Navigator.geolocation should not be marked a [Replaceable] and should be on the prototype
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-02-16  Chris Dumez  <cdumez@apple.com>
2
3         Navigator.geolocation should not be marked a [Replaceable] and should be on the prototype
4         https://bugs.webkit.org/show_bug.cgi?id=154304
5         <rdar://problem/24685092>
6
7         Reviewed by Gavin Barraclough.
8
9         1. Drop the [Replaceable] IDL extended attribute for navigator.geolocation
10            as this does not match other browsers or the specification:
11            - https://dev.w3.org/geo/api/spec-source.html#geolocation_interface
12         2. Move Navigator attributes to the prototype, where they should be as
13            per the Web IDL specification.
14
15         The previous behavior was meant as a workaround for a bug in the Amazon
16         iOS app (rdar://problem/16332749). However, I have confirmed that the
17         latest Amazon App no longer has any issue with those changes.
18
19         Test: js/navigator-set-geolocation.html
20
21         * Modules/geolocation/NavigatorGeolocation.idl:
22         * bindings/scripts/CodeGeneratorJS.pm:
23         (InterfaceRequiresAttributesOnInstanceForCompatibility): Deleted.
24
25 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
26
27         REGRESSION(r196268): WTFCrashWithSecurityImplication on SVG path animation tests
28         https://bugs.webkit.org/show_bug.cgi?id=154221
29
30         Reviewed by Brent Fulgham.
31
32         In r196268, a destructor was added to SVGListPropertyTearOff that notifies
33         its wrapper (the SVGAnimatedListPropertyTearoff) about its deletion. This
34         allows the wrapper to nullify any references to the wrapped content.
35         
36         We needed to do the same thing for SVGPathSegListPropertyTearOff. Both
37         SVGPathSegListPropertyTearOff and SVGListPropertyTearOff inherit from
38         SVGListProperty and both hold pointers to SVGAnimatedListPropertyTearOff
39         which needs to be notified.
40         
41         Tests: exiting svg path animation tests should not crash.
42
43         * svg/properties/SVGPathSegListPropertyTearOff.h:
44         (WebCore::SVGPathSegListPropertyTearOff::~SVGPathSegListPropertyTearOff):
45
46 2016-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>
47
48         REGRESSION (r190430): WTFCrashWithSecurityImplication in:void SVGRootInlineBox::layoutCharactersInTextBoxes()
49         https://bugs.webkit.org/show_bug.cgi?id=154185
50
51         Reviewed by Ryosuke Niwa.
52
53         This is a regression caused by adding support for HTMLSlotElement. The
54         crash happens when adding an HTMLSlotElement to anther element which should
55         not have it as a child like SVGTextElement for example. In this case, we
56         were creating a RenderText which should not be happen inside an SVG document.
57         The RenderText::createTextBox() was creating InlineTextBox for the slot's
58         text and attach it to the SVGRootInlineBox. In layoutCharactersInTextBoxes(),
59         the assumption is the inline box is either SVGInlineTextBox or SVGInlineFlowBox.
60         But since we have an InlineTextBox instead, the crash happens when casting
61         the InlineTextBox to SVGInlineFlowBox.
62
63         The fix is for createRenderTreeForSlotAssignees() to not create a renderer
64         when the parent element should not have a renderer for the this element.
65         This is the same thing we do for createRenderer() which handles the non
66         HTMLSlotElement case and which is called also from createRenderTreeRecursively().
67         
68         Test: fast/shadow-dom/text-slot-child-crash.svg
69
70         * style/StyleTreeResolver.cpp:
71         (WebCore::Style::moveToFlowThreadIfNeeded):
72         (WebCore::Style::TreeResolver::createRenderer): Delete the check for
73         shouldCreateRenderer() and handling the case when resolvedStyle is null
74         since these are handled by the caller createRenderTreeRecursively().
75         
76         (WebCore::Style::TreeResolver::createRenderTreeForSlotAssignees):
77         Assert shouldCreateRenderer() is true for this element.
78         
79         (WebCore::Style::TreeResolver::createRenderTreeRecursively): Don't create
80         the renderer if shouldCreateRenderer() returns false. Also handle the case
81         when resolvedStyle is null and pass the new style to createRenderer().
82         
83         * style/StyleTreeResolver.h:
84
85 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
86
87         Every RenderLayer should not have to remove itself from the scrollableArea set
88         https://bugs.webkit.org/show_bug.cgi?id=154311
89
90         Reviewed by Zalan Bujtas.
91
92         A subset of RenderLayers are are scrollable, and get registered on the FrameView,
93         but we pay the cost of a hash lookup for removal on every RenderLayer, which is a waste.
94         
95         Store a bit that tells RenderLayer that it's in the set and needs to be removed.
96
97         * rendering/RenderLayer.cpp:
98         (WebCore::RenderLayer::RenderLayer):
99         (WebCore::RenderLayer::~RenderLayer):
100         (WebCore::RenderLayer::calculateClipRects):
101         * rendering/RenderLayer.h:
102
103 2016-02-16  Daniel Bates  <dabates@apple.com>
104
105         CSP: Update violation report 'Content-Type' header
106         https://bugs.webkit.org/show_bug.cgi?id=153166
107         <rdar://problem/24383327>
108
109         Reviewed by Brent Fulgham.
110
111         Inspired by Blink patch:
112         <https://src.chromium.org/viewvc/blink?view=rev&revision=154215>
113
114         Post the Content Security Policy violation report with Content-Type application/csp-report as
115         per section Reporting of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/>.
116
117         Currently we post CSP violation reports with Content-Type application/json.
118
119         * html/parser/XSSAuditorDelegate.cpp:
120         (WebCore::XSSAuditorDelegate::didBlockScript): Use report type ViolationReportType::XSSAuditor to PingLoader.
121         * loader/PingLoader.cpp:
122         (WebCore::PingLoader::sendViolationReport): Modified to take argument of type ViolationReportType
123         to determine the appropriate Content-Type header to use for the report. For a XSS Auditor violation report
124         we use Content-Type application/json. For a Content Security Policy violation report we use Content-Type
125         application/csp-report. Additionally, pass a ASCIILiteral() to ResourceRequestBase::setHTTPMethod()
126         as opposed to a constant string literal to avoid a copy of a constant string literal.
127         * loader/PingLoader.h: Add enum class ViolationReportType.
128         * page/csp/ContentSecurityPolicy.cpp:
129         (WebCore::ContentSecurityPolicy::reportViolation): Use report type ViolationReportType::ContentSecurityPolicy.
130
131 2016-02-16  Alex Christensen  <achristensen@webkit.org>
132
133         Add checks before redirecting with NetworkSession
134         https://bugs.webkit.org/show_bug.cgi?id=154298
135
136         Reviewed by Andy Estes.
137
138         This fixes http/tests/security/cors-post-redirect-307.html and 
139         http/tests/navigation/post-307-response.html when using NetworkSession.
140
141         * platform/network/ResourceRequestBase.h:
142         WEBCORE_EXPORT some functions newly used in WebKit2.
143
144 2016-02-16  Daniel Bates  <dabates@apple.com>
145
146         CSP: Fix parsing of 'host/path' source expressions
147         https://bugs.webkit.org/show_bug.cgi?id=153170
148         <rdar://problem/24383407>
149
150         Reviewed by Brent Fulgham.
151
152         Merged from Blink (patch by Mike West):
153         <https://src.chromium.org/viewvc/blink?revision=154875&view=revision>
154
155         Fixes an issue where a source of the form example.com/A/ was incorrectly considered
156         invalid and hence such a requested resource would be blocked. A source of this form
157         is valid by the definition of host-source in section Source List Syntax of the Content
158         Security Policy 2.0 spec., <http://www.w3.org/TR/2015/CR-CSP2-20150721/>.
159
160         * page/csp/ContentSecurityPolicySourceList.cpp:
161         (WebCore::ContentSecurityPolicySourceList::parseSource):
162
163 2016-02-16  Daniel Bates  <dabates@apple.com>
164
165         CSP: Disallow an empty host in a host-source source expression
166         https://bugs.webkit.org/show_bug.cgi?id=153168
167         <rdar://problem/24383366>
168
169         Reviewed by Brent Fulgham.
170
171         Merged from Blink (patch by rob@robwu.nl):
172         <https://src.chromium.org/viewvc/blink?revision=180407&view=revision>
173
174         * page/csp/ContentSecurityPolicySourceList.cpp:
175         (WebCore::ContentSecurityPolicySourceList::parseSource):
176
177 2016-02-16  Brady Eidson  <beidson@apple.com>
178
179         Modern IDB: WK2 IPC Scaffolding.
180         https://bugs.webkit.org/show_bug.cgi?id=154296
181
182         Reviewed by Alex Christensen.
183         
184         No change in behavior yet; Just laying the groundwork.
185
186         * Modules/indexeddb/client/IDBConnectionToServer.h:
187         * Modules/indexeddb/server/IDBConnectionToClient.h:
188         * Modules/indexeddb/shared/IDBResourceIdentifier.h:
189
190 2016-02-16  Chris Dumez  <cdumez@apple.com>
191
192         [Web IDL] Operations should be on the instance for global objects or if [Unforgeable]
193         https://bugs.webkit.org/show_bug.cgi?id=154120
194         <rdar://problem/24613231>
195
196         Reviewed by Gavin Barraclough.
197
198         Operations should be on the instance for global objects or if
199         [Unforgeable] as per the Web IDL specification:
200         - http://heycam.github.io/webidl/#es-operations
201         - http://heycam.github.io/webidl/#dfn-unforgeable-on-an-interface
202
203         This patch implements this behavior in order to align
204         with the specification and other browsers.
205
206         No new tests, already covered by existing tests.
207
208         * bindings/js/JSDOMWindowCustom.cpp:
209         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
210         Update function names now that they have "Instance" in their
211         name instead of "Prototype".
212
213         (WebCore::JSDOMWindow::getOwnPropertySlot):
214         - Update function names now that they have "Instance" in their
215           name instead of "Prototype".
216         - Move the functions hard-coding *before* the static table check
217           now that these functions are in the static table to maintain
218           the previous behavior.
219
220         * bindings/js/JSLocationCustom.cpp:
221         (WebCore::JSLocation::getOwnPropertySlotDelegate):
222         Update function names now that they have "Instance" in their
223         name instead of "Prototype".
224
225         * bindings/scripts/CodeGeneratorJS.pm:
226         - Move functions to the instance if their interface is a global
227           object or if they are marked as [Unforgeable]. Operations are
228           now treated more like attributes, as they can now be either on
229           the instance or the prototype. In a lot of places, I now use
230           the naming "properties" instead of "attributes" as "properties"
231           refer both "attributes" and "operations" / "functions".
232
233         * bindings/scripts/test/JS/JSTestInterface.cpp:
234         * bindings/scripts/test/JS/JSTestObj.cpp:
235         Rebaseline bindings tests.
236
237 2016-02-16  Simon Fraser  <simon.fraser@apple.com>
238
239         Rollout r188659. This broke scrolling of iframes and overflow when
240         navigating back to a page in the page cache.
241         
242         The fix was overly agressive and had no layout test. I will fix the original
243         issue a different way.
244
245         * history/CachedFrame.cpp:
246         (WebCore::CachedFrame::CachedFrame):
247         * page/FrameView.cpp:
248         (WebCore::FrameView::clearScrollableAreas): Deleted.
249         * page/FrameView.h:
250
251 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
252
253         [GTK] No hover-horizontal scrolling available
254         https://bugs.webkit.org/show_bug.cgi?id=122859
255
256         Reviewed by Michael Catanzaro.
257
258         This is a regression of WebKit2, because in WebKit1 we used native
259         widgets for frame scrollbars that handled this automatically. Now
260         we need to also check if the mouse is over frame scrollbars to
261         adjust the wheel event.
262
263         Test: platform/gtk/scrollbars/main-frame-scrollbar-horizontal-wheel-scroll.html
264
265         * page/EventHandler.cpp:
266         (WebCore::EventHandler::handleWheelEvent): Pass the adjusted wheel
267         event to platformCompleteWheelEvent().
268         * page/gtk/EventHandlerGtk.cpp:
269         (WebCore::EventHandler::shouldTurnVerticalTicksIntoHorizontal):
270         Check also frame scrollbars.
271
272 2016-02-16  Antti Koivisto  <antti@apple.com>
273
274         Factor id mutation style invalidation code into a class
275         https://bugs.webkit.org/show_bug.cgi?id=154287
276
277         Reviewed by Andreas Kling.
278
279         Also add a cheap basic optimization that avoids descendant invalidation if they can not be affected.
280
281         It would be easy to implement fine grained invalidation like with classes and attribute selectors.
282         However dynamic id changes are not common enough (nor recommended) to pay the memory cost of
283         the required data structures.
284
285         Test: fast/css/style-invalidation-id-change-descendants.html
286
287         * CMakeLists.txt:
288         * WebCore.vcxproj/WebCore.vcxproj:
289         * WebCore.xcodeproj/project.pbxproj:
290         * css/RuleFeature.cpp:
291         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
292         (WebCore::RuleFeatureSet::add):
293         (WebCore::RuleFeatureSet::clear):
294         * css/RuleFeature.h:
295         * dom/Element.cpp:
296         (WebCore::makeIdForStyleResolution):
297         (WebCore::Element::attributeChanged):
298         (WebCore::checkNeedsStyleInvalidationForIdChange): Deleted.
299         * style/IdChangeInvalidation.cpp: Added.
300         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
301         * style/IdChangeInvalidation.h: Added.
302         (WebCore::Style::IdChangeInvalidation::IdChangeInvalidation):
303         (WebCore::Style::IdChangeInvalidation::~IdChangeInvalidation):
304
305 2016-02-16  Andreas Kling  <akling@apple.com>
306
307         Drop StyleResolver and SelectorQueryCache when entering PageCache.
308         <https://webkit.org/b/154238>
309
310         Reviewed by Antti Koivisto.
311
312         Stop keeping these around for cached pages to save lots of memory.
313         We can easily rebuild them if a cached navigation occurs, and this
314         way we also don't need to worry about invalidating style for cached
315         pages in all the right places.
316
317         Restoring a cached page will now lead to a forced style recalc.
318         We don't try to defer this (beyond a zero-timer) since it's going
319         to happen anyway, and it's nicer to front-load the cost rather than
320         stuttering on the first user content interaction.
321
322         * dom/Document.cpp:
323         (WebCore::Document::setInPageCache):
324         * history/CachedPage.cpp:
325         (WebCore::CachedPage::restore):
326         (WebCore::CachedPage::clear): Deleted.
327         * history/CachedPage.h:
328         (WebCore::CachedPage::markForVisitedLinkStyleRecalc): Deleted.
329         (WebCore::CachedPage::markForFullStyleRecalc): Deleted.
330         * history/PageCache.cpp:
331         (WebCore::PageCache::markPagesForVisitedLinkStyleRecalc): Deleted.
332         (WebCore::PageCache::markPagesForFullStyleRecalc): Deleted.
333         * history/PageCache.h:
334         * page/Frame.cpp:
335         (WebCore::Frame::setPageAndTextZoomFactors): Deleted.
336         * page/Page.cpp:
337         (WebCore::Page::setViewScaleFactor): Deleted.
338         (WebCore::Page::setDeviceScaleFactor): Deleted.
339         (WebCore::Page::setPagination): Deleted.
340         (WebCore::Page::setPaginationLineGridEnabled): Deleted.
341         (WebCore::Page::setVisitedLinkStore): Deleted.
342
343 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
344
345         [GTK] clicking on the scrollbar trough steps rather than jumps to the clicked position
346         https://bugs.webkit.org/show_bug.cgi?id=115363
347
348         Reviewed by Michael Catanzaro.
349
350         Allow ScrollbarTheme to decide the behavior of a button press event,
351         instead of only deciding whether to center on thumb or not. This
352         way we can match the current GTK+ behavior in WebKit, without
353         affecting other ports.
354
355         * platform/ScrollTypes.h: Add ScrollbarButtonPressAction enum.
356         * platform/Scrollbar.cpp:
357         (WebCore::Scrollbar::mouseDown): Ask ScrollbarTheme to handle the
358         event for the pressed part and do the requested action.
359         * platform/ScrollbarTheme.cpp:
360         (WebCore::ScrollbarTheme::handleMousePressEvent): Add default
361         implementation. It's equivalent to the previous default implementation.
362         * platform/ScrollbarTheme.h:
363         * platform/gtk/ScrollbarThemeGtk.cpp:
364         (WebCore::ScrollbarThemeGtk::handleMousePressEvent): Match current
365         GTK+ behavior: left click centers on thumb and right click
366         scrolls. Dragging the thumb works for left and middle buttons.
367         * platform/gtk/ScrollbarThemeGtk.h:
368         * platform/ios/ScrollbarThemeIOS.h: Remove shouldCenterOnThumb,
369         and don't override handleMousePressEvent since iOS wants the
370         default behavior.
371         * platform/ios/ScrollbarThemeIOS.mm:
372         * platform/mac/ScrollbarThemeMac.h: Override handleMousePressEvent
373         and remove shouldCenterOnThumb.
374         * platform/mac/ScrollbarThemeMac.mm:
375         (WebCore::shouldCenterOnThumb): Same implementation just made it
376         static to be used as helper.
377         (WebCore::ScrollbarThemeMac::handleMousePressEvent): Return the
378         desired action keeping the same behavior.
379         * platform/win/ScrollbarThemeWin.cpp:
380         (WebCore::ScrollbarThemeWin::handleMousePressEvent): Ditto.
381         * platform/win/ScrollbarThemeWin.h:
382         * rendering/RenderScrollbarTheme.h:
383
384 2016-02-16  Carlos Garcia Campos  <cgarcia@igalia.com>
385
386         Mouse cursor doesn't change when entering scrollbars
387         https://bugs.webkit.org/show_bug.cgi?id=154243
388
389         Reviewed by Simon Fraser.
390
391         If the scrollbar is over or very close to text or a link, when
392         entering the scrollbar the cursor is not changed, keeping the beam
393         or hand cursor when using the scrollbar. Same happens for image
394         documents where the magnifier cursor is used and it remains when
395         entering the scrollbars. We should use pointer cursor always for
396         scrollbars.
397
398         * page/EventHandler.cpp:
399         (WebCore::EventHandler::updateCursor): Request also to include
400         frame scrollbars in hit test result.
401         (WebCore::EventHandler::selectCursor): Use always pointer cursor
402         for scrollbars.
403
404 2016-02-15  Antti Koivisto  <antti@apple.com>
405
406         Optimize style invalidations for attribute selectors
407         https://bugs.webkit.org/show_bug.cgi?id=154242
408
409         Reviewed by Andreas Kling.
410
411         Currently we invalidate the whole element subtree if there are any attribute selectors for the changed attribute.
412         This is slow as generally few if any elements are really affected. Using attribute selectors for dynamic styling
413         should be performant.
414
415         This patch implements optimization strategy for attributes similar to what we already have for classes:
416
417         - Collect a map of all rules that contains descendant-affecting attribute selectors for a given attribute.
418         - When an attribute value changes check if there are any such rules for it.
419         - Check if the value change affects the results of any of the attribute selectors.
420         - Only if it does invalidate the exact descendant elements affected by the rules.
421
422         Test: fast/css/style-invalidation-attribute-change-descendants.html
423
424         * WebCore.xcodeproj/project.pbxproj:
425         * css/DocumentRuleSets.cpp:
426         (WebCore::DocumentRuleSets::ancestorClassRules):
427         (WebCore::DocumentRuleSets::ancestorAttributeRulesForHTML):
428
429             Create optimization RuleSets when needed.
430
431         * css/DocumentRuleSets.h:
432         (WebCore::DocumentRuleSets::uncommonAttribute):
433         (WebCore::DocumentRuleSets::features):
434         * css/RuleFeature.cpp:
435         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
436         (WebCore::makeAttributeSelectorKey):
437         (WebCore::RuleFeatureSet::collectFeatures):
438
439             Collect rules with descendant affecting attribute selectors.
440
441         (WebCore::RuleFeatureSet::add):
442         (WebCore::RuleFeatureSet::clear):
443         (WebCore::RuleFeatureSet::shrinkToFit):
444         * css/RuleFeature.h:
445         * css/SelectorChecker.cpp:
446         (WebCore::anyAttributeMatches):
447         (WebCore::SelectorChecker::attributeSelectorMatches):
448
449             Expose function for matching single attribute selectors.
450
451         (WebCore::canMatchHoverOrActiveInQuirksMode):
452         * css/SelectorChecker.h:
453         * dom/Attr.cpp:
454         (WebCore::Attr::setValue):
455         (WebCore::Attr::childrenChanged):
456         * dom/Element.cpp:
457         (WebCore::Element::setAttributeInternal):
458         (WebCore::makeIdForStyleResolution):
459         (WebCore::Element::attributeChanged):
460         (WebCore::Element::removeAttributeInternal):
461         (WebCore::Element::addAttributeInternal):
462         (WebCore::Element::removeAttribute):
463
464             Add AttributeChangeInvalidation where needed.
465
466         (WebCore::Element::needsStyleInvalidation):
467
468             Move to Element from ClassChangeInvalidation.
469
470         (WebCore::Element::willModifyAttribute):
471
472             No more full style invalidation on attribute change.
473
474         * style/AttributeChangeInvalidation.cpp: Added.
