7b8fe3e5c5db4e33efcb210169b06856944e2993
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-08-05  Kentaro Hara  <haraken@chromium.org>
2
3         [V8] Move V8Proxy methods that set DOM attributes/callbacks to V8Binding
4         https://bugs.webkit.org/show_bug.cgi?id=93103
5
6         Reviewed by Adam Barth.
7
8         To remove V8Proxy, we can move V8Proxy methods that set DOM
9         attributes/callbacks to V8Binding.
10
11         No tests. No change in behavior.
12
13         * bindings/v8/V8Binding.cpp:
14         (WebCore::batchConfigureAttributes):
15         (WebCore):
16         (WebCore::batchConfigureCallbacks):
17         (WebCore::batchConfigureConstants):
18         * bindings/v8/V8Binding.h:
19         (BatchedAttribute):
20         (WebCore):
21         (WebCore::configureAttribute):
22         (BatchedConstant):
23         (BatchedCallback):
24         * bindings/v8/V8Proxy.cpp:
25         * bindings/v8/V8Proxy.h:
26         (WebCore):
27
28 2012-08-05  Kentaro Hara  <haraken@chromium.org>
29
30         [V8] Remove V8Proxy::registerExtensionWithV8()
31         https://bugs.webkit.org/show_bug.cgi?id=93115
32
33         Reviewed by Adam Barth.
34
35         V8Proxy::registerExtensionWithV8() is used by V8Proxy::registerExtension()
36         only. We can remove the redundant method.
37
38         In a follow-up patch, I will implement V8Proxy::registerExtentionIfNeeded()
39         and remove registerExtensionWithV8() and registerExtension().
40
41         No tests. No change in behavior.
42
43         * bindings/v8/V8Proxy.cpp:
44         (WebCore::staticExtensionsList): Just moved to near related methods.
45         (WebCore):
46         (WebCore::V8Proxy::extensions):
47         (WebCore::V8Proxy::registerExtension):
48         * bindings/v8/V8Proxy.h:
49         (V8Proxy):
50
51 2012-08-05  Kentaro Hara  <haraken@chromium.org>
52
53         [V8] Remove unused enum and typedefs in V8Proxy
54         https://bugs.webkit.org/show_bug.cgi?id=93105
55
56         Reviewed by Adam Barth.
57
58         In preparation for removing V8Proxy, we can remove unused enum
59         and typedefs in V8Proxy.
60
61         No tests. No change in behavior.
62
63         * bindings/v8/V8Proxy.cpp:
64         * bindings/v8/V8Proxy.h:
65         (WebCore::throwError):
66
67 2012-08-04  Dan Bernstein  <mitz@apple.com>
68
69         <rdar://problem/11875795> REGRESSION (tiled drawing): Page’s scroll bars flash with each character you type in a textarea (affects Wikipedia and YouTube)
70         https://bugs.webkit.org/show_bug.cgi?id=91348
71
72         Reviewed by Andy Estes.
73
74         * platform/ScrollableArea.cpp:
75         (WebCore::ScrollableArea::scrollPositionChanged): Changed to call notifyContentAreaScrolled()
76         only if the scroll position after the change differs from what it was before the change.
77         * rendering/RenderListBox.cpp:
78         (WebCore::RenderListBox::scrollPosition): Added an override of this ScrollableArea function.
79         * rendering/RenderListBox.h:
80
81 2012-08-04  Ami Fischman  <fischman@chromium.org>
82
83         HTMLMediaElement may fire the seeked event before currentTime reaches the seek time
84         https://bugs.webkit.org/show_bug.cgi?id=92881
85
86         Reviewed by Eric Carlson.
87
88         Testing provided by media/video-seek-past-end-paused.html, hopefully demonstrating lack of redness on all ports/bots this time.
89
90         * html/HTMLMediaElement.cpp:
91         (WebCore::HTMLMediaElement::mediaPlayerTimeChanged): don't finishSeek() until the media player is no longer seeking.
92
93 2012-08-04  Dan Bernstein  <mitz@apple.com>
94
95         Tried to fix the Qt Windows build after r124654.
96
97         * platform/graphics/SimpleFontData.cpp:
98         (WebCore::SimpleFontData::glyphForCharacter): Enclosed this function in
99         #if !(PLATFORM(QT) && !HAVE(QRAWFONT)).
100
101 2012-08-04  Mike West  <mkwst@chromium.org>
102
103         Refactor SubframeLoader::requestPlugin/loadPlugin for clarity.
104         https://bugs.webkit.org/show_bug.cgi?id=93138
105
106         Reviewed by Adam Barth.
107
108         SubframeLoader::requestPlugin and SubframeLoader::loadPlugin both do a
109         variety of checks to determine whether or not a specific resource ought
110         to instantiate a plugin in a specific context. r124636[1] moved one of
111         those checks, but there doesn't seem to be a clear way to determine
112         which checks should be performed where.
113
114         This patch refactors the checks out of those two methods for clarity,
115         moving them all into a new method: SubframeLoader::pluginIsLoadable.
116         That method requires the resource URL and MIME type, as well as the
117         `object` or `embed` element that owns this bit of rendering. The URL
118         and type are used directly to determine availability, while the element
119         is currently used only to create a renderer on which
120         setPluginUnavailabilityReason can be called if the plugin is blocked by
121         Content Security Policy.
122
123         This patch introduces no new tests, as it shouldn't change the code's
124         behavior: it should be a straightforward refactoring without web-visible
125         side-effects.
126
127         [1]: http://trac.webkit.org/changeset/124636
128
129         * loader/SubframeLoader.cpp:
130         (WebCore::SubframeLoader::pluginIsLoadable):
131             A new method that extracts the various 'Should we allow this plugin
132             in this context?' checks from requestPlugin and loadPlugin into ine
133             location, rather than spreading them across both.
134         (WebCore):
135         (WebCore::SubframeLoader::requestPlugin):
136         (WebCore::SubframeLoader::loadPlugin):
137         * loader/SubframeLoader.h:
138         (SubframeLoader):
139
140 2012-08-04  John J. Barton  <johnjbarton@chromium.org>
141
142         Web Inspector: filteredItemSelectionDialog.css has wrong selector for highlights
143         https://bugs.webkit.org/show_bug.cgi?id=93168
144
145         Reviewed by Pavel Feldman.
146
147         Selector required span to be a child, but highlights are themselves span. Used descendent selector.
148         No new tests: I'll make one next week, to go with bug 93166
149
150         * inspector/front-end/filteredItemSelectionDialog.css:
151         (.js-outline-dialog > .container > div.item span.highlight):
152
153 2012-08-03  Robert Hogan  <robert@webkit.org>
154
155         CSS 2.1 failure: overflow-applies-to-001 fails
156         https://bugs.webkit.org/show_bug.cgi?id=93148
157
158         Reviewed by Eric Seidel.
159
160         Overflow no longer applies to table-rows or table-row-groups, it only applies
161         to block containers: http://www.w3.org/TR/CSS21/visufx.html#overflow
162
163         Tests:  css2.1/20110323/overflow-applies-to-001.htm
164                 css2.1/20110323/overflow-applies-to-002.htm
165                 css2.1/20110323/overflow-applies-to-003.htm
166                 css2.1/20110323/overflow-applies-to-004.htm
167                 css2.1/20110323/overflow-applies-to-005.htm
168                 css2.1/20110323/overflow-applies-to-006.htm
169                 css2.1/20110323/overflow-applies-to-007.htm
170                 css2.1/20110323/overflow-applies-to-008.htm
171                 css2.1/20110323/overflow-applies-to-009.htm
172                 css2.1/20110323/overflow-applies-to-010.htm
173                 css2.1/20110323/overflow-applies-to-012.htm
174                 css2.1/20110323/overflow-applies-to-013.htm
175                 css2.1/20110323/overflow-applies-to-014.htm
176                 css2.1/20110323/overflow-applies-to-015.htm
177
178         * rendering/RenderBox.cpp:
179         (WebCore::RenderBox::updateBoxModelInfoFromStyle):
180
181 2012-08-04  Adam Barth  <abarth@webkit.org>
182
183         BindingSecurity::shouldAllowAccessToNode shouldn't detour through Frame to find the node's document
184         https://bugs.webkit.org/show_bug.cgi?id=93140
185
186         Reviewed by Eric Seidel.
187
188         Previously, shouldAllowAccessToNode took a detour through the Frame to
189         find the Document associated with a given Node. That's crazy! Nodes
190         already know their documents. This patch removes the detour.
191
192         It's theoretically possible that this patch changes behavior in the
193         case where the Frame is 0, but I couldn't find any situations in which
194         we call this function on nodes in inactive documents because the
195         typical way you find a node worth checking security on is via
196         a JavaScript window object.
197
198         * bindings/generic/BindingSecurity.cpp:
199         (WebCore::canAccessDocument):
200         (WebCore::BindingSecurity::shouldAllowAccessToNode):
201         (WebCore::BindingSecurity::allowSettingFrameSrcToJavascriptUrl):
202
203 2012-08-04  Adam Barth  <abarth@webkit.org>
204
205         [V8] Re-wire "target" half of the same-origin security check through Document rather than DOMWindow
206         https://bugs.webkit.org/show_bug.cgi?id=93079
207
208         Reviewed by Eric Seidel.
209
210         Before this patch, we were traversing from Nodes to Frames to
211         DOMWindows to SecurityOrigins when determing the "target" of an
212         operation for the same-origin policy security check. Rather than
213         detouring through DOMWindow, these security checks should operate in
214         terms of ScriptExecutionContexts (aka Documents) because that's the
215         canonical place we store SecurityOrigin objects.
216
217         A future patch will re-wire the "active" part of the security check to
218         use ScriptExecutionContexts as well and we'll be able to remove the
219         extra copy of SecurityOrigin that we keep in DOMWindow.
220
221         * bindings/generic/BindingSecurity.cpp:
222         (WebCore::canAccessDocument):
223         (WebCore::BindingSecurity::canAccessFrame):
224         (WebCore::BindingSecurity::shouldAllowAccessToNode):
225         * bindings/v8/BindingState.cpp:
226         (WebCore::immediatelyReportUnsafeAccessTo):
227         * bindings/v8/BindingState.h:
228         (WebCore):
229         * bindings/v8/V8DOMWindowShell.cpp:
230         (WebCore::reportUnsafeJavaScriptAccess):
231         * bindings/v8/V8Proxy.cpp:
232         (WebCore::V8Proxy::reportUnsafeAccessTo):
233         * bindings/v8/V8Proxy.h:
234         (V8Proxy):
235
236 2012-08-03  Adam Barth  <abarth@webkit.org>
237
238         Disabling eval changes the timing of DidCreateScriptContext
239         https://bugs.webkit.org/show_bug.cgi?id=92189
240
241         Reviewed by Eric Seidel.
242
243         When we implemented Content-Security-Policy, we added the ability to
244         disable eval in the JavaScript engine. However, when we process the
245         Content-Security-Policy header, we might not have initialized the
246         script context for the given frame.
247
248         Previously, we would initialize the context, but that generates a
249         DidCreateScriptContext callback to the embedder earlier in the Document's
250         lifetime that before. A natural thing to do in this callback is to run
251         script to customize the script context, but Document isn't fully
252         initialized yet, which leads to odd bugs and general confusion.
253
254         In this patch, we delay actually disabling eval until we would have
255         created the scripting context previously. From the perspective of the
256         web platform, this has the same behavior. The only difference is that
257         now the DidCreateScriptContext notification occurs at the same time
258         regardless of whether Content-Security-Policy disables eval.
259
260         I tried to write a test for this change, but it was unclear to me how
261         to write a good test. I tried writing a Chromium WebKit unit test to no
262         avail. The good news is that this patch will be covered by the
263         PlatformAppBrowserTest.Iframes test in Chromium once
264         https://bugs.webkit.org/show_bug.cgi?id=93079 lands. That's not the
265         best way to test this change, but it might be sufficient.
266
267         * bindings/js/ScriptController.cpp:
268         (WebCore::ScriptController::initScript):
269         (WebCore::ScriptController::disableEval):
270         * bindings/v8/ScriptController.cpp:
271         (WebCore::ScriptController::enableEval):
272         (WebCore::ScriptController::disableEval):
273         * bindings/v8/V8DOMWindowShell.cpp:
274         (WebCore::V8DOMWindowShell::initContextIfNeeded):
275
276 2012-08-03  James Robinson  <jamesr@chromium.org>
277
278         [chromium] Stop relying on implicit WebFoo <-> WebCore conversion operators in compositor
279         https://bugs.webkit.org/show_bug.cgi?id=93169
280
281         Reviewed by Adrienne Walker.
282
283         This removes the compositor's reliance on implicit conversion operators from Web* types to WebKit-internal
284         types, specifically WebRect <-> WebCore::IntRect and WebString <-> WTF::String.
285
286         * platform/graphics/chromium/CanvasLayerTextureUpdater.cpp:
287         (WebCore::CanvasLayerTextureUpdater::paintContents):
288         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.cpp:
289         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::updateTextureRect):
290         * platform/graphics/chromium/LayerRendererChromium.cpp:
291         (WebCore::LayerRendererChromium::getFramebufferPixels):
292         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
293         (WebCore::ScrollbarLayerChromium::setTexturePriorities):
294         (WebCore::ScrollbarLayerChromium::update):
295         * platform/graphics/chromium/cc/CCFontAtlas.cpp:
296         (WebCore::CCFontAtlas::drawOneLineOfTextInternal):
297         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
298         (WebCore::CCHeadsUpDisplayLayerImpl::drawFPSCounter):
299         (WebCore::CCHeadsUpDisplayLayerImpl::drawDebugRects):
300         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
301         (WebCore::toUVRect):
302         (WebCore::CCScrollbarLayerImpl::appendQuads):
303         (WebCore::CCScrollbarLayerImpl::CCScrollbar::size):
304
305 2012-08-03  Michael Nordman  <michaeln@google.com>
306
307         [Chromium] Cross-thread-copy a couple more recently added ResourceResponse data members, apparently
308         these got missed when they were added. And fix a bug with how the m_remoteIPAddress
309         data member is handled, an isolatedCopy() is needed for thread safety.
310         https://bugs.webkit.org/show_bug.cgi?id=93158
311
312         Reviewed by David Levin.
313
314         No new tests, minor cleanup.
315
316         * platform/network/chromium/ResourceResponse.cpp:
317         (WebCore::ResourceResponse::doPlatformCopyData): make deep copies
318         (WebCore::ResourceResponse::doPlatformAdopt): take ownership of them
319         * platform/network/chromium/ResourceResponse.h:
320         (ResourceResponse):
321         (CrossThreadResourceResponseData):
322
323 2012-08-03  Florin Malita  <fmalita@chromium.org>
324
325         [SVG] Tref target event listener cleanup
326         https://bugs.webkit.org/show_bug.cgi?id=93004
327
328         Reviewed by Abhishek Arya.
329
330         Currently SVGTRefElement allocates event listeners dynamically as it attaches to its
331         targets. Synchronizing the lifetime of the target listener vs. the tref element is
332         error prone, as various events can stack and trigger nested handlers.
333
334         In order to reduce complexity and address a couple of outstanding issues, this patch
335         changes the way event listeners are allocated: only one target listener is created
336         for the lifetime of the SVGTRefElement, and gets reused if the target element changes.
337
338         Test: svg/custom/tref-nested-events-crash.svg
339
340         * dom/EventListener.h:
341         Added new <tref> target event listener type.
342         * svg/SVGTRefElement.cpp:
343         (WebCore):
344         (WebCore::SVGTRefTargetEventListener::create):
345         (WebCore::SVGTRefTargetEventListener::cast):
346         (SVGTRefTargetEventListener):
347         (WebCore::SVGTRefTargetEventListener::isAttached):
348         (WebCore::SVGTRefTargetEventListener::SVGTRefTargetEventListener):
349         (WebCore::SVGTRefTargetEventListener::attach):
350         (WebCore::SVGTRefTargetEventListener::detach):
351         (WebCore::SVGTRefTargetEventListener::operator==):
352         (WebCore::SVGTRefTargetEventListener::handleEvent):
353         No need to check m_trefElement anymore - the listener is allocated for the whole element
354         lifetime, detached when the element is removed and deallocated when the element is
355         destroyed.
356         (WebCore::SVGTRefElement::SVGTRefElement):
357         Allocate one target listener per element, at construction time.
358         (WebCore::SVGTRefElement::~SVGTRefElement):
359         Detach the listener if necessary.
360         (WebCore::SVGTRefElement::detachTarget):
361         Check whether the element is still in document after updating the text (may have been
362         removed by event handlers).
363         (WebCore::SVGTRefElement::buildPendingResource):
364         Attach the event listener before updating the text content to avoid racing with event
365         handlers (which can remove the element).
366         (WebCore::SVGTRefElement::removedFrom):
367         * svg/SVGTRefElement.h:
368         (WebCore):
369         (SVGTRefElement):
370
371 2012-08-03  Michael Saboff  <msaboff@apple.com>
372
373         Convert HTML parser to handle 8-bit resources without converting to UChar*
374         https://bugs.webkit.org/show_bug.cgi?id=90321
375
376         Reviewed by Adam Barth.
377
378         No new tests, no new functionality therefore covered by existing tests.
379
380         Changed the parsing of HTML to handle 8-bit strings without converting the 
381         whole string to 16-bits.  Primary change was to use the appropriate 
382         character pointer type (LChar* or UChar*) depending on the source string.
383         This access is abstracted in SegmentedSubstring by getCurrentChar{8,16} and
384         incrementAndGetCurrentChar{8,16} methods.  In SegmentedString, the advance()
385         and advanceAndUpdateLineNumber() methods have been refactored into a
386         state machine managed pair of function pointers.  The possible functions
387         have not only the 8 and 16 bitness factored out, they also have the 
388         "exclude line numbers" logic factored out for advanceAndUpdateLineNumber().
389         This change also has improvements over http://trac.webkit.org/changeset/123679.
390         The most prominent change was to inline the 8 bit paths for both advance()
391         and advanceAndUpdateLineNumber().
392         This provides a net speed-up even with the 8/16 bit testing.
393         Other changes involve using String methods to access and compare with the
394         source data.
395
396         * html/FTPDirectoryDocument.cpp:
397         (WebCore::FTPDirectoryDocumentParser::append): Changed to use currentChar()
398         instead of SegmentedString '*' operator.
399         * html/parser/HTMLEntityParser.cpp: Changed to use currentChar() instead of
400         SegmentedString '*' operator.
401         * html/parser/HTMLParserIdioms.cpp:
402         (WebCore::stripLeadingAndTrailingHTMLSpaces): Added 8-bit fast path.
403         * html/parser/HTMLSourceTracker.cpp:
404         (WebCore::HTMLSourceTracker::sourceForToken): Changed to use currentChar() instead of
405         SegmentedString '*' operator.
406         * loader/cache/CachedScript.cpp:
407         (WebCore::CachedScript::script): Updated to use new String::dataSize() method.
408         * platform/text/SegmentedString.cpp:
409         (WebCore::SegmentedString::SegmentedString):
410         (WebCore::SegmentedString::operator=):
411         (WebCore::SegmentedString::clear):
412         (WebCore::SegmentedString::append):
413         (WebCore::SegmentedString::prepend):
414         (WebCore::SegmentedString::advanceSubstring):
415         (WebCore::SegmentedString::advance):
416         (WebCore::SegmentedString::advance8): Fast path advance function for 8 bit data.
417         (WebCore::SegmentedString::advance16): Fast path advance function for 16 bit data.
418         (WebCore::SegmentedString::advanceAndUpdateLineNumber8): Fast path
419         advanceAndUpdateLineNumber for 8 bit data when we need to update the line number.
420         (WebCore::SegmentedString::advanceAndUpdateLineNumber16): Fast path
421         advanceAndUpdateLineNumber for 16 bit data when we need to update the line number.
422         (WebCore::SegmentedString::advanceSlowCase): Slow case advance function for both
423         8 and 16 bit advance.
424         (WebCore::SegmentedString::advanceAndUpdateLineNumberSlowCase): Slow case
425         advanceAndUpdateLineNumber function for both 8 and 16 bit data.
426         (WebCore::SegmentedString::advanceEmpty): Advance function when input has been exhausted.
427         (WebCore::SegmentedString::updateSlowCaseFunctionPointers): Set advance function
428         pointers to slow case functions.
429         * platform/text/SegmentedString.h:
430         (WebCore::SegmentedSubstring::SegmentedSubstring):
431         (WebCore::SegmentedSubstring::clear):
432         (SegmentedSubstring):
433         (WebCore::SegmentedSubstring::is8Bit): New getter.
434         (WebCore::SegmentedSubstring::appendTo):
435         (WebCore::SegmentedSubstring::getCurrentChar8): New getter for the 8 bit case.
436         (WebCore::SegmentedSubstring::getCurrentChar16): New getter for the 16 bit case.
437         (WebCore::SegmentedSubstring::incrementAndGetCurrentChar8): New wrapper functions
438         that pre-increments the 8 bit pointer and returns the next character.
439         (WebCore::SegmentedSubstring::incrementAndGetCurrentChar16): New wrapper functions
440         that pre-increments the 16 bit pointer and returns the next character.
441         (WebCore::SegmentedSubstring::currentSubString):
442         (WebCore::SegmentedSubstring::getCurrentChar):
443         (WebCore::SegmentedSubstring::incrementAndGetCurrentChar):
444         (WebCore::SegmentedString::SegmentedString):
445         (WebCore::SegmentedString::push):
446         (WebCore::SegmentedString::isEmpty):
447         (WebCore::SegmentedString::lookAhead):
448         (WebCore::SegmentedString::lookAheadIgnoringCase):
449         (WebCore::SegmentedString::advance): Wrapper that contains 8 bit fast path
450         or calls via member function point to approriate advance() flavor.
451         (WebCore::SegmentedString::advanceAndUpdateLineNumber): Wrapper that
452         contains 8 bit fast path or calls via member function point to approriate
453         advance() flavor.
454         (WebCore::SegmentedString::advanceAndASSERT):
455         (WebCore::SegmentedString::advanceAndASSERTIgnoringCase):
456         (WebCore::SegmentedString::advancePastNonNewline):
457         (WebCore::SegmentedString::advancePastNewlineAndUpdateLineNumber):
458         (WebCore::SegmentedString::currentChar):
459         (WebCore::SegmentedString::decrementAndCheckLength): Decrement substring length and
460         change to slow case functions when only one character left.
461         (WebCore::SegmentedString::updateAdvanceFunctionPointers): Select appropriate
462         advance functions based on current substring.
463         (WebCore::SegmentedString::lookAheadInline): Changed to use String::startsWith().
464         (WebCore::SegmentedString::lookAheadSlowCase):
465         * xml/parser/CharacterReferenceParserInlineMethods.h:
466         (WebCore::consumeCharacterReference): Changed to use currentChar() instead of
467         SegmentedString '*' operator.
468         * xml/parser/MarkupTokenizerBase.h:
469         (WebCore::MarkupTokenizerBase::InputStreamPreprocessor::nextInputCharacter):
470         (WebCore::MarkupTokenizerBase::InputStreamPreprocessor::peek): Changed to use
471         currentChar() instead of SegmentedString '*' operator.
472         (WebCore::MarkupTokenizerBase::InputStreamPreprocessor::advance):
473
474 2012-08-03  Arnaud Renevier  <a.renevier@sisa.samsung.com>
475
476         Update TypedArrays to throw RangeError or similar instead of INDEX_SIZE_ERR
477         https://bugs.webkit.org/show_bug.cgi?id=45118
478
479         Reviewed by Kenneth Russell.
480
481         Update TypedArrays to raise JavaScript RangeError instead of dom
482         INDEX_SIZE_ERR exceptions. Also, update TypedArrays to raise TypeError
483         instead of JavaScript SyntaxError or dom exceptions SYNTAX_ERR when
484         calling set method with invalid arguments.
485
486         Specification does not define the type of exceptions to raise, but
487         other browsers raise JavaScript errors, so those changes will improve
488         compatibility.
489
490         New Test: fast/canvas/webgl/array-set-invalid-arguments.html
491
492         Updated Tests expectations:
493             fast/canvas/webgl/array-set-out-of-bounds.html
494             fast/canvas/webgl/data-view-crash.html
495             fast/canvas/webgl/data-view-test.html
496
497         * bindings/js/JSArrayBufferViewHelper.h:
498         (WebCore):
499         (WebCore::setWebGLArrayWithTypedArrayArgument):
500         (WebCore::setWebGLArrayHelper):
501         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
502         (WebCore::constructArrayBufferViewWithArrayBufferArgument):
503         (WebCore::constructArrayBufferView):
504         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
505         (WebCore):
506         (WebCore::constructWebGLArrayWithArrayBufferArgument):
507         (WebCore::setWebGLArrayHelper):
508
509 2012-08-03  Dave Tu  <dtu@chromium.org>
510
511         [chromium] Fix Renderer4.CompositorThreadImplDrawDelay histogram.
