Unreviewed, rolling out r202187.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-06-17  Daniel Bates  <dabates@apple.com>
2
3         Unreviewed, rolling out r202187.
4
5         202186
6
7         Reverted changeset:
8
9         "Unreviewed clean-up after r202186."
10         http://trac.webkit.org/changeset/202187
11
12 2016-06-17  Chris Dumez  <cdumez@apple.com>
13
14         Optimize parseCacheHeader() by using StringView
15         https://bugs.webkit.org/show_bug.cgi?id=158891
16
17         Reviewed by Darin Adler.
18
19         Optimize parseCacheHeader() and avoid some temporary String allocations
20         by using StringView. We now strip the whitespaces in the input string
21         at the beginning of the function, at the same as as we strip the
22         control characters. We are then able to leverage StringView in the
23         rest of the function to get substrings without the need for extra
24         String allocations.
25
26         * platform/network/CacheValidation.cpp:
27         (WebCore::isControlCharacterOrSpace):
28         (WebCore::trimToNextSeparator):
29         (WebCore::parseCacheHeader):
30
31 2016-06-17  Brent Fulgham  <bfulgham@apple.com>
32
33         Unreviewed clean-up after r202186.
34
35         * platform/FileSystem.cpp:
36         (WebCore::filesHaveSameVolume): Don't use C-style formatting.
37
38 2016-06-17  Pranjal Jumde  <pjumde@apple.com>
39
40         File scheme should not allow access of a resource on a different volume.
41         https://bugs.webkit.org/show_bug.cgi?id=158552
42         <rdar://problem/15307582>
43
44         Reviewed by Brent Fulgham.
45
46         Tests: Tools/TestWebKitAPI/Tests/mac/CrossPartitionFileSchemeAccess.mm
47
48         * page/SecurityOrigin.cpp:
49         (WebCore::SecurityOrigin::canDisplay):
50         * platform/FileSystem.cpp:
51         (WebCore::platformFileStat):
52         (WebCore::filesHaveSameVolume):
53         Returns true if the files are on the same volume
54         * platform/FileSystem.h:
55
56 2016-06-17  Antoine Quint  <graouts@apple.com>
57
58         Web video playback controls should have RTL volume slider
59         https://bugs.webkit.org/show_bug.cgi?id=158856
60         <rdar://problem/25971769>
61
62         Reviewed by Tim Horton.
63
64         We reproduce the system used to propagate the page scale factor from the WebPage to the media controls to
65         propagate the user interface layout direction.
66
67         The Page exposes a new setUserInterfaceLayoutDirection() method which is set by the WebPage. The Page
68         then notifies the Document of a change, which propagates down to registered media elements, and finally sets
69         the usesLTRUserInterfaceLayoutDirection property on the media controller object in the injected JavaScript.
70         Based on the value of that property we toggle a new .uses-ltr-user-interface-layout-direction CSS class on the
71         .volume-box which applies a translate to the right and flips the volume controls on the x axis.
72
73         Since we're setting a new JS property from HTMLMediaController, we refactor much of the code out of the existing
74         pageScaleFactorChanged() and setPageScaleFactorProperty() into the new setControllerJSProperty() method so that
75         can easily set a named JS property with a given JSValue.
76
77         For testing purposes, we expose the WebCore::Page::setUserInterfaceLayoutDirection() method through Internals.
78
79         Test: fullscreen/video-controls-rtl.html
80
81         * Modules/mediacontrols/mediaControlsApple.css:
82         (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box:not(.uses-ltr-user-interface-layout-direction)):
83         * Modules/mediacontrols/mediaControlsApple.js:
84         (Controller.prototype.set usesLTRUserInterfaceLayoutDirection):
85         * WebCore.xcodeproj/project.pbxproj:
86         * dom/Document.cpp:
87         (WebCore::Document::registerForUserInterfaceLayoutDirectionChangedCallbacks):
88         (WebCore::Document::unregisterForUserInterfaceLayoutDirectionChangedCallbacks):
89         (WebCore::Document::userInterfaceLayoutDirectionChanged):
90         * dom/Document.h:
91         * html/HTMLMediaElement.cpp:
92         (WebCore::HTMLMediaElement::registerWithDocument):
93         (WebCore::HTMLMediaElement::unregisterWithDocument):
94         (WebCore::HTMLMediaElement::updatePageScaleFactorJSProperty):
95         (WebCore::HTMLMediaElement::updateUsesLTRUserInterfaceLayoutDirectionJSProperty):
96         (WebCore::HTMLMediaElement::setControllerJSProperty):
97         (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
98         (WebCore::HTMLMediaElement::pageScaleFactorChanged):
99         (WebCore::HTMLMediaElement::userInterfaceLayoutDirectionChanged):
100         (WebCore::setPageScaleFactorProperty): Deleted.
101         * html/HTMLMediaElement.h:
102         * page/Page.cpp:
103         (WebCore::Page::setUserInterfaceLayoutDirection):
104         * page/Page.h:
105         (WebCore::Page::userInterfaceLayoutDirection):
106         * platform/UserInterfaceLayoutDirection.h: Renamed from Source/WebKit2/UIProcess/UserInterfaceLayoutDirection.h.
107         * testing/Internals.cpp:
108         (WebCore::Internals::setUserInterfaceLayoutDirection):
109         * testing/Internals.h:
110         * testing/Internals.idl:
111
112 2016-06-17  Chris Dumez  <cdumez@apple.com>
113
114         TouchEvent should have a constructor
115         https://bugs.webkit.org/show_bug.cgi?id=158883
116         <rdar://problem/26063585>
117
118         Reviewed by Benjamin Poulain.
119
120         TouchEvent should have a constructor:
121         - https://w3c.github.io/touch-events/#touchevent-interface
122
123         Chrome already ships this:
124         - https://bugs.chromium.org/p/chromium/issues/detail?id=508675
125
126         Test: fast/events/touch/touch-event-constructor.html
127
128         * bindings/js/JSDictionary.cpp:
129         (WebCore::JSDictionary::convertValue):
130         * bindings/js/JSDictionary.h:
131         * dom/TouchEvent.cpp:
132         (WebCore::TouchEvent::TouchEvent):
133         * dom/TouchEvent.h:
134         * dom/TouchEvent.idl:
135
136 2016-06-17  Zalan Bujtas  <zalan@apple.com>
137
138         Potential null dereferencing on a detached positioned renderer.
139         https://bugs.webkit.org/show_bug.cgi?id=158879
140
141         Reviewed by Simon Fraser.
142
143         This patch fixes the case when the while loop to search for the absolute positioned ancestor
144         returns null (it happens when positioned renderer has been detached from the render tree).
145
146         Speculative fix.
147
148         * rendering/RenderBlock.cpp:
149         (WebCore::RenderBlock::markFixedPositionObjectForLayoutIfNeeded):
150         * rendering/RenderBlock.h:
151
152 2016-06-17  Chris Dumez  <cdumez@apple.com>
153
154         URL hash setter does not remove fragment identifier if argument is an empty string
155         https://bugs.webkit.org/show_bug.cgi?id=158869
156         <rdar://problem/26863430>
157
158         Reviewed by Darin Adler.
159
160         URL hash setter and URLUtils hash setter should remove the fragment identifier
161         if set to "#" or "":
162         - https://url.spec.whatwg.org/#dom-url-hash
163         - https://html.spec.whatwg.org/multipage/semantics.html#dom-hyperlink-hash
164
165         This patch aligns our behavior with the specification and with other browsers
166         (tested Firefox and Chrome).
167
168         This patch also updates HTMLAnchorElement to inherit URLUtils to avoid code
169         duplication. HTMLAnchorElement already implements URLUtils in the IDL, as per
170         the specification:
171         - https://html.spec.whatwg.org/multipage/semantics.html#htmlanchorelement
172
173         No new tests, rebaselined existing tests.
174
175         * html/HTMLAnchorElement.cpp:
176         (WebCore::HTMLAnchorElement::origin): Deleted.
177         (WebCore::HTMLAnchorElement::text): Deleted.
178         (WebCore::HTMLAnchorElement::setText): Deleted.
179         (WebCore::HTMLAnchorElement::toString): Deleted.
180         (WebCore::HTMLAnchorElement::isLiveLink): Deleted.
181         (WebCore::HTMLAnchorElement::sendPings): Deleted.
182         (WebCore::HTMLAnchorElement::handleClick): Deleted.
183         (WebCore::HTMLAnchorElement::eventType): Deleted.
184         (WebCore::HTMLAnchorElement::treatLinkAsLiveForEventType): Deleted.
185         (WebCore::isEnterKeyKeydownEvent): Deleted.
186         (WebCore::shouldProhibitLinks): Deleted.
187         (WebCore::HTMLAnchorElement::willRespondToMouseClickEvents): Deleted.
188         (WebCore::rootEditableElementMap): Deleted.
189         (WebCore::HTMLAnchorElement::rootEditableElementForSelectionOnMouseDown): Deleted.
190         (WebCore::HTMLAnchorElement::clearRootEditableElementForSelectionOnMouseDown): Deleted.
191         (WebCore::HTMLAnchorElement::setRootEditableElementForSelectionOnMouseDown): Deleted.
192         * html/HTMLAnchorElement.h:
193         (WebCore::HTMLAnchorElement::invalidateCachedVisitedLinkHash): Deleted.
194         * html/URLUtils.h:
195         (WebCore::URLUtils<T>::setHash):
196
197 2016-06-17  John Wilander  <wilander@apple.com>
198
199         Ignore case in the check for security origin inheritance
200         https://bugs.webkit.org/show_bug.cgi?id=158878
201
202         Reviewed by Alex Christensen.
203
204         Darin Adler commented in https://bugs.webkit.org/show_bug.cgi?id=158855:
205         "Are these comparisons intentionally case sensitive? Shouldn’t they ignore ASCII 
206         case? We could use equalIgnoringASCIICase and equalLettersIgnoringASCIICase for 
207         those two lines instead of using ==. URL::parse normalizes letters in the scheme 
208         and host by using toASCIILower, but does not normalize letters elsewhere in the 
209         URL, such as in the "blank" or "srcdoc" in the above URLs."
210
211         Test: http/tests/dom/window-open-about-uppercase-blank-and-access-document.html
212
213         * platform/URL.cpp:
214         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
215
216 2016-06-17  Hyungwook Lee  <hyungwook.lee@navercorp.com>
217
218         Fix compilation errors when we enable DUMP_NODE_STATISTICS in Node.h
219         https://bugs.webkit.org/show_bug.cgi?id=158868
220
221         Reviewed by Alex Christensen.
222
223         Fix compilation errors in Node.cpp when we enable DUMP_NODE_STATISTICS
224
225         * dom/Node.cpp:
226         (WebCore::Node::dumpStatistics):
227
228 2016-06-17  Per Arne Vollan  <pvollan@apple.com>
229
230         [Win] Scrolling in popup menu scrolls past last entry.
231         https://bugs.webkit.org/show_bug.cgi?id=158870
232
233         Reviewed by Brent Fulgham.
234
235         When the popup has a scrollbar, the content size is not equal to the popup window size.
236   
237         * platform/win/PopupMenuWin.cpp:
238         (WebCore::PopupMenuWin::contentsSize):
239
240 2016-06-17  Frederic Wang  <fwang@igalia.com>
241
242         Refactor RenderMathMLRoot layout function to avoid using flexbox
243         https://bugs.webkit.org/show_bug.cgi?id=153987
244
245         Reviewed by Brent Fulgham.
246
247         No new tests, already covered by existing tests.
248         A case for RTL root has been added to roots.xhtml.
249
250         We reimplement RenderMathMLRoot without any flexbox or anonymous.
251         The anonymous RenderMathMLRadicalOperator used to draw the radical sign is replaced with
252         the MathOperator class introduced in bug 152244.
253         msqrt (row of children under a square root) is now implemented directly in RenderMathMLRoot,
254         so RenderMathMLSquareRoot is removed and RenderMathMLRoot now inherits from RenderMathMLRow.
255
256         * CMakeLists.txt: Remove files for RenderMathMLRadicalOperator and RenderMathMLSquareRoot.
257         * WebCore.xcodeproj/project.pbxproj: ditto.
258         * accessibility/AccessibilityRenderObject.cpp: Update code now that we do not use any
259         radical wrappers.
260         (WebCore::AccessibilityRenderObject::isMathRow): Now that RenderMathMLRoot inherits from
261         RenderMathMLRow, we must exclude MathRoot or otherwise some accessibility code may treat
262         roots as rows.
263         (WebCore::AccessibilityRenderObject::mathRadicandObject): Return the first child for
264         Root/SquareRoot or nullptr.
265         (WebCore::AccessibilityRenderObject::mathRootIndexObject): Return the second child for
266         Root and nullptr for SquareRoot.
267         * mathml/MathMLInlineContainerElement.cpp:
268         (WebCore::MathMLInlineContainerElement::childrenChanged): We no longer need a special case
269         for msqrt, it is treated as a normal RenderMathMLRow.
270         (WebCore::MathMLInlineContainerElement::createElementRenderer): Make msqrt create a
271         RenderMathMLRoot object.
272         * rendering/RenderObject.h:
273         (WebCore::RenderObject::isRenderMathMLRadicalOperator): Deleted.
274         * rendering/mathml/RenderMathMLBlock.cpp:
275         (WebCore::RenderMathMLBlock::mirrorIfNeeded): New function to mirror a child horizontal
276         offset according to the parent width.
277         (WebCore::RenderMathMLBlock::renderName):
278         * rendering/mathml/RenderMathMLBlock.h:
279         (WebCore::RenderMathMLBlock::mirrorIfNeeded): Moved from RenderMathMLScripts, just forward
280         call to the other mirrorIfNeeded function.
281         * rendering/mathml/RenderMathMLOperator.cpp: We no longer need this trailingSpaceError hack.
282         (WebCore::RenderMathMLOperator::trailingSpaceError): Deleted.
283         * rendering/mathml/RenderMathMLOperator.h: ditto.
284         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Removed. The radical sign is now drawn
285         with a MathOperator.
286         * rendering/mathml/RenderMathMLRadicalOperator.h: Removed.
287         * rendering/mathml/RenderMathMLRoot.cpp: Complete refactoring to avoid using flexbox and
288         anonymous wrappers.
289         (WebCore::RenderMathMLRoot::RenderMathMLRoot): Set m_kind parameters to distinguish between
290         square root and general root and set the MathOperator member to draw the radical sign.
291         (WebCore::RenderMathMLRoot::isValid): Helper function to verify whether the child list is valid.
292         (WebCore::RenderMathMLRoot::getBase): Get the base of an mroot.
293         (WebCore::RenderMathMLRoot::getIndex): Get the index of an mroot.
294         (WebCore::RenderMathMLRoot::styleDidChange): Be sure to keep the style of the
295         MathOperator in sync with ours ; no need to skip empty roots.
296         (WebCore::RenderMathMLRoot::updateFromElement): Call the function from the new parent class ;
297         no need to skip empty roots.
298         (WebCore::RenderMathMLRoot::updateStyle): Remove the isEmpty ASSERT as it is valid to have
299         empty square root. Set the m_kernBeforeDegree, m_kernBeforeDegree members.
300         No need to set style for anonymous.
301         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths): Implement this function.
302         (WebCore::RenderMathMLRoot::layoutBlock): Implement this function.
303         (WebCore::RenderMathMLRoot::paintChildren): Implement this function.
304         (WebCore::RenderMathMLRoot::paint): Remove the trailingSpaceError hack ;
305         paint the radical sign via MathOperator::paint
306         (WebCore::RenderMathMLRoot::baseWrapper): Deleted.
307         (WebCore::RenderMathMLRoot::radicalWrapper): Deleted.
308         (WebCore::RenderMathMLRoot::indexWrapper): Deleted.
309         (WebCore::RenderMathMLRoot::radicalOperator): Deleted.
310         (WebCore::RenderMathMLRoot::restructureWrappers): Deleted.
311         (WebCore::RenderMathMLRoot::addChild): Deleted.
312         (WebCore::RenderMathMLRoot::firstLineBaseline): Deleted.
313         (WebCore::RenderMathMLRoot::layout): Deleted.
314         (WebCore::RenderMathMLRootWrapper::createAnonymousWrapper): Deleted.
315         (WebCore::RenderMathMLRootWrapper::removeChildWithoutRestructuring): Deleted.
316         (WebCore::RenderMathMLRootWrapper::removeChild): Deleted.
317         * rendering/mathml/RenderMathMLRoot.h: Make RenderMathMLRoot inherit from RenderMathMLRow.
318         Make RenderMathMLRoot support <msqrt>.
319         Remove all the anonymous wrapper stuff and instead use a MathOperator for the radical symbol.
320         Update function declaration to implement layout without flexbox and add some helper functions.
321         * rendering/mathml/RenderMathMLRow.cpp: Allow to get the exact metrics of the chid row,
322         for use in RenderMathMLRoot.
323         (WebCore::RenderMathMLRow::computeLineVerticalStretch): rename parameters.
324         (WebCore::RenderMathMLRow::layoutRowItems): Set parameters to the final ascent, descent and
325         logical width of the chid row. Set the temporary logical width for RenderMathRoot before
326         laying the children out.
327         (WebCore::RenderMathMLRow::layoutBlock): Rename parameters ; add a dummy logicalWidth
328         parameter.
329         * rendering/mathml/RenderMathMLRow.h: Make some functions accessible or overridable by
330         RenderMathMLRoot. Make layoutRowItems return the final ascent, descent and logical width
331         after the chid row is laid out.
332         * rendering/mathml/RenderMathMLScripts.cpp: Move mirrorIfNeeded to RenderMathMLBlock.
333         (WebCore::RenderMathMLScripts::mirrorIfNeeded): Deleted.
334         * rendering/mathml/RenderMathMLScripts.h: Move mirrorIfNeeded to RenderMathMLBlock.
335         * rendering/mathml/RenderMathMLSquareRoot.cpp: Removed.
336         * rendering/mathml/RenderMathMLSquareRoot.h: Removed.
337         * rendering/mathml/MathOperator.cpp:
338         (WebCore::MathOperator::paint): Apply a mirroring scale transform to radical symbol
339         in RTL direction.
340
341 2016-06-17  Chris Dumez  <cdumez@apple.com>
342
343         Drop some unnecessary header includes
344         https://bugs.webkit.org/show_bug.cgi?id=158864
345
346         Reviewed by Alexey Proskuryakov.
347
348         Drop some unnecessary header includes to try and reduce build times.
349
350         * WebCore.xcodeproj/project.pbxproj:
351         * accessibility/AccessibilityList.cpp:
352         * css/CSSComputedStyleDeclaration.cpp:
353         * css/MediaQueryMatcher.cpp:
354         * css/StyleMedia.cpp:
355         * css/TransformFunctions.cpp:
356         * dom/NodeRenderStyle.h:
357         * dom/PseudoElement.h:
358         (isType): Deleted.
359         * html/HTMLTitleElement.cpp:
360         * html/shadow/MediaControlElementTypes.h:
361         * html/shadow/MediaControls.cpp:
362         * inspector/InspectorDOMAgent.h:
363         * inspector/InspectorLayerTreeAgent.h:
364         * inspector/InspectorPageAgent.cpp:
365         * page/scrolling/AsyncScrollingCoordinator.cpp:
366         * page/scrolling/ScrollingCoordinator.h:
367         * rendering/BidiRun.h:
368         * rendering/BorderEdge.h:
369         * rendering/RenderElement.h:
370         * rendering/RenderObject.h:
371         (WebCore::AnnotatedRegionValue::operator==): Deleted.
372         (WebCore::AnnotatedRegionValue::operator!=): Deleted.
373         * rendering/RenderObjectEnums.h: Added.
374         * rendering/RenderTheme.h:
375         * rendering/SimpleLineLayoutFlowContents.h:
376         * rendering/SimpleLineLayoutTextFragmentIterator.h:
377         * rendering/TextPainter.h:
378         * rendering/style/RenderStyle.h:
379         (WebCore::pseudoElementRendererIsNeeded):
380         * rendering/style/ShapeValue.cpp:
381         * rendering/style/ShapeValue.h:
382         * style/ClassChangeInvalidation.cpp:
383         * style/ClassChangeInvalidation.h:
384         * style/InlineTextBoxStyle.h:
385         * style/StyleUpdate.cpp:
386
387 2016-06-17  Andreas Kling  <akling@apple.com>
388
389         [iOS] Throw away linked code when navigating to a new page.