475         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
476
477             Invalidate local style.
478             Check if we need to invalidate descendants by looking into ancestorAttributeRules.
479
480         (WebCore::Style::AttributeChangeInvalidation::invalidateDescendants):
481
482             Use StyleInvalidationAnalysis to invalidate the subtree for the relevant rules.
483
484         * style/AttributeChangeInvalidation.h: Added.
485         (WebCore::Style::AttributeChangeInvalidation::needsInvalidation):
486         (WebCore::Style::AttributeChangeInvalidation::AttributeChangeInvalidation):
487         (WebCore::Style::AttributeChangeInvalidation::~AttributeChangeInvalidation):
488
489             If needed, invalidate descendants before and after attribute change to catch rules that start and stop applying.
490
491 2016-02-16  Chris Dumez  <cdumez@apple.com>
492
493         Do security checks early in JSDOMWindow::put*()
494         https://bugs.webkit.org/show_bug.cgi?id=154270
495
496         Reviewed by Gavin Barraclough.
497
498         Do security checks early in JSDOMWindow::put() / JSDOMWindow::putByIndex()
499         and return as soon as possible. This makes it less error-prone as we need
500         to do the security check only once, at the top of the function.
501
502         Also lock down the security further by calling lookupPut() only if the
503         property name is "location". The "location" property is the only one that
504         can be set cross-origin. Previously, trying to set a property such as
505         "name" (which cannot be set cross-origin) relied on the attribute setter
506         doing the security check when getting called. The new check is less error
507         prone and will correctly prevent overriding window's method cross-origin
508         once these move down from the prototype (Bug 154120).
509
510         Finally, the previous code was failing to set the "location" property
511         cross-origin after the window has been reified. This patch fixes the
512         issue by always calling the original "location" property setter from the
513         static table in the cross-origin case.
514
515         Test: http/tests/security/cross-origin-reified-window-location-setting.html
516
517         * bindings/js/JSDOMWindowCustom.cpp:
518         (WebCore::JSDOMWindow::put):
519         (WebCore::JSDOMWindow::putByIndex):
520
521 2016-02-15  Brent Fulgham  <bfulgham@apple.com>
522
523         [Mac] Gather some rudimentary statistics during resource load 
524         https://bugs.webkit.org/show_bug.cgi?id=153575
525         <rdar://problem/24075254>
526
527         Reviewed by Brady Eidson.
528
529         Tested by: http/tests/navigation/statistics.html
530
531         * CMakeLists.txt:
532         * PlatformWin.cmake:
533         * WebCore.xcodeproj/project.pbxproj:
534         * dom/Document.cpp:
535         (WebCore::Document::updateLastHandledUserGestureTimestamp): Log user interaction
536         with the ResourceLoadObserver.
537         * loader/DocumentLoader.cpp:
538         (WebCore::DocumentLoader::willSendRequest): Track load statistics if the
539         user interacted with the document.
540         * loader/ResourceLoadObserver.cpp: Added.
541         * loader/ResourceLoadObserver.h: Added.
542         * loader/ResourceLoadStatistics.cpp: Added.
543         * loader/ResourceLoadStatistics.h: Added.
544         * loader/SubresourceLoader.cpp:
545         (WebCore::SubresourceLoader::willSendRequestInternal): Track load statistics.
546         * page/Settings.cpp:
547         (WebCore::Settings::setResourceLoadStatisticsEnabled): Added.
548         * page/Settings.h:
549         (WebCore::Settings::resourceLoadStatisticsEnabled): Added.
550         * platform/Logging.h:
551         * testing/Internals.cpp:
552         (WebCore::Internals::resourceLoadStatisticsForOrigin):
553         (WebCore::Internals::setResourceLoadStatisticsEnabled):
554         * testing/Internals.h:
555         * testing/Internals.idl:
556
557 2016-02-15  Chris Dumez  <cdumez@apple.com>
558
559         The following properties should exist on the global object: AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
560         https://bugs.webkit.org/show_bug.cgi?id=154250
561         <rdar://problem/24660829>
562
563         Reviewed by Eric Carlson.
564
565         The following properties should exist on the global object:
566         - AudioTrackList, AudioTrack, VideoTrackList, VideoTrack
567
568         These interfaces are not marked as [NoInterfaceObject] in:
569         - https://html.spec.whatwg.org/#audiotracklist-and-videotracklist-objects
570
571         No new tests, already covered by existing tests.
572
573         * html/track/AudioTrack.idl:
574         * html/track/AudioTrackList.idl:
575         * html/track/VideoTrack.idl:
576         * html/track/VideoTrackList.idl:
577
578 2016-02-15  Sam Weinig  <sam@webkit.org>
579
580         Stop using NSMapTable in places where we were only using it to be GC safe
581         <rdar://problem/24063723>
582         https://bugs.webkit.org/show_bug.cgi?id=154264
583
584         Reviewed by Dan Bernstein.
585
586         Switch from NSMapTable to HashMap.
587
588         * WebCore.xcodeproj/project.pbxproj:
589         * bindings/objc/DOMInternal.h:
590         * bindings/objc/DOMInternal.mm:
591         * bindings/objc/WebScriptObject.mm:
592         * bridge/objc/objc_instance.mm:
593         * platform/spi/cocoa/NSPointerFunctionsSPI.h: Removed. No longer used.
594
595 2016-02-15  Myles C. Maxfield  <mmaxfield@apple.com>
596
597         [Font Loading] Implement FontFace JavaScript object
598         https://bugs.webkit.org/show_bug.cgi?id=153345
599
600         Reviewed by Antti Koivisto.
601
602         Test: fast/text/font-face-javascript.html
603
604         This patch implements the FontFace Javascript object. This object mostly consists of
605         style getters / setters, which we implement by parsing input strings and generating
606         output strings similarly to getComputedStyle(). This object also has a load() function
607         which returns a promise which will be fulfilled or rejected depending on the load.
608         There is also a "loaded" attribute which exposes this promise directly. Also, a status
609         field is exposed so script knows what the state of the load is.
610
611         Currently, loading depends on our CachedResourceLoader which is part of the Document,
612         so this API is not available in a non-document context.
613
614         Another caveat is that immediate-mode font loading (where the content provides an
615         ArrayBuffer containing the bytes of the font file) is forthcoming. This requires
616         changing the relationship between CSSFontFaceSource and CachedFont.
617
618         CSSFontFace has been modified to keep a strong reference to the CSSFontSelector. This
619         is because the lifetime of the CSSFontFace can now outlive the CSSFontSelector. When
620         the CSSFontSelector is removed from the Document, it explicitly clears its constituent
621         CSSFontFaces, thereby breaking the reference cycle.
622
623         Test: fast/text/font-face-javascript-expected.html
624
625         * CMakeLists.txt: Add new files.
626         * DerivedSources.cpp: Ditto.
627         * DerivedSources.make: Ditto.
628         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
629         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
630         * WebCore.xcodeproj/project.pbxproj: Ditto.
631         * bindings/js/JSDOMPromise.cpp:
632         (WebCore::DeferredWrapper::globalObject): Remove whitespace.
633         (WebCore::DeferredWrapper::deferred): Allow access to the inner JSC object.
634         * bindings/js/JSDOMPromise.h:
635         (WebCore::DOMPromise::deferred): Ditto.
636         * bindings/js/JSFontFaceCustom.cpp: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
637         (WebCore::JSFontFace::loaded):
638         (WebCore::JSFontFace::load):
639         * css/CSSFontFace.cpp:
640         (WebCore::CSSFontFace::CSSFontFace): 
641         (WebCore::CSSFontFace::adoptSource):
642         (WebCore::CSSFontFace::updateStatus): Enforce the state machine's transitions.
643         (WebCore::CSSFontFace::fontLoaded):
644         (WebCore::CSSFontFace::pump):
645         (WebCore::CSSFontFace::load):
646         * css/CSSFontFace.h:
647         (WebCore::CSSFontFaceClient::~CSSFontFaceClient):
648         (WebCore::CSSFontFace::create):
649         (WebCore::CSSFontFace::status):
650         * css/CSSFontSelector.cpp:
651         (WebCore::CSSFontSelector::appendSources): Update for new CSSFontFace API.
652         (WebCore::CSSFontSelector::registerLocalFontFacesForFamily): Ditto.
653         (WebCore::CSSFontSelector::addFontFaceRule): Ditto.
654         (WebCore::CSSFontSelector::kick): Ditto.
655         (WebCore::appendSources): Deleted.
656         (WebCore::registerLocalFontFacesForFamily): Deleted.
657         * css/CSSFontSelector.h:
658         * css/CSSUnicodeRangeValue.cpp: Use for serializing the "unicodeRange" property.
659         * css/FontFace.cpp:
660         (WebCore::createPromise): Implement the remaining Javascript API functions.
661         (WebCore::valueFromDictionary):
662         (WebCore::FontFace::create):
663         (WebCore::FontFace::FontFace):
664         (WebCore::FontFace::parseString):
665         (WebCore::FontFace::status):
666         (WebCore::FontFace::kick):
667         (WebCore::FontFace::load):
668         (WebCore::FontFace::fulfillPromise):
669         (WebCore::FontFace::rejectPromise):
670         (WebCore::parseString): Deleted.
671         * css/FontFace.h:
672         (WebCore::FontFace::promise):
673         (WebCore::FontFace::backing):
674         (WebCore::FontFace::create): Deleted.
675         * css/FontFace.idl: Copied from Source/WebCore/bindings/js/JSDOMPromise.cpp.
676
677 2016-02-15  Jer Noble  <jer.noble@apple.com>
678
679         Null-deref crash in DefaultAudioDestinationNode::suspend()
680         https://bugs.webkit.org/show_bug.cgi?id=154248
681
682         Reviewed by Alex Christensen.
683
684         Drive-by fix: AudioContext should be a reference, not a pointer.
685
686         * Modules/webaudio/AnalyserNode.cpp:
687         (WebCore::AnalyserNode::AnalyserNode):
688         * Modules/webaudio/AnalyserNode.h:
689         (WebCore::AnalyserNode::create):
690         * Modules/webaudio/AudioBasicInspectorNode.cpp:
691         (WebCore::AudioBasicInspectorNode::AudioBasicInspectorNode):
692         (WebCore::AudioBasicInspectorNode::connect):
693         (WebCore::AudioBasicInspectorNode::disconnect):
694         (WebCore::AudioBasicInspectorNode::checkNumberOfChannelsForInput):
695         (WebCore::AudioBasicInspectorNode::updatePullStatus):
696         * Modules/webaudio/AudioBasicInspectorNode.h:
697         * Modules/webaudio/AudioBasicProcessorNode.cpp:
698         (WebCore::AudioBasicProcessorNode::AudioBasicProcessorNode):
699         (WebCore::AudioBasicProcessorNode::checkNumberOfChannelsForInput):
700         * Modules/webaudio/AudioBasicProcessorNode.h:
701         * Modules/webaudio/AudioBufferSourceNode.cpp:
702         (WebCore::AudioBufferSourceNode::create):
703         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
704         (WebCore::AudioBufferSourceNode::renderFromBuffer):
705         (WebCore::AudioBufferSourceNode::setBuffer):
706         (WebCore::AudioBufferSourceNode::startPlaying):
707         (WebCore::AudioBufferSourceNode::looping):
708         (WebCore::AudioBufferSourceNode::setLooping):
709         * Modules/webaudio/AudioBufferSourceNode.h:
710         * Modules/webaudio/AudioContext.cpp:
711         (WebCore::AudioContext::AudioContext):
712         (WebCore::AudioContext::createBufferSource):
713         (WebCore::AudioContext::createMediaElementSource):
714         (WebCore::AudioContext::createMediaStreamDestination):
715         (WebCore::AudioContext::createScriptProcessor):
716         (WebCore::AudioContext::createBiquadFilter):
717         (WebCore::AudioContext::createWaveShaper):
718         (WebCore::AudioContext::createPanner):
719         (WebCore::AudioContext::createConvolver):
720         (WebCore::AudioContext::createDynamicsCompressor):
721         (WebCore::AudioContext::createAnalyser):
722         (WebCore::AudioContext::createGain):
723         (WebCore::AudioContext::createDelay):
724         (WebCore::AudioContext::createChannelSplitter):
725         (WebCore::AudioContext::createChannelMerger):
726         (WebCore::AudioContext::createOscillator):
727         * Modules/webaudio/AudioContext.h:
728         (WebCore::operator==):
729         (WebCore::operator!=):
730         * Modules/webaudio/AudioDestinationNode.cpp:
731         (WebCore::AudioDestinationNode::AudioDestinationNode):
732         (WebCore::AudioDestinationNode::render):
733         (WebCore::AudioDestinationNode::updateIsEffectivelyPlayingAudio):
734         * Modules/webaudio/AudioDestinationNode.h:
735         * Modules/webaudio/AudioNode.cpp:
736         (WebCore::AudioNode::AudioNode):
737         (WebCore::AudioNode::connect):
738         (WebCore::AudioNode::disconnect):
739         (WebCore::AudioNode::setChannelCount):
740         (WebCore::AudioNode::setChannelCountMode):
741         (WebCore::AudioNode::setChannelInterpretation):
742         (WebCore::AudioNode::scriptExecutionContext):
743         (WebCore::AudioNode::processIfNecessary):
744         (WebCore::AudioNode::checkNumberOfChannelsForInput):
745         (WebCore::AudioNode::propagatesSilence):
746         (WebCore::AudioNode::pullInputs):
747         (WebCore::AudioNode::enableOutputsIfNecessary):
748         (WebCore::AudioNode::deref):
749         (WebCore::AudioNode::finishDeref):
750         * Modules/webaudio/AudioNode.h:
751         (WebCore::AudioNode::context):
752         * Modules/webaudio/AudioNodeInput.cpp:
753         (WebCore::AudioNodeInput::connect):
754         (WebCore::AudioNodeInput::disconnect):
755         (WebCore::AudioNodeInput::disable):
756         (WebCore::AudioNodeInput::enable):
757         (WebCore::AudioNodeInput::updateInternalBus):
758         (WebCore::AudioNodeInput::bus):
759         (WebCore::AudioNodeInput::internalSummingBus):
760         (WebCore::AudioNodeInput::sumAllConnections):
761         (WebCore::AudioNodeInput::pull):
762         * Modules/webaudio/AudioNodeOutput.cpp:
763         (WebCore::AudioNodeOutput::setNumberOfChannels):
764         (WebCore::AudioNodeOutput::updateNumberOfChannels):
765         (WebCore::AudioNodeOutput::propagateChannelCount):
766         (WebCore::AudioNodeOutput::pull):
767         (WebCore::AudioNodeOutput::bus):
768         (WebCore::AudioNodeOutput::fanOutCount):
769         (WebCore::AudioNodeOutput::paramFanOutCount):
770         (WebCore::AudioNodeOutput::addInput):
771         (WebCore::AudioNodeOutput::removeInput):
772         (WebCore::AudioNodeOutput::disconnectAllInputs):
773         (WebCore::AudioNodeOutput::addParam):
774         (WebCore::AudioNodeOutput::removeParam):
775         (WebCore::AudioNodeOutput::disconnectAllParams):
776         (WebCore::AudioNodeOutput::disable):
777         (WebCore::AudioNodeOutput::enable):
778         * Modules/webaudio/AudioNodeOutput.h:
779         (WebCore::AudioNodeOutput::context):
780         * Modules/webaudio/AudioParam.cpp:
781         (WebCore::AudioParam::value):
782         (WebCore::AudioParam::smooth):
783         (WebCore::AudioParam::calculateSampleAccurateValues):
784         (WebCore::AudioParam::calculateFinalValues):
785         (WebCore::AudioParam::calculateTimelineValues):
786         (WebCore::AudioParam::connect):
787         (WebCore::AudioParam::disconnect):
788         * Modules/webaudio/AudioParam.h:
789         (WebCore::AudioParam::create):
790         (WebCore::AudioParam::AudioParam):
791         * Modules/webaudio/AudioParamTimeline.cpp:
792         (WebCore::AudioParamTimeline::valueForContextTime):
793         * Modules/webaudio/AudioParamTimeline.h:
794         * Modules/webaudio/AudioScheduledSourceNode.cpp:
795         (WebCore::AudioScheduledSourceNode::AudioScheduledSourceNode):
796         (WebCore::AudioScheduledSourceNode::updateSchedulingInfo):
797         (WebCore::AudioScheduledSourceNode::start):
798         (WebCore::AudioScheduledSourceNode::finish):
799         * Modules/webaudio/AudioScheduledSourceNode.h:
800         * Modules/webaudio/AudioSummingJunction.cpp:
801         (WebCore::AudioSummingJunction::AudioSummingJunction):
802         (WebCore::AudioSummingJunction::~AudioSummingJunction):
803         (WebCore::AudioSummingJunction::changedOutputs):
804         (WebCore::AudioSummingJunction::updateRenderingState):
805         * Modules/webaudio/AudioSummingJunction.h:
806         (WebCore::AudioSummingJunction::context):
807         * Modules/webaudio/BiquadFilterNode.cpp:
808         (WebCore::BiquadFilterNode::BiquadFilterNode):
809         * Modules/webaudio/BiquadFilterNode.h:
810         (WebCore::BiquadFilterNode::create):
811         * Modules/webaudio/BiquadProcessor.cpp:
812         (WebCore::BiquadProcessor::BiquadProcessor):
813         * Modules/webaudio/BiquadProcessor.h:
814         * Modules/webaudio/ChannelMergerNode.cpp:
815         (WebCore::ChannelMergerNode::create):
816         (WebCore::ChannelMergerNode::ChannelMergerNode):
817         (WebCore::ChannelMergerNode::checkNumberOfChannelsForInput):
818         * Modules/webaudio/ChannelMergerNode.h:
819         * Modules/webaudio/ChannelSplitterNode.cpp:
820         (WebCore::ChannelSplitterNode::create):
821         (WebCore::ChannelSplitterNode::ChannelSplitterNode):
822         * Modules/webaudio/ChannelSplitterNode.h:
823         * Modules/webaudio/ConvolverNode.cpp:
824         (WebCore::ConvolverNode::ConvolverNode):
825         (WebCore::ConvolverNode::setBuffer):
826         * Modules/webaudio/ConvolverNode.h:
827         (WebCore::ConvolverNode::create):
828         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
829         (WebCore::DefaultAudioDestinationNode::DefaultAudioDestinationNode):
830         (WebCore::DefaultAudioDestinationNode::resume):
831         (WebCore::DefaultAudioDestinationNode::suspend):
832         (WebCore::DefaultAudioDestinationNode::close):
833         * Modules/webaudio/DefaultAudioDestinationNode.h:
834         (WebCore::DefaultAudioDestinationNode::create):
835         * Modules/webaudio/DelayNode.cpp:
836         (WebCore::DelayNode::DelayNode):
837         * Modules/webaudio/DelayNode.h:
838         (WebCore::DelayNode::create):
839         * Modules/webaudio/DelayProcessor.cpp:
840         (WebCore::DelayProcessor::DelayProcessor):
841         * Modules/webaudio/DelayProcessor.h:
842         * Modules/webaudio/DynamicsCompressorNode.cpp:
843         (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
844         * Modules/webaudio/DynamicsCompressorNode.h:
845         (WebCore::DynamicsCompressorNode::create):
846         * Modules/webaudio/GainNode.cpp:
847         (WebCore::GainNode::GainNode):
848         (WebCore::GainNode::checkNumberOfChannelsForInput):
849         * Modules/webaudio/GainNode.h:
850         (WebCore::GainNode::create):
851         * Modules/webaudio/MediaElementAudioSourceNode.cpp:
852         (WebCore::MediaElementAudioSourceNode::create):
853         (WebCore::MediaElementAudioSourceNode::MediaElementAudioSourceNode):
854         (WebCore::MediaElementAudioSourceNode::setFormat):
855         * Modules/webaudio/MediaElementAudioSourceNode.h:
856         * Modules/webaudio/MediaStreamAudioDestinationNode.cpp:
857         (WebCore::MediaStreamAudioDestinationNode::create):
858         (WebCore::MediaStreamAudioDestinationNode::MediaStreamAudioDestinationNode):
859         * Modules/webaudio/MediaStreamAudioDestinationNode.h:
860         * Modules/webaudio/MediaStreamAudioSourceNode.cpp:
861         (WebCore::MediaStreamAudioSourceNode::MediaStreamAudioSourceNode):
862         (WebCore::MediaStreamAudioSourceNode::setFormat):
863         * Modules/webaudio/OfflineAudioDestinationNode.cpp:
864         (WebCore::OfflineAudioDestinationNode::OfflineAudioDestinationNode):
865         (WebCore::OfflineAudioDestinationNode::offlineRender):
866         (WebCore::OfflineAudioDestinationNode::notifyComplete):
867         * Modules/webaudio/OfflineAudioDestinationNode.h:
868         (WebCore::OfflineAudioDestinationNode::create):
869         * Modules/webaudio/OscillatorNode.cpp:
870         (WebCore::OscillatorNode::create):
871         (WebCore::OscillatorNode::OscillatorNode):
872         * Modules/webaudio/OscillatorNode.h:
873         * Modules/webaudio/PannerNode.cpp:
874         (WebCore::PannerNode::PannerNode):
875         (WebCore::PannerNode::pullInputs):
876         (WebCore::PannerNode::process):
877         (WebCore::PannerNode::listener):
878         (WebCore::PannerNode::setPanningModel):
879         * Modules/webaudio/PannerNode.h:
880         (WebCore::PannerNode::create):
881         * Modules/webaudio/ScriptProcessorNode.cpp:
882         (WebCore::ScriptProcessorNode::create):
883         (WebCore::ScriptProcessorNode::ScriptProcessorNode):
884         (WebCore::ScriptProcessorNode::initialize):
885         (WebCore::ScriptProcessorNode::fireProcessEvent):
886         * Modules/webaudio/ScriptProcessorNode.h:
887         * Modules/webaudio/WaveShaperNode.cpp:
888         (WebCore::WaveShaperNode::WaveShaperNode):
889         (WebCore::WaveShaperNode::setOversample):
890         * Modules/webaudio/WaveShaperNode.h:
891         (WebCore::WaveShaperNode::create):
892
893 2016-02-15  Jer Noble  <jer.noble@apple.com>
894
895         Null-deref crash in DefaultAudioDestinationNode::suspend()
896         https://bugs.webkit.org/show_bug.cgi?id=154248
897
898         Reviewed by Alex Christensen.
899
900         Null-check scriptExecutionContext() before deref.
901
902         * Modules/webaudio/DefaultAudioDestinationNode.cpp:
903         (WebCore::DefaultAudioDestinationNode::resume):
904         (WebCore::DefaultAudioDestinationNode::suspend):
905         (WebCore::DefaultAudioDestinationNode::close):
906
907 2016-02-15  Chris Dumez  <cdumez@apple.com>
908
909         XMLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
910         https://bugs.webkit.org/show_bug.cgi?id=154230
911
912         Reviewed by Alex Christensen.
913
914         MLHttpRequest / XMLHttpRequestUpload should inherit XMLHttpRequestEventTarget
915         as per:
916         https://xhr.spec.whatwg.org/#xmlhttprequesteventtarget
917
918         Firefox and Chrome already match the specification.
919
920         No new tests, already covered by existing tests.
921
922         * CMakeLists.txt:
923         * DerivedSources.make:
924         * WebCore.vcxproj/WebCore.vcxproj:
925         * WebCore.vcxproj/WebCore.vcxproj.filters:
926         * WebCore.xcodeproj/project.pbxproj:
927         * xml/XMLHttpRequest.h:
928         * xml/XMLHttpRequest.idl:
929         * xml/XMLHttpRequestEventTarget.h: Added.