512         https://bugs.webkit.org/show_bug.cgi?id=93159
513
514         Reviewed by Adrienne Walker.
515
516         The histogram is using the frame number instead of the frame time by mistake.
517
518         * platform/graphics/chromium/cc/CCFrameRateCounter.cpp:
519         (WebCore::CCFrameRateCounter::markBeginningOfFrame):
520
521 2012-08-03  David Grogan  <dgrogan@chromium.org>
522
523         IndexedDB: Core upgradeneeded logic
524         https://bugs.webkit.org/show_bug.cgi?id=92558
525
526         Reviewed by Ojan Vafai.
527
528         This is the backend webkit logic needed for integer versions. The rest
529         is in https://bugs.webkit.org/show_bug.cgi?id=89505.
530
531         I tried to make use of the existing processPendingCalls and added two
532         more queues, pendingOpenWithVersionCalls and
533         pendingSecondHalfOpenWithVersionCalls. The "second half" refers to
534         how there are two events that need to be fired in response to an
535         open-with-version call. The "second half" queue holds the open
536         requests that should immediately follow the caller's upgradeneeded
537         handler.
538
539         No new tests, there are so many they are in their own patch:
540         https://bugs.webkit.org/show_bug.cgi?id=92560
541
542         Though this patch doesn't change any expected behavior anyway, lack of
543         regressions is what we're hoping for here.
544
545         * Modules/indexeddb/IDBBackingStore.h:
546         (IDBBackingStore):
547         * Modules/indexeddb/IDBCallbacks.h:
548         (WebCore::IDBCallbacks::onBlocked):
549         (WebCore::IDBCallbacks::onUpgradeNeeded):
550         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
551         (IDBDatabaseBackendImpl::PendingOpenCall):
552         (IDBDatabaseBackendImpl::PendingOpenWithVersionCall):
553         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::create):
554         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::callbacks):
555         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::version):
556         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::PendingOpenWithVersionCall):
557         (WebCore):
558         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
559         (WebCore::IDBDatabaseBackendImpl::openInternal):
560         (WebCore::IDBDatabaseBackendImpl::metadata):
561         (WebCore::IDBDatabaseBackendImpl::setVersion):
562         (WebCore::IDBDatabaseBackendImpl::setIntVersionInternal):
563         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
564         (WebCore::IDBDatabaseBackendImpl::transactionFinishedAndEventsFired):
565         When an upgradeneeded event is fired in response to an
566         open-with-version call, the version change transaction must receive its
567         complete event before processPendingCalls fires a success event at
568         IDBOpenDBRequest. In the future this should probably be changed
569         instead to transactionFinishedAndAbortFired and
570         transactionFinishedAndCompleteFired so that we'll know to fire a
571         success or error event at IDBOpenDBRequest. Currently, instead of
572         firing error when there's an abort, we don't fire anything.
573
574         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
575         Now that this is called after a connection is opened, we unfortunately
576         lose the invariant that there is only one existing connection when this
577         is called, but nothing inside this function actually relied on that.
578         Additionally, the secondHalfOpen calls only ever need to be serviced
579         in one place: right after a version change transaction completes, so
580         it could be moved out of here.
581
582         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
583         Now that setVersion and deleteDatabase calls are queued up behind
584         secondHalfOpen calls, we have to service those queues when
585         secondHalfOpen calls complete, which is here.  So call
586         processPendingCalls().
587
588         (WebCore::IDBDatabaseBackendImpl::runIntVersionChangeTransaction):
589         (WebCore::IDBDatabaseBackendImpl::openConnectionWithVersion):
590         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
591         (WebCore::IDBDatabaseBackendImpl::close):
592         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
593         (IDBDatabaseBackendImpl):
594         * Modules/indexeddb/IDBDatabaseCallbacks.h:
595         (WebCore::IDBDatabaseCallbacks::onVersionChange):
596         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
597         (WebCore::IDBFactoryBackendImpl::open):
598         This is refactored some so that the call to openConection{WithVersion}
599         happens once, at the end.
600
601         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
602         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
603         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
604         (WebCore::IDBLevelDBBackingStore::updateIDBDatabaseIntVersion):
605         (WebCore):
606         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
607         * Modules/indexeddb/IDBLevelDBBackingStore.h:
608         (IDBLevelDBBackingStore):
609         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
610         (WebCore::IDBTransactionBackendImpl::commit):
611         See above comments about transactionFinishedAndEventsFired. I tried
612         moving the call to transactionFinished after the events were fired but
613         that failed some asserts. But changing those asserts is still an
614         alternative to splitting up transactionFinished as is done here.
615
616 2012-08-03  Rick Byers  <rbyers@chromium.org>
617
618         Double tap gesture should send dblclick event
619         https://bugs.webkit.org/show_bug.cgi?id=92412
620
621         Reviewed by Adam Barth.
622
623         Propagate the tap count from PlatformGestureEvent in the derived mouse
624         events.
625
626         Also fixes a crash with unexpected GestureDoubleTap events by just
627         supressing them early.  They will probably be removed soon anyway.
628
629         Test: fast/events/touch/gesture/gesture-dblclick.html
630
631         * page/EventHandler.cpp:
632         (WebCore::EventHandler::handleGestureEvent):
633         (WebCore::EventHandler::handleGestureTap):
634
635 2012-08-03  Sheriff Bot  <webkit.review.bot@gmail.com>
636
637         Unreviewed, rolling out r124668.
638         http://trac.webkit.org/changeset/124668
639         https://bugs.webkit.org/show_bug.cgi?id=93167
640
641         Broke Mac build (Requested by kbr_google on #webkit).
642
643         * bindings/js/JSArrayBufferViewHelper.h:
644         (WebCore::setWebGLArrayWithTypedArrayArgument):
645         (WebCore::setWebGLArrayHelper):
646         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
647         (WebCore::constructArrayBufferViewWithArrayBufferArgument):
648         (WebCore::constructArrayBufferView):
649         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
650         (WebCore::constructWebGLArrayWithArrayBufferArgument):
651         (WebCore):
652         (WebCore::constructWebGLArray):
653         (WebCore::setWebGLArrayHelper):
654
655 2012-08-03  Julien Chaffraix  <jchaffraix@webkit.org>
656
657         Implement computePreferredLogicalWidths on RenderGrid
658         https://bugs.webkit.org/show_bug.cgi?id=92908
659
660         Reviewed by Ojan Vafai.
661
662         This functions implements a primitive computePreferredLogicalWidths
663         so that we properly handle vertical writing modes.
664
665         Covered by fast/css-grid-layout/place-cell-by-index.html.
666
667         * rendering/RenderGrid.cpp:
668         (WebCore::RenderGrid::computePreferredLogicalWidths):
669         * rendering/RenderGrid.h:
670         Added computePreferredLogicalWidths.
671
672 2012-08-03  Arnaud Renevier  <a.renevier@sisa.samsung.com>
673
674         Update TypedArrays to throw RangeError or similar instead of INDEX_SIZE_ERR
675         https://bugs.webkit.org/show_bug.cgi?id=45118
676
677         Reviewed by Kenneth Russell.
678
679         Update TypedArrays to raise JavaScript RangeError instead of dom
680         INDEX_SIZE_ERR exceptions. Also, update TypedArrays to raise TypeError
681         instead of JavaScript SyntaxError or dom exceptions SYNTAX_ERR when
682         calling set method with invalid arguments.
683
684         Specification does not define the type of exceptions to raise, but
685         other browsers raise JavaScript errors, so those changes will improve
686         compatibility.
687
688         New Test: fast/canvas/webgl/array-set-invalid-arguments.html
689
690         Updated Tests expectations:
691             fast/canvas/webgl/array-set-out-of-bounds.html
692             fast/canvas/webgl/data-view-crash.html
693             fast/canvas/webgl/data-view-test.html
694
695         * bindings/js/JSArrayBufferViewHelper.h:
696         (WebCore):
697         (WebCore::setWebGLArrayWithTypedArrayArgument):
698         (WebCore::setWebGLArrayHelper):
699         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
700         (WebCore::constructArrayBufferViewWithArrayBufferArgument):
701         (WebCore::constructArrayBufferView):
702         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
703         (WebCore):
704         (WebCore::constructWebGLArrayWithArrayBufferArgument):
705         (WebCore::setWebGLArrayHelper):
706
707 2012-08-03  Levi Weintraub  <leviw@chromium.org>
708
709         Switch mapLocalToContainer to use a flag instead of boolean parameters
710         https://bugs.webkit.org/show_bug.cgi?id=92927
711
712         Reviewed by Dirk Schulze.
713
714         Changing mapLocalToContainer to use a uint flag to set the mode of operation. This removes
715         simplifies the contract, removes boolean arguments and paves the way for an additional mode
716         for sub-pixel layout support. See https://bugs.webkit.org/show_bug.cgi?id=89238 for the
717         sub-pixel use case. Other than the new MapLocalToContainerMode enum and MapLocalToContainerFlags
718         typedef, this change is purely mechanical.
719
720         No new tests as this doesn't change current behavior.
721
722         * rendering/RenderBlock.cpp:
723         (WebCore::RenderBlock::selectionGapRectsForRepaint):
724         * rendering/RenderBox.cpp:
725         (WebCore::RenderBox::mapLocalToContainer):
726         * rendering/RenderBox.h:
727         (RenderBox):
728         * rendering/RenderGeometryMap.cpp:
729         (WebCore::RenderGeometryMap::mapToAbsolute):
730         * rendering/RenderInline.cpp:
731         (WebCore::RenderInline::mapLocalToContainer):
732         * rendering/RenderInline.h:
733         (RenderInline):
734         * rendering/RenderObject.cpp:
735         (WebCore::RenderObject::localToAbsolute):
736         (WebCore::RenderObject::mapLocalToContainer):
737         (WebCore::RenderObject::localToContainerQuad):
738         (WebCore::RenderObject::localToContainerPoint):
739         * rendering/RenderObject.h:
740         (RenderObject): Adding the MapLocalToContainerMode enum and MapLocalToContainerFlags unsigned
741         int, and removing the old ApplyContainerFlipOrNot enum.
742         * rendering/RenderView.cpp:
743         (WebCore::RenderView::mapLocalToContainer):
744         * rendering/RenderView.h:
745         (RenderView):
746         * rendering/svg/RenderSVGForeignObject.cpp:
747         (WebCore::RenderSVGForeignObject::mapLocalToContainer):
748         * rendering/svg/RenderSVGForeignObject.h:
749         (RenderSVGForeignObject):
750         * rendering/svg/RenderSVGInline.cpp:
751         (WebCore::RenderSVGInline::mapLocalToContainer):
752         * rendering/svg/RenderSVGInline.h:
753         (RenderSVGInline):
754         * rendering/svg/RenderSVGModelObject.cpp:
755         (WebCore::RenderSVGModelObject::mapLocalToContainer):
756         * rendering/svg/RenderSVGModelObject.h:
757         (RenderSVGModelObject):
758         * rendering/svg/RenderSVGRoot.cpp:
759         (WebCore::RenderSVGRoot::mapLocalToContainer):
760         * rendering/svg/RenderSVGRoot.h:
761         (RenderSVGRoot):
762         * rendering/svg/RenderSVGText.cpp:
763         (WebCore::RenderSVGText::mapLocalToContainer):
764         * rendering/svg/RenderSVGText.h:
765         (RenderSVGText):
766         * rendering/svg/SVGRenderSupport.cpp:
767         (WebCore::SVGRenderSupport::mapLocalToContainer):
768
769 2012-08-03  Emil A Eklund  <eae@chromium.org>
770
771         Remove dependency on LayoutTypes.h from transformation code
772         https://bugs.webkit.org/show_bug.cgi?id=93037
773
774         Reviewed by Levi Weintraub.
775
776         TransformationMatrix and HitTestingTransformState includes LayoutTypes.h
777         which is in rendering. This is a layering violation.
778         Remove this dependency as it is no longer needed.
779
780         No new tests, no change in functionality.
781
782         * rendering/LayoutTypes.h:
783         Remove clampToLayoutUnit
784         
785         * platform/FractionalLayoutUnit.h:
786         (WebCore::FractionalLayoutUnit::clamp):
787         Add FractionalLayoutUnit::clamp method that clamps a double to a FractionalLayoutUnit.
788         * platform/graphics/transforms/TransformationMatrix.cpp:
789         (WebCore::clampEdgeValue):
790         (WebCore::TransformationMatrix::clampedBoundsOfProjectedQuad):
791         Use clamp/max/min from FractionalLayoutUnit instead of going through LayoutUnit abstraction.
792         * platform/graphics/transforms/TransformationMatrix.h:
793         * rendering/HitTestingTransformState.cpp:
794         * rendering/HitTestingTransformState.h:
795         Replace use of LayoutRect with FractionalLayoutRect as LayoutRect maps to FractionalLayoutRect on all platforms.
796
797 2012-08-03  Dan Bernstein  <mitz@apple.com>
798
799         <rdar://problem/12005188> REGRESSION (Safari 5.1 - 6): Cannot correctly display Traditional Mongolian Script
800         https://bugs.webkit.org/show_bug.cgi?id=92864
801
802         Reviewed by Sam Weinig.
803
804         Test: platform/mac/fast/text/combining-character-sequence-vertical.html
805
806         * platform/graphics/SimpleFontData.cpp:
807         (WebCore::SimpleFontData::glyphForCharacter): Added this helper function.
808         * platform/graphics/SimpleFontData.h:
809         (SimpleFontData): Declared glyphDataForCharacter.
810         * platform/graphics/mac/FontComplexTextMac.cpp:
811         (WebCore::Font::fontDataForCombiningCharacterSequence): Added logic to use the appropriate
812         variant of each font in the fallback list, which mimcs the equivalent logic in
813         glyphDataAndPageForCharacter().
814
815 2012-08-03  Kenneth Russell  <kbr@google.com>
816
817         [Chromium] Web Inspector: Win Dbg tests timing out (r123556 or r123560?)
818         https://bugs.webkit.org/show_bug.cgi?id=92570
819
820         Reviewed by Pavel Feldman.
821
822         Try restricting the use of the GC hint for canvas contexts to only
823         WebGL contexts, where it is most needed, to see whether this
824         clears up the timeouts.
825
826         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
827         (WebCore::V8HTMLCanvasElement::getContextCallback):
828
829 2012-08-02  Jeffrey Pfau  <jpfau@apple.com>
830
831         Add API for enabling blanket third-party data blocking
832         https://bugs.webkit.org/show_bug.cgi?id=93022
833
834         Reviewed by Anders Carlsson.
835
836         Added API for enabling third-party storage blocking.
837
838         * page/Settings.cpp:
839         (WebCore::Settings::Settings):
840         * page/Settings.h:
841         (WebCore::Settings::setThirdPartyStorageBlockingEnabled):
842         (WebCore::Settings::thirdPartyStorageBlockingEnabled):
843         (Settings):
844
845 2012-08-03  Anna Cavender  <annacc@chromium.org>
846
847         Negative timestamps for TextTrackCues should not be allowed.
848         https://bugs.webkit.org/show_bug.cgi?id=92939
849
850         Reviewed by Eric Carlson.
851
852         Make sure cues added in JavaScript are not allowed negative timestamps.
853         Attempting to add a cue with a negative timestamp is not successful
854         and setting a timestamp to a negative value has no effect.
855
856         Test: media/track/track-cue-negative-timestamp.html
857
858         * html/track/TextTrack.cpp:
859         (WebCore::TextTrack::addCue): If the cue's startTime or endTime is 
860             negative, do not add the cue.
861         * html/track/TextTrackCue.cpp:
862         (WebCore::TextTrackCue::setStartTime): Ignore negative values.
863         (WebCore::TextTrackCue::setEndTime): Ignore negative values.
864         * html/track/TextTrackCueList.cpp:
865         (WebCore::TextTrackCueList::add): Add ASSERTs to check startTime and
866             endTime are positive.
867
868 2012-08-03  Sheriff Bot  <webkit.review.bot@gmail.com>
869
870         Unreviewed, rolling out r124594.
871         http://trac.webkit.org/changeset/124594
872         https://bugs.webkit.org/show_bug.cgi?id=93152
873
874         Broke PlatformAppBrowserTest.Iframes browser_test on Chromium
875         bots (Requested by dimich on #webkit).
876
877         * bindings/generic/BindingSecurity.cpp:
878         (WebCore::canAccess):
879         (WebCore::BindingSecurity::canAccessFrame):
880         (WebCore::BindingSecurity::shouldAllowAccessToNode):
881         * bindings/v8/BindingState.cpp:
882         (WebCore::immediatelyReportUnsafeAccessTo):
883         * bindings/v8/BindingState.h:
884         (WebCore):
885         * bindings/v8/V8DOMWindowShell.cpp:
886         (WebCore::reportUnsafeJavaScriptAccess):
887         * bindings/v8/V8Proxy.cpp:
888         (WebCore::V8Proxy::reportUnsafeAccessTo):
889         * bindings/v8/V8Proxy.h:
890         (V8Proxy):
891
892 2012-08-03  Terry Anderson  <tdanderson@chromium.org>
893
894         Apply target fuzzing when sending a context menu event
895         https://bugs.webkit.org/show_bug.cgi?id=92914
896
897         Reviewed by Antonio Gomes.
898
899         If TOUCH_ADJUSTMENT is enabled, use bestClickableNodeForTouchPoint to possibly
900         adjust the location of a context menu event. This change uses the same set of
901         candidates for touch adjustment as is used for a GestureTap event (which
902         admittedly is a simplifying assumption).
903
904         Test: touchadjustment/touch-links-longpress.html
905
906         * page/EventHandler.cpp:
907         (WebCore::EventHandler::handleGestureTap):
908         Some code moved to the new function adjustGesturePosition.
909         (WebCore):
910         (WebCore::EventHandler::adjustGesturePosition):
911         Added this function to avoid repeated code in handleGestureTap and
912         sendContextMenuEventForGesture.
913         (WebCore::EventHandler::sendContextMenuEventForGesture):
914         Try to adjust the location of |mouseEvent| to correspond to the most
915         probable gesture target. If no such target exists, the location of
916         |mouseEvent| is unchanged.
917         * page/EventHandler.h:
918         (EventHandler):
919
920 2012-08-03  Sheriff Bot  <webkit.review.bot@gmail.com>
921
922         Unreviewed, rolling out r124475 and r124496.
923         http://trac.webkit.org/changeset/124475
924         http://trac.webkit.org/changeset/124496
925         https://bugs.webkit.org/show_bug.cgi?id=93151
926
927         Causing assertion failures in table-section-node-at-point-
928         crash.html (Requested by inferno-sec on #webkit).
929
930         * rendering/RenderTableSection.cpp:
931         (WebCore::RenderTableSection::paint):
932
933 2012-08-03  Jan Keromnes  <janx@linux.com>
934
935         Web Inspector: Create and interface for TextEditor
936         https://bugs.webkit.org/show_bug.cgi?id=93126
937
938         Reviewed by Pavel Feldman.
939
940         For more extensibility, TextEditor needs to be an interface that other
941         classes can implement, e.g. the new class DefaultTextEditor.
942
943         * WebCore.gypi:
944         * WebCore.vcproj/WebCore.vcproj:
945         * inspector/compile-front-end.py:
946         * inspector/front-end/SourceFrame.js:
947         (WebInspector.SourceFrame):
948         * inspector/front-end/TextEditor.js:
949         (WebInspector.TextEditor):
950         (WebInspector.TextEditor.prototype.set mimeType):
951         (WebInspector.TextEditor.prototype.setReadOnly):
952         (WebInspector.TextEditor.prototype.readOnly):
953         (WebInspector.TextEditor.prototype.defaultFocusedElement):
954         (WebInspector.TextEditor.prototype.revealLine):
955         (WebInspector.TextEditor.prototype.addDecoration):
956         (WebInspector.TextEditor.prototype.removeDecoration):
957         (WebInspector.TextEditor.prototype.markAndRevealRange):
958         (WebInspector.TextEditor.prototype.highlightLine):
959         (WebInspector.TextEditor.prototype.clearLineHighlight):
960         (WebInspector.TextEditor.prototype.freeCachedElements):
961         (WebInspector.TextEditor.prototype.elementsToRestoreScrollPositionsFor):
962         (WebInspector.TextEditor.prototype.inheritScrollPositions):
963         (WebInspector.TextEditor.prototype.beginUpdates):
964         (WebInspector.TextEditor.prototype.endUpdates):
965         (WebInspector.TextEditor.prototype.onResize):
966         (WebInspector.TextEditor.prototype._textChanged):
967         (WebInspector.TextEditor.prototype.editRange):
968         (WebInspector.TextEditor.prototype.scrollToLine):
969         (WebInspector.TextEditor.prototype.selection):
970         (WebInspector.TextEditor.prototype.lastSelection):
971         (WebInspector.TextEditor.prototype.setSelection):
972         (WebInspector.TextEditor.prototype.setText):
973         (WebInspector.TextEditor.prototype.text):
974         (WebInspector.TextEditor.prototype.range):
975         (WebInspector.TextEditor.prototype.line):
976         (WebInspector.TextEditor.prototype.get linesCount):
977         (WebInspector.TextEditor.prototype.setAttribute):
978         (WebInspector.TextEditor.prototype.getAttribute):
979         (WebInspector.TextEditor.prototype.removeAttribute):
980         (WebInspector.TextEditor.prototype.wasShown):
981         (WebInspector.TextEditor.prototype._handleFocused):
982         (WebInspector.TextEditor.prototype.willHide):
983         * inspector/front-end/WebKit.qrc:
984         * inspector/front-end/inspector.html:
985
986 2012-08-03  Mike West  <mkwst@chromium.org>
987
988         Blocking a plugin via CSP should result in one (and only one) console message.
989         https://bugs.webkit.org/show_bug.cgi?id=92649
990
991         Reviewed by Adam Barth.
992
993         Currently, blocking a plugin via Content Security Policy results in some
994         leakage of console log messages between tests. I'm unclear as to the
995         root cause, but the symptoms exhibited include
996         `SubframeLoader::requestPlugin` being called multiple times for a single
997         element, which in turn causes multiple console logs to be sent. These
998         messages tend to appear in the subsequent test, making the
999         `http/test/security/contentSecurityPolicy/object-src-*` set of tests
1000         flakey indeed.
1001
1002         This patch addresses the issue by marking elements' plugins as
1003         unavailable when they're blocked by CSP. No new tests have been added:
1004         this patch should simply make the current tests actually pass.
1005
1006         * loader/SubframeLoader.cpp:
1007         (WebCore::SubframeLoader::requestPlugin):
1008             We check the CSP status in `SubframeLoader::loadPlugin`, which is
1009             called at the end of this function. Checking CSP status in both
1010             locations is redundant.
1011         (WebCore::SubframeLoader::loadPlugin):
1012             If the plugin is blocked by CSP, tell the element's embedded object
1013             renderer that the plugin is unavailable.
1014         * platform/LocalizedStrings.cpp:
1015         (WebCore::blockedPluginByContentSecurityPolicyText):
1016         (WebCore):
1017         * platform/LocalizedStrings.h:
1018         (WebCore):
1019         * platform/blackberry/LocalizedStringsBlackBerry.cpp:
1020         (WebCore::blockedPluginByContentSecurityPolicyText):
1021         (WebCore):
1022         * platform/efl/LocalizedStringsEfl.cpp:
1023         (WebCore::blockedPluginByContentSecurityPolicyText):
1024         (WebCore):
1025         * platform/gtk/LocalizedStringsGtk.cpp:
1026         (WebCore::blockedPluginByContentSecurityPolicyText):
1027         (WebCore):
1028         * platform/qt/LocalizedStringsQt.cpp:
1029         (WebCore::blockedPluginByContentSecurityPolicyText):
1030         (WebCore):
1031         * rendering/RenderEmbeddedObject.cpp:
1032         (WebCore::unavailablePluginReplacementText):
1033         * rendering/RenderEmbeddedObject.h:
1034             Return appropriate text when the plugin is blocked by CSP.
1035
1036 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1037
1038         [V8] Add an IsExecutionTerminating() check to setDOMException()
1039         https://bugs.webkit.org/show_bug.cgi?id=93101
1040
1041         Reviewed by Adam Barth.
1042
1043         In preparation for moving exception related code from V8Proxy to V8Binding,
1044         I am going to remove throwError(ExceptionCode, v8::Isolate*) from V8Proxy.
1045         throwError(ExceptionCode, v8::Isolate*) will be replaced with
1046         setDOMException(ExceptionCode, v8::Isolate*). By this refactoring,
1047         the way to throw JavaScript errors and DOM exceptions becomes simple:
1048         "Throw JavaScript errors by throwError(). Throw DOM exceptions by setDOMException()".
1049         (Currently some DOM exceptions are being thrown by throwError().)
1050
1051         To keep the current behavior of throwError(ExceptionCode, v8::Isolate*),
1052         before the replacement, we need to insert the IsExecutionTerminating()
1053         check to setDOMException(). This will add an extra check to the current
1054         setDOMException(), but I don't think it's a problem.
1055
1056         No tests. No change in behavior.
1057
1058         * bindings/v8/V8Proxy.cpp:
1059         (WebCore::V8Proxy::setDOMException):
1060
1061 2012-08-03  Sadrul Habib Chowdhury  <sadrul@chromium.org>
1062
1063         Avoid dispatching gesture events of unknown types
1064         https://bugs.webkit.org/show_bug.cgi?id=93060
1065
1066         Reviewed by Adam Barth.
1067
1068         WebCore gesture events do not always correspond 1-to-1 to the Platform gesture events. So
1069         avoid dispatching the unknown gesture events to nodes.
1070
1071         * dom/GestureEvent.cpp:
1072         (WebCore::GestureEvent::create):
1073         * dom/Node.cpp:
1074         (WebCore::Node::dispatchGestureEvent):
1075
1076 2012-08-03  Stephen Chenney  <schenney@chromium.org>
1077
1078         Crash when a clip path referencing a clip path changes documents
1079         https://bugs.webkit.org/show_bug.cgi?id=93023
1080
1081         Reviewed by Dirk Schulze.
1082
1083         The SVGClipPathElement is set to not need pending resource handling,
1084         when in fact it can have pending resources. The result is a crash when
1085         the element is moved to a new document (which deletes all resources
1086         and leaves them pending) and then immediately deleted (which asserts
1087         that there are no pending resources). There is code to remove pending
1088         resources upon deletion and removal from the DOM, but it was not
1089         executing for clips because of the aforementioned code claiming that
1090         clips don't require such handling.
1091
1092         The assertion that there be no pending resources is necessary to
1093         prevent caches of pending resources from trying to access the deleted
1094         element.
1095
1096         This change removes the check for needsPendingResourceHandling in
1097         SVGStyledElement upon deletion and removal from the DOM. Pending resources
1098         will always be checked in such cases to ensure we do not introduce
1099         security issues.
1100
1101         Test: svg/custom/clip-path-document-change-assert.html
1102
1103         * svg/SVGStyledElement.cpp:
1104         (WebCore::SVGStyledElement::~SVGStyledElement): Removed needsPendingResourceHandling in the conditional to clean up resources.
1105         (WebCore::SVGStyledElement::removedFrom): Removed needsPendingResourceHandling in the conditional to clean up resources.
1106
1107 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1108
1109         [V8] Remove unused methods in V8Proxy
1110         https://bugs.webkit.org/show_bug.cgi?id=93106
1111
1112         Reviewed by Adam Barth.
1113
1114         In preparation for removing V8Proxy, we can remove unused methods in V8Proxy.
1115
1116         No tests. No change in behavior.
1117
1118         * bindings/v8/V8Proxy.h:
1119         (V8Proxy):
1120
1121 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1122
1123         [V8] Implement v8Undefined()
1124         https://bugs.webkit.org/show_bug.cgi?id=93093
1125
1126         Reviewed by Adam Barth.
1127
1128         There are a couple of equivalent ways to create an undefined value,
1129         e.g. v8::Undefined(), v8::Undefined(isolate), v8::Handle<v8::Value>(), etc.
1130         We should implement v8Undefined() and use it everywhere.
1131
1132         In this bug, we implement v8Undefined() and use it in CodeGeneratorV8.pm.
1133         We can implement v8Undefined() like this:
1134
1135             v8::Handle<v8::Value> v8Undefined() { v8::Handle<v8::Value>(); }
1136
1137         This is based on the following performance results:
1138
1139         // 14.5 ns
1140         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1141             return v8::Undefined();
1142         }
1143
1144         // 8.24 ns (This cannot be used where isolate can be 0.)
1145         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1146             return v8::Undefined(info.GetIsolate());
1147         }
1148
1149         // 8.54 ns
1150         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1151             v8::Isolate* isolate = info.GetIsolate();
1152             return isolate ? v8::Handle<v8::Value>(v8::Undefined(isolate)) : v8::Handle<v8::Value>();
1153         }
1154
1155         // 8.52 ns
1156         v8::Handle<v8::Value> xxxAttrGetter(..., info) {
1157             return v8::Handle<v8::Value>();
1158         }
1159
1160         No tests. No change in behavior.
1161
1162         * bindings/scripts/CodeGeneratorV8.pm:
1163         (GenerateConstructorGetter):
1164         (GenerateNormalAttrGetter):
1165         (GenerateNewFunctionTemplate):
1166         (GenerateEventListenerCallback):
1167         (GenerateFunctionCallback):
1168         (GenerateCallWith):
1169         (GenerateParametersCheck):
1170         (GenerateEventConstructorCallback):
1171         (GenerateNonStandardFunction):
1172         (GenerateImplementation):
1173         (NativeToJSValue):
1174         * bindings/scripts/test/V8/V8Float64Array.cpp:
1175         (WebCore::ConfigureV8Float64ArrayTemplate):
1176         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
1177         (WebCore::TestActiveDOMObjectV8Internal::excitingFunctionCallback):
1178         (WebCore::TestActiveDOMObjectV8Internal::postMessageCallback):
1179         (WebCore::TestActiveDOMObjectV8Internal::postMessageAttrGetter):
1180         (WebCore::ConfigureV8TestActiveDOMObjectTemplate):
1181         (WebCore::V8TestActiveDOMObject::wrapSlow):
1182         * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
1183         (WebCore::TestCustomNamedGetterV8Internal::anotherFunctionCallback):
1184         * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
1185         (WebCore::V8TestEventConstructor::constructorCallback):
1186         * bindings/scripts/test/V8/V8TestEventTarget.cpp:
1187         (WebCore::TestEventTargetV8Internal::addEventListenerCallback):
1188         (WebCore::TestEventTargetV8Internal::removeEventListenerCallback):
1189         (WebCore::ConfigureV8TestEventTargetTemplate):
1190         * bindings/scripts/test/V8/V8TestInterface.cpp:
1191         (WebCore::TestInterfaceV8Internal::supplementalMethod1Callback):
1192         (WebCore::TestInterfaceV8Internal::supplementalMethod2Callback):
1193         (WebCore::TestInterfaceV8Internal::supplementalMethod4Callback):
1194         (WebCore::ConfigureV8TestInterfaceTemplate):
1195         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
1196         (WebCore::TestMediaQueryListListenerV8Internal::methodCallback):
1197         * bindings/scripts/test/V8/V8TestObj.cpp:
1198         (WebCore::TestObjV8Internal::readOnlyTestObjAttrAttrGetter):
1199         (WebCore::TestObjV8Internal::withScriptStateAttributeAttrGetter):
1200         (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeAttrGetter):
1201         (WebCore::TestObjV8Internal::withScriptStateAttributeRaisesAttrGetter):
1202         (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeRaisesAttrGetter):
1203         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeAttrGetter):
1204         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeRaisesAttrGetter):
1205         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateWithSpacesAttributeAttrGetter):
1206         (WebCore::TestObjV8Internal::withScriptArgumentsAndCallStackAttributeAttrGetter):
1207         (WebCore::TestObjV8Internal::withScriptArgumentsAndCallStackAttributeAttrSetter):
1208         (WebCore::TestObjV8Internal::cachedAttribute1AttrGetter):
1209         (WebCore::TestObjV8Internal::cachedAttribute2AttrGetter):
1210         (WebCore::TestObjV8Internal::TestObjConstructorGetter):
1211         (WebCore::TestObjV8Internal::voidMethodCallback):
1212         (WebCore::TestObjV8Internal::voidMethodWithArgsCallback):
1213         (WebCore::TestObjV8Internal::methodWithSequenceArgCallback):
1214         (WebCore::TestObjV8Internal::serializedValueCallback):
1215         (WebCore::TestObjV8Internal::idbKeyCallback):
1216         (WebCore::TestObjV8Internal::optionsObjectCallback):
1217         (WebCore::TestObjV8Internal::methodWithExceptionCallback):
1218         (WebCore::TestObjV8Internal::addEventListenerCallback):
1219         (WebCore::TestObjV8Internal::removeEventListenerCallback):
1220         (WebCore::TestObjV8Internal::withScriptStateVoidCallback):
1221         (WebCore::TestObjV8Internal::withScriptStateVoidExceptionCallback):
1222         (WebCore::TestObjV8Internal::withScriptExecutionContextCallback):
1223         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateCallback):
1224         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateObjExceptionCallback):
1225         (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateWithSpacesCallback):
1226         (WebCore::TestObjV8Internal::withScriptArgumentsAndCallStackCallback):
1227         (WebCore::TestObjV8Internal::methodWithOptionalArgCallback):
1228         (WebCore::TestObjV8Internal::methodWithNonOptionalArgAndOptionalArgCallback):
1229         (WebCore::TestObjV8Internal::methodWithNonOptionalArgAndTwoOptionalArgsCallback):
1230         (WebCore::TestObjV8Internal::methodWithOptionalStringCallback):
1231         (WebCore::TestObjV8Internal::methodWithOptionalStringIsUndefinedCallback):
1232         (WebCore::TestObjV8Internal::methodWithOptionalStringIsNullStringCallback):
1233         (WebCore::TestObjV8Internal::methodWithCallbackArgCallback):
1234         (WebCore::TestObjV8Internal::methodWithNonCallbackArgAndCallbackArgCallback):
1235         (WebCore::TestObjV8Internal::methodWithCallbackAndOptionalArgCallback):
1236         (WebCore::TestObjV8Internal::conditionalMethod2Callback):
1237         (WebCore::TestObjV8Internal::conditionalMethod3Callback):
1238         (WebCore::TestObjV8Internal::overloadedMethod1Callback):
1239         (WebCore::TestObjV8Internal::overloadedMethod2Callback):
1240         (WebCore::TestObjV8Internal::overloadedMethod3Callback):
1241         (WebCore::TestObjV8Internal::overloadedMethod4Callback):
1242         (WebCore::TestObjV8Internal::overloadedMethod5Callback):
1243         (WebCore::TestObjV8Internal::overloadedMethod6Callback):
1244         (WebCore::TestObjV8Internal::overloadedMethod7Callback):
1245         (WebCore::TestObjV8Internal::overloadedMethod8Callback):
1246         (WebCore::TestObjV8Internal::overloadedMethod9Callback):
1247         (WebCore::TestObjV8Internal::overloadedMethod10Callback):
1248         (WebCore::TestObjV8Internal::classMethodCallback):
1249         (WebCore::TestObjV8Internal::overloadedMethod11Callback):
1250         (WebCore::TestObjV8Internal::overloadedMethod12Callback):
1251         (WebCore::TestObjV8Internal::classMethodWithClampCallback):
1252         (WebCore::TestObjV8Internal::enabledAtRuntimeMethod1Callback):
1253         (WebCore::TestObjV8Internal::enabledAtRuntimeMethod2Callback):
1254         (WebCore::TestObjV8Internal::enabledPerContextMethod1Callback):
1255         (WebCore::TestObjV8Internal::enabledPerContextMethod2Callback):
1256         (WebCore::TestObjV8Internal::convert1Callback):
1257         (WebCore::TestObjV8Internal::convert2Callback):
1258         (WebCore::TestObjV8Internal::convert3Callback):
1259         (WebCore::TestObjV8Internal::convert4Callback):
1260         (WebCore::TestObjV8Internal::convert5Callback):
1261         (WebCore::TestObjV8Internal::orangeCallback):
1262         (WebCore::ConfigureV8TestObjTemplate):
1263         (WebCore::V8TestObj::installPerContextProperties):
1264         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
1265         (WebCore::TestSerializedScriptValueInterfaceV8Internal::acceptTransferListCallback):
1266         (WebCore::TestSerializedScriptValueInterfaceV8Internal::multiTransferListCallback):
1267         (WebCore::V8TestSerializedScriptValueInterface::constructorCallback):
1268         * bindings/v8/V8Binding.h:
1269         (WebCore::v8Undefined):
1270         (WebCore):
1271
1272 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1273
1274         [V8] Remove v8StringToWebCoreString()
1275         https://bugs.webkit.org/show_bug.cgi?id=93087
1276
1277         Reviewed by Adam Barth.
1278
1279         There should be only one API that converts V8 String
1280         to WebCore String. v8ValueToWebCoreString() does it.
1281         We can remove v8StringToWebCoreString().
1282
1283         No tests. No change in behavior.
1284
1285         * bindings/v8/ScriptDebugServer.cpp:
1286         (WebCore::ScriptDebugServer::setBreakpoint):
1287         * bindings/v8/V8Binding.cpp:
1288         (WebCore::v8ValueToWebCoreString):
1289         * bindings/v8/V8Binding.h:
1290         (WebCore):
1291
1292 2012-07-20  Jon Lee  <jonlee@apple.com>
1293
1294         Crash in Notification when setting a non-object as an event listener (91881)
1295         https://bugs.webkit.org/show_bug.cgi?id=91881
1296         <rdar://problem/11923341>
1297
1298         Reviewed by Oliver Hunt.
1299
1300         Check to make sure that the value being retrieved is an object. This is similar
1301         to the isObject() check done in the bindings code.
1302
1303         Test: fast/notifications/notifications-event-listener-crash.html
1304
1305         * bindings/js/Dictionary.h:
1306         (WebCore::Dictionary::getEventListener):
1307
1308 2012-08-03  Kentaro Hara  <haraken@chromium.org>
1309
1310         [V8] Remove v8StringToAtomicWebCoreString()
1311         https://bugs.webkit.org/show_bug.cgi?id=93086
1312
1313         Reviewed by Dimitri Glazkov.
1314
1315         There should be only one API that converts V8 String to
1316         AtomicString. v8ValueToAtomicWebCoreString() does it.
1317         We can remove v8StringToAtomicWebCoreString().
1318
1319         No tests. No change in behavior.
1320
1321         * bindings/v8/V8Binding.cpp:
1322         (WebCore::v8ValueToAtomicWebCoreString):
1323         * bindings/v8/V8Binding.h:
1324         (WebCore):
1325         * bindings/v8/V8DOMWindowShell.cpp:
1326         (WebCore::getter):
1327         * bindings/v8/custom/V8DOMWindowCustom.cpp:
1328         (WebCore::V8DOMWindow::namedPropertyGetter):
1329         * bindings/v8/custom/V8HTMLAllCollectionCustom.cpp:
1330         (WebCore::V8HTMLAllCollection::namedPropertyGetter):
1331         * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
1332         (WebCore::V8HTMLCollection::namedPropertyGetter):
1333         * bindings/v8/custom/V8HTMLFormElementCustom.cpp:
1334         (WebCore::V8HTMLFormElement::namedPropertyGetter):
1335         * bindings/v8/custom/V8HTMLFrameSetElementCustom.cpp:
1336         (WebCore::V8HTMLFrameSetElement::namedPropertyGetter):
1337
1338 2012-08-03  Ilya Tikhonovsky  <loislo@chromium.org>
1339
1340         Web Inspector: eliminate visitBaseClass method from NMI. It introduces unnecessary complexity.
1341         https://bugs.webkit.org/show_bug.cgi?id=93129
1342
1343         Reviewed by Yury Semikhatsky.
1344
1345         * css/PropertySetCSSStyleDeclaration.cpp:
1346         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
1347         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
1348         * dom/CharacterData.cpp:
1349         (WebCore::CharacterData::reportMemoryUsage):
1350         * dom/ContainerNode.h:
1351         (WebCore::ContainerNode::reportMemoryUsage):
1352         * dom/Document.cpp:
1353         (WebCore::Document::reportMemoryUsage):
1354         * dom/Element.h:
1355         (WebCore::Element::reportMemoryUsage):
1356         * dom/MemoryInstrumentation.h:
1357         * dom/Node.cpp:
1358         (WebCore::Node::reportMemoryUsage):
1359
1360 2012-08-03  Alexandre Elias  <aelias@google.com>
1361
1362         [chromium] Move ubercomp quads back into CC
1363         https://bugs.webkit.org/show_bug.cgi?id=93062
1364
1365         Reviewed by James Robinson.
1366
1367         Because GTFO is almost done, we can move back the quad types
1368         to CC and pickle them there.  This patch moves everything back
1369         to where it was before and changes types like WebRect to IntRect.
1370
1371         As a bonus, I also added CCRenderPassDrawQuad and CCYUVVideoDrawQuad
1372         (which had been left in the CC files) to CCDrawQuad::size(), so now
1373         every quad type is ready for serialization.
1374
1375         No new tests (no-op refactoring).
1376
1377         * WebCore.gypi:
1378         * platform/chromium/support/WebCompositorStreamVideoQuad.cpp: Removed.
1379         * platform/graphics/chromium/LayerRendererChromium.cpp:
1380         (WebCore::LayerRendererChromium::drawQuad):
1381         * platform/graphics/chromium/cc/CCCheckerboardDrawQuad.cpp: Copied from Source/WebCore/platform/graphics/chromium/cc/CCQuadSink.h.
1382         (WebCore):
1383         (WebCore::CCCheckerboardDrawQuad::create):
1384         (WebCore::CCCheckerboardDrawQuad::CCCheckerboardDrawQuad):
1385         (WebCore::CCCheckerboardDrawQuad::materialCast):
1386         * platform/graphics/chromium/cc/CCCheckerboardDrawQuad.h:
1387         (WebCore):
1388         (CCCheckerboardDrawQuad):
1389         * platform/graphics/chromium/cc/CCDebugBorderDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorDebugBorderQuad.cpp.
1390         (WebCore):
1391         (WebCore::CCDebugBorderDrawQuad::create):
1392         (WebCore::CCDebugBorderDrawQuad::CCDebugBorderDrawQuad):
1393         (WebCore::CCDebugBorderDrawQuad::materialCast):
1394         * platform/graphics/chromium/cc/CCDebugBorderDrawQuad.h:
1395         (WebCore):
1396         (CCDebugBorderDrawQuad):
1397         (WebCore::CCDebugBorderDrawQuad::color):
1398         (WebCore::CCDebugBorderDrawQuad::width):
1399         * platform/graphics/chromium/cc/CCDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorQuad.cpp.
1400         (WebCore):
1401         (WebCore::CCDrawQuad::CCDrawQuad):
1402         (WebCore::CCDrawQuad::opaqueRect):
1403         (WebCore::CCDrawQuad::setQuadVisibleRect):
1404         (WebCore::CCDrawQuad::size):
1405         (WebCore::CCDrawQuad::setSharedQuadState):
1406         * platform/graphics/chromium/cc/CCDrawQuad.h:
1407         (WebCore):
1408         (CCDrawQuad):
1409         (WebCore::CCDrawQuad::quadRect):
1410         (WebCore::CCDrawQuad::quadTransform):
1411         (WebCore::CCDrawQuad::visibleContentRect):
1412         (WebCore::CCDrawQuad::scissorRect):
1413         (WebCore::CCDrawQuad::opacity):
1414         (WebCore::CCDrawQuad::needsBlending):
1415         (WebCore::CCDrawQuad::isLayerAxisAlignedIntRect):
1416         (WebCore::CCDrawQuad::quadVisibleRect):
1417         (WebCore::CCDrawQuad::isDebugQuad):
1418         (WebCore::CCDrawQuad::material):
1419         (WebCore::CCDrawQuad::sharedQuadState):
1420         (WebCore::CCDrawQuad::sharedQuadStateId):
1421         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
1422         (WebCore::CCHeadsUpDisplayLayerImpl::appendQuads):
1423         * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorIOSurfaceQuad.cpp.
1424         (WebCore):
1425         (WebCore::CCIOSurfaceDrawQuad::create):
1426         (WebCore::CCIOSurfaceDrawQuad::CCIOSurfaceDrawQuad):
1427         (WebCore::CCIOSurfaceDrawQuad::materialCast):
1428         * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.h:
1429         (WebCore):
1430         (CCIOSurfaceDrawQuad):
1431         (WebCore::CCIOSurfaceDrawQuad::ioSurfaceSize):
1432         (WebCore::CCIOSurfaceDrawQuad::ioSurfaceTextureId):
1433         (WebCore::CCIOSurfaceDrawQuad::orientation):
1434         * platform/graphics/chromium/cc/CCQuadCuller.h:
1435         (CCQuadCuller):
1436         * platform/graphics/chromium/cc/CCQuadSink.h:
1437         (WebCore):
1438         (CCQuadSink):
1439         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.cpp:
1440         (WebCore::CCRenderPassDrawQuad::create):
1441         (WebCore::CCRenderPassDrawQuad::CCRenderPassDrawQuad):
1442         (WebCore::CCRenderPassDrawQuad::materialCast):
1443         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.h:
1444         (CCRenderPassDrawQuad):
1445         * platform/graphics/chromium/cc/CCSharedQuadState.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorSharedQuadState.cpp.
1446         (WebCore):
1447         (WebCore::CCSharedQuadState::CCSharedQuadState):
1448         (WebCore::CCSharedQuadState::create):
1449         (WebCore::CCSharedQuadState::isLayerAxisAlignedIntRect):
1450         * platform/graphics/chromium/cc/CCSharedQuadState.h:
1451         (WebCore):
1452         (CCSharedQuadState):
1453         * platform/graphics/chromium/cc/CCSolidColorDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorSolidColorQuad.cpp.
1454         (WebCore):
1455         (WebCore::CCSolidColorDrawQuad::create):
1456         (WebCore::CCSolidColorDrawQuad::CCSolidColorDrawQuad):
1457         (WebCore::CCSolidColorDrawQuad::materialCast):
1458         * platform/graphics/chromium/cc/CCSolidColorDrawQuad.h:
1459         (WebCore):
1460         (CCSolidColorDrawQuad):
1461         (WebCore::CCSolidColorDrawQuad::color):
1462         * platform/graphics/chromium/cc/CCStreamVideoDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorCheckerboardQuad.cpp.
1463         (WebCore):
1464         (WebCore::CCStreamVideoDrawQuad::create):
1465         (WebCore::CCStreamVideoDrawQuad::CCStreamVideoDrawQuad):
1466         (WebCore::CCStreamVideoDrawQuad::materialCast):
1467         * platform/graphics/chromium/cc/CCStreamVideoDrawQuad.h:
1468         (WebCore):
1469         (CCStreamVideoDrawQuad):
1470         (WebCore::CCStreamVideoDrawQuad::textureId):
1471         (WebCore::CCStreamVideoDrawQuad::matrix):
1472         * platform/graphics/chromium/cc/CCTextureDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorTextureQuad.cpp.
1473         (WebCore):
1474         (WebCore::CCTextureDrawQuad::create):
1475         (WebCore::CCTextureDrawQuad::CCTextureDrawQuad):
1476         (WebCore::CCTextureDrawQuad::setNeedsBlending):
1477         (WebCore::CCTextureDrawQuad::materialCast):
1478         * platform/graphics/chromium/cc/CCTextureDrawQuad.h:
1479         (WebCore):
1480         (CCTextureDrawQuad):
1481         (WebCore::CCTextureDrawQuad::uvRect):
1482         (WebCore::CCTextureDrawQuad::resourceId):
1483         (WebCore::CCTextureDrawQuad::premultipliedAlpha):
1484         (WebCore::CCTextureDrawQuad::flipped):
1485         * platform/graphics/chromium/cc/CCTileDrawQuad.cpp: Renamed from Source/WebCore/platform/chromium/support/WebCompositorTileQuad.cpp.
1486         (WebCore):
1487         (WebCore::CCTileDrawQuad::create):
1488         (WebCore::CCTileDrawQuad::CCTileDrawQuad):
1489         (WebCore::CCTileDrawQuad::materialCast):
1490         * platform/graphics/chromium/cc/CCTileDrawQuad.h:
1491         (WebCore):
1492         (CCTileDrawQuad):
1493         (WebCore::CCTileDrawQuad::resourceId):
1494         (WebCore::CCTileDrawQuad::textureOffset):
1495         (WebCore::CCTileDrawQuad::textureSize):
1496         (WebCore::CCTileDrawQuad::textureFilter):
1497         (WebCore::CCTileDrawQuad::swizzleContents):
1498         (WebCore::CCTileDrawQuad::leftEdgeAA):
1499         (WebCore::CCTileDrawQuad::topEdgeAA):
1500         (WebCore::CCTileDrawQuad::rightEdgeAA):
1501         (WebCore::CCTileDrawQuad::bottomEdgeAA):
1502         (WebCore::CCTileDrawQuad::isAntialiased):
1503         * platform/graphics/chromium/cc/CCYUVVideoDrawQuad.cpp:
1504         (WebCore::CCYUVVideoDrawQuad::create):
1505         (WebCore::CCYUVVideoDrawQuad::CCYUVVideoDrawQuad):
1506         (WebCore::CCYUVVideoDrawQuad::materialCast):
1507         * platform/graphics/chromium/cc/CCYUVVideoDrawQuad.h:
1508         (CCYUVVideoDrawQuad):
1509
1510 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
1511
1512         Unreviewed, restore Web Inspector JS frontend compilability after r124484 (fix JSDoc annotations).
1513
1514         * inspector/front-end/Settings.js:
1515         * inspector/front-end/SettingsScreen.js:
1516         * inspector/front-end/UserAgentSupport.js:
1517         (WebInspector.UserAgentSupport.DeviceOrientation):
1518
1519 2012-08-03  Philippe Normand  <pnormand@igalia.com>
1520
1521         Unreviewed, rolling out r124614.
1522         http://trac.webkit.org/changeset/124614
1523         https://bugs.webkit.org/show_bug.cgi?id=91727
1524
1525         gstreamer core .po files mess up the build again
1526
1527         * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
1528         (WTF::adoptGRef):
1529         * platform/graphics/gstreamer/GStreamerVersioning.cpp:
1530         (setGstElementClassMetadata):
1531         * platform/graphics/gstreamer/GStreamerVersioning.h:
1532         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1533         (StreamingClient::didReceiveResponse):
1534
1535 2012-08-03  Benjamin Poulain  <bpoulain@apple.com>
1536
1537         Initialize the Event Names' string from read only memory
1538         https://bugs.webkit.org/show_bug.cgi?id=92435
1539
1540         Reviewed by Anders Carlsson.
1541
1542         Similarily to r123689, we can initialize the event names' string from memory without copying the data.
1543         This saves us memory and initialization time.
1544
1545         * dom/EventNames.cpp:
1546         (WebCore):
1547
1548 2012-08-03  Philippe Normand  <pnormand@igalia.com>
1549
1550         [GTK][jhbuild] Switch to GStreamer 0.11 build
1551         https://bugs.webkit.org/show_bug.cgi?id=91727
1552
1553         Reviewed by Gustavo Noronha Silva.
1554
1555         Add a new function to encapsulate the GStreamer API removal of
1556         GST_OBJECT_IS_FLOATING in the upcoming 1.0 release. Use of this
1557         macro can now be replaced by calling the g_object_is_floating
1558         function.
1559
1560         * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
1561         (WTF::adoptGRef):
1562         * platform/graphics/gstreamer/GStreamerVersioning.cpp:
1563         (gstObjectIsFloating):
1564         * platform/graphics/gstreamer/GStreamerVersioning.h:
1565
1566 2012-08-03  George Staikos  <staikos@webkit.org>
1567
1568         [BlackBerry] Add a null check for media implementation to fix a crash.
1569         https://bugs.webkit.org/show_bug.cgi?id=93107
1570
1571         Reviewed by Rob Buis.
1572
1573         Fixes media/video-size.html.
1574
1575         * platform/blackberry/RenderThemeBlackBerry.cpp:
1576         (WebCore::RenderThemeBlackBerry::paintMediaSliderTrack): Add null check.
1577
1578 2012-08-03  Yury Semikhatsky  <yurys@chromium.org>
1579
1580         Unreviewed. Fixed WinCE compilation after r124589.
1581
1582         * css/PropertySetCSSStyleDeclaration.cpp:
1583         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
1584         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
1585
1586 2012-08-03  Keishi Hattori  <keishi@webkit.org>
1587
1588         Add keyboard support for color suggestion popup
1589         https://bugs.webkit.org/show_bug.cgi?id=93069
1590
1591         Reviewed by Kent Tamura.
1592
1593         This adds support for keyboard inside the color suggestion popup.
1594         Tab or arrow keys to move around. Return or space to select the color.
1595         Escape closes the popup.
1596
1597         No new tests. Covered in platform/chromium/fast/forms/color/color-suggestion-picker-appearance.html.
1598
1599         * Resources/colorSuggestionPicker.css:
1600         (.color-swatch):
1601         (.color-swatch:focus):
1602         * Resources/colorSuggestionPicker.js:
1603         (ColorPicker):
1604         (ColorPicker.prototype._layout):
1605         (ColorPicker.prototype.selectColorAtIndex): Selects color at index.
1606         (ColorPicker.prototype._handleMouseMove): Set focus to the swatch under the mouse cursor.
1607         (ColorPicker.prototype._handleKeyDown): Move focused element on arrow keys.
1608         (ColorPicker.prototype._handleMouseDown): Prevents blur on click.
1609
1610 2012-08-03  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
1611
1612         Add missing include to build on Mac OS 10.8
1613
1614         Reviewed by Ossy.
1615
1616         * platform/graphics/surfaces/mac/GraphicsSurfaceMac.cpp:
1617
1618 2012-08-03  Adam Barth  <abarth@webkit.org>
1619
1620         [V8] Re-wire "target" half of the same-origin security check through Document rather than DOMWindow
1621         https://bugs.webkit.org/show_bug.cgi?id=93079
1622
1623         Reviewed by Eric Seidel.
1624
1625         Before this patch, we were traversing from Nodes to Frames to
1626         DOMWindows to SecurityOrigins when determing the "target" of an
1627         operation for the same-origin policy security check. Rather than
1628         detouring through DOMWindow, these security checks should operate in
1629         terms of ScriptExecutionContexts (aka Documents) because that's the
1630         canonical place we store SecurityOrigin objects.
1631
1632         A future patch will re-wire the "active" part of the security check to
1633         use ScriptExecutionContexts as well and we'll be able to remove the
1634         extra copy of SecurityOrigin that we keep in DOMWindow.
1635
1636         * bindings/generic/BindingSecurity.cpp:
1637         (WebCore::canAccessDocument):
1638         (WebCore::BindingSecurity::canAccessFrame):
1639         (WebCore::BindingSecurity::shouldAllowAccessToNode):
1640         * bindings/v8/BindingState.cpp:
1641         (WebCore::immediatelyReportUnsafeAccessTo):
1642         * bindings/v8/BindingState.h:
1643         (WebCore):
1644         * bindings/v8/V8DOMWindowShell.cpp:
1645         (WebCore::reportUnsafeJavaScriptAccess):
1646         * bindings/v8/V8Proxy.cpp:
1647         (WebCore::V8Proxy::reportUnsafeAccessTo):
1648         * bindings/v8/V8Proxy.h:
1649         (V8Proxy):
1650
1651 2012-08-03  Keishi Hattori  <keishi@webkit.org>
1652
1653         ColorSuggestionPicker popup's height doesn't get smaller than 100 px
1654         https://bugs.webkit.org/show_bug.cgi?id=92945
1655
1656         Reviewed by Kent Tamura.
1657
1658         A window cannot be resized to be smaller than 100x100 pixels so this
1659         adjust the color suggestion popup UI to look better when there are only
1660         a few suggestions.
1661
1662         Tests: platform/chromium/fast/forms/color/color-suggestion-picker-one-row-appearance.html
1663                platform/chromium/fast/forms/color/color-suggestion-picker-two-row-appearance.html
1664
1665         * Resources/colorSuggestionPicker.css:
1666         (.color-swatch-container): Vertically center the swatches.
1667
1668 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
1669
1670         Web Inspector: Remove InspectorCSSAgent from InstrumentingAgents on clearFrontend()
1671         https://bugs.webkit.org/show_bug.cgi?id=93082
1672
1673         Reviewed by Yury Semikhatsky.
1674
1675         * inspector/InspectorCSSAgent.cpp:
1676         (WebCore::InspectorCSSAgent::InspectorCSSAgent):
1677         (WebCore::InspectorCSSAgent::~InspectorCSSAgent):
1678         (WebCore::InspectorCSSAgent::setFrontend):
1679         (WebCore::InspectorCSSAgent::clearFrontend):
1680
1681 2012-08-03  Eugene Klyuchnikov  <eustas.big@gmail.com>
1682
1683         Web Inspector: Profiles: extract save to file / load from code
1684         https://bugs.webkit.org/show_bug.cgi?id=92348
1685
1686         Reviewed by Yury Semikhatsky.
1687
1688         Motivation: extract reusable code for timeline load/save.
1689         FileUtils.js will contain common code. Not all code moved to FileUtils
1690         to make review easier. This code will be moved in next patch.
1691
1692         Core abstractions: OutputStream and OutputStreamDelegate.
1693
1694         OutputStream is interface that is used to transfer entity divded
1695         to chunks. Transfer process is explicitly initialized (startTransfer)
1696         and finalized (finishTrnsfer).
1697
1698         OutputStreamDelegate is interface to receive notifications about
1699         transfer process: onTransferStarted, onChunkTransferred, onTransferFinished.
1700
1701         ChunkedFileReader: utility class that loads file by chunks of specified
1702         size and notifies given delegate. OutputStream is supplied as a
1703         parameter of method "start".
1704
1705         ChunkedFileWriter: implementation of OutputStream that saves data
1706         to file specified by file name and notifies given delegate.
1707
1708         * WebCore.gypi: Added 'FileUtils.js'.
1709         * WebCore.vcproj/WebCore.vcproj: Added 'FileUtils.js'.
1710         * inspector/compile-front-end.py: Added 'FileUtils.js'.
1711         * inspector/front-end/FileUtils.js: Added.
1712         (WebInspector.OutputStreamDelegate): Added.
1713         (WebInspector.ChunkedFileReader): Added.
1714         (WebInspector.createFileSelectorElement): Added utility method to construct
1715         hidden input element to select file.
1716         * inspector/front-end/HeapSnapshotLoader.js: Adopted new API.
1717         * inspector/front-end/HeapSnapshotProxy.js: Adopted new API.
1718         * inspector/front-end/HeapSnapshotView.js: Adopted new API.
1719         (WebInspector.HeapSnapshotLoadFromFileDelegate):
1720         Extracted from existing code.
1721         (WebInspector.ChunkedFileWriter): Renamed and refactored.
1722         (WebInspector.HeapSnapshotSaveToFileDelegate):
1723         Extracted from existing code.
1724         * inspector/front-end/ProfilesPanel.js: Adopted new API.
1725
1726 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
1727
1728         Web Inspector: Incorrect blob url href when inspecting
1729         https://bugs.webkit.org/show_bug.cgi?id=93076
1730
1731         Reviewed by Vsevolod Vlasov.
1732
1733         Special-cased the "blob" scheme to return the original URL intact on completion.
1734
1735         * inspector/front-end/ResourceUtils.js:
1736         (WebInspector.completeURL):
1737
1738 2012-08-03  Yury Semikhatsky  <yurys@chromium.org>
1739
1740         Web Inspector: add CSSRule memory instrumentation
1741         https://bugs.webkit.org/show_bug.cgi?id=92962
1742
1743         Reviewed by Pavel Feldman.
1744
1745         Added memory footprint reporting method to CSSRule and its descendants.
1746
1747         * css/CSSCharsetRule.cpp:
1748         (WebCore::CSSCharsetRule::reportDescendantMemoryUsage):
1749         (WebCore):
1750         * css/CSSCharsetRule.h:
1751         (CSSCharsetRule):
1752         * css/CSSComputedStyleDeclaration.cpp:
1753         (WebCore::CSSComputedStyleDeclaration::reportMemoryUsage):
1754         (WebCore):
1755         * css/CSSComputedStyleDeclaration.h:
1756         (CSSComputedStyleDeclaration):
1757         * css/CSSFontFaceRule.cpp:
1758         (WebCore::CSSFontFaceRule::reportDescendantMemoryUsage):
1759         (WebCore):
1760         * css/CSSFontFaceRule.h:
1761         (CSSFontFaceRule):
1762         * css/CSSImportRule.cpp:
1763         (WebCore::CSSImportRule::reportDescendantMemoryUsage):
1764         (WebCore):
1765         * css/CSSImportRule.h:
1766         (CSSImportRule):
1767         * css/CSSMediaRule.cpp:
1768         (WebCore::CSSMediaRule::reportDescendantMemoryUsage):
1769         (WebCore):
1770         * css/CSSMediaRule.h:
1771         (CSSMediaRule):
1772         * css/CSSPageRule.cpp:
1773         (WebCore::CSSPageRule::reportDescendantMemoryUsage):
1774         (WebCore):
1775         * css/CSSPageRule.h:
1776         (CSSPageRule):
1777         * css/CSSRule.cpp:
1778         (WebCore::CSSRule::reportMemoryUsage): we manually implement polymorphic
1779         call here to avoid adding vtable pointer to all CSSRule objects. Descendants
1780         are expected to report their memory via reportDescendantMemoryUsage. The name
1781         is intentionally different from reportMemoryUsage to avoid accidential infitite
1782         recursion: if the descendants overrode non-virtual CSSRule::reportMemoryUsage,
1783         it would be easy to add a new descendant type to the switch in
1784         CSSRule::reportMemoryUsage without providing proper override for reportMemoryUsage
1785         and CSSRule::reportMemoryUsage would end up calling itself.
1786         (WebCore):
1787         (WebCore::CSSRule::reportBaseClassMemoryUsage): again we cannot use
1788         MemoryClassInfo::visitBaseClass like we do for virtual methods because it would
1789         lead to a recursive call of CSSRule::reportMemoryUsage. This is why we use
1790         reportBaseClassMemoryUsage to allow descendants to report objects referenced
1791         from their base class.
1792         * css/CSSRule.h:
1793         (WebCore):
1794         (CSSRule):
1795         * css/CSSRuleList.cpp:
1796         (WebCore::StaticCSSRuleList::reportMemoryUsage):
1797         (WebCore):
1798         * css/CSSRuleList.h:
1799         (WebCore):
1800         (CSSRuleList):
1801         (StaticCSSRuleList):
1802         (LiveCSSRuleList):
1803         * css/CSSStyleDeclaration.h:
1804         (WebCore):
1805         (CSSStyleDeclaration):
1806         * css/CSSStyleRule.cpp:
1807         (WebCore::CSSStyleRule::reportDescendantMemoryUsage):
1808         (WebCore):
1809         * css/CSSStyleRule.h:
1810         (CSSStyleRule):
1811         * css/CSSStyleSheet.cpp:
1812         (StyleSheetCSSRuleList):
1813         (WebCore::CSSStyleSheet::reportMemoryUsage):
1814         * css/CSSUnknownRule.h:
1815         (CSSUnknownRule):
1816         (WebCore::CSSUnknownRule::reportDescendantMemoryUsage):
1817         * css/PropertySetCSSStyleDeclaration.cpp:
1818         (WebCore::PropertySetCSSStyleDeclaration::reportMemoryUsage):
1819         (WebCore):
1820         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
1821         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
1822         * css/PropertySetCSSStyleDeclaration.h:
1823         (PropertySetCSSStyleDeclaration):
1824         (StyleRuleCSSStyleDeclaration):
1825         (InlineCSSStyleDeclaration):
1826         * css/WebKitCSSKeyframeRule.cpp:
1827         (WebCore::WebKitCSSKeyframeRule::reportDescendantMemoryUsage):
1828         (WebCore):
1829         * css/WebKitCSSKeyframeRule.h:
1830         (WebKitCSSKeyframeRule):
1831         * css/WebKitCSSKeyframesRule.cpp:
1832         (WebCore::WebKitCSSKeyframesRule::reportDescendantMemoryUsage):
1833         (WebCore):
1834         * css/WebKitCSSKeyframesRule.h:
1835         (WebKitCSSKeyframesRule):
1836         * css/WebKitCSSRegionRule.cpp:
1837         (WebCore::WebKitCSSRegionRule::reportDescendantMemoryUsage):
1838         (WebCore):
1839         * css/WebKitCSSRegionRule.h:
1840         (WebKitCSSRegionRule):
1841
1842 2012-08-03  Adam Barth  <abarth@webkit.org>
1843
1844         WebCore::DragController::cleanupAfterSystemDrag should null-check page
1845         https://bugs.webkit.org/show_bug.cgi?id=61815
1846
1847         Reviewed by Eric Seidel.
1848
1849         * page/DragController.cpp:
1850         (WebCore::DragController::dragEnteredOrUpdated):
1851         (WebCore::DragController::doSystemDrag):
1852
1853 2012-08-03  Sergio Carlos Morales Angeles  <carloschilazo@gmail.com>
1854
1855         Delete text from password does nothing.
1856         https://bugs.webkit.org/show_bug.cgi?id=92040
1857
1858         Reviewed by Ryosuke Niwa.
1859
1860         Use Editor::canDelete() to determine if field is editable or not.
1861         Added password-delete-contents test.
1862
1863         Test: editing/deleting/password-delete-contents.html
1864
1865         * editing/EditorCommand.cpp:
1866         (WebCore::enabledDelete):
1867
1868 2012-08-03  Jan Keromnes  <janx@linux.com>
1869
1870         Web Inspector: Make textModel private to textEditor
1871         https://bugs.webkit.org/show_bug.cgi?id=92999
1872
1873         Reviewed by Pavel Feldman.
1874
1875         Making textModel private to the textEditor ensures that it is accessed
1876         only through the textEditor, making the latter more modular.
1877
1878         Tests were changed accordingly.
1879
1880         * inspector/front-end/JavaScriptSourceFrame.js:
1881         (WebInspector.JavaScriptSourceFrame.prototype.afterTextChanged):
1882         (WebInspector.JavaScriptSourceFrame.prototype._restoreBreakpointsAfterEditing):
1883         (WebInspector.JavaScriptSourceFrame.prototype._addBreakpointDecoration):
1884         (WebInspector.JavaScriptSourceFrame.prototype._removeBreakpointDecoration):
1885         (WebInspector.JavaScriptSourceFrame.prototype._lineNumberAfterEditing):
1886         * inspector/front-end/SourceFrame.js:
1887         (WebInspector.SourceFrame):
1888         (WebInspector.SourceFrame.prototype.setContent):
1889         (WebInspector.SourceFrame.prototype.replaceAllWith):
1890         (WebInspector.SourceFrame.prototype._collectRegexMatches):
1891         (WebInspector.SourceFrame.prototype.addMessageToSource):
1892         (WebInspector.SourceFrame.prototype.removeMessageFromSource):
1893         (WebInspector.TextEditorDelegateForSourceFrame.prototype.commitEditing):
1894         * inspector/front-end/TextEditor.js:
1895         (WebInspector.TextEditor.prototype.setText):
1896         (WebInspector.TextEditor.prototype.text):
1897         (WebInspector.TextEditor.prototype.range):
1898         (WebInspector.TextEditor.prototype.line):
1899         (WebInspector.TextEditor.prototype.get linesCount):
1900         (WebInspector.TextEditor.prototype.setAttribute):
1901         (WebInspector.TextEditor.prototype.getAttribute):
1902         (WebInspector.TextEditor.prototype.removeAttribute):
1903         * inspector/front-end/UISourceCodeFrame.js:
1904         (WebInspector.UISourceCodeFrame.prototype.afterTextChanged):
1905
1906 2012-08-03  Adam Barth  <abarth@webkit.org>
1907
1908         V8Proxy::retrieve(*) leads to really obfuscated code and should be removed
1909         https://bugs.webkit.org/show_bug.cgi?id=93072
1910
1911         Reviewed by Eric Seidel.
1912
1913         Once upon a time, V8Proxy::retrieve did a bunch of checks before
1914         returning the V8Proxy object (such as checking whether script was
1915         enabled). Over time, we've removed all of these checks in order to fix
1916         various bugs. Now all it does is check whether the Frame is 0. However,
1917         because the function ends up returning 0 when its argument is 0, the
1918         caller sill needs to have a null check.
1919
1920         This patch deletes all the variations of V8Proxy::retrieve(*) and
1921         inlines them into their callers. In several cases, inlining the
1922         function call showed that we were testing the Frame for 0 twice, and
1923         I've removed the redundant null checks. In other cases, I've
1924         uncontorted the callers to make the code more readable.
1925
1926         * bindings/scripts/CodeGeneratorV8.pm:
1927         (GenerateToV8Converters):
1928         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
1929         (WebCore::V8TestActiveDOMObject::wrapSlow):
1930         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
1931         (WebCore::V8TestNamedConstructorConstructorCallback):
1932         * bindings/scripts/test/V8/V8TestNode.cpp:
1933         (WebCore::V8TestNode::wrapSlow):
1934         * bindings/v8/PageScriptDebugServer.cpp:
1935         (WebCore::PageScriptDebugServer::addListener):
1936         * bindings/v8/ScheduledAction.cpp:
1937         (WebCore::ScheduledAction::execute):
1938         * bindings/v8/ScriptController.h:
1939         (WebCore::ScriptController::windowShell):
1940         * bindings/v8/V8DOMWrapper.cpp:
1941         (WebCore::V8DOMWrapper::instantiateV8Object):
1942         * bindings/v8/V8EventListener.cpp:
1943         (WebCore::V8EventListener::callListenerFunction):
1944         * bindings/v8/V8Helpers.cpp:
1945         (WebCore::toV8Proxy):
1946         * bindings/v8/V8LazyEventListener.cpp:
1947         (WebCore::V8LazyEventListener::callListenerFunction):
1948         (WebCore::V8LazyEventListener::prepareListenerObject):
1949         * bindings/v8/V8Proxy.cpp:
1950         (WebCore::V8Proxy::handleOutOfMemory):
1951         (WebCore::V8Proxy::retrievePerContextData):
1952         (WebCore::V8Proxy::mainWorldContext):
1953         (WebCore::toV8Context):
1954         * bindings/v8/V8Proxy.h:
1955         (V8Proxy):
1956         * bindings/v8/custom/V8DOMWindowCustom.cpp:
1957         (WebCore::V8DOMWindow::addEventListenerCallback):
1958         (WebCore::V8DOMWindow::removeEventListenerCallback):
1959         * bindings/v8/custom/V8DocumentCustom.cpp:
1960         (WebCore::toV8):
1961         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
1962         (WebCore::V8HTMLDocument::openCallback):
1963         (WebCore::toV8):
1964         * bindings/v8/custom/V8SVGDocumentCustom.cpp:
1965         (WebCore::toV8):
1966
1967 2012-08-03  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1968
1969         Add *explicit* keyword to constructors in WebCore/accessibility
1970         https://bugs.webkit.org/show_bug.cgi?id=93067
1971
1972         Reviewed by Kentaro Hara.
1973
1974         As a step to add *explicit* keyword to constructors which have a parameter,
1975         *explicit* keyword is added to Source/WebCore/accessibility in order to avoid
1976         implicit type conversion.
1977
1978         No new tests. Covered by existing tests.
1979
1980         * accessibility/AXObjectCache.h:
1981         (AXObjectCache):
1982         * accessibility/AccessibilityARIAGrid.h:
1983         (AccessibilityARIAGrid):
1984         * accessibility/AccessibilityARIAGridCell.h:
1985         (AccessibilityARIAGridCell):
1986         * accessibility/AccessibilityARIAGridRow.h:
1987         (AccessibilityARIAGridRow):
1988         * accessibility/AccessibilityList.h:
1989         (AccessibilityList):
1990         * accessibility/AccessibilityListBox.h:
1991         (AccessibilityListBox):
1992         * accessibility/AccessibilityMediaControls.h:
1993         (AccessibilityMediaControl):
1994         (AccessibilityMediaTimeline):
1995         (AccessibilityMediaControlsContainer):
1996         (AccessibilityMediaTimeDisplay):
1997         * accessibility/AccessibilityMenuList.h:
1998         (AccessibilityMenuList):
1999         * accessibility/AccessibilityNodeObject.h:
2000         (AccessibilityNodeObject):
2001         * accessibility/AccessibilityProgressIndicator.h:
2002         (AccessibilityProgressIndicator):
2003         * accessibility/AccessibilityRenderObject.h:
2004         (AccessibilityRenderObject):
2005         * accessibility/AccessibilityScrollView.h:
2006         (AccessibilityScrollView):
2007         * accessibility/AccessibilityScrollbar.h:
2008         (AccessibilityScrollbar):
2009         * accessibility/AccessibilitySlider.h:
2010         (AccessibilitySlider):
2011         * accessibility/AccessibilityTable.h:
2012         (AccessibilityTable):
2013         * accessibility/AccessibilityTableCell.h:
2014         (AccessibilityTableCell):
2015         * accessibility/AccessibilityTableRow.h:
2016         (AccessibilityTableRow):
2017
2018 2012-08-03  Abhishek Arya  <inferno@chromium.org>
2019
2020         Regression(r124564): Wrong inlineChildrenBlock->hasLayer() computed in RenderBlock::removeChild.
2021         https://bugs.webkit.org/show_bug.cgi?id=90800
2022
2023         Reviewed by Eric Seidel.
2024
2025         r124564 reversed the sequence of setStyle and removeChildNode calls, but failed to cache the value
2026         of inlineChildrenBlock->hasLayer(). So, it will be null when the layer is removed from parent in setStyle.
2027         Fixed by the caching the bool value. 
2028
2029         Covered by existing test fast/block/layer-not-removed-from-parent-crash.html.
2030
2031         * rendering/RenderBlock.cpp:
2032         (WebCore::RenderBlock::removeChild):
2033
2034 2012-08-03  Mario Sanchez Prada  <msanchez@igalia.com>
2035
2036         [GTK] Add a new and reusable enchant-based spellchecker in WebCore
2037         https://bugs.webkit.org/show_bug.cgi?id=90269
2038
2039         Reviewed by Martin Robinson.
2040
2041         Move enchant specific code down to WebCore, into a new class
2042         TextCheckerEnchant, that we can use from WK1 and WK2.
2043
2044         * GNUmakefile.am: Add flags to handle the SPELLCHECK feature.
2045         * GNUmakefile.list.am: Added new files.
2046         * platform/text/gtk/TextCheckerEnchant.cpp: Added.
2047         (getAvailableDictionariesCallback):
2048         (TextCheckerEnchant::TextCheckerEnchant):
2049         (TextCheckerEnchant::~TextCheckerEnchant):
2050         (TextCheckerEnchant::ignoreWord):
2051         (TextCheckerEnchant::learnWord):
2052         (TextCheckerEnchant::checkSpellingOfString):
2053         (TextCheckerEnchant::getGuessesForWord):
2054         (TextCheckerEnchant::updateSpellCheckingLanguages):
2055         (TextCheckerEnchant::freeEnchantBrokerDictionaries):
2056         * platform/text/gtk/TextCheckerEnchant.h: Added.
2057         (WebCore):
2058         (TextCheckerEnchant):
2059         (WebCore::TextCheckerEnchant::create):
2060
2061 2012-08-03  Kwang Yul Seo  <skyul@company100.net>
2062
2063         Unreviewed r124536 followup, fix the assertion error on Chromium.
2064
2065         * html/parser/HTMLTreeBuilder.cpp:
2066         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
2067
2068 2012-08-03  Ilya Tikhonovsky  <loislo@chromium.org>
2069
2070         Web Inspector: simple replace objectType with ownerObjectType in NMI code.
2071         https://bugs.webkit.org/show_bug.cgi?id=93001
2072
2073         Reviewed by Yury Semikhatsky.
2074
2075         In all the cases when we are visiting members, objectType field is actually the object type of the member's owner object.
2076
2077         * dom/MemoryInstrumentation.h:
2078         (WebCore::MemoryInstrumentation::InstrumentedPointer::InstrumentedPointer):
2079         (InstrumentedPointer):
2080         (WebCore::MemoryInstrumentation::addObject):
2081         (WebCore::MemoryInstrumentation::addInstrumentedObject):
2082         (WebCore::MemoryInstrumentation::addRawBuffer):
2083         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedObject):
2084         (WebCore::MemoryInstrumentation::OwningTraits::addObject):
2085         (WebCore::MemoryObjectInfo::MemoryObjectInfo):
2086         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
2087         (WebCore::MemoryInstrumentation::addObjectImpl):
2088         (WebCore::MemoryInstrumentation::addHashMap):
2089         (WebCore::MemoryInstrumentation::addHashSet):
2090         (WebCore::MemoryInstrumentation::addInstrumentedCollection):
2091         (WebCore::MemoryInstrumentation::addListHashSet):
2092         (WebCore::MemoryInstrumentation::addVector):
2093         (WebCore::::process):
2094
2095 2012-08-02  Ilya Tikhonovsky  <loislo@chromium.org>
2096
2097         Web Inspector: extend test coverage for nmi code and fix 2 bugs.
2098         https://bugs.webkit.org/show_bug.cgi?id=92994
2099
2100         Reviewed by Yury Semikhatsky.
2101
2102         1) owner object type propagation.
2103         If a class with object-type DOM has an instrumented member with object-type Other then it has to be recorded as DOM.
2104         Sample: We have SharedBuffer class and we don't know the object-type for it but we know that it is owned by an object with object-type CachedResourceImage.
2105
2106         2) the first member of an instrumented non virtual class was skipped even if it was reported properly.
2107         it happened because the first member has the same address as it's owner
2108
2109         * dom/MemoryInstrumentation.h:
2110         (WebCore::MemoryInstrumentation::addRootObject):
2111         (WebCore::MemoryInstrumentation::InstrumentedPointer::InstrumentedPointer):
2112         (InstrumentedPointer):
2113         (WebCore::MemoryInstrumentation::addInstrumentedObject):
2114         (MemoryInstrumentation):
2115         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedObject):
2116         (WebCore::MemoryObjectInfo::MemoryObjectInfo):
2117         (WebCore::MemoryObjectInfo::reportObjectInfo):
2118         (WebCore::MemoryClassInfo::addInstrumentedMember):
2119         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
2120         (WebCore::MemoryInstrumentation::addObjectImpl):
2121         (WebCore::MemoryInstrumentation::addInstrumentedCollection):
2122         (WebCore::::process):
2123
2124 2012-08-03  Kentaro Hara  <haraken@chromium.org>
2125
2126         [V8] Make v8NonStringValueToWebCoreString a static method
2127         https://bugs.webkit.org/show_bug.cgi?id=93066
2128
2129         Reviewed by Adam Barth.
2130
2131         v8NonStringValueToWebCoreString() and v8NonStringValueToAtomicWebCoreString()
2132         are not intended to be used from outside V8Binding.cpp.
2133         They should be static methods.
2134
2135         No tests. No change in behavior.
2136
2137         * bindings/v8/V8Binding.cpp:
2138         (WebCore::v8NonStringValueToWebCoreString):
2139         (WebCore):
2140         (WebCore::v8NonStringValueToAtomicWebCoreString):
2141         * bindings/v8/V8Binding.h:
2142         (WebCore::v8StringToWebCoreString):
2143         (WebCore::v8StringToAtomicWebCoreString):
2144
2145 2012-08-02  Abhishek Arya  <inferno@chromium.org>
2146
2147         Crash due to layer not removed from parent for anonymous block.
2148         https://bugs.webkit.org/show_bug.cgi?id=90800
2149
2150         Reviewed by Kent Tamura.
2151
2152         Reverse the order of setStyle and removeChildNode calls. This ensures that setting the style
2153         properly removes its layer from the parent in RenderBoxModelObject::styleDidChange. Calling
2154         removeChildNode before calling setStyle is problematic since the parent layer never gets
2155         notified.
2156
2157         Test: fast/block/layer-not-removed-from-parent-crash.html
2158
2159         * rendering/RenderBlock.cpp:
2160         (WebCore::RenderBlock::removeChild):
2161
2162 2012-08-02  Adam Barth  <abarth@webkit.org>
2163
2164         V8Proxy::retrieveFrameFor*Context are used only by BindingState and should be removed as separate functions
2165         https://bugs.webkit.org/show_bug.cgi?id=93049
2166
2167         Reviewed by Eric Seidel.
2168
2169         No one calls these functions directly anymore. This patch removes them
2170         from V8Proxy and inlines their logic into BindingState.cpp.
2171
2172         * bindings/v8/BindingState.cpp:
2173         (WebCore::activeContext):
2174         (WebCore):
2175         (WebCore::activeWindow):
2176         (WebCore::activeFrame):
2177         (WebCore::firstFrame):
2178         (WebCore::currentFrame):
2179         * bindings/v8/V8Proxy.cpp:
2180         * bindings/v8/V8Proxy.h:
2181         (V8Proxy):
2182
2183 2012-08-02  Yoshifumi Inoue  <yosin@chromium.org>
2184
2185         Make order of attribute/method in HTMLTrackElement.idl as same as specification
2186         https://bugs.webkit.org/show_bug.cgi?id=80102
2187
2188         Reviewed by Kentaro Hara.
2189
2190         No new tests. This patch doesn't change behavior.
2191
2192         * html/HTMLTrackElement.idl: Reorder attribute/method position.
2193
2194 2012-08-02  Kent Tamura  <tkent@chromium.org>
2195
2196         Fix crashes for <input> and <textarea> with display:run-in.
2197         https://bugs.webkit.org/show_bug.cgi?id=87300
2198
2199         Reviewed by Abhishek Arya.
2200
2201         Introduce RenderObject::canBeReplacedWithInlineRunIn, and renderers which
2202         should not be run-in override it so that it returns false.
2203
2204         Test: fast/runin/input-text-runin.html
2205               fast/runin/textarea-runin.html
2206
2207         * rendering/RenderBlock.cpp:
2208         (WebCore::RenderBlock::moveRunInUnderSiblingBlockIfNeeded):
2209         Checks canBeReplacedWithInlineRunIn instead of checking tag names.
2210         * rendering/RenderFileUploadControl.cpp:
2211         (WebCore::RenderFileUploadControl::canBeReplacedWithInlineRunIn):
2212         Added. Disallow run-in.
2213         * rendering/RenderFileUploadControl.h:
2214         (RenderFileUploadControl): Declare canBeReplacedWithInlineRunIn.
2215         * rendering/RenderListBox.cpp:
2216         (WebCore::RenderListBox::canBeReplacedWithInlineRunIn):
2217         Added. Disallow run-in. This is not a behavior change.
2218         * rendering/RenderListBox.h:
2219         (RenderListBox): Declare canBeReplacedWithInlineRunIn.
2220         * rendering/RenderMenuList.cpp:
2221         (WebCore::RenderMenuList::canBeReplacedWithInlineRunIn):
2222         Added. Disallow run-in. This is not a behavior change.
2223         * rendering/RenderMenuList.h:
2224         (RenderMenuList): Declare canBeReplacedWithInlineRunIn.
2225         * rendering/RenderObject.cpp:
2226         (WebCore::RenderObject::canBeReplacedWithInlineRunIn):
2227         Added. Allow run-in by default.
2228         * rendering/RenderObject.h:
2229         (RenderObject): Declare canBeReplacedWithInlineRunIn.
2230         * rendering/RenderProgress.cpp:
2231         (WebCore::RenderProgress::canBeReplacedWithInlineRunIn):
2232         Added. Disallow run-in. This is not a behavior change.
2233         * rendering/RenderProgress.h:
2234         (RenderProgress): Declare canBeReplacedWithInlineRunIn.
2235         * rendering/RenderSlider.cpp:
2236         (WebCore::RenderSlider::canBeReplacedWithInlineRunIn):
2237         Added. Disallow run-in.
2238         * rendering/RenderSlider.h:
2239         (RenderSlider): Declare canBeReplacedWithInlineRunIn.
2240         * rendering/RenderTextControl.cpp:
2241         (WebCore::RenderTextControl::canBeReplacedWithInlineRunIn):
2242         Added. Disallow run-in.
2243         * rendering/RenderTextControl.h:
2244         (RenderTextControl): Declare canBeReplacedWithInlineRunIn.
2245
2246 2012-08-02  Kihong Kwon  <kihong.kwon@samsung.com>
2247
2248         [EFL] Fix wrong assigned value of BatteryStatus
2249         https://bugs.webkit.org/show_bug.cgi?id=93058
2250
2251         Reviewed by Kentaro Hara.
2252
2253         There is a wrong change in the bug 92964.
2254         property variable have to be used after assigned value in the setBatteryClient.
2255
2256         * platform/efl/BatteryProviderEfl.cpp:
2257         (WebCore::BatteryProviderEfl::setBatteryClient):
2258
2259 2012-08-02  Arvid Nilsson  <anilsson@rim.com>
2260
2261         [BlackBerry] Add default implementation of GraphicsLayerClient::contentsVisible()
2262         https://bugs.webkit.org/show_bug.cgi?id=93036
2263
2264         Reviewed by George Staikos.
2265
2266         Returning true by default would cause memory usage to balloon, because
2267         the LayerTiler would believe every tile is visible and always needs to
2268         be rendered. Instead, we choose to return false by default, relying
2269         entirely on reactive rendering through render jobs.
2270
2271         However this revealed a subtle bug. If the entire layer was invalidated
2272         every frame, checkerboard would never resolve with this default
2273         implementation.
2274
2275         Fixed by not clearing render jobs when the entire layer is invalidated,
2276         thus making us robust against an incomplete contentsVisible
2277         implementation.
2278
2279         Also removed dead code related to the deprecated
2280         LayerTiler::m_tilesWebKitThread mechanism, which has been replaced by
2281         the implicit visibility management resulting from render jobs.
2282
2283         With m_tilesWebKitThread out of the way, rename m_tilesCompositingThread
2284         to be simply m_tiles.
2285
2286         PR 187458
2287
2288         This is not currently testable using BlackBerry testing infrastructure.
2289
2290         * platform/graphics/GraphicsLayerClient.h:
2291         (WebCore::GraphicsLayerClient::contentsVisible): Gets a default implementation instead of being pure virtual.
2292         * platform/graphics/blackberry/LayerTile.cpp:
2293         (WebCore::LayerTile::LayerTile): Merged LayerTileData into LayerTile now that m_tilesWebKitThread is gone.
2294         * platform/graphics/blackberry/LayerTile.h:
2295         (LayerTile):
2296         * platform/graphics/blackberry/LayerTiler.cpp:
2297         (WebCore::LayerTiler::~LayerTiler):
2298         (WebCore::LayerTiler::updateTextureContentsIfNeeded): Bug fix to make us robust against the new default implementation of GraphicsLayerClient::contentsVisible()
2299         (WebCore::LayerTiler::shouldPerformRenderJob):
2300         (WebCore::LayerTiler::layerVisibilityChanged):
2301         (WebCore::LayerTiler::uploadTexturesIfNeeded):
2302         (WebCore::LayerTiler::drawTexturesInternal):
2303         (WebCore::LayerTiler::deleteTextures):
2304         (WebCore::LayerTiler::pruneTextures):
2305         (WebCore::LayerTiler::bindContentsTexture):
2306         * platform/graphics/blackberry/LayerTiler.h:
2307         (LayerTiler):
2308
2309 2012-08-02  Keishi Hattori  <keishi@webkit.org>
2310
2311         Slider should snap to datalist tick marks
2312         https://bugs.webkit.org/show_bug.cgi?id=92640
2313
2314         Reviewed by Kent Tamura.
2315
2316         Input type=range slider snaps to datalist tick marks.
2317
2318         Test: fast/forms/datalist/range-snap-to-datalist.html
2319
2320         * html/HTMLInputElement.cpp:
2321         (WebCore::HTMLInputElement::findClosestTickMarkValue): Just calls InputType::findClosestTickMarkValue.
2322         (WebCore):
2323         * html/HTMLInputElement.h:
2324         (HTMLInputElement):
2325         * html/InputType.cpp:
2326         (WebCore):
2327         (WebCore::InputType::findClosestTickMarkValue): Overridden by RangeInputType.
2328         * html/InputType.h:
2329         (InputType):
2330         * html/RangeInputType.cpp:
2331         (WebCore::RangeInputType::RangeInputType):
2332         (WebCore):
2333         (WebCore::RangeInputType::listAttributeTargetChanged): Mark m_tickMarkValues as dirty.
2334         (WebCore::decimalCompare):
2335         (WebCore::RangeInputType::updateTickMarkValues): Sets m_tickMarkValues to a list of sorted valid datalist values.
2336         (WebCore::RangeInputType::findClosestTickMarkValue): Finds closest tick mark value to a given value.
2337         * html/RangeInputType.h:
2338         (RangeInputType):
2339         * html/shadow/SliderThumbElement.cpp:
2340         (WebCore):
2341         (WebCore::SliderThumbElement::setPositionFromPoint): Snaps to the closest tick mark value if it is within a certain distance.
2342
2343 2012-08-02  Ryuan Choi  <ryuan.choi@samsung.com>
2344
2345         [EFL] Crash while loading plugin after r121467
2346         https://bugs.webkit.org/show_bug.cgi?id=92943
2347
2348         Reviewed by Laszlo Gombos.
2349
2350         r121467 replaced POSIX dlopen to helpers in eina_module, but some codes
2351         are not changed.
2352
2353         No new tests, behavior has not changed.
2354
2355         * plugins/efl/PluginPackageEfl.cpp:
2356         (WebCore::PluginPackage::fetchInfo):
2357         Changes dlsym to eina_module_symbol_get to follow changes of r121467.
2358
2359 2012-08-02  Adam Barth  <abarth@webkit.org>
2360
2361         V8 bindings code that tries to find its context should use BindingState functions rather than V8Proxy
2362         https://bugs.webkit.org/show_bug.cgi?id=93038
2363
2364         Reviewed by Eric Seidel.
2365
2366         After this patch, most code in the V8 bindings that tries to determine
2367         it's "context" goes through BindingState.h rather than V8Proxy. This
2368         patch is a step towards unifying all these code paths.
2369
2370         * bindings/scripts/CodeGeneratorV8.pm:
2371         (GenerateNamedConstructorCallback):
2372         * bindings/v8/BindingState.cpp:
2373         (WebCore::currentFrame):
2374         (WebCore):
2375         * bindings/v8/BindingState.h:
2376         (WebCore):
2377         * bindings/v8/ScriptController.cpp:
2378         (WebCore::ScriptController::retrieveFrameForEnteredContext):
2379         (WebCore::ScriptController::retrieveFrameForCurrentContext):
2380         * bindings/v8/V8DOMWindowShell.cpp:
2381         (WebCore::v8UncaughtExceptionHandler):
2382         * bindings/v8/V8Proxy.cpp:
2383         (WebCore::V8Proxy::reportUnsafeAccessTo):
2384         * bindings/v8/V8Proxy.h:
2385         (V8Proxy):
2386         * bindings/v8/V8Utilities.cpp:
2387         (WebCore::getScriptExecutionContext):
2388         * bindings/v8/custom/V8AudioContextCustom.cpp:
2389         (WebCore::V8AudioContext::constructorCallback):
2390         * bindings/v8/custom/V8DOMWindowCustom.cpp:
2391         (WebCore::handlePostMessageCallback):
2392         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
2393         (WebCore::V8HTMLDocument::writeCallback):
2394         (WebCore::V8HTMLDocument::writelnCallback):
2395         (WebCore::V8HTMLDocument::openCallback):
2396         * bindings/v8/custom/V8HTMLImageElementConstructor.cpp:
2397         (WebCore::v8HTMLImageElementConstructorCallback):
2398
2399 2012-08-02  Sheriff Bot  <webkit.review.bot@gmail.com>
2400
2401         Unreviewed, rolling out r124540.
2402         http://trac.webkit.org/changeset/124540
2403         https://bugs.webkit.org/show_bug.cgi?id=93055
2404
2405         Broke compile on Chromium Win bot (Requested by dimich on
2406         #webkit).
2407
2408         * Modules/indexeddb/IDBBackingStore.h:
2409         (IDBBackingStore):
2410         * Modules/indexeddb/IDBCallbacks.h:
2411         (IDBCallbacks):
2412         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
2413         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::PendingOpenCall):
2414         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
2415         (WebCore::IDBDatabaseBackendImpl::openInternal):
2416         (WebCore::IDBDatabaseBackendImpl::metadata):
2417         (WebCore::IDBDatabaseBackendImpl::setVersion):
2418         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
2419         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
2420         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
2421         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
2422         (WebCore::IDBDatabaseBackendImpl::close):
2423         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
2424         (IDBDatabaseBackendImpl):
2425         * Modules/indexeddb/IDBDatabaseCallbacks.h:
2426         (IDBDatabaseCallbacks):
2427         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
2428         (WebCore::IDBFactoryBackendImpl::open):
2429         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
2430         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
2431         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
2432         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
2433         * Modules/indexeddb/IDBLevelDBBackingStore.h:
2434         (IDBLevelDBBackingStore):
2435         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
2436         (WebCore::IDBTransactionBackendImpl::commit):
2437
2438 2012-08-02  Arvid Nilsson  <anilsson@rim.com>
2439
2440         [BlackBerry] Upstream GraphicsLayerClient::contentsVisible()
2441         https://bugs.webkit.org/show_bug.cgi?id=93040
2442
2443         Reviewed by George Staikos.
2444
2445         Our LayerTiler uses both proactive and reactive rendering to populate
2446         tiles. If contentsVisible() is accurate, it will cause the right tiles
2447         to be rendered. Failing that, when a dirty tile is found to be visible
2448         on the compositing thread, a render job is scheduled.
2449
2450         This is not currently testable using BlackBerry testing infrastructure.
2451
2452         * platform/graphics/GraphicsLayerClient.h:
2453         (GraphicsLayerClient): New BlackBerry-specific method "contentsVisible" added.
2454         * rendering/RenderLayerBacking.cpp:
2455         (WebCore):
2456         (WebCore::RenderLayerBacking::contentsVisible): BlackBerry-specific implementation.
2457
2458 2012-08-02  Alexandre Elias  <aelias@google.com>
2459
2460         [chromium] deviceViewportSize cleanup
2461         https://bugs.webkit.org/show_bug.cgi?id=92794
2462
2463         Reviewed by Adrienne Walker.
2464
2465         In the future, CSS layout size will become increasingly disassociated
2466         from physical device size, and it will become impossible to infer one
2467         from the other inside the compositor.  Therefore, this patch allows
2468         deviceViewportSize to be explicitly passed in by the outside client.
2469
2470         I also renamed the existing viewportSize field to "layoutViewportSize"
2471         for clarity, and converted its uses to deviceViewportSize since
2472         that is more appropriate.
2473
2474         I had to add some default-value scaffolding to WebLayerTreeView in
2475         order to avoid breaking ui/compositor.  We can delete it once that's
2476         updated.
2477
2478         No new tests (covered by existing tests).
2479
2480         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2481         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
2482         (WebCore::CCLayerTreeHost::setViewportSize):
2483         (WebCore::CCLayerTreeHost::updateLayers):
2484         (WebCore::CCLayerTreeHost::setDeviceScaleFactor):
2485         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2486         (CCLayerTreeHost):
2487         (WebCore::CCLayerTreeHost::layoutViewportSize):
2488         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2489         (WebCore::CCLayerTreeHostImpl::canDraw):
2490         (WebCore::CCLayerTreeHostImpl::startPageScaleAnimation):
2491         (WebCore::CCLayerTreeHostImpl::setViewportSize):
2492         (WebCore::CCLayerTreeHostImpl::setDeviceScaleFactor):
2493         (WebCore::CCLayerTreeHostImpl::updateMaxScrollPosition):
2494         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2495         (CCLayerTreeHostImpl):
2496         (WebCore::CCLayerTreeHostImpl::layoutViewportSize):
2497
2498 2012-08-02  Adam Barth  <abarth@webkit.org>
2499
2500         V8Proxy::currentContext() doesn't do anything and should be removed
2501         https://bugs.webkit.org/show_bug.cgi?id=93041
2502
2503         Reviewed by Eric Seidel.
2504
2505         It's just a wrapper for GetCurrent().
2506
2507         * bindings/v8/DateExtension.cpp:
2508         (WebCore::DateExtension::setAllowSleep):
2509         * bindings/v8/V8NPUtils.cpp:
2510         (WebCore::convertV8ObjectToNPVariant):
2511         * bindings/v8/V8Proxy.cpp:
2512         (WebCore::V8Proxy::retrieve):
2513         (WebCore::V8Proxy::mainWorldContext):
2514         * bindings/v8/V8Proxy.h:
2515         (V8Proxy):
2516         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
2517         (WebCore::getJSListenerFunctions):
2518
2519 2012-08-02  David Grogan  <dgrogan@chromium.org>
2520
2521         IndexedDB: Core upgradeneeded logic
2522         https://bugs.webkit.org/show_bug.cgi?id=92558
2523
2524         Reviewed by Ojan Vafai.
2525
2526         This is the backend webkit logic needed for integer versions. The rest
2527         is in https://bugs.webkit.org/show_bug.cgi?id=89505.
2528
2529         I tried to make use of the existing processPendingCalls and added two
2530         more queues, pendingOpenWithVersionCalls and
2531         pendingSecondHalfOpenWithVersionCalls. The "second half" refers to
2532         how there are two events that need to be fired in response to an
2533         open-with-version call. The "second half" queue holds the open
2534         requests that should immediately follow the caller's upgradeneeded
2535         handler.
2536
2537         No new tests, there are so many they are in their own patch:
2538         https://bugs.webkit.org/show_bug.cgi?id=92560
2539
2540         Though this patch doesn't change any expected behavior anyway, lack of
2541         regressions is what we're hoping for here.
2542
2543         * Modules/indexeddb/IDBBackingStore.h:
2544         (IDBBackingStore):
2545         * Modules/indexeddb/IDBCallbacks.h:
2546         (WebCore::IDBCallbacks::onBlocked):
2547         (WebCore::IDBCallbacks::onUpgradeNeeded):
2548         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
2549         (IDBDatabaseBackendImpl::PendingOpenCall):
2550         (IDBDatabaseBackendImpl::PendingOpenWithVersionCall):
2551         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::create):
2552         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::callbacks):
2553         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::version):
2554         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::PendingOpenWithVersionCall):
2555         (WebCore):
2556         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
2557         (WebCore::IDBDatabaseBackendImpl::openInternal):
2558         (WebCore::IDBDatabaseBackendImpl::metadata):
2559         (WebCore::IDBDatabaseBackendImpl::setVersion):
2560         (WebCore::IDBDatabaseBackendImpl::setIntVersionInternal):
2561         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
2562         (WebCore::IDBDatabaseBackendImpl::transactionFinishedAndEventsFired):
2563         When an upgradeneeded event is fired in response to an
2564         open-with-version call, the version change transaction must receive its
2565         complete event before processPendingCalls fires a success event at
2566         IDBOpenDBRequest. In the future this should probably be changed
2567         instead to transactionFinishedAndAbortFired and
2568         transactionFinishedAndCompleteFired so that we'll know to fire a
2569         success or error event at IDBOpenDBRequest. Currently, instead of
2570         firing error when there's an abort, we don't fire anything.
2571
2572         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
2573         Now that this is called after a connection is opened, we unfortunately
2574         lose the invariant that there is only one existing connection when this
2575         is called, but nothing inside this function actually relied on that.
2576         Additionally, the secondHalfOpen calls only ever need to be serviced
2577         in one place: right after a version change transaction completes, so
2578         it could be moved out of here.
2579
2580         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
2581         Now that setVersion and deleteDatabase calls are queued up behind
2582         secondHalfOpen calls, we have to service those queues when
2583         secondHalfOpen calls complete, which is here.  So call
2584         processPendingCalls().
2585
2586         (WebCore::IDBDatabaseBackendImpl::runIntVersionChangeTransaction):
2587         (WebCore::IDBDatabaseBackendImpl::openConnectionWithVersion):
2588         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
2589         (WebCore::IDBDatabaseBackendImpl::close):
2590         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
2591         (IDBDatabaseBackendImpl):
2592         * Modules/indexeddb/IDBDatabaseCallbacks.h:
2593         (WebCore::IDBDatabaseCallbacks::onVersionChange):
2594         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
2595         (WebCore::IDBFactoryBackendImpl::open):
2596         This is refactored some so that the call to openConection{WithVersion}
2597         happens once, at the end.
2598
2599         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
2600         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
2601         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
2602         (WebCore::IDBLevelDBBackingStore::updateIDBDatabaseIntVersion):
2603         (WebCore):
2604         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
2605         * Modules/indexeddb/IDBLevelDBBackingStore.h:
2606         (IDBLevelDBBackingStore):
2607         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
2608         (WebCore::IDBTransactionBackendImpl::commit):
2609         See above comments about transactionFinishedAndEventsFired. I tried
2610         moving the call to transactionFinished after the events were fired but
2611         that failed some asserts. But changing those asserts is still an
2612         alternative to splitting up transactionFinished as is done here.
2613
2614 2012-08-02  Rob Buis  <rwlbuis@webkit.org>
2615
2616         SVG text selection doesn't work with hyperlinked text
2617         https://bugs.webkit.org/show_bug.cgi?id=29166
2618
2619         Reviewed by Eric Seidel.
2620
2621         Cleanup SVGAElement. There is no need to test for middle mouse button here, this
2622         is handled elsewhere, so remove isMiddleMouseButtonEvent. Similarly handleLinkClick
2623         is not used anymore by HTMLAnchorElement, remove it. Finally, _self indeed is not needed.
2624
2625         No new tests, since no change in behaviour.
2626
2627         * WebCore.order:
2628         * html/HTMLAnchorElement.cpp:
2629         * html/HTMLAnchorElement.h:
2630         (WebCore):
2631         * svg/SVGAElement.cpp:
2632         (WebCore::SVGAElement::defaultEventHandler):
2633
2634 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
2635
2636         Move causesFosterParenting() to HTMLStackItem
2637         https://bugs.webkit.org/show_bug.cgi?id=93048
2638
2639         Reviewed by Adam Barth.
2640
2641         Changed to share causesFosterParenting() between HTMLTreeBuilder and HTMLConstructionSite
2642         by moving this function to HTMLStackItem.
2643
2644         No functional change, so no new tests.
2645
2646         * html/parser/HTMLConstructionSite.cpp:
2647         (WebCore::HTMLConstructionSite::shouldFosterParent):
2648         * html/parser/HTMLStackItem.h:
2649         (WebCore::HTMLStackItem::causesFosterParenting):
2650         (HTMLStackItem):
2651         * html/parser/HTMLTreeBuilder.cpp:
2652         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
2653
2654 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
2655
2656         Read tag names and attributes from the saved tokens in HTMLTreeBuilder::callTheAdoptionAgency(AtomicHTMLToken*)
2657         https://bugs.webkit.org/show_bug.cgi?id=93047
2658
2659         Reviewed by Adam Barth.
2660
2661         This is a follow-up patch for r123577.
2662         Changed to retrieve the stack item of commonAncestor and read the local name from the saved token.
2663
2664         No new tests, covered by existing tests.
2665
2666         * html/parser/HTMLTreeBuilder.cpp:
2667         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
2668
2669 2012-08-02  Vincent Scheib  <scheib@chromium.org>
2670
2671         Remove old Pointer Lock API.
2672         https://bugs.webkit.org/show_bug.cgi?id=88892
2673
2674         Reviewed by Adam Barth.
2675
2676         Removing the old Pointer Lock API as one of the final cleanup
2677         changes for the Update to Fullscreen style locking Spec meta
2678         bug https://bugs.webkit.org/show_bug.cgi?id=84402.
2679
2680         This change primarily removes idl, access in navigator,
2681         one event, and supporting infrastructure in page/PointerLock.
2682
2683         In PointerLockController changes were already noted clearly with
2684         TODOs differentiating old and new api sections.
2685
2686         Test: pointer-lock/pointerlockchange-event-on-lock-lost.html
2687
2688         * WebCore.gypi:
2689         * dom/Element.cpp:
2690         (WebCore::Element::webkitRequestPointerLock):
2691         * dom/EventNames.h:
2692         (WebCore):
2693         * page/Navigator.cpp:
2694         * page/Navigator.h:
2695         (WebCore):
2696         (Navigator):
2697         * page/Navigator.idl:
2698         * page/PointerLock.cpp: Removed.
2699         * page/PointerLock.h: Removed.
2700         * page/PointerLock.idl: Removed.
2701         * page/PointerLockController.cpp:
2702         (WebCore::PointerLockController::requestPointerLock):
2703         (WebCore::PointerLockController::didAcquirePointerLock):
2704         (WebCore::PointerLockController::didNotAcquirePointerLock):
2705         (WebCore::PointerLockController::didLosePointerLock):
2706         * page/PointerLockController.h:
2707         (PointerLockController):
2708
2709 2012-08-02  Ryosuke Niwa  <rniwa@webkit.org>
2710
2711         scripts in formaction should be stripped upon paste
2712         https://bugs.webkit.org/show_bug.cgi?id=92298
2713
2714         Reviewed by Eric Seidel.
2715
2716         Strip formaction attribute values when the URL is of javascript protocol.
2717
2718         Test: editing/pasteboard/paste-noscript-xhtml.html
2719               editing/pasteboard/paste-noscript.html
2720
2721         * dom/Element.cpp:
2722         (WebCore::isAttributeToRemove): Explicitly compare with href and nohref instead of comparing
2723         the ends of strings since comparing two AtomicString is much faster.
2724
2725 2012-08-02  Elliott Sprehn  <esprehn@gmail.com>
2726
2727         Built in quotes don't use lang attribute
2728         https://bugs.webkit.org/show_bug.cgi?id=92918
2729
2730         Reviewed by Alexey Proskuryakov.
2731
2732         Previously even though there was a table in RenderQuote of languages mapped
2733         to quotes we always used basic quotes. This patch removes the broken tree
2734         walking and uses Element::computeInheritedLanguage fixing this.
2735
2736         Tests: fast/css-generated-content/quotes-lang-expected.html
2737                fast/css-generated-content/quotes-lang.html
2738                fast/css-generated-content/quotes-xml-lang-expected.html
2739                fast/css-generated-content/quotes-xml-lang.html
2740
2741         * rendering/RenderQuote.cpp:
2742         (WebCore::RenderQuote::originalText):
2743         (WebCore::RenderQuote::quotesData): New method that determines the right QuotesData to use.
2744         (WebCore):
2745         * rendering/RenderQuote.h:
2746         (RenderQuote):
2747
2748 2012-08-02  Adam Barth  <abarth@webkit.org>
2749
2750         Add back a header I mistakenly removed in my previous commit.
2751
2752         * WebCore.xcodeproj/project.pbxproj:
2753
2754 2012-08-02  Adrienne Walker  <enne@google.com>
2755
2756         [chromium] Remove dependency on Scrollbar.h from ScrollbarLayerChromium
2757         https://bugs.webkit.org/show_bug.cgi?id=93024
2758
2759         Reviewed by James Robinson.
2760
2761         Change part enum from the Scrollbar version to WebScrollbar's.
2762
2763         Tested by composited layout tests.
2764
2765         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
2766         (WebCore::ScrollbarBackgroundPainter::create):
2767         (WebCore::ScrollbarBackgroundPainter::ScrollbarBackgroundPainter):
2768         (ScrollbarBackgroundPainter):
2769         (WebCore::ScrollbarLayerChromium::createTextureUpdaterIfNeeded):
2770
2771 2012-08-02  Adam Barth  <abarth@webkit.org>
2772
2773         BindingSecurityBase serves no purpose and should be removed
2774         https://bugs.webkit.org/show_bug.cgi?id=93025
2775
2776         Reviewed by Eric Seidel.
2777
2778         Now that we don't use templates in the generic bindings, we can merge
2779         BindingSecurity and BindingSecurityBase. This patch also removes some
2780         functions that are no longer used (and reduces the number of
2781         #includes).
2782
2783         No behavior change.
2784
2785         * GNUmakefile.list.am:
2786         * WebCore.gypi:
2787         * bindings/generic/BindingSecurity.h:
2788         (WebCore):
2789         (BindingSecurity):
2790         * bindings/generic/BindingSecurityBase.cpp: Removed.
2791         * bindings/generic/BindingSecurityBase.h: Removed.
2792         * bindings/v8/V8Binding.h:
2793         * bindings/v8/V8Utilities.cpp:
2794         * bindings/v8/custom/V8MutationObserverCustom.cpp:
2795
2796 2012-08-02  Ryosuke Niwa  <rniwa@webkit.org>
2797
2798         Let XCode have its own away and also sort the files.
2799
2800         * WebCore.xcodeproj/project.pbxproj:
2801
2802 2012-08-02  Tien-Ren Chen  <trchen@chromium.org>
2803
2804         [chromium] Add CCScrollbarAnimationController class for compositor scrollbar animation
2805         https://bugs.webkit.org/show_bug.cgi?id=91688
2806
2807         Reviewed by Adrienne Walker.
2808
2809         Add CCScrollbarAnimationController that serves as the middle man
2810         between the scrolling layer and scrollbar layer. Now all scroll offset
2811         information are pushed through the controller, and individual platform
2812         can provide specialized controller for extra processing.
2813
2814         A basic fadeout controller for Android scrollbar is included.
2815
2816         New test: ScrollbarLayerChromiumTest.scrollOffsetSynchronization
2817                   CCScrollbarAnimationControllerLinearFade.*
2818
2819         * WebCore.gypi:
2820         * page/FrameView.cpp:
2821         (WebCore::FrameView::calculateScrollbarModesForLayout):
2822         * page/scrolling/chromium/ScrollingCoordinatorChromium.cpp:
2823         (WebCore::createScrollbarLayer):
2824         * platform/graphics/chromium/TreeSynchronizer.cpp:
2825         (WebCore::TreeSynchronizer::synchronizeTreeRecursive):
2826         (WebCore::TreeSynchronizer::updateScrollbarLayerPointersRecursive):
2827         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
2828         (WebCore::CCLayerImpl::scrollBy):
2829         (WebCore::CCLayerImpl::setMaxScrollPosition):
2830         (WebCore):
2831         (WebCore::CCLayerImpl::horizontalScrollbarLayer):
2832         (WebCore::CCLayerImpl::setHorizontalScrollbarLayer):
2833         (WebCore::CCLayerImpl::verticalScrollbarLayer):
2834         (WebCore::CCLayerImpl::setVerticalScrollbarLayer):
2835         * platform/graphics/chromium/cc/CCLayerImpl.h:
2836         (WebCore):
2837         (CCLayerImpl):
2838         (WebCore::CCLayerImpl::scrollbarAnimationController):
2839         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2840         (WebCore::CCLayerTreeHostImpl::animate):
2841         (WebCore::CCLayerTreeHostImpl::pinchGestureBegin):
2842         (WebCore::CCLayerTreeHostImpl::pinchGestureUpdate):
2843         (WebCore::CCLayerTreeHostImpl::pinchGestureEnd):
2844         (WebCore::CCLayerTreeHostImpl::animateScrollbars):
2845         (WebCore):
2846         (WebCore::CCLayerTreeHostImpl::animateScrollbarsRecursive):
2847         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2848         (CCLayerTreeHostImpl):
2849         * platform/graphics/chromium/cc/CCScrollbarAnimationController.cpp: Added.
2850         (WebCore):
2851         (WebCore::CCScrollbarAnimationController::create):
2852         (WebCore::CCScrollbarAnimationController::CCScrollbarAnimationController):
2853         (WebCore::CCScrollbarAnimationController::~CCScrollbarAnimationController):
2854         (WebCore::CCScrollbarAnimationController::getScrollLayerBounds):
2855         (WebCore::CCScrollbarAnimationController::updateScrollOffset):
2856         * platform/graphics/chromium/cc/CCScrollbarAnimationController.h: Added.
2857         (WebCore):
2858         (CCScrollbarAnimationController):
2859         (WebCore::CCScrollbarAnimationController::animate):
2860         (WebCore::CCScrollbarAnimationController::didPinchGestureBegin):
2861         (WebCore::CCScrollbarAnimationController::didPinchGestureUpdate):
2862         (WebCore::CCScrollbarAnimationController::didPinchGestureEnd):
2863         (WebCore::CCScrollbarAnimationController::setHorizontalScrollbarLayer):
2864         (WebCore::CCScrollbarAnimationController::horizontalScrollbarLayer):
2865         (WebCore::CCScrollbarAnimationController::setVerticalScrollbarLayer):
2866         (WebCore::CCScrollbarAnimationController::verticalScrollbarLayer):
2867         * platform/graphics/chromium/cc/CCScrollbarAnimationControllerAndroid.cpp: Added.
2868         (WebCore):
2869         (WebCore::CCScrollbarAnimationController::create):
2870         (WebCore::CCScrollbarAnimationControllerAndroid::CCScrollbarAnimationControllerAndroid):
2871         (WebCore::CCScrollbarAnimationControllerAndroid::~CCScrollbarAnimationControllerAndroid):
2872         (WebCore::CCScrollbarAnimationControllerAndroid::animate):
2873         (WebCore::CCScrollbarAnimationControllerAndroid::didPinchGestureUpdate):
2874         (WebCore::CCScrollbarAnimationControllerAndroid::didPinchGestureEnd):
2875         (WebCore::CCScrollbarAnimationControllerAndroid::updateScrollOffset):
2876         (WebCore::CCScrollbarAnimationControllerAndroid::opacityAtTime):
2877         * platform/graphics/chromium/cc/CCScrollbarAnimationControllerAndroid.h: Added.
2878         (WebCore):
2879         (CCScrollbarAnimationControllerAndroid):
2880         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
2881         (WebCore::CCScrollbarLayerImpl::CCScrollbarLayerImpl):
2882         (WebCore):
2883         (WebCore::CCScrollbarLayerImpl::CCScrollbar::value):
2884         (WebCore::CCScrollbarLayerImpl::CCScrollbar::currentPos):
2885         (WebCore::CCScrollbarLayerImpl::CCScrollbar::totalSize):
2886         (WebCore::CCScrollbarLayerImpl::CCScrollbar::maximum):
2887         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
2888         (WebCore::CCScrollbarLayerImpl::orientation):
2889         (WebCore::CCScrollbarLayerImpl::setCurrentPos):
2890         (WebCore::CCScrollbarLayerImpl::setTotalSize):
2891         (WebCore::CCScrollbarLayerImpl::setMaximum):
2892         (CCScrollbarLayerImpl):
2893
2894 2012-06-15  David Barton  <dbarton@mathscribe.com>
2895
2896         MathML: nested square root symbols have varying descenders
2897         https://bugs.webkit.org/show_bug.cgi?id=43819
2898
2899         Reviewed by Eric Seidel.
2900
2901         This bug stems from the use of offsetHeight() on a renderer that's possibly a
2902         RenderInline, in getBoxModelObjectHeight() in RenderMathMLBlock.h.
2903         RenderInline::offsetHeight() actually returns linesBoundingBox().height(), which can be
2904         overly large, especially for the big STIX fonts that include a few mathematical symbols
2905         with unusually tall ascenders or descenders. A better solution for MathML in general is
2906         the CSS properties { -webkit-line-box-contain: glyphs replaced; line-height: 0; }. This
2907         gives tight glyph-based formatting in radical expressions, subscripts, superscripts,
2908         underscripts, overscripts, numerators, denominators, etc. To make this work, inline
2909         elements such as <mn> and <mi> must be wrapped inside implicit <mrow>s or just
2910         RenderMathMLBlocks, when a tight height is desired. We also replace
2911         getBoxModelObjectWidth(), which uses offsetWidth(), with contentLogicalWidth(). Finally,
2912         we enable the STIXGeneral font for use inside layout tests.
2913
2914         Tested by existing LayoutTests/mathml/presentation/ files including roots.xhtml.
2915
2916         * css/mathml.css:
2917         (math):
2918         (mtext):
2919         (mroot > * + *):
2920         (mtd):
2921         * rendering/mathml/RenderMathMLBlock.cpp:
2922         (WebCore::RenderMathMLBlock::preferredLogicalHeightAfterSizing):
2923         (WebCore::RenderMathMLBlock::baselinePosition):
2924         * rendering/mathml/RenderMathMLBlock.h:
2925         * rendering/mathml/RenderMathMLFraction.cpp:
2926         (WebCore::RenderMathMLFraction::baselinePosition):
2927         * rendering/mathml/RenderMathMLOperator.cpp:
2928         (WebCore::RenderMathMLOperator::createStackableStyle):
2929         (WebCore::RenderMathMLOperator::baselinePosition):
2930         * rendering/mathml/RenderMathMLRoot.cpp:
2931         (WebCore::RenderMathMLRoot::addChild):
2932         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths):
2933         (WebCore::RenderMathMLRoot::paint):
2934         * rendering/mathml/RenderMathMLRoot.h:
2935         * rendering/mathml/RenderMathMLSquareRoot.cpp:
2936         * rendering/mathml/RenderMathMLSquareRoot.h:
2937         * rendering/mathml/RenderMathMLSubSup.cpp:
2938         (WebCore::RenderMathMLSubSup::layout):
2939         * rendering/mathml/RenderMathMLUnderOver.cpp:
2940         (WebCore::RenderMathMLUnderOver::baselinePosition):
2941         * rendering/mathml/RenderMathMLUnderOver.h:
2942
2943 2012-08-02  Adrienne Walker  <enne@google.com>
2944
2945         [chromium] Make CCScrollbarLayerImpl handle lost contexts properly
2946         https://bugs.webkit.org/show_bug.cgi?id=93021
2947
2948         Reviewed by James Robinson.
2949
2950         The resource ids that CCScrollbarLayerImpl holds onto need to be
2951         discarded during a lost context as the resource provider they came
2952         from is also destroyed.
2953
2954         Make a scrollbarGeometry function that wraps all uses of the
2955         m_geometry member to make it possible to test CCScrollbarLayerImpl
2956         without depending on WebCore.
2957
2958         Test: CCLayerTreeHostImplTest.dontUseOldResourcesAfterLostContext
2959
2960         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
2961         (WebCore::CCScrollbarLayerImpl::scrollbarGeometry):
2962         (WebCore):
2963         (WebCore::CCScrollbarLayerImpl::appendQuads):
2964         (WebCore::CCScrollbarLayerImpl::didLoseContext):
2965         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
2966         (CCScrollbarLayerImpl):
2967
2968 2012-08-02  Oliver Hunt  <oliver@apple.com>
2969
2970         A few objects aren't being safely protected from GC in all cases
2971         https://bugs.webkit.org/show_bug.cgi?id=93031
2972
2973         Reviewed by Filip Pizlo.
2974
2975         I haven't seen evidence that anyone is hitting bugs due to this, but any
2976         GC error can lead to later -- hard to diagnose -- bugs if they result in
2977         resurrecting dead objects.
2978
2979         * bindings/js/JSCustomXPathNSResolver.cpp:
2980         (WebCore::JSCustomXPathNSResolver::create):
2981         (WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver):
2982         (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
2983         * bindings/js/JSCustomXPathNSResolver.h:
2984         (JSCustomXPathNSResolver):
2985         * bindings/js/JSDictionary.cpp:
2986         (WebCore::JSDictionary::tryGetProperty):
2987         * bindings/js/JSDictionary.h:
2988         (WebCore::JSDictionary::JSDictionary):
2989         (WebCore::JSDictionary::initializerObject):
2990
2991 2012-08-02  Emil A Eklund  <eae@chromium.org>
2992
2993         Range::isPointInRange incorrectly throws WRONG_DOCUMENT_ERR
2994         https://bugs.webkit.org/show_bug.cgi?id=93009
2995
2996         Reviewed by Ojan Vafai.
2997
2998         The latest working draft of the DOM4 spec has all but killed the
2999         WRONG_DOCUMENT_ERR exception. Update isPointInRange to return false
3000         instead of throwing an exception when the range and point are in
3001         different documents. This matches the Mozilla behavior.
3002
3003         Test: fast/html/range-point-in-range-for-different-documents.html
3004
3005         * dom/Range.cpp:
3006         (WebCore::Range::isPointInRange):
3007         Return false instead of throwing WRONG_DOCUMENT_ERR when the point is in
3008         a different document.
3009
3010 2012-08-02  Erik Arvidsson  <arv@chromium.org>
3011
3012         DOM4: className should be defined on Element and not on HTMLElement
3013         https://bugs.webkit.org/show_bug.cgi?id=93014
3014
3015         Reviewed by Adam Barth.
3016
3017         DOM4 specs that Element should have the className WebIDL attribute. This moves the
3018         attribute to the correct IDL file.
3019
3020         Test: fast/dom/Element/class-name.html
3021
3022         * dom/Element.idl:
3023         * html/HTMLElement.idl:
3024
3025 2012-08-02  Erik Arvidsson  <arv@chromium.org>
3026
3027         [V8] Handle case where Error.prototype returns an empty object
3028         https://bugs.webkit.org/show_bug.cgi?id=91792
3029
3030         Reviewed by Kentaro Hara.
3031
3032         In some edge cases we get an empty object back from Error.prototype.
3033
3034         No new tests. I cannot reproduce this.
3035
3036         * bindings/v8/V8BindingPerContextData.cpp:
3037         (WebCore::V8BindingPerContextData::constructorForTypeSlowCase):
3038
3039 2012-08-02  Eric Seidel  <eric@webkit.org>
3040
3041         Add back ASSERT(!needsLayout) to RenderTableSection which is now valid
3042         https://bugs.webkit.org/show_bug.cgi?id=92954
3043
3044         Unreviewed, follow-up per Mitz's request.
3045
3046         * rendering/RenderTableSection.cpp:
3047         (WebCore::RenderTableSection::paint):
3048
3049 2012-08-02  James Robinson  <jamesr@chromium.org>
3050
3051         [chromium] Remove unused includes from compositor code
3052         https://bugs.webkit.org/show_bug.cgi?id=92930
3053
3054         Reviewed by Adrienne Walker.
3055
3056         * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.cpp:
3057         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
3058         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
3059
3060 2012-08-02  Adam Barth  <abarth@webkit.org>
3061
3062         The generic bindings shouldn't use templates
3063         https://bugs.webkit.org/show_bug.cgi?id=93016
3064
3065         Reviewed by Eric Seidel.
3066
3067         We originally created the generic bindings to share code between the
3068         JavaScriptCore and V8 bindings. However, the code came out sort of ugly
3069         because we used templates (with the idea that templates would let us
3070         use more than one scripting engine).
3071
3072         This patch rips out the templates in an attempt to make the code
3073         prettier and therefore easier to use in both V8 and JSC. I've tried to
3074         keep this patch small by remaning things mostly in place. In the next
3075         patch, I'll move a bunch of code out of headers and into cpp files.
3076
3077         No behavior change.
3078
3079         * GNUmakefile.am:
3080         * UseV8.cmake:
3081         * WebCore.gyp/WebCore.gyp:
3082         * WebCore.gypi:
3083         * WebCore.pri:
3084         * bindings/generic/BindingSecurity.h:
3085         (WebCore):
3086         (BindingSecurity):
3087         (WebCore::BindingSecurity::canAccessWindow):
3088         (WebCore::BindingSecurity::canAccessFrame):
3089         (WebCore::BindingSecurity::shouldAllowAccessToNode):
3090         (WebCore::BindingSecurity::allowPopUp):
3091         (WebCore::BindingSecurity::allowSettingFrameSrcToJavascriptUrl):
3092         (WebCore::BindingSecurity::allowSettingSrcToJavascriptURL):
3093         * bindings/generic/GenericBinding.h:
3094         (WebCore::completeURL):
3095         * bindings/scripts/CodeGeneratorV8.pm:
3096         (GenerateDomainSafeFunctionGetter):
3097         (GenerateNormalAttrGetter):
3098         (GenerateReplaceableAttrSetter):
3099         (GenerateFunctionCallback):
3100         (GenerateImplementation):
3101         * bindings/scripts/test/V8/V8Float64Array.cpp:
3102         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
3103         (WebCore::TestActiveDOMObjectV8Internal::excitingFunctionCallback):
3104         (WebCore::TestActiveDOMObjectV8Internal::postMessageAttrGetter):
3105         * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
3106         * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
3107         * bindings/scripts/test/V8/V8TestEventTarget.cpp:
3108         * bindings/scripts/test/V8/V8TestException.cpp:
3109         * bindings/scripts/test/V8/V8TestInterface.cpp:
3110         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
3111         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
3112         * bindings/scripts/test/V8/V8TestNode.cpp:
3113         * bindings/scripts/test/V8/V8TestObj.cpp:
3114         (WebCore::TestObjV8Internal::contentDocumentAttrGetter):
3115         (WebCore::TestObjV8Internal::getSVGDocumentCallback):
3116         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
3117         * bindings/v8/BindingState.cpp: Renamed from Source/WebCore/bindings/v8/specialization/V8BindingState.cpp.
3118         (WebCore):
3119         (WebCore::BindingState::instance):
3120         (WebCore::activeWindow):
3121         (WebCore::firstWindow):
3122         (WebCore::activeFrame):
3123         (WebCore::firstFrame):
3124         (WebCore::immediatelyReportUnsafeAccessTo):
3125         * bindings/v8/BindingState.h: Renamed from Source/WebCore/bindings/v8/specialization/V8BindingState.h.
3126         (WebCore):
3127         (BindingState):
3128         * bindings/v8/ScriptController.cpp:
3129         (WebCore::ScriptController::canAccessFromCurrentOrigin):
3130         * bindings/v8/V8Binding.h:
3131         (WebCore):
3132         * bindings/v8/V8DOMWindowShell.cpp:
3133         * bindings/v8/V8Proxy.cpp:
3134         * bindings/v8/V8Utilities.cpp:
3135         (WebCore::callingOrEnteredFrame):
3136         (WebCore::completeURL):
3137         * bindings/v8/custom/V8DOMWindowCustom.cpp:
3138         (WebCore::WindowSetTimeoutImpl):
3139         (WebCore::V8DOMWindow::eventAccessorGetter):
3140         (WebCore::V8DOMWindow::eventAccessorSetter):
3141         (WebCore::V8DOMWindow::locationAccessorSetter):
3142         (WebCore::V8DOMWindow::openerAccessorSetter):
3143         (WebCore::V8DOMWindow::addEventListenerCallback):
3144         (WebCore::V8DOMWindow::removeEventListenerCallback):
3145         (WebCore::V8DOMWindow::showModalDialogCallback):
3146         (WebCore::V8DOMWindow::openCallback):
3147         (WebCore::V8DOMWindow::namedSecurityCheck):
3148         (WebCore::V8DOMWindow::indexedSecurityCheck):
3149         * bindings/v8/custom/V8DocumentLocationCustom.cpp:
3150         (WebCore::V8Document::locationAccessorSetter):
3151         * bindings/v8/custom/V8EntryCustom.cpp:
3152         * bindings/v8/custom/V8EntrySyncCustom.cpp:
3153         * bindings/v8/custom/V8HTMLFrameElementCustom.cpp:
3154         (WebCore::V8HTMLFrameElement::locationAccessorSetter):
3155         * bindings/v8/custom/V8HistoryCustom.cpp:
3156         (WebCore::V8History::indexedSecurityCheck):
3157         (WebCore::V8History::namedSecurityCheck):
3158         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
3159         * bindings/v8/custom/V8InjectedScriptManager.cpp:
3160         (WebCore::InjectedScriptManager::canAccessInspectedWindow):
3161         * bindings/v8/custom/V8LocationCustom.cpp:
3162         (WebCore::V8Location::hashAccessorSetter):
3163         (WebCore::V8Location::hostAccessorSetter):
3164         (WebCore::V8Location::hostnameAccessorSetter):
3165         (WebCore::V8Location::hrefAccessorSetter):
3166         (WebCore::V8Location::pathnameAccessorSetter):
3167         (WebCore::V8Location::portAccessorSetter):
3168         (WebCore::V8Location::protocolAccessorSetter):
3169         (WebCore::V8Location::searchAccessorSetter):
3170         (WebCore::V8Location::reloadAccessorGetter):
3171         (WebCore::V8Location::replaceAccessorGetter):
3172         (WebCore::V8Location::assignAccessorGetter):
3173         (WebCore::V8Location::reloadCallback):
3174         (WebCore::V8Location::replaceCallback):
3175         (WebCore::V8Location::assignCallback):
3176         (WebCore::V8Location::toStringCallback):
3177         (WebCore::V8Location::indexedSecurityCheck):
3178         (WebCore::V8Location::namedSecurityCheck):
3179         * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
3180         * bindings/v8/custom/V8NodeCustom.cpp:
3181
3182 2012-08-02  Abhishek Arya  <inferno@chromium.org>
3183
3184         No isChildAllowed checked when adding RenderFullScreen as the child..
3185         https://bugs.webkit.org/show_bug.cgi?id=92995
3186
3187         Reviewed by Eric Seidel.
3188
3189         Test: fullscreen/fullscreen-child-not-allowed-crash.html
3190
3191         * dom/Document.cpp:
3192         (WebCore::Document::webkitWillEnterFullScreenForElement): pass the object's parent
3193         pointer as an additional argument.
3194         * dom/NodeRenderingContext.cpp:
3195         (WebCore::NodeRendererFactory::createRendererIfNeeded): pass the to be parent |parentRenderer|
3196         as the argument. 
3197         * rendering/RenderFullScreen.cpp:
3198         (RenderFullScreen::wrapRenderer): make sure that parent allows RenderFullScreen as the child.
3199         * rendering/RenderFullScreen.h: 
3200         (RenderFullScreen): support the object's parent
3201         pointer as an additional argument.
3202
3203 2012-08-01  James Robinson  <jamesr@chromium.org>
3204
3205         [chromium] Wrap shared context getters in WebKit API and avoid WebCore::GraphicsContext3D use in compositor internals
3206         https://bugs.webkit.org/show_bug.cgi?id=92917
3207
3208         Reviewed by Adrienne Walker.
3209
3210         This uses Platform API wrappers to access the shared WebGraphicsContext3D / Ganesh contexts from the compositor
3211         to evaluate accelerated filters or do accelerated painting.
3212
3213         Filters changes covered by css3/filters/*-hw.html layout tests.
3214
3215         * WebCore.gypi:
3216         * platform/chromium/support/WebSharedGraphicsContext3D.cpp:
3217         (WebKit):
3218         (WebKit::WebSharedGraphicsContext3D::mainThreadContext):
3219         (WebKit::WebSharedGraphicsContext3D::mainThreadGrContext):
3220         (WebKit::WebSharedGraphicsContext3D::compositorThreadContext):
3221         (WebKit::WebSharedGraphicsContext3D::compositorThreadGrContext):
3222         (WebKit::WebSharedGraphicsContext3D::haveCompositorThreadContext):
3223         (WebKit::WebSharedGraphicsContext3D::createCompositorThreadContext):
3224         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.cpp:
3225         (WebCore::createAcceleratedCanvas):
3226         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::Texture::updateRect):
3227         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::updateTextureRect):
3228         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.h:
3229         (WebKit):
3230         (FrameBufferSkPictureCanvasLayerTextureUpdater):
3231         * platform/graphics/chromium/LayerRendererChromium.cpp:
3232         (WebCore::applyFilters):
3233         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.cpp:
3234         (WebCore::CCRenderSurfaceFilters::apply):
3235         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.h:
3236         (WebKit):
3237         (CCRenderSurfaceFilters):
3238
3239 2012-08-02  Beth Dakin  <bdakin@apple.com>
3240
3241         https://bugs.webkit.org/show_bug.cgi?id=93020
3242         REGRESSION (tiled scrolling): Full-screen video is broken if page is 
3243         scrolled
3244         -and corresponding-
3245         <rdar://problem/11629778>
3246
3247         Reviewed by Anders Carlsson.
3248
3249         The bug here is that ScrollingTreeNodeMac::setScrollLayerPosition() 
3250         uses the CALayer (PlatformLayer) directly to set the position. That 
3251         means that the GraphicsLayer that owns that PlatformLayer does not 
3252         have updated position information. That results in this bug when we 
3253         switch from fast scrolling to main thread scrolling, because at that 
3254         point, the GraphicsLayer needs to have the correct information. So 
3255         make sure to update the main thread scroll position and layer 
3256         position before transitioning to main thread scrolling.
3257         * page/scrolling/ScrollingCoordinator.cpp:
3258         (WebCore::ScrollingCoordinator::setShouldUpdateScrollLayerPositionOnMainThread):
3259
3260 2012-08-02  Addy Osmani  <addyo@chromium.org>
3261
3262         Web Inspector: Rename 'User agent' to 'Overrides' in settings screen
3263         https://bugs.webkit.org/show_bug.cgi?id=92990
3264
3265         Reviewed by Pavel Feldman.
3266
3267         Simple setting rename of User agent -> Overrides
3268
3269         * English.lproj/localizedStrings.js:
3270         * inspector/front-end/SettingsScreen.js:
3271
3272 2012-08-02  Philip Rogers  <pdr@google.com>
3273
3274         Do not dispatch modification events in SVG attribute synchronization
3275         https://bugs.webkit.org/show_bug.cgi?id=92604
3276
3277         Reviewed by Ryosuke Niwa.
3278
3279         Previously, calling hasAttribute() during layout could hit a
3280         layout-during-layout bug because calling hasAttribute() could dispatch a 
3281         subtree modification event which could synchronously force a layout. hasAttribute()
3282         exhibits this behavior because property synchronization is done lazily.
3283
3284         This patch skips dispatching subtree modification events during attribute
3285         synchronization.
3286
3287         Additionally, this patch contains a refactoring of lazy attribute setting. We
3288         now have a single place where lazy attributes are set (setSynchronizedLazyAttribute)
3289         and lazy attribute flags have been moved to just Element and ElementAttributeData.
3290
3291         Test: svg/custom/path-domsubtreemodified-crash.html
3292
3293         * dom/Element.cpp:
3294         (WebCore::Element::setAttribute):
3295         (WebCore::Element::setSynchronizedLazyAttribute):
3296         (WebCore):
3297         (WebCore::Element::setAttributeInternal):
3298         * dom/Element.h:
3299         (Element):
3300         * dom/ElementAttributeData.cpp:
3301         (WebCore::ElementAttributeData::addAttribute):
3302         (WebCore::ElementAttributeData::removeAttribute):
3303         * dom/ElementAttributeData.h:
3304         (ElementAttributeData):
3305         * dom/StyledElement.cpp:
3306         (WebCore::StyledElement::updateStyleAttribute):
3307         * svg/properties/SVGAnimatedPropertyMacros.h:
3308         (WebCore::SVGSynchronizableAnimatedProperty::synchronize):
3309
3310 2012-08-02  Konrad Piascik  <kpiascik@rim.com>
3311
3312         Web Inspector: Override the DeviceOrientation
3313         https://bugs.webkit.org/show_bug.cgi?id=91008
3314
3315         Reviewed by Pavel Feldman.
3316
3317         Re-added the m_page member variable to DeviceOrientationController and
3318         added InspectorInstrumentation to see if the DeviceOrientationData
3319         should be overridden or not.
3320
3321         Added UI to the web inspector front-end to allow users to override the
3322         device orientation.  This is currently hidden behind an experiment.
3323
3324         Test: inspector/device-orientation-success.html
3325
3326         * English.lproj/localizedStrings.js:
3327         * dom/DeviceOrientationController.cpp:
3328         (WebCore::DeviceOrientationController::DeviceOrientationController):
3329         (WebCore::DeviceOrientationController::create):
3330         (WebCore::DeviceOrientationController::didChangeDeviceOrientation):
3331         (WebCore::provideDeviceOrientationTo):
3332         * dom/DeviceOrientationController.h:
3333         (DeviceOrientationController):
3334         * inspector/Inspector.json:
3335         * inspector/InspectorInstrumentation.cpp:
3336         (WebCore):
3337         (WebCore::InspectorInstrumentation::overrideDeviceOrientationImpl):
3338         * inspector/InspectorInstrumentation.h:
3339         (WebCore):
3340         (InspectorInstrumentation):
3341         (WebCore::InspectorInstrumentation::overrideDeviceOrientation):
3342         * inspector/InspectorPageAgent.cpp:
3343         (WebCore::InspectorPageAgent::setDeviceOrientationOverride):
3344         (WebCore):
3345         (WebCore::InspectorPageAgent::clearDeviceOrientationOverride):
3346         (WebCore::InspectorPageAgent::canOverrideDeviceOrientation):
3347         (WebCore::InspectorPageAgent::overrideDeviceOrientation):
3348         * inspector/InspectorPageAgent.h:
3349         * inspector/front-end/Settings.js:
3350         (WebInspector.ExperimentsSettings):
3351         * inspector/front-end/SettingsScreen.js:
3352         (WebInspector.UserAgentSettingsTab):
3353         (WebInspector.UserAgentSettingsTab.prototype._createInput):
3354         (WebInspector.UserAgentSettingsTab.prototype._createDeviceMetricsElement):
3355         (WebInspector.UserAgentSettingsTab.prototype._createGeolocationOverrideElement):
3356         (WebInspector.UserAgentSettingsTab.prototype._onDeviceOrientationOverrideCheckboxClicked):
3357         (WebInspector.UserAgentSettingsTab.prototype._applyDeviceOrientationUserInput):
3358         (WebInspector.UserAgentSettingsTab.prototype._setDeviceOrientation.set if):
3359         (WebInspector.UserAgentSettingsTab.prototype._setDeviceOrientation):
3360         (WebInspector.UserAgentSettingsTab.prototype._createDeviceOrientationOverrideElement):
3361         * inspector/front-end/UserAgentSupport.js:
3362         (WebInspector.UserAgentSupport.DeviceOrientation):
3363         (WebInspector.UserAgentSupport.DeviceOrientation.prototype.toSetting):
3364         (WebInspector.UserAgentSupport.DeviceOrientation.parseSetting):
3365         (WebInspector.UserAgentSupport.DeviceOrientation.parseUserInput):
3366         (WebInspector.UserAgentSupport.DeviceOrientation.clearDeviceOrientationOverride):
3367         * inspector/front-end/inspector.js:
3368         (WebInspector.doLoadedDone):
3369
3370 2012-08-02  Arnaud Renevier  <a.renevier@sisa.samsung.com>
3371
3372         TypedArray set method is slow when called with another typed array
3373         https://bugs.webkit.org/show_bug.cgi?id=92556
3374
3375         Reviewed by Kenneth Russell.
3376
3377         When setting multiples values to a typed array from an array like
3378         element, try to determine if the argument is a typed array. If so,
3379         cast the argument to a typed array, and read each element with .item()
3380         method. That avoid reading the value as a JSValue, and speedups set
3381         method by approximatively 10x.
3382
3383         Introduce setWebGLArrayWithTypedArrayArgument template function which
3384         checks if argument is a typed array. If so, it copies the data to
3385         target typed array and returns true. Otherwise, it returns false.
3386
3387         Introduce copyTypedArrayBuffer template function which copies data
3388         from a typed array to another one. This function is also used from
3389         constructArrayBufferViewWithTypedArrayArgument.
3390
3391         * bindings/js/JSArrayBufferViewHelper.h:
3392         (WebCore):
3393         (WebCore::copyTypedArrayBuffer):
3394         (WebCore::setWebGLArrayWithTypedArrayArgument):
3395         (WebCore::setWebGLArrayHelper):
3396         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
3397         * bindings/js/JSFloat32ArrayCustom.cpp:
3398         (WebCore::JSFloat32Array::set):
3399         * bindings/js/JSFloat64ArrayCustom.cpp:
3400         (WebCore::JSFloat64Array::set):
3401         * bindings/js/JSInt16ArrayCustom.cpp:
3402         (WebCore::JSInt16Array::set):
3403         * bindings/js/JSInt32ArrayCustom.cpp:
3404         (WebCore::JSInt32Array::set):
3405         * bindings/js/JSInt8ArrayCustom.cpp:
3406         (WebCore::JSInt8Array::set):
3407         * bindings/js/JSUint16ArrayCustom.cpp:
3408         (WebCore::JSUint16Array::set):
3409         * bindings/js/JSUint32ArrayCustom.cpp:
3410         (WebCore::JSUint32Array::set):
3411         * bindings/js/JSUint8ArrayCustom.cpp:
3412         (WebCore::JSUint8Array::set):
3413         * bindings/js/JSUint8ClampedArrayCustom.cpp:
3414         (WebCore::JSUint8ClampedArray::set):
3415
3416 2012-08-02  Chris Fleizach  <cfleizach@apple.com>
3417
3418         AXEnabled = false for AXIncrementors inside text fields
3419         https://bugs.webkit.org/show_bug.cgi?id=93008
3420
3421         Reviewed by Anders Carlsson.
3422
3423         Mock objects should return "enabled" by default, since they are valid objects.
3424
3425         * accessibility/AccessibilityMockObject.h:
3426         (WebCore::AccessibilityMockObject::isEnabled):
3427         (AccessibilityMockObject):
3428
3429 2012-08-02  Eric Seidel  <eric@webkit.org>
3430
3431         Add back ASSERT(!needsLayout) to RenderTableSection which is now valid
3432         https://bugs.webkit.org/show_bug.cgi?id=92954
3433
3434         Reviewed by Julien Chaffraix.
3435
3436         * rendering/RenderTableSection.cpp:
3437         (WebCore::RenderTableSection::paint):
3438
3439 2012-08-02  Kevin Ellis  <kevers@chromium.org>
3440
3441         Month-year selector on calendar picker should be touch friendly.
3442         https://bugs.webkit.org/show_bug.cgi?id=92678
3443
3444         Reviewed by Kent Tamura.
3445
3446         Previously the month-year popup menu was implemented using a listbox,
3447         which does not support CSS customization.  Entries in the listbox
3448         were too shallow to reliably target with touch gestures.  The
3449         replacement popup is CSS configurable with larger entries on devices
3450         that support touch input.
3451
3452         Manually tested with and without touch support in English, Japanese
3453         and Arabic.
3454
3455         * Resources/calendarPicker.css:
3456         (.month-selector-popup): Update to use scrollable div instead of listbox.
3457         (.month-selector-popup-contents): Render popup as a table within a scrollable div.
3458         (.month-selector-popup-entry): Formatting entries in the month-year popup.
3459         (.selected-month-year): Highlight the selected month-year.
3460         (@media (pointer:coarse)): Enlarge entries in the popup meu on devices that support touch.
3461         * Resources/calendarPicker.js:
3462         (YearMonthController.prototype.attachTo): Change selector popup from a list-box to a div.
3463         (YearMonthController.prototype._redraw): Populate table based popup rather than listbox.
3464         (YearMonthController.prototype._showPopup): Set scroll position and resize for scrollbar.
3465         (YearMonthController.prototype._closePopup): Restore focus to the calendar.
3466         (YearMonthController.prototype._getSelection): Added to retrieve the selected month-year.
3467         (YearMonthController.prototype._handleMouseMove): Added to update selected month-year on hover.
3468         (YearMonthController.prototype._handleMonthPopupKey): Add keyboard navigation.
3469         (YearMonthController.prototype._handleYearMonthChange): Retrieve value from selected month-year.
3470
3471 2012-08-02  Vsevolod Vlasov  <vsevik@chromium.org>
3472
3473         Web Inspector: [Regression] context menu does not open on Sources panel tabs on mac
3474         https://bugs.webkit.org/show_bug.cgi?id=93000
3475
3476         Reviewed by Pavel Feldman.
3477
3478         * inspector/front-end/UIUtils.js:
3479         (WebInspector._elementDragStart):
3480
3481 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
3482
3483         Check if the last table element's parent node is an element when determining the foster parent element.
3484         https://bugs.webkit.org/show_bug.cgi?id=92977
3485
3486         Reviewed by Adam Barth.
3487
3488         According to the HTML5 spec, if the last table element in the stack of open elements has no parent,
3489         or ITS PARENT NODE IS NOT AN ELEMENT, then the foster parent element is the element
3490         before the last table element in the stack of open elements.
3491
3492         Changed to check if the table element's parent node is an element.
3493
3494         Test: fast/parser/foster-parent.html
3495
3496         * html/parser/HTMLConstructionSite.cpp:
3497         (WebCore::HTMLConstructionSite::findFosterSite):
3498
3499 2012-08-02  Philippe Normand  <pnormand@igalia.com>
3500
3501         [GStreamer] Use GST_DEBUG instead of LOG_VERBOSE
3502         https://bugs.webkit.org/show_bug.cgi?id=89350
3503
3504         Reviewed by Martin Robinson.
3505
3506         Wrap the media player's logging calls to a new macro that also
3507         hooks into GStreamer's logging facilities. This way the developer
3508         gets the best of both worlds, leaving the choice between GST_DEBUG
3509         and WEBKIT_DEBUG environment variables.
3510
3511         * platform/graphics/gstreamer/GStreamerUtilities.h:
3512         (WebCore):
3513         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3514         (WebCore::initializeGStreamerAndRegisterWebKitElements):
3515         (WebCore::MediaPlayerPrivateGStreamer::load):
3516         (WebCore::MediaPlayerPrivateGStreamer::commitLoad):
3517         (WebCore::MediaPlayerPrivateGStreamer::playbackPosition):
3518         (WebCore::MediaPlayerPrivateGStreamer::play):
3519         (WebCore::MediaPlayerPrivateGStreamer::pause):
3520         (WebCore::MediaPlayerPrivateGStreamer::duration):
3521         (WebCore::MediaPlayerPrivateGStreamer::seek):
3522         (WebCore::MediaPlayerPrivateGStreamer::naturalSize):
3523         (WebCore::MediaPlayerPrivateGStreamer::setRate):
3524         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
3525         (WebCore::MediaPlayerPrivateGStreamer::processBufferingStats):
3526         (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
3527         (WebCore::MediaPlayerPrivateGStreamer::maxTimeSeekable):
3528         (WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded):
3529         (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress):
3530
3531 2012-08-02  Antti Koivisto  <antti@apple.com>
3532
3533         Inline stylesheets can confuse style sharing
3534         https://bugs.webkit.org/show_bug.cgi?id=92970
3535
3536         Reviewed by Dan Bernstein.
3537
3538         Consider document 
3539         
3540         <div class="i30"></div>
3541         <style>.i30 { background-color:green; }</style>
3542         <div class="i30"></div>
3543         
3544         When processing the <style> element the scope optimization marks the first div as needing style recalc. 
3545         Next the parser adds the second div to the tree and immediately calculates its style. Since it looks exactly 
3546         like the first div the style sharing optimization copies the style from there. The pending recalc of the
3547         first div is resolved by a timer but the second div is left with the old style.
