Return null when window.open() is popup blocked
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-10-04  Chris Dumez  <cdumez@apple.com>
2
3         Return null when window.open() is popup blocked
4         https://bugs.webkit.org/show_bug.cgi?id=162897
5
6         Reviewed by Michael Catanzaro.
7
8         The return value of window.open() when the popup is blocked should be null:
9         - https://github.com/whatwg/html/pull/1854
10         - https://github.com/whatwg/html/issues/1851
11
12         Firefox / Edge return null.
13
14         No new tests, rebaselined existing tests.
15
16         * bindings/js/JSDOMWindowCustom.cpp:
17         (WebCore::JSDOMWindow::open):
18
19 2016-10-04  Chris Dumez  <cdumez@apple.com>
20
21         [Web IDL] Add support for dictionary inheritance
22         https://bugs.webkit.org/show_bug.cgi?id=162907
23
24         Reviewed by Sam Weinig.
25
26         Add support for dictionary inheritance to our Web IDL parser and
27         bindings generator. Leverage this new support for EventTarget's
28         EventListenerOptions / AddEventListenerOptions dictionaries, in
29         order to match the DOM specification:
30         - https://dom.spec.whatwg.org/#interface-eventtarget
31
32         Also update the bindings generator to convert the dictionary
33         members in lexicographical order, as per:
34         - https://heycam.github.io/webidl/#es-dictionary (Step 5.1)
35
36         No new tests, rebaselined bindings tests.
37
38         * bindings/scripts/CodeGenerator.pm:
39         (GetDictionaryByName):
40         * bindings/scripts/CodeGeneratorJS.pm:
41         (GenerateDictionaryImplementationContent):
42         * bindings/scripts/IDLParser.pm:
43         (parseDictionary):
44         * bindings/scripts/test/JS/JSTestObj.cpp:
45         (WebCore::convertDictionary<TestObj::Dictionary>):
46         (WebCore::convertDictionary<TestObj::DictionaryThatShouldNotTolerateNull>):
47         (WebCore::convertDictionary<TestObj::DictionaryThatShouldTolerateNull>):
48         (WebCore::convertDictionary<AlternateDictionaryName>):
49         (WebCore::convertDictionary<TestObj::ParentDictionary>):
50         (WebCore::convertDictionary<TestObj::ChildDictionary>):
51         * bindings/scripts/test/TestObj.idl:
52         * dom/EventTarget.idl:
53
54 2016-10-04  Brent Fulgham  <bfulgham@apple.com>
55
56         [Win][Direct2D] Add initial D2D GraphicsContext implementation
57         https://bugs.webkit.org/show_bug.cgi?id=162917
58
59         Reviewed by Dean Jackson.
60
61         This patch lands a set of new files that implement the GraphicsContext
62         features on Windows using Direct2D.
63
64         No new tests until complete backend lands.
65
66         * platform/graphics/Color.h: Add new casting operator.
67         * platform/graphics/FloatSize.h: Ditto.
68         * platform/graphics/GraphicsContext.cpp: Update for Direct2D
69         implementation.
70         * platform/graphics/GraphicsContext.h:
71         * platform/graphics/win/ColorDirect2D.cpp:
72         (WebCore::Color::operator D2D1_VECTOR_4F): Added.
73         * platform/graphics/win/GraphicsContextCGWin.cpp: Add compiler
74         guard to avoid building when using Direct2D.
75         * platform/graphics/win/GraphicsContextDirect2D.cpp: Added.
76         * platform/graphics/win/GraphicsContextPlatformPrivateDirect2D.h: Added.
77         * platform/graphics/win/GraphicsContextWin.cpp: Update for Direct2D
78         includes.
79         * platform/graphics/win/TransformationMatrixDirect2D.cpp: Fix comment.
80
81 2016-10-04  Carlos Garcia Campos  <cgarcia@igalia.com>
82
83         [SOUP] Remove SSLPolicyFlags from SoupNetworkSession
84         https://bugs.webkit.org/show_bug.cgi?id=162906
85
86         Reviewed by Michael Catanzaro.
87
88         All soup based ports are setting SSLUseSystemCAFile flag unconditionally, so we can just use that when creating
89         the session like we do for all other construct parameters.
90
91         * platform/network/soup/SoupNetworkSession.cpp:
92         (WebCore::SoupNetworkSession::createTestingSession):
93         (WebCore::SoupNetworkSession::setupLogger):
94         (WebCore::SoupNetworkSession::SoupNetworkSession): Deleted.
95         (WebCore::SoupNetworkSession::clearOldSoupCache): Deleted.
96         (WebCore::SoupNetworkSession::setHTTPProxy): Deleted.
97         * platform/network/soup/SoupNetworkSession.h:
98         (WebCore::SoupNetworkSession::soupSession): Deleted.
99
100 2016-10-04  Wenson Hsieh  <wenson_hsieh@apple.com>
101
102         Media controls are displayed in the incorrect state momentarily after switching between tabs playing media
103         https://bugs.webkit.org/show_bug.cgi?id=162766
104         <rdar://problem/28533523>
105
106         Reviewed by Jer Noble.
107
108         When showing Now Playing controls for a media session, we should first set up the Now Playing info and
109         playback state before telling MediaRemote to make the session visible. This is WebKit work in ensuring that
110         when switching Now Playing sessions by switching tabs, we do not first display an invalid Now Playing state
111         before updating to the expected state.
112
113         Adds 2 new WebKit API tests in NowPlayingControlsTests: NowPlayingControlsHideAfterShowingClearsInfo and
114         NowPlayingControlsClearInfoAfterSessionIsNoLongerValid.
115
116         * platform/audio/PlatformMediaSessionManager.h:
117         (WebCore::PlatformMediaSessionManager::lastUpdatedNowPlayingTitle):
118         (WebCore::PlatformMediaSessionManager::lastUpdatedNowPlayingDuration):
119         (WebCore::PlatformMediaSessionManager::lastUpdatedNowPlayingElapsedTime):
120         (WebCore::PlatformMediaSessionManager::hasActiveNowPlayingSession): Deleted.
121         * platform/audio/mac/MediaSessionManagerMac.h:
122         * platform/audio/mac/MediaSessionManagerMac.mm:
123         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):
124
125 2016-10-04  Youenn Fablet  <youenn@apple.com>
126
127         [Fetch API] ReadableStream should be errored with TypeError values
128         https://bugs.webkit.org/show_bug.cgi?id=162895
129
130         Reviewed by Alex Christensen.
131
132         Test: imported/w3c/web-platform-tests/fetch/api/basic/error-after-response.html
133
134         * Modules/fetch/FetchResponse.cpp:
135         (WebCore::FetchResponse::BodyLoader::didFail): Removing FIXME.
136         * bindings/js/ReadableStreamDefaultController.h:
137         (WebCore::ReadableStreamDefaultController::error<String>): Erroring with TypeError values.
138
139 2016-10-03  Chris Dumez  <cdumez@apple.com>
140
141         Bindings do not throw a TypeError if a required dictionary member is missing
142         https://bugs.webkit.org/show_bug.cgi?id=162734
143
144         Reviewed by Geoffrey Garen.
145
146         Bindings should throw a TypeError if a required dictionary member is missing.
147         For example, if there is a "required long id" member in a dictionary that is
148         missing, our bindings would prevously pass 0 to the implementation instead
149         of throwing a TypeError.
150
151         Relevant specification:
152         - https://heycam.github.io/webidl/#es-dictionary
153
154         I aligned our bindings generator implementation with the specification,
155         except for the support for dictionary inheritance that is still missing
156         and will be addressed in a follow-up patch.
157
158         No new tests, I rebaselined the bindings tests and this is already covered
159         by fast/events/touch/touch-constructor.html on iOS.
160
161         * bindings/js/JSCustomElementRegistryCustom.cpp:
162         (WebCore::JSCustomElementRegistry::define):
163         * bindings/js/JSDOMConvert.h:
164         (WebCore::convert): Deleted.
165         (WebCore::Converter<bool>::convert): Deleted.
166         (WebCore::Converter<String>::convert): Deleted.
167         (WebCore::Converter<IDLDOMString>::convert): Deleted.
168         (WebCore::Converter<IDLUSVString>::convert): Deleted.
169         (WebCore::Converter<JSC::JSValue>::convert): Deleted.
170         (WebCore::Converter<int8_t>::convert): Deleted.
171         (WebCore::Converter<uint8_t>::convert): Deleted.
172         * bindings/scripts/CodeGeneratorJS.pm:
173         (GenerateDictionaryImplementationContent):
174         * bindings/scripts/test/JS/JSTestObj.cpp:
175         (WebCore::convertDictionary<TestObj::Dictionary>):
176         (WebCore::convertDictionary<TestObj::DictionaryThatShouldNotTolerateNull>):
177         (WebCore::convertDictionary<TestObj::DictionaryThatShouldTolerateNull>):
178         (WebCore::convertDictionary<AlternateDictionaryName>):
179
180 2016-10-03  Zalan Bujtas  <zalan@apple.com>
181
182         [ListItems] Render tree should be all clean by the end of FrameView::layout().
183         https://bugs.webkit.org/show_bug.cgi?id=162832
184
185         Reviewed by Simon Fraser.
186
187         List item markers are inserted into the tree during layout, right before laying out
188         the list item (that's a big FIXME). At this point we already know what part of the tree
189         needs to be laid out. Inserting a list item marker does not expand this dirty area.
190         However whenever we insert a new renderer into the tree, we call setNeedsLayout on the contining block chain.
191         In certain cases (floating renderers), it could potentially trigger some unintentional markings
192         and we return from FrameView::layout() with a dirty subtree.
193
194         This patch preemptively marks the list item and its marker dirty so that
195         when the marker is getting inserted into the tree, we stop the marking at the parent.
196
197         Not testable.
198
199         * rendering/RenderListItem.cpp:
200         (WebCore::RenderListItem::insertOrMoveMarkerRendererIfNeeded):
201
202 2016-10-03  Myles C. Maxfield  <mmaxfield@apple.com>
203
204         Implement rendering of font-variation-settings
205         https://bugs.webkit.org/show_bug.cgi?id=162782
206
207         Reviewed by Zalan Bujtas.
208
209         (Re-landing after fixing tests.)
210
211         Because the heavy lifting for font-variation-settings is done by CoreText, 
212         this patch is fairly minimal. It simply hooks up the CSS property to CoreText. 
213
214         There is an existing bug in CoreText where variations inside fonts do not 
215         survive the addition of a cascade list. Therefore, FontPlatformData::ctFont() 
216         needs to work around this (conditionally) by resupplying the variation at 
217         the same time as the cascade list. The CoreText bug is <rdar://problem/28449441>. 
218
219         Tests: fast/text/variations/duplicate.html
220                fast/text/variations/exist.html
221                fast/text/variations/inheritance.html
222                fast/text/variations/order.html
223                fast/text/variations/outofbounds.html
224
225         * platform/graphics/FontCache.h:
226         * platform/graphics/cocoa/FontCacheCoreText.cpp:
227         (WebCore::preparePlatformFont):
228         (WebCore::fontWithFamily):
229         (WebCore::FontCache::createFontPlatformData):
230         (WebCore::FontCache::systemFallbackForCharacters):
231         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
232         (WebCore::cascadeToLastResortAttributesDictionary):
233         (WebCore::cascadeToLastResortAndVariationsFontDescriptor):
234         (WebCore::FontPlatformData::ctFont):
235         (WebCore::cascadeToLastResortFontDescriptor): Deleted.
236         * platform/graphics/mac/FontCustomPlatformData.cpp:
237         (WebCore::FontCustomPlatformData::fontPlatformData):
238         * rendering/RenderThemeIOS.mm:
239         (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):
240
241 2016-10-03  Alex Christensen  <achristensen@webkit.org>
242
243         URLParser should strip tabs at all locations
244         https://bugs.webkit.org/show_bug.cgi?id=162836
245
246         Reviewed by Geoffrey Garen.
247
248         Covered by adding tabs to each location of each API test
249         except tests that test the encoding of surrogate pairs,
250         because inserting a tab between the pairs changes the encoding.
251
252         * platform/URLParser.cpp:
253         (WebCore::URLParser::takesTwoAdvancesUntilEnd):
254         (WebCore::URLParser::parse):
255         (WebCore::URLParser::parseIPv4Number):
256         (WebCore::URLParser::parseIPv4Host):
257         * platform/URLParser.h:
258
259 2016-10-03  Antti Koivisto  <antti@apple.com>
260
261         Remove Document::elementSheet()
262         https://bugs.webkit.org/show_bug.cgi?id=162876
263
264         Reviewed by Andreas Kling.
265
266         This is a Document owned stylesheet that exists as a context for parsing element inline style.
267         It never contains any rules and is generally confusing.
268
269         This patch removes the requirement for a stylesheet to be present for CSSParser to operate in
270         the correct context. Inline style is now parsed without stylesheet and a context object is
271         passed instead.
272
273         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
274         (WebCore::root):
275         * bindings/js/JSCSSStyleDeclarationCustom.h:
276         (WebCore::root): Deleted.
277         * css/PropertySetCSSStyleDeclaration.cpp:
278         (WebCore::PropertySetCSSStyleDeclaration::setCssText):
279         (WebCore::PropertySetCSSStyleDeclaration::setProperty):
280         (WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal):
281         (WebCore::PropertySetCSSStyleDeclaration::cssParserContext):
282         (WebCore::StyleRuleCSSStyleDeclaration::parentStyleSheet):
283         (WebCore::StyleRuleCSSStyleDeclaration::cssParserContext):
284         (WebCore::InlineCSSStyleDeclaration::parentStyleSheet):
285         (WebCore::InlineCSSStyleDeclaration::cssParserContext):
286         * css/PropertySetCSSStyleDeclaration.h:
287         (WebCore::PropertySetCSSStyleDeclaration::didMutate): Deleted.
288         * css/StyleProperties.cpp:
289         (WebCore::MutableStyleProperties::setProperty):
290         (WebCore::MutableStyleProperties::setCustomProperty):
291         (WebCore::MutableStyleProperties::parseDeclaration):
292         * css/parser/CSSParser.cpp:
293         (WebCore::CSSParser::parseValue):
294         (WebCore::CSSParser::parseCustomPropertyValue):
295         (WebCore::CSSParser::parseInlineStyleDeclaration):
296         * css/parser/CSSParser.h:
297         * css/parser/CSSParserImpl.cpp:
298         (WebCore::CSSParserImpl::parseInlineStyleDeclaration):
299         * dom/Document.cpp:
300         (WebCore::Document::~Document):
301         (WebCore::Document::updateBaseURL):
302         (WebCore::Document::usesStyleBasedEditability):
303         (WebCore::Document::setHasElementUsingStyleBasedEditability):
304         (WebCore::Document::elementSheet): Deleted.
305         * dom/Document.h:
306         * dom/StyledElement.cpp:
307         (WebCore::StyledElement::setInlineStyleFromString):
308         (WebCore::StyledElement::invalidateStyleAttribute):
309
310             The usesStyleBasedEditability bit used to be set via the elementSheet. Instead check for it after inline style mutations.
311
312         (WebCore::StyledElement::setInlineStyleProperty):
313         (WebCore::StyledElement::addPropertyToPresentationAttributeStyle):
314         * dom/StyledElement.h:
315         (WebCore::StyledElement::invalidateStyleAttribute): Deleted.
316         * inspector/InspectorStyleSheet.cpp:
317         (WebCore::InspectorStyleSheetForInlineStyle::getStyleAttributeRanges):
318         * svg/SVGAnimateElementBase.cpp:
319         (WebCore::applyCSSPropertyToTarget):
320
321 2016-10-03  Brent Fulgham  <bfulgham@apple.com>
322
323         Avoid null dereference when changing focus in design mode.
324         https://bugs.webkit.org/show_bug.cgi?id=162877
325         <rdar://problem/28061261>
326
327         Reviewed by Chris Dumez.
328
329         The bare m_frame pointer in DOMWindow can be cleared when setting focus to a new element. Check
330         that the m_frame pointer is non-null before using it after calling a routine that could
331         clear the pointer value.
332
333         Test: fast/frames/iframe-focus-crash.html
334
335         * page/DOMWindow.cpp:
336         (WebCore::DOMWindow::focus): Check that the pointer is still non-null after setting the
337         current focused element to nullptr.
338
339 2016-10-03  Chris Dumez  <cdumez@apple.com>
340
341         Add support for KeyboardEvent.key attribute
342         https://bugs.webkit.org/show_bug.cgi?id=36267
343
344         Reviewed by Darin Adler.
345
346         Add support for KeyboardEvent.key attribute:
347         - https://w3c.github.io/uievents/#dom-keyboardevent-key
348
349         This is behind a compile time flag that is only enabled on Mac and
350         iOS and the implementation is still missing for other platforms.
351
352         Test: fast/events/keyboardevent-key.html
353
354         * dom/KeyboardEvent.cpp:
355         (WebCore::KeyboardEvent::KeyboardEvent):
356         * dom/KeyboardEvent.h:
357         * dom/KeyboardEvent.idl:
358         * platform/PlatformKeyboardEvent.h:
359         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
360         (WebCore::PlatformKeyboardEvent::key):
361         * platform/cocoa/KeyEventCocoa.h:
362         * platform/cocoa/KeyEventCocoa.mm:
363         (WebCore::keyForCharCode):
364         * platform/ios/PlatformEventFactoryIOS.h:
365         * platform/ios/PlatformEventFactoryIOS.mm:
366         (WebCore::keyForKeyEvent):
367         (WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
368         * platform/mac/PlatformEventFactoryMac.h:
369         * platform/mac/PlatformEventFactoryMac.mm:
370         (WebCore::keyForKeyEvent):
371         (WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
372         (WebCore::PlatformWheelEventBuilder::PlatformWheelEventBuilder): Deleted.
373         * replay/SerializationMethods.cpp:
374         (JSC::EncodingTraits<PlatformKeyboardEvent>::encodeValue):
375         (JSC::EncodingTraits<PlatformKeyboardEvent>::decodeValue):
376
377 2016-10-03  Chris Dumez  <cdumez@apple.com>
378
379         Add support for KeyboardEvent.key attribute
380         https://bugs.webkit.org/show_bug.cgi?id=36267
381
382         Reviewed by Darin Adler.
383
384         Add support for KeyboardEvent.key attribute:
385         - https://w3c.github.io/uievents/#dom-keyboardevent-key
386
387         This is behind a compile time flag that is only enabled on Mac and
388         iOS and the implementation is still missing for other platforms.
389
390         Test: fast/events/keyboardevent-key.html
391
392         * dom/KeyboardEvent.cpp:
393         (WebCore::KeyboardEvent::KeyboardEvent):
394         * dom/KeyboardEvent.h:
395         * dom/KeyboardEvent.idl:
396         * platform/PlatformKeyboardEvent.h:
397         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
398         (WebCore::PlatformKeyboardEvent::key):
399         * platform/cocoa/KeyEventCocoa.h:
400         * platform/cocoa/KeyEventCocoa.mm:
401         (WebCore::keyForCharCode):
402         * platform/ios/PlatformEventFactoryIOS.h:
403         * platform/ios/PlatformEventFactoryIOS.mm:
404         (WebCore::keyForKeyEvent):
405         (WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
406         * platform/mac/PlatformEventFactoryMac.h:
407         * platform/mac/PlatformEventFactoryMac.mm:
408         (WebCore::keyForKeyEvent):
409         (WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
410         (WebCore::PlatformWheelEventBuilder::PlatformWheelEventBuilder): Deleted.
411         * replay/SerializationMethods.cpp:
412         (JSC::EncodingTraits<PlatformKeyboardEvent>::encodeValue):
413         (JSC::EncodingTraits<PlatformKeyboardEvent>::decodeValue):
414
415 2016-10-03  Alex Christensen  <achristensen@webkit.org>
416
417         URLParser: fragment-only URLs relative to file URLs should just add a fragment
418         https://bugs.webkit.org/show_bug.cgi?id=162871
419
420         Reviewed by Geoffrey Garen.
421
422         Covered by new API tests.
423
424         * platform/URLParser.cpp:
425         (WebCore::URLParser::parse):
426         Instead of adding ///# after copying the base URL to the query, just add an #.
427
428 2016-10-03  Antoine Quint  <graouts@apple.com>
429
430         [Modern Media Controls] LayoutItem and Button classes
431         https://bugs.webkit.org/show_bug.cgi?id=162868
432         <rdar://problem/28590166>
433
434         Reviewed by Dean Jackson.
435
436         We introduce the new Button class and its parent class LayoutItem. We will subclass Button
437         a lot in coming patches, as it provides a way to create a button and provide a delegate to
438         respond to UI events via the `uiDelegate` property. A Button extends a LayoutItem, another
439         class that we'll subclass heavily in coming patches, which is simply a LayoutNode with a
440         `layoutDelegate` which allows to set the node's `layoutTraits`, a bit-mask allowing to
441         specify layout attributes such as the platform and playback styles. 
442
443         Tests: media/modern-media-controls/button/button.html
444                media/modern-media-controls/layout-item/layout-item.html
445
446         * Modules/modern-media-controls/controls/button.css: Added.
447         (button):
448         * Modules/modern-media-controls/controls/button.js: Added.
449         (Button):
450         (Button.prototype.get enabled):
451         (Button.prototype.set enabled):
452         (Button.prototype.handleEvent):
453         (Button.prototype._handleUIEvent):
454         * Modules/modern-media-controls/controls/layout-item.js: Added.
455         (LayoutItem.prototype.get layoutTraits):
456         (LayoutItem):
457
458 2016-10-03  Andy Estes  <aestes@apple.com>
459
460         ASSERTION FAILED: url.containsOnlyASCII() in WebCore::checkEncodedString() when parsing an invalid CSS cursor URL
461         https://bugs.webkit.org/show_bug.cgi?id=162763
462         <rdar://problem/28572758>
463
464         Reviewed by Youenn Fablet.
465
466         CSSCursorImageValue copies the URL of its underlying CSSImageValue by using the
467         ParsedURLString URL constructor on the String returned by CSSImageValue::url(). While
468         CSSImageValues were always being constructed from a URL implicitly converted to a String,
469         nothing ensured that the URL was valid. For invalid URLs, URL::string() returns the string
470         it was constructed with, which might still represent a relative URL or contain non-ASCII
471         characters, violating the preconditions of the ParsedURLString URL constructor and causing
472         an assertion to fail in Debug builds.
473
474         Fix this by having CSSImageValue store its image URL using a WebCore::URL rather than a
475         String. CSSCursorImageValue can then copy this URL instead of attempting to re-parse a
476         possibly-invalid URL string.
477
478         Test: fast/css/cursor-with-invalid-url.html
479
480         * css/CSSCursorImageValue.cpp:
481         (WebCore::CSSCursorImageValue::CSSCursorImageValue): Copied m_imageValue.url() into
482         m_originalURL instead of using the ParsedURLString URL constructor, since
483         CSSImageValue::url() now returns a WebCore::URL.
484         (WebCore::CSSCursorImageValue::loadImage): Created a URL from cursorElement->href() by
485         calling Document::completeURL().
486         * css/CSSImageValue.cpp:
487         (WebCore::CSSImageValue::CSSImageValue): Changed to take a URL&& instead of a const String&.
488         (WebCore::CSSImageValue::loadImage): Stopped calling Document::completeURL(), since m_url is
489         now a WebCore::URL.
490         * css/CSSImageValue.h: Changed url() to return a const URL&, and changed m_url to be a URL.
491         * html/HTMLBodyElement.cpp:
492         (WebCore::HTMLBodyElement::collectStyleForPresentationAttribute): Removed a call to
493         URL::string().
494         * html/HTMLTableElement.cpp:
495         (WebCore::HTMLTableElement::collectStyleForPresentationAttribute): Ditto.
496         * html/HTMLTablePartElement.cpp:
497         (WebCore::HTMLTablePartElement::collectStyleForPresentationAttribute): Ditto.
498
499 2016-10-03  Zalan Bujtas  <zalan@apple.com>
500
501         Log an error to stderr when FrameView::layout() fails to clean all the renderers.
502         https://bugs.webkit.org/show_bug.cgi?id=162835
503
504         Reviewed by Simon Fraser.
505
506         We've come across multiple layout/painting bugs caused by renderers left dirty
507         after FrameView::layout(). This patch helps catching such issues early.
508         Once all the blocking bugs are fixed (webkit.org/b/162835), logging should be replaced with ASSERT(). 
509
510         Not testable.
511
512         * page/FrameView.cpp:
513         (WebCore::RenderTreeNeedsLayoutChecker::~RenderTreeNeedsLayoutChecker):
514         (WebCore::FrameView::layout):
515
516 2016-10-03  Brent Fulgham  <bfulgham@apple.com>
517
518         [Win][Direct2D] Add D2D Bitmap Image handling code
519         https://bugs.webkit.org/show_bug.cgi?id=162761
520
521         Reviewed by Dean Jackson.
522
523         This patch lands a set of new files that implement
524         Image and BitmapImage features on Windows using
525         Direct2D.
526
527         The desired ID2D1RenderTarget handle is needed by the
528         image decoder so that it can load the resulting bitmap
529         into the GPU.
530
531         No new tests until complete backend lands.
532
533         * platform/graphics/BitmapImage.cpp:
534         (WebCore::BitmapImage::draw): Tell the Direct2D image decoder
535         which render target to use.
536         * platform/graphics/BitmapImage.h:
537         * platform/graphics/ImageBuffer.cpp:
538         * platform/graphics/ImageBuffer.h:
539         * platform/graphics/ImageBufferData.h:
540         * platform/graphics/ImageFrameCache.cpp:
541         (WebCore::ImageFrameCache::setRenderTarget): Added.
542         * platform/graphics/ImageFrameCache.h:
543         (WebCore::ImageFrameCache::decoder): Added.
544         * platform/graphics/ImageSource.cpp:
545         * platform/graphics/ImageSource.h:
546         (WebCore::ImageSource::setRenderTarget):
547         * platform/graphics/win/ImageBufferDataDirect2D.cpp: Added.
548         * platform/graphics/win/ImageBufferDataDirect2D.h: Added.
549         * platform/graphics/win/ImageBufferDirect2D.cpp: Added.
550         * platform/graphics/win/ImageCGWin.cpp:
551         * platform/graphics/win/ImageDecoderDirect2D.cpp: Added.
552         * platform/graphics/win/ImageDecoderDirect2D.h: Added.
553         * platform/graphics/win/ImageDirect2D.cpp: Added.
554         * platform/graphics/win/NativeImageDirect2D.cpp: Added.
555
556 2016-10-03  Carlos Garcia Campos  <cgarcia@igalia.com>
557
558         [SOUP] Remove unused methods toSoupMessage from ResourceRequest/Response
559         https://bugs.webkit.org/show_bug.cgi?id=162867
560
561         Reviewed by Sergio Villar Senin.
562
563         * platform/network/soup/ResourceRequest.h:
564         * platform/network/soup/ResourceRequestSoup.cpp:
565         (WebCore::ResourceRequest::updateSoupMessage):
566         (WebCore::ResourceRequest::updateFromSoupMessage): Deleted.
567         * platform/network/soup/ResourceResponse.h:
568         * platform/network/soup/ResourceResponseSoup.cpp:
569         (WebCore::ResourceResponse::updateFromSoupMessage): Deleted.
570
571 2016-10-03  Youenn Fablet  <youenn@apple.com>
572
573         Remove FetchBody::m_isEmpty
574         https://bugs.webkit.org/show_bug.cgi?id=162857
575
576         Reviewed by Alex Christensen.
577
578         No change of behavior.
579
580         Moving handling of null bodies in FetchBodyOwner, by having an Optional<FetchBody> in FetchBodyOwner.
581         Moving storage of m_contentType in FetchBodyOwner.
582
583         Moving header storage from FetchResponse/FetchRequest to FetchBodyOwner, as it helps updating m_contentType.
584
585         * Modules/fetch/FetchBody.cpp: removing m_isEmpty and m_contentType.
586         (WebCore::FetchBody::extract): Computes the default content-type which is stored in FetchBodyOwner.
587         (WebCore::FetchBody::blob):
588         (WebCore::FetchBody::consume):
589         (WebCore::FetchBody::consumeAsStream):
590         (WebCore::FetchBody::loadingSucceeded):
591         (WebCore::FetchBody::bodyForInternalRequest):
592         (WebCore::FetchBody::clone):
593         * Modules/fetch/FetchBody.h:
594         (WebCore::FetchBody::loadingBody):
595         (WebCore::FetchBody::FetchBody):
596         * Modules/fetch/FetchBodyOwner.cpp:
597         (WebCore::FetchBodyOwner::FetchBodyOwner):
598         (WebCore::FetchBodyOwner::stop):
599         (WebCore::FetchBodyOwner::arrayBuffer):
600         (WebCore::FetchBodyOwner::blob):
601         (WebCore::FetchBodyOwner::cloneBody): Needs to clone m_contentType as well.
602         (WebCore::FetchBodyOwner::extractBody):
603         (WebCore::FetchBodyOwner::updateContentType):
604         (WebCore::FetchBodyOwner::consumeOnceLoadingFinished):
605         (WebCore::FetchBodyOwner::formData):
606         (WebCore::FetchBodyOwner::json):
607         (WebCore::FetchBodyOwner::text):
608         (WebCore::FetchBodyOwner::loadBlob):
609         (WebCore::FetchBodyOwner::blobLoadingSucceeded):
610         (WebCore::FetchBodyOwner::blobLoadingFailed):
611         (WebCore::FetchBodyOwner::finishBlobLoading):
612         * Modules/fetch/FetchBodyOwner.h:
613         (WebCore::FetchBodyOwner::body):
614         (WebCore::FetchBodyOwner::isBodyNull):
615         * Modules/fetch/FetchRequest.cpp:
616         (WebCore::FetchRequest::setBody):
617         (WebCore::FetchRequest::internalRequest):
618         (WebCore::FetchRequest::clone):
619         * Modules/fetch/FetchRequest.h:
620         (WebCore::FetchRequest::FetchRequest):
621         * Modules/fetch/FetchResponse.cpp:
622         (WebCore::FetchResponse::initializeWith):
623         (WebCore::FetchResponse::FetchResponse):
624         (WebCore::FetchResponse::cloneForJS):
625         (WebCore::FetchResponse::fetch):
626         (WebCore::FetchResponse::BodyLoader::didSucceed):
627         (WebCore::FetchResponse::BodyLoader::didReceiveResponse):
628         (WebCore::FetchResponse::BodyLoader::start):
629         (WebCore::FetchResponse::createReadableStreamSource):
630         * Modules/fetch/FetchResponse.h:
631
632 2016-10-03  Andy Estes  <aestes@apple.com>
633
634         ASSERTION FAILED: result in WebCore::CSSParser::parseURI
635         https://bugs.webkit.org/show_bug.cgi?id=141638
636         <rdar://problem/27709952>
637
638         Reviewed by Andreas Kling.
639
640         CSSParser::parseURIInternal() failed to parse unquoted URLs with Unicode escape sequences
641         greater than 0xFF, even when the destination character type was multi-byte. Fixed by
642         checking the size of DestCharacterType instead of SrcCharacterType.
643
644         Updated fast/css/url-with-multi-byte-unicode-escape.html to test for an unquoted URL.
645
646         * css/parser/CSSParser.cpp:
647         (WebCore::CSSParser::parseURIInternal): For code points greater than 0xFF, only returned
648         false if sizeof(DestCharacterType) == 1.
649
650 2016-10-03  Alex Christensen  <achristensen@webkit.org>
651
652         URLParser: empty relative URLs should not copy fragment from the base URL
653         https://bugs.webkit.org/show_bug.cgi?id=162864
654
655         Reviewed by Chris Dumez.
656
657         Covered by new API tests.
658
659         * platform/URL.cpp:
660         (WebCore::URL::removeFragmentIdentifier):
661         Optimize removing fragments, now that it happens more often. We don't need to reparse, 
662         because the result will always be equal to just a substring when removing the fragment at the end.
663         * platform/URLParser.cpp:
664         (WebCore::URLParser::copyASCIIStringUntil):
665         (WebCore::URLParser::copyURLPartsUntil):
666         (WebCore::containsOnlyC0ControlOrSpace):
667         (WebCore::URLParser::URLParser):
668         (WebCore::URLParser::parse):
669         * platform/URLParser.h:
670         Because we are not copying the fragment, we can simplify and remove some unreachable code.
671
672 2016-10-03  Chris Dumez  <cdumez@apple.com>
673
674         td.scope should only return known values
675         https://bugs.webkit.org/show_bug.cgi?id=162755
676
677         Reviewed by Sam Weinig.
678
679         td.scope should only return known values:
680         - https://html.spec.whatwg.org/#dom-th-scope
681
682         Firefox conforms to the specification.
683
684         No new tests, rebaselined existing test.
685
686         * html/HTMLTableCellElement.cpp:
687         (WebCore::HTMLTableCellElement::scope):
688
689 2016-10-03  Carlos Garcia Campos  <cgarcia@igalia.com>
690
691         [SOUP] Simplify AuthenticationChallenge
692         https://bugs.webkit.org/show_bug.cgi?id=162784
693
694         Reviewed by Alex Christensen.
695
696         We don't really need to keep references to the SoupSession and SoupMessage in AuthenticationChallenge, the
697         SoupNetworkSession callback already forwards the challenge to the right ResourceHandle.
698
699         * platform/network/soup/AuthenticationChallenge.h:
700         (WebCore::AuthenticationChallenge::authenticationClient):
701         (WebCore::AuthenticationChallenge::soupSession): Deleted.
702         (WebCore::AuthenticationChallenge::soupMessage): Deleted.
703         * platform/network/soup/AuthenticationChallengeSoup.cpp:
704         (WebCore::AuthenticationChallenge::AuthenticationChallenge):
705         (WebCore::AuthenticationChallenge::platformCompare):
706         * platform/network/soup/ResourceHandleSoup.cpp:
707         (WebCore::ResourceHandle::continueDidReceiveAuthenticationChallenge):
708         (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
709         (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
710         (WebCore::ResourceHandle::receivedCredential):
711         (WebCore::ResourceHandle::receivedCancellation):
712         * platform/network/soup/SoupNetworkSession.cpp:
713         (WebCore::authenticateCallback):
714
715 2016-10-03  Carlos Garcia Campos  <cgarcia@igalia.com>
716
717         [SOUP] Cleanup persistent credential storage code
718         https://bugs.webkit.org/show_bug.cgi?id=162777
719
720         Reviewed by Alex Christensen.
721
722         We have this feature behind ENABLE_CREDENTIAL_STORAGE flag, which is confusing, because we use credential
723         storage unconditionally and this is only about persistent storage. Also the flag assumes libsecret is available,
724         and since it's only used by GTK sometimes we use GTK ifdefs instead of CREDENTIAL_STORAGE. So, I think we should
725         use USE(LIBSECRET) instead, and reduce a bit the ifdefs in common soup code. Another problem is that current
726         implementation is always used, while it should depend on the current network storage session and never used in
727         ephemeral sessions. This patch moves the code from CredentialBackingStore to NetworkStorageSessionSoup and
728         modernizes a bit.
729
730         * PlatformGTK.cmake: Remove CredentialBackingStore.cpp.
731         * platform/gtk/GRefPtrGtk.cpp: Use USE(LIBSECRET)
732         * platform/gtk/GRefPtrGtk.h:
733         * platform/network/NetworkStorageSession.h:
734         * platform/network/ResourceHandleInternal.h:
735         * platform/network/gtk/CredentialBackingStore.cpp: Removed.
736         * platform/network/gtk/CredentialBackingStore.h: Removed.
737         * platform/network/soup/NetworkStorageSessionSoup.cpp:
738         (WebCore::NetworkStorageSession::~NetworkStorageSession):
739         (WebCore::schemeFromProtectionSpaceServerType):
740         (WebCore::authTypeFromProtectionSpaceAuthenticationScheme):
741         (WebCore::NetworkStorageSession::getCredentialFromPersistentStorage):
742         (WebCore::NetworkStorageSession::saveCredentialToPersistentStorage):
743         (WebCore::NetworkStorageSession::ensurePrivateBrowsingSession): Deleted.
744         (WebCore::NetworkStorageSession::switchToNewTestingSession): Deleted.
745         * platform/network/soup/ResourceHandleSoup.cpp:
746         (WebCore::gotHeadersCallback):
747         (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
748         (WebCore::ResourceHandle::receivedCredential):
749         (WebCore::ResourceHandle::continueDidReceiveAuthenticationChallenge): Deleted.
750         (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential): Deleted.
751         (WebCore::ResourceHandle::receivedCancellation): Deleted.
752
753 2016-10-03  Carlos Garcia Campos  <cgarcia@igalia.com>
754
755         Unreviewed. Fix the build with coordinated graphics enabled after r206712.
756
757         * page/scrolling/ScrollingStateTree.cpp:
758         (WebCore::ScrollingStateTree::attachNode):
759
760 2016-10-02  Chris Dumez  <cdumez@apple.com>
761
762         Add support for KeyboardEvent.getModifierState() operation
763         https://bugs.webkit.org/show_bug.cgi?id=162855
764
765         Reviewed by Darin Adler.
766
767         Add support for KeyboardEvent.getModifierState() operation:
768         - https://w3c.github.io/uievents/#dom-keyboardevent-getmodifierstate
769
770         Test: fast/events/constructors/keyboard-event-getModifierState.html
771
772         * dom/KeyboardEvent.cpp:
773         (WebCore::KeyboardEvent::getModifierState):
774         * dom/KeyboardEvent.idl:
775
776 2016-10-02  Chris Dumez  <cdumez@apple.com>
777
778         Add support for KeyboardEvent.repeat attribute
779         https://bugs.webkit.org/show_bug.cgi?id=162854
780
781         Reviewed by Darin Adler.
782
783         Add support for KeyboardEvent.repeat attribute:
784         - https://w3c.github.io/uievents/#dom-keyboardevent-repeat
785
786         No new tests, extended existing test.
787
788         * dom/KeyboardEvent.cpp:
789         (WebCore::KeyboardEvent::KeyboardEvent):
790         * dom/KeyboardEvent.h:
791         * dom/KeyboardEvent.idl:
792
793 2016-10-02  Darin Adler  <darin@apple.com>
794
795         Rename ExceptionCode-based exception handling to "legacy"
796         https://bugs.webkit.org/show_bug.cgi?id=162859
797
798         Reviewed by Chris Dumez.
799
800         RaisesException is now MayThrowLegacyException.
801
802         A follow-up patch soon will add MayThrowException for the new style,
803         where we use ExceptionOr<> as the return type instead of an ExceptionCode
804         out argument.
805
806         * bindings/scripts/CodeGeneratorJS.pm:
807         Removed the quotation marks from the syntax object->{PropertyName} so the
808         renaming script could handle it. Tweaked various comments and logic for clarity.
809         Changed to use the perl "x if y" syntax for brevity in many places.
810         Renamed with the script and by hand. Added code to skip including the same header
811         in both the implementation file and the header, just to make generated bindings
812         slightly smaller and faster to compile. Used "using" instead of "typedef".
813
814         * bindings/scripts/IDLAttributes.txt: Updated from old names to new ones.
815
816         * Modules/applepay/ApplePaySession.idl:
817         * Modules/encryptedmedia/MediaKeySession.idl:
818         * Modules/encryptedmedia/MediaKeys.idl:
819         * Modules/fetch/FetchHeaders.idl:
820         * Modules/fetch/FetchRequest.idl:
821         * Modules/fetch/FetchResponse.idl:
822         * Modules/indexeddb/IDBCursor.idl:
823         * Modules/indexeddb/IDBDatabase.idl:
824         * Modules/indexeddb/IDBFactory.idl:
825         * Modules/indexeddb/IDBIndex.idl:
826         * Modules/indexeddb/IDBKeyRange.idl:
827         * Modules/indexeddb/IDBObjectStore.idl:
828         * Modules/indexeddb/IDBRequest.idl:
829         * Modules/indexeddb/IDBTransaction.idl:
830         * Modules/mediasource/MediaSource.idl:
831         * Modules/mediasource/SourceBuffer.idl:
832         * Modules/mediastream/MediaDevices.idl:
833         * Modules/mediastream/RTCDTMFSender.idl:
834         * Modules/mediastream/RTCDataChannel.idl:
835         * Modules/mediastream/RTCIceCandidate.idl:
836         * Modules/mediastream/RTCPeerConnection.idl:
837         * Modules/mediastream/RTCRtpSender.idl:
838         * Modules/mediastream/RTCSessionDescription.idl:
839         * Modules/navigatorcontentutils/NavigatorContentUtils.idl:
840         * Modules/notifications/NotificationCenter.idl:
841         * Modules/webaudio/AnalyserNode.idl:
842         * Modules/webaudio/AudioBuffer.idl:
843         * Modules/webaudio/AudioBufferSourceNode.idl:
844         * Modules/webaudio/AudioContext.idl:
845         * Modules/webaudio/AudioNode.idl:
846         * Modules/webaudio/ConvolverNode.idl:
847         * Modules/webaudio/OfflineAudioContext.idl:
848         * Modules/webaudio/OscillatorNode.idl:
849         * Modules/webdatabase/DOMWindowWebDatabase.idl:
850         * Modules/webdatabase/SQLResultSet.idl:
851         * Modules/websockets/WebSocket.idl:
852         * bindings/scripts/test/TestImplements.idl:
853         * bindings/scripts/test/TestInterface.idl:
854         * bindings/scripts/test/TestNamedConstructor.idl:
855         * bindings/scripts/test/TestNondeterministic.idl:
856         * bindings/scripts/test/TestObj.idl:
857         * bindings/scripts/test/TestSupplemental.idl:
858         * bindings/scripts/test/TestTypedefs.idl:
859         * css/CSSCharsetRule.idl:
860         * css/CSSMediaRule.idl:
861         * css/CSSPrimitiveValue.idl:
862         * css/CSSRule.idl:
863         * css/CSSStyleDeclaration.idl:
864         * css/CSSStyleSheet.idl:
865         * css/CSSSupportsRule.idl:
866         * css/CSSValue.idl:
867         * css/FontFace.idl:
868         * css/FontFaceSet.idl:
869         * css/MediaList.idl:
870         * css/WebKitCSSMatrix.idl:
871         * dom/CharacterData.idl:
872         * dom/ChildNode.idl:
873         * dom/CustomElementRegistry.idl:
874         * dom/DataTransferItemList.idl:
875         * dom/Document.idl:
876         * dom/Element.idl:
877         * dom/EventTarget.idl:
878         * dom/MessagePort.idl:
879         * dom/MutationObserver.idl:
880         * dom/NamedNodeMap.idl:
881         * dom/Node.idl:
882         * dom/ParentNode.idl:
883         * dom/Range.idl:
884         * dom/ShadowRoot.idl:
885         * dom/Text.idl:
886         * fileapi/FileReader.idl:
887         * fileapi/FileReaderSync.idl:
888         * html/DOMTokenList.idl:
889         * html/DOMURL.idl:
890         * html/HTMLCanvasElement.idl:
891         * html/HTMLElement.idl:
892         * html/HTMLEmbedElement.idl:
893         * html/HTMLFrameElement.idl:
894         * html/HTMLIFrameElement.idl:
895         * html/HTMLInputElement.idl:
896         * html/HTMLMarqueeElement.idl:
897         * html/HTMLMediaElement.idl:
898         * html/HTMLObjectElement.idl:
899         * html/HTMLOptionElement.idl:
900         * html/HTMLOptionsCollection.idl:
901         * html/HTMLProgressElement.idl:
902         * html/HTMLSelectElement.idl:
903         * html/HTMLTableElement.idl:
904         * html/HTMLTableRowElement.idl:
905         * html/HTMLTableSectionElement.idl:
906         * html/HTMLTextAreaElement.idl:
907         * html/HTMLVideoElement.idl:
908         * html/ImageData.idl:
909         * html/MediaController.idl:
910         * html/TimeRanges.idl:
911         * html/URLUtils.idl:
912         * html/canvas/CanvasGradient.idl:
913         * html/canvas/CanvasPath.idl:
914         * html/canvas/CanvasRenderingContext2D.idl:
915         * html/canvas/OESVertexArrayObject.idl:
916         * html/canvas/WebGLRenderingContextBase.idl:
917         * html/track/DataCue.idl:
918         * html/track/TextTrack.idl:
919         * html/track/TextTrackCue.idl:
920         * html/track/VTTCue.idl:
921         * html/track/VTTRegion.idl:
922         * loader/appcache/DOMApplicationCache.idl:
923         * page/Crypto.idl:
924         * page/DOMSelection.idl:
925         * page/DOMWindow.idl:
926         * page/EventSource.idl:
927         * page/History.idl:
928         * page/Location.idl:
929         * page/Performance.idl:
930         * page/UserMessageHandler.idl:
931         * page/WindowOrWorkerGlobalScope.idl:
932         * storage/Storage.idl:
933         * svg/SVGAltGlyphElement.idl:
934         * svg/SVGAngle.idl:
935         * svg/SVGAnimatedBoolean.idl:
936         * svg/SVGAnimatedEnumeration.idl:
937         * svg/SVGAnimatedInteger.idl:
938         * svg/SVGAnimatedNumber.idl:
939         * svg/SVGAnimatedString.idl:
940         * svg/SVGAnimationElement.idl:
941         * svg/SVGColor.idl:
942         * svg/SVGGlyphRefElement.idl:
943         * svg/SVGGraphicsElement.idl:
944         * svg/SVGLength.idl:
945         * svg/SVGLengthList.idl:
946         * svg/SVGMatrix.idl:
947         * svg/SVGNumberList.idl:
948         * svg/SVGPaint.idl:
949         * svg/SVGPathSegList.idl:
950         * svg/SVGPointList.idl:
951         * svg/SVGPreserveAspectRatio.idl:
952         * svg/SVGStringList.idl:
953         * svg/SVGStyleElement.idl:
954         * svg/SVGTextContentElement.idl:
955         * svg/SVGTransformList.idl:
956         * svg/SVGViewSpec.idl:
957         * testing/InternalSettings.idl:
958         * testing/Internals.idl:
959         * workers/DedicatedWorkerGlobalScope.idl:
960         * workers/Worker.idl:
961         * xml/DOMParser.idl:
962         * xml/XMLHttpRequest.idl:
963         * xml/XPathEvaluator.idl:
964         * xml/XPathExpression.idl:
965         * xml/XPathResult.idl:
966         Allowed the rename script to rename the exception-related extended attributes.
967
968         * bindings/scripts/test/JS/JSInterfaceName.cpp:
969         * bindings/scripts/test/JS/JSInterfaceName.h:
970         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
971         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
972         * bindings/scripts/test/JS/JSTestCallback.cpp:
973         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
974         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
975         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
976         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
977         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
978         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
979         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
980         * bindings/scripts/test/JS/JSTestEventConstructor.h:
981         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
982         * bindings/scripts/test/JS/JSTestEventTarget.h:
983         * bindings/scripts/test/JS/JSTestException.cpp:
984         * bindings/scripts/test/JS/JSTestException.h:
985         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
986         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
987         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
988         * bindings/scripts/test/JS/JSTestGlobalObject.h:
989         * bindings/scripts/test/JS/JSTestInterface.cpp:
990         * bindings/scripts/test/JS/JSTestInterface.h:
991         * bindings/scripts/test/JS/JSTestIterable.cpp:
992         * bindings/scripts/test/JS/JSTestIterable.h:
993         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
994         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h:
995         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
996         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
997         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
998         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
999         * bindings/scripts/test/JS/JSTestNode.cpp:
1000         * bindings/scripts/test/JS/JSTestNode.h:
1001         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1002         * bindings/scripts/test/JS/JSTestNondeterministic.h:
1003         * bindings/scripts/test/JS/JSTestObj.cpp:
1004         * bindings/scripts/test/JS/JSTestObj.h:
1005         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
1006         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
1007         * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
1008         * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
1009         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
1010         * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
1011         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1012         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
1013         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
1014         * bindings/scripts/test/JS/JSTestTypedefs.h:
1015         * bindings/scripts/test/JS/JSattribute.cpp:
1016         * bindings/scripts/test/JS/JSattribute.h:
1017         * bindings/scripts/test/JS/JSreadonly.cpp:
1018         * bindings/scripts/test/JS/JSreadonly.h:
1019         Regenerated.
1020
1021
1022 2016-10-02  Wenson Hsieh  <wenson_hsieh@apple.com>
1023
1024         Media controls for Soundcloud easily falls out of sync with what's actually playing
1025         https://bugs.webkit.org/show_bug.cgi?id=162843
1026         <rdar://problem/28176874>
1027
1028         Reviewed by Beth Dakin.
1029
1030         Currently, audio elements are subject to the same main content restrictions as video elements. This is
1031         problematic on sites where audio elements are really the main content, such as soundcloud. We need a different
1032         heuristic for determining whether audio elements such as these should be allowed to show playback controls.
1033
1034         Furthermore, we currently forbid autoplaying audio from showing controls if it has user gesture restrictions
1035         (i.e. it started playing via script). This is, again, problematic on sites where audio elements are played one
1036         after another (such as on soundcloud). Even though a subsequent audio element may have been triggered via
1037         script, we might want still want to show controls for it if the user has explicitly triggered other elements on
1038         the page to begin playing. However, if the user has not gestured on any media in the page, we still should not
1039         show controls for audio elements that begin playing via script.
1040
1041         Adds two new unit tests to TestWebKitAPI simulating audio playback behavior on soundcloud.
1042
1043         * html/MediaElementSession.cpp:
1044         (WebCore::MediaElementSession::removeBehaviorRestriction):
1045         (WebCore::MediaElementSession::canShowControlsManager):
1046         (WebCore::MediaElementSession::allowsPlaybackControlsForAutoplayingAudio):
1047         * html/MediaElementSession.h:
1048         * page/Page.h:
1049         (WebCore::Page::allowsPlaybackControlsForAutoplayingAudio):
1050         (WebCore::Page::setAllowsPlaybackControlsForAutoplayingAudio):
1051
1052 2016-10-02  Ryan Haddad  <ryanhaddad@apple.com>
1053
1054         Unreviewed, rolling out r206683.
1055
1056         This change caused API test WebKit2.FindMatches to fail on
1057         Mac.
1058
1059         Reverted changeset:
1060
1061         "The dragged image should be the current frame only of the
1062         animated image"
1063         https://bugs.webkit.org/show_bug.cgi?id=162109
1064         http://trac.webkit.org/changeset/206683
1065
1066 2016-10-02  Chris Dumez  <cdumez@apple.com>
1067
1068         Unreviewed, rolling out r206692 and r206718.
1069
1070         Seems to have caused >200 failures on Sierra
1071
1072         Reverted changesets:
1073
1074         "Implement rendering of font-variation-settings"
1075         https://bugs.webkit.org/show_bug.cgi?id=162782
1076         http://trac.webkit.org/changeset/206692
1077
1078         "Tried to fix the build after r206692."
1079         http://trac.webkit.org/changeset/206718
1080
1081 2016-10-02  Dan Bernstein  <mitz@apple.com>
1082
1083         Tried to fix the build after r206692.
1084
1085         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
1086         (WebCore::cascadeToLastResortAndVariationsFontDescriptor):
1087
1088 2016-10-02  Commit Queue  <commit-queue@webkit.org>
1089
1090         Unreviewed, rolling out r206716.
1091         https://bugs.webkit.org/show_bug.cgi?id=162858
1092
1093         It is breaking Mac CMake Debug build (Requested by youenn on
1094         #webkit).
1095
1096         Reverted changeset:
1097
1098         "[Fetch API] Forbid redirection to non-HTTP(s) URL in non-
1099         navigation mode."
1100         https://bugs.webkit.org/show_bug.cgi?id=162785
1101         http://trac.webkit.org/changeset/206716
1102
1103 2016-10-02  Youenn Fablet  <youenn@apple.com>
1104
1105         [Fetch API] Forbid redirection to non-HTTP(s) URL in non-navigation mode.