930         * xml/XMLHttpRequestEventTarget.idl: Copied from Source/WebCore/xml/XMLHttpRequestUpload.idl.
931         * xml/XMLHttpRequestUpload.h:
932         * xml/XMLHttpRequestUpload.idl:
933
934 2016-02-15  Jiewen Tan  <jiewen_tan@apple.com>
935
936         Refine SimulatedMouseEvent to support Event.isTrusted
937         https://bugs.webkit.org/show_bug.cgi?id=154133
938         <rdar://problem/24616246>
939
940         Reviewed by Darin Adler.
941
942         This patch extracts everything related to create/dispatch SimulatedMouseEvent from MouseEvent.h/cpp
943         and EventDispatcher.h/cpp, and produces SimulateClick.h/cpp which will handle simulated click solely.
944         After that, we hide the SimulatedMouseEvent and only expose simulateClick to be called. The reason is
945         that we both want to tell whether the call sites are from user agent/bindings and keep the
946         SimulatedMouseEvent intact.
947
948         Also, this patch separate Element::dispatchSimulatedClick into two: one for the user agent, and another
949         for the bindings. Therefore, HTMLElement.click will be treated as untrusted.
950
951         Some of the changes in this patch referred Blink r200401:
952         https://codereview.chromium.org/1285793004
953
954         Modified test:
955         LayoutTests/imported/blink/fast/events/event-trusted.html
956
957         * CMakeLists.txt:
958         * WebCore.xcodeproj/project.pbxproj:
959         * dom/Element.cpp:
960         (WebCore::Element::dispatchSimulatedClick):
961         (WebCore::Element::dispatchSimulatedClickForBindings):
962         * dom/Element.h:
963         * dom/EventDispatcher.cpp:
964         (WebCore::EventDispatcher::dispatchSimulatedClick): Deleted.
965         * dom/EventDispatcher.h:
966         * dom/MouseEvent.cpp:
967         (WebCore::SimulatedMouseEvent::create): Deleted.
968         (WebCore::SimulatedMouseEvent::~SimulatedMouseEvent): Deleted.
969         (WebCore::SimulatedMouseEvent::SimulatedMouseEvent): Deleted.
970         * dom/MouseEvent.h:
971         * dom/SimulatedClick.cpp: Added.
972         (WebCore::simulateMouseEvent):
973         (WebCore::simulateClick):
974         * dom/SimulatedClick.h: Added.
975         * html/HTMLElement.cpp:
976         (WebCore::HTMLElement::click):
977
978 2016-02-15  Joseph Pecoraro  <pecoraro@apple.com>
979
980         Web Inspector: Web Workers have no access to console for debugging
981         https://bugs.webkit.org/show_bug.cgi?id=26237
982
983         Reviewed by Timothy Hatcher.
984
985         This adds the most basic console message support to Workers.
986         Messages logged from workers get surfaced through the Page's console.
987         This lacks support for logging and interacting with arguments,
988         which would be addressed when adding more complete Worker
989         debugging tools.
990
991         Test: inspector/console/messageAdded-from-worker.html
992
993         * CMakeLists.txt:
994         * WebCore.xcodeproj/project.pbxproj:
995         Add new files.
996
997         * bindings/js/WorkerScriptController.cpp:
998         (WebCore::WorkerScriptController::~WorkerScriptController):
999         (WebCore::WorkerScriptController::initScript):
1000         Set the ConsoleClient for the Worker's global object. We route
1001         the messages to the Page's console.
1002
1003         * bindings/js/WorkerScriptController.h:
1004         * workers/WorkerConsoleClient.h: Added.
1005         * workers/WorkerConsoleClient.cpp: Added.
1006         (WebCore::WorkerConsoleClient::WorkerConsoleClient):
1007         (WebCore::WorkerConsoleClient::~WorkerConsoleClient):
1008         (WebCore::WorkerConsoleClient::profile):
1009         (WebCore::WorkerConsoleClient::profileEnd):
1010         (WebCore::WorkerConsoleClient::count):
1011         (WebCore::WorkerConsoleClient::time):
1012         (WebCore::WorkerConsoleClient::timeEnd):
1013         (WebCore::WorkerConsoleClient::timeStamp):
1014         Stub most console methods in a Worker.
1015
1016         (WebCore::WorkerConsoleClient::messageWithTypeAndLevel):
1017         Send worker log messages to the global scope and on to the main page.
1018
1019         * workers/WorkerGlobalScope.h:
1020         * workers/WorkerGlobalScope.cpp:
1021         (WebCore::WorkerGlobalScope::addConsoleMessage):
1022         (WebCore::WorkerGlobalScope::addMessageToWorkerConsole):
1023         Ideally we want to converge on simple addConsoleMessage
1024         APIs that just take a ConsoleMessage, without a barrage
1025         of parameters. Add these versions now.
1026
1027 2016-02-15  Alex Christensen  <achristensen@webkit.org>
1028
1029         CMake build fix.
1030
1031         * PlatformMac.cmake:
1032
1033 2016-02-15  Chris Dumez  <cdumez@apple.com>
1034
1035         Regression(r196563): It is no longer possible to call window.addEventListener without an explicit 'this'
1036         https://bugs.webkit.org/show_bug.cgi?id=154245
1037
1038         Reviewed by Ryosuke Niwa.
1039
1040         This patch adds support for calling the EventListener API without an
1041         explicit 'this' value. If no explicit 'this' value is passed, then we
1042         fall back to using the global object. This matches Chrome and Firefox's
1043         behavior. It also fixes the Dromaeo/cssquery-dojo.html test.
1044
1045         Test: fast/dom/Window/addEventListener-implicit-this.html
1046
1047         * bindings/scripts/CodeGeneratorJS.pm:
1048         (GenerateFunctionCastedThis):
1049
1050 2016-02-14  Gavin Barraclough  <barraclough@apple.com>
1051
1052         Organize, deduplicate & comment JSDOMWindowCustom getOwnPropertySlot
1053         https://bugs.webkit.org/show_bug.cgi?id=154224
1054
1055         Reviewed by Chris Dumez.
1056
1057         * bindings/js/JSDOMWindowCustom.cpp:
1058         (WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
1059         (WebCore::jsDOMWindowGetOwnPropertySlotNamedItemGetter):
1060         (WebCore::JSDOMWindow::getOwnPropertySlot):
1061         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
1062             - organized property access sequence into a more logical order, removed
1063               duplicated code & added comments.
1064         (WebCore::namedItemGetter): Deleted.
1065             - there was no need for a custom callback here; merged functionality into
1066               jsDOMWindowGetOwnPropertySlotNamedItemGetter.
1067         (WebCore::jsDOMWindowGetOwnPropertySlotCrossOrigin): Deleted.
1068             - renamed to jsDOMWindowGetOwnPropertySlotRestrictedAccess
1069               (this now also handles frameless access).
1070
1071 2016-02-15  Daniel Bates  <dabates@apple.com>
1072
1073         CSP: 'sandbox' should be ignored in report-only mode
1074         https://bugs.webkit.org/show_bug.cgi?id=153167
1075         <rdar://problem/22708669>
1076
1077         Reviewed by Brent Fulgham.
1078
1079         Merged from Blink (patch by Mike West):
1080         <https://src.chromium.org/viewvc/blink?revision=165322&view=revision>
1081
1082         * page/csp/ContentSecurityPolicy.cpp:
1083         (WebCore::ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode): Added. Logs a
1084         console message to the console to explain that the specified directive is invalid in
1085         report-only mode.
1086         * page/csp/ContentSecurityPolicy.h:
1087         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
1088         (WebCore::ContentSecurityPolicyDirectiveList::applySandboxPolicy): Do not apply sandbox
1089         policy when in report-only mode and call ContentSecurityPolicy::reportInvalidDirectiveInReportOnlyMode()
1090         to log a message to the console.
1091
1092 2016-02-15  Daniel Bates  <dabates@apple.com>
1093
1094         CSP: Allow schemeless source expressions to match an HTTP or HTTPS resource
1095         https://bugs.webkit.org/show_bug.cgi?id=154177
1096         <rdar://problem/22708772>
1097
1098         Reviewed by Brent Fulgham.
1099
1100         Allow a schemeless source expression to match an HTTP or HTTPS subresource when the page is
1101         delivered over HTTP as per section Matching Source Expressions of the Content Security Policy
1102         2.0 spec., <https://www.w3.org/TR/2015/CR-CSP2-20150721/> (21 July 2015).
1103
1104         Currently we have logic that implements this functionality, but it is guarded behind the compile-
1105         time macro ENABLE(CSP_NEXT) that is disabled by default. Instead we should always compile such
1106         code. In subsequent commits we will move more code out from under the ENABLE(CSP_NEXT)-guard
1107         towards removing the ENABLE_CSP_NEXT macro entirely.
1108
1109         * page/csp/ContentSecurityPolicy.cpp:
1110         (WebCore::ContentSecurityPolicy::protocolMatchesSelf):
1111
1112 2016-02-15  Konstantin Tokarev  <annulen@yandex.ru>
1113
1114         [cmake] Consolidated Linux-specific file lists.
1115         https://bugs.webkit.org/show_bug.cgi?id=154219
1116
1117         Reviewed by Gyuyoung Kim.
1118
1119         No new tests needed.
1120
1121         * PlatformEfl.cmake: Moved Linux files and include dir to Linux.cmake.
1122         * PlatformGTK.cmake: Ditto.
1123         * platform/Linux.cmake: Added.
1124
1125 2016-02-15  Csaba Osztrogonác  <ossy@webkit.org>
1126
1127         Fix the !(ENABLE(SVG_FONTS) || ENABLE(SVG_OTF_CONVERTER)) build after r196322
1128         https://bugs.webkit.org/show_bug.cgi?id=154104
1129
1130         Reviewed by Myles C. Maxfield.
1131
1132         * css/CSSFontFaceSource.cpp:
1133         (WebCore::CSSFontFaceSource::CSSFontFaceSource):
1134
1135 2016-02-14  Antti Koivisto  <antti@apple.com>
1136
1137         Add test for class change style invalidation optimization
1138         https://bugs.webkit.org/show_bug.cgi?id=154226
1139
1140         Reviewed by Myles Maxfield.
1141
1142         Test for https://trac.webkit.org/r196383
1143
1144         Add internals.styleChangeType function.
1145
1146         Test: fast/css/style-invalidation-class-change-descendants.html
1147
1148         * testing/Internals.cpp:
1149         (WebCore::Internals::nodeNeedsStyleRecalc):
1150         (WebCore::asString):
1151         (WebCore::Internals::styleChangeType):
1152         (WebCore::Internals::description):
1153         * testing/Internals.h:
1154         * testing/Internals.idl:
1155
1156 2016-02-14  Simon Fraser  <simon.fraser@apple.com>
1157
1158         [CSS Filters] When applying an SVG filter on a composited image using CSS the image is rendered without the filter
1159         https://bugs.webkit.org/show_bug.cgi?id=154108
1160
1161         Reviewed by Sam Weinig.
1162         
1163         When checking whether we can directly composite an image, we need to check for software-rendered
1164         filters.
1165
1166         Test: compositing/filters/simple-image-with-svg-filter.html
1167
1168         * rendering/RenderLayerBacking.cpp:
1169         (WebCore::RenderLayerBacking::isDirectlyCompositedImage):
1170
1171 2016-02-14  Chris Dumez  <cdumez@apple.com>
1172
1173         Drop the [EventTarget] WebKit-specific IDL extended attribute
1174         https://bugs.webkit.org/show_bug.cgi?id=154171
1175
1176         Reviewed by Sam Weinig.
1177
1178         Drop the [EventTarget] WebKit-specific IDL extended attribute now that
1179         all interfaces inherit EventTarget when they should.
1180
1181         No new tests, no Web-Exposed behavior change.
1182
1183         * Modules/battery/BatteryManager.idl:
1184         * Modules/encryptedmedia/MediaKeySession.idl:
1185         * Modules/indexeddb/IDBDatabase.idl:
1186         * Modules/indexeddb/IDBOpenDBRequest.idl:
1187         * Modules/indexeddb/IDBRequest.idl:
1188         * Modules/indexeddb/IDBTransaction.idl:
1189         * Modules/mediasession/MediaRemoteControls.idl:
1190         * Modules/mediasource/MediaSource.idl:
1191         * Modules/mediasource/SourceBuffer.idl:
1192         * Modules/mediasource/SourceBufferList.idl:
1193         * Modules/mediastream/MediaStream.idl:
1194         * Modules/mediastream/MediaStreamTrack.idl:
1195         * Modules/mediastream/RTCDTMFSender.idl:
1196         * Modules/mediastream/RTCDataChannel.idl:
1197         * Modules/mediastream/RTCPeerConnection.idl:
1198         * Modules/notifications/Notification.idl:
1199         * Modules/speech/SpeechSynthesisUtterance.idl:
1200         * Modules/webaudio/AudioContext.idl:
1201         * Modules/webaudio/AudioNode.idl:
1202         * Modules/webaudio/OfflineAudioContext.idl:
1203         * Modules/websockets/WebSocket.idl:
1204         * bindings/scripts/CodeGeneratorGObject.pm:
1205         (ImplementsInterface):
1206         (SkipFunction): Deleted.
1207         (GenerateCFile): Deleted.
1208         * bindings/scripts/CodeGeneratorJS.pm:
1209         (InstanceNeedsVisitChildren):
1210         (GenerateImplementation):
1211         * bindings/scripts/IDLAttributes.txt:
1212         * bindings/scripts/test/TestEventTarget.idl:
1213         * bindings/scripts/test/TestNode.idl:
1214         * css/FontLoader.idl:
1215         * dom/EventTarget.idl:
1216         * dom/MessagePort.idl:
1217         * dom/Node.idl:
1218         * dom/WebKitNamedFlow.idl:
1219         * fileapi/FileReader.idl:
1220         * html/MediaController.idl:
1221         * html/track/AudioTrackList.idl:
1222         * html/track/TextTrack.idl:
1223         * html/track/TextTrackCue.idl:
1224         * html/track/TextTrackList.idl:
1225         * html/track/VideoTrackList.idl:
1226         * loader/appcache/DOMApplicationCache.idl:
1227         * page/DOMWindow.idl:
1228         * page/EventSource.idl:
1229         * page/Performance.idl:
1230         * workers/WorkerGlobalScope.idl:
1231         * xml/XMLHttpRequest.idl:
1232         * xml/XMLHttpRequestUpload.idl:
1233
1234 2016-02-14  Chris Dumez  <cdumez@apple.com>
1235
1236         Unreviewed attempt to fix the Mac CMake build after r196136
1237
1238         * PlatformMac.cmake:
1239
1240 2016-02-14  Chris Dumez  <cdumez@apple.com>
1241
1242         Unreviewed attempt to fix the Windows build.
1243
1244         * Modules/webdatabase/Database.cpp:
1245         * bridge/c/c_utility.cpp:
1246         * platform/MemoryPressureHandler.cpp:
1247
1248 2016-02-14  Chris Dumez  <cdumez@apple.com>
1249
1250         Window and WorkerGlobalScope should inherit EventTarget
1251         https://bugs.webkit.org/show_bug.cgi?id=154170
1252         <rdar://problem/24642377>
1253
1254         Reviewed by Darin Adler.
1255
1256         Window and WorkerGlobalScope should inherit EventTarget instead of
1257         duplicating the EventTarget API in their IDL. These were the last
1258         interfaces that needed fixing. The next step will be to get rid
1259         of the [EventTarget] IDL extended attribute and rely entirely
1260         on the EventTarget inheritance.
1261
1262         Test:
1263         - fast/frames/detached-frame-eventListener.html
1264         - Covered by existing tests.
1265
1266         * WebCore.xcodeproj/project.pbxproj:
1267         Add JSEventTargetCustom.h header to the project.
1268
1269         * bindings/js/JSDOMWindowCustom.cpp:
1270         Drop custom bindings for Window's addEventListener() and
1271         removeEventListener(). The only reason these needed custom
1272         code was to add a check for frameless windows. The frameless
1273         Window checks was moved to the respective methods in the
1274         JSEventTarget generated bindings.
1275
1276         * bindings/js/JSDOMWindowShell.cpp:
1277         (WebCore::JSDOMWindowShell::setWindow):
1278         Set WindowPrototype's prototype to EventTarget's prototype.
1279
1280         * bindings/js/JSDOMWindowShell.h:
1281         * bindings/js/JSDictionary.cpp:
1282         Include "DOMWindow.h" to fix the build.
1283
1284         * bindings/js/JSEventTargetCustom.cpp:
1285         (WebCore::JSEventTarget::toWrapped):
1286         Handle DOMWindow and WorkerGlobalScope explicitely in toWrapped()
1287         and get rid of the DOM_EVENT_TARGET_INTERFACES_FOR_EACH(TRY_TO_UNWRAP_WITH_INTERFACE)
1288         now that all interfaces inherit EventTarget when they should.
1289         The reason DOMWindow and WorkerGlobalScope still need special
1290         handling is because their wrappers (JSDOMWindow /
1291         JSWorkerGlobalScope) do not subclass JSEventTarget.
1292
1293         (WebCore::JSEventTargetOrGlobalScope::create):
1294         * bindings/js/JSEventTargetCustom.h: Added.
1295         (WebCore::JSEventTargetOrGlobalScope::wrapped):
1296         (WebCore::JSEventTargetOrGlobalScope::operator JSC::JSObject&):
1297         (WebCore::JSEventTargetOrGlobalScope::JSEventTargetOrGlobalScope):
1298         Add a wrapper type for JSEventTarget / JSDOMWindow and
1299         JSWorkerGlobalScope for use in the generated bindings. This is
1300         needed because JSDOMWindow and JSWorkerGlobalScope do not
1301         subclass JSEventTarget. Subclassing JSEventTarget would be
1302         complicated for them because they already subclass
1303         JSDOMWindowBase / JSWorkerGlobalScopeBase, which subclasses
1304         JSDOMGlobalObject.
1305
1306         * bindings/js/WorkerScriptController.cpp:
1307         (WebCore::WorkerScriptController::initScript):
1308         Set WorkerGlobalScopePrototype's prototype to EventTarget's prototype.
1309
1310         * bindings/scripts/CodeGeneratorJS.pm:
1311         (ShouldGenerateToJSDeclaration):
1312         Do not generate to toJS() implementation for interfaces that use
1313         the [CustomProxyToJSObject] IDL extended attribute, even if they
1314         inherit EventTarget.
1315
1316         (GetCastingHelperForThisObject):
1317         To initialize castedThis from thisValue JSValue, we now use the
1318         JSEventTargetOrGlobalScope wrapper for the EventTarget
1319         implementation. This is to work around the fact that JSDOMWindow
1320         and JSWorkerGlobalScope do not subclass JSEventTarget.
1321
1322         (GenerateFunctionCastedThis):
1323         - Drop code handling [WorkerGlobalScope] IDL extended attribute
1324           as there is no such attribute.
1325         - Use auto instead of auto* type for castedThis because
1326           JSEventTargetOrGlobalScope::create() returns a unique_ptr.
1327         - Do not check that castedThis inherits JSEventTarget in the
1328           EventTarget bindings code as this no longer holds true.
1329
1330         (GenerateImplementation):
1331         Generate frameless window() and security checks for EventTarget
1332         methods when thisValue is a JSDOMWindow.
1333
1334         * dom/EventTarget.idl:
1335         Add [JSCustomHeader] IDL Extended attribute as we need a header
1336         to expose JSEventTargetOrGlobalScope class.
1337
1338         * page/DOMWindow.idl:
1339         * workers/WorkerGlobalScope.idl:
1340         Inherit EventTarget and stop duplicating the EventTarget API.
1341         This matches the HTML specification.
1342
1343 2016-02-14  Darin Adler  <darin@apple.com>
1344
1345         Small tweaks to some SimpleLineLayout code
1346         https://bugs.webkit.org/show_bug.cgi?id=154229
1347
1348         Reviewed by Zalan Bujtas.
1349
1350         * rendering/SimpleLineLayoutFunctions.cpp:
1351         (WebCore::SimpleLineLayout::paintFlow): Use std::ceil instead of ceilf.
1352         Use auto instead of const auto& for a for loop where the local object is
1353         copied and not a reference.
1354         (WebCore::SimpleLineLayout::hitTestFlow): Use modern for loop.
1355         (WebCore::SimpleLineLayout::collectFlowOverflow): Use std::ceil instead of
1356         ceilf. Use a modern for loop, and use slightly more descriptive local
1357         variable names.
1358         (WebCore::SimpleLineLayout::computeBoundingBox): Use auto instead of
1359         const auto& as above.
1360         (WebCore::SimpleLineLayout::computeFirstRunLocation): Use auto and use
1361         the name "range" for the range rather than the name "it", since the range
1362         is not an iterator.
1363         (WebCore::SimpleLineLayout::collectAbsoluteRects): Use auto instead of
1364         const auto& as above.
1365         (WebCore::SimpleLineLayout::collectAbsoluteQuads): Ditto.
1366         (WebCore::SimpleLineLayout::showLineLayoutForFlow): Use modern for loop.
1367
1368         * rendering/SimpleLineLayoutResolver.cpp:
1369         (WebCore::SimpleLineLayout::RunResolver::Run::text): Convert from a String
1370         to a StringView using the StringView constructor instead of writing out
1371         explicit 8-bit and 16-bit cases.
1372
1373 2016-02-13  Antti Koivisto  <antti@apple.com>
1374
1375         Factor class change style invalidation code into a class
1376         https://bugs.webkit.org/show_bug.cgi?id=154163
1377
1378         Reviewed by Andreas Kling.
1379
1380         Factor this piece of functionality out of Element and into ClassChangeInvalidation class.
1381
1382         * CMakeLists.txt:
1383         * WebCore.vcxproj/WebCore.vcxproj:
1384         * WebCore.xcodeproj/project.pbxproj:
1385         * dom/Element.cpp:
1386         (WebCore::classStringHasClassName):
1387         (WebCore::Element::classAttributeChanged):
1388         (WebCore::collectClasses): Deleted.
1389         (WebCore::computeClassChange): Deleted.
1390         (WebCore::invalidateStyleForClassChange): Deleted.
1391         * style/ClassChangeInvalidation.cpp: Added.
1392         (WebCore::Style::ClassChangeInvalidation::computeClassChange):
1393         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
1394         * style/ClassChangeInvalidation.h: Added.
1395         (WebCore::Style::ClassChangeInvalidation::needsInvalidation):
1396         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
1397         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
1398
1399 2016-02-13  Myles C. Maxfield  <mmaxfield@apple.com>
1400
1401         [Win] [SVG -> OTF Converter] SVG fonts drawn into ImageBuffers are invisible
1402         https://bugs.webkit.org/show_bug.cgi?id=154222
1403
1404         Reviewed by Antti Koivisto.
1405
1406         Windows ImageBuffer code is sensitive to broken bounding box and
1407         descent code.
1408
1409         Covered by existing tests.
1410
1411         * svg/SVGToOTFFontConversion.cpp:
1412         (WebCore::SVGToOTFFontConverter::appendHHEATable):
1413         (WebCore::SVGToOTFFontConverter::appendOS2Table):
1414         (WebCore::SVGToOTFFontConverter::processGlyphElement):
1415         (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):
1416
1417 2016-02-13  Antti Koivisto  <antti@apple.com>
1418
1419         Add version number for default stylesheet
1420         https://bugs.webkit.org/show_bug.cgi?id=154220
1421
1422         Reviewed by Ryosuke Niwa.
1423
1424         We currently fail to update RuleFeatureSets for shadow trees when the default stylesheet grows
1425         (for example when media controls stylesheet is initialized).
1426
1427         No test since this is not causing known bugs. It is blocking optimizations in shadow trees that
1428         rely on rule features being up-to-date.
1429
1430         * css/CSSDefaultStyleSheets.cpp:
1431         (WebCore::CSSDefaultStyleSheets::loadSimpleDefaultStyle):
1432         (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):
1433
1434             Increment version number when the default stylesheet changes.
1435
1436         * css/CSSDefaultStyleSheets.h:
1437         * css/DocumentRuleSets.cpp:
1438         (WebCore::DocumentRuleSets::appendAuthorStyleSheets):
1439         (WebCore::DocumentRuleSets::collectFeatures):
1440
1441             Store the current default stylesheet version number.
1442
1443         * css/DocumentRuleSets.h:
1444         (WebCore::DocumentRuleSets::features):
1445
1446             Collect features again if the default stylesheet has changed.
1447
1448         * css/StyleResolver.cpp:
1449         (WebCore::StyleResolver::styleForElement):
1450
1451 2016-02-13  Konstantin Tokarev  <annulen@yandex.ru>
1452
1453         [cmake] Consolidate building of GStreamer and OpenWebRTC code.
1454         https://bugs.webkit.org/show_bug.cgi?id=154116
1455
1456         Reviewed by Michael Catanzaro.
1457
1458         No new tests needed.
1459
1460         * PlatformEfl.cmake: Migrated shared code to GStreamer.cmake.
1461         * PlatformGTK.cmake: Ditto.
1462         * platform/GStreamer.cmake: Added.
1463
1464 2016-02-13  Mark Lam  <mark.lam@apple.com>
1465
1466         Add thread violation checks to WebView public APIs.
1467         https://bugs.webkit.org/show_bug.cgi?id=154183
1468
1469         Reviewed by Timothy Hatcher.
1470
1471         No new tests.  Just adding a new thread violation round.
1472
1473         * platform/ThreadCheck.h:
1474         * platform/mac/ThreadCheck.mm:
1475         - Adding WebCoreThreadViolationCheckRoundThree().
1476
1477 2016-02-12  Nan Wang  <n_wang@apple.com>
1478
1479         AX: Implement paragraph related text marker functions using TextIterator
1480         https://bugs.webkit.org/show_bug.cgi?id=154098
1481         <rdar://problem/24269675>
1482
1483         Reviewed by Chris Fleizach.
1484
1485         Using CharacterOffset to implement paragraph related text marker calls. Reused
1486         logic from VisibleUnits class. And refactored textMarkerForCharacterOffset method
1487         to get better performance. Also fixed an issue where we can't navigate through a text
1488         node with line breaks in it using next/previousCharacterOffset call.
1489
1490         Test: accessibility/mac/text-marker-paragraph-nav.html
1491
1492         * accessibility/AXObjectCache.cpp:
1493         (WebCore::AXObjectCache::traverseToOffsetInRange):
1494         (WebCore::AXObjectCache::startOrEndTextMarkerDataForRange):
1495         (WebCore::AXObjectCache::characterOffsetForNodeAndOffset):
1496         (WebCore::AXObjectCache::textMarkerDataForCharacterOffset):
1497         (WebCore::AXObjectCache::textMarkerDataForNextCharacterOffset):
1498         (WebCore::AXObjectCache::textMarkerDataForPreviousCharacterOffset):
1499         (WebCore::AXObjectCache::nextNode):
1500         (WebCore::AXObjectCache::textMarkerDataForVisiblePosition):
1501         (WebCore::AXObjectCache::nextCharacterOffset):
1502         (WebCore::AXObjectCache::previousCharacterOffset):
1503         (WebCore::startWordBoundary):
1504         (WebCore::AXObjectCache::startCharacterOffsetOfWord):
1505         (WebCore::AXObjectCache::endCharacterOffsetOfWord):
1506         (WebCore::AXObjectCache::previousWordStartCharacterOffset):
1507         (WebCore::AXObjectCache::previousWordBoundary):
1508         (WebCore::AXObjectCache::startCharacterOffsetOfParagraph):
1509         (WebCore::AXObjectCache::endCharacterOffsetOfParagraph):
1510         (WebCore::AXObjectCache::paragraphForCharacterOffset):
1511         (WebCore::AXObjectCache::nextParagraphEndCharacterOffset):
1512         (WebCore::AXObjectCache::previousParagraphStartCharacterOffset):
1513         (WebCore::AXObjectCache::rootAXEditableElement):
1514         * accessibility/AXObjectCache.h:
1515         (WebCore::CharacterOffset::remaining):
1516         (WebCore::CharacterOffset::isNull):
1517         (WebCore::CharacterOffset::isEqual):
1518         (WebCore::AXObjectCache::isNodeInUse):
1519         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1520         (+[WebAccessibilityTextMarker textMarkerWithCharacterOffset:cache:]):
1521         (-[WebAccessibilityObjectWrapper nextMarkerForCharacterOffset:]):
1522         (-[WebAccessibilityObjectWrapper previousMarkerForCharacterOffset:]):
1523         (-[WebAccessibilityObjectWrapper rangeForTextMarkers:]):
1524         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1525         (startOrEndTextmarkerForRange):
1526         (nextTextMarkerForCharacterOffset):
1527         (previousTextMarkerForCharacterOffset):
1528         (-[WebAccessibilityObjectWrapper nextTextMarkerForCharacterOffset:]):
1529         (-[WebAccessibilityObjectWrapper previousTextMarkerForCharacterOffset:]):
1530         (-[WebAccessibilityObjectWrapper textMarkerForCharacterOffset:]):
1531         (textMarkerForCharacterOffset):
1532         (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
1533         (-[WebAccessibilityObjectWrapper nextTextMarkerForNode:offset:]): Deleted.
1534         (-[WebAccessibilityObjectWrapper previousTextMarkerForNode:offset:]): Deleted.
1535         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:ignoreStart:]): Deleted.
1536         (-[WebAccessibilityObjectWrapper textMarkerForNode:offset:]): Deleted.
1537         * editing/VisibleUnits.cpp:
1538         (WebCore::nextSentencePosition):
1539         (WebCore::findStartOfParagraph):
1540         (WebCore::findEndOfParagraph):
1541         (WebCore::startOfParagraph):
1542         (WebCore::endOfParagraph):
1543         * editing/VisibleUnits.h:
1544
1545 2016-02-12  Ryan Haddad  <ryanhaddad@apple.com>
1546
1547         Reset results for bindings tests after r196520
1548
1549         Unreviewed test gardening.
1550
1551         No new tests needed.
1552
1553         * bindings/scripts/test/GObject/WebKitDOMTestEventTarget.cpp:
1554         (webkit_dom_test_event_target_dispatch_event):
1555         * bindings/scripts/test/GObject/WebKitDOMTestNode.cpp:
1556         (webkit_dom_test_node_dispatch_event):
1557
1558 2016-02-12  Saam barati  <sbarati@apple.com>
1559
1560         Attempting build fix from https://bugs.webkit.org/show_bug.cgi?id=154144.
1561
1562         * bindings/js/JSDOMGlobalObject.cpp:
1563         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
1564
1565 2016-02-12  Daniel Bates  <dabates@apple.com>
1566
1567         CSP: 'blob:' URLs should not match 'self' in CSP source expression lists.
1568         https://bugs.webkit.org/show_bug.cgi?id=153158
1569         <rdar://problem/24383264>
1570
1571         Reviewed by Brent Fulgham.
1572
1573         A blob URL should not match source 'self' by section Security Considerations for GUID URL schemes
1574         of the Content Security Policy 2.0 spec., <https://www.w3.org/TR/CSP2/> (21 July 2015).
1575
1576         Tests: http/tests/security/contentSecurityPolicy/blob-url-does-not-match-source-self.html
1577                http/tests/security/contentSecurityPolicy/blob-url-matches-source-blob.html
1578
1579         * page/csp/ContentSecurityPolicySourceList.cpp:
1580         (WebCore::ContentSecurityPolicySourceList::matches): Do not make a distinction between URLs that
1581         contain a nested URL (e.g. blob://http://www.example.com/...) and URLs that do not contain a nested
1582         URL. The URL of the requested resource should be matched against the source list source expressions.
1583
1584 2016-02-12  Daniel Bates  <dabates@apple.com>
1585
1586         CSP: Implement child-src directive
1587         https://bugs.webkit.org/show_bug.cgi?id=153562
1588         <rdar://problem/24610087>
1589
1590         Reviewed by Brent Fulgham.
1591
1592         Add support for the child-src directive, <https://w3c.github.io/webappsec-csp/2/#child_src> (29 August 2015),
1593         which formally replaces the deprecated frame-src directive as of the Content Security Policy 2.0 spec. The
1594         child-src directive was first introduced in the Content Security Policy 1.1 spec, <https://www.w3.org/TR/2014/WD-CSP11-20140211/>.
1595
1596         As a side effect of this change, the script URL for a Web Worker is checked against the child-src directive
1597         as opposed to the script-src directive. This is a backward incompatible change from the CSP 1.0 spec.
1598
1599         Tests: http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-blocked.html
1600                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-fires-load-event-when-redirect-blocked.html
1601                http/tests/security/contentSecurityPolicy/1.1/child-src/frame-src-takes-precedence-over-child-src.html
1602                http/tests/security/contentSecurityPolicy/1.1/child-src/worker-redirect-blocked.html
1603                http/tests/security/isolatedWorld/bypass-main-world-csp-worker-redirect.html
1604
1605         * loader/DocumentThreadableLoader.cpp:
1606         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Check child-src directive (if applicable).
1607         * loader/ThreadableLoader.h: Add enum value EnforceChildSrcDirective to enum class ContentSecurityPolicyEnforcement to
1608         enforce the child-src directive on redirect.
1609         * page/csp/ContentSecurityPolicy.cpp:
1610         (WebCore::ContentSecurityPolicy::allowChildContextFromSource): Added.
1611         * page/csp/ContentSecurityPolicy.h:
1612         * page/csp/ContentSecurityPolicyDirectiveList.cpp:
1613         (WebCore::ContentSecurityPolicyDirectiveList::checkSourceAndReportViolation): Add message prefix for a child-src violation.
1614         We use the same message prefix as used by Blink.
1615         (WebCore::ContentSecurityPolicyDirectiveList::allowChildContextFromSource): Added.
1616         (WebCore::ContentSecurityPolicyDirectiveList::allowChildFrameFromSource): Modified to check the frame-src
1617         directive (if specified) before checking the child-src directive by <https://w3c.github.io/webappsec-csp/2/#directive-child-src-nested>.
1618         (WebCore::ContentSecurityPolicyDirectiveList::addDirective): Parse the child-src directive.
1619         * page/csp/ContentSecurityPolicyDirectiveList.h:
1620         * workers/AbstractWorker.cpp:
1621         (WebCore::AbstractWorker::resolveURL): Check if the script URL for the worker is allowed by the child-src directive
1622         as opposed to the script-src directive. This is a backwards incompatible change from the CSP 1.0 spec.
1623         * workers/Worker.cpp:
1624         (WebCore::Worker::create): Enforce the child-src directive on redirects (if applicable).
1625
1626 2016-02-12  Saam barati  <sbarati@apple.com>
1627
1628         The parser doesn't properly protect against global variable references in builtins
1629         https://bugs.webkit.org/show_bug.cgi?id=154144
1630
1631         Reviewed by Geoffrey Garen.
1632
1633         Change JS builtins to no longer reference global variables.
1634
1635         No new tests because old tests cover the issues here.
1636
1637         * Modules/mediastream/NavigatorUserMedia.js:
1638         (webkitGetUserMedia):
1639         * Modules/mediastream/RTCPeerConnection.js:
1640         (addIceCandidate):
1641         (getStats):
1642         * Modules/mediastream/RTCPeerConnectionInternals.js:
1643         (setLocalOrRemoteDescription):
1644         * Modules/plugins/QuickTimePluginReplacement.js:
1645         (Replacement.prototype.handleEvent):
1646         * Modules/streams/ByteLengthQueuingStrategy.js:
1647         (initializeByteLengthQueuingStrategy):
1648         * Modules/streams/CountQueuingStrategy.js:
1649         (initializeCountQueuingStrategy):
1650         * Modules/streams/ReadableStreamInternals.js:
1651         (teeReadableStream):
1652         * bindings/js/JSDOMGlobalObject.cpp:
1653         (WebCore::JSDOMGlobalObject::addBuiltinGlobals):
1654         * bindings/js/WebCoreBuiltinNames.h:
1655
1656 2016-02-12  Jiewen Tan  <jiewen_tan@apple.com>
1657
1658         WebKit should expose the DOM 4 Event.isTrusted property
1659         https://bugs.webkit.org/show_bug.cgi?id=76121
1660         <rdar://problem/22558494>
1661
1662         Reviewed by Darin Adler.
1663
1664         Implements Event.isTrusted. The implementation here is slitely different from and better than
1665         the DOM specification. Here Event.isTrusted will be initialized differently depending on the
1666         callers of the constructors/create methods. If the caller is from user agent, the isTrusted
1667         will be true. Otherwise, it will be false. Since a user agent dispatched event can be catched
1668         and re-initialized/redispatched by the bindings, the flag will be unset at *Event::init*Event
1669         and EventTarget::dispatchEventForBindings. As currently there is no way to let user agent to
1670         dispatch a bindings created event, therefore we ensure that the Event.isTrusted is set for
1671         events dispatched by user agent, and unset for those by bindings.
1672
1673         EventTarget::dispatchEvent(Event*, ExceptionCode&) is renamed to EventTarget::dispatchEventForBindings
1674         in this patch as well. So that, together with the improved design of the API, developers in
1675         the future will be less likely using a wrong dispatchEvent method and setting Event.isTrusted
1676         incorrectly comparing to the DOM design.
1677
1678         After this patch, all events that are created by user agent should be dispatched by
1679         EventTarget::dispatchEvent, and those are created by bindings should be dispatched by
1680         EventTarget::dispatchEventForBindings.
1681
1682         Some of the changes in this patch referred Blink r198996:
1683         https://codereview.chromium.org/1241613004
1684
1685         Test: imported/blink/fast/events/event-trusted.html
1686
1687         * bindings/scripts/CodeGeneratorGObject.pm:
1688         (GenerateEventTargetIface):
1689         * dom/Event.cpp:
1690         (WebCore::Event::Event):
1691         (WebCore::Event::initEvent):
1692         * dom/Event.h:
1693         (WebCore::Event::isTrusted):
1694         (WebCore::Event::setUntrusted):
1695         * dom/Event.idl:
1696         * dom/EventTarget.cpp:
1697         (WebCore::EventTarget::dispatchEventForBindings):
1698         (WebCore::EventTarget::dispatchEvent): Deleted.
1699         * dom/EventTarget.h:
1700         * dom/EventTarget.idl:
1701         * page/DOMWindow.idl:
1702         * page/EventHandler.cpp:
1703         (WebCore::EventHandler::dispatchDragEvent):
1704         * workers/WorkerGlobalScope.idl:
1705
1706 2016-02-12  Brady Eidson  <beidson@apple.com>
1707
1708         Modern IDB: IDBObjectStore and IDBIndex need to be ActiveDOMObjects.
1709         https://bugs.webkit.org/show_bug.cgi?id=154153
1710
1711         Reviewed by Alex Christensen.
1712
1713         No new tests (No testable change in behavior).
1714
1715         This is needed so that IDBObjectStore and IDBIndex JS wrappers are not garbage collected
1716         while their IDBTransaction is still in progress.
1717
1718         * Modules/indexeddb/client/IDBIndexImpl.cpp:
1719         (WebCore::IDBClient::IDBIndex::IDBIndex):
1720         (WebCore::IDBClient::IDBIndex::activeDOMObjectName):
1721         (WebCore::IDBClient::IDBIndex::canSuspendForDocumentSuspension):
1722         (WebCore::IDBClient::IDBIndex::hasPendingActivity):
1723         * Modules/indexeddb/client/IDBIndexImpl.h:
1724         
1725         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
1726         (WebCore::IDBClient::IDBObjectStore::create):
1727         (WebCore::IDBClient::IDBObjectStore::IDBObjectStore):
1728         (WebCore::IDBClient::IDBObjectStore::activeDOMObjectName):
1729         (WebCore::IDBClient::IDBObjectStore::canSuspendForDocumentSuspension):
1730         (WebCore::IDBClient::IDBObjectStore::hasPendingActivity):
1731         (WebCore::IDBClient::IDBObjectStore::index):
1732         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
1733         
1734         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
1735         (WebCore::IDBClient::IDBTransaction::objectStore):
1736         (WebCore::IDBClient::IDBTransaction::createObjectStore):
1737         (WebCore::IDBClient::IDBTransaction::createIndex):
1738
1739 2016-02-12  Brady Eidson  <beidson@apple.com>
1740
1741         Modern IDB: Simplify the relationship between IDBObjectStore and IDBIndex.
1742         https://bugs.webkit.org/show_bug.cgi?id=154187
1743
1744         Reviewed by Alex Christensen.
1745
1746         Tests: storage/indexeddb/modern/deleteindex-3-private.html
1747                storage/indexeddb/modern/deleteindex-3.html
1748
1749         Instead of allowing IDBIndex to have two different lifecycle modes, it is now always
1750         owned by an IDBObjectStore.
1751         
1752         To support the case where an IDBIndex is deleted from its IDBObjectStore, the object
1753         store simply hangs on to deleted indexes until it is destroyed itself.
1754         
1755         * Modules/indexeddb/client/IDBIndexImpl.cpp:
1756         (WebCore::IDBClient::IDBIndex::markAsDeleted):
1757         (WebCore::IDBClient::IDBIndex::ref):
1758         (WebCore::IDBClient::IDBIndex::deref):
1759         * Modules/indexeddb/client/IDBIndexImpl.h:
1760         
1761         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
1762         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
1763         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
1764
1765 2016-02-12  Myles C. Maxfield  <mmaxfield@apple.com>
1766
1767         [CSS Font Loading] Implement CSSFontFace Boilerplate
1768         https://bugs.webkit.org/show_bug.cgi?id=154145
1769
1770         Reviewed by Dean Jackson.
1771
1772         The CSS Font Loading spec[1] dictates that the FontFace object needs to have string
1773         accessors and mutators for a bunch of properties. Our CSSFontFace object currently
1774         contains this parsed information, but it isn't accessible via string-based methods.
1775         This patch adds the necessary accessors and mutators, and migrates CSSFontSelector
1776         to use these mutators where necessary.
1777
1778         There is more work to come on CSSFontFace; the next step is to create an .idl file
1779         and hook it up to our CSSFontFace object. In this patch I have left some
1780         unimplemented pieces (for example: where the spec dictates that some operation should
1781         throw a JavaScript exception) which will be implemented in a follow-up patch. This
1782         patch does not have any visible behavior change; I'm separating out the boilerplate
1783         into this patch in order to ease reviewing burden.
1784
1785         This patch separates the externally-facing JavaScript API into a new class, FontFace.
1786         This class owns a CSSFontFace, which provides the backing implementation. There will
1787         be a system of shared ownership of these objects once FontFaceSet is implemented.
1788
1789         No new tests because there is no behavior change.
1790
1791         * CMakeLists.txt: Add new files to CMake builds.
1792         * WebCore.vcxproj/WebCore.vcxproj: Ditto for Windows.
1793         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
1794         * WebCore.xcodeproj/project.pbxproj: Ditto for Cocoa.
1795         * css/CSSAllInOne.cpp: Ditto for All-In-One builds.
1796         * css/CSSFontFace.cpp: Move shared code from CSSFontSelector into CSSFontFace.
1797         (WebCore::CSSFontFace::CSSFontFace):
1798         (WebCore::CSSFontFace::~CSSFontFace):
1799         (WebCore::CSSFontFace::setFamilies):
1800         (WebCore::CSSFontFace::setStyle):
1801         (WebCore::CSSFontFace::setWeight):
1802         (WebCore::CSSFontFace::setUnicodeRange):
1803         (WebCore::CSSFontFace::setVariantLigatures):
1804         (WebCore::CSSFontFace::setVariantPosition):
1805         (WebCore::CSSFontFace::setVariantCaps):
1806         (WebCore::CSSFontFace::setVariantNumeric):
1807         (WebCore::CSSFontFace::setVariantAlternates):
1808         (WebCore::CSSFontFace::setVariantEastAsian):
1809         (WebCore::CSSFontFace::setFeatureSettings):
1810         * css/CSSFontFace.h: Clean up.
1811         (WebCore::CSSFontFace::create):
1812         (WebCore::CSSFontFace::families):
1813         (WebCore::CSSFontFace::traitsMask):
1814         (WebCore::CSSFontFace::featureSettings):
1815         (WebCore::CSSFontFace::variantSettings):
1816         (WebCore::CSSFontFace::setVariantSettings):
1817         (WebCore::CSSFontFace::setTraitsMask):
1818         (WebCore::CSSFontFace::isLocalFallback):
1819         (WebCore::CSSFontFace::addRange): Deleted.
1820         (WebCore::CSSFontFace::insertFeature): Deleted.
1821         (WebCore::CSSFontFace::setVariantCommonLigatures): Deleted.
1822         (WebCore::CSSFontFace::setVariantDiscretionaryLigatures): Deleted.
1823         (WebCore::CSSFontFace::setVariantHistoricalLigatures): Deleted.
1824         (WebCore::CSSFontFace::setVariantContextualAlternates): Deleted.
1825         (WebCore::CSSFontFace::setVariantPosition): Deleted.
1826         (WebCore::CSSFontFace::setVariantCaps): Deleted.
1827         (WebCore::CSSFontFace::setVariantNumericFigure): Deleted.
1828         (WebCore::CSSFontFace::setVariantNumericSpacing): Deleted.
1829         (WebCore::CSSFontFace::setVariantNumericFraction): Deleted.
1830         (WebCore::CSSFontFace::setVariantNumericOrdinal): Deleted.
1831         (WebCore::CSSFontFace::setVariantNumericSlashedZero): Deleted.
1832         (WebCore::CSSFontFace::setVariantAlternates): Deleted.
1833         (WebCore::CSSFontFace::setVariantEastAsianVariant): Deleted.
1834         (WebCore::CSSFontFace::setVariantEastAsianWidth): Deleted.
1835         (WebCore::CSSFontFace::setVariantEastAsianRuby): Deleted.
1836         (WebCore::CSSFontFace::CSSFontFace): Deleted.
1837         * css/CSSFontSelector.cpp: Migrate shared code into CSSFontFace, and udpate
1838         to use the new API.
1839         (WebCore::appendSources):
1840         (WebCore::registerLocalFontFacesForFamily):
1841         (WebCore::CSSFontSelector::addFontFaceRule):
1842         (WebCore::computeTraitsMask): Deleted.
1843         (WebCore::createFontFace): Deleted.
1844         * css/FontFace.cpp: Added. External JavaScript API. Owns a CSSFontFace.
1845         (WebCore::FontFace::FontFace):
1846         (WebCore::FontFace::~FontFace):
1847         (WebCore::parseString):
1848         (WebCore::FontFace::setFamily):
1849         (WebCore::FontFace::setStyle):
1850         (WebCore::FontFace::setWeight):
1851         (WebCore::FontFace::setStretch):
1852         (WebCore::FontFace::setUnicodeRange):
1853         (WebCore::FontFace::setVariant):
1854         (WebCore::FontFace::setFeatureSettings):
1855         (WebCore::FontFace::family):
1856         (WebCore::FontFace::style):
1857         (WebCore::FontFace::weight):
1858         (WebCore::FontFace::stretch):
1859         (WebCore::FontFace::unicodeRange):
1860         (WebCore::FontFace::variant):
1861         (WebCore::FontFace::featureSettings):
1862         * css/FontFace.h: Added. Ditto.
1863         (WebCore::FontFace::create):
1864         * css/FontVariantBuilder.cpp: Added. Moved code here from FontVariantBuilder.h.
1865         Refactored to support a new client (CSSFontFace).
1866         (WebCore::extractFontVariantLigatures):
1867         (WebCore::extractFontVariantNumeric):
1868         (WebCore::extractFontVariantEastAsian):
1869         (WebCore::computeFontVariant):
1870         * css/FontVariantBuilder.h: Moved code from here into FontVariantBuilder.cpp.
1871         (WebCore::applyValueFontVariantLigatures): Deleted.
1872         (WebCore::applyValueFontVariantNumeric): Deleted.
1873         (WebCore::applyValueFontVariantEastAsian): Deleted.
1874         * css/StyleBuilderCustom.h: Update for new FontVariantBuilder API.
1875         (WebCore::StyleBuilderCustom::applyValueFontVariantLigatures):
1876         (WebCore::StyleBuilderCustom::applyValueFontVariantNumeric):
1877         (WebCore::StyleBuilderCustom::applyValueFontVariantEastAsian):
1878         * platform/text/TextFlags.h: Provide convenience classes.
1879         (WebCore::FontVariantLigaturesValues::FontVariantLigaturesValues):
1880         (WebCore::FontVariantNumericValues::FontVariantNumericValues):
1881         (WebCore::FontVariantEastAsianValues::FontVariantEastAsianValues):
1882
1883 2016-02-12  Jer Noble  <jer.noble@apple.com>
1884
1885         Build fix after r196506; publish MediaResourceLoader.h as a private header so it can be used by
1886         TestWebKitAPI.
1887
1888         * WebCore.xcodeproj/project.pbxproj:
1889
1890 2016-02-11  Jer Noble  <jer.noble@apple.com>
1891
1892         [Mac] Adopt MediaResourceLoader (instead of CachedResourceLoader) in WebCoreNSURLSession.
1893         https://bugs.webkit.org/show_bug.cgi?id=154136
1894
1895         Reviewed by Alex Christensen.
1896
1897         MediaResourceLoader already supports using CORS attribute to verify CORS access requirements
1898         when loading media resources, so use it, rather than CachedResourceLoader, as the backing for
1899         WebCoreNSURLSession.
1900
1901         * platform/network/cocoa/WebCoreNSURLSession.h:
1902         * platform/network/cocoa/WebCoreNSURLSession.mm:
1903         (-[WebCoreNSURLSession delegateQueue]):
1904         (-[WebCoreNSURLSession streamTaskWithNetService:]):
1905         (-[WebCoreNSURLSession isKindOfClass:]):
1906         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:request:]):
1907         (-[WebCoreNSURLSessionDataTask _restart]):
1908         (-[WebCoreNSURLSessionDataTask _cancel]):
1909         (-[WebCoreNSURLSessionDataTask resume]):
1910         (-[WebCoreNSURLSessionDataTask _timingData]):
1911         (-[WebCoreNSURLSessionDataTask resource:receivedResponse:]):
1912         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
1913         (-[WebCoreNSURLSession initWithResourceLoader:delegate:delegateQueue:]): Deleted.
1914         (-[WebCoreNSURLSession loader]): Deleted.
1915         (WebCore::WebCoreNSURLSessionDataTaskClient::dataSent): Deleted.
1916         (WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived): Deleted.
1917         (WebCore::WebCoreNSURLSessionDataTaskClient::dataReceived): Deleted.
1918         (WebCore::WebCoreNSURLSessionDataTaskClient::redirectReceived): Deleted.
1919         (WebCore::WebCoreNSURLSessionDataTaskClient::notifyFinished): Deleted.
1920         (-[WebCoreNSURLSessionDataTask initWithSession:identifier:URL:]): Deleted.
1921         (-[WebCoreNSURLSessionDataTask _finish]): Deleted.
1922         (-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
1923         (-[WebCoreNSURLSessionDataTask resource:sentBytes:totalBytesToBeSent:]): Deleted.
1924         (-[WebCoreNSURLSessionDataTask resource:receivedRedirect:request:]): Deleted.
1925         (-[WebCoreNSURLSessionDataTask resourceFinished:]): Deleted.
1926         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1927         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
1928
1929 2016-02-12  Alex Christensen  <achristensen@webkit.org>
1930
1931         Fix non-internal builds when using NetworkSession
1932         https://bugs.webkit.org/show_bug.cgi?id=152285
1933
1934         * platform/spi/cf/CFNetworkSPI.h:
1935         Add SPI declaration used in r194156.
1936
1937 2016-02-12  Andreas Kling  <akling@apple.com>
1938
1939         Throw out all live resource decoded data on memory pressure / suspension.
1940         <https://webkit.org/b/154176>
1941
1942         Reviewed by Antti Koivisto.
1943
1944         When pruning live resource decoded data from the memory cache,
1945         we normally avoid pruning anything that's been painted in the last second.
1946         This is an optimization to avoid getting into image decoding loops.
1947
1948         For memory pressure / process suspension scenarios this doesn't really
1949         make sense though:
1950
1951             - In the pressure case, if we have to render again soon it'll likely
1952               be a new GIF frame which we have to decode anyway.
1953
1954             - In the process suspension case, we might *never* render again,
1955               so we should be good citizens and drop all the decoded data we can.
1956
1957         This patch makes us drop all the decoded data, recently painted or not.
1958
1959         * platform/MemoryPressureHandler.cpp:
1960         (WebCore::MemoryPressureHandler::releaseCriticalMemory):
1961
1962 2016-02-12  Gavin Barraclough  <barraclough@apple.com>
1963
1964         Separate out !allowsAccess path in JSDOMWindowCustom getOwnPropertySlot
1965         https://bugs.webkit.org/show_bug.cgi?id=154156
1966
1967         Reviewed by Chris Dumez.
1968
1969         JSDOMWindowCustom getOwnPropertySlot currently allows cross-origin access to all
1970         static properties, relying on the property to perform the access check. This is
1971         a little insecure, since it is error prone - someone could easily add a property
1972         to the static table without realizing it would be automatcially exposed.
1973
1974         Instead, add a hard-coded filter to restrict access. As a future implementation
1975         we might consider autogenerating this (the properties are already tagged in IDL,
1976         we might be able to track this in a flag on the static table).
1977
1978         By separating out the handling of the same- and cross-origin access we can
1979         simplify & make the policy being enforced much clearer.
1980
1981         * bindings/js/JSDOMBinding.cpp:
1982         (WebCore::objectToStringFunctionGetter): Deleted.
1983             - removed objectToStringFunctionGetter - this duplicated functionality of
1984               nonCachingStaticFunctionGetter.
1985         * bindings/js/JSDOMBinding.h:
1986         (WebCore::objectToStringFunctionGetter): Deleted.
1987             - removed objectToStringFunctionGetter - this duplicated functionality of
1988               nonCachingStaticFunctionGetter.
1989         * bindings/js/JSDOMWindowCustom.cpp:
1990         (WebCore::jsDOMWindowGetOwnPropertySlotDisallowAccess):
1991             - explicitly handle providing access to only the things we do want to allow cross-origin.
1992         (WebCore::JSDOMWindow::getOwnPropertySlot):
1993         (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
1994             - push all !allowsAccess handling to jsDOMWindowGetOwnPropertySlotDisallowAccess
1995         (WebCore::childFrameGetter): Deleted.
1996             - this was just a deoptimiztion - moving access into a callback saved very
1997               little & caused more work to be duplicated.
1998
1999 2016-02-12  Sukolsak Sakshuwong  <sukolsak@gmail.com>
2000
2001         Update ICU header files to version 52
2002         https://bugs.webkit.org/show_bug.cgi?id=154160
2003
2004         Reviewed by Alex Christensen.
2005
2006         Update ICU header files to version 52 to allow the use of newer APIs.
2007
2008         No new tests because there is no behavior change.
2009
2010         * icu/unicode/bytestream.h:
2011         * icu/unicode/chariter.h:
2012         * icu/unicode/localpointer.h:
2013         * icu/unicode/platform.h:
2014         * icu/unicode/ptypes.h:
2015         * icu/unicode/putil.h:
2016         * icu/unicode/rep.h:
2017         (Replaceable::Replaceable):
2018         * icu/unicode/std_string.h:
2019         * icu/unicode/strenum.h:
2020         * icu/unicode/stringpiece.h:
2021         * icu/unicode/ubrk.h:
2022         * icu/unicode/uchar.h:
2023         * icu/unicode/ucnv.h:
2024         * icu/unicode/ucol.h:
2025         * icu/unicode/ucoleitr.h:
2026         * icu/unicode/uconfig.h:
2027         * icu/unicode/ucsdet.h:
2028         * icu/unicode/uenum.h:
2029         * icu/unicode/uidna.h:
2030         * icu/unicode/uiter.h:
2031         * icu/unicode/uloc.h:
2032         * icu/unicode/umachine.h:
2033         * icu/unicode/unistr.h:
2034         (UnicodeString::UnicodeString):
2035         (UnicodeString::operator== ):
2036         (UnicodeString::startsWith):
2037         (UnicodeString::setTo):
2038         (UnicodeString::remove):
2039         (UnicodeString::replace): Deleted.
2040         (UnicodeString::extract): Deleted.
2041         (UnicodeString::char32At): Deleted.
2042         (UnicodeString::getChar32Start): Deleted.
2043         (UnicodeString::getChar32Limit): Deleted.
2044         (UnicodeString::getTerminatedBuffer): Deleted.
2045         (UnicodeString::append): Deleted.
2046         (UnicodeString::truncate): Deleted.
2047         * icu/unicode/unorm2.h:
2048         * icu/unicode/uobject.h:
2049         * icu/unicode/urename.h:
2050         * icu/unicode/uscript.h:
2051         * icu/unicode/usearch.h:
2052         * icu/unicode/uset.h:
2053         * icu/unicode/ushape.h:
2054         * icu/unicode/ustring.h:
2055         * icu/unicode/utext.h:
2056         * icu/unicode/utf.h:
2057         * icu/unicode/utf16.h:
2058         * icu/unicode/utf8.h:
2059         * icu/unicode/utf_old.h:
2060         * icu/unicode/utypes.h:
2061         * icu/unicode/uvernum.h:
2062         * icu/unicode/uversion.h:
2063
2064 2016-02-12  Andreas Kling  <akling@apple.com>
2065
2066         [Mac] BitmapImage::decodedDataIsPurgeable() is telling lies and causing massive memory usage.
2067         <https://webkit.org/b/154172>
2068
2069         Reviewed by Antti Koivisto.
2070
2071         The underlying mechanism in CoreAnimation that made this work is no longer in place.
2072
2073         Instead of keeping purgeable frames and juggling volatility bits, we were simply caching
2074         every single frame of large GIF animations, sometimes leading to monstrous memory usage.
2075
2076         Remove the code from WebCore since it's not doing at all what it means to.
2077
2078         Now iOS and Mac will behave the same again, and frame caching decisions will be
2079         made by WebKit, based on total pixel byte size.
2080
2081         * loader/cache/CachedImage.h:
2082         * loader/cache/CachedResource.h:
2083         (WebCore::CachedResource::decodedDataIsPurgeable): Deleted.
2084         * loader/cache/MemoryCache.cpp:
2085         (WebCore::MemoryCache::pruneLiveResourcesToSize): Deleted.
2086         * platform/graphics/BitmapImage.cpp:
2087         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
2088         (WebCore::BitmapImage::destroyDecodedDataIfNecessary): Deleted.
2089         * platform/graphics/BitmapImage.h:
2090         * platform/graphics/Image.h:
2091         (WebCore::Image::decodedDataIsPurgeable): Deleted.
2092         * platform/graphics/cg/BitmapImageCG.cpp:
2093         (WebCore::BitmapImage::decodedDataIsPurgeable): Deleted.
2094         * platform/graphics/cg/ImageSourceCG.cpp:
2095         (WebCore::ImageSource::createFrameAtIndex): Deleted.
2096
2097 2016-02-12  Brady Eidson  <beidson@apple.com>
2098
2099         Modern IDB: Ref cycle between IDBObjectStore and IDBIndex.
2100         https://bugs.webkit.org/show_bug.cgi?id=154110
2101
2102         Reviewed by Darin Adler.
2103
2104         No new tests (Currently untestable).
2105
2106         The lifetime of IDBObjectStore and IDBIndex are closely intertwined, but we have to break the ref cycle.
2107         
2108         This patch does a few semi-gnarly things:
2109         1 - Makes both IDBIndex and IDBObjectStore have a custom marking function so they can add each other as 
2110             opaque roots.
2111         2 - Adds a lock to protect IDBObjectStore's collection of referenced indexes to support #1, as GC marking
2112             can happen on any thread.
2113         3 - Makes IDBIndex not be traditionally RefCounted; Instead, IDBIndex::ref()/deref() simply ref()/deref()
2114             the owning IDBObjectStore.
2115         4 - ...Except when somebody deletes an IDBIndex from its IDBObjectStore. Once that happens, the object
2116             store no longer has a reference back to the index, but the index still needs a reference back to the
2117             object store. To support this, the IDBIndex becomes "traditionally RefCounted" while holding a ref to
2118             its IDBObjectStore.
2119
2120         * CMakeLists.txt:
2121         * WebCore.xcodeproj/project.pbxproj:
2122
2123         * Modules/indexeddb/IDBIndex.h:
2124         (WebCore::IDBIndex::isModern):
2125         * Modules/indexeddb/IDBIndex.idl:
2126         
2127         * Modules/indexeddb/IDBObjectStore.h:
2128         (WebCore::IDBObjectStore::isModern):
2129         * Modules/indexeddb/IDBObjectStore.idl:
2130         
2131         * Modules/indexeddb/client/IDBIndexImpl.cpp:
2132         (WebCore::IDBClient::IDBIndex::objectStore):
2133         (WebCore::IDBClient::IDBIndex::openCursor):
2134         (WebCore::IDBClient::IDBIndex::doCount):
2135         (WebCore::IDBClient::IDBIndex::openKeyCursor):
2136         (WebCore::IDBClient::IDBIndex::doGet):
2137         (WebCore::IDBClient::IDBIndex::doGetKey):
2138         (WebCore::IDBClient::IDBIndex::markAsDeleted):
2139         (WebCore::IDBClient::IDBIndex::ref):
2140         (WebCore::IDBClient::IDBIndex::deref):
2141         (WebCore::IDBClient::IDBIndex::create): Deleted.