3548         
3549         Fix by disallowing style sharing from elements with pending style recalc.
3550
3551         Test: fast/css/style-sharing-inline-stylesheet.html
3552
3553         * css/StyleResolver.cpp:
3554         (WebCore::StyleResolver::canShareStyleWithElement):
3555
3556 2012-08-02  Tommy Widenflycht  <tommyw@google.com>
3557
3558         MediaStream API: Add RTCPeerConnectionHandler infrastructure
3559         https://bugs.webkit.org/show_bug.cgi?id=92866
3560
3561         Reviewed by Adam Barth.
3562
3563         Introducing RTCPeerConnectionHandler & RTCPeerConnectionHandlerClient,
3564         together with the Chromium WebKit interface, following the pattern of
3565         the previous PeerConnection00Handler but with the optimizations from MediaStreamCenter.
3566
3567         Not yet testable due to not enough code landed.
3568
3569         * CMakeLists.txt:
3570         * GNUmakefile.list.am:
3571         * Modules/mediastream/RTCPeerConnection.cpp:
3572         (WebCore::RTCPeerConnection::create):
3573         (WebCore::RTCPeerConnection::RTCPeerConnection):
3574         * Modules/mediastream/RTCPeerConnection.h:
3575         (RTCPeerConnection):
3576         * WebCore.gypi:
3577         * platform/mediastream/RTCPeerConnectionHandler.cpp: Added.
3578         (WebCore):
3579         (RTCPeerConnectionHandlerDummy):
3580         (WebCore::RTCPeerConnectionHandler::create):
3581         (WebCore::RTCPeerConnectionHandlerDummy::RTCPeerConnectionHandlerDummy):
3582         (WebCore::RTCPeerConnectionHandlerDummy::~RTCPeerConnectionHandlerDummy):
3583         (WebCore::RTCPeerConnectionHandlerDummy::initialize):
3584         * platform/mediastream/RTCPeerConnectionHandler.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
3585         (WebCore):
3586         (RTCPeerConnectionHandler):
3587         (WebCore::RTCPeerConnectionHandler::~RTCPeerConnectionHandler):
3588         (WebCore::RTCPeerConnectionHandler::RTCPeerConnectionHandler):
3589         * platform/mediastream/RTCPeerConnectionHandlerClient.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
3590         (WebCore):
3591         (RTCPeerConnectionHandlerClient):
3592         (WebCore::RTCPeerConnectionHandlerClient::~RTCPeerConnectionHandlerClient):
3593         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.cpp: Added.
3594         (WebCore):
3595         (WebCore::RTCPeerConnectionHandler::create):
3596         (WebCore::RTCPeerConnectionHandlerChromium::RTCPeerConnectionHandlerChromium):
3597         (WebCore::RTCPeerConnectionHandlerChromium::~RTCPeerConnectionHandlerChromium):
3598         (WebCore::RTCPeerConnectionHandlerChromium::initialize):
3599         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.h: Added.
3600         (WebCore):
3601         (RTCPeerConnectionHandlerChromium):
3602
3603 2012-08-02  Kent Tamura  <tkent@chromium.org>
3604
3605         Move number localization code in LocaleICU.cpp to new class
3606         https://bugs.webkit.org/show_bug.cgi?id=92976
3607
3608         Reviewed by Kentaro Hara.
3609
3610         The number localization code by character mapping is usefull for non-ICU
3611         platforms.
3612
3613         No new tests. This is just a refactoring, and is covered by
3614         Source/WebKit/chromium/tests/LocalizedNumberICUTest.cpp.
3615
3616         * WebCore.gypi: Add NumberLocalizer.{cpp,h}.
3617         * platform/text/LocaleICU.cpp:
3618         (WebCore::LocaleICU::decimalSymbol):
3619         Renamed from setDecimalSymbol. This function returns the resultant
3620         string instead of setting it to a data member.
3621         (WebCore::LocaleICU::decimalTextAttribute):
3622         Renamed from setDecimalTextAttributel. This function returns the
3623         resultant string instead of setting it to the specified string.
3624         (WebCore::LocaleICU::initializeNumberLocalizerData):
3625         Renamed from initializeDecimalFormat.
3626         Calls NumberLocaizer::setNumberLocalizerData.
3627         (WebCore::LocaleICU::localizedDecimalSeparator):
3628         Rename initializeDecimalFormat to initializeNumberLocalizerData.
3629         * platform/text/LocaleICU.h:
3630         (LocaleICU): Remove some members, and inherit NumberLocalizer.
3631         * platform/text/NumberLocalizer.cpp: Added. Move the code from LocaleICU.cpp
3632         (WebCore):
3633         (WebCore::NumberLocalizer::~NumberLocalizer):
3634         (WebCore::NumberLocalizer::setNumberLocalizerData): Added.
3635         (WebCore::NumberLocalizer::convertToLocalizedNumber):
3636         (WebCore::matches):
3637         (WebCore::NumberLocalizer::detectSignAndGetDigitRange):
3638         (WebCore::NumberLocalizer::matchedDecimalSymbolIndex):
3639         (WebCore::NumberLocalizer::convertFromLocalizedNumber):
3640         (WebCore::NumberLocalizer::localizedDecimalSeparator):
3641         * platform/text/NumberLocalizer.h: Added.
3642         (NumberLocalizer):
3643         (WebCore::NumberLocalizer::NumberLocalizer):
3644
3645 2012-08-02  Alexander Pavlov  <apavlov@chromium.org>
3646
3647         Web Inspector: Move DOM breakpoints-related context menu items into a submenu
3648         https://bugs.webkit.org/show_bug.cgi?id=92989
3649
3650         Reviewed by Vsevolod Vlasov.
3651
3652         A "Break on..." submenu is added to the element context menu, to host all DOM breakpoint items.
3653
3654         * English.lproj/localizedStrings.js:
3655         * inspector/front-end/DOMBreakpointsSidebarPane.js:
3656         (WebInspector.DOMBreakpointsSidebarPane):
3657         (WebInspector.DOMBreakpointsSidebarPane.prototype.populateNodeContextMenu):
3658
3659 2012-08-02  Dominik Röttsches  <dominik.rottsches@intel.com>
3660
3661         [Cairo] Add complex font drawing using HarfbuzzNG
3662         https://bugs.webkit.org/show_bug.cgi?id=91864
3663
3664         Reviewed by Martin Robinson.
3665
3666         Unfortunately the Freetype based approach that avoids allocations and UTF8 conversion
3667         fails to produce correct results for some tests.
3668
3669         No new tests, at least
3670           fast/dom/52776.html
3671           fast/text/atsui-negative-spacing-features.html
3672           fast/text/atsui-spacing-features.html
3673         expose this problem.
3674
3675         * platform/graphics/harfbuzz/ng/HarfBuzzNGFaceCairo.cpp:
3676         (WebCore::harfbuzzGetGlyph): Revert to initial cairo_scaled_font based approach.
3677
3678 2012-08-02  Eugene Klyuchnikov  <eustas.big@gmail.com>
3679
3680         Web Inspector: Fix protocol version check.
3681         https://bugs.webkit.org/show_bug.cgi?id=91497
3682
3683         Reviewed by Pavel Feldman.
3684
3685         Generated method 'supportsInspectorProtocolVersion' should return
3686         false when requested  minor version is *greater* than actual
3687         minor version.
3688
3689         * inspector/generate-inspector-protocol-version: Fixed stub text
3690
3691 2012-08-02  Alexei Filippov  <alexeif@chromium.org>
3692
3693         Web Inspector: count RenderStyle objects in the native memory profiler
3694         https://bugs.webkit.org/show_bug.cgi?id=91759
3695
3696         Reviewed by Yury Semikhatsky.
3697
3698         The patch adds instrumentation to the following classes:
3699           - RenderStyle
3700           - StyleRareInheritedData
3701           - StyleRareNonInheritedData
3702
3703         * bindings/js/ScriptWrappable.h:
3704         * bindings/v8/ScriptWrappable.h:
3705         * dom/MemoryInstrumentation.h:
3706         (WebCore):
3707         (WebCore::MemoryInstrumentation::OwningTraits::addObject):
3708         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
3709         (WebCore::MemoryInstrumentation::addObjectImpl):
3710         * dom/Node.cpp:
3711         (WebCore::Node::reportMemoryUsage):
3712         * dom/Node.h:
3713         (WebCore):
3714         * rendering/style/RenderStyle.cpp:
3715         (WebCore::RenderStyle::reportMemoryUsage):
3716         (WebCore):
3717         * rendering/style/RenderStyle.h:
3718         (WebCore):
3719         * rendering/style/StyleRareInheritedData.cpp:
3720         (WebCore::StyleRareInheritedData::reportMemoryUsage):
3721         (WebCore):
3722         * rendering/style/StyleRareInheritedData.h:
3723         (WebCore):
3724         (StyleRareInheritedData):
3725         * rendering/style/StyleRareNonInheritedData.cpp:
3726         (WebCore::StyleRareNonInheritedData::reportMemoryUsage):
3727         (WebCore):
3728         * rendering/style/StyleRareNonInheritedData.h:
3729         (WebCore):
3730         (StyleRareNonInheritedData):
3731
3732 2012-08-02  Alexei Filippov  <alexeif@chromium.org>
3733
3734         Web Inspector: rename host->origin in the inspector protocol DOMStorage entry
3735         https://bugs.webkit.org/show_bug.cgi?id=92979
3736
3737         Reviewed by Yury Semikhatsky.
3738
3739         * inspector/Inspector.json:
3740         * inspector/InspectorDOMStorageResource.cpp:
3741         (WebCore::InspectorDOMStorageResource::bind):
3742         * inspector/front-end/DOMStorage.js:
3743         (WebInspector.DOMStorageDispatcher.prototype.addDOMStorage):
3744
3745 2012-08-02  Kihong Kwon  <kihong.kwon@samsung.com>
3746
3747         [EFL] Change return value of battey level
3748         https://bugs.webkit.org/show_bug.cgi?id=92964
3749
3750         Reviewed by Simon Hausmann.
3751
3752         Change return value of navigator.webkitBattery.level from 0~100 to 0~1.0.
3753         Battery level have to returns 0~1.0 by Battery Status API spec.
3754
3755         * platform/efl/BatteryProviderEfl.cpp:
3756         (WebCore::BatteryProviderEfl::setBatteryClient):
3757
3758 2012-08-02  Yury Semikhatsky  <yurys@chromium.org>
3759
3760         Web Inspector: remove extraObjectSize parameter from MemoryClassInfo constructor
3761         https://bugs.webkit.org/show_bug.cgi?id=92981
3762
3763         Reviewed by Alexander Pavlov.
3764
3765         Refactored MemoryInstrumentation to get rid of extraSize parameter from
3766         MemoryObjectInfo constructor and MemoryObjectInfo::reportObjectInfo. The
3767         extra size should always be reported as an object that occupies these extra
3768         bytes.
3769
3770         * dom/ElementAttributeData.cpp:
3771         (WebCore::ElementAttributeData::reportMemoryUsage):
3772         (WebCore):
3773         * dom/ElementAttributeData.h:
3774         (WebCore):
3775         (ElementAttributeData):
3776         * dom/MemoryInstrumentation.h:
3777         (WebCore::MemoryObjectInfo::reportObjectInfo):
3778         (WebCore::MemoryClassInfo::MemoryClassInfo):
3779
3780 2012-08-02  Sheriff Bot  <webkit.review.bot@gmail.com>
3781
3782         Unreviewed, rolling out r124439.
3783         http://trac.webkit.org/changeset/124439
3784         https://bugs.webkit.org/show_bug.cgi?id=92980
3785
3786         Broke Chromium Mac Release compile (Requested by apavlov on
3787         #webkit).
3788
3789         * CMakeLists.txt:
3790         * GNUmakefile.list.am:
3791         * Modules/mediastream/RTCPeerConnection.cpp:
3792         (WebCore::RTCPeerConnection::create):
3793         (WebCore::RTCPeerConnection::RTCPeerConnection):
3794         * Modules/mediastream/RTCPeerConnection.h:
3795         * WebCore.gypi:
3796         * platform/mediastream/RTCPeerConnectionHandler.cpp: Removed.
3797         * platform/mediastream/RTCPeerConnectionHandler.h: Removed.
3798         * platform/mediastream/RTCPeerConnectionHandlerClient.h: Removed.
3799         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.cpp: Removed.
3800         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.h: Removed.
3801
3802 2012-08-02  Simon Hausmann  <simon.hausmann@nokia.com>
3803
3804         [Qt] Uninitialized memory read in QObject runtime bridge
3805         https://bugs.webkit.org/show_bug.cgi?id=92972
3806
3807         Reviewed by Kenneth Rohde Christiansen.
3808
3809         The vargs array has an initial size of 0 and when calling a method with no return value
3810         and no arguments, vargs remains empty. Therefore unconditional access to vargs[0] results
3811         in access to uninitialized memory.
3812
3813         No new tests, covered by valgrind in existing qobjectbridge tests.
3814
3815         * bridge/qt/qt_runtime.cpp:
3816         (JSC::Bindings::QtRuntimeMetaMethod::call):
3817         * bridge/qt/qt_runtime_qt4.cpp:
3818         (JSC::Bindings::QtRuntimeMetaMethod::call):
3819
3820 2012-08-02  Zoltan Herczeg  <zherczeg@webkit.org>
3821
3822         Alignment issue for readTime in PluginDatabase.cpp
3823         https://bugs.webkit.org/show_bug.cgi?id=92746
3824
3825         Reviewed by Simon Hausmann.
3826
3827         When the byte stream is written, nothing guarantees that
3828         the time_t data is aligned. This issue caused alignment
3829         traps on ARM CPUs.
3830
3831         No new tests. Covered by existing tests.
3832
3833         * plugins/PluginDatabase.cpp:
3834         (WebCore::readTime):
3835
3836 2012-08-02  Tommy Widenflycht  <tommyw@google.com>
3837
3838         MediaStream API: Add RTCPeerConnectionHandler infrastructure
3839         https://bugs.webkit.org/show_bug.cgi?id=92866
3840
3841         Reviewed by Kentaro Hara.
3842
3843         Introducing RTCPeerConnectionHandler & RTCPeerConnectionHandlerClient,
3844         together with the Chromium WebKit interface, following the pattern of
3845         the previous PeerConnection00Handler but with the optimizations from MediaStreamCenter.
3846
3847         Not yet testable due to not enough code landed.
3848
3849         * CMakeLists.txt:
3850         * GNUmakefile.list.am:
3851         * Modules/mediastream/RTCPeerConnection.cpp:
3852         (WebCore::RTCPeerConnection::create):
3853         (WebCore::RTCPeerConnection::RTCPeerConnection):
3854         * Modules/mediastream/RTCPeerConnection.h:
3855         (RTCPeerConnection):
3856         * WebCore.gypi:
3857         * platform/mediastream/RTCPeerConnectionHandler.cpp: Added.
3858         (WebCore):
3859         (RTCPeerConnectionHandlerDummy):
3860         (WebCore::RTCPeerConnectionHandler::create):
3861         (WebCore::RTCPeerConnectionHandlerDummy::RTCPeerConnectionHandlerDummy):
3862         (WebCore::RTCPeerConnectionHandlerDummy::~RTCPeerConnectionHandlerDummy):
3863         (WebCore::RTCPeerConnectionHandlerDummy::initialize):
3864         * platform/mediastream/RTCPeerConnectionHandler.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
3865         (WebCore):
3866         (RTCPeerConnectionHandler):
3867         (WebCore::RTCPeerConnectionHandler::~RTCPeerConnectionHandler):
3868         (WebCore::RTCPeerConnectionHandler::RTCPeerConnectionHandler):
3869         * platform/mediastream/RTCPeerConnectionHandlerClient.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
3870         (WebCore):
3871         (RTCPeerConnectionHandlerClient):
3872         (WebCore::RTCPeerConnectionHandlerClient::~RTCPeerConnectionHandlerClient):
3873         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.cpp: Added.
3874         (WebCore):
3875         (WebCore::RTCPeerConnectionHandler::create):
3876         (WebCore::RTCPeerConnectionHandlerChromium::RTCPeerConnectionHandlerChromium):
3877         (WebCore::RTCPeerConnectionHandlerChromium::~RTCPeerConnectionHandlerChromium):
3878         (WebCore::RTCPeerConnectionHandlerChromium::initialize):
3879         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.h: Added.
3880         (WebCore):
3881         (RTCPeerConnectionHandlerChromium):
3882
3883 2012-08-02  Yury Semikhatsky  <yurys@chromium.org>
3884
3885         Web Inspector: rename reportMemoryUsage to reportDescendantMemoryUsage in StyleRuleBase descendants
3886         https://bugs.webkit.org/show_bug.cgi?id=92966
3887
3888         Reviewed by Alexander Pavlov.
3889
3890         Renamed reportMemoryUsage to reportDescendantMemoryUsage in all descendants of
3891         StyleRuleBase to avoid accidental recursive calls to StyleRuleBase::reportMemoryUsage
3892         when a new type of rule is added.
3893
3894         * css/StyleRule.cpp:
3895         (WebCore::StyleRuleBase::reportMemoryUsage):
3896         (WebCore::StyleRule::reportDescendantMemoryUsage):
3897         (WebCore::StyleRulePage::reportDescendantMemoryUsage):
3898         (WebCore::StyleRuleFontFace::reportDescendantMemoryUsage):
3899         (WebCore::StyleRuleBlock::reportDescendantMemoryUsage):
3900         (WebCore::StyleRuleMedia::reportDescendantMemoryUsage):
3901         (WebCore::StyleRuleRegion::reportDescendantMemoryUsage):
3902         * css/StyleRule.h:
3903         (StyleRule):
3904         (StyleRuleFontFace):
3905         (StyleRulePage):
3906         (StyleRuleBlock):
3907         (StyleRuleMedia):
3908         (StyleRuleRegion):
3909         * css/StyleRuleImport.cpp:
3910         (WebCore::StyleRuleImport::reportDescendantMemoryUsage):
3911         * css/StyleRuleImport.h:
3912         (StyleRuleImport):
3913         * css/WebKitCSSKeyframesRule.cpp:
3914         (WebCore::StyleRuleKeyframes::reportDescendantMemoryUsage):
3915         * css/WebKitCSSKeyframesRule.h:
3916         (StyleRuleKeyframes):
3917
3918 2012-08-02  Hironori Bono  <hbono@chromium.org>
3919
3920         [Chromium] Implement hyphenation for Chromium
3921         https://bugs.webkit.org/show_bug.cgi?id=48610
3922
3923         Reviewed by Eric Seidel.
3924
3925         This change adds a couple of methods canHyphenate and computeLastHyphenLocation
3926         to Platform so Chromium can implement them. Also, this change uses these methods
3927         to implement the hyphenation methods of WebCore. (This change does not change
3928         any behaviors until Chromium implements these methods.)
3929
3930         No new tests because this change is for fixing a couple of existing layout tests
3931         'fast/text/hyphenate-character.html' and 'fast/text/hyphens.html'.
3932
3933         * WebCore.gypi:
3934         * platform/text/chromium/Hyphenation.cpp: Added.
3935         (WebCore):
3936         (WebCore::canHyphenate): Called Platform::canHyphenation().
3937         (WebCore::lastHyphenLocation): Called Platform::computeLastHyphenLocation().
3938
3939 2012-08-02  ulan@chromium.org  <ulan@chromium.org>
3940
3941         [chromium] Improve garbage collector hint if page uses Canvas contexts
3942         https://bugs.webkit.org/show_bug.cgi?id=92856
3943
3944         Reviewed by Kentaro Hara.
3945
3946         Request GC by sending context disposed and idle notification to V8 instead
3947         of sending low memory notification. It is faster as it causes one GC
3948         instead of seven GCs caused by low memory notification.
3949
3950         * bindings/v8/V8Binding.cpp:
3951         (WebCore::V8BindingPerIsolateData::V8BindingPerIsolateData):
3952         * bindings/v8/V8Binding.h:
3953         (V8BindingPerIsolateData):
3954         (WebCore::V8BindingPerIsolateData::setShouldCollectGarbageSoon):
3955         (WebCore::V8BindingPerIsolateData::clearShouldCollectGarbageSoon):
3956         (WebCore::V8BindingPerIsolateData::shouldCollectGarbageSoon):
3957         * bindings/v8/V8Proxy.cpp:
3958         (WebCore::V8Proxy::hintForGCIfNecessary):
3959         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
3960         (WebCore::V8HTMLCanvasElement::getContextCallback):
3961
3962 2012-08-02  Mihnea Ovidenie  <mihnea@adobe.com>
3963
3964         CSSRegions: Crash when reattaching a region to a named flow.
3965         https://bugs.webkit.org/show_bug.cgi?id=91307
3966
3967         Reviewed by Abhishek Arya.
3968
3969         The lifetime of a flow thread  has changed from not being destroyed (until the RenderView is destroyed) to being destroyed,
3970         under certain conditions, no attached regions and no content, before RenderView is destroyed.
3971         When the flow thread does not have any content and the region to be detached is the last region for the flow thread,
3972         the flow thread is destroyed.
3973         In this case, if the same region has to be attached again to the flow thread, the flow thread needs to be
3974         recreated, otherwise the crash will result.
3975
3976         Test: fast/regions/region-flow-reattach-crash.html
3977
3978         * rendering/RenderRegion.cpp:
3979         (WebCore::RenderRegion::attachRegion):
3980         We skip the attach if we are in the middle of document destruction.
3981         We recreate the flow thread to which the region is intended to be attached only if the region was
3982         not previously marked as invalid in relation to the flow thread (because the region was part of a
3983         circular dependency).
3984         (WebCore::RenderRegion::detachRegion): After the region is detached from flow thread,
3985         null the region internal pointer to the flow thread to mark that the region is not
3986         attached.
3987
3988 2012-08-02  Tommy Widenflycht  <tommyw@google.com>
3989
3990         MediaStream API: Move RTCConfiguration to its proper place
3991         https://bugs.webkit.org/show_bug.cgi?id=92867
3992
3993         Reviewed by Adam Barth.
3994
3995         This patch moves RTCConfiguration to Source/WebCore/platform/mediastream,
3996         and adds its WebKit interface for chromium.
3997
3998         No functional code changes.
3999
4000         * GNUmakefile.list.am:
4001         * Modules/mediastream/RTCPeerConnection.cpp:
4002         * WebCore.gypi:
4003         * platform/chromium/support/WebRTCConfiguration.cpp: Added.
4004         (WebKit):
4005         (WebKit::WebRTCICEServer::WebRTCICEServer):
4006         (WebKit::WebRTCICEServer::assign):
4007         (WebKit::WebRTCICEServer::reset):
4008         (WebKit::WebRTCICEServer::uri):
4009         (WebKit::WebRTCICEServer::credential):
4010         (WebKit::WebRTCConfiguration::WebRTCConfiguration):
4011         (WebKit::WebRTCConfiguration::assign):
4012         (WebKit::WebRTCConfiguration::reset):
4013         (WebKit::WebRTCConfiguration::numberOfServers):
4014         (WebKit::WebRTCConfiguration::server):
4015         * platform/mediastream/RTCConfiguration.h: Added.
4016         (WebCore):
4017         (RTCIceServer):
4018         (WebCore::RTCIceServer::create):
4019         (WebCore::RTCIceServer::~RTCIceServer):
4020         (WebCore::RTCIceServer::uri):
4021         (WebCore::RTCIceServer::credential):
4022         (WebCore::RTCIceServer::RTCIceServer):
4023         (RTCConfiguration):
4024         (WebCore::RTCConfiguration::create):
4025         (WebCore::RTCConfiguration::~RTCConfiguration):
4026         (WebCore::RTCConfiguration::appendServer):
4027         (WebCore::RTCConfiguration::numberOfServers):
4028         (WebCore::RTCConfiguration::server):
4029         (WebCore::RTCConfiguration::RTCConfiguration):
4030
4031 2012-08-02  Alexander Shalamov  <alexander.shalamov@intel.com>
4032
4033         [EFL] Browser crashes when non-progress element with -webkit-appearance:progress-bar is rendered