390         <https://webkit.org/b/153851>
391
392         Reviewed by Antti Koivisto.
393
394         When navigating to a new page, tell JSC to throw out any linked code it has lying around.
395         Linked code is tied to a specific global object, and as we're creating a new one for the
396         new page, none of it is useful to us here.
397
398         In the event that the user navigates back, the cost of relinking some code will be far
399         lower than the memory cost of keeping all of it around.
400
401         This was in-tree before but was rolled out due to regressing JSBench. It was a slowdown
402         due to the benchmark harness using top-level navigations to drive the tests.
403         This new version avoids that problem by only throwing out code if we haven't navigated
404         in the last 2 seconds. This also prevents excessive work in response to redirects.
405
406         I've also moved this into MemoryPressureHandler so we don't make a mess in FrameLoader.
407
408         * loader/FrameLoader.cpp:
409         (WebCore::FrameLoader::commitProvisionalLoad):
410         * platform/MemoryPressureHandler.cpp:
411         (WebCore::MemoryPressureHandler::jettisonExpensiveObjectsOnTopLevelNavigation):
412         * platform/MemoryPressureHandler.h:
413
414 2016-06-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
415
416         CORS preflight with a non-200 response should be a preflight failure
417         https://bugs.webkit.org/show_bug.cgi?id=111008
418
419         Reviewed by Darin Adler.
420
421         Covered by rebased tests.
422
423         * Modules/fetch/FetchResponse.h: Making use of ResourceResponse::isSuccessful.
424         * loader/CrossOriginPreflightChecker.cpp:
425         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse): Checking that response status is code is
426         successful. If not, calling preflight failure callback.
427         (WebCore::CrossOriginPreflightChecker::startPreflight): Putting in manual redirection mode so that redirection
428         responses are processed as other responses.
429         * loader/ResourceLoaderOptions.h:
430         (WebCore::ResourceLoaderOptions::fetchOptions): Adding a non-const getter and fixing const getter to return a
431         const reference.
432         (WebCore::ResourceLoaderOptions::setFetchOptions): Passing options by reference.
433         * platform/network/ResourceResponseBase.cpp:
434         (WebCore::ResourceResponseBase::isSuccessful): Utility function.
435         * platform/network/ResourceResponseBase.h:
436
437 2016-06-17  Frederic Wang  <fwang@igalia.com>
438
439         MathOperator: Add fallback mechanisms for stretching and mirroring radical symbols
440         https://bugs.webkit.org/show_bug.cgi?id=156836
441
442         Reviewed by Sergio Villar Senin.
443
444         Some platforms do not have OpenType MATH fonts pre-installed and thus can not draw stretchy
445         operators using size variants or glyph assembly. This is especially problematic for the
446         radical symbol which is used to write roots. Currently, we have some fallback code to draw
447         that symbol using graphical primitives but it is a bit complex and makes the style of radical
448         inconsistent with the font used. We solve these issues by just scaling the base glyph via a
449         scale transform. Such scale transform is also used to mirror the radical symbol so that we
450         have some support for right-to-left roots until we can do glyph-level mirroring
451         via the OpenType rtlm feature.
452
453         Test: mathml/radical-fallback.html
454
455         * rendering/mathml/MathOperator.cpp: Add a constant for the code point U+221A of the radical.
456         (WebCore::MathOperator::reset): In general, we don't need any vertical scaling for radical
457         symbols so m_radicalVerticalScale is initialized to 1.
458         (WebCore::MathOperator::calculateStretchyData): If we don't have a font with a MATH table and we
459         try streching a radical, then we update the vertical metrics to match the target size and
460         set m_radicalVerticalScale to the value necessary to make the base glyph scaled to that size.
461         (WebCore::MathOperator::paint): For a radical operator, we may apply a scale transform of
462         parameters (radicalHorizontalScale, m_radicalVerticalScale) in order to support RTL
463         mirroring or vertical stretching.
464         * rendering/mathml/MathOperator.h: We add a m_radicalVerticalScale member to indicate the
465         scaling to apply to the base radical glyph when the stretchy fallback is necessary.
466         (WebCore::MathOperator::isStretched): The operator is also considered stretched when the
467         m_radicalVerticalScale is applied to the base size.
468         * rendering/mathml/RenderMathMLRadicalOperator.cpp: Remove code specific to the old fallback mechanism.
469         * rendering/mathml/RenderMathMLRadicalOperator.h: Ditto.
470
471 2016-06-16  Commit Queue  <commit-queue@webkit.org>
472
473         Unreviewed, rolling out r202147.
474         https://bugs.webkit.org/show_bug.cgi?id=158867
475
476         Broke scrolling tests on iOS Simulator (Requested by ap on
477         #webkit).
478
479         Reverted changeset:
480
481         "Focus event dispatched in iframe causes parent document to
482         scroll incorrectly"
483         https://bugs.webkit.org/show_bug.cgi?id=158629
484         http://trac.webkit.org/changeset/202147
485
486 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
487
488         :in-range & :out-of-range CSS pseudo-classes shouldn't match disabled or readonly inputs
489         https://bugs.webkit.org/show_bug.cgi?id=156530
490
491         Reviewed by Simon Fraser.
492
493         Elements should only match :in-range and :out-of-range
494         when they are candidate for constraint validation.
495
496         Tests: fast/css/pseudo-in-range-on-disabled-input-basics.html
497                fast/css/pseudo-in-range-on-readonly-input-basics.html
498                fast/css/pseudo-in-range-out-of-range-on-disabled-input-trivial.html
499                fast/css/pseudo-out-of-range-on-disabled-input-basics.html
500                fast/css/pseudo-out-of-range-on-readonly-input-basics.html
501                fast/selectors/in-range-out-of-range-style-update.html
502
503         * html/BaseDateAndTimeInputType.cpp:
504         (WebCore::BaseDateAndTimeInputType::minOrMaxAttributeChanged):
505         * html/NumberInputType.cpp:
506         (WebCore::NumberInputType::minOrMaxAttributeChanged):
507         I forgot to handle style update in r202143.
508         This is covered by the new style invalidation test.
509
510         * html/BaseDateAndTimeInputType.h:
511         * html/HTMLInputElement.cpp:
512         (WebCore::HTMLInputElement::isInRange):
513         (WebCore::HTMLInputElement::isOutOfRange):
514
515 2016-06-16  Frederic Wang  <fwang@igalia.com>
516
517         Add separate MathOperator for selection/measuring/drawing of stretchy operators
518         https://bugs.webkit.org/show_bug.cgi?id=152244
519
520         Reviewed by Brent Fulgham.
521
522         We complete the class to select, measure and draw stretchy operators that is independent
523         from RenderMathMLOperator. That way, we will be able use stretchy operator without having
524         to introduce & manage anonymous RenderMathMLOperator's
525         (e.g for <mroot>, <msqrt> and <mfenced>).
526
527         No new tests, already covered by existing tests.
528
529         * rendering/mathml/MathOperator.cpp:
530         (WebCore::ascentForGlyph): Add this helper function to get glyph ascent.
531         (WebCore::descentForGlyph): Add this helper function to get glyph descent.
532         (WebCore::MathOperator::reset): Initialize all the data and calculate ascent/descent of the
533         base glyph.
534         (WebCore::MathOperator::setSizeVariant): Set the width/ascent/descent.
535         (WebCore::MathOperator::setGlyphAssembly): Ditto.
536         (WebCore::MathOperator::calculateDisplayStyleLargeOperator): Remove the STIX Word hack and
537         change m_maxPreferredWidth to use the actual width instead.
538         (WebCore::MathOperator::stretchTo): New functions to execute the actual operator streching.
539         (WebCore::MathOperator::fillWithVerticalExtensionGlyph): Add a FIXME for bug 155434.
540         (WebCore::MathOperator::fillWithHorizontalExtensionGlyph): Align all the glyph baselines on
541         the same axis, given by m_ascent.
542         Add a FIXME for bug 155434.
543         (WebCore::MathOperator::paintHorizontalGlyphAssembly): Ditto.
544         (WebCore::MathOperator::paint): Public function to do the painting.
545         (WebCore::MathOperator::paintVerticalGlyphAssembly): Deleted.
546         * rendering/mathml/MathOperator.h: Update declarations and make most of the members private.
547         (WebCore::MathOperator::ascent): Function to expose m_ascent.
548         (WebCore::MathOperator::descent): Function to expose m_descent.
549         * rendering/mathml/RenderMathMLOperator.cpp:
550         (WebCore::RenderMathMLOperator::stretchTo): Forward the stretching call to MathOperator.
551         (WebCore::RenderMathMLOperator::computePreferredLogicalWidths): Unfold advanceForGlyph
552         since we delete RenderMathMLOperator::advanceForGlyph. Just rely on
553         MathOperator::maxPreferredWidth to determine the preferred width of stretchy operators.
554         For horizontal operators, we just use the width of the base glyph.
555         Finally, we remove the dirty flag on preferred logical width.
556         (WebCore::RenderMathMLOperator::rebuildTokenContent): Reinit the MathOperator instance.
557         (WebCore::RenderMathMLOperator::updateFromElement): Force more updates of
558         RenderMathMLOperator to avoid test breakage.
559         (WebCore::RenderMathMLOperator::styleDidChange): Call MathOperator::reset to take into
560         account style change.
561         (WebCore::RenderMathMLOperator::updateStyle): Remove unused code.
562         (WebCore::RenderMathMLOperator::firstLineBaseline): Use MathOperator::ascent() function.
563         (WebCore::RenderMathMLOperator::computeLogicalHeight): Use MathOperator::ascent() and
564         MathOperator::descent() functions to calculate the height.
565         (WebCore::RenderMathMLOperator::paint): Only stretched operators are treated specially.
566         We center horizontal operator and forward the paint() call to MathOperator.
567         (WebCore::RenderMathMLOperator::trailingSpaceError): The error is now just the difference
568         between the values returned by MathOperator::maxPreferredWidth() and
569         MathOperator::width().
570         (WebCore::boundsForGlyph): Deleted.
571         (WebCore::heightForGlyph): Deleted.
572         (WebCore::advanceWidthForGlyph): Deleted.
573         (WebCore::RenderMathMLOperator::updateStyle): Deleted.
574
575 2016-06-16  Jiewen Tan  <jiewen_tan@apple.com>
576
577         CSP: Content Security Policy should allow '*' to match the originating page's scheme
578         https://bugs.webkit.org/show_bug.cgi?id=158811
579         <rdar://problem/26819568>
580
581         Reviewed by Daniel Bates.
582
583         Tests: security/contentSecurityPolicy/image-with-file-url-allowed-by-img-src-star.html
584                security/contentSecurityPolicy/link-with-file-url-allowed-by-style-src-star.html
585                security/contentSecurityPolicy/script-with-file-url-allowed-by-script-src-star.html
586                security/contentSecurityPolicy/video-with-file-url-allowed-by-media-src-star.html
587
588         * page/csp/ContentSecurityPolicySourceList.cpp:
589         (WebCore::ContentSecurityPolicySourceList::isProtocolAllowedByStar):
590
591 2016-06-16  Chris Dumez  <cdumez@apple.com>
592
593         Add HTTPHeaderMap::set() overload taking a NSString*
594         https://bugs.webkit.org/show_bug.cgi?id=158857
595
596         Reviewed by Darin Adler.
597
598         Add HTTPHeaderMap::set() overloading taking a NSString* in addition to
599         the one taking a CFStringRef. It is useful for the Cocoa implementation
600         of ResourceRequest::doUpdateResourceRequest().
601
602         * platform/network/HTTPHeaderMap.h:
603         (WebCore::HTTPHeaderMap::set):
604
605 2016-06-16  Joseph Pecoraro  <pecoraro@apple.com>
606
607         Web Inspector: console.profile should use the new Sampling Profiler
608         https://bugs.webkit.org/show_bug.cgi?id=153499
609         <rdar://problem/24352431>
610
611         Reviewed by Timothy Hatcher.
612
613         Test: inspector/timeline/setInstruments-programmatic-capture.html
614
615         * inspector/InspectorTimelineAgent.cpp:
616         (WebCore::InspectorTimelineAgent::startFromConsole):
617         (WebCore::InspectorTimelineAgent::stopFromConsole):
618         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
619         (WebCore::InspectorTimelineAgent::startProgrammaticCapture):
620         (WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
621         (WebCore::InspectorTimelineAgent::toggleInstruments):
622         (WebCore::InspectorTimelineAgent::toggleScriptProfilerInstrument):
623         (WebCore::InspectorTimelineAgent::toggleHeapInstrument):
624         (WebCore::InspectorTimelineAgent::toggleMemoryInstrument):
625         (WebCore::InspectorTimelineAgent::toggleTimelineInstrument):
626         * inspector/InspectorTimelineAgent.h:
627         Web implementation of console.profile/profileEnd.
628         Make helpers for startings / stopping instruments.
629
630 2016-06-16  John Wilander  <wilander@apple.com>
631
632         Restrict security origin inheritance to empty, about:blank, and about:srcdoc URLs
633         https://bugs.webkit.org/show_bug.cgi?id=158855
634         <rdar://problem/26142632>
635
636         Reviewed by Alex Christensen.
637
638         Tests: http/tests/dom/window-open-about-blank-and-access-document.html
639                http/tests/dom/window-open-about-webkit-org-and-access-document.html
640
641         Document.cpp previously checked whether a document should inherit its owner's 
642         security origin by checking if the URL is either empty or blank. URL.cpp in 
643         turn only checks if the protocol is "about:" in the isBlankURL() function. 
644         Thus all about:* URLs inherited security origin. This patch restricts 
645         security origin inheritance to empty, about:blank, and about:srcdoc URLs.
646
647         Quotes and links from the WHATWG spec regarding about:srcdoc:
648
649         7.1 Browsing contexts
650         A browsing context can have a creator browsing context, the browsing context 
651         that was responsible for its creation. If a browsing context has a parent 
652         browsing context, then that is its creator browsing context. Otherwise, if the 
653         browsing context has an opener browsing context, then that is its creator 
654         browsing context. Otherwise, the browsing context has no creator browsing 
655         context.
656         https://html.spec.whatwg.org/multipage/browsers.html#concept-document-bc
657
658         7.1.1 Nested browsing contexts
659         Certain elements (for example, iframe elements) can instantiate further 
660         browsing contexts. These are called nested browsing contexts. If a browsing 
661         context P has a Document D with an element E that nests another browsing 
662         context C inside it, then C is said to be nested through D, and E is said to 
663         be the browsing context container of C. If the browsing context container 
664         element E is in the Document D, then P is said to be the parent browsing 
665         context of C and C is said to be a child browsing context of P. Otherwise, 
666         the nested browsing context C has no parent browsing context.
667         https://html.spec.whatwg.org/multipage/browsers.html#nested-browsing-context
668
669         4.8.5 The iframe element
670         The iframe element represents a nested browsing context.
671         ...
672         If the srcdoc attribute is specified
673             Navigate the element's child browsing context to a new response whose 
674             url list consists of about:srcdoc ...
675         https://html.spec.whatwg.org/multipage/embedded-content.html#attr-iframe-srcdoc
676
677         * dom/Document.cpp:
678         (WebCore::Document::initSecurityContext):
679             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
680         (WebCore::Document::initContentSecurityPolicy):
681             Now uses the URL::shouldInheritSecurityOriginFromOwner() function instead.
682         (WebCore::shouldInheritSecurityOriginFromOwner): Deleted.
683             Moved to URL::shouldInheritSecurityOriginFromOwner() and restricted the check.
684         * platform/URL.cpp:
685         (WebCore::URL::shouldInheritSecurityOriginFromOwner):
686         * platform/URL.h:
687             Moved the function from Document and restricted the check to only allow
688             security origin inheritance for empty, about:blank, and about:srcdoc URLs.
689
690 2016-06-16  Simon Fraser  <simon.fraser@apple.com>
691
692         [iOS] Focus event dispatched in iframe causes parent document to scroll incorrectly
693         https://bugs.webkit.org/show_bug.cgi?id=158629
694         rdar://problem/26521616
695
696         Reviewed by Enrica Casucci.
697
698         When focussing elements in iframes, the page could scroll to an incorrect location.
699         This happened because code in Element::focus() tried to disable scrolling on focus,
700         but did so only for the current frame, so ancestor frames got programmatically scrolled.
701         On iOS we handle the scrolling in the UI process, so never want the web process to
702         do programmatic scrolling.
703
704         Fix by changing the focus and cache restore code to use SelectionRevealMode::DoNotReveal,
705         rather than manually prohibiting frame scrolling.
706
707         Tests: fast/forms/ios/focus-input-in-iframe.html
708                fast/forms/ios/programmatic-focus-input-in-iframe.html
709
710         * dom/Element.cpp:
711         (WebCore::Element::focus):
712         * history/CachedPage.cpp:
713         (WebCore::CachedPage::restore):
714
715 2016-06-16  Zalan Bujtas  <zalan@apple.com>
716
717         [New Block-Inside-Inline Model] Do not attempt to re-run margin collapsing on the block sequence.
718         https://bugs.webkit.org/show_bug.cgi?id=158854
719
720         Reviewed by David Hyatt.
721
722         Test: fast/block/inside-inlines/crash-on-first-line-change.html
723
724         * rendering/RenderBlockLineLayout.cpp:
725         (WebCore::RenderBlockFlow::marginCollapseLinesFromStart):
726
727 2016-06-16  Ting-Wei Lan  <lantw44@gmail.com>
728
729         Include cstdlib before using std::atexit
730         https://bugs.webkit.org/show_bug.cgi?id=158681
731
732         Reviewed by Brent Fulgham.
733
734         * platform/graphics/PlatformDisplay.cpp:
735
736 2016-06-16  Chris Dumez  <cdumez@apple.com>
737
738         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
739         https://bugs.webkit.org/show_bug.cgi?id=158853
740
741         Reviewed by Brent Fulgham.
742
743         Use StringView::toAtomicString() in HTMLImageElement::setBestFitURLAndDPRFromImageCandidate()
744         as m_bestFitImageURL data member is an AtomicString. This avoids constructing a String and
745         then atomizing it.
746
747         * html/HTMLImageElement.cpp:
748         (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
749
750 2016-06-16  Benjamin Poulain  <bpoulain@apple.com>
751
752         :in-range & :out-of-range CSS pseudo-classes shouldn't match inputs without range limitations
753         https://bugs.webkit.org/show_bug.cgi?id=156558
754
755         Reviewed by Simon Fraser.
756
757         The pseudo selectors :in-range and :out-of-range should only
758         apply if:
759         -minimum/maximum are defined for the input type
760         -the input value is/is-not suffering from underflow/overflow.
761
762         Only certain types have a valid minimum and maximum:
763         -number
764         -range
765         -date
766         -month
767         -week
768         -time
769         -datetime-local
770
771         Of those, only one has a default minimum and maximum: range.
772         For all the others, the minimum or maximum is only defined
773         if the min/max attribute is defined and valid.
774
775         This patch addresses these constraints for number and range.
776         The date types range validation is severely broken and is
777         left untouched. It really needs a clean rewrite.
778
779         Tests: fast/css/pseudo-in-range-basics.html
780                fast/css/pseudo-in-range-out-of-range-trivial.html
781                fast/css/pseudo-out-of-range-basics.html
782
783         * html/DateInputType.cpp:
784         (WebCore::DateInputType::createStepRange):
785         * html/DateTimeInputType.cpp:
786         (WebCore::DateTimeInputType::createStepRange):
787         * html/DateTimeLocalInputType.cpp:
788         (WebCore::DateTimeLocalInputType::createStepRange):
789         * html/InputType.cpp:
790         (WebCore::InputType::isInRange):
791         (WebCore::InputType::isOutOfRange):
792         Notice the isEmpty() shortcut.
793         A value can only overflow/underflow if it is not empty.
794
795         * html/MonthInputType.cpp:
796         (WebCore::MonthInputType::createStepRange):
797         * html/NumberInputType.cpp:
798         (WebCore::NumberInputType::createStepRange):
799         * html/RangeInputType.cpp:
800         (WebCore::RangeInputType::createStepRange):
801         * html/StepRange.cpp:
802         (WebCore::StepRange::StepRange):
803         * html/StepRange.h:
804         (WebCore::StepRange::hasRangeLimitations):
805         * html/WeekInputType.cpp:
806         (WebCore::WeekInputType::createStepRange):
807
808 2016-06-16  Anders Carlsson  <andersca@apple.com>
809
810         Fix macOS Sierra build
811         https://bugs.webkit.org/show_bug.cgi?id=158849
812
813         Reviewed by Tim Horton.
814
815         Add WebCore:: qualifiers for IOSurface, to avoid conflicts with the IOSurface Objective-C class.
816         
817         Also, add an asLayerContents() getter that will return an id that's suitable for setting 
818         as the contents of a CALayer.
819
820         * platform/graphics/cocoa/IOSurface.h:
821         * platform/graphics/cocoa/IOSurface.mm:
822
823 2016-06-16  Andreas Kling  <akling@apple.com>
824
825         REGRESSION(r196217): 3% JSBench regression on iPhone 5.
826         <https://webkit.org/b/158848>
827         <rdar://problem/26609622>
828
829         Unreviewed rollout.
830
831         Don't jettison linked code on every top-level navigation as that was hurting JSBench on iPhone 5.
832
833         * loader/FrameLoader.cpp:
834         (WebCore::FrameLoader::commitProvisionalLoad):
835
836 2016-06-16  Adam Bergkvist  <adam.bergkvist@ericsson.com>
837
838         WebRTC: Check type of this in RTCPeerConnection JS built-in functions
839         https://bugs.webkit.org/show_bug.cgi?id=151303
840
841         Reviewed by Youenn Fablet.
842
843         Check type of 'this' in RTCPeerConnection JS built-in functions.
844
845         Test: fast/mediastream/RTCPeerConnection-js-built-ins-check-this.html
846
847         * Modules/mediastream/RTCPeerConnection.js:
848         (createOffer):
849         (createAnswer):
850         (setLocalDescription):
851         (setRemoteDescription):
852         (addIceCandidate):
853         (getStats):
854         Reject if 'this' isn't of type RTCPeerConnection.
855         * Modules/mediastream/RTCPeerConnectionInternals.js:
856         (isRTCPeerConnection):
857         Add helper function to perform type check. Needs further robustifying.
858
859 2016-06-16  Myles C. Maxfield  <mmaxfield@apple.com>
860
861         Sporadic crash in HashTableAddResult following CSSValuePool::createFontFamilyValue
862         https://bugs.webkit.org/show_bug.cgi?id=158297
863
864         Reviewed by Darin Adler.
865
866         In an effort to reduce the flash of unstyled content, we force all elements
867         to have display: none during an external stylesheet load. We do this by
868         ignoring the CSS cascade and forcing all elements to have a placeholder style
869         which hardcodes display: none. (This is necessary to make elements created by
870         script during the stylesheet load not flash.)
871
872         This style is exposed to web content via getComputedStyle(), which means it
873         needs to maintain the invariant that font-families can never be null strings.
874         We enforce this by forcing the font-family to be the standard font name.
875
876         Test: fast/text/placeholder-renderstyle-null-font.html
877
878         * style/StyleTreeResolver.cpp:
879         (WebCore::Style::ensurePlaceholderStyle):
880
881 2016-06-16  Chris Dumez  <cdumez@apple.com>
882
883         Avoid some temporary String allocations for common HTTP headers in ResourceResponse::platformLazyInit()
884         https://bugs.webkit.org/show_bug.cgi?id=158827
885
886         Reviewed by Darin Adler.
887
888         Add a HTTPHeaderMap::set() overload taking in a CFStringRef. The
889         implementation has a fast path which gets the internal characters
890         of the CFStringRef when possible and constructs a StringView for
891         it in order to call findHTTPHeaderName(). As a result, we avoid
892         allocating a temporary String when findHTTPHeaderName() succeeds.
893
894         This new HTTPHeaderMap::set() overload is called from both the
895         CF and Cocoa implementations of ResourceResponse::platformLazyInit().
896
897         I have confirmed locally on both Mac and iOS that the fast path
898         is used ~93% of the time. CFStringGetCStringPtr() returns null in
899         rare cases, causing the regular code path to be used.
900
901         * platform/network/HTTPHeaderMap.cpp:
902         (WebCore::HTTPHeaderMap::set):
903         * platform/network/HTTPHeaderMap.h:
904
905 2016-06-15  Zalan Bujtas  <zalan@apple.com>
906
907         Decouple the percent height and positioned descendants maps.
908         https://bugs.webkit.org/show_bug.cgi?id=158773
909
910         Reviewed by David Hyatt and Chris Dumez.
911
912         We track renderers with percent height across multiple containers using
913         HashMap<const RenderBox*, std::unique_ptr<HashSet<const RenderBlock*>>>.
914         We also use the same data structure to track positioned descendants.
915         However a positioned renderer can have only one containing block so tracking it
916         with a 1:many type is defective.
917         It allows multiple inserts for positioned descendants, which could lead to
918         inconsistent layout state as the rendering logic expects these type of renderers
919         with only one containing block.
920         This patch decouples percent height and positioned tracking by introducing
921         the PositionedDescendantsMap class. This class is responsible for tracking
922         the positioned descendants inbetween layouts.
923
924         No change in functionality.
925
926         Tests: fast/block/positioning/change-containing-block-for-absolute-positioned.html
927                fast/block/positioning/change-containing-block-for-fixed-positioned.html
928
929         * rendering/RenderBlock.cpp:
930         (WebCore::insertIntoTrackedRendererMaps):
931         (WebCore::removeFromTrackedRendererMaps):
932         (WebCore::PositionedDescendantsMap::addDescendant): Add more defensive ASSERT_NOT_REACHED
933         to the double insert branch when webkit.org/b/158772 gets fixed.
934         (WebCore::PositionedDescendantsMap::removeDescendant):
935         (WebCore::PositionedDescendantsMap::removeContainingBlock):
936         (WebCore::PositionedDescendantsMap::positionedRenderers):
937         (WebCore::positionedDescendantsMap):
938         (WebCore::removeBlockFromPercentageDescendantAndContainerMaps):
939         (WebCore::RenderBlock::~RenderBlock):
940         (WebCore::RenderBlock::positionedObjects):
941         (WebCore::RenderBlock::insertPositionedObject):
942         (WebCore::RenderBlock::removePositionedObject):
943         (WebCore::RenderBlock::addPercentHeightDescendant):
944         (WebCore::RenderBlock::removePercentHeightDescendant):
945         (WebCore::RenderBlock::percentHeightDescendants):
946         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
947         (WebCore::removeBlockFromDescendantAndContainerMaps): Deleted.
948         * rendering/RenderBlock.h:
949
950 2016-06-15  David Kilzer  <ddkilzer@apple.com>
951
952         Move SoftLinking.h to platform/cococa from platform/mac
953         <https://webkit.org/b/158825>
954
955         Reviewed by Andy Estes.
956
957         * PlatformMac.cmake: Update for new directory.
958         * WebCore.xcodeproj/project.pbxproj: Ditto.
959         * platform/cocoa/SoftLinking.h: Renamed from Source/WebCore/platform/mac/SoftLinking.h.
960
961 2016-06-15  Chris Dumez  <cdumez@apple.com>
962
963         [Cocoa] Clean up / optimize ResourceResponse::platformLazyInit(InitLevel)
964         https://bugs.webkit.org/show_bug.cgi?id=158809
965
966         Reviewed by Darin Adler.
967
968         Clean up / optimize ResourceResponse::platformLazyInit(InitLevel).
969
970         * platform/network/HTTPParsers.cpp:
971         (WebCore::extractReasonPhraseFromHTTPStatusLine):
972         * platform/network/HTTPParsers.h:
973         Have extractReasonPhraseFromHTTPStatusLine() return an AtomicString as the
974         Reason is stored as an AtomicString on ResourceResponse. Have the
975         implementation use StringView::subString()::toAtomicString().
976
977         * platform/network/cocoa/ResourceResponseCocoa.mm:
978         (WebCore::stripLeadingAndTrailingDoubleQuote):
979         Move the stripLeadingAndTrailingDoubleQuote logic from platformLazyInit()
980         to its own function. Have it use StringView::subString()::toAtomicString()
981         to avoid unnecessarily atomizing the textEncodingName that has surrounding
982         double-quotes.
983
984         (WebCore::initializeHTTPHeaders):
985         Move HTTP headers initialization to its own function for clarity.
986
987         (WebCore::extractHTTPStatusText):
988         Move HTTP status Text extraction to its own function for clarity.
989
990         (WebCore::ResourceResponse::platformLazyInit):
991         - The function is streamlined a bit because most of the logic was moved
992           into separate functions.
993         - Drop unnecessary (initLevel >= CommonFieldsOnly) check in the first
994           if case and replace with an assertion. This function is always called
995           with CommonFieldsOnly or above (AllFields).
996         - Drop unnecessary (m_initLevel < AllFields) check in the second if
997           case as this is always true. If not, we would have returned early
998           at the beginning of the function when checking
999           m_initLevel >= initLevel.
1000         - Use AutodrainedPool instead of NSAutoreleasePool for convenience and have
1001           only 1 pool instead of 2.
1002         - Drop unnecessary copyNSURLResponseStatusLine() function and call directly
1003           CFHTTPMessageCopyResponseStatusLine() since we already have a
1004           CFHTTPMessageRef at the call site.
1005
1006 2016-06-15  Tim Horton  <timothy_horton@apple.com>
1007
1008         <attachment> elements jump around a lot around when subtitle text changes slightly
1009         https://bugs.webkit.org/show_bug.cgi?id=158818
1010         <rdar://problem/24450270>
1011
1012         Reviewed by Simon Fraser.
1013
1014         Test: fast/attachment/attachment-subtitle-resize.html
1015
1016         * rendering/RenderAttachment.cpp:
1017         (WebCore::RenderAttachment::layout):
1018         * rendering/RenderAttachment.h:
1019         * rendering/RenderThemeMac.mm:
1020         (WebCore::AttachmentLayout::AttachmentLayout):
1021         (WebCore::RenderThemeMac::paintAttachment):
1022         In order to avoid changes to the centered subtitle text causing the whole
1023         attachment to bounce around a lot, make it so that attachment width can only
1024         increase, never decrease, and round the subtitle's width up to the nearest
1025         increment of 10px when determining its affect on the whole element's width.
1026         Also, center the attachment in its element, instead of left-aligning it,
1027         so that the extra width we may have is evenly distributed between the two sides.
1028
1029 2016-06-15  Ryan Haddad  <ryanhaddad@apple.com>
1030
1031         Reset bindings test results after r202105
1032
1033         Unreviewed test gardening.
1034
1035         * bindings/scripts/test/JS/JSTestObj.cpp:
1036
1037 2016-06-15  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1038
1039         WebRTC: (Refactor) Align the structure of RTCPeerConnection.idl with the header file
1040         https://bugs.webkit.org/show_bug.cgi?id=158779
1041
1042         Reviewed by Eric Carlson.
1043
1044         Restructure RTCPeerConnection.idl to make it easer to read and extend in the future.
1045
1046         No change in behavior.
1047
1048         * Modules/mediastream/RTCPeerConnection.idl:
1049
1050 2016-06-15  Chris Dumez  <cdumez@apple.com>
1051
1052         Drop some unnecessary header includes
1053         https://bugs.webkit.org/show_bug.cgi?id=158788
1054
1055         Reviewed by Alexey Proskuryakov.
1056
1057         Drop some unnecessary header includes in headers to speed up build time.
1058
1059         * Modules/encryptedmedia/MediaKeySession.cpp:
1060         * Modules/gamepad/GamepadManager.cpp:
1061         * Modules/indexeddb/IDBDatabase.cpp:
1062         * Modules/indexeddb/IDBOpenDBRequest.cpp:
1063         * Modules/indexeddb/IDBRequest.cpp:
1064         * Modules/indexeddb/IDBTransaction.cpp:
1065         * Modules/mediasource/MediaSource.cpp:
1066         * Modules/mediasource/SourceBuffer.cpp:
1067         * Modules/mediasource/SourceBufferList.cpp:
1068         * Modules/mediastream/MediaStream.cpp:
1069         * Modules/mediastream/MediaStreamTrack.cpp:
1070         * Modules/speech/SpeechSynthesis.cpp:
1071         * Modules/webaudio/AudioScheduledSourceNode.cpp:
1072         * Modules/webaudio/ScriptProcessorNode.cpp:
1073         * bindings/scripts/CodeGeneratorJS.pm:
1074         (GenerateImplementation):
1075         * dom/CharacterData.cpp:
1076         * dom/ContainerNode.cpp:
1077         * dom/DOMNamedFlowCollection.cpp:
1078         * dom/DeviceMotionController.cpp:
1079         * dom/DeviceOrientationController.cpp:
1080         * dom/Document.cpp:
1081         * dom/Document.h:
1082         * dom/DocumentEventQueue.cpp:
1083         * dom/DocumentOrderedMap.h:
1084         * dom/Element.cpp:
1085         * dom/Event.cpp:
1086         * dom/EventDispatcher.cpp:
1087         * dom/EventTarget.cpp:
1088         * dom/EventTarget.h:
1089         * dom/KeyboardEvent.cpp:
1090         * dom/MessageEvent.cpp:
1091         * dom/MessagePort.cpp:
1092         * dom/ScriptElement.cpp:
1093         * dom/ScriptExecutionContext.cpp:
1094         * dom/ScriptExecutionContext.h:
1095         * dom/SecurityContext.h:
1096         * dom/SimulatedClick.cpp:
1097         * dom/TextEvent.cpp:
1098         * dom/WebKitNamedFlow.cpp:
1099         * editing/FrameSelection.cpp:
1100         * fileapi/FileReader.cpp:
1101         * html/HTMLLinkElement.cpp:
1102         * html/HTMLPlugInImageElement.cpp:
1103         * html/HTMLStyleElement.cpp:
1104         * html/HTMLSummaryElement.cpp:
1105         * html/HTMLTrackElement.cpp:
1106         * html/HTMLVideoElement.cpp:
1107         * html/InputType.cpp:
1108         * html/MediaController.cpp:
1109         * html/TextFieldInputType.cpp:
1110         * html/canvas/WebGLRenderingContextBase.cpp:
1111         * html/parser/HTMLScriptRunner.cpp:
1112         * html/shadow/MediaControlElementTypes.cpp:
1113         * html/shadow/MediaControls.cpp:
1114         * html/shadow/MediaControlsApple.cpp:
1115         * html/shadow/SliderThumbElement.cpp:
1116         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
1117         * inspector/InspectorIndexedDBAgent.cpp:
1118         * loader/DocumentLoader.cpp:
1119         * loader/ImageLoader.cpp:
1120         * loader/PolicyChecker.cpp:
1121         * mathml/MathMLSelectElement.cpp:
1122         * page/DOMWindow.h:
1123         * page/EventSource.cpp:
1124         * page/FrameView.cpp:
1125         * page/Performance.cpp:
1126         * page/csp/ContentSecurityPolicy.cpp:
1127         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
1128         * platform/network/HTTPHeaderMap.h:
1129         * platform/network/ResourceHandle.cpp:
1130         * rendering/RenderEmbeddedObject.cpp:
1131         * rendering/RenderSnapshottedPlugIn.cpp:
1132         * svg/SVGSVGElement.cpp:
1133         * svg/SVGUseElement.cpp:
1134         * svg/animation/SVGSMILElement.cpp:
1135         * workers/WorkerGlobalScope.h:
1136         * xml/XMLHttpRequest.cpp:
1137         * xml/XMLHttpRequestProgressEventThrottle.cpp:
1138         * xml/XMLHttpRequestUpload.cpp:
1139
1140 2016-06-15  Antti Koivisto  <antti@apple.com>
1141
1142         GoogleMaps transit schedule explorer comes up blank initially
1143         https://bugs.webkit.org/show_bug.cgi?id=158803
1144         rdar://problem/25818080
1145
1146         Reviewed by Andreas Kling.
1147
1148         In case we had something like
1149
1150         .foo bar { ... }
1151
1152         and later a new stylesheet was added dynamically that contained
1153
1154         .foo baz { ... }
1155
1156         we would fail to add the new rules to the descendant invalidation rule sets for ".foo". This could
1157         cause some style invalidations to be missed.
1158
1159         * css/DocumentRuleSets.cpp:
1160         (WebCore::DocumentRuleSets::collectFeatures):
1161
1162         Reset the ancestorClassRules and ancestorAttributeRulesForHTML rule set caches when new style sheets
1163         are added (==collectFeatures is called).
1164
1165 2016-06-15  Javier Fernandez  <jfernandez@igalia.com>
1166
1167         [css-sizing] Item borders are missing with 'min-width:-webkit-fill-available' and zero available width
1168         https://bugs.webkit.org/show_bug.cgi?id=158258
1169
1170         Reviewed by Darin Adler.
1171
1172         The "fill-available" size is defined as the containing block's size less
1173         the box's border and padding size. However, when used for min-width we
1174         should ensure we don't get negative values as result of logical width
1175         computation.
1176
1177         http://www.w3.org/TR/css-sizing-3/#fill-available-sizing
1178
1179         This patch ensure fill-available value computed value will be always
1180         greater than box's boder and padding width.
1181
1182         Test: fast/css-intrinsic-dimensions/fill-available-with-zero-width.html
1183
1184         * rendering/RenderBox.cpp:
1185         (WebCore::RenderBox::computeIntrinsicLogicalWidthUsing):
1186
1187 2016-06-15  Alex Christensen  <achristensen@webkit.org>
1188
1189         Fix 2d canvas transform after r192900
1190         https://bugs.webkit.org/show_bug.cgi?id=158725
1191         rdar://problem/26774230
1192
1193         Reviewed by Dean Jackson.
1194
1195         Test: fast/canvas/canvas-transform-inverse.html
1196
1197         * html/canvas/CanvasRenderingContext2D.cpp:
1198         (WebCore::CanvasRenderingContext2D::transform):
1199         r192900 was intended to have no change in behavior, but I made a typo.
1200         We need to apply the inverse of the original transform to the path to be correct.
1201         This affects transforms applied to the canvas during the creation of a path.
1202
1203 2016-06-15  Eric Carlson  <eric.carlson@apple.com>
1204
1205         [iOS] Make HTMLMediaElement.muted mutable
1206         https://bugs.webkit.org/show_bug.cgi?id=158787
1207         <rdar://problem/24452567>
1208
1209         Reviewed by Dean Jackson.
1210
1211         Tests: media/audio-playback-restriction-removed-muted.html
1212                media/audio-playback-restriction-removed-track-enabled.html
1213
1214         * html/HTMLMediaElement.cpp:
1215         (WebCore::HTMLMediaElement::audioTrackEnabledChanged): Remove most behavior restrictions if
1216           the track state was changed as a result of a user gesture.
1217         (WebCore::HTMLMediaElement::setMuted): Ditto.
1218         (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Add mask 
1219           parameter so caller can choose which restrictions are removed.
1220         * html/HTMLMediaElement.h:
1221
1222         * html/MediaElementSession.cpp:
1223         (WebCore::restrictionName): Drive-by fix: remove duplicate label.
1224         * html/MediaElementSession.h:
1225
1226         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1227         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1228         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Set muted on AVPlayer if setMuted
1229           was called before the player was created.
1230         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume): Drive-by fix: return early if there
1231           is no AVPlayer, not if we won't have metadata yet.
1232         (WebCore::MediaPlayerPrivateAVFoundationObjC::setMuted): New.
1233
1234 2016-06-15  Romain Bellessort  <romain.bellessort@crf.canon.fr>
1235
1236         Enabling Shadow DOM for all platforms
1237         https://bugs.webkit.org/show_bug.cgi?id=158738
1238
1239         Reviewed by Ryosuke Niwa.
1240
1241         No new tests (no new behavior to be tested).
1242
1243         Removed Shadow DOM from options (enabled by default)
1244         (comprises removal of corresponding preprocessor directives)
1245
1246         * Configurations/FeatureDefines.xcconfig:
1247         * DerivedSources.make:
1248         * bindings/generic/RuntimeEnabledFeatures.h:
1249         * bindings/js/JSDocumentFragmentCustom.cpp:
1250         * bindings/js/JSNodeCustom.cpp:
1251         * css/CSSGrammar.y.in:
1252         * css/CSSParser.cpp:
1253         * css/CSSParserValues.cpp:
1254         * css/CSSParserValues.h:
1255         * css/CSSSelector.cpp:
1256         * css/CSSSelector.h:
1257         * css/ElementRuleCollector.cpp:
1258         * css/ElementRuleCollector.h:
1259         * css/RuleSet.cpp:
1260         * css/RuleSet.h:
1261         * css/SelectorChecker.cpp:
1262         * css/SelectorChecker.h:
1263         * css/SelectorPseudoClassAndCompatibilityElementMap.in:
1264         * css/StyleResolver.cpp:
1265         * cssjit/SelectorCompiler.cpp:
1266         * dom/ComposedTreeAncestorIterator.h:
1267         * dom/ComposedTreeIterator.cpp:
1268         * dom/ComposedTreeIterator.h:
1269         * dom/ContainerNode.cpp:
1270         * dom/Document.cpp:
1271         * dom/Document.h:
1272         * dom/Element.cpp:
1273         * dom/Element.h:
1274         * dom/Element.idl:
1275         * dom/Event.idl:
1276         * dom/EventPath.cpp:
1277         * dom/Node.cpp:
1278         * dom/Node.h:
1279         * dom/NonDocumentTypeChildNode.idl:
1280         * dom/ShadowRoot.cpp:
1281         * dom/ShadowRoot.h:
1282         * dom/ShadowRoot.idl:
1283         * dom/SlotAssignment.cpp:
1284         * dom/SlotAssignment.h:
1285         * html/HTMLSlotElement.cpp:
1286         * html/HTMLSlotElement.h:
1287         * html/HTMLSlotElement.idl:
1288         * html/HTMLTagNames.in:
1289         * page/FocusController.cpp:
1290         * style/StyleSharingResolver.cpp:
1291         * style/StyleTreeResolver.cpp:
1292
1293 2016-06-15  Andreas Kling  <akling@apple.com>
1294
1295         [Cocoa] Add two notify listeners for poking the garbage collector.
1296         <https://webkit.org/b/158783>
1297
1298         Reviewed by Antti Koivisto.
1299
1300         Add two new notify listeners:
1301
1302         - com.apple.WebKit.fullGC
1303
1304             Trigger a full garbage collection in the main WebCore VM immediately.
1305
1306         - com.apple.WebKit.deleteAllCode
1307
1308             Throw away all of JSC's linked and unlinked code, and do a full GC.
1309
1310         These will make it easier to diagnose memory growth issues by having a lever that
1311         eliminates many of the large object graphs without going after behavior-changing things
1312         like the memory cache.
1313
1314         * platform/MemoryPressureHandler.cpp:
1315         (WebCore::MemoryPressureHandler::platformInitialize):
1316         * platform/MemoryPressureHandler.h:
1317         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1318         (WebCore::MemoryPressureHandler::platformInitialize):
1319
1320 2016-06-15  Antti Koivisto  <antti@apple.com>
1321
1322         Vary:Cookie validation doesn't work in private browsing
1323         https://bugs.webkit.org/show_bug.cgi?id=158616
1324         <rdar://problem/26755067>
1325
1326         Reviewed by Andreas Kling.
1327
1328         There wasn't a way to get cookie based on SessionID from WebCore.
1329
1330         * platform/CookiesStrategy.h:
1331
1332             Add a cookie retrival function that takes SessionID instead of NetworkStorageSession.
1333
1334         * platform/network/CacheValidation.cpp:
1335         (WebCore::headerValueForVary):
1336
1337             Use it.
1338
1339         (WebCore::verifyVaryingRequestHeaders):
1340
1341 2016-06-15  Per Arne Vollan  <pvollan@apple.com>
1342
1343         [Win] The test accessibility/selected-text-range-aria-elements.html is failing.
1344         https://bugs.webkit.org/show_bug.cgi?id=158732
1345
1346         Reviewed by Brent Fulgham.
1347
1348         Implement support for getting selected text range.
1349
1350         * accessibility/win/AccessibilityObjectWrapperWin.cpp:
1351         (WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue):
1352
1353 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1354
1355         Addressing post-review comments after r201971
1356         https://bugs.webkit.org/show_bug.cgi?id=158450
1357
1358         Unreviewed.
1359
1360         * css/CSSFontFaceSet.cpp:
1361         (WebCore::CSSFontFaceSet::add):
1362         (WebCore::CSSFontFaceSet::remove):
1363
1364 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1365
1366         Honor bidi unicode codepoints
1367         https://bugs.webkit.org/show_bug.cgi?id=149170
1368         <rdar://problem/26527378>
1369
1370         Reviewed by Simon Fraser.
1371
1372         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
1373         unexpected output when they are present. Fix by considering such code points as
1374         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
1375         the codepoints fully in our Bidi algorithm.
1376
1377         Test: fast/text/isolate-ignore.html
1378
1379         * platform/graphics/Font.cpp:
1380         (WebCore::createAndFillGlyphPage):
1381         * platform/text/BidiResolver.h:
1382         (WebCore::Subclass>::createBidiRunsForLine):
1383
1384 2016-06-14  Antoine Quint  <graouts@apple.com>
1385
1386         [iOS] Play glyph is pixelated when the page zoom is large
1387         https://bugs.webkit.org/show_bug.cgi?id=158770
1388         <rdar://problem/26092124>
1389
1390         Reviewed by Dean Jackson.
1391
1392         Use the same technique that we use to scale the video controls by using a combination
1393         of CSS "zoom" and "transform" properties to have the video play glyph scaled at its
1394         native size regardless of page zoom.
1395
1396         * Modules/mediacontrols/mediaControlsiOS.js:
1397         (ControllerIOS.prototype.set pageScaleFactor):
1398
1399 2016-06-14  Chris Dumez  <cdumez@apple.com>
1400
1401         Regression(r201534): Compile time greatly regressed
1402         https://bugs.webkit.org/show_bug.cgi?id=158765
1403         <rdar://problem/26587342>
1404
1405         Reviewed by Darin Adler.
1406
1407         Compile time greatly regressed by r201534 due to Document.h now including
1408         TextAutoSizing.h. Move the TextAutoSizingTraits back to Document.h to
1409         restore pre-r201534 behavior.
1410
1411         * WebCore.xcodeproj/project.pbxproj:
1412         * dom/Document.cpp:
1413         (WebCore::TextAutoSizingTraits::constructDeletedValue):
1414         (WebCore::TextAutoSizingTraits::isDeletedValue):
1415         * dom/Document.h:
1416         * rendering/TextAutoSizing.h:
1417         (WebCore::TextAutoSizingTraits::constructDeletedValue): Deleted.
1418         (WebCore::TextAutoSizingTraits::isDeletedValue): Deleted.
1419
1420 2016-06-14  Antoine Quint  <graouts@apple.com>
1421
1422         Inline media controls cut off PiP and fullscreen buttons on cnn.com
1423         https://bugs.webkit.org/show_bug.cgi?id=158766
1424         <rdar://problem/24175161>
1425
1426         Reviewed by Dean Jackson.
1427
1428         The display of the picture-in-picture and fullscreen buttons are dependent on the availability
1429         of video tracks through a call to hasVideo(). We need to ensure that the display properties of
1430         both those buttons are updated when the number of video tracks has changed since the controls
1431         may be populated prior to the availability of video tracks.
1432
1433         * Modules/mediacontrols/mediaControlsApple.js:
1434         (Controller.prototype.updateHasVideo):
1435
1436 2016-06-14  Joseph Pecoraro  <pecoraro@apple.com>
1437
1438         Web Inspector: Rename Timeline.setAutoCaptureInstruments to Timeline.setInstruments
1439         https://bugs.webkit.org/show_bug.cgi?id=158762
1440
1441         Reviewed by Timothy Hatcher.
1442
1443         Test: inspector/timeline/setInstruments-errors.html
1444
1445         * inspector/InspectorTimelineAgent.cpp:
1446         (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
1447         (WebCore::InspectorTimelineAgent::setInstruments):
1448         (WebCore::InspectorTimelineAgent::mainFrameStartedLoading):
1449         (WebCore::InspectorTimelineAgent::setAutoCaptureInstruments): Deleted.
1450         * inspector/InspectorTimelineAgent.h:
1451
1452 2016-06-14  Dean Jackson  <dino@apple.com>
1453
1454         decompose4 return value is unchecked, leading to potentially uninitialized data.
1455         https://bugs.webkit.org/show_bug.cgi?id=158761
1456         <rdar://problem/17526268>
1457
1458         Reviewed by Simon Fraser.
1459
1460         WebCore::decompose4 could return early without initializing data.
1461         I now initialize it, but I also started checking the return
1462         value at all the call sites to make sure everything is sensible.
1463
1464         Test: transforms/undecomposable.html
1465
1466         * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
1467         (WebCore::PerspectiveTransformOperation::blend):
1468         * platform/graphics/transforms/RotateTransformOperation.cpp:
1469         (WebCore::RotateTransformOperation::blend):
1470         * platform/graphics/transforms/TransformationMatrix.cpp:
1471         (WebCore::decompose4):
1472         (WebCore::TransformationMatrix::blend4):
1473         * platform/graphics/transforms/TransformationMatrix.h:
1474
1475 2016-06-14  Benjamin Poulain  <bpoulain@apple.com>
1476
1477         Add the unprefixed version of the pseudo element ::placeholder
1478         https://bugs.webkit.org/show_bug.cgi?id=158653
1479
1480         Reviewed by Dean Jackson.
1481
1482         Test: fast/forms/placeholder-pseudo-element-with-webkit-prefix.html
1483
1484         The pseudo element ::-webkit-input-placeholder is stupidly popular
1485         which forces other engines to support this exact name.
1486
1487         The pseudo-element spec provides a new standard name we can adopt
1488         to drop the prefix: https://drafts.csswg.org/css-pseudo-4/#placeholder-pseudo
1489
1490         This patch does just that, make ::placeholder the standard name to select
1491         the placeholder element in the shadow dom of input elements.
1492
1493         Unlike pseudo classes, we did not have any support for prefixes and aliasing.
1494         I want to keep the absurdly efficient matching we currently use for styling
1495         because style updates are more common than stylesheet updates.
1496         With that constraint in mind, the value of CSSSelector has to be the unprefixed
1497         version for both forms of input.
1498
1499         This leaves us with the problem of displaying the CSSSelector for CSSOM.
1500         To differentiate the legacy form from the standard form, I added
1501         a new type of PseudoElement: PseudoElementWebKitCustomLegacyPrefixed.
1502         When parsing, PseudoElementWebKitCustomLegacyPrefixed let us replace
1503         the original value "-webkit-input-placeholder" by the standard value.
1504         When creating the selectorText for CSSOM, PseudoElementWebKitCustomLegacyPrefixed
1505         let us replace the standard for by the legacy form.
1506
1507         * css/CSSParserValues.cpp:
1508         (WebCore::CSSParserSelector::parsePseudoElementSelector):
1509         * css/CSSSelector.cpp:
1510         (WebCore::CSSSelector::pseudoId):
1511         (WebCore::CSSSelector::selectorText):
1512         * css/CSSSelector.h:
1513         (WebCore::CSSSelector::isCustomPseudoElement):
1514         (WebCore::CSSSelector::isWebKitCustomPseudoElement):
1515         * css/SelectorChecker.cpp:
1516         (WebCore::SelectorChecker::matchRecursively):
1517         * css/SelectorPseudoElementTypeMap.in:
1518         * css/html.css:
1519         (::placeholder):
1520         (input::placeholder, isindex::placeholder):
1521         (textarea::placeholder):
1522         (::-webkit-input-placeholder): Deleted.
1523         (input::-webkit-input-placeholder, isindex::-webkit-input-placeholder): Deleted.
1524         (textarea::-webkit-input-placeholder): Deleted.
1525         * features.json:
1526         * html/shadow/TextControlInnerElements.cpp:
1527         (WebCore::TextControlPlaceholderElement::TextControlPlaceholderElement):
1528
1529 2016-06-14  Doug Russell  <d_russell@apple.com>
1530
1531         AX: Form label text should be exposed as static text if it contains only static text
1532         https://bugs.webkit.org/show_bug.cgi?id=158634
1533
1534         Reviewed by Chris Fleizach.
1535
1536         Use AccessibilityLabel to represent HTMLLabelElement to assistive technology.
1537         AccessibilityLabel::containsOnlyStaticText() searches label subtree to evaluate 
1538         if all children are static text.
1539         AccessibilityLabel::stringValue() consults containsOnlyStaticText() and returns
1540         textUnderElement() if true.
1541         WebAccessibilityObjectWrapperMac consults containsOnlyStaticText() and substitutes
1542         StaticTextRole for LabelRole if true.
1543         Cache containsOnlyStaticText() in the common case when updating children.
1544
1545         Tests: accessibility/mac/label-element-all-text-string-value.html
1546                accessibility/mac/label-element-with-link-string-value.html
1547
1548         * CMakeLists.txt:
1549         * WebCore.xcodeproj/project.pbxproj:
1550         * accessibility/AXObjectCache.cpp:
1551         (WebCore::createFromRenderer):
1552         * accessibility/AccessibilityAllInOne.cpp:
1553         * accessibility/AccessibilityLabel.cpp: Added.
1554         (WebCore::AccessibilityLabel::AccessibilityLabel):
1555         (WebCore::AccessibilityLabel::~AccessibilityLabel):
1556         (WebCore::AccessibilityLabel::create):
1557         (WebCore::AccessibilityLabel::computeAccessibilityIsIgnored):
1558         (WebCore::AccessibilityLabel::stringValue):
1559         (WebCore::childrenContainOnlyStaticText):
1560         (WebCore::AccessibilityLabel::containsOnlyStaticText):
1561         (WebCore::AccessibilityLabel::updateChildrenIfNecessary):
1562         (WebCore::AccessibilityLabel::clearChildren):
1563         (WebCore::AccessibilityLabel::insertChild):
1564         * accessibility/AccessibilityLabel.h: Added.
1565         * accessibility/AccessibilityObject.h:
1566         (WebCore::AccessibilityObject::isLabel):
1567         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1568         (-[WebAccessibilityObjectWrapper role]):
1569
1570 2016-06-14  Commit Queue  <commit-queue@webkit.org>
1571
1572         Unreviewed, rolling out r202057.
1573         https://bugs.webkit.org/show_bug.cgi?id=158749
1574
1575         This change broke the Windows build. (Requested by ryanhaddad
1576         on #webkit).
1577
1578         Reverted changeset:
1579
1580         "Honor bidi unicode codepoints"
1581         https://bugs.webkit.org/show_bug.cgi?id=149170
1582         http://trac.webkit.org/changeset/202057
1583
1584 2016-06-14  Myles C. Maxfield  <mmaxfield@apple.com>
1585
1586         Honor bidi unicode codepoints
1587         https://bugs.webkit.org/show_bug.cgi?id=149170
1588         <rdar://problem/26527378>
1589
1590         Reviewed by Simon Fraser.
1591
1592         BidiResolver doesn't have any concept of isolate Unicode code points, so produces
1593         unexpected output when they are present. Fix by considering such code points as
1594         whitespace in the bidi algorithm. This is a stop-gap measure until we can support
1595         the codepoints fully in our Bidi algorithm.
1596
1597         Test: fast/text/isolate-ignore.html
1598
1599         * platform/graphics/Font.cpp:
1600         (WebCore::createAndFillGlyphPage):
1601         * platform/text/BidiResolver.h:
1602         (WebCore::Subclass>::createBidiRunsForLine):
1603
1604 2016-06-14  Commit Queue  <commit-queue@webkit.org>
1605
1606         Unreviewed, rolling out r200455.
1607         https://bugs.webkit.org/show_bug.cgi?id=158740
1608
1609         hangs twitter/facebook (Requested by mcatanzaro on #webkit).
1610
1611         Reverted changeset:
1612
1613         "[GStreamer] Adaptive streaming issues"
1614         https://bugs.webkit.org/show_bug.cgi?id=144040
1615         http://trac.webkit.org/changeset/200455
1616
1617 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1618
1619         WebRTC: RTCPeerConnection::addTrack() should throw InvalidAccessError instead of InvalidModificationError.
1620         https://bugs.webkit.org/show_bug.cgi?id=158735
1621
1622         Reviewed by Eric Carlson.
1623
1624         Throw InvalidAccessError instead of InvalidModificationError when track already exists in connection's
1625         set of senders as per specification (https://w3c.github.io/webrtc-pc/#dom-rtcpeerconnection-addtrack).
1626
1627         Updated existing test results: fast/mediastream/RTCPeerConnection-add-removeTrack-expected.txt
1628
1629         * Modules/mediastream/RTCPeerConnection.cpp:
1630         (WebCore::RTCPeerConnection::addTrack):
1631
1632 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1633
1634         WebRTC: Imlement MediaEndpointPeerConnection::addIceCandidate()
1635         https://bugs.webkit.org/show_bug.cgi?id=158690
1636
1637         Reviewed by Eric Carlson.
1638
1639         Implement MediaEndpointPeerConnection::addIceCandidate() that is the MediaEndpoint
1640         implementation of RTCPeerConnection.addIceCandidate() [1].
1641
1642         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-peerconnection-addicecandidate
1643
1644         Test: fast/mediastream/RTCPeerConnection-addIceCandidate.html
1645
1646         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1647         (WebCore::MediaEndpointPeerConnection::addIceCandidate):
1648         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
1649         Implemented.
1650         * Modules/mediastream/MediaEndpointPeerConnection.h:
1651         * platform/mediastream/MediaEndpoint.h:
1652         Use mid instead of mdescIndex to identify the target media description in the backend.
1653         * platform/mock/MockMediaEndpoint.cpp:
1654         Update mock method signature accordingly.
1655         (WebCore::MockMediaEndpoint::addRemoteCandidate):
1656         * platform/mock/MockMediaEndpoint.h:
1657
1658 2016-06-14  Zalan Bujtas  <zalan@apple.com>
1659
1660         Make RenderBlock::insertInto/RemoveFromTrackedRendererMaps functions static.
1661         https://bugs.webkit.org/show_bug.cgi?id=158722
1662
1663         Reviewed by Simon Fraser.
1664
1665         These functions manipulate static tracker hashmaps. They don't need to be on RenderBlock.
1666         This is also in preparation for decoupling positioned descendant tracking from descendent percentage height handling.
1667         (gPositionedDescendantsMap and gPercentHeightDescendantsMap) 
1668
1669         No change in functionality.
1670
1671         * rendering/RenderBlock.cpp:
1672         (WebCore::insertIntoTrackedRendererMaps):
1673         (WebCore::removeFromTrackedRendererMaps):
1674         (WebCore::removeBlockFromDescendantAndContainerMaps):
1675         (WebCore::RenderBlock::insertPositionedObject):
1676         (WebCore::RenderBlock::addPercentHeightDescendant):
1677         (WebCore::RenderBlock::insertIntoTrackedRendererMaps): Deleted.
1678         (WebCore::RenderBlock::removeFromTrackedRendererMaps): Deleted.
1679         * rendering/RenderBlock.h:
1680
1681 2016-06-14  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1682
1683         WebRTC: Add media setup test where media is set up in one direction at a time
1684         https://bugs.webkit.org/show_bug.cgi?id=158691
1685
1686         Reviewed by Eric Carlson.
1687
1688         Add test for setting up media in one direction at a time. This requires a change in sdp.js
1689         to allow an SDP that doesn't contain a stream id or track id (representing
1690         a track being sent). In this test, the first answer doesn't contain any sending media.
1691
1692         Test: fast/mediastream/RTCPeerConnection-media-setup-two-dialogs.html
1693
1694         * Modules/mediastream/sdp.js:
1695
1696 2016-06-14  Chris Dumez  <cdumez@apple.com>
1697
1698         [Cocoa] Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit()
1699         https://bugs.webkit.org/show_bug.cgi?id=158717
1700
1701         Reviewed by Alex Christensen.
1702
1703         Avoid extra copy of headers dictionary in ResourceResponse::platformLazyInit() by
1704         calling CFHTTPMessageCopyAllHeaderFields() instead of [NSURLResponse allHeaderFields].
1705
1706         CFHTTPMessageCopyAllHeaderFields() creates only 1 copy while
1707         [NSURLResponse allHeaderFields] creates 2 (see <rdar://problem/26778863>).
1708
1709         * platform/network/cocoa/ResourceResponseCocoa.mm:
1710         (WebCore::addToHTTPHeaderMap):
1711         (WebCore::ResourceResponse::platformLazyInit):
1712
1713 2016-06-14  David Kilzer  <ddkilzer@apple.com>
1714
1715         REGRESSION (r151608): Leak of QTMovieLayer or AVPlayerLayer in -[WebVideoFullscreenController setVideoElement:]
1716         <https://webkit.org/b/158729>
1717
1718         Reviewed by Eric Carlson.
1719
1720         * platform/mac/WebVideoFullscreenController.mm:
1721         (-[WebVideoFullscreenController setVideoElement:]): Use
1722         RetainPtr<> to prevent leaks.
1723         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1724         Drive-by fix to remove unused <wtf/RetainPtr.h> import.
1725
1726 2016-06-14  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
1727
1728         The vector of mediastreams should be passed via a reference to RTCPeerConnection::addTrack()
1729         https://bugs.webkit.org/show_bug.cgi?id=158701
1730
1731         Pass vector of mediastreams by reference.
1732
1733         Reviewed by Youenn Fablet.
1734
1735         * Modules/mediastream/RTCPeerConnection.cpp:
1736         (WebCore::RTCPeerConnection::addTrack):
1737         * Modules/mediastream/RTCPeerConnection.h:
1738
1739 2016-06-14  Ryosuke Niwa  <rniwa@webkit.org>
1740
1741         Crash inside firstPositionInNode in checkLoadCompleteForThisFrame
1742         https://bugs.webkit.org/show_bug.cgi?id=158724
1743
1744         Reviewed by Alex Christensen.
1745
1746         Added null checks for document and document element since they could be nullptr here.
1747
1748         * loader/FrameLoader.cpp:
1749         (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
1750
1751 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1752
1753         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1754         https://bugs.webkit.org/show_bug.cgi?id=158431
1755
1756         Unreviewed build fix.
1757
1758         * bindings/js/JSLocationCustom.cpp:
1759         (WebCore::JSLocation::putDelegate):
1760
1761 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1762
1763         Remove hasStaticPropertyTable (part 4: JSHTMLDocument & JSStorage)
1764         https://bugs.webkit.org/show_bug.cgi?id=158431
1765
1766         Reviewed by Chris Dumez.
1767
1768         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1769
1770         JSHTMLDocument & JSStorage contain a number of static_asserts claiming that
1771         various methods do not support static properties. These asserts were likely
1772         correct at the time they were added, as JSObject::getOwnPropertySlot and
1773         JSObject::deleteProperty did not support getting / deleting static value.
1774         This is no longer the case, and these asserts are now incorrect.
1775
1776         * bindings/js/JSHTMLDocumentCustom.cpp:
1777         (WebCore::JSHTMLDocument::getOwnPropertySlot):
1778         * bindings/js/JSStorageCustom.cpp:
1779         (WebCore::JSStorage::deleteProperty):
1780         (WebCore::JSStorage::deletePropertyByIndex):
1781         (WebCore::JSStorage::putDelegate):
1782             - remove incorrect static_asserts.
1783
1784 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1785
1786         Remove hasStaticPropertyTable (part 3: JSLocation::putDelegate)
1787         https://bugs.webkit.org/show_bug.cgi?id=158431
1788
1789         Reviewed by Geoff Garen.
1790
1791         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1792
1793         JSLocation::putDelegate checks the static property table redundantly.
1794
1795         In the case of same origin access, if the property is not in the static
1796         table the method will call JSObject::put and return true (indicating the
1797         delegate handled the put). If the property is in the static table, the
1798         method will return false (indicating the the delegate did not handle the
1799         access) - in which case the calling function will call JSObject::put.
1800         Checking for the property in the static table is redundant - same origin
1801         access does not require any special handling, and should just always
1802         return false & let the caller handle the put.
1803
1804         In the case of cross origin access, if the property is not in the static
1805         table we return true (indicating the access was handled, and silently
1806         blocking it). If it is a static property, we check the name, and if the
1807         name is not 'href' we also return true, silently blocking. In the case
1808         that the name is 'href' we'll return false, indicating to the caller
1809         that the access was not handled by the delegate, resulting in it taking
1810         place. The additional check of the static table is redundant, since we
1811         only have special behaviour in the case of 'href'. (Moreover it is
1812         unnecesszarily fragile, since if we made a change such that 'href' was no
1813         longer implemented as a static property with would fail.)
1814
1815         - for same origin, always return false.
1816         - for cross origin, return false for 'href', otherwise return true.
1817
1818         * bindings/js/JSLocationCustom.cpp:
1819         (WebCore::JSLocation::putDelegate):
1820             - restructure & remove static table check.
1821
1822 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1823
1824         Remove hasStaticPropertyTable (part 2: JSPluginElement)
1825         https://bugs.webkit.org/show_bug.cgi?id=158431
1826
1827         Reviewed by Chris Dumez.
1828
1829         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1830
1831         The check in pluginElementCustomGetOwnPropertySlot was somewhat dubious in the
1832         first place (for types with static properties it would give precedence to both
1833         static and also property storage properties; for types without static properties
1834         it would check neither - an odd asymetry in the case of values in the storage
1835         array, and was depending on an implementation detail that could change).
1836
1837         This is all now redundant anyway. None of these types have static properties.
1838         All properties are now corretcly on the prototype (which is handled appropriately
1839         below). This is just dead code.
1840
1841         * bindings/js/JSPluginElementFunctions.h:
1842         (WebCore::pluginElementCustomGetOwnPropertySlot):
1843             - remove dead code.
1844
1845 2016-06-13  Gavin & Ellie Barraclough  <barraclough@apple.com>
1846
1847         Remove hasStaticPropertyTable (part 1: DOM bindings)
1848         https://bugs.webkit.org/show_bug.cgi?id=158431
1849
1850         Reviewed by Chris Dumez.
1851
1852         All uses of hasStaticPropertyTable flag generated by bindings are wrong.
1853
1854         * bindings/js/JSDOMBinding.h:
1855         (WebCore::getStaticValueSlotEntryWithoutCaching): Deleted.
1856         (WebCore::getStaticValueSlotEntryWithoutCaching<JSDOMObject>): Deleted.
1857             - this method is not used anywhere.
1858
1859 2016-06-13  Adam Bergkvist  <adam.bergkvist@ericsson.com>
1860
1861         WebRTC: Imlement MediaEndpointPeerConnection::replaceTrack()
1862         https://bugs.webkit.org/show_bug.cgi?id=158688
1863
1864         Reviewed by Eric Carlson.
1865
1866         Implement MediaEndpointPeerConnection::replaceTrack() that is the MediaEndpoint implementation
1867         of RTCRtpSender.replaceTrack() [1].
1868
1869         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcrtpsender-replacetrack
1870
1871         Updated fast/mediastream/RTCRtpSender-replaceTrack.html
1872
1873         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1874         (WebCore::MediaEndpointPeerConnection::replaceTrack):
1875         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
1876         Implemented.
1877         * Modules/mediastream/MediaEndpointPeerConnection.h:
1878         * Modules/mediastream/PeerConnectionBackend.h:
1879         * Modules/mediastream/RTCPeerConnection.cpp:
1880         (WebCore::RTCPeerConnection::replaceTrack):
1881         * Modules/mediastream/RTCPeerConnection.h:
1882         Move the MediaStreamTrack instance of sending a reference to it. This change is the main
1883         reason many files are touched by this change.
1884         * Modules/mediastream/RTCRtpSender.h:
1885         * Modules/mediastream/RTCRtpSender.idl:
1886         * platform/mediastream/MediaEndpoint.h:
1887         Use mid instead of mdescIndex to identify the media description in the backend.
1888         * platform/mock/MockMediaEndpoint.cpp:
1889         (WebCore::MockMediaEndpoint::replaceSendSource):
1890         * platform/mock/MockMediaEndpoint.h:
1891
1892 2016-06-13  Joseph Pecoraro  <pecoraro@apple.com>
1893
1894         window.onerror should pass the ErrorEvent's 'error' property as the 5th argument to the event handler
1895         https://bugs.webkit.org/show_bug.cgi?id=55092
1896         <rdar://problem/25731279>
1897
1898         Reviewed by Dean Jackson.
1899
1900         This includes the actual Error in window.error / ErrorEvent:
1901         https://html.spec.whatwg.org/multipage/webappapis.html#the-errorevent-interface
1902
1903         This is useful for scripts to be able to get an error stack
1904         from uncaught exceptions, by checking the error itself.
1905
1906         Tests: fast/events/window-onerror17.html
1907                http/tests/security/cross-origin-script-error-event-redirected.html
1908                http/tests/security/cross-origin-script-error-event.html
1909                http/tests/security/script-crossorigin-error-event-information.html
1910                http/tests/security/script-no-crossorigin-error-event-should-be-sanitized.html
1911                userscripts/window-onerror-for-isolated-world-3.html
1912
1913         * CMakeLists.txt:
1914         * WebCore.xcodeproj/project.pbxproj:
1915         * bindings/js/JSBindingsAllInOne.cpp:
1916         Add new custom error event file.
1917
1918         * bindings/js/JSDOMBinding.cpp:
1919         (WebCore::reportException):
1920         Include the JSC::Exception when reporting exceptions, so the error value is available.
1921         
1922         * bindings/js/JSErrorEventCustom.cpp:
1923         (WebCore::JSErrorEvent::error):
1924         Sanitized access to the ErrorEvent's error property to prevent leaking objects
1925         across isolated world boundaries. This is like CustomEvent's data property.
1926
1927         * bindings/js/JSErrorHandler.cpp:
1928         (WebCore::JSErrorHandler::handleEvent):
1929         * bindings/js/JSErrorHandler.h:
1930         Include the error object as the 4th argument to the window.onerror event handler.
1931
1932         * dom/ScriptExecutionContext.cpp:
1933         (WebCore::ScriptExecutionContext::sanitizeScriptError):
1934         (WebCore::ScriptExecutionContext::reportException):
1935         (WebCore::ScriptExecutionContext::dispatchErrorEvent):
1936         * dom/ScriptExecutionContext.h:
1937         Include the error object in the ErrorEvent constructed when dispatching error events.
1938
1939         * dom/ErrorEvent.cpp:
1940         (WebCore::ErrorEvent::ErrorEvent):
1941         (WebCore::ErrorEvent::sanitizedErrorValue):
1942         (WebCore::ErrorEvent::trySerializeError):
1943         * dom/ErrorEvent.h:
1944         * dom/ErrorEvent.idl:
1945         Include an any "error" property on the ErrorEvent, and allow it in initialization.
1946
1947         * bindings/js/WorkerScriptController.cpp:
1948         (WebCore::WorkerScriptController::evaluate):
1949         * workers/WorkerMessagingProxy.cpp:
1950         (WebCore::WorkerMessagingProxy::postExceptionToWorkerObject):
1951         Within the Worker world, the error is included in the event.
1952         When re-dispatching the error on the world object in the world that spawned the
1953         Worker the event does not include an error object. This matches other browsers
1954         right now, but could be improved to have the same cross world serialization
1955         as isolated worlds have with the error data.
1956
1957         * dom/CustomEvent.h:
1958         Remove unimplemented stale method.
1959
1960 2016-06-13  Dean Jackson  <dino@apple.com>
1961
1962         SVG elements don't blend correctly into HTML
1963         https://bugs.webkit.org/show_bug.cgi?id=158718
1964         <rdar://problem/26782004>
1965
1966         Reviewed by Antoine Quint.
1967
1968         We were not creating any transparency layers for the root SVG nodes.
1969         This is ok if the SVG is the root document, because it is the backdrop.
1970         However, if it is inline SVG, it needs to apply the operation in
1971         order to composite into the document.
1972
1973         Test: svg/css/mix-blend-mode-with-inline-svg.html
1974
1975         * rendering/RenderLayer.cpp:
1976         (WebCore::RenderLayer::beginTransparencyLayers):
1977
1978 2016-06-13  Brady Eidson  <beidson@apple.com>
1979
1980         storage/indexeddb/modern/leaks-1.html leaks the database connection handle.
1981         https://bugs.webkit.org/show_bug.cgi?id=158643
1982
1983         Reviewed by Alex Christensen.
1984
1985         Tested by changes to existing test.
1986
1987         * Modules/indexeddb/IDBDatabase.cpp:
1988         (WebCore::IDBDatabase::hasPendingActivity):
1989         
1990         * dom/EventTarget.h:
1991         (WebCore::EventTarget::eventTargetData):
1992         (WebCore::EventTarget::hasEventListeners):
1993
1994
1995 2016-06-13  Enrica Casucci  <enrica@apple.com>
1996
1997         REGRESSION(r201956): Failure to initialize new internal settings produced random test failures in release.
1998         https://bugs.webkit.org/show_bug.cgi?id=158713
1999         rdar://26769957
2000
2001         Reviewed by Simon Fraser.
2002
2003         Failed to initialize the new member variable in both Settings and InternalSettings classes.
2004
2005         * page/Settings.cpp:
2006         (WebCore::Settings::Settings):
2007         * testing/InternalSettings.cpp:
2008         (WebCore::InternalSettings::Backup::Backup):
2009
2010 2016-06-13  Chris Dumez  <cdumez@apple.com>
2011
2012         Drop HipChat hack introduced in r197548
2013         https://bugs.webkit.org/show_bug.cgi?id=158711
2014
2015         Reviewed by Geoffrey Garen.
2016
2017         Drop HipChat hack introduced in r197548. This hack is no longer needed
2018         as the bug was fixed in HipChat since then:
2019         https://support.atlassian.com/servicedesk/customer/portal/32/HCP-7532
2020
2021         I have confirmed locally that the latest version (4.0.12.665) is able
2022         to connect without the hack.
2023
2024         * bindings/js/JSLocationCustom.cpp:
2025         (WebCore::JSLocation::putDelegate): Deleted.
2026         * platform/RuntimeApplicationChecks.h:
2027         * platform/RuntimeApplicationChecks.mm:
2028         (WebCore::MacApplication::isHipChat): Deleted.
2029
2030 2016-06-13  Chris Fleizach  <cfleizach@apple.com>
2031
2032         AX: CrashTracer: com.apple.WebKit.WebContent at WebCore::AccessibilityRenderObject::remoteSVGRootElement const + 227
2033         https://bugs.webkit.org/show_bug.cgi?id=158685
2034
2035         Reviewed by David Kilzer.
2036
2037         Crash reports show a null access at a line that tries to dereference a pointer. 
2038         I still don't have a way to layout test this, as it seems tied to tear down of the main document.
2039
2040         * accessibility/AccessibilityRenderObject.cpp:
2041         (WebCore::AccessibilityRenderObject::remoteSVGRootElement):
2042
2043 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
2044
2045         Use two video layer solution only on mac.
2046         https://bugs.webkit.org/show_bug.cgi?id=158705
2047         rdar://problem/26776360
2048
2049         Reviewed by Jer Noble.
2050
2051         Two video layer solution is only useful on the mac to prevent flicker, so don't do it elsewhere.
2052
2053         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2054         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
2055
2056 2016-06-13  Jeremy Jones  <jeremyj@apple.com>
2057
2058         Decrease PiP flicker by not removing window prematurely.
2059         https://bugs.webkit.org/show_bug.cgi?id=158436
2060         <rdar://problem/19052639>
2061
2062         Reviewed by Darin Adler.
2063
2064         UIWindow shouldn't be removed until cleanupFullscreen, so the video layer has a chance
2065         to be reparented in the DOM first.
2066
2067         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2068         (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):
2069
2070 2016-06-13  Alex Christensen  <achristensen@webkit.org>
2071
2072         Add WebSocketProvider stub
2073         https://bugs.webkit.org/show_bug.cgi?id=158702
2074
2075         Reviewed by Brady Eidson.
2076
2077         No new tests.  No change in behavior.
2078
2079         * WebCore.xcodeproj/project.pbxproj:
2080         * dom/DocumentMarkerController.cpp:
2081         * dom/ScriptedAnimationController.cpp:
2082         * html/HTMLMediaElement.cpp:
2083         * html/MediaDocument.cpp:
2084         * html/shadow/MediaControlElements.cpp:
2085         * html/shadow/MediaControls.cpp:
2086         * html/shadow/MediaControls.h:
2087         * html/shadow/MediaControlsApple.cpp:
2088         * inspector/InspectorInstrumentation.cpp:
2089         * inspector/InspectorInstrumentation.h:
2090         * inspector/InspectorOverlay.cpp:
2091         (WebCore::InspectorOverlay::overlayPage):
2092         * loader/EmptyClients.h:
2093         * loader/FrameLoader.cpp:
2094         * loader/FrameLoader.h:
2095         * loader/appcache/ApplicationCacheHost.cpp:
2096         * loader/cache/CachedResource.cpp:
2097         * page/FrameView.cpp:
2098         * page/Page.cpp:
2099         (WebCore::Page::Page):
2100         * page/Page.h:
2101         (WebCore::Page::applicationCacheStorage):
2102         (WebCore::Page::databaseProvider):
2103         (WebCore::Page::socketProvider):
2104         (WebCore::Page::storageNamespaceProvider):
2105         * page/PageConfiguration.cpp:
2106         (WebCore::PageConfiguration::PageConfiguration):
2107         * page/PageConfiguration.h:
2108         * page/ResourceUsageOverlay.cpp:
2109         * page/SocketProvider.h: Added.
2110         (WebCore::SocketProvider::~SocketProvider):
2111         * page/cocoa/ResourceUsageOverlayCocoa.mm:
2112         * rendering/RenderElement.cpp:
2113         * rendering/RenderLayerBacking.cpp:
2114         * style/StyleResolveForDocument.cpp:
2115         * style/StyleTreeResolver.cpp:
2116         * svg/graphics/SVGImage.cpp:
2117         (WebCore::SVGImage::dataChanged):
2118         * testing/MockPageOverlayClient.cpp:
2119
2120 2016-06-13  Brady Eidson  <beidson@apple.com>
2121
2122         Crashes in WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask.
2123         <rdar://problem/26768449> and https://bugs.webkit.org/show_bug.cgi?id=158696
2124
2125         Reviewed by David Kilzer.
2126
2127         No new tests (Covered by all existing tests in Gmalloc/ASAN configs).
2128
2129         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
2130         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
2131         (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
2132
2133 2016-06-13  Brady Eidson  <beidson@apple.com>
2134
2135         Modern IDB: IDBOpenDBRequest objects leak.
2136         https://bugs.webkit.org/show_bug.cgi?id=158694
2137
2138         Reviewed by Alex Christensen.
2139
2140         No new tests (Currently have no testing strategy for guaranteeing lifetime of WebCore DOM objects)
2141
2142         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
2143         (WebCore::IDBClient::IDBConnectionProxy::completeOpenDBRequest): At this point we never need the
2144             request again, so remove it from the map.
2145
2146 2016-06-13  Chris Dumez  <cdumez@apple.com>
2147
2148         Make sure HTTPHeaderMap gets a move constructor / assignment operator
2149         https://bugs.webkit.org/show_bug.cgi?id=158695
2150         <rdar://problem/26729511>
2151
2152         Reviewed by Alex Christensen.
2153
2154         Make sure HTTPHeaderMap gets a move constructor / assignment operator.
2155         It was not getting an implicit one because of its user-declared
2156         destructor. This patch drops the user-declared destructor so that
2157         HTTPHeaderMap now gets an implicit move constructor / assignment
2158         operator.
2159
2160         Not having a move constructor / assignment operator is an issue because
2161         we rely on HTTPHeaderMap::isolatedCopy() / WTFMove() since r201623 to
2162         pass HTTPHeaderMap across thread.
2163
2164         * platform/network/HTTPHeaderMap.cpp:
2165         (WebCore::HTTPHeaderMap::~HTTPHeaderMap): Deleted.
2166         * platform/network/HTTPHeaderMap.h:
2167
2168 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
2169
2170         Remove useless parameter from GenerateParametersCheck signature
2171         https://bugs.webkit.org/show_bug.cgi?id=158692
2172
2173         Reviewed by Chris Dumez.
2174
2175         Remove one parameter which is passed to GenerateParametersCheck
2176         but never used in the caller code.
2177
2178         * bindings/scripts/CodeGeneratorJS.pm:
2179         (GenerateImplementation):
2180         (GenerateParametersCheck):
2181         (GenerateConstructorDefinition):
2182
2183 2016-06-13  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
2184
2185         Improve code generator for functions with variadic parameters
2186         https://bugs.webkit.org/show_bug.cgi?id=158529
2187
2188         Reviewed by Darin Adler.
2189
2190         JS bindings code of functions with variadic parameters is improved.
2191
2192         Functions with variadic parameters are skipped for ObjC and GObject code generators.
2193
2194         * bindings/scripts/CodeGeneratorGObject.pm:
2195         (SkipFunction): Skip functions with variadic parameters.
2196         * bindings/scripts/CodeGeneratorJS.pm:
2197         (GenerateParametersCheck):
2198         * bindings/scripts/CodeGeneratorObjC.pm:
2199         (SkipFunction): Skip functions with variadic parameters.
2200         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
2201         (webkit_dom_test_obj_any): Deleted.
2202         (webkit_dom_test_obj_attach_shadow_root): Deleted.
2203         (webkit_dom_test_obj_get_read_only_long_attr): Deleted.
2204         (webkit_dom_test_obj_get_read_only_string_attr): Deleted.
2205         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
2206         * bindings/scripts/test/JS/JSTestObj.cpp:
2207         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12):
2208         (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
2209         (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
2210         (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):
2211         * bindings/scripts/test/ObjC/DOMTestObj.h:
2212         * bindings/scripts/test/ObjC/DOMTestObj.mm:
2213
2214 2016-06-12  Zalan Bujtas  <zalan@apple.com>
2215
2216         Cleanup RenderBlock::removePositionedObjects
2217         https://bugs.webkit.org/show_bug.cgi?id=158670
2218
2219         Reviewed by Simon Fraser.
2220
2221         No change in functionality.
2222
2223         * rendering/RenderBlock.cpp:
2224         (WebCore::RenderBlock::insertPositionedObject):
2225         (WebCore::RenderBlock::removePositionedObject):
2226         (WebCore::RenderBlock::removePositionedObjects):
2227         * rendering/RenderBlock.h:
2228
2229 2016-06-12  Zalan Bujtas  <zalan@apple.com>
2230
2231         Remove positioned descendants when RenderBlock is no longer a containing block.
2232         https://bugs.webkit.org/show_bug.cgi?id=158655
2233         <rdar://problem/26510032>
2234
2235         Reviewed by Simon Fraser.
2236
2237         Normally the RenderView is the containing block for fixed positioned renderers.
2238         However when a renderer acquires some transform related properties, it becomes the containing
2239         block for all the fixed positioned renderers in its descendant tree.
2240         When the last transform related property is removed, the renderer is no longer a containing block
2241         and we need to remove all these positioned renderers from the descendant tracker map (gPositionedDescendantsMap).
2242         They will be inserted back into the tracker map during the next layout (either under the RenderView or
2243         under the next transformed renderer in the ancestor chain).
2244
2245         Test: fast/block/fixed-position-reparent-when-transition-is-removed.html
2246
2247         * rendering/RenderBlock.cpp:
2248         (WebCore::RenderBlock::removePositionedObjectsIfNeeded):
2249
2250 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2251
2252         Addressing post-review comments after r201978.
2253         https://bugs.webkit.org/show_bug.cgi?id=158649
2254         <rdar://problem/13258122>
2255
2256         Unreviewed.
2257
2258         * platform/graphics/FontCache.cpp:
2259         (WebCore::FontCache::alternateFamilyName):
2260         * platform/graphics/cocoa/FontCacheCoreText.cpp:
2261         (WebCore::FontCache::platformAlternateFamilyName):
2262
2263 2016-06-11  Darin Adler  <darin@apple.com>
2264
2265         Tighten code to build set of tag names
2266         https://bugs.webkit.org/show_bug.cgi?id=158662
2267
2268         Reviewed by Alexey Proskuryakov.
2269
2270         * dom/Element.cpp:
2271         (WebCore::canAttachAuthorShadowRoot): Use an array of pointers that the loader
2272         can initialize as part of loading the library, rather than an array that needs
2273         to be initialized with code at runtime.
2274
2275 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2276
2277         [Win] [EFL] Build fix after r201978.
2278         https://bugs.webkit.org/show_bug.cgi?id=158649
2279         <rdar://problem/13258122>
2280
2281         Unreviewed
2282
2283         * platform/graphics/freetype/FontCacheFreeType.cpp:
2284         (WebCore::FontCache::platformAlternateFamilyName):
2285         * platform/graphics/win/FontCacheWin.cpp:
2286
2287 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2288
2289         [Cocoa] Map commonly used Chinese Windows font names to names present on Cocoa operating systems
2290         https://bugs.webkit.org/show_bug.cgi?id=158649
2291         <rdar://problem/13258122>
2292
2293         Reviewed by Darin Adler.
2294
2295         There are many Chinese websites which hardcode Windows font names.
2296         We should map these to fonts which best match them on Cocoa operating
2297         systems. We can do this by using our existing fallback font name
2298         infrastructure.
2299
2300         Tests: fast/text/chinese-font-name-aliases-2.html
2301                fast/text/chinese-font-name-aliases.html
2302
2303         * platform/graphics/FontCache.cpp:
2304         (WebCore::FontCache::alternateFamilyName):
2305         (WebCore::alternateFamilyName): Deleted.
2306         * platform/graphics/FontCache.h:
2307         * platform/graphics/cocoa/FontCacheCoreText.cpp:
2308         (WebCore::FontCache::platformAlternateFamilyName):
2309         * platform/graphics/freetype/FontCacheFreeType.cpp:
2310         (WebCore::FontCache::platformAlternateFamilyName):
2311         * platform/graphics/win/FontCacheWin.cpp:
2312         (WebCore::FontCache::platformAlternateFamilyName):
2313
2314 2016-06-11  Commit Queue  <commit-queue@webkit.org>
2315
2316         Unreviewed, rolling out r201967, r201968, and r201972.
2317         https://bugs.webkit.org/show_bug.cgi?id=158665
2318
2319         Caused flaky failures on IndexedDB tests (Requested by ap on
2320         #webkit).
2321
2322         Reverted changesets:
2323
2324         "Vary:Cookie validation doesn't work in private browsing"
2325         https://bugs.webkit.org/show_bug.cgi?id=158616
2326         http://trac.webkit.org/changeset/201967
2327
2328         "Build fix."
2329         http://trac.webkit.org/changeset/201968
2330
2331         "WinCairo build fix attempt."
2332         http://trac.webkit.org/changeset/201972
2333
2334 2016-06-11  Konstantin Tokarev  <annulen@yandex.ru>
2335
2336         Fixed compilation of LocaleICU with ENABLE(DATE_AND_TIME_INPUT_TYPES)
2337         https://bugs.webkit.org/show_bug.cgi?id=158659
2338
2339         Reviewed by Darin Adler.
2340
2341         No new tests needed.
2342
2343         * platform/text/LocaleICU.cpp:
2344         (WebCore::getFormatForSkeleton):
2345         (WebCore::LocaleICU::monthFormat):
2346         (WebCore::LocaleICU::shortMonthFormat):
2347
2348 2016-06-11  Antti Koivisto  <antti@apple.com>
2349
2350         WinCairo build fix attempt.
2351
2352         * platform/network/NetworkStorageSession.cpp:
2353         * platform/network/NetworkStorageSession.h:
2354         * platform/network/NetworkStorageSessionStub.cpp:
2355         (WebCore::NetworkStorageSession::NetworkStorageSession):
2356         (WebCore::NetworkStorageSession::context):
2357         (WebCore::NetworkStorageSession::createPrivateBrowsingSession):
2358         (WebCore::NetworkStorageSession::switchToNewTestingSession):
2359         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
2360         (WebCore::defaultSession): Deleted.
2361         (WebCore::NetworkStorageSession::defaultStorageSession): Deleted.
2362
2363 2016-06-11  Myles C. Maxfield  <mmaxfield@apple.com>
2364
2365         Deleting a CSSOM style rule invalidates any previously-added FontFaces
2366         https://bugs.webkit.org/show_bug.cgi?id=158450
2367
2368         Reviewed by Darin Adler.
2369
2370         This patch has two pieces: updating the CSSOM when the FontFace changes, and
2371         updating the FontFace when the CSSOM changes.
2372
2373         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
2374         to their StyleRuleFontFace which represents their CSS-connection. When changing a
2375         property of the CSSFontFace, we simply reach into the StyleRule and update it to
2376         match. Our existing infrastructure of invalidation due to the attribute changes
2377         makes sure that all the necessary updates occur.
2378
2379         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
2380         way (for example, a new @font-face is appended to the end of the last <style>
2381         element), we can handle it directly. However, when something more invasive occurs,
2382         we end up clearing the entire CSSFontSelector, and then adding all the style rules
2383         from scratch. This involves three steps:
2384             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
2385                building up all the @font-face rules from scratch." We take this opportunity
2386                to purge as many fonts as possible. This is valuable because, for example,
2387                this function gets run when the page gets put into the page cache, so we
2388                want to destroy as much as possible. Not everything can be purged, however -
2389                only CSS-connected fonts which have never been inspected by script are
2390                purgeable. We don't allow fonts inspected by script to be purged because
2391                purging might result in a font appearing from JavaScript to transition from
2392                a success -> failure state, which we don't allow.
2393             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
2394                is called for each @font-face rule. We actually detect that we're in the
2395                middle of a style rebuild, and defer this step.
2396             c) When we're done adding all the font face rules, we call
2397                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
2398                up list of font faces with what existed previously (as remembered in
2399                CSSFontSelector::buildStarted()) in order to detect font faces which were
2400                deleted from the document. Fonts which were newly added to the document
2401                are handled naturally.
2402                Fonts which have a property modified on them are created as if they were new.
2403                However, instead of simply adding the CSSFontFace, we search for the existing
2404                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
2405                adopt this new CSSFontFace. This means that the JavaScript object will just
2406                pick up any newly-written values in the CSSOM. It also means that the
2407                "status" attribute of the JavaScript object is reset, but this is expected
2408                and allowed by the spec. (For example, if you change the "src" attribute of
2409                an @font-face block via the CSSOM, all bets are off when you inspect the
2410                FontFace JS object representing that block.)
2411
2412         Test: fast/text/font-face-set-cssom.html
2413
2414         * css/CSSFontFace.cpp:
2415         (WebCore::CSSFontFace::CSSFontFace):
2416         (WebCore::CSSFontFace::setFamilies):
2417         (WebCore::CSSFontFace::setStyle):
2418         (WebCore::CSSFontFace::setWeight):
2419         (WebCore::CSSFontFace::setUnicodeRange):
2420         (WebCore::CSSFontFace::setVariantLigatures):
2421         (WebCore::CSSFontFace::setVariantPosition):
2422         (WebCore::CSSFontFace::setVariantCaps):
2423         (WebCore::CSSFontFace::setVariantNumeric):
2424         (WebCore::CSSFontFace::setVariantAlternates):
2425         (WebCore::CSSFontFace::setVariantEastAsian):
2426         (WebCore::CSSFontFace::setFeatureSettings):
2427         (WebCore::CSSFontFace::initializeWrapper):
2428         (WebCore::CSSFontFace::wrapper):
2429         (WebCore::CSSFontFace::setWrapper):
2430         (WebCore::CSSFontFace::purgeable):
2431         (WebCore::CSSFontFace::updateStyleIfNeeded):
2432         * css/CSSFontFace.h:
2433         * css/CSSFontFaceSet.cpp:
2434         (WebCore::CSSFontFaceSet::remove):
2435         (WebCore::CSSFontFaceSet::containsCSSConnection):
2436         (WebCore::CSSFontFaceSet::purge):
2437         * css/CSSFontFaceSet.h:
2438         * css/CSSFontSelector.cpp:
2439         (WebCore::CSSFontSelector::buildStarted):
2440         (WebCore::CSSFontSelector::buildCompleted):
2441         (WebCore::CSSFontSelector::addFontFaceRule):
2442         * css/CSSFontSelector.h:
2443         * css/FontFace.cpp:
2444         (WebCore::FontFace::family):
2445         (WebCore::FontFace::style):
2446         (WebCore::FontFace::weight):
2447         (WebCore::FontFace::unicodeRange):
2448         (WebCore::FontFace::variant):
2449         (WebCore::FontFace::featureSettings):
2450         (WebCore::FontFace::adopt):
2451         * css/FontFace.h:
2452
2453 2016-06-11  Chris Dumez  <cdumez@apple.com>
2454
2455         WorkerNavigator is missing some attributes
2456         https://bugs.webkit.org/show_bug.cgi?id=158593
2457         <rdar://problem/26731334>
2458
2459         Reviewed by Darin Adler.
2460
2461         Add attributes that are missing on WorkerNavigator:
2462         - appCodeName
2463         - hardwareConcurrency
2464         - language
2465         - product
2466         - productSub
2467         - vendor
2468         - vendorSub
2469
2470         Firefox and Chrome already expose those attributes.
2471
2472         Relevant specification:
2473         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
2474
2475         This patch also refactors the IDL to match the specification more
2476         closely and promote sharing between Navigator and WorkerNavigator.
2477
2478         No new tests, updated existing test.
2479
2480         * CMakeLists.txt:
2481         * DerivedSources.make:
2482         Add new supplemental IDL files.
2483
2484         * page/Navigator.cpp:
2485         * page/Navigator.h:
2486         Moved language() / hardwareConcurrency() from Navigator to NavigatorBase
2487         so that it can be used by NavigatorWorker as well.
2488
2489         * page/NavigatorBase.h:
2490         * page/NavigatorBase.cpp:
2491         (WebCore::NavigatorBase::language):
2492         The implementation still calls defaultLanguage() but I updated it to be
2493         thread safe on all platforms.
2494
2495         (WebCore::NavigatorBase::hardwareConcurrency):
2496         Use std::call_once() for thread safety.
2497
2498         * page/Navigator.idl:
2499         * page/NavigatorConcurrentHardware.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2500         * page/NavigatorID.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2501         * page/NavigatorLanguage.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2502         * page/NavigatorOnLine.idl: Copied from Source/WebCore/page/WorkerNavigator.idl.
2503         * page/WorkerNavigator.idl:
2504         Move several attributes to their own supplemental interfaces to match
2505         the specification and promote sharing with WorkerNavigator.
2506
2507         * platform/Language.cpp:
2508         (WebCore::userPreferredLanguages):
2509         * platform/Language.h:
2510         Made thread-safe on all platforms.
2511
2512 2016-06-11  Antti Koivisto  <antti@apple.com>
2513
2514         Build fix.
2515
2516         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
2517         (WebCore::NetworkStorageSession::switchToNewTestingSession):
2518
2519 2016-06-10  Antti Koivisto  <antti@apple.com>
2520
2521         Vary:Cookie validation doesn't work in private browsing
2522         https://bugs.webkit.org/show_bug.cgi?id=158616
2523         rdar://problem/26755067
2524
2525         Reviewed by Darin Adler.
2526
2527         This wasn't implemented because there was no way to get NetworkStorageSession from
2528         a SessionID on WebCore side.
2529
2530         The patch adds a simple WebCore level weak map that allows getting NetworkStorageSessions
2531         from SessionID. This seemed like the cleanest way to do this without a big refactoring
2532         around the currently WebKit2 level SessionTracker.
2533
2534         * CMakeLists.txt:
2535         * WebCore.xcodeproj/project.pbxproj:
2536         * platform/network/CacheValidation.cpp:
2537         (WebCore::headerValueForVary):
2538
2539             Get NetworkStorageSession from SessionID for cookies
2540
2541         (WebCore::verifyVaryingRequestHeaders):
2542         * platform/network/NetworkStorageSession.cpp: Added.
2543
2544             Add platform independent .cpp for NetworkStorageSession.
2545             Implement a weak map for SessionID -> NetworkStorageSession.
2546
2547         (WebCore::sessionsMap):
2548         (WebCore::NetworkStorageSession::NetworkStorageSession):
2549         (WebCore::NetworkStorageSession::~NetworkStorageSession):
2550         (WebCore::NetworkStorageSession::forSessionID):
2551
2552             Get NetworkStorageSession for sessionID.
2553
2554         * platform/network/NetworkStorageSession.h:
2555         (WebCore::NetworkStorageSession::sessionID):
2556         (WebCore::NetworkStorageSession::credentialStorage):
2557         * platform/network/cf/NetworkStorageSessionCFNet.cpp:
2558         (WebCore::NetworkStorageSession::NetworkStorageSession):
2559
2560             Call to common constructor.
2561
2562         (WebCore::defaultNetworkStorageSession):
2563         * platform/network/soup/NetworkStorageSessionSoup.cpp:
2564         (WebCore::NetworkStorageSession::NetworkStorageSession):
2565
2566             Call to common constructor.
2567
2568         (WebCore::defaultSession):
2569         (WebCore::NetworkStorageSession::~NetworkStorageSession): Deleted.
2570
2571 2016-06-10  Ada Chan  <adachan@apple.com>
2572
2573         Use the video element's video box when getting the inline video rect in WebVideoFullscreenManager
2574         https://bugs.webkit.org/show_bug.cgi?id=158351
2575         <rdar://problem/26567938>
2576
2577         Reviewed by Darin Adler.
2578
2579         * WebCore.xcodeproj/project.pbxproj:
2580         Change the visibility of RenderVideo.h and RenderMedia.h since we'll be importing RenderVideo.h from WebKit2.
2581         * rendering/RenderVideo.h:
2582
2583 2016-06-10  Benjamin Poulain  <bpoulain@apple.com>
2584
2585         Add support for passive event listeners on touch events
2586         https://bugs.webkit.org/show_bug.cgi?id=158601
2587
2588         Reviewed by Simon Fraser.
2589
2590         This patch wires "passive" state of EventTarget to the delivery of touch
2591         events in WebKit2.
2592
2593         Instead of having a NonFastScrollableRegion, we have a pair of regions
2594         in EventTrackingRegions.
2595         The "asynchronousDispatchRegion" tracks the area for which all event
2596         listeners are passive. For those, events should be dispatched asynchronously.
2597         The "synchronousDispatchRegion" tracks the area for which there is at
2598         least one active event listener. Events have to be dispatched synchronously
2599         for correctness.
2600
2601         Tests: fast/events/touch/ios/tap-with-active-listener-on-elements.html
2602                fast/events/touch/ios/tap-with-active-listener-on-window.html
2603                fast/events/touch/ios/tap-with-passive-listener-on-elements.html
2604                fast/events/touch/ios/tap-with-passive-listener-on-window.html
2605
2606         * WebCore.xcodeproj/project.pbxproj:
2607         * dom/Document.cpp:
2608         (WebCore::Document::wheelEventHandlersChanged):
2609         (WebCore::Document::Document): Deleted.
2610         * dom/Document.h:
2611
2612         * dom/EventListenerMap.cpp:
2613         (WebCore::EventListenerMap::containsActive):
2614         If a Target has multiple listener for an event type, we want to know
2615         if any of them is active.
2616
2617         * dom/EventListenerMap.h:
2618         * dom/EventTarget.cpp:
2619         (WebCore::EventTarget::hasActiveEventListeners):
2620         (WebCore::EventTarget::hasActiveTouchEventListeners):
2621         * dom/EventTarget.h:
2622
2623         * page/DebugPageOverlays.cpp:
2624         (WebCore::NonFastScrollableRegionOverlay::updateRegion):
2625         I did not change the debug overlays.
2626         The NonFastScrollable area is the region for which events needs
2627         synchronous dispatch. Everything else should scroll without delay.
2628
2629         * page/FrameView.cpp:
2630         (WebCore::FrameView::scrollableAreaSetChanged):
2631         * page/Page.cpp:
2632         (WebCore::Page::nonFastScrollableRects):
2633         * page/scrolling/AsyncScrollingCoordinator.cpp:
2634         (WebCore::AsyncScrollingCoordinator::setEventTrackingRegionsDirty):
2635         (WebCore::AsyncScrollingCoordinator::willCommitTree):
2636         (WebCore::AsyncScrollingCoordinator::updateEventTrackingRegions):
2637         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
2638         (WebCore::AsyncScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2639         (WebCore::AsyncScrollingCoordinator::scrollingStateTreeAsText):
2640         (WebCore::AsyncScrollingCoordinator::setNonFastScrollableRegionDirty): Deleted.
2641         (WebCore::AsyncScrollingCoordinator::updateNonFastScrollableRegion): Deleted.
2642         (WebCore::AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2643         * page/scrolling/AsyncScrollingCoordinator.h:
2644         (WebCore::AsyncScrollingCoordinator::eventTrackingRegionsDirty):
2645         (WebCore::AsyncScrollingCoordinator::nonFastScrollableRegionDirty): Deleted.
2646
2647         * page/scrolling/ScrollingCoordinator.cpp:
2648         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame):
2649         (WebCore::ScrollingCoordinator::absoluteEventTrackingRegions):
2650         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame): Deleted.
2651         (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegion): Deleted.
2652         I intentionally left the Wheel event with synchronous dispatch.
2653         This use case will need its own set of tests.
2654
2655         * page/scrolling/ScrollingCoordinator.h:
2656         (WebCore::ScrollingCoordinator::frameViewEventTrackingRegionsChanged):
2657         (WebCore::ScrollingCoordinator::frameViewNonFastScrollableRegionChanged): Deleted.
2658         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
2659         (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
2660         (WebCore::ScrollingStateFrameScrollingNode::setEventTrackingRegions):
2661         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
2662         (WebCore::ScrollingStateFrameScrollingNode::setNonFastScrollableRegion): Deleted.
2663         * page/scrolling/ScrollingStateFrameScrollingNode.h:
2664         * page/scrolling/ScrollingTree.cpp:
2665         (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
2666         (WebCore::ScrollingTree::commitNewTreeState):
2667         (WebCore::ScrollingTree::eventTrackingTypeForPoint):
2668         (WebCore::ScrollingTree::isPointInNonFastScrollableRegion): Deleted.
2669         * page/scrolling/ScrollingTree.h:
2670         * page/scrolling/mac/ScrollingCoordinatorMac.mm:
2671         (WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
2672         * platform/EventTrackingRegions.h: Added.
2673         (WebCore::EventTrackingRegions::isEmpty):
2674         (WebCore::EventTrackingRegions::trackingTypeForPoint):
2675         (WebCore::operator==):
2676
2677 2016-06-10  Enrica Casucci  <enrica@apple.com>
2678
2679         REGRESSION(r198177): Cannot paste an image when the pasteboard format is mime type.
2680         https://bugs.webkit.org/show_bug.cgi?id=158590
2681         rdar://problem/25471371
2682
2683         Reviewed by Darin Adler.
2684
2685         When creating a fragment from an image resource, the resource needs to
2686         be added to the document loader before setting the src attribute to the
2687         image element, otherwise loading is triggered and the loading fails.
2688         In r198177 the order of the operations was changed causing the bug.
2689         This patch adds support to test the scenario where the image in the pasteboard
2690         is available only as mime type (not WebArchive or RTFD), a situation that occurs
2691         more frequently on iOS.
2692
2693         Test: editing/pasteboard/image-in-iframe.html
2694
2695         * editing/ios/EditorIOS.mm:
2696         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2697         * editing/mac/EditorMac.mm:
2698         (WebCore::Editor::WebContentReader::readWebArchive):
2699         (WebCore::Editor::WebContentReader::readRTFD):
2700         (WebCore::Editor::WebContentReader::readRTF):
2701         (WebCore::Editor::createFragmentForImageResourceAndAddResource):
2702         * page/Settings.cpp:
2703         (WebCore::Settings::setImagesEnabled):
2704         (WebCore::Settings::setPreferMimeTypeForImages):
2705         (WebCore::Settings::setForcePendingWebGLPolicy):
2706         * page/Settings.h:
2707         (WebCore::Settings::areImagesEnabled):
2708         (WebCore::Settings::preferMimeTypeForImages):
2709         (WebCore::Settings::arePluginsEnabled):
2710         * testing/InternalSettings.cpp:
2711         (WebCore::InternalSettings::Backup::restoreTo):
2712         (WebCore::InternalSettings::setLangAttributeAwareFormControlUIEnabled):
2713         (WebCore::InternalSettings::setPreferMimeTypeForImages):
2714         (WebCore::InternalSettings::setImagesEnabled):
2715         * testing/InternalSettings.h:
2716         * testing/InternalSettings.idl:
2717
2718 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2719
2720         Fix WinCairo build after r201943
2721
2722         * platform/network/curl/MultipartHandle.cpp:
2723         (WebCore::MultipartHandle::didReceiveResponse):
2724         * platform/network/curl/ResourceHandleManager.cpp:
2725         (WebCore::handleLocalReceiveResponse):
2726         (WebCore::headerCallback):
2727         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2728
2729 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2730
2731         handleDataURL is only used by curl
2732         https://bugs.webkit.org/show_bug.cgi?id=158636
2733
2734         Reviewed by Tim Horton.
2735
2736         * CMakeLists.txt:
2737         * platform/network/DataURL.cpp: Removed.
2738         * platform/network/DataURL.h: Removed.
2739         * platform/network/curl/ResourceHandleManager.cpp:
2740         (WebCore::ResourceHandleManager::startScheduledJobs):
2741         (WebCore::handleDataURL):
2742         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
2743
2744 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2745
2746         Reduce ResourceResponse copying
2747         https://bugs.webkit.org/show_bug.cgi?id=158232
2748
2749         Reviewed by Darin Adler.
2750
2751         No new tests.  No change in behavior except removing an unnecessary copy on cocoa platforms.
2752
2753         * loader/ResourceLoader.cpp:
2754         (WebCore::ResourceLoader::didSendData):
2755         (WebCore::ResourceLoader::didReceiveResponse):
2756         * loader/ResourceLoader.h:
2757         * loader/appcache/ApplicationCacheGroup.cpp:
2758         (WebCore::ApplicationCacheGroup::createResourceHandle):
2759         (WebCore::ApplicationCacheGroup::didReceiveResponse):
2760         * loader/appcache/ApplicationCacheGroup.h:
2761         * platform/graphics/PlatformMediaResourceLoader.h:
2762         (WebCore::PlatformMediaResourceClient::~PlatformMediaResourceClient):
2763         (WebCore::PlatformMediaResourceClient::responseReceived):
2764         (WebCore::PlatformMediaResourceClient::redirectReceived):
2765         (WebCore::PlatformMediaResourceClient::shouldCacheResponse):
2766         (WebCore::PlatformMediaResourceClient::dataSent):
2767         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
2768         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2769         (ResourceHandleStreamingClient::willSendRequest):
2770         (ResourceHandleStreamingClient::didReceiveResponse):
2771         * platform/network/BlobResourceHandle.cpp:
2772         (WebCore::BlobResourceHandle::notifyResponseOnSuccess):
2773         (WebCore::BlobResourceHandle::notifyResponseOnError):
2774         (WebCore::BlobResourceHandle::notifyReceiveData):
2775         * platform/network/DataURL.cpp:
2776         (WebCore::handleDataURL):
2777         * platform/network/PingHandle.h:
2778         (WebCore::PingHandle::PingHandle):
2779         * platform/network/ResourceHandleClient.cpp:
2780         (WebCore::ResourceHandleClient::willSendRequestAsync):
2781         (WebCore::ResourceHandleClient::didReceiveResponseAsync):
2782         * platform/network/ResourceHandleClient.h:
2783         (WebCore::ResourceHandleClient::didSendData):
2784         (WebCore::ResourceHandleClient::didReceiveResponse):
2785         (WebCore::ResourceHandleClient::didReceiveData):
2786         * platform/network/ResourceResponseBase.cpp:
2787         (WebCore::ResourceResponseBase::ResourceResponseBase):
2788         (WebCore::ResourceResponseBase::includeCertificateInfo):
2789         (WebCore::ResourceResponseBase::suggestedFilename):
2790         (WebCore::ResourceResponseBase::certificateInfo): Deleted.
2791         * platform/network/ResourceResponseBase.h:
2792         (WebCore::ResourceResponseBase::certificateInfo):
2793         (WebCore::ResourceResponseBase::encode):
2794         (WebCore::ResourceResponseBase::decode):
2795         (WebCore::ResourceResponseBase::containsCertificateInfo): Deleted.
2796         * platform/network/SynchronousLoaderClient.cpp:
2797         (WebCore::SynchronousLoaderClient::canAuthenticateAgainstProtectionSpace):
2798         (WebCore::SynchronousLoaderClient::didReceiveResponse):
2799         (WebCore::SynchronousLoaderClient::didReceiveData):
2800         * platform/network/SynchronousLoaderClient.h:
2801         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
2802         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
2803         * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
2804         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
2805         (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveData):
2806         * platform/network/mac/WebCoreResourceHandleAsDelegate.mm:
2807         (-[WebCoreResourceHandleAsDelegate connection:didReceiveResponse:]):
2808         * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
2809         (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
2810         * platform/network/soup/ResourceHandleSoup.cpp:
2811         (WebCore::nextMultipartResponsePartCallback):
2812         (WebCore::sendRequestCallback):
2813
2814 2016-06-09  Ryosuke Niwa  <rniwa@webkit.org>
2815
2816         Add SPI to disable spellchecking on auto-fillable text fields
2817         https://bugs.webkit.org/show_bug.cgi?id=158611
2818
2819         Reviewed by Anders Carlsson.
2820
2821         Added a boolean flag m_isSpellCheckingEnabled to HTMLInputElement. This flag defaults to true, and can be set
2822         to false by WebKit2 C API.
2823
2824         * editing/Editor.cpp:
2825         (WebCore::Editor::isSpellCheckingEnabledFor): Fixed a bug that we were calling isSpellCheckingEnabled on
2826         the div inside an input element's shadow tree instead of the input element itself.
2827         * html/HTMLInputElement.cpp:
2828         (WebCore::HTMLInputElement::HTMLInputElement): Initialize m_spellcheckEnabled to true (it's a bit field).
2829         (WebCore::HTMLInputElement::isSpellCheckingEnabled): Added. Return false if m_spellcheckEnabled is false.
2830         * html/HTMLInputElement.h:
2831         (WebCore::HTMLInputElement::setSpellcheckEnabled): Added.
2832
2833 2016-06-10  Alex Christensen  <achristensen@webkit.org>
2834
2835         Introduce WTF::UniqueRef
2836         https://bugs.webkit.org/show_bug.cgi?id=158596
2837
2838         Reviewed by Brady Eidson.
2839
2840         No new tests.  No change in behavior.
2841
2842         * inspector/InspectorOverlay.cpp:
2843         (WebCore::InspectorOverlay::overlayPage):
2844         * loader/EmptyClients.cpp:
2845         (WebCore::fillWithEmptyClients):
2846         * page/Page.cpp:
2847         (WebCore::Page::Page):
2848         * page/Page.h:
2849         (WebCore::Page::canStartMedia):
2850         (WebCore::Page::editorClient):
2851         (WebCore::Page::plugInClient):
2852         (WebCore::Page::mainFrame):
2853         (WebCore::Page::groupPtr): Deleted.
2854         * page/PageConfiguration.cpp:
2855         (WebCore::PageConfiguration::PageConfiguration):
2856         * page/PageConfiguration.h:
2857         * svg/graphics/SVGImage.cpp:
2858         (WebCore::SVGImage::dataChanged):
2859
2860 2016-06-10  Joseph Pecoraro  <pecoraro@apple.com>
2861
2862         Web Inspector: Cleanup InspectorIndexedDBAgent a bit
2863         https://bugs.webkit.org/show_bug.cgi?id=158598
2864
2865         Reviewed by Darin Adler.
2866
2867         * inspector/InspectorIndexedDBAgent.cpp:
2868
2869 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2870
2871         Origin header is not included in CORS requests for preloaded cross-origin resources
2872         https://bugs.webkit.org/show_bug.cgi?id=155761
2873         <rdar://problem/25351850>
2874
2875         Reviewed by Alex Christensen.
2876
2877         Making HTML preloader fully aware of crossorigin attribute value.
2878         Introducing CachedResourceRequest::setAsPotentiallyCrossOrigin as a helper routine to activate CORS mode.
2879         Making HTMLLinkElement and HTMLResourcePreloader use that routine.
2880         Making TokenPreloadScanner store the crossorigin attribute value in preload requests.
2881         Making TokenPreloadScanner store the crossorigin attribute value for link elements.
2882
2883         Test: http/tests/security/cross-origin-css-9.html
2884
2885         * html/HTMLLinkElement.cpp:
2886         (WebCore::HTMLLinkElement::process):
2887         * html/parser/HTMLPreloadScanner.cpp:
2888         (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest):
2889         (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
2890         * html/parser/HTMLResourcePreloader.cpp:
2891         (WebCore::crossOriginModeAllowsCookies):
2892         (WebCore::PreloadRequest::resourceRequest):
2893         * html/parser/HTMLResourcePreloader.h:
2894         (WebCore::PreloadRequest::setCrossOriginMode):
2895         (WebCore::PreloadRequest::PreloadRequest): Deleted.
2896         (WebCore::PreloadRequest::resourceType): Deleted.
2897         * loader/cache/CachedResourceRequest.cpp:
2898         (WebCore::CachedResourceRequest::setAsPotentiallyCrossOrigin):
2899         * loader/cache/CachedResourceRequest.h:
2900
2901 2016-06-10  Chris Dumez  <cdumez@apple.com>
2902
2903         ErrorEvent / ProgressEvent should be exposed to workers
2904         https://bugs.webkit.org/show_bug.cgi?id=158606
2905
2906         Reviewed by Brady Eidson.
2907
2908         ErrorEvent / ProgressEvent should be exposed to workers:
2909         - https://html.spec.whatwg.org/multipage/webappapis.html#errorevent
2910         - https://xhr.spec.whatwg.org/#interface-progressevent
2911
2912         Firefox and Chrome both already expose those.
2913
2914         No new tests, rebaselined existing test.
2915
2916         * dom/ErrorEvent.idl:
2917         * dom/ProgressEvent.idl:
2918
2919 2016-06-10  Chris Dumez  <cdumez@apple.com>
2920
2921         MessagePort should be exposed to workers
2922         https://bugs.webkit.org/show_bug.cgi?id=158607
2923
2924         Reviewed by Brady Eidson.
2925
2926         MessagePort should be exposed to workers:
2927         https://html.spec.whatwg.org/multipage/comms.html#messageport
2928
2929         Firefox and Chrome both already expose it.
2930
2931         No new tests, rebaselined existing test.
2932
2933         * dom/MessagePort.idl:
2934
2935 2016-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2936
2937         Move preflight check code outside of DocumentThreadableLoader
2938         https://bugs.webkit.org/show_bug.cgi?id=158425
2939
2940         Reviewed by Darin Adler.
2941
2942         Moving preflight check code in its own class.
2943         This allows code to be easier to read, use/reuse and update.
2944
2945         Behavior should be the same as before except in the case of a preflight response
2946         being a 3XX redirect response.
2947         Before this patch, the 3XX response was directly passed to the code processing regular responses.
2948         To keep compatibility with existing tests, a didFailRedirectCheck callback is called.
2949         This should be change to a preflight failure.
2950
2951         Covered by existing tests.
2952
2953         * CMakeLists.txt:
2954         * WebCore.xcodeproj/project.pbxproj:
2955         * loader/CrossOriginPreflightChecker.cpp: Added.
2956         (WebCore::CrossOriginPreflightChecker::CrossOriginPreflightChecker):
2957         (WebCore::CrossOriginPreflightChecker::~CrossOriginPreflightChecker):
2958         (WebCore::CrossOriginPreflightChecker::handleLoadingFailure):
2959         (WebCore::CrossOriginPreflightChecker::validatePreflightResponse):
2960         (WebCore::CrossOriginPreflightChecker::notifyFinished):
2961         (WebCore::CrossOriginPreflightChecker::startPreflight):
2962         (WebCore::CrossOriginPreflightChecker::doPreflight):
2963         (WebCore::CrossOriginPreflightChecker::redirectReceived):
2964         (WebCore::CrossOriginPreflightChecker::setDefersLoading):
2965         (WebCore::CrossOriginPreflightChecker::isXMLHttpRequest):
2966         * loader/CrossOriginPreflightChecker.h: Added.
2967         * loader/DocumentThreadableLoader.cpp:
2968         (WebCore::DocumentThreadableLoader::create):
2969         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
2970         (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequestWithPreflight):
2971         (WebCore::DocumentThreadableLoader::setDefersLoading):
2972         (WebCore::DocumentThreadableLoader::clearResource):
2973         (WebCore::DocumentThreadableLoader::didReceiveResponse):
2974         (WebCore::DocumentThreadableLoader::didReceiveData):
2975         (WebCore::DocumentThreadableLoader::notifyFinished):
2976         (WebCore::DocumentThreadableLoader::didFinishLoading):
2977         (WebCore::DocumentThreadableLoader::didFail):
2978         (WebCore::DocumentThreadableLoader::preflightSuccess):
2979         (WebCore::DocumentThreadableLoader::preflightFailure):
2980         (WebCore::DocumentThreadableLoader::loadRequest):
2981         (WebCore::DocumentThreadableLoader::responseReceived): Deleted.
2982         (WebCore::DocumentThreadableLoader::dataReceived): Deleted.
2983         (WebCore::DocumentThreadableLoader::isAllowedByContentSecurityPolicy): Deleted.
2984         * loader/DocumentThreadableLoader.h:
2985         (WebCore::DocumentThreadableLoader::options):
2986         (WebCore::DocumentThreadableLoader::isLoading):
2987         (WebCore::DocumentThreadableLoader::document):
2988
2989 2016-06-10  Adam Bergkvist  <adam.bergkvist@ericsson.com>
2990
2991         WebRTC: Imlement MediaEndpointPeerConnection::createAnswer()
2992         https://bugs.webkit.org/show_bug.cgi?id=158566
2993
2994         Reviewed by Eric Carlson.
2995
2996         Add the MediaEndpointPeerConnection implementation of RTCPeerConnection.createAnswer [1].
2997         createAnswer() creates a 'reply' to an remote offer set with setRemoteDescription(),
2998         completes the offer/answer dialog and brings the RTCPeerConnection back to the 'stable'
2999         signaling state.
3000
3001         [1] https://w3c.github.io/webrtc-pc/archives/20160513/webrtc.html#dom-rtcpeerconnection-createanswer
3002
3003         Test: fast/mediastream/RTCPeerConnection-inspect-answer.html
3004
3005         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
3006         (WebCore::MediaEndpointPeerConnection::createOfferTask):
3007         Align creation of RTCSessionDescription with createAnswerTask.
3008         (WebCore::MediaEndpointPeerConnection::createAnswer):
3009         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
3010         Add Implementation.
3011         * Modules/mediastream/MediaEndpointPeerConnection.h:
3012
3013 2016-06-08  Sergio Villar Senin  <svillar@igalia.com>
3014
3015         [css-grid] CRASH when getting the computed style of a grid with only absolutely positioned children
3016         https://bugs.webkit.org/show_bug.cgi?id=158537
3017
3018         Reviewed by Darin Adler.
3019
3020         Absolute positioning occurs after layout of the grid and its in-flow contents, and does not
3021         contribute to the sizing of any grid tracks or affect the size/configuration of the grid in
3022         any way. This means that we should treat as empty any grid whose only children are
3023         absolutely positioned items.
3024
3025         Since r201510 empty grids are no longer internally represented by a 1x1 matrix. As we were
3026         not considering grids-with-only-absolutely-positioned-children as empty, we were trying to
3027         access some invalid position in the internal representation of the grid triggering an ASSERT
3028         in debug builds and a crash in release.
3029
3030         Test: fast/css-grid-layout/grid-only-abspos-item-computed-style-crash.html
3031
3032         * css/CSSComputedStyleDeclaration.cpp:
3033         (WebCore::valueForGridTrackList):
3034
3035 2016-06-10  Chris Dumez  <cdumez@apple.com>
3036
3037         DOMException should be exposed to workers
3038         https://bugs.webkit.org/show_bug.cgi?id=158608
3039
3040         Reviewed by Alex Christensen.
3041
3042         DOMException should be exposed to workers:
3043         https://heycam.github.io/webidl/#es-DOMException-call
3044
3045         Both Firefox and Chrome expose DOMException to workers already.
3046
3047         No new tests, rebaselined existing test.
3048
3049         * dom/DOMCoreException.idl:
3050
3051 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3052
3053         Fix CMake build.
3054
3055         * PlatformMac.cmake:
3056
3057 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3058
3059         Fix AppleWin build after r201901.
3060         https://bugs.webkit.org/show_bug.cgi?id=119839
3061
3062         * platform/graphics/ca/win/PlatformCALayerWin.cpp:
3063         (PlatformCALayerWin::backingStoreAttached):
3064         (PlatformCALayerWin::userInteractionEnabled):
3065         (PlatformCALayerWin::setUserInteractionEnabled):
3066         (PlatformCALayerWin::geometryFlipped):
3067         * platform/graphics/ca/win/PlatformCALayerWin.h:
3068
3069 2016-06-09  Chris Fleizach  <cfleizach@apple.com>
3070
3071         AX: VoiceOver Unable to View Download Progress or Completion Status for Mail Attachments
3072         https://bugs.webkit.org/show_bug.cgi?id=158581
3073
3074         Reviewed by Darin Adler.
3075
3076         Update attachment element accessibility so that:
3077            1) the action name comes first to match UI
3078            2) on iOS, it has the updates frequently trait
3079
3080         Make sure this test now runs on iOS as well.
3081
3082         Modified tests: accessibility/attachment-element.html
3083
3084         * accessibility/AccessibilityAttachment.cpp:
3085         (WebCore::AccessibilityAttachment::accessibilityText):
3086         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
3087         (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
3088         (-[WebAccessibilityObjectWrapper accessibilityTraits]):
3089         (-[WebAccessibilityObjectWrapper accessibilityValue]):
3090         (-[WebAccessibilityObjectWrapper accessibilityIsAttachmentElement]):
3091         (-[WebAccessibilityObjectWrapper accessibilityIsComboBox]):
3092
3093 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3094
3095         Clean up WebCore.vcxproj after switching to CMake.
3096
3097         * WebCore.vcxproj/QTMovieWin: Removed.
3098         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoDebug.props: Removed.
3099         * WebCore.vcxproj/QTMovieWin/QTMovieWinCairoRelease.props: Removed.
3100         * WebCore.vcxproj/QTMovieWin/QTMovieWinCommon.props: Removed.
3101         * WebCore.vcxproj/QTMovieWin/QTMovieWinDebug.props: Removed.
3102         * WebCore.vcxproj/QTMovieWin/QTMovieWinPostBuild.cmd: Removed.
3103         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreBuild.cmd: Removed.
3104         * WebCore.vcxproj/QTMovieWin/QTMovieWinPreLink.cmd: Removed.
3105         * WebCore.vcxproj/QTMovieWin/QTMovieWinProduction.props: Removed.
3106         * WebCore.vcxproj/QTMovieWin/QTMovieWinRelease.props: Removed.
3107         * WebCore.vcxproj/xcopy.excludes: Removed.
3108
3109 2016-06-09  Zalan Bujtas  <zalan@apple.com>
3110
3111         Hairline borders do not show up on 3x displays.
3112         https://bugs.webkit.org/show_bug.cgi?id=158604
3113         <rdar://problem/26511679>
3114
3115         Reviewed by Simon Fraser.
3116
3117         On a 3x display, when we convert a 1/3px hairline border from float
3118         to LayoutUnit and pixel floor the result, we end up with a 0px width border.
3119         It's because float to LayoutUnit is lossy and since the current kFixedPointDenominator % 3 != 0,
3120         flooring LayoutUnit(1/3px) ends up being 0px. (float: 1/3 -> LayoutUnit: (1/3 - 1/kFixedPointDenominator) -> floor: 0)
3121         This patch eliminates the (unnecessary) float -> LayoutUnit - float conversion on border width.   
3122
3123         Test: fast/borders/hidpi-3x-input-hairline-border.html
3124
3125         * rendering/BorderEdge.cpp:
3126         (WebCore::BorderEdge::BorderEdge):
3127         * rendering/BorderEdge.h:
3128
3129 2016-06-09  Commit Queue  <commit-queue@webkit.org>
3130
3131         Unreviewed, rolling out r201887.
3132         https://bugs.webkit.org/show_bug.cgi?id=158610
3133
3134         This change caused LayoutTest crashes under GuardMalloc and
3135         ASan (Requested by ryanhaddad on #webkit).
3136
3137         Reverted changeset:
3138
3139         "Deleting a CSSOM style rule invalidates any previously-added
3140         FontFaces"
3141         https://bugs.webkit.org/show_bug.cgi?id=158450
3142         http://trac.webkit.org/changeset/201887
3143
3144 2016-06-09  Chris Dumez  <cdumez@apple.com>
3145
3146         Address Darin's review comment on r201898.
3147         https://bugs.webkit.org/show_bug.cgi?id=158576
3148
3149         Reviewed by Darin Adler.
3150
3151         * page/Base64Utilities.h:
3152
3153 2016-06-09  Antoine Quint  <graouts@apple.com>
3154
3155         [iOS] -webkit-overflow-scrolling: touch; ignores pointer-events: none;
3156         https://bugs.webkit.org/show_bug.cgi?id=119839
3157         <rdar://problem/9671514>
3158
3159         Reviewed by Simon Fraser.
3160
3161         Propagate a "userInteractionEnabled" flag from the Web process which is used to turn off
3162         user interaction on a UIScrollView created for -webkit-overflow-scrolling: touch.
3163
3164         Test: fast/scrolling/ios/touch-scroll-pointer-events-none.html
3165
3166         * platform/graphics/GraphicsLayer.cpp:
3167         (WebCore::GraphicsLayer::GraphicsLayer):
3168         * platform/graphics/GraphicsLayer.h:
3169         (WebCore::GraphicsLayer::userInteractionEnabled):
3170         (WebCore::GraphicsLayer::setUserInteractionEnabled):
3171         * platform/graphics/ca/GraphicsLayerCA.cpp:
3172         (WebCore::GraphicsLayerCA::setUserInteractionEnabled):
3173         (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
3174         (WebCore::GraphicsLayerCA::updateUserInteractionEnabled):
3175         * platform/graphics/ca/GraphicsLayerCA.h:
3176         * platform/graphics/ca/PlatformCALayer.h:
3177         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h:
3178         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
3179         (PlatformCALayerCocoa::userInteractionEnabled):
3180         (PlatformCALayerCocoa::setUserInteractionEnabled):
3181         * rendering/RenderLayerBacking.cpp:
3182         (WebCore::RenderLayerBacking::updateAfterDescendants):
3183
3184 2016-06-09  Chris Dumez  <cdumez@apple.com>
3185
3186         WorkerNavigator property should exist on WorkerGlobalScope
3187         https://bugs.webkit.org/show_bug.cgi?id=158574
3188         <rdar://problem/26725108>
3189
3190         Reviewed by Darin Adler.
3191
3192         WorkerNavigator property should exist on WorkerGlobalScope:
3193         https://html.spec.whatwg.org/multipage/workers.html#the-workernavigator-object
3194
3195         Fixing this gets the number of failures on http://w3c-test.org/workers/interfaces.worker
3196         from 34 to 23.
3197
3198         No new tests, rebaselined existing test.
3199
3200         * page/WorkerNavigator.idl:
3201
3202 2016-06-09  Chris Dumez  <cdumez@apple.com>
3203
3204         atob() / btoa() API should be exposed to workers
3205         https://bugs.webkit.org/show_bug.cgi?id=158576
3206         <rdar://problem/26729340>
3207
3208         Reviewed by Sam Weinig.
3209
3210         Expose atob() / btoa() API to workers as per:
3211         https://html.spec.whatwg.org/multipage/webappapis.html#windoworworkerglobalscope
3212
3213         This aligns our behavior with Firefox and Chrome as well.
3214
3215         Test: fast/workers/atob-btoa.html
3216
3217         * CMakeLists.txt:
3218         * DerivedSources.cpp:
3219         * DerivedSources.make:
3220         * PlatformMac.cmake:
3221         * WebCore.xcodeproj/project.pbxproj:
3222         * page/Base64Utilities.cpp: Added.
3223         (WebCore::Base64Utilities::btoa):
3224         (WebCore::Base64Utilities::atob):
3225         * page/Base64Utilities.h: Added.
3226         * page/DOMWindow.cpp:
3227         (WebCore::DOMWindow::find): Deleted.
3228         (WebCore::DOMWindow::offscreenBuffering): Deleted.
3229         (WebCore::DOMWindow::outerHeight): Deleted.
3230         (WebCore::DOMWindow::outerWidth): Deleted.
3231         * page/DOMWindow.h:
3232         * page/DOMWindow.idl:
3233         * page/WindowBase64.idl: Removed.
3234         * page/WindowOrWorkerGlobalScope.idl: Renamed from Source/WebCore/page/WindowTimers.idl.
3235         * workers/WorkerGlobalScope.h:
3236         * workers/WorkerGlobalScope.idl:
3237
3238 2016-06-09  John Wilander  <wilander@apple.com>
3239
3240         Restrict HTTP/0.9 responses to default ports and cancel HTTP/0.9 resource loads if the document was loaded with another HTTP protocol
3241         https://bugs.webkit.org/show_bug.cgi?id=158589
3242         <rdar://problem/25757454>
3243
3244         Reviewed by Brent Fulgham.
3245
3246         No new tests. Our layout test environment does not allow for headerless responses
3247         nor does it allow you to set an explicit HTTP/0.9 status header in PHP. I have
3248         manually tested this change with a Python socket setup doing both headerless and
3249         HTTP/0.9 header tests for positive and negative cases.
3250
3251         * loader/DocumentLoader.cpp:
3252         (WebCore::DocumentLoader::responseReceived):
3253             Cancel loads if the request was made to a non-default port.
3254         * loader/ResourceLoader.cpp:
3255         (WebCore::ResourceLoader::didReceiveResponse):
3256             Cancel loads if the request was made to a non-default port or if the document
3257             was loaded with another protocol. Cancelation is handled as a fail so as to
3258             fire the onerror event and allow sites to handle it gracefully.
3259
3260 2016-06-09  Alex Christensen  <achristensen@webkit.org>
3261
3262         Clean up EditorClient lifetime
3263         https://bugs.webkit.org/show_bug.cgi?id=158588
3264
3265         Reviewed by Anders Carlsson.
3266
3267         No new tests.  This patch does two things, all of which do not change behavior:
3268         1. Use a std::unique_ptr<EditorClient> owned by the Page instead of allocating
3269         with new in WebKit/WebKit2 and deleting in WebEditorClient::pageDestroyed.
3270         2. Give the Page a PageConfiguration&& instead of a PageConfiguration& in its constructor.
3271
3272         * inspector/InspectorOverlay.cpp:
3273         (WebCore::InspectorOverlay::overlayPage):
3274         * loader/EmptyClients.cpp:
3275         (WebCore::fillWithEmptyClients):
3276         * loader/EmptyClients.h:
3277         (WebCore::EmptyEditorClient::EmptyEditorClient):
3278         (WebCore::EmptyEditorClient::~EmptyEditorClient):
3279         * page/EditorClient.h:
3280         (WebCore::EditorClient::~EditorClient):
3281         * page/Page.cpp:
3282         (WebCore::Page::Page):
3283         (WebCore::Page::~Page):
3284         (WebCore::Page::setViewMode):
3285         (WebCore::Page::clearUndoRedoOperations):
3286         (WebCore::Page::inLowQualityImageInterpolationMode):
3287         (WebCore::Page::invalidateStylesForAllLinks):
3288         (WebCore::Page::invalidateStylesForLink):
3289         (WebCore::Page::invalidateInjectedStyleSheetCacheInAllFrames):
3290         (WebCore::Page::setDebugger):
3291         (WebCore::Page::setIsVisibleInternal):
3292         (WebCore::Page::setAllowsMediaDocumentInlinePlayback):
3293         * page/Page.h:
3294         (WebCore::Page::canStartMedia):
3295         (WebCore::Page::editorClient):
3296         (WebCore::Page::plugInClient):
3297         (WebCore::Page::mainFrame):
3298         (WebCore::Page::group):
3299         * page/PageConfiguration.cpp:
3300         * page/PageConfiguration.h:
3301         * page/mac/PageMac.mm:
3302         (WebCore::Page::addSchedulePair):
3303         (WebCore::Page::removeSchedulePair):
3304         * svg/graphics/SVGImage.cpp:
3305         (WebCore::SVGImage::dataChanged):
3306
3307 2016-06-09  Joseph Pecoraro  <pecoraro@apple.com>
3308
3309         REGRESSION: Web Inspector: IndexedDB does not show ObjectStore data
3310         https://bugs.webkit.org/show_bug.cgi?id=158592
3311         <rdar://problem/26730696>
3312
3313         Reviewed by Timothy Hatcher.
3314
3315         * inspector/InspectorIndexedDBAgent.cpp:
3316         (WebCore::DataLoader::execute):
3317         Ensure the IDBTransaction is active when attempting to open a cursor.
3318
3319         (WebCore::OpenCursorCallback::handleEvent):
3320         End, when the cursor result is empty, like we do for script results.
3321
3322 2016-06-09  Antoine Quint  <graouts@apple.com>
3323
3324         Changing canvas height immediately after page load does not relayout canvas
3325         https://bugs.webkit.org/show_bug.cgi?id=156097
3326
3327         Reviewed by Zalan Bujtas.
3328
3329         Promote the logic use to identify whether we should perform a layout after a change of
3330         intrinsic size from RenderImage to RenderReplaced such that RenderCanvas may use it
3331         in canvasSizeChanged() and correctly update its layout in the case where the width
3332         or height attribute is updated and there are no explicit sizing performed with CSS.
3333         Additionally, this will also account for the object-fix property to only perform
3334         a layout if necessary.
3335
3336         Test: fast/canvas/canvas-css-size-after-height-change-with-display-flex.html
3337
3338         * rendering/RenderHTMLCanvas.cpp:
3339         (WebCore::RenderHTMLCanvas::canvasSizeChanged):
3340         * rendering/RenderImage.cpp:
3341         (WebCore::RenderImage::repaintOrMarkForLayout):
3342         * rendering/RenderReplaced.cpp:
3343         (WebCore::RenderReplaced::setNeedsLayoutIfNeededAfterIntrinsicSizeChange):
3344         * rendering/RenderReplaced.h:
3345
3346 2016-06-09  Myles C. Maxfield  <mmaxfield@apple.com>
3347
3348         Deleting a CSSOM style rule invalidates any previously-added FontFaces
3349         https://bugs.webkit.org/show_bug.cgi?id=158450
3350
3351         Reviewed by Darin Adler.
3352
3353         This patch has two pieces: updating the CSSOM when the FontFace changes, and
3354         updating the FontFace when the CSSOM changes.
3355
3356         1: Updating the CSSOM when the FontFace changes: CSSFontFaces already have a RefPtr
3357         to their StyleRuleFontFace which represents their CSS-connection. When changing a
3358         property of the CSSFontFace, we simply reach into the StyleRule and update it to
3359         match. Our existing infrastructure of invalidation due to the attribute changes
3360         makes sure that all the necessary updates occur.
3361
3362         2. Updating the FontFace when the CSSOM changes: If the CSSOM changes in a trivial
3363         way (for example, a new @font-face is appended to the end of the last <style>
3364         element), we can handle it directly. However, when something more invasive occurs,
3365         we end up clearing the entire CSSFontSelector, and then adding all the style rules
3366         from scratch. This involves three steps:
3367             a) CSSFontSelector::buildStarted() is run, which means "we're about to start
3368                building up all the @font-face rules from scratch." We take this opportunity
3369                to purge as many fonts as possible. This is valuable because, for example,
3370                this function gets run when the page gets put into the page cache, so we
3371                want to destroy as much as possible. Not everything can be purged, however -
3372                only CSS-connected fonts which have never been inspected by script are
3373                purgeable. We don't allow fonts inspected by script to be purged because
3374                purging might result in a font appearing from JavaScript to transition from
3375                a success -> failure state, which we don't allow.
3376             b) Upon style recalc (possibly asynchronously) CSSFontSelector::addFontFaceRule()
3377                is called for each @font-face rule. We actually detect that we're in the
3378                middle of a style rebuild, and defer this step.
3379             c) When we're done adding all the font face rules, we call
3380                CSSFontSelector::buildCompleted(). This is where we compare the newly built-
3381                up list of font faces with what existed previously (as remembered in
3382                CSSFontSelector::buildStarted()) in order to detect font faces which were
3383                deleted from the document. Fonts which were newly added to the document
3384                are handled naturally.
3385                Fonts which have a property modified on them are created as if they were new.
3386                However, instead of simply adding the CSSFontFace, we search for the existing
3387                CSSFontFace (by CSS connection pointer) and tell the existing FontFace to
3388                adopt this new CSSFontFace. This means that the JavaScript object will just
3389                pick up any newly-written values in the CSSOM. It also means that the
3390                "status" attribute of the JavaScript object is reset, but this is expected
3391                and allowed by the spec. (For example, if you change the "src" attribute of
3392                an @font-face block via the CSSOM, all bets are off when you inspect the
3393                FontFace JS object representing that block.)
3394
3395         Test: fast/text/font-face-set-cssom.html
3396
3397         * css/CSSFontFace.cpp:
3398         (WebCore::CSSFontFace::CSSFontFace):
3399         (WebCore::CSSFontFace::setFamilies):
3400         (WebCore::CSSFontFace::setStyle):
3401         (WebCore::CSSFontFace::setWeight):
3402         (WebCore::CSSFontFace::setUnicodeRange):
3403         (WebCore::CSSFontFace::setVariantLigatures):
3404         (WebCore::CSSFontFace::setVariantPosition):
3405         (WebCore::CSSFontFace::setVariantCaps):
3406         (WebCore::CSSFontFace::setVariantNumeric):
3407         (WebCore::CSSFontFace::setVariantAlternates):
3408         (WebCore::CSSFontFace::setVariantEastAsian):
3409         (WebCore::CSSFontFace::setFeatureSettings):
3410         (WebCore::CSSFontFace::initializeWrapper):
3411         (WebCore::CSSFontFace::wrapper):
3412         (WebCore::CSSFontFace::setWrapper):
3413         (WebCore::CSSFontFace::purgeable):
3414         (WebCore::CSSFontFace::updateStyleIfNeeded):
3415         * css/CSSFontFace.h:
3416         * css/CSSFontFaceSet.cpp:
3417         (WebCore::CSSFontFaceSet::remove):
3418         (WebCore::CSSFontFaceSet::containsCSSConnection):
3419         (WebCore::CSSFontFaceSet::purge):
3420         * css/CSSFontFaceSet.h:
3421         * css/CSSFontSelector.cpp:
3422         (WebCore::CSSFontSelector::buildStarted):
3423         (WebCore::CSSFontSelector::buildCompleted):
3424         (WebCore::CSSFontSelector::addFontFaceRule):
3425         * css/CSSFontSelector.h:
3426         * css/FontFace.cpp:
3427         (WebCore::FontFace::family):
3428         (WebCore::FontFace::style):
3429         (WebCore::FontFace::weight):
3430         (WebCore::FontFace::unicodeRange):
3431         (WebCore::FontFace::variant):