1106         https://bugs.webkit.org/show_bug.cgi?id=162785
1107
1108         Reviewed by Alex Christensen.
1109
1110         Covered by rebased and existing tests.
1111
1112         Ensuring non-HTTP redirection URLs are not followed at DocumentThreadableLoader level for fetch API only.
1113         This should be applied to all clients at some point, but there is still some uncertainty for data URLs.
1114
1115         Did some refactoring to better separate the case of security checks in case of regular request or redirected request.
1116         This allows in particular to handle more clearly the case of data URLs which are allowed in all modes for regular requests.
1117         But they are not allowed for same-origin redirected requests.
1118
1119         * WebCore.xcodeproj/project.pbxproj:
1120         * loader/DocumentThreadableLoader.cpp:
1121         (WebCore::reportRedirectionWithBadScheme): Reporting bad scheme redirection error.
1122         (WebCore::DocumentThreadableLoader::redirectReceived): Checking that redirection URLs are HTTP(s) in case of Fetch API.
1123         * loader/SubresourceLoader.cpp:
1124         (WebCore::SubresourceLoader::willSendRequestInternal):
1125         * loader/cache/CachedResourceLoader.cpp:
1126         (WebCore::CachedResourceLoader::requestImage):
1127         (WebCore::CachedResourceLoader::checkInsecureContent):
1128         (WebCore::CachedResourceLoader::allowedByContentSecurityPolicy):
1129         (WebCore::isSameOriginDataURL):
1130         (WebCore::CachedResourceLoader::canRequest):
1131         (WebCore::CachedResourceLoader::canRequestAfterRedirection):
1132         (WebCore::CachedResourceLoader::canRequestInContentDispositionAttachmentSandbox):
1133         (WebCore::CachedResourceLoader::requestResource):
1134         * loader/cache/CachedResourceLoader.h:
1135
1136 2016-10-01  Simon Fraser  <simon.fraser@apple.com>
1137
1138         Support transitions/animations of background-position with right/bottom-relative values
1139         https://bugs.webkit.org/show_bug.cgi?id=162048
1140
1141         Reviewed by Dean Jackson.
1142         
1143         Make transitions between "background-position: 10px 20px" and "background-position: right 10px bottom 20px"
1144         work. We do this by by converting "right 10px" to "calc(100% - 10px)" when blending.
1145         
1146         Also improve logging of calculated lengths, and better animation logging for FillLayer properties.
1147
1148         Test: transitions/background-position-transitions.html
1149
1150         * page/animation/CSSPropertyAnimation.cpp:
1151         (WebCore::FillLayerAnimationPropertyWrapperBase::FillLayerAnimationPropertyWrapperBase): Keep the propertyID
1152         around so logging can use it.
1153         (WebCore::FillLayerAnimationPropertyWrapperBase::property):
1154         (WebCore::FillLayerPropertyWrapperGetter::FillLayerPropertyWrapperGetter):
1155         (WebCore::FillLayerPropertyWrapperGetter::value):
1156         (WebCore::FillLayerPropertyWrapper::FillLayerPropertyWrapper):
1157         (WebCore::createCalculatedLength):
1158         (WebCore::FillLayerPositionPropertyWrapper::FillLayerPositionPropertyWrapper):
1159         (WebCore::FillLayerRefCountedPropertyWrapper::FillLayerRefCountedPropertyWrapper):
1160         (WebCore::FillLayerStyleImagePropertyWrapper::FillLayerStyleImagePropertyWrapper):
1161         (WebCore::FillLayersPropertyWrapper::FillLayersPropertyWrapper):
1162         (WebCore::CSSPropertyAnimation::blendProperties): Blend then log, so that the logging
1163         can show the result.
1164         * platform/CalculationValue.cpp:
1165         (WebCore::CalcExpressionNumber::dump):
1166         (WebCore::CalcExpressionBinaryOperation::dump):
1167         (WebCore::CalcExpressionLength::dump):
1168         (WebCore::CalcExpressionBlendLength::dump):
1169         (WebCore::operator<<):
1170         * platform/CalculationValue.h:
1171         * platform/Length.cpp:
1172         (WebCore::operator<<):
1173
1174 2016-10-01  Simon Fraser  <simon.fraser@apple.com>
1175
1176         Bad cast when CSS position programmatically changed from -webkit-sticky to fixed
1177         https://bugs.webkit.org/show_bug.cgi?id=160826
1178
1179         Reviewed by Zalan Bujtas.
1180         
1181         If a scrolling state tree node changed type (e.g. from sticky to fixed), we'd fail
1182         to recreate the node so keep a node with the wrong type.
1183         
1184         Fix by destroying the node and making a new one with a new ID in this case. The
1185         new ID is necessary to ensure that the scrolling tree is updated.
1186
1187         Test: fast/scrolling/sticky-to-fixed.html
1188
1189         * page/scrolling/ScrollingStateTree.cpp:
1190         (WebCore::ScrollingStateTree::nodeTypeAndParentMatch):
1191         (WebCore::ScrollingStateTree::attachNode):
1192         (WebCore::ScrollingStateTree::stateNodeForID):
1193         * page/scrolling/ScrollingStateTree.h:
1194
1195 2016-10-01  Youenn Fablet  <youenn@apple.com>
1196
1197         removing FetchBoyd::m_type
1198
1199         Remove FetchBody::m_type
1200         https://bugs.webkit.org/show_bug.cgi?id=162841
1201
1202         Reviewed by Sam Weinig.
1203
1204         No change of behavior.
1205
1206         Removing FetchBody::m_type and using m_data in lieu.
1207         Introducing temporarily FetchBody::m_isEmpty to handle the case of null bodies.
1208         Null body handling should be moved to FetchBodyOwner in a follow-up patch.
1209
1210         * Modules/fetch/FetchBody.cpp:
1211         (WebCore::FetchBody::FetchBody):
1212         (WebCore::FetchBody::extract):
1213         (WebCore::FetchBody::arrayBuffer):
1214         (WebCore::FetchBody::blob):
1215         (WebCore::FetchBody::json):
1216         (WebCore::FetchBody::text):
1217         (WebCore::FetchBody::consumeOnceLoadingFinished):
1218         (WebCore::FetchBody::consume):
1219         (WebCore::FetchBody::consumeAsStream):
1220         (WebCore::FetchBody::loadingSucceeded):
1221         (WebCore::FetchBody::bodyForInternalRequest):
1222         (WebCore::FetchBody::clone):
1223         (WebCore::FetchBody::consumeText): Deleted.
1224         (WebCore::FetchBody::consumeBlob): Deleted.
1225         * Modules/fetch/FetchBody.h:
1226         (WebCore::FetchBody::isEmpty):
1227         (WebCore::FetchBody::isBlob):
1228         (WebCore::FetchBody::isFormData):
1229         (WebCore::FetchBody::isArrayBuffer):
1230         (WebCore::FetchBody::isArrayBufferView):
1231         (WebCore::FetchBody::isURLSearchParams):
1232         (WebCore::FetchBody::isText):
1233         (WebCore::FetchBody::FetchBody):
1234         (WebCore::FetchBody::setContentType): Deleted.
1235         (WebCore::FetchBody::urlSearchParamsBody): Deleted.
1236         * Modules/fetch/FetchBodyOwner.cpp:
1237         (WebCore::FetchBodyOwner::consumeOnceLoadingFinished):
1238         (WebCore::FetchBodyOwner::blobLoadingSucceeded):
1239         (WebCore::FetchBodyOwner::finishBlobLoading): Deleted.
1240         * Modules/fetch/FetchBodyOwner.h:
1241         (WebCore::FetchBodyOwner::body): Deleted.
1242         * Modules/fetch/FetchRequest.cpp:
1243         (WebCore::FetchRequest::setBody):
1244         * Modules/fetch/FetchResponse.cpp:
1245         (WebCore::FetchResponse::fetch):
1246         (WebCore::FetchResponse::BodyLoader::didSucceed):
1247         (WebCore::FetchResponse::consume):
1248         (WebCore::FetchResponse::consumeBodyAsStream):
1249         (WebCore::FetchResponse::createReadableStreamSource):
1250         (WebCore::FetchResponse::finishConsumingStream): Deleted.
1251         * Modules/fetch/FetchResponse.h:
1252
1253 2016-09-30  David Kilzer  <ddkilzer@apple.com>
1254
1255         REGRESSION (r203424): WebCore::ImageBuffer::createCompatibleBuffer() in ImageBufferCG.cpp over-releases CGColorSpaceRef objects
1256         <https://webkit.org/b/162823>
1257         <rdar://problem/27723268>
1258
1259         Reviewed by Joseph Pecoraro.
1260
1261         Code is covered by existing tests, but no crashes have been
1262         observed in practice.  May require running one test multiple
1263         times to reproduce.
1264
1265         * platform/graphics/cg/ImageBufferCG.cpp:
1266         (WebCore::ImageBuffer::createCompatibleBuffer): Don't use
1267         adoptCF() when the function doesn't return a +1 retained
1268         CGColorSpaceRef.
1269
1270 2016-09-30  Joonghun Park  <jh718.park@samsung.com>
1271
1272         [EFL] Fix build break since r206661. Unreviewed
1273         https://bugs.webkit.org/show_bug.cgi?id=162825
1274
1275         No new tests, no new behaviours.
1276
1277         * rendering/RenderLayer.cpp:
1278         (WebCore::ClipRects::ClipRects):
1279
1280 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1281
1282         Declare that our variation fonts work is in progress
1283         https://bugs.webkit.org/show_bug.cgi?id=162816
1284
1285         Reviewed by Simon Fraser.
1286
1287         * features.json:
1288
1289 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1290
1291         Turn variation fonts on by default
1292         https://bugs.webkit.org/show_bug.cgi?id=162818
1293
1294         Reviewed by Simon Fraser.
1295
1296         No new tests because there is no behavior change.
1297
1298         * page/Settings.in:
1299         * testing/InternalSettings.cpp:
1300         (WebCore::InternalSettings::variationFontsEnabled):
1301
1302 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1303
1304         Implement rendering of font-variation-settings
1305         https://bugs.webkit.org/show_bug.cgi?id=162782
1306
1307         Reviewed by Zalan Bujtas.
1308
1309         Because the heavy lifting for font-variation-settings is done by CoreText,
1310         this patch is fairly minimal. It simply hooks up the CSS property to CoreText.
1311
1312         There is an existing bug in CoreText where variations inside fonts do not
1313         survive the addition of a cascade list. Therefore, FontPlatformData::ctFont()
1314         needs to work around this (conditionally) by resupplying the variation at
1315         the same time as the cascade list. The CoreText bug is <rdar://problem/28449441>.
1316
1317         Tests: fast/text/variations/duplicate.html
1318                fast/text/variations/exist.html
1319                fast/text/variations/inheritance.html
1320                fast/text/variations/order.html
1321                fast/text/variations/outofbounds.html
1322
1323         * platform/graphics/FontCache.h:
1324         * platform/graphics/cocoa/FontCacheCoreText.cpp:
1325         (WebCore::preparePlatformFont):
1326         (WebCore::fontWithFamily):
1327         (WebCore::FontCache::createFontPlatformData):
1328         (WebCore::FontCache::systemFallbackForCharacters):
1329         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
1330         (WebCore::cascadeToLastResortAttributesDictionary):
1331         (WebCore::cascadeToLastResortAndVariationsFontDescriptor):
1332         (WebCore::FontPlatformData::ctFont):
1333         (WebCore::cascadeToLastResortFontDescriptor): Deleted.
1334         * platform/graphics/mac/FontCustomPlatformData.cpp:
1335         (WebCore::FontCustomPlatformData::fontPlatformData):
1336         * rendering/RenderThemeIOS.mm:
1337         (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):
1338
1339 2016-09-29  Sam Weinig  <sam@webkit.org>
1340
1341         Add initial support for IDL union conversion
1342         https://bugs.webkit.org/show_bug.cgi?id=161576
1343
1344         Reviewed by Chris Dumez.
1345
1346         * WebCore.xcodeproj/project.pbxproj:
1347         Add IDLTypes.h
1348
1349         * bindings/generic/IDLTypes.h: Added.
1350         Add a basic type hierarchy for types defined by WebIDL and their corresponding
1351         WebCore implementation types.
1352
1353         * bindings/js/JSDOMConvert.h:
1354         (WebCore::Converter<IDLDOMString>::convert):
1355         (WebCore::Converter<IDLUSVString>::convert):
1356         Add Converters for IDLDOMString and IDLUSVString.
1357
1358         (WebCore::ConditionalConverter<typename ReturnType, typename T, bool enabled>)
1359         Add a struct to allow conditional conversion of types based on a compile boolean
1360         value. This allows the union code to work, by ensuring that code for types that don't
1361         exist doesn't get compiled.
1362
1363         (WebCore::Converter<IDLUnion>::convert):
1364         Add template meta programming based version of the WebIDL conversion algorithm. It uses
1365         introspection of the typelist to conditionally execute the parts of the algorithm that
1366         apply and relies on the compiler eliminate the dead code it produces. This initial cut
1367         doesn't implement the full algorithm, just a subset needed to see if this method will work
1368         out.
1369
1370         * bindings/js/JSDOMWrapper.h:
1371         (WebCore::isJSDOMWrapperType):
1372         Add JSDOMWrapperType to the list of well known types to allow quick checking of wrappers
1373         by the union code.
1374
1375         * bindings/js/JSNodeOrString.cpp:
1376         (WebCore::toNodeOrStringVector):
1377         Switch to new IDLUnion based converter.
1378
1379 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1380
1381         Implement animation of font-variation-settings
1382         https://bugs.webkit.org/show_bug.cgi?id=162783
1383
1384         Reviewed by Simon Fraser.
1385
1386         Modify CSSPropertyAnimation to understand FontVariationSettings objects and how
1387         to interpolate them.
1388
1389         If two FontVariationSettings objects are unlike (meaning they specify different
1390         variation axes), for now the interpolation simply returns an empty object. This
1391         might change in the future, but for now, this is a reasonable place to start.
1392
1393         Because CSSPropertyAnimation interacts with RenderStyles instead of
1394         FontDescriptions, this patch adds a transparent accessor from the RenderStyle
1395         to the inner FontDescription.
1396
1397         Tests: animations/font-variation-settings-order.html
1398                animations/font-variation-settings-unlike.html
1399                animations/font-variation-settings.html
1400
1401         * page/animation/CSSPropertyAnimation.cpp:
1402         (WebCore::blendFunc):
1403         (WebCore::PropertyWrapperFontVariationSettings::PropertyWrapperFontVariationSettings):
1404         (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
1405         * rendering/style/RenderStyle.cpp:
1406         (WebCore::RenderStyle::setFontVariationSettings):
1407         * rendering/style/RenderStyle.h:
1408         (WebCore::RenderStyle::fontVariationSettings):
1409
1410 2016-09-30  Antoine Quint  <graouts@apple.com>
1411
1412         [Modern Media Controls] layout nodes
1413         https://bugs.webkit.org/show_bug.cgi?id=162799
1414         <rdar://problem/28569301>
1415
1416         Reviewed by Dean Jackson.
1417
1418         Modern media controls will be using a tree of LayoutNode objects that commit to the DOM
1419         in coordinated `requestAnimationFrame()` calls to ensure all layouts are done in an efficient
1420         and coordinated manner. As a preamble, we introduced the `scheduler` singleton in
1421         https://webkit.org/b/162726 which is in charge of scheduling callbacks.
1422
1423         A LayoutNode is created by providing an Element to its constructor, or an HTML string. Not
1424         providing a parameter creates a simple <div>.
1425
1426         When we set a property on a LayoutNode, we call `markDirtyProperty(propertyName)` which keeps
1427         track of dirty properties in the `_dirtyProperties` set. When this set is non-empty, the node
1428         is marked as dirty and registered in the global `dirtyNodes` map, asking the shared scheduler
1429         that a layout is needed. When the layout is performed, all nodes in the `dirtyNodes` map are
1430         processed such that `commitProperty(propertyName)` is called to commit dirty properties for
1431         a given node to the DOM, and `layout()` is called to allow subclasses of LayoutNode to conduct
1432         custom layout logic that goes beyond committing a given property.
1433
1434         Another reason why a node may be marked as dirty is when a DOM hierarchy change is needed. A
1435         host of DOM-like methods are exposed to allow flexible manipulations of nodes, with an extra
1436         `children` property which allows wholesale change of a node's subtree with a single array
1437         property assignment. Changes to the DOM hierarchy are performed in the same scheduler callback
1438         as style properties.
1439
1440         Nodes can be marked for layout explicitly with by setting the `needsLayout` property.
1441
1442         Tests: media/modern-media-controls/layout-node/addChild.html
1443                media/modern-media-controls/layout-node/children.html
1444                media/modern-media-controls/layout-node/constructor.html
1445                media/modern-media-controls/layout-node/height.html
1446                media/modern-media-controls/layout-node/insertAfter.html
1447                media/modern-media-controls/layout-node/insertBefore.html
1448                media/modern-media-controls/layout-node/parent.html
1449                media/modern-media-controls/layout-node/remove.html
1450                media/modern-media-controls/layout-node/removeChild.html
1451                media/modern-media-controls/layout-node/subclassing.html
1452                media/modern-media-controls/layout-node/visible.html
1453                media/modern-media-controls/layout-node/width.html
1454                media/modern-media-controls/layout-node/x.html
1455                media/modern-media-controls/layout-node/y.html
1456
1457         * Modules/modern-media-controls/controls/layout-node.js: Added.
1458         (LayoutNode):
1459         (LayoutNode.prototype.get x):
1460         (LayoutNode.prototype.set x):
1461         (LayoutNode.prototype.get y):
1462         (LayoutNode.prototype.set y):
1463         (LayoutNode.prototype.get width):
1464         (LayoutNode.prototype.set width):
1465         (LayoutNode.prototype.get height):
1466         (LayoutNode.prototype.set height):
1467         (LayoutNode.prototype.get visible):
1468         (LayoutNode.prototype.set visible):
1469         (LayoutNode.prototype.get needsLayout):
1470         (LayoutNode.prototype.set needsLayout):
1471         (LayoutNode.prototype.get parent):
1472         (LayoutNode.prototype.get children):
1473         (LayoutNode.prototype.set children):
1474         (LayoutNode.prototype.addChild):
1475         (LayoutNode.prototype.insertBefore):
1476         (LayoutNode.prototype.insertAfter):
1477         (LayoutNode.prototype.removeChild):
1478         (LayoutNode.prototype.remove):
1479         (LayoutNode.prototype.markDirtyProperty):
1480         (LayoutNode.prototype.commitProperty):
1481         (LayoutNode.prototype.layout):
1482         (LayoutNode.prototype._markNodeManipulation):
1483         (LayoutNode.prototype._updateDirtyState):
1484         (LayoutNode.prototype._updateChildren):
1485         (performScheduledLayout):
1486         (elementFromString):
1487
1488 2016-09-30  Said Abou-Hallawa  <sabouhallawa@apple.com>
1489
1490         The dragged image should be the current frame only of the animated image
1491         https://bugs.webkit.org/show_bug.cgi?id=162109
1492
1493         Reviewed by Tim Horton.
1494
1495         Instead of creating an NSImage with all the frames for the dragImage,
1496         create an NSImage with the current frame only.
1497
1498         * dom/DataTransferMac.mm:
1499         (WebCore::DataTransfer::createDragImage): Call currentFrameNSImage() to create the dragImage.
1500         * editing/cocoa/HTMLConverter.mm:
1501         (fileWrapperForElement):  Call the Image function with its new name.
1502         * platform/graphics/BitmapImage.h:
1503         * platform/graphics/Image.h:
1504         (WebCore::Image::nsImage): Rename getNSImage() to nsImage().
1505         (WebCore::Image::currentFrameNSImage): Returns the NSImage of the current frame.
1506         (WebCore::Image::tiffRepresentation): Rename getTIFFRepresentation() to tiffRepresentation().
1507         (WebCore::Image::getNSImage): Deleted.
1508         (WebCore::Image::getTIFFRepresentation): Deleted.
1509         * platform/graphics/mac/ImageMac.mm:
1510         (WebCore::BitmapImage::tiffRepresentation): Rename getTIFFRepresentation() to tiffRepresentation().
1511         (WebCore::BitmapImage::nsImage): Rename getNSImage() to nsImage().
1512         (WebCore::BitmapImage::currentFrameNSImage): Returns the NSImage of the current frame.
1513         (WebCore::BitmapImage::getTIFFRepresentation): Deleted.
1514         (WebCore::BitmapImage::getNSImage): Deleted.
1515         * platform/mac/CursorMac.mm:
1516         (WebCore::createCustomCursor): Call currentFrameNSImage() since the cursor does not animate anyway.
1517         * platform/mac/DragImageMac.mm:
1518         (WebCore::createDragImageFromImage): Use currentFrameNSImage() for the dragImage.
1519         * platform/mac/PasteboardMac.mm:
1520         (WebCore::Pasteboard::write): Call the Image function with its new name.
1521
1522 2016-09-30  Chris Dumez  <cdumez@apple.com>
1523
1524         [iOS] Allow sequence<Touch> input in TouchEvent constructor
1525         https://bugs.webkit.org/show_bug.cgi?id=162806
1526         <rdar://problem/28566429>
1527
1528         Reviewed by Ryosuke Niwa.
1529
1530         Allow sequence<Touch> input in TouchEvent constructor in addition to
1531         TouchList objects. It is convenient for developers to pass arrays of
1532         Touch objects.
1533
1534         No new tests, already covered by:
1535         imported/w3c/web-platform-tests/touch-events/touch-touchevent-constructor.html
1536
1537         * bindings/js/JSDOMBinding.h:
1538         (WebCore::toRefNativeArray):
1539         (WebCore::toRefPtrNativeArray):
1540         * bindings/js/JSDictionary.cpp:
1541         (WebCore::JSDictionary::convertValue):
1542
1543 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1544
1545         Parse font-variation-settings
1546         https://bugs.webkit.org/show_bug.cgi?id=162781
1547
1548         Reviewed by Simon Fraser.
1549
1550         CSS Fonts level 4 [1] details the font-variation-settings property which allows variations
1551         to be applied to fonts which accept it. The property accepts a list of key/value
1552         pairs where the keys are four-character Ascii codes and the values are floating
1553         point values. The implementation uses font-feature-settings as a model, but with one
1554         big difference: font-variation-settings can be animated. The set of variation points
1555         are animated individually.
1556
1557         This font variations work is being done behind a run-time switch, which is settable from
1558         the Safari Develop menu.
1559
1560         Now that FontDescription is growing, I'd like to do an investigation into the possibility of
1561         moving some of the rare pieces of it into their own class to reduce memory. However, upon
1562         advice, this investigation will be fairly involved and should be done in its own bug.
1563
1564         Test: fast/text/variations/getComputedStyle.html
1565
1566         * CMakeLists.txt:
1567         * WebCore.xcodeproj/project.pbxproj:
1568         * css/CSSAllInOne.cpp:
1569         * css/CSSComputedStyleDeclaration.cpp:
1570         (WebCore::ComputedStyleExtractor::propertyValue):
1571         * css/CSSFontVariationValue.cpp: Copied from Source/WebCore/platform/graphics/FontTaggedSettings.cpp.
1572         (WebCore::CSSFontVariationValue::CSSFontVariationValue):
1573         (WebCore::CSSFontVariationValue::customCSSText):
1574         (WebCore::CSSFontVariationValue::equals):
1575         * css/CSSFontVariationValue.h: Copied from Source/WebCore/platform/graphics/FontTaggedSettings.cpp.
1576         * css/CSSPropertyNames.in:
1577         * css/CSSValue.cpp:
1578         (WebCore::CSSValue::equals):
1579         (WebCore::CSSValue::cssText):
1580         (WebCore::CSSValue::destroy):
1581         * css/CSSValue.h:
1582         (WebCore::CSSValue::isFontVariationValue):
1583         (WebCore::CSSValue::isFontFeatureValue): Deleted.
1584         * css/StyleBuilderConverter.h:
1585         (WebCore::StyleBuilderConverter::convertFontVariationSettings):
1586         * css/StyleBuilderCustom.h:
1587         (WebCore::StyleBuilderCustom::applyInitialFontVariationSettings):
1588         (WebCore::StyleBuilderCustom::applyInheritFontVariationSettings):
1589         (WebCore::StyleBuilderCustom::applyInheritFontFeatureSettings): Deleted.
1590         * css/parser/CSSParser.cpp:
1591         (WebCore::CSSParserContext::CSSParserContext):
1592         (WebCore::operator==):
1593         (WebCore::CSSParser::parseValue):
1594         (WebCore::CSSParser::parseFontFeatureSettings):
1595         (WebCore::CSSParser::parseFontVariationTag):
1596         (WebCore::CSSParser::parseFontVariationSettings):
1597         * css/parser/CSSParser.h:
1598         * css/parser/CSSParserMode.h:
1599         * platform/graphics/FontCache.h:
1600         (WebCore::FontDescriptionKey::FontDescriptionKey):
1601         (WebCore::FontDescriptionKey::operator==):
1602         (WebCore::FontDescriptionKey::computeHash):
1603         * platform/graphics/FontDescription.cpp:
1604         * platform/graphics/FontDescription.h:
1605         (WebCore::FontDescription::variationSettings):
1606         (WebCore::FontDescription::setVariationSettings):
1607         (WebCore::FontDescription::operator==):
1608         (WebCore::FontDescription::featureSettings): Deleted.
1609         (WebCore::FontDescription::setFeatureSettings): Deleted.
1610         * platform/graphics/FontTaggedSettings.cpp:
1611         (WebCore::FontVariationSettings::hash):
1612         (WebCore::operator<<):
1613         * platform/graphics/FontTaggedSettings.h:
1614
1615 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1616
1617         Followup patch to r206664
1618         https://bugs.webkit.org/show_bug.cgi?id=162774
1619
1620         Unreviewed.
1621
1622         No new tests because there is no behavior change.
1623
1624         * platform/graphics/FontTaggedSettings.h:
1625         (WebCore::FourCharacterTagHashTraits::isDeletedValue): Deleted.
1626
1627 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1628
1629         Fix fast/text/trak-optimizeLegibility.html
1630         https://bugs.webkit.org/show_bug.cgi?id=162779
1631
1632         Reviewed by Simon Fraser.
1633
1634         I accidentally created this test to allow an unnecessary delta
1635         in the width comparison. This covered the fact that the fonts
1636         were not being selected correctly in our testing code. Update the
1637         font selection code to work with system fonts correctly and
1638         update the test to not use a delta when performing width
1639         comparisons.
1640
1641         Test: fast/text/trak-optimizeLegibility.html
1642
1643         * platform/graphics/cocoa/FontCacheCoreText.cpp:
1644         (WebCore::isSystemFont):
1645         (WebCore::platformFontLookupWithFamily):
1646
1647 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1648
1649         Create runtime flag for variation font work
1650         https://bugs.webkit.org/show_bug.cgi?id=162780
1651
1652         Reviewed by Alex Christensen.
1653
1654         No new tests because there is no behavior change.
1655
1656         Variation font work should be behind a runtime flag.
1657
1658         * page/Settings.in:
1659         * testing/InternalSettings.cpp:
1660         (WebCore::InternalSettings::Backup::Backup):
1661         (WebCore::InternalSettings::Backup::restoreTo):
1662         (WebCore::InternalSettings::variationFontsEnabled):
1663         (WebCore::InternalSettings::setVariationFontsEnabled):
1664         * testing/InternalSettings.h:
1665         * testing/InternalSettings.idl:
1666
1667 2016-09-30  Myles C. Maxfield  <mmaxfield@apple.com>
1668
1669         Templatize internal FontFeatureSettings class for variation font support
1670         https://bugs.webkit.org/show_bug.cgi?id=162774
1671
1672         Reviewed by Alex Christensen.
1673
1674         Font features and font variations are similar in that they are identified
1675         by four-character tags and an associated value. However, the value is an
1676         int for font features and is a float for font variations. In order to
1677         simplify code, we can use the same class for both, and use a template
1678         argument to distinguish between the two. Then, typedefs can be used to
1679         name them.
1680
1681         No new tests because there is no behavior change.
1682
1683         * WebCore.xcodeproj/project.pbxproj: Rename FontFeatureSettings.{cpp,h}
1684         to FontTaggedSettings.{cpp,h}
1685         * css/CSSComputedStyleDeclaration.cpp:
1686         (WebCore::ComputedStyleExtractor::propertyValue):
1687         * css/CSSFontFace.h:
1688         * css/CSSFontFaceSource.h:
1689         * css/CSSFontFeatureValue.cpp:
1690         (WebCore::CSSFontFeatureValue::CSSFontFeatureValue):
1691         * css/CSSFontFeatureValue.h:
1692         * css/FontFace.cpp:
1693         (WebCore::FontFace::featureSettings):
1694         * css/parser/CSSParser.cpp:
1695         (WebCore::CSSParser::parseFontFeatureTag):
1696         * loader/cache/CachedFont.h:
1697         * platform/graphics/FontDescription.h:
1698         * platform/graphics/FontFeatureSettings.cpp:
1699         (WebCore::FontFeature::FontFeature): Deleted.
1700         (WebCore::FontFeature::operator==): Deleted.
1701         (WebCore::FontFeature::operator<): Deleted.
1702         (WebCore::FontFeatureSettings::insert): Deleted.
1703         (WebCore::FontFeatureSettings::hash): Deleted.
1704         * platform/graphics/FontFeatureSettings.h: Removed.
1705         (WebCore::fontFeatureTag): Deleted.
1706         (WebCore::FontFeatureTagHash::hash): Deleted.
1707         (WebCore::FontFeatureTagHash::equal): Deleted.
1708         (WebCore::FontFeatureTagHashTraits::constructDeletedValue): Deleted.
1709         (WebCore::FontFeatureTagHashTraits::isDeletedValue): Deleted.
1710         (WebCore::FontFeature::operator!=): Deleted.
1711         (WebCore::FontFeature::tag): Deleted.
1712         (WebCore::FontFeature::value): Deleted.
1713         (WebCore::FontFeature::enabled): Deleted.
1714         (WebCore::FontFeatureSettings::operator==): Deleted.
1715         (WebCore::FontFeatureSettings::operator!=): Deleted.
1716         (WebCore::FontFeatureSettings::size): Deleted.
1717         (WebCore::FontFeatureSettings::operator[]): Deleted.
1718         (WebCore::FontFeatureSettings::at): Deleted.
1719         (WebCore::FontFeatureSettings::begin): Deleted.
1720         (WebCore::FontFeatureSettings::end): Deleted.
1721         * platform/graphics/FontTaggedSettings.cpp: Renamed from Source/WebCore/platform/graphics/FontFeatureSettings.cpp.
1722         (WebCore::FontFeatureSettings::hash):
1723         * platform/graphics/FontTaggedSettings.h: Added.
1724         (WebCore::fontFeatureTag):
1725         (WebCore::FourCharacterTagHash::hash):
1726         (WebCore::FourCharacterTagHash::equal):
1727         (WebCore::FourCharacterTagHashTraits::constructDeletedValue):
1728         (WebCore::FourCharacterTagHashTraits::isDeletedValue):
1729         (WebCore::FontTaggedSetting::operator!=):
1730         (WebCore::FontTaggedSetting::tag):
1731         (WebCore::FontTaggedSetting::value):
1732         (WebCore::FontTaggedSetting::enabled):
1733         (WebCore::FontTaggedSetting<T>::FontTaggedSetting):
1734         (WebCore::=):
1735         (WebCore::FontTaggedSetting<T>::operator<):
1736         (WebCore::FontTaggedSettings::operator==):
1737         (WebCore::FontTaggedSettings::operator!=):
1738         (WebCore::FontTaggedSettings::isEmpty):
1739         (WebCore::FontTaggedSettings::size):
1740         (WebCore::FontTaggedSettings::operator[]):
1741         (WebCore::FontTaggedSettings::at):
1742         (WebCore::FontTaggedSettings::begin):
1743         (WebCore::FontTaggedSettings::end):
1744         (WebCore::FontTaggedSettings<T>::insert):
1745         * platform/graphics/cocoa/FontCacheCoreText.cpp:
1746         (WebCore::tagEquals):
1747         (WebCore::appendOpenTypeFeature):
1748         * platform/graphics/mac/FontCustomPlatformData.h:
1749
1750 2016-09-30  Chris Dumez  <cdumez@apple.com>
1751
1752         Fragment serialization should always use 'xml:' prefix for attributes in XML namespace
1753         https://bugs.webkit.org/show_bug.cgi?id=162803
1754
1755         Reviewed by Sam Weinig.
1756
1757         Fragment serialization should always use 'xml:' prefix for attributes in XML namespace:
1758         - https://html.spec.whatwg.org/#serialising-html-fragments
1759         """
1760         If the attribute is in the XML namespace
1761         -> The attribute's serialized name is the string "xml:" followed by the attribute's local name.
1762         """
1763
1764         - https://www.w3.org/TR/DOM-Parsing/#dfn-concept-xml-serialization-algorithm
1765         """
1766         If ns is the XML namespace, then let qualified name be the concatenation of the string "xml:"
1767         and the value of node's localName.
1768         """
1769
1770         Firefox complies with the specification.
1771
1772         No new tests, rebaselined existing test.
1773
1774         * editing/MarkupAccumulator.cpp:
1775         (WebCore::MarkupAccumulator::appendAttribute):
1776
1777 2016-09-30  Zalan Bujtas  <zalan@apple.com>
1778
1779         Unreviewed, rolling out r206611.
1780
1781         Scroll perf did not recover.
1782
1783         Reverted changeset:
1784
1785         "Unreviewed, rolling out r206483."
1786         https://bugs.webkit.org/show_bug.cgi?id=162750
1787         http://trac.webkit.org/changeset/206611
1788
1789 2016-09-30  Zalan Bujtas  <zalan@apple.com>
1790
1791         Remove ClipRects's custom refcounting.
1792         https://bugs.webkit.org/show_bug.cgi?id=162798
1793
1794         Reviewed by Simon Fraser.
1795
1796         It's safer to use RefCounted<>. 
1797
1798         No change in functionality.
1799
1800         * rendering/RenderLayer.cpp:
1801         (WebCore::ClipRects::ClipRects):
1802         (WebCore::ClipRectsCache::getClipRects):
1803         (WebCore::ClipRectsCache::setClipRects):
1804         (WebCore::ClipRectsCache::getIndex):
1805         (WebCore::RenderLayer::updateClipRects):
1806         (WebCore::ClipRects::ref): Deleted.
1807         (WebCore::ClipRects::deref): Deleted.
1808
1809 2016-09-30  Chris Dumez  <cdumez@apple.com>
1810
1811         FileSaver.js does not work in WebKit
1812         https://bugs.webkit.org/show_bug.cgi?id=162788
1813
1814         Reviewed by Sam Weinig.
1815
1816         FileSaver.js does not work in WebKit:
1817         - https://eligrey.com/demos/FileSaver.js/
1818
1819         It works in Firefox and Chrome, but in WebKit, we were getting a
1820         "Synthetic clicks on anchors that have a download attribute are
1821         ignored." warning. We were too strict in restricting synthetic clicks.
1822         We now allow synthetic clicks as long as they are triggered by a user
1823         gesture.
1824
1825         Test: fast/dom/HTMLAnchorElement/anchor-download-user-triggered-synthetic-click.html
1826
1827         * html/HTMLAnchorElement.cpp:
1828         (WebCore::HTMLAnchorElement::handleClick):
1829
1830 2016-09-30  Joseph Pecoraro  <pecoraro@apple.com>
1831
1832         Breakpoints on blank lines or comments don't break
1833         https://bugs.webkit.org/show_bug.cgi?id=9885
1834         <rdar://problem/6134406>
1835
1836         Reviewed by Mark Lam.
1837
1838         Tests: inspector/debugger/breakpoints/resolved-dump-all-pause-locations.html
1839                inspector/debugger/breakpoints/resolved-dump-each-line.html
1840
1841         * bindings/js/CachedScriptSourceProvider.h:
1842         (WebCore::CachedScriptSourceProvider::CachedScriptSourceProvider):
1843
1844 2016-09-30  Joseph Pecoraro  <pecoraro@apple.com>
1845
1846         Web Inspector: Stepping out of a function finishes the line that called it.
1847         https://bugs.webkit.org/show_bug.cgi?id=155325
1848         <rdar://problem/25094578>
1849
1850         Reviewed by Mark Lam.
1851
1852         Tests: inspector/debugger/stepping/stepInto.html
1853                inspector/debugger/stepping/stepOut.html
1854                inspector/debugger/stepping/stepOver.html
1855                inspector/debugger/stepping/stepping-arrow-functions.html
1856                inspector/debugger/stepping/stepping-classes.html
1857                inspector/debugger/stepping/stepping-control-flow.html
1858                inspector/debugger/stepping/stepping-function-calls.html
1859                inspector/debugger/stepping/stepping-function-default-parameters.html
1860                inspector/debugger/stepping/stepping-literal-construction.html
1861                inspector/debugger/stepping/stepping-loops.html
1862                inspector/debugger/stepping/stepping-misc.html
1863                inspector/debugger/stepping/stepping-switch.html
1864                inspector/debugger/stepping/stepping-template-string.html
1865                inspector/debugger/stepping/stepping-try-catch-finally.html
1866
1867         * inspector/InspectorDOMDebuggerAgent.h:
1868         * inspector/InspectorDOMDebuggerAgent.cpp:
1869         (WebCore::InspectorDOMDebuggerAgent::stepInto): Deleted.
1870         Setting this state in step-into does not make sense since we do not
1871         know when the debugger resumes and won't know when to clear it.
1872
1873 2016-09-30  Alex Christensen  <achristensen@webkit.org>
1874
1875         Fix off-by-one error in URLParser::parseIPv4Host
1876         https://bugs.webkit.org/show_bug.cgi?id=162789
1877
1878         Reviewed by Tim Horton.
1879
1880         The spec says "If any but the last item in numbers is greater than 255, return failure."
1881         This means check up to size - 1, not size - 2.
1882
1883         Covered by a new API test.
1884
1885         * platform/URLParser.cpp:
1886         (WebCore::URLParser::parseIPv4Host):
1887
1888 2016-09-30  Alex Christensen  <achristensen@webkit.org>
1889
1890         URLParser: parsing a URL with an empty host and a colon should fail
1891         https://bugs.webkit.org/show_bug.cgi?id=162795
1892
1893         Reviewed by Tim Horton.
1894
1895         Covered by new API tests.
1896
1897         * platform/URLParser.cpp:
1898         (WebCore::URLParser::parseHostAndPort):
1899
1900 2016-09-30  Alex Christensen  <achristensen@webkit.org>
1901
1902         URLParser: handle syntax violations in non-UTF-8 encoded queries
1903         https://bugs.webkit.org/show_bug.cgi?id=162770
1904
1905         Reviewed by Tim Horton.
1906
1907         There is a fast path for queries of URLs that use UTF-8 encoding, which are quite common.
1908         For non-UTF-8 encoded queries, which are less common, we put the code points in a Vector<UChar>
1909         and encode them all at once.  If there is a syntax violation in the query, we need to copy the
1910         syntax-violation-free string up to the beginning of the query, then encode the query.
1911
1912         Covered by new API tests.
1913
1914         * platform/URLParser.cpp:
1915         (WebCore::URLParser::percentEncodeByte):
1916         (WebCore::URLParser::encodeQuery):
1917         (WebCore::URLParser::parse):
1918         * platform/URLParser.h:
1919
1920 2016-09-27  Anders Carlsson  <andersca@apple.com>
1921
1922         Remove a couple of unused members from PlatformKeyboardEvent
1923         https://bugs.webkit.org/show_bug.cgi?id=162641
1924
1925         Reviewed by Tim Horton.
1926
1927         * platform/PlatformKeyboardEvent.h:
1928         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
1929         (WebCore::PlatformKeyboardEvent::nativeVirtualKeyCode): Deleted.
1930         (WebCore::PlatformKeyboardEvent::macCharCode): Deleted.
1931         * platform/mac/PlatformEventFactoryMac.mm:
1932         (WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
1933         * replay/SerializationMethods.cpp:
1934         (JSC::EncodingTraits<PlatformKeyboardEvent>::encodeValue):
1935         (JSC::EncodingTraits<PlatformKeyboardEvent>::decodeValue):
1936
1937 2016-09-30  Antti Koivisto  <antti@apple.com>
1938
1939         Remove "rem" unit optimization for document element font size changes
1940         https://bugs.webkit.org/show_bug.cgi?id=162778
1941
1942         Reviewed by Alex Christensen.
1943
1944         We awkwardly track from the parser level if any stylesheet in a document uses any rem units. This is only used to minimally
1945         optimize a case where document element's (<html>) font size changes dynamically.
1946
1947         In practice such changes are rare. Browsing around I couldn't find a single case where this optimization got used.
1948         Even if it was used it would be of low value as a full style resolution is likely to happen anyway (as font inherits)
1949         and the only thing really saved is that we don't need to invalidate the matched properties cache.
1950
1951         * css/CSSGrammar.y.in:
1952         * css/StyleSheetContents.cpp:
1953         (WebCore::StyleSheetContents::StyleSheetContents):
1954         * css/StyleSheetContents.h:
1955         * dom/AuthorStyleSheets.cpp:
1956         (WebCore::AuthorStyleSheets::updateActiveStyleSheets):
1957         * dom/AuthorStyleSheets.h:
1958         (WebCore::AuthorStyleSheets::usesRemUnits): Deleted.
1959         (WebCore::AuthorStyleSheets::setUsesRemUnit): Deleted.
1960         * dom/Document.cpp:
1961         (WebCore::Document::recalcStyle):
1962         (WebCore::Document::updateBaseURL):
1963         * style/StyleTreeResolver.cpp:
1964         (WebCore::Style::TreeResolver::resolveElement):
1965
1966 2016-09-30  Zalan Bujtas  <zalan@apple.com>
1967
1968         RenderLayer::clipRects may return nullptr.
1969         https://bugs.webkit.org/show_bug.cgi?id=162729
1970
1971         Reviewed by Chris Dumez.
1972
1973         This patch refactors RenderLayer::updateClipRects(), parentClipRects() and backgroundClipRect()
1974         so that we don't have to rely on this seemingly unsafe line: clipRects = *parent()->clipRects(clipRectsContext);
1975         Now updateClipRects() returns the computed/cached clip rects as opposed to update and refetch them.
1976         While this patch makes the code look more readable/safer, it also eliminates cached item tripple retrievals.  
1977
1978         No change in functionality.
1979
1980         * rendering/RenderLayer.cpp:
1981         (WebCore::ClipRectsCache::getClipRects):
1982         (WebCore::ClipRectsCache::setClipRects):
1983         (WebCore::RenderLayer::updateClipRects):
1984         (WebCore::RenderLayer::clipRects):
1985         (WebCore::RenderLayer::calculateClipRects):
1986         * rendering/RenderLayer.h:
1987
1988 2016-09-30  Youenn Fablet  <youenn@apple.com>
1989
1990         Add a way to go from a RefPtr<T> to Ref<const T>
1991         https://bugs.webkit.org/show_bug.cgi?id=162683
1992
1993         Reviewed by Alex Christensen.
1994
1995         No change of behavior.
1996
1997         * Modules/fetch/FetchBody.cpp:
1998         (WebCore::FetchBody::extract):
1999
2000 2016-09-30  Said Abou-Hallawa  <sabouhallawa@apple.com>
2001
2002         Unreviewed, fix 32-bit build.
2003
2004         * loader/cache/CachedImage.cpp:
2005         (WebCore::CachedImage::decodedSizeChanged):
2006
2007 2016-09-30  Youenn Fablet  <youenn@apple.com>
2008
2009         FetchBody should use UTF8Encoding to encode text data
2010         https://bugs.webkit.org/show_bug.cgi?id=162775
2011
2012         Reviewed by Sam Weinig.
2013
2014         Covered by added tests.
2015
2016         Removing unnecesary vector allocation when extracting UTF8 bytes from a Request/Response text/URLSearchParams body.
2017         Making use of UTF8Encoding for consistency with  the upload code path.
2018
2019         * Modules/fetch/FetchBody.cpp:
2020         (WebCore::FetchBody::consumeAsStream):
2021         (WebCore::FetchBody::consumeText):
2022         (WebCore::extractBytesFromText): Deleted.
2023
2024 2016-09-30  Said Abou-Hallawa  <sabouhallawa@apple.com>
2025
2026         Change the MemoryCache and CachedResource adjustSize functions to take a long argument
2027         https://bugs.webkit.org/show_bug.cgi?id=162708
2028         <rdar://problem/28555702>
2029
2030         Reviewed by Brent Fulgham.
2031
2032         Because the MemoryCache stores the size of the cached memory in unsigned,
2033         two problems my happen when reporting a change in the size of the memory:
2034         
2035         1. Signed integer overflow -- which can happen because MemoryCache::adjustSize()
2036            takes a signed integer argument. If the allocated or the freed memory size is
2037            larger than the maximum of a signed integer, an overflow will happen.
2038            For the image caching code, this can be seen where the unsigned decodedSize
2039            is casted to an integer before passing it to ImageObserver::decodedSizeChanged().
2040
2041         2. Unsigned integer overflow -- which can happen if the new allocated memory
2042            size plus the currentSize exceeds the maximum of unsigned.
2043            This can be seen in MemoryCache::adjustSize() where we add delta to m_liveSize
2044            or m_deadSize without checking whether this addition will overflow or not. We
2045            do not assert for overflow although we assert for underflow.
2046            
2047         The fix for these two problems can be the following:
2048         
2049         1. Make all the adjustSize functions all the way till MemoryCache::adjustSize()
2050            take a signed long integer argument.
2051            
2052         2. Do not create a NativeImagePtr for an ImageFrame if its frameBytes plus the
2053            ImageFrameCache::decodedSize() will exceed the maximum of an unsigned integer.
2054
2055         * loader/cache/CachedImage.cpp:
2056         (WebCore::CachedImage::decodedSizeChanged): Change the argument to be long. No overflow will happen when casting the argument from unsigned to long.
2057         * loader/cache/CachedImage.h:
2058         * loader/cache/CachedResource.cpp: 
2059         (WebCore::CachedResource::setDecodedSize): Use long integer casting when calling MemoryCache::adjustSize().
2060         (WebCore::CachedResource::setEncodedSize): Ditto.
2061         * loader/cache/MemoryCache.cpp:
2062         (WebCore::MemoryCache::MemoryCache): Add as static assert to ensure sizeof(long long) can hold any unsigned or its negation.
2063         (WebCore::MemoryCache::revalidationSucceeded): Use long integer casting when calling MemoryCache::adjustSize().
2064         (WebCore::MemoryCache::remove): Ditto.
2065         (WebCore::MemoryCache::adjustSize): Change the function argument to long integer. No overflow will happen when casting the argument from unsigned to long.
2066         * loader/cache/MemoryCache.h:
2067         * platform/graphics/ImageFrameCache.cpp:
2068         (WebCore::ImageFrameCache::destroyIncompleteDecodedData): Call a function with its new name.
2069         (WebCore::ImageFrameCache::decodedSizeChanged): Change the function argument to long integer. No overflow will happen when casting the argument from unsigned to long.
2070         (WebCore::ImageFrameCache::decodedSizeIncreased): Use long integer casting when calling decodedSizeChanged().
2071         (WebCore::ImageFrameCache::decodedSizeDecreased): Ditto.
2072         (WebCore::ImageFrameCache::decodedSizeReset): Ditto.
2073         (WebCore::ImageFrameCache::didDecodeProperties): Ditto.
2074         (WebCore::ImageFrameCache::frameAtIndex): Do not create the NativeImage if adding its frameByes to the MemoryCache will cause numerical overflow.
2075         (WebCore::ImageFrameCache::decodedSizeIncremented): Deleted. This function is renamed decodedSizeIncreased().
2076         (WebCore::ImageFrameCache::decodedSizeDecremented): Deleted. This function is renamed decodedSizeDecreased().
2077         * platform/graphics/ImageFrameCache.h:
2078         * platform/graphics/ImageObserver.h:
2079         * platform/graphics/IntSize.h:
2080         (WebCore::IntSize::unclampedArea): Returns the area of an IntSize in size_t.
2081         * platform/graphics/cg/PDFDocumentImage.cpp:
2082         (WebCore::PDFDocumentImage::decodedSizeChanged): Use long integer casting when calling ImageObserver::decodedSizeChanged().
2083
2084 2016-09-30  Chris Dumez  <cdumez@apple.com>
2085
2086         Add support for ImageData.data attribute
2087         https://bugs.webkit.org/show_bug.cgi?id=162767
2088
2089         Reviewed by Sam Weinig.
2090
2091         Add support for ImageData.data attribute:
2092         - https://html.spec.whatwg.org/#imagedata
2093
2094         Firefox already supports it.
2095
2096         No new tests, updated existing tests.
2097
2098         * html/ImageData.idl:
2099
2100 2016-09-30  Youenn Fablet  <youenn@apple.com>
2101
2102         DumpRenderTree crashed in com.apple.WebCore: WTF::Optional<WebCore::FetchBodyOwner::BlobLoader>::operator bool const + 12
2103         https://bugs.webkit.org/show_bug.cgi?id=162483
2104
2105         Reviewed by Alex Christensen.
2106
2107         Test: fetch/closing-while-fetching-blob.html
2108         No change of behavior.
2109
2110         * Modules/fetch/FetchBodyOwner.cpp:
2111         (WebCore::FetchBodyOwner::stop): Asserting m_blobLoader is null (meaning that unsetPendingActivity was done)
2112         only in case FetchBodyOwner has no risk being destroyed.
2113
2114 2016-09-30  Youenn Fablet  <youennf@gmail.com>
2115
2116         [Fetch API] Add support for URLSearchParams body
2117         https://bugs.webkit.org/show_bug.cgi?id=162667
2118
2119         Reviewed by Alex Christensen.
2120
2121         Tests: imported/w3c/web-platform-tests/fetch/api/basic/request-upload-worker.html
2122                imported/w3c/web-platform-tests/fetch/api/basic/request-upload.html
2123
2124         * Modules/fetch/FetchBody.cpp:
2125         (WebCore::extractBytesFromText): Moving to a static function that should be moved to a String method.
2126         (WebCore::FetchBody::FetchBody): Adding constructor for URLSearchParams.
2127         (WebCore::FetchBody::extract): Adding URLSearchParams body initialization.
2128         (WebCore::FetchBody::consume): Consuming URLSearchParams bodies.
2129         (WebCore::FetchBody::consumeAsStream): Ditto.
2130         (WebCore::FetchBody::consumeText): Updated to take a parameter to handle both text and URLSearchParams bodies.
2131         (WebCore::FetchBody::bodyForInternalRequest): Add URLSearchParams body upload.
2132         (WebCore::FetchBody::clone): Add URLSearchParams body cloning
2133         * Modules/fetch/FetchBody.h:
2134         (WebCore::FetchBody::urlSearchParamsBody):
2135         * html/URLSearchParams.cpp:
2136         (WebCore::URLSearchParams::toString):
2137         * html/URLSearchParams.h:
2138
2139 2016-09-29  Simon Fraser  <simon.fraser@apple.com>
2140
2141         Re-order the arguments to drawPattern() functions
2142         https://bugs.webkit.org/show_bug.cgi?id=162772
2143
2144         Reviewed by Zalan Bujtas.
2145         
2146         Re-order the arguments to have the destination rect come near the front,
2147         leaving CompositeOperator and BlendMode hanging out at the back like
2148         other drawing functions.
2149
2150         No behavior change.
2151
2152         * platform/graphics/BitmapImage.cpp:
2153         (WebCore::BitmapImage::drawPattern):
2154         * platform/graphics/BitmapImage.h:
2155         * platform/graphics/CrossfadeGeneratedImage.cpp:
2156         (WebCore::CrossfadeGeneratedImage::drawPattern):
2157         * platform/graphics/CrossfadeGeneratedImage.h:
2158         * platform/graphics/GeneratedImage.h:
2159         * platform/graphics/GradientImage.cpp:
2160         (WebCore::GradientImage::drawPattern):
2161         * platform/graphics/GradientImage.h:
2162         * platform/graphics/GraphicsContext.h:
2163         * platform/graphics/Image.cpp:
2164         (WebCore::Image::drawTiled):
2165         * platform/graphics/Image.h:
2166         * platform/graphics/ImageBuffer