2142         * Modules/indexeddb/client/IDBIndexImpl.h:
2143         (WebCore::IDBClient::IDBIndex::modernObjectStore):
2144         
2145         * Modules/indexeddb/client/IDBObjectStoreImpl.cpp:
2146         (WebCore::IDBClient::IDBObjectStore::createIndex):
2147         (WebCore::IDBClient::IDBObjectStore::index):
2148         (WebCore::IDBClient::IDBObjectStore::deleteIndex):
2149         (WebCore::IDBClient::IDBObjectStore::visitReferencedIndexes):
2150         * Modules/indexeddb/client/IDBObjectStoreImpl.h:
2151         
2152         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
2153         (WebCore::IDBClient::IDBTransaction::createIndex):
2154         * Modules/indexeddb/client/IDBTransactionImpl.h:
2155         
2156         * Modules/indexeddb/legacy/LegacyIndex.cpp:
2157         (WebCore::LegacyIndex::ref):
2158         (WebCore::LegacyIndex::deref):
2159         * Modules/indexeddb/legacy/LegacyIndex.h:
2160         
2161         * bindings/js/JSIDBIndexCustom.cpp: Added.
2162         (WebCore::JSIDBIndex::visitAdditionalChildren):
2163         
2164         * bindings/js/JSIDBObjectStoreCustom.cpp:
2165         (WebCore::JSIDBObjectStore::visitAdditionalChildren):
2166
2167 2016-02-12  Csaba Osztrogonác  <ossy@webkit.org>
2168
2169         [EFL][GTK] Fix ENABLE(SVG_OTF_CONVERTER) build
2170         https://bugs.webkit.org/show_bug.cgi?id=154165
2171
2172         Reviewed by Alex Christensen.
2173
2174         * CMakeLists.txt:
2175         * css/CSSFontFaceSource.cpp:
2176         (WebCore::CSSFontFaceSource::font):
2177         * svg/SVGToOTFFontConversion.cpp:
2178         * svg/SVGToOTFFontConversion.h:
2179
2180 2016-02-12  Chris Dumez  <cdumez@apple.com>
2181
2182         Unreviewed nit fixes after r196466.
2183
2184         * Modules/speech/SpeechSynthesisUtterance.idl: Fix curly bracket
2185           placement.
2186         * bindings/scripts/CodeGeneratorJS.pm:
2187         (GenerateHeader): Use wrappableObject instead of domObject.
2188         * bindings/scripts/test/*: Rebaseline.
2189         * dom/WebKitNamedFlow.idl: Drop unnecessary #if case.
2190
2191 2016-02-12  Carlos Garcia Campos  <cgarcia@igalia.com>
2192
2193         [GTK] Properly handle classes inheriting from EventTarget
2194         https://bugs.webkit.org/show_bug.cgi?id=154158
2195
2196         Reviewed by Michael Catanzaro.
2197
2198         Instead of removing its parent we now handle the case of classes
2199         having EventTarget as parent to make them implement the interface
2200         instead.
2201
2202         * bindings/scripts/CodeGeneratorGObject.pm:
2203         (ShouldBeExposedAsInterface): Whether the parent given class
2204         should be exposed as an interface instead of a parent class.
2205         (GetParentClassName): Return Object as parent for classes having
2206         a parent that should be exposed as an interface.
2207         (GetParentImplClassName): Ditto.
2208         (GetBaseClass): Ditto.
2209         (GetParentGObjType): Ditto.
2210         (SkipFunction): Add FIXME comment.
2211         (ImplementsInterface): Helper function to check if a class
2212         implements the given interface.
2213         (GenerateCFile): Check whether the class implements EventTarget to
2214         generate the interface implementation.
2215         (GenerateInterface): Do not remove the parent class when it's EventTarget.
2216
2217 2016-02-12  Commit Queue  <commit-queue@webkit.org>
2218
2219         Unreviewed, rolling out r196470.
2220         https://bugs.webkit.org/show_bug.cgi?id=154167
2221
2222         Broke some tests (Requested by anttik on #webkit).
2223
2224         Reverted changeset:
2225
2226         "Factor class change style invalidation code into a class"
2227         https://bugs.webkit.org/show_bug.cgi?id=154163
2228         http://trac.webkit.org/changeset/196470
2229
2230 2016-02-12  Antti Koivisto  <antti@apple.com>
2231
2232         Factor class change style invalidation code into a class
2233         https://bugs.webkit.org/show_bug.cgi?id=154163
2234
2235         Reviewed by Andreas Kling.
2236
2237         Factor this piece of functionality out of Element and into ClassChangeInvalidation class.
2238
2239         * CMakeLists.txt:
2240         * WebCore.vcxproj/WebCore.vcxproj:
2241         * WebCore.xcodeproj/project.pbxproj:
2242         * dom/Element.cpp:
2243         (WebCore::classStringHasClassName):
2244         (WebCore::Element::classAttributeChanged):
2245         (WebCore::collectClasses): Deleted.
2246         (WebCore::computeClassChange): Deleted.
2247         (WebCore::invalidateStyleForClassChange): Deleted.
2248         * style/ClassChangeInvalidation.cpp: Added.
2249         (WebCore::Style::ClassChangeInvalidation::computeClassChange):
2250         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
2251         * style/ClassChangeInvalidation.h: Added.
2252         (WebCore::Style::ClassChangeInvalidation::needsInvalidation):
2253         (WebCore::Style::ClassChangeInvalidation::ClassChangeInvalidation):
2254         (WebCore::Style::ClassChangeInvalidation::~ClassChangeInvalidation):
2255
2256 2016-02-12  Csaba Osztrogonác  <ossy@webkit.org>
2257
2258         GCC buildfix in Source/WebCore/svg/SVGToOTFFontConversion.cpp
2259         https://bugs.webkit.org/show_bug.cgi?id=154162
2260
2261         Reviewed by Andreas Kling.
2262
2263         * svg/SVGToOTFFontConversion.cpp:
2264         (WebCore::SVGToOTFFontConverter::finishAppendingKERNSubtable):
2265
2266 2016-02-12  Andreas Kling  <akling@apple.com>
2267
2268         Don't invalidate the FontCache on memory pressure.
2269         <https://webkit.org/b/154161>
2270
2271         Reviewed by Antti Koivisto.
2272
2273         Invalidating the FontCache does more harm than good:
2274
2275             - Anything that's still in the cache at this point is also
2276               referenced outside the cache, thus will not actually get deleted.
2277
2278             - Future deduplication will fail, leading to more objects.
2279
2280             - The global FontCache generation gets bumped, causing future style
2281               recalcs to be less efficient and breaking style sharing.
2282
2283             - All FontSelector invalidation callbacks will fire, potentially
2284               causing forced full-document style recalcs.
2285
2286         In fact, the only win from invalidating the FontCache comes from some
2287         minor shrinkage in the containers that make up the cache itself.
2288
2289         * platform/MemoryPressureHandler.cpp:
2290         (WebCore::MemoryPressureHandler::releaseCriticalMemory): Deleted.
2291
2292 2016-02-11  Chris Dumez  <cdumez@apple.com>
2293
2294         [Web IDL] interfaces should inherit EventTarget instead of duplicating the EventTarget API
2295         https://bugs.webkit.org/show_bug.cgi?id=154121
2296         <rdar://problem/24613234>
2297
2298         Reviewed by Gavin Barraclough.
2299
2300         Interfaces should inherit EventTarget instead of duplicating the
2301         EventTarget API in their IDL. Not only the duplication is ugly and
2302         error-prone, but this also does not match the specifications and
2303         have subtle web-exposed differences.
2304
2305         This patch takes care of all interfaces except for DOMWindow and
2306         WorkerGlobalScope. Those will be updated in the follow-up patch
2307         as they will require a little bit more work and testing.
2308
2309         We should also be able to get rid of the [EventTarget] WebKit IDL
2310         attribute in a follow-up.
2311
2312         No new tests, already covered by existing tests.
2313
2314         * Modules/battery/BatteryManager.idl:
2315         * Modules/encryptedmedia/MediaKeySession.idl:
2316         * Modules/indexeddb/IDBDatabase.h:
2317         * Modules/indexeddb/IDBDatabase.idl:
2318         * Modules/indexeddb/IDBRequest.h:
2319         * Modules/indexeddb/IDBRequest.idl:
2320         * Modules/indexeddb/IDBTransaction.h:
2321         * Modules/indexeddb/IDBTransaction.idl:
2322         * Modules/mediasession/MediaRemoteControls.idl:
2323         * Modules/mediasource/MediaSource.h:
2324         * Modules/mediasource/MediaSource.idl:
2325         * Modules/mediasource/SourceBuffer.h:
2326         * Modules/mediasource/SourceBuffer.idl:
2327         * Modules/mediasource/SourceBufferList.h:
2328         * Modules/mediasource/SourceBufferList.idl:
2329         * Modules/mediastream/MediaStream.h:
2330         * Modules/mediastream/MediaStream.idl:
2331         * Modules/mediastream/MediaStreamTrack.h:
2332         * Modules/mediastream/MediaStreamTrack.idl:
2333         * Modules/mediastream/RTCDTMFSender.h:
2334         * Modules/mediastream/RTCDTMFSender.idl:
2335         * Modules/mediastream/RTCDataChannel.h:
2336         * Modules/mediastream/RTCDataChannel.idl:
2337         * Modules/mediastream/RTCPeerConnection.h:
2338         * Modules/mediastream/RTCPeerConnection.idl:
2339         * Modules/notifications/Notification.idl:
2340         * Modules/speech/SpeechSynthesisUtterance.idl:
2341         * Modules/webaudio/AudioContext.idl:
2342         * Modules/webaudio/AudioNode.idl:
2343         * Modules/websockets/WebSocket.idl:
2344         * css/FontLoader.idl:
2345         * dom/EventTarget.h:
2346         * dom/MessagePort.idl:
2347         * dom/Node.h:
2348         * dom/Node.idl:
2349         * dom/WebKitNamedFlow.idl:
2350         * fileapi/FileReader.idl:
2351         * html/MediaController.idl:
2352         * html/track/AudioTrackList.idl:
2353         * html/track/TextTrack.idl:
2354         * html/track/TextTrackCue.idl:
2355         * html/track/TextTrackList.idl:
2356         * html/track/VideoTrackList.idl:
2357         * loader/appcache/DOMApplicationCache.h:
2358         * loader/appcache/DOMApplicationCache.idl:
2359         * page/EventSource.idl:
2360         * page/Performance.h:
2361         * page/Performance.idl:
2362         * workers/Worker.idl:
2363         * xml/XMLHttpRequest.h:
2364         * xml/XMLHttpRequest.idl:
2365         * xml/XMLHttpRequestUpload.idl:
2366         - Drop hardcoded EventTarget operations and inherit EventTarget instead.
2367         - Drop JSGenerateToNativeObject / JSGenerateToJSObject IDL extended
2368           attributes for interfaces inheriting the EventTarget interface as
2369           the bindings generator now does this automatically for us.
2370         - On native side, have EventTarget subclass ScriptWrappable instead of
2371           each of its subclasses doing so. The issue was that
2372           EventTargetOwner::finalize() was calling uncacheWrapper() with an
2373           EventTarget*, which would not clear inlined cached wrapped (see
2374           clearInlineCachedWrapper()) because EventTarget did not subclass
2375           ScriptWrappable. However, cacheWrapper() is called is a specific
2376           subtype pointer (e.g. Node*) and we would decide to create an
2377           inline cached wrapper because Node subclassed ScriptWrappable
2378           (as well as EventTarget).
2379
2380         * WebCore.xcodeproj/project.pbxproj:
2381         Export JSEventTarget.h as private header to fix the build.
2382
2383         * bindings/js/JSDOMBinding.h:
2384         (WebCore::wrapperKey):
2385         (WebCore::getCachedWrapper):
2386         (WebCore::cacheWrapper):
2387         (WebCore::uncacheWrapper):
2388         Use new wrapperKey() function that is generated for each bindings
2389         class that also has wrapperOwner(). This is used instead of the
2390         C cast to void* in order to cast to the base wrapped type to fix
2391         issues with multiple inheritance. The issue was that cacheWrapper()
2392         was getting called with a DOM object subtype pointer (e.g.
2393         AudioContext*) but uncacheWrapper() was getting called with a base
2394         wrapped type pointer (e.g. EventTarget*). Most of our DOM classes
2395         use multiple inheritance and thus the pointer values (used as keys
2396         in the weak map) may differ.
2397
2398         * bindings/js/JSTrackCustom.cpp:
2399         (WebCore::toJS):
2400         Call CREATE_DOM_WRAPPER() with an actual wrapped type (e.g. AudioTrack)
2401         instead of TrackBase type. TrackBase does not have corresponding
2402         generated bindings and therefore does not have a wrapperKey()
2403         function.
2404
2405         * bindings/scripts/CodeGeneratorJS.pm:
2406         (ShouldGenerateToWrapped):
2407         (ShouldGenerateToJSDeclaration):
2408         (GenerateHeader):
2409         - Generate a wrapperKey() utility function along-side wrapperOwner()
2410           to help cast to the base wrapped type.
2411         - Generate toWrapped() / toJS() utility functions for interfaces
2412           that inherit EventTarget as those are required by our
2413           implementation and this avoids having to explicitly have them in
2414           the IDL.
2415
2416         * bindings/scripts/test/*:
2417         Rebaseline bindings tests.
2418
2419 2016-02-11  Brent Fulgham  <bfulgham@apple.com>
2420
2421         Optimize texture-complete checks
2422         https://bugs.webkit.org/show_bug.cgi?id=98308
2423
2424         Reviewed by Dean Jackson.
2425
2426         No new tests: No change in behavior.
2427
2428         * html/canvas/WebGLRenderingContextBase.cpp:
2429         (WebCore::WebGLRenderingContextBase::initializeNewContext): Initially consider all
2430         textures as suspect.
2431         (WebCore::WebGLRenderingContextBase::extensions): New helper function.
2432         (WebCore::WebGLRenderingContextBase::reshape): Mark textures as invalid when appropriate.
2433         (WebCore::WebGLRenderingContextBase::bindTexture): Identify invalid textures and mark
2434         them for later fix-up. Likewise, remove 'known good' textures from the fix-up pass.
2435         (WebCore::WebGLRenderingContextBase::deleteTexture): Remove instances of the deleted texture
2436         from our set of invalid textures.
2437         (WebCore::WebGLRenderingContextBase::checkTextureCompleteness): Only iterate through
2438         the 'bad' textures, rather than checking every single texture.
2439         * html/canvas/WebGLRenderingContextBase.h:
2440
2441 2016-02-11  Alex Christensen  <achristensen@webkit.org>
2442
2443         Assert that IDBTransaction::transitionedToFinishing transitions to finishing.
2444         https://bugs.webkit.org/show_bug.cgi?id=154061
2445
2446         * Modules/indexeddb/client/IDBTransactionImpl.cpp:
2447         (WebCore::IDBClient::IDBTransaction::transitionedToFinishing):
2448         Added assertion that we are transitioning to a finished or finishing state, based on Darin's feedback.
2449
2450 2016-02-11  Enrica Casucci  <enrica@apple.com>
2451
2452         WebContent process crashes when performing data detection on content with existing data detector links.
2453         https://bugs.webkit.org/show_bug.cgi?id=154118
2454         rdar://problem/24511860
2455
2456         Reviewed by Tim Horton.
2457
2458         The DOM mutation caused by removing the existing links, can shift the range endpoints.
2459         We now save the range enpoints as positions so that we can recreate the ranges,
2460         if a DOM mutation occurred.
2461
2462         * editing/cocoa/DataDetection.mm:
2463         (WebCore::removeResultLinksFromAnchor):
2464         (WebCore::searchForLinkRemovingExistingDDLinks):
2465         (WebCore::DataDetection::detectContentInRange):
2466
2467 2016-02-11  Jer Noble  <jer.noble@apple.com>
2468
2469         Make MediaResourceLoader behave more like a CachedResourceLoader.
2470         https://bugs.webkit.org/show_bug.cgi?id=154117
2471
2472         Reviewed by Alex Christensen.
2473
2474         MediaResourceLoader currently can only handle a single request at a time. Split the class
2475         into two, MediaResourceLoader and MediaResource, effectively wrapping CachedResourceLoader
2476         and CachedRawResource respectively. With this devision, the same loader can be used to issue
2477         multiple simultaneous resource requests.
2478
2479         This necessecitates splitting PlatformMediaResource into two classes as well.  To simplify
2480         the HTMLMediaElement, MediaPlayer, and MediaPlayerClient APIs, do not require a client
2481         object when creating the loader; instead, the client is required to create the resource.
2482         This also matches the CachedRawResource API.
2483
2484         * html/HTMLMediaElement.cpp:
2485         (WebCore::HTMLMediaElement::mediaPlayerCreateResourceLoader): Remove the client parameter.
2486         * html/HTMLMediaElement.h:
2487         * loader/MediaResourceLoader.cpp:
2488         (WebCore::MediaResourceLoader::MediaResourceLoader):
2489         (WebCore::MediaResourceLoader::~MediaResourceLoader):
2490         (WebCore::MediaResourceLoader::requestResource): Renamed from start().
2491         (WebCore::MediaResourceLoader::removeResource): Remove resource from live resource list.
2492         (WebCore::MediaResource::create): Utility factory.
2493         (WebCore::MediaResource::MediaResource):
2494         (WebCore::MediaResource::~MediaResource):
2495         (WebCore::MediaResource::stop): Moved from MediaResourceLoader.
2496         (WebCore::MediaResource::setDefersLoading): Ditto.
2497         (WebCore::MediaResource::responseReceived): Ditto.
2498         (WebCore::MediaResource::redirectReceived): Ditto.
2499         (WebCore::MediaResource::dataSent): Ditto.
2500         (WebCore::MediaResource::dataReceived): Ditto.
2501         (WebCore::MediaResource::notifyFinished): Ditto.
2502         (WebCore::MediaResource::getOrCreateReadBuffer): Ditto.
2503         * loader/MediaResourceLoader.h:
2504         * platform/graphics/MediaPlayer.cpp:
2505         (WebCore::MediaPlayer::createResourceLoader):
2506         * platform/graphics/MediaPlayer.h:
2507         (WebCore::MediaPlayerClient::mediaPlayerCreateResourceLoader):
2508         * platform/graphics/PlatformMediaResourceLoader.h:
2509         (WebCore::PlatformMediaResourceClient::~PlatformMediaResourceClient): Renamed from PlatformMediaResourceLoaderClient.
2510         (WebCore::PlatformMediaResourceClient::responseReceived): Client methods now take a reference to the resource.
2511         (WebCore::PlatformMediaResourceClient::redirectReceived): Ditto.
2512         (WebCore::PlatformMediaResourceClient::dataSent): Ditto. 
2513         (WebCore::PlatformMediaResourceClient::dataReceived): Ditto.
2514         (WebCore::PlatformMediaResourceClient::accessControlCheckFailed): Ditto.
2515         (WebCore::PlatformMediaResourceClient::loadFailed): Ditto.
2516         (WebCore::PlatformMediaResourceClient::loadFinished): Ditto.
2517         (WebCore::PlatformMediaResourceClient::getOrCreateReadBuffer): Ditto.
2518         (WebCore::PlatformMediaResourceLoader::PlatformMediaResourceLoader): Ditto.
2519         (WebCore::PlatformMediaResource::PlatformMediaResource): 
2520         (WebCore::PlatformMediaResource::~PlatformMediaResource): 
2521         (WebCore::PlatformMediaResource::setClient):
2522         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2523         (webKitWebSrcStart):
2524         (webKitWebSrcNeedData):
2525         (webKitWebSrcEnoughData):
2526         (CachedResourceStreamingClient::getOrCreateReadBuffer):
2527         (CachedResourceStreamingClient::responseReceived):
2528         (CachedResourceStreamingClient::dataReceived):
2529         (CachedResourceStreamingClient::accessControlCheckFailed):
2530         (CachedResourceStreamingClient::loadFailed):
2531         (CachedResourceStreamingClient::loadFinished):
2532
2533 2016-02-11  Zalan Bujtas  <zalan@apple.com>
2534
2535         Subpixel rendering: Make focusring painting subpixel aware.
2536         https://bugs.webkit.org/show_bug.cgi?id=154111
2537
2538         Reviewed by David Hyatt.
2539
2540         Do not integral snap focusring rects while collecting them (use device pixel snapping instead
2541         right before passing them to GraphicsContext::drawFocusRing).
2542
2543         Unable to test.
2544
2545         * platform/graphics/GraphicsContext.h:
2546         * platform/graphics/displaylists/DisplayListItems.h:
2547         (WebCore::DisplayList::DrawFocusRingRects::create):
2548         (WebCore::DisplayList::DrawFocusRingRects::rects):
2549         (WebCore::DisplayList::DrawFocusRingRects::DrawFocusRingRects):
2550         * platform/graphics/displaylists/DisplayListRecorder.cpp:
2551         (WebCore::DisplayList::Recorder::drawFocusRing):
2552         * platform/graphics/displaylists/DisplayListRecorder.h:
2553         * platform/graphics/mac/GraphicsContextMac.mm:
2554         (WebCore::GraphicsContext::drawFocusRing):
2555         * rendering/RenderBlock.cpp:
2556         (WebCore::RenderBlock::addFocusRingRectsForInlineChildren):
2557         (WebCore::RenderBlock::addFocusRingRects):
2558         * rendering/RenderBlock.h:
2559         * rendering/RenderBlockFlow.cpp:
2560         (WebCore::RenderBlockFlow::addFocusRingRectsForInlineChildren):
2561         * rendering/RenderBlockFlow.h:
2562         * rendering/RenderBox.cpp:
2563         (WebCore::RenderBox::addFocusRingRects):
2564         * rendering/RenderBox.h:
2565         * rendering/RenderElement.cpp:
2566         (WebCore::RenderElement::paintFocusRing):
2567         (WebCore::RenderElement::issueRepaintForOutlineAuto):
2568         * rendering/RenderInline.cpp:
2569         (WebCore::RenderInline::absoluteRects):
2570         (WebCore::RenderInline::addFocusRingRects):
2571         * rendering/RenderInline.h:
2572         * rendering/RenderListBox.cpp:
2573         (WebCore::RenderListBox::addFocusRingRects):
2574         * rendering/RenderListBox.h:
2575         * rendering/RenderObject.cpp:
2576         (WebCore::RenderObject::addPDFURLRect):
2577         (WebCore::RenderObject::absoluteFocusRingQuads):
2578         * rendering/RenderObject.h:
2579         (WebCore::RenderObject::addFocusRingRects):
2580         * rendering/RenderTextControl.cpp:
2581         (WebCore::RenderTextControl::addFocusRingRects):
2582         * rendering/RenderTextControl.h:
2583         * rendering/svg/RenderSVGContainer.cpp:
2584         (WebCore::RenderSVGContainer::addFocusRingRects):
2585         * rendering/svg/RenderSVGContainer.h:
2586         * rendering/svg/RenderSVGImage.cpp:
2587         (WebCore::RenderSVGImage::addFocusRingRects):
2588         * rendering/svg/RenderSVGImage.h:
2589         * rendering/svg/RenderSVGShape.cpp:
2590         (WebCore::RenderSVGShape::addFocusRingRects):
2591         * rendering/svg/RenderSVGShape.h:
2592
2593 2016-02-11  Myles C. Maxfield  <mmaxfield@apple.com>
2594
2595         Addressing post-review comments after r196393
2596
2597         Unreviewed.
2598
2599         * css/CSSFontSelector.cpp:
2600         (WebCore::CSSFontSelector::getFontFace):
2601         * css/CSSSegmentedFontFace.h:
2602
2603 2016-02-11  Antti Koivisto  <antti@apple.com>
2604
2605         Rename Element::style() to Element::cssomStyle()
2606         https://bugs.webkit.org/show_bug.cgi?id=154107
2607
2608         Reviewed by Alex Christensen.
2609
2610         It implements the IDL "style" attribute that returns a CSSOM object.
2611         Inside WebCore "style" generally refers to a RenderStyle.
2612
2613         * dom/Element.cpp:
2614         (WebCore::Element::hasAttributeNS):
2615         (WebCore::Element::cssomStyle):
2616         (WebCore::Element::focus):
2617         (WebCore::Element::style): Deleted.
2618         * dom/Element.h:
2619         (WebCore::Element::tagQName):
2620         * dom/Element.idl:
2621         * dom/StyledElement.cpp:
2622         (WebCore::StyledElement::~StyledElement):
2623         (WebCore::StyledElement::cssomStyle):
2624         (WebCore::StyledElement::style): Deleted.
2625         * dom/StyledElement.h:
2626         (WebCore::StyledElement::synchronizeStyleAttributeInternal):
2627         (WebCore::StyledElement::collectStyleForPresentationAttribute):
2628         * editing/Editor.cpp:
2629         (WebCore::Editor::applyEditingStyleToElement):
2630         * inspector/InspectorCSSAgent.cpp:
2631         (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
2632         (WebCore::InspectorCSSAgent::getInlineStylesForNode):
2633         (WebCore::InspectorCSSAgent::asInspectorStyleSheet):
2634         * inspector/InspectorStyleSheet.cpp:
2635         (WebCore::InspectorStyleSheetForInlineStyle::didModifyElementAttribute):
2636         (WebCore::InspectorStyleSheetForInlineStyle::inlineStyle):
2637         (WebCore::InspectorStyleSheetForInlineStyle::elementStyleText):
2638         * svg/SVGElement.idl:
2639
2640 2016-02-11  Konstantin Tokarev  <annulen@yandex.ru>
2641
2642         [cmake] Consolidate TextureMapper file and include dir lists.
2643         https://bugs.webkit.org/show_bug.cgi?id=154106
2644
2645         Reviewed by Michael Catanzaro.
2646
2647         No new tests needed.
2648
2649         * CMakeLists.txt: Moved texmap include dir and source list to
2650         TextureMapper.cmake, removed non-existent include dir "filters/texmap".
2651         * PlatformEfl.cmake: Moved texmap and coordinatedgraphics include
2652         dirs and source list to TextureMapper.cmake.
2653         * PlatformGTK.cmake: Ditto, also removed non-existent include dir
2654         "texmap/threadedcompositor"
2655         * PlatformWinCairo.cmake: Moved texmap files to TextureMapper.cmake.
2656         * platform/TextureMapper.cmake: Added.
2657
2658 2016-02-11  Chris Dumez  <cdumez@apple.com>
2659
2660         Move 'length' property to the prototype
2661         https://bugs.webkit.org/show_bug.cgi?id=154051
2662         <rdar://problem/24577385>
2663
2664         Reviewed by Darin Adler.
2665
2666         Move 'length' property to the prototype, where it should be. We used to
2667         keep it on the instance because our implementation of
2668         getOwnPropertySlot() was wrong for interfaces with a named property
2669         getter. However, our implementation of getOwnPropertySlot() is now
2670         spec-compliant so this should be OK.
2671
2672         Moving 'length' to the prototype is also a little bit risky in terms of
2673         performance, especially for HTMLCollection / NodeList. However, I did
2674         not see an impact on realistic benchmarks like Speedometer and only saw
2675         a small impact (< 5%) on micro-benchmarks. I propose we make our behavior
2676         correct and monitor performance. If we see any benchmark we care about
2677         regress then we should try and optimize while keeping the attribute on
2678         the prototype.
2679
2680         No new tests, already covered by existing tests.
2681
2682         * bindings/js/JSDOMBinding.h:
2683         (WebCore::getStaticValueSlotEntryWithoutCaching):
2684         * bindings/js/JSHTMLDocumentCustom.cpp:
2685         (WebCore::JSHTMLDocument::getOwnPropertySlot):
2686         (WebCore::JSHTMLDocument::nameGetter): Deleted.
2687         * bindings/js/JSLocationCustom.cpp:
2688         (WebCore::JSLocation::putDelegate):
2689         * bindings/js/JSPluginElementFunctions.h:
2690         (WebCore::pluginElementCustomGetOwnPropertySlot):
2691         * bindings/js/JSStorageCustom.cpp:
2692         (WebCore::JSStorage::deleteProperty):
2693         (WebCore::JSStorage::deletePropertyByIndex):
2694         (WebCore::JSStorage::putDelegate):
2695         Leverage the new hasStaticPropertyTable static property in the
2696         generated bindings for performance.
2697
2698         * bindings/scripts/CodeGeneratorJS.pm:
2699         (GenerateHeader):
2700         Generate a "hasStaticPropertyTable" static const boolean property
2701         for each bindings class so we can check at build time if
2702         ClassInfo::staticPropHashTable is null.
2703
2704         (AttributeShouldBeOnInstance):
2705         Move "length" to the prototype.
2706
2707         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
2708         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
2709         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
2710         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
2711         * bindings/scripts/test/JS/JSTestEventConstructor.h:
2712         * bindings/scripts/test/JS/JSTestEventTarget.h:
2713         * bindings/scripts/test/JS/JSTestException.h:
2714         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
2715         * bindings/scripts/test/JS/JSTestInterface.h:
2716         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
2717         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
2718         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
2719         * bindings/scripts/test/JS/JSTestNode.h:
2720         * bindings/scripts/test/JS/JSTestNondeterministic.h:
2721         * bindings/scripts/test/JS/JSTestObj.h:
2722         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
2723         * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
2724         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
2725         * bindings/scripts/test/JS/JSTestTypedefs.h:
2726         * bindings/scripts/test/JS/JSattribute.h:
2727         * bindings/scripts/test/JS/JSreadonly.h:
2728         Rebaseline bindings tests.
2729
2730
2731 2016-02-11  Csaba Osztrogonác  <ossy@webkit.org>
2732
2733         Fix the !(ENABLE(SHADOW_DOM) || ENABLE(DETAILS_ELEMENT)) after r196281
2734         https://bugs.webkit.org/show_bug.cgi?id=154035
2735
2736         Reviewed by Antti Koivisto.
2737
2738         Follow-up fix after r196365. Removed guards around slotNodeIndex.
2739
2740         * dom/ComposedTreeIterator.h:
2741         (WebCore::ComposedTreeIterator::Context::Context):
2742
2743 2016-02-10  Ryan Haddad  <ryanhaddad@apple.com>
2744
2745         Updating bindings test reference file for JSTestEventConstructor.cpp after r196400
2746
2747         Unreviewed test gardening.
2748
2749         No new tests needed.
2750
2751         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
2752         (WebCore::JSTestEventConstructorConstructor::construct):
2753
2754 2016-02-10  Eric Carlson  <eric.carlson@apple.com>
2755
2756         Update "manual" caption track logic
2757         https://bugs.webkit.org/show_bug.cgi?id=154084
2758         <rdar://problem/24530516>
2759
2760         Reviewed by Dean Jackson.
2761
2762         No new tests, media/track/track-manual-mode.html was updated.
2763
2764         * English.lproj/Localizable.strings: Add new string.
2765
2766         * html/HTMLMediaElement.cpp:
2767         (WebCore::HTMLMediaElement::addTextTrack): track.setManualSelectionMode is no more.
2768         (WebCore::HTMLMediaElement::configureTextTrackGroup): Never enable a track automatically when
2769           in manual selection mode.
2770         (WebCore::HTMLMediaElement::captionPreferencesChanged):  track.setManualSelectionMode is no more.
2771
2772         * html/track/TextTrack.cpp:
2773         (WebCore::TextTrack::containsOnlyForcedSubtitles): Return true for forced tracks.
2774         (WebCore::TextTrack::kind): Deleted.
2775         * html/track/TextTrack.h:
2776
2777         * html/track/TrackBase.h:
2778         (WebCore::TrackBase::kind): De-virtualize, nobody overrides it.
2779
2780         * page/CaptionUserPreferencesMediaAF.cpp:
2781         (WebCore::trackDisplayName): Include "forced" in the name of forced tracks.
2782
2783         * platform/LocalizedStrings.cpp:
2784         (WebCore::forcedTrackMenuItemText): New.
2785         * platform/LocalizedStrings.h:
2786
2787 2016-02-10  Jiewen Tan  <jiewen_tan@apple.com>
2788
2789         Rename *Event::create* which creates events for bindings to *Event::createForBindings* and cleanup corresponding paths
2790         https://bugs.webkit.org/show_bug.cgi?id=153903
2791         <rdar://problem/24518146>
2792
2793         Reviewed by Darin Adler.
2794
2795         Rename Event::create(const AtomicString&, const EventInit&) to Event::createForBindings
2796         (const AtomicString&, const EventInit&) and for all the subclasses as well in order to
2797         support Event.isTrusted. Besides, some of the subclasses use the create method for bindings
2798         to create events not for bindings and vice versa. Therefore, this patch also cleanup
2799         corresponding paths to ensure no misuse of the create mehtod. The same for Event::create()
2800         as it is combined with Event::initEvent to create an event for bindings for legacy content.
2801
2802         After this patch, all call sites of *Event::create* are supposed to use *Event::create
2803         to create events for user agent and *Event::createForBindings for bindings.
2804
2805         No change in behavior.
2806
2807         * Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.h:
2808         (WebCore::WebKitPlaybackTargetAvailabilityEvent::create):
2809         (WebCore::WebKitPlaybackTargetAvailabilityEvent::createForBindings):
2810         (WebCore::WebKitPlaybackTargetAvailabilityEventInit::WebKitPlaybackTargetAvailabilityEventInit): Deleted.
2811         * Modules/encryptedmedia/MediaKeyMessageEvent.cpp:
2812         (WebCore::MediaKeyMessageEvent::MediaKeyMessageEvent):
2813         (WebCore::MediaKeyMessageEventInit::MediaKeyMessageEventInit): Deleted.
2814         * Modules/encryptedmedia/MediaKeyMessageEvent.h:
2815         (WebCore::MediaKeyMessageEvent::create):
2816         (WebCore::MediaKeyMessageEvent::createForBindings):
2817         * Modules/encryptedmedia/MediaKeyNeededEvent.cpp:
2818         (WebCore::MediaKeyNeededEvent::MediaKeyNeededEvent):
2819         (WebCore::MediaKeyNeededEventInit::MediaKeyNeededEventInit): Deleted.
2820         * Modules/encryptedmedia/MediaKeyNeededEvent.h:
2821         (WebCore::MediaKeyNeededEvent::create):
2822         (WebCore::MediaKeyNeededEvent::createForBindings):
2823         * Modules/encryptedmedia/MediaKeySession.cpp:
2824         (WebCore::MediaKeySession::sendMessage):
2825         * Modules/gamepad/GamepadEvent.h:
2826         (WebCore::GamepadEvent::create):
2827         (WebCore::GamepadEvent::createForBindings):
2828         (WebCore::GamepadEventInit::GamepadEventInit): Deleted.
2829         * Modules/indieui/UIRequestEvent.cpp:
2830         (WebCore::UIRequestEvent::createForBindings):
2831         (WebCore::UIRequestEvent::UIRequestEvent):
2832         (WebCore::UIRequestEventInit::UIRequestEventInit): Deleted.
2833         (WebCore::UIRequestEvent::create): Deleted.
2834         * Modules/indieui/UIRequestEvent.h:
2835         * Modules/mediastream/MediaStreamEvent.cpp:
2836         (WebCore::MediaStreamEvent::createForBindings):
2837         (WebCore::MediaStreamEventInit::MediaStreamEventInit): Deleted.
2838         (WebCore::MediaStreamEvent::create): Deleted.
2839         * Modules/mediastream/MediaStreamEvent.h:
2840         * Modules/mediastream/MediaStreamTrackEvent.cpp:
2841         (WebCore::MediaStreamTrackEvent::createForBindings):
2842         (WebCore::MediaStreamTrackEventInit::MediaStreamTrackEventInit): Deleted.
2843         (WebCore::MediaStreamTrackEvent::create): Deleted.
2844         * Modules/mediastream/MediaStreamTrackEvent.h:
2845         * Modules/mediastream/RTCDTMFToneChangeEvent.cpp:
2846         (WebCore::RTCDTMFToneChangeEvent::createForBindings):
2847         (WebCore::RTCDTMFToneChangeEvent::create): Deleted.
2848         * Modules/mediastream/RTCDTMFToneChangeEvent.h:
2849         * Modules/mediastream/RTCDataChannelEvent.cpp:
2850         (WebCore::RTCDataChannelEvent::createForBindings):
2851         (WebCore::RTCDataChannelEvent::create): Deleted.
2852         * Modules/mediastream/RTCDataChannelEvent.h:
2853         * Modules/mediastream/RTCIceCandidateEvent.cpp:
2854         (WebCore::RTCIceCandidateEvent::createForBindings):
2855         (WebCore::RTCIceCandidateEvent::create): Deleted.
2856         * Modules/mediastream/RTCIceCandidateEvent.h:
2857         * Modules/mediastream/RTCTrackEvent.cpp:
2858         (WebCore::RTCTrackEvent::createForBindings):
2859         (WebCore::RTCTrackEventInit::RTCTrackEventInit): Deleted.
2860         (WebCore::RTCTrackEvent::create): Deleted.
2861         * Modules/mediastream/RTCTrackEvent.h:
2862         * Modules/speech/SpeechSynthesisEvent.cpp:
2863         (WebCore::SpeechSynthesisEvent::createForBindings):
2864         (WebCore::SpeechSynthesisEvent::create):
2865         (WebCore::SpeechSynthesisEvent::SpeechSynthesisEvent):
2866         * Modules/speech/SpeechSynthesisEvent.h:
2867         * Modules/webaudio/AudioProcessingEvent.cpp:
2868         (WebCore::AudioProcessingEvent::create): Deleted.
2869         * Modules/webaudio/AudioProcessingEvent.h:
2870         (WebCore::AudioProcessingEvent::create):
2871         (WebCore::AudioProcessingEvent::createForBindings):
2872         * Modules/webaudio/OfflineAudioCompletionEvent.cpp:
2873         (WebCore::OfflineAudioCompletionEvent::createForBindings):
2874         (WebCore::OfflineAudioCompletionEvent::create): Deleted.
2875         * Modules/webaudio/OfflineAudioCompletionEvent.h:
2876         * Modules/websockets/CloseEvent.h:
2877         (WebCore::CloseEvent::create):
2878         (WebCore::CloseEvent::createForBindings):
2879         (WebCore::CloseEvent::CloseEvent):
2880         (WebCore::CloseEventInit::CloseEventInit): Deleted.
2881         * bindings/objc/DOM.mm:
2882         (-[DOMNode nextFocusNode]):
2883         (-[DOMNode previousFocusNode]):
2884         * bindings/scripts/CodeGeneratorJS.pm:
2885         (GenerateConstructorDefinition):
2886         * dom/AnimationEvent.cpp:
2887         (WebCore::AnimationEventInit::AnimationEventInit): Deleted.
2888         * dom/AnimationEvent.h:
2889         * dom/BeforeLoadEvent.h:
2890         (WebCore::BeforeLoadEventInit::BeforeLoadEventInit): Deleted.
2891         * dom/ClipboardEvent.h:
2892         * dom/CompositionEvent.cpp:
2893         (WebCore::CompositionEventInit::CompositionEventInit): Deleted.
2894         * dom/CompositionEvent.h:
2895         * dom/CustomEvent.cpp:
2896         (WebCore::CustomEventInit::CustomEventInit): Deleted.
2897         * dom/CustomEvent.h:
2898         * dom/DeviceMotionEvent.h:
2899         * dom/DeviceOrientationEvent.h:
2900         * dom/Document.cpp:
2901         (WebCore::Document::createEvent):
2902         * dom/Element.cpp:
2903         (WebCore::Element::dispatchMouseEvent):
2904         * dom/ErrorEvent.cpp:
2905         (WebCore::ErrorEventInit::ErrorEventInit): Deleted.
2906         * dom/ErrorEvent.h:
2907         * dom/Event.cpp:
2908         (WebCore::EventInit::EventInit): Deleted.
2909         * dom/Event.h:
2910         (WebCore::Event::createForBindings):
2911         (WebCore::Event::create): Deleted.
2912         * dom/FocusEvent.cpp:
2913         (WebCore::FocusEventInit::FocusEventInit): Deleted.
2914         * dom/FocusEvent.h:
2915         * dom/HashChangeEvent.h:
2916         (WebCore::HashChangeEventInit::HashChangeEventInit): Deleted.
2917         * dom/KeyboardEvent.cpp:
2918         (WebCore::KeyboardEvent::KeyboardEvent):
2919         (WebCore::KeyboardEventInit::KeyboardEventInit): Deleted.
2920         * dom/KeyboardEvent.h:
2921         * dom/MessageEvent.cpp:
2922         (WebCore::MessageEvent::MessageEvent):
2923         (WebCore::MessageEventInit::MessageEventInit): Deleted.
2924         * dom/MessageEvent.h:
2925         * dom/MouseEvent.cpp:
2926         (WebCore::MouseEvent::createForBindings):
2927         (WebCore::MouseEvent::create):
2928         (WebCore::MouseEvent::MouseEvent):
2929         (WebCore::MouseEvent::cloneFor):
2930         (WebCore::MouseEventInit::MouseEventInit): Deleted.
2931         * dom/MouseEvent.h:
2932         (WebCore::MouseEvent::createForBindings):
2933         (WebCore::MouseEvent::create): Deleted.
2934         * dom/MouseRelatedEvent.cpp:
2935         (WebCore::MouseRelatedEvent::MouseRelatedEvent):
2936         (WebCore::MouseRelatedEvent::init):
2937         * dom/MouseRelatedEvent.h:
2938         (WebCore::MouseRelatedEvent::screenX):
2939         (WebCore::MouseRelatedEvent::screenY):
2940         (WebCore::MouseRelatedEvent::screenLocation):
2941         (WebCore::MouseRelatedEvent::clientX):
2942         (WebCore::MouseRelatedEvent::clientY):
2943         (WebCore::MouseRelatedEvent::movementX):
2944         (WebCore::MouseRelatedEvent::movementY):
2945         (WebCore::MouseRelatedEvent::clientLocation):
2946         (WebCore::MouseRelatedEvent::isSimulated):
2947         (WebCore::MouseRelatedEvent::absoluteLocation):
2948         (WebCore::MouseRelatedEvent::setAbsoluteLocation):
2949         * dom/MutationEvent.h:
2950         * dom/OverflowEvent.cpp:
2951         (WebCore::OverflowEvent::OverflowEvent):
2952         (WebCore::OverflowEvent::initOverflowEvent):
2953         (WebCore::OverflowEventInit::OverflowEventInit): Deleted.
2954         * dom/OverflowEvent.h:
2955         * dom/PageTransitionEvent.cpp:
2956         (WebCore::PageTransitionEventInit::PageTransitionEventInit): Deleted.
2957         * dom/PageTransitionEvent.h:
2958         * dom/PopStateEvent.cpp:
2959         (WebCore::PopStateEvent::createForBindings):
2960         (WebCore::PopStateEventInit::PopStateEventInit): Deleted.
2961         (WebCore::PopStateEvent::PopStateEvent): Deleted.
2962         (WebCore::PopStateEvent::create): Deleted.
2963         * dom/PopStateEvent.h:
2964         * dom/ProgressEvent.cpp:
2965         (WebCore::ProgressEventInit::ProgressEventInit): Deleted.
2966         * dom/ProgressEvent.h:
2967         (WebCore::ProgressEvent::createForBindings):
2968         (WebCore::ProgressEvent::create): Deleted.
2969         * dom/SecurityPolicyViolationEvent.h:
2970         (WebCore::SecurityPolicyViolationEventInit::SecurityPolicyViolationEventInit): Deleted.
2971         * dom/TextEvent.cpp:
2972         (WebCore::TextEvent::createForBindings):
2973         (WebCore::TextEvent::create): Deleted.
2974         * dom/TextEvent.h:
2975         * dom/TouchEvent.h:
2976         * dom/TransitionEvent.cpp:
2977         (WebCore::TransitionEventInit::TransitionEventInit): Deleted.
2978         * dom/TransitionEvent.h:
2979         * dom/UIEvent.cpp:
2980         (WebCore::UIEventInit::UIEventInit): Deleted.
2981         * dom/UIEvent.h:
2982         (WebCore::UIEvent::createForBindings):
2983         (WebCore::UIEvent::create): Deleted.
2984         * dom/UIEventWithKeyState.h:
2985         (WebCore::UIEventWithKeyState::ctrlKey):
2986         (WebCore::UIEventWithKeyState::shiftKey):
2987         (WebCore::UIEventWithKeyState::altKey):
2988         (WebCore::UIEventWithKeyState::metaKey):
2989         (WebCore::UIEventWithKeyState::UIEventWithKeyState):
2990         * dom/WebKitAnimationEvent.cpp:
2991         (WebCore::WebKitAnimationEventInit::WebKitAnimationEventInit): Deleted.
2992         * dom/WebKitAnimationEvent.h:
2993         * dom/WebKitTransitionEvent.cpp:
2994         (WebCore::WebKitTransitionEventInit::WebKitTransitionEventInit): Deleted.
2995         * dom/WebKitTransitionEvent.h:
2996         * dom/WheelEvent.h:
2997         * html/HTMLMediaElement.cpp:
2998         (WebCore::HTMLMediaElement::mediaPlayerKeyAdded):
2999         (WebCore::HTMLMediaElement::mediaPlayerKeyError):
3000         (WebCore::HTMLMediaElement::mediaPlayerKeyMessage):
3001         (WebCore::HTMLMediaElement::mediaPlayerKeyNeeded):
3002         * html/MediaKeyEvent.cpp:
3003         (WebCore::MediaKeyEvent::MediaKeyEvent):
3004         (WebCore::MediaKeyEventInit::MediaKeyEventInit): Deleted.
3005         * html/MediaKeyEvent.h:
3006         * html/canvas/WebGLContextEvent.cpp:
3007         (WebCore::WebGLContextEventInit::WebGLContextEventInit): Deleted.
3008         * html/canvas/WebGLContextEvent.h:
3009         * html/track/TrackEvent.cpp:
3010         (WebCore::TrackEvent::TrackEvent):
3011         (WebCore::TrackEventInit::TrackEventInit): Deleted.
3012         * html/track/TrackEvent.h:
3013         * html/track/TrackListBase.cpp:
3014         (TrackListBase::scheduleTrackEvent):
3015         (TrackListBase::scheduleChangeEvent):
3016         * page/EventSource.cpp:
3017         (WebCore::EventSource::createMessageEvent):
3018         * page/csp/ContentSecurityPolicy.cpp:
3019         (WebCore::ContentSecurityPolicy::reportViolation):
3020         (WebCore::gatherSecurityPolicyViolationEventData): Deleted.
3021         * storage/StorageEvent.cpp:
3022         (WebCore::StorageEvent::createForBindings):
3023         (WebCore::StorageEventInit::StorageEventInit): Deleted.
3024         (WebCore::StorageEvent::create): Deleted.
3025         * storage/StorageEvent.h:
3026         * svg/SVGZoomEvent.h:
3027         (WebCore::SVGZoomEvent::createForBindings):
3028         (WebCore::SVGZoomEvent::create): Deleted.
3029         * xml/XMLHttpRequestProgressEvent.h:
3030         (WebCore::XMLHttpRequestProgressEvent::createForBindings):
3031         (WebCore::XMLHttpRequestProgressEvent::create): Deleted.
3032
3033 2016-02-10  Ryan Haddad  <ryanhaddad@apple.com>
3034
3035         Rebaselining bindings tests
3036
3037         Unreviewed test gardening.
3038
3039         No new tests needed.
3040
3041         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
3042         * bindings/scripts/test/JS/JSTestCallback.cpp:
3043         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
3044         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
3045         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
3046         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
3047         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
3048         * bindings/scripts/test/JS/JSTestException.cpp:
3049         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
3050         * bindings/scripts/test/JS/JSTestInterface.cpp:
3051         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
3052         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3053         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
3054         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
3055         * bindings/scripts/test/JS/JSTestObj.cpp:
3056         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
3057         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
3058         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3059         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
3060         * bindings/scripts/test/JS/JSattribute.cpp:
3061         * bindings/scripts/test/JS/JSreadonly.cpp:
3062
3063 2016-02-10  Konstantin Tokarev  <annulen@yandex.ru>
3064
3065         [cmake] Consolidate CMake code related to image decoders.
3066         https://bugs.webkit.org/show_bug.cgi?id=154074
3067
3068         Reviewed by Alex Christensen.
3069
3070         Common image decoder sources, includes and libs are moved to
3071         platform/ImageDecoders.cmake.
3072
3073         Also, added include directories of libjpeg and libpng to
3074         WebCore_SYSTEM_INCLUDE_DIRECTORIES.
3075
3076         No new tests needed.
3077
3078         * CMakeLists.txt: Moved common include paths to ImageDecoders.cmake.
3079         * PlatformEfl.cmake: Moved common sources and libs to ImageDecoders.cmake.
3080         * PlatformGTK.cmake: Ditto.
3081         * PlatformWinCairo.cmake: Moved common sources to ImageDecoders.cmake.
3082         * platform/ImageDecoders.cmake: Added.
3083
3084 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
3085
3086         CSSSegmentedFontFace does not need to be reference counted
3087         https://bugs.webkit.org/show_bug.cgi?id=154083
3088
3089         Reviewed by Antti Koivisto.
3090
3091         ...There is only ever a single reference to one.
3092
3093         No new tests because there is no behavior change.
3094
3095         * css/CSSFontSelector.cpp:
3096         (WebCore::CSSFontSelector::getFontFace):
3097         * css/CSSFontSelector.h:
3098         * css/CSSSegmentedFontFace.h:
3099         (WebCore::CSSSegmentedFontFace::create): Deleted.
3100
3101 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
3102
3103         FontCache's clients should use references instead of pointers
3104         https://bugs.webkit.org/show_bug.cgi?id=154085
3105
3106         Reviewed by Antti Koivisto.
3107
3108         They are never null.
3109
3110         No new tests because there is no behavior change.
3111
3112         * css/CSSFontSelector.cpp:
3113         (WebCore::CSSFontSelector::CSSFontSelector):
3114         (WebCore::CSSFontSelector::~CSSFontSelector):
3115         * platform/graphics/FontCache.cpp:
3116         (WebCore::FontCache::addClient):
3117         (WebCore::FontCache::removeClient):
3118         * platform/graphics/FontCache.h:
3119
3120 2016-02-10  Chris Dumez  <cdumez@apple.com>
3121
3122         [Web IDL] interface objects should be Function objects
3123         https://bugs.webkit.org/show_bug.cgi?id=154038
3124         <rdar://problem/24569358>
3125
3126         Reviewed by Geoffrey Garen.
3127
3128         interface objects should be Function objects as per Web IDL:
3129         - http://heycam.github.io/webidl/#interface-object
3130         - http://heycam.github.io/webidl/#es-interfaces
3131
3132         So window.Event should be a Function object for e.g. but in WebKit it
3133         is a regular EventConstructor JSObject.
3134         Firefox and Chrome match the specification.
3135
3136         Test: js/interface-objects.html
3137
3138         * bindings/js/JSDOMBinding.cpp:
3139         (WebCore::callThrowTypeError):
3140         (WebCore::DOMConstructorObject::getCallData):
3141         When calling the interface object as a function, we throw a TypeError
3142         with a message asking to use the 'new' operator to match the behavior
3143         of Firefox and Chrome.
3144
3145         * bindings/js/JSDOMBinding.h:
3146         Add JSC::TypeOfShouldCallGetCallData structure flag and implement
3147         getCallData() so that typeof returns "function", as per the
3148         specification and the behavior of other browsers.
3149
3150         (WebCore::DOMConstructorObject::className):
3151         Implement className() and return "Function" to match the specification and
3152         other browsers. Otherwise, it would fall back to using ClassInfo::className
3153         which os the function name and interface name (e.g. "Event").
3154
3155         * bindings/js/JSDOMConstructor.h:
3156         (WebCore::JSDOMConstructorNotConstructable::callThrowTypeError):
3157         (WebCore::JSDOMConstructorNotConstructable::getCallData):
3158         As per the specification, interfaces that do not have a [Constructor]
3159         should throw a TypeError when called as a function. Use the "Illegal
3160         constructor" error message to match Firefox and Chrome.
3161
3162         * bindings/js/JSDOMGlobalObject.h:
3163         (WebCore::getDOMConstructor):
3164         Instead of using objectPrototype as prototype for all DOM constructors,
3165         we now call the prototypeForStructure() static function that is
3166         generated for each bindings class. As per the Web IDL specification,
3167         The [[Prototype]] internal property of an interface object for a
3168         non-callback interface is determined as follows:
3169         1. If the interface inherits from some other interface, the value of
3170            [[Prototype]] is the interface object for that other interface.
3171         2. If the interface doesn't inherit from any other interface, the value
3172            of [[Prototype]] is %FunctionPrototype% ([ECMA-262], section 6.1.7.4).
3173
3174         * bindings/js/JSImageConstructor.cpp:
3175         (WebCore::JSImageConstructor::prototypeForStructure):
3176         Have the Image's interface object use HTMLElement's interface object
3177         as prototype as HTMLImageElement inherits HTMLElement.
3178
3179         * bindings/scripts/CodeGenerator.pm:
3180         (getInterfaceExtendedAttributesFromName):
3181         Add a utility function to cheaply retrieve an interface's IDL extended
3182         attributes without actually parsing the IDL. This is used to check if
3183         an interface's parent is marked as [NoInterfaceObject] currently.
3184
3185         * bindings/scripts/CodeGeneratorJS.pm:
3186         (GenerateHeader):
3187         (GenerateImplementation):
3188         (GenerateCallbackHeader):
3189         (GenerateCallbackImplementation):
3190         Mark JSGlobalObject* parameter as const as the implementation does not
3191         alter the globalObject.
3192
3193         (GenerateConstructorHelperMethods):
3194         - Generate prototypeForStructure() function for each bindings class that
3195           is not marked as [NoInterfaceObject] so getDOMConstructor() knows which
3196           prototype to use for the interface object / constructor when constructing
3197           it.
3198         - Use the interface name for the interface object, without the "Constructor"
3199           suffix, to match the behavior of Firefox and Chrome.
3200
3201         * bindings/scripts/test/*:
3202         Rebaseline bindings tests.
3203
3204 2016-02-10  Jer Noble  <jer.noble@apple.com>
3205
3206         [Mac] Graphical corruption in videos when enabling custom loading path
3207         https://bugs.webkit.org/show_bug.cgi?id=154044
3208
3209         Reviewed by Alex Christensen.
3210
3211         Revert the "Drive-by fix" in r196345 as it breaks the WebCoreNSURLSessionTests.BasicOperation API test.
3212
3213         * platform/network/cocoa/WebCoreNSURLSession.mm:
3214         (-[WebCoreNSURLSessionDataTask resource:receivedData:length:]):
3215
3216 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
3217
3218         CSSSegmentedFontFace does not need to be reference counted
3219         https://bugs.webkit.org/show_bug.cgi?id=154083
3220
3221         Reviewed by Antti Koivisto.
3222
3223         ...There is only ever a single reference to one.
3224
3225         No new tests because there is no behavior change.
3226
3227         * css/CSSFontSelector.cpp:
3228         (WebCore::CSSFontSelector::getFontFace):
3229         * css/CSSFontSelector.h:
3230         * css/CSSSegmentedFontFace.h:
3231         (WebCore::CSSSegmentedFontFace::create): Deleted.
3232
3233 2016-02-10  Antti Koivisto  <antti@apple.com>
3234
3235         Optimize style invalidation after class attribute change
3236         https://bugs.webkit.org/show_bug.cgi?id=154075
3237         rdar://problem/12526450
3238
3239         Reviewed by Andreas Kling.
3240
3241         Currently a class attribute change invalidates style for the entire element subtree for any class found in the
3242         active stylesheet set.
3243
3244         This patch optimizes class changes by building a new optimization structure called ancestorClassRules. It contains
3245         rules that have class selectors in the portion of the complex selector that matches ancestor elements. The sets
3246         of rules are hashes by the class name.
3247
3248         On class attribute change the existing StyleInvalidationAnalysis mechanism is used with ancestorClassRules to invalidate
3249         exactly those descendants that are affected by the addition or removal of the class name. This is fast because the CSS JIT
3250         makes selector matching cheap and the number of relevant rules is typically small.
3251
3252         This optimization is very effective on many dynamic pages. For example when focusing and unfocusing the web inspector it
3253         cuts down the number of resolved elements from ~1000 to ~50. Even in PLT it reduces the number of resolved elements by ~11%.
3254
3255         * css/DocumentRuleSets.cpp:
3256         (WebCore::DocumentRuleSets::collectFeatures):
3257         (WebCore::DocumentRuleSets::ancestorClassRules):
3258
3259             Create optimization RuleSets on-demand when there is an actual dynamic class change.
3260
3261         * css/DocumentRuleSets.h:
3262         (WebCore::DocumentRuleSets::features):
3263         (WebCore::DocumentRuleSets::sibling):
3264         (WebCore::DocumentRuleSets::uncommonAttribute):
3265         * css/ElementRuleCollector.cpp:
3266         (WebCore::ElementRuleCollector::ElementRuleCollector):
3267
3268             Add a new constructor that doesn't requires DocumentRuleSets. Only the user and author style is required.
3269
3270         (WebCore::ElementRuleCollector::matchAuthorRules):
3271         (WebCore::ElementRuleCollector::matchUserRules):
3272         * css/ElementRuleCollector.h:
3273         * css/RuleFeature.cpp:
3274         (WebCore::RuleFeatureSet::recursivelyCollectFeaturesFromSelector):
3275
3276             Collect class names that show up in the ancestor portion of the selector.
3277             Make this a member.
3278
3279         (WebCore::RuleFeatureSet::collectFeatures):
3280
3281             Move this code from RuleData.
3282             Add the rule to ancestorClassRules if needed.
3283
3284         (WebCore::RuleFeatureSet::add):
3285         (WebCore::RuleFeatureSet::clear):
3286         (WebCore::RuleFeatureSet::shrinkToFit):
3287         (WebCore::recursivelyCollectFeaturesFromSelector): Deleted.
3288         (WebCore::RuleFeatureSet::collectFeaturesFromSelector): Deleted.
3289         * css/RuleFeature.h:
3290         (WebCore::RuleFeature::RuleFeature):
3291         (WebCore::RuleFeatureSet::RuleFeatureSet): Deleted.
3292         * css/RuleSet.cpp:
3293         (WebCore::RuleData::RuleData):
3294         (WebCore::RuleSet::RuleSet):
3295         (WebCore::RuleSet::~RuleSet):
3296         (WebCore::RuleSet::addToRuleSet):
3297         (WebCore::RuleSet::addRule):
3298         (WebCore::RuleSet::addRulesFromSheet):
3299         (WebCore::collectFeaturesFromRuleData): Deleted.
3300         * css/RuleSet.h:
3301         (WebCore::RuleSet::tagRules):
3302         (WebCore::RuleSet::RuleSet): Deleted.
3303         * css/StyleInvalidationAnalysis.cpp:
3304         (WebCore::shouldDirtyAllStyle):
3305         (WebCore::StyleInvalidationAnalysis::StyleInvalidationAnalysis):
3306
3307             Add a new constructor that takes a ready made RuleSet instead of a stylesheet.
3308
3309         (WebCore::StyleInvalidationAnalysis::invalidateIfNeeded):
3310         (WebCore::StyleInvalidationAnalysis::invalidateStyleForTree):
3311         (WebCore::StyleInvalidationAnalysis::invalidateStyle):
3312         (WebCore::StyleInvalidationAnalysis::invalidateStyle):
3313
3314             New function for invalidating a subtree instead of the whole document.
3315
3316         * css/StyleInvalidationAnalysis.h:
3317         (WebCore::StyleInvalidationAnalysis::dirtiesAllStyle):
3318         (WebCore::StyleInvalidationAnalysis::hasShadowPseudoElementRulesInAuthorSheet):
3319         * dom/Element.cpp:
3320         (WebCore::classStringHasClassName):
3321         (WebCore::collectClasses):
3322         (WebCore::computeClassChange):
3323
3324             Factor to return the changed classes.
3325
3326         (WebCore::invalidateStyleForClassChange):
3327
3328             First filter out classes that don't show up in stylesheets. If something remains invalidate the current
3329             element for inline style change (that is a style change that doesn't affect descendants).
3330
3331             Next check if there are any ancestorClassRules for the changed class. If so use the StyleInvalidationAnalysis
3332             to find any affected descendants and invalidate them with inline style change as well.
3333
3334         (WebCore::Element::classAttributeChanged):
3335
3336             Invalidate for removed classes before setting new attribute value, invalidate for added classes afterwards.
3337
3338         (WebCore::Element::absoluteLinkURL):
3339         (WebCore::checkSelectorForClassChange): Deleted.
3340         * dom/ElementData.h:
3341         (WebCore::ElementData::setClassNames):
3342         (WebCore::ElementData::classNames):
3343         (WebCore::ElementData::classNamesMemoryOffset):
3344         (WebCore::ElementData::clearClass): Deleted.
3345         (WebCore::ElementData::setClass): Deleted.
3346
3347 2016-02-10  Myles C. Maxfield  <mmaxfield@apple.com>
3348
3349         Addressing post-review comments after r196322
3350
3351         Unreviwed.
3352
3353         * css/CSSFontFaceSource.cpp:
3354         (WebCore::CSSFontFaceSource::font):
3355         * css/CSSFontFaceSource.h:
3356
3357 2016-02-10  Chris Dumez  <cdumez@apple.com>
3358
3359         Attributes on the Window instance should be configurable unless [Unforgeable]
3360         https://bugs.webkit.org/show_bug.cgi?id=153920
3361         <rdar://problem/24563211>
3362
3363         Reviewed by Darin Adler.
3364
3365         Attributes on the Window instance should be configurable unless [Unforgeable]:
3366         1. 'constructor' property:
3367            - http://www.w3.org/TR/WebIDL/#interface-prototype-object
3368         2. Constructor properties (e.g. window.Node):
3369            - http://www.w3.org/TR/WebIDL/#es-interfaces
3370         3. IDL attributes:
3371            - http://heycam.github.io/webidl/#es-attributes (configurable unless
3372              [Unforgeable], e.g. window.location)
3373
3374         Firefox complies with the WebIDL specification but WebKit does not for 1. and 3.
3375
3376         Test: fast/dom/Window/window-properties-configurable.html
3377
3378         * bindings/js/JSDOMWindowCustom.cpp:
3379         (WebCore::JSDOMWindow::getOwnPropertySlot):
3380         For known Window properties (i.e. properties in the static property table),
3381         if we have reified and this is same-origin access, then call
3382         Base::getOwnPropertySlot() to get the property from the local property
3383         storage. If we have not reified yet, or this is cross-origin access, query
3384         the static property table. This is to match the behavior of Firefox and
3385         Chrome which seem to keep returning the original properties upon cross
3386         origin access, even if those were deleted or redefined.
3387
3388         (WebCore::JSDOMWindow::put):
3389         The previous code used to call the static property setter for properties in
3390         the static table. However, this does not do the right thing if properties
3391         were reified. For example, deleting window.name and then trying to set it
3392         again would not work. Therefore, update this code to only do this if the
3393         properties have not been reified, similarly to what is done in
3394         JSObject::putInlineSlow().
3395
3396         * bindings/scripts/CodeGeneratorJS.pm:
3397         (ConstructorShouldBeOnInstance):
3398         Add a FIXME comment indicating that window.constructor should be on
3399         the prototype as per the Web IDL specification.
3400
3401         (GenerateAttributesHashTable):
3402         - Mark 'constructor' property as configurable for Window, as per the
3403           specification and consistently with other 'constructor' properties:
3404           http://www.w3.org/TR/WebIDL/#interface-prototype-object
3405         - Mark properties as configurable even though they are on the instance.
3406           Window has its properties on the instance as per the specification:
3407           1. http://heycam.github.io/webidl/#es-attributes
3408           2. http://heycam.github.io/webidl/#PrimaryGlobal (window is [PrimaryGlobal]
3409           However, these properties should be configurable as long as they are
3410           not marked as [Unforgeable], as per 1.
3411
3412         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
3413         * bindings/scripts/test/JS/JSTestException.cpp:
3414         * bindings/scripts/test/JS/JSTestObj.cpp: