugs.webkit.org/show_bug.cgi?id=154084
3928         <rdar://problem/24530516>
3929
3930         Reviewed by Dean Jackson.
3931
3932         No new tests, media/track/track-manual-mode.html was updated.
3933
3934         * English.lproj/Localizable.strings: Add new string.
3935
3936         * html/HTMLMediaElement.cpp:
3937         (WebCore::HTMLMediaElement::addTextTrack): track.setManualSelectionMode is no more.
3938         (WebCore::HTMLMediaElement::configureTextTrackGroup): Never enable a track automatically when
3939           in manual selection mode.
3940         (WebCore::HTMLMediaElement::captionPreferencesChanged):  track.setManualSelectionMode is no more.
3941
3942         * html/track/TextTrack.cpp:
3943         (WebCore::TextTrack::containsOnlyForcedSubtitles): Return true for forced tracks.
3944         (WebCore::TextTrack::kind): Deleted.
3945         * html/track/TextTrack.h:
3946
3947         * html/track/TrackBase.h:
3948         (WebCore::TrackBase::kind): De-virtualize, nobody overrides it.
3949
3950         * page/CaptionUserPreferencesMediaAF.cpp:
3951         (WebCore::trackDisplayName): Include "forced" in the name of forced tracks.
3952
3953         * platform/LocalizedStrings.cpp:
3954         (WebCore::forcedTrackMenuItemText): New.
3955         * platform/LocalizedStrings.h:
3956
3957 2016-02-10  Jiewen Tan  <jiewen_tan@apple.com>
3958
3959         Rename *Event::create* which creates events for bindings to *Event::createForBindings* and cleanup corresponding paths
3960         https://bugs.webkit.org/show_bug.cgi?id=153903
3961         <rdar://problem/24518146>
3962
3963         Reviewed by Darin Adler.
3964
3965         Rename Event::create(const AtomicString&, const EventInit&) to Event::createForBindings
3966         (const AtomicString&, const EventInit&) and for all the subclasses as well in order to
3967         support Event.isTrusted. Besides, some of the subclasses use the create method for bindings
3968         to create events not for bindings and vice versa. Therefore, this patch also cleanup
3969         corresponding paths to ensure no misuse of the create mehtod. The same for Event::create()
3970         as it is combined with Event::initEvent to create an event for bindings for legacy content.
3971
3972         After this patch, all call sites of *Event::create* are supposed to use *Event::create
3973         to create events for user agent and *Event::createForBindings for bindings.
3974
3975         No change in behavior.
3976
3977         * Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.h:
3978         (WebCore::WebKitPlaybackTargetAvailabilityEvent::create):
3979         (WebCore::WebKitPlaybackTargetAvailabilityEvent::createForBindings):
3980         (WebCore::WebKitPlaybackTargetAvailabilityEventInit::WebKitPlaybackTargetAvailabilityEventInit): Deleted.
3981         * Modules/encryptedmedia/MediaKeyMessageEvent.cpp:
3982         (WebCore::MediaKeyMessageEvent::MediaKeyMessageEvent):
3983         (WebCore::MediaKeyMessageEventInit::MediaKeyMessageEventInit): Deleted.
3984         * Modules/encryptedmedia/MediaKeyMessageEvent.h:
3985         (WebCore::MediaKeyMessageEvent::create):
3986         (WebCore::MediaKeyMessageEvent::createForBindings):
3987         * Modules/encryptedmedia/MediaKeyNeededEvent.cpp:
3988         (WebCore::MediaKeyNeededEvent::MediaKeyNeededEvent):
3989         (WebCore::MediaKeyNeededEventInit::MediaKeyNeededEventInit): Deleted.
3990         * Modules/encryptedmedia/MediaKeyNeededEvent.h:
3991         (WebCore::MediaKeyNeededEvent::create):
3992         (WebCore::MediaKeyNeededEvent::createForBindings):
3993         * Modules/encryptedmedia/MediaKeySession.cpp:
3994         (WebCore::MediaKeySession::sendMessage):
3995         * Modules/gamepad/GamepadEvent.h:
3996         (WebCore::GamepadEvent::create):
3997         (WebCore::GamepadEvent::createForBindings):
3998         (WebCore::GamepadEventInit::GamepadEventInit): Deleted.
3999         * Modules/indieui/UIRequestEvent.cpp:
4000         (WebCore::UIRequestEvent::createForBindings):
4001         (WebCore::UIRequestEvent::UIRequestEvent):
4002         (WebCore::UIRequestEventInit::UIRequestEventInit): Deleted.
4003         (WebCore::UIRequestEvent::create): Deleted.
4004         * Modules/indieui/UIRequestEvent.h:
4005         * Modules/mediastream/MediaStreamEvent.cpp:
4006         (WebCore::MediaStreamEvent::createForBindings):
4007         (WebCore::MediaStreamEventInit::MediaStreamEventInit): Deleted.
4008         (WebCore::MediaStreamEvent::create): Deleted.
4009         * Modules/mediastream/MediaStreamEvent.h:
4010         * Modules/mediastream/MediaStreamTrackEvent.cpp:
4011         (WebCore::MediaStreamTrackEvent::createForBindings):
4012         (WebCore::MediaStreamTrackEventInit::MediaStreamTrackEventInit): Deleted.
4013         (WebCore::MediaStreamTrackEvent::create): Deleted.
4014         * Modules/mediastream/MediaStreamTrackEvent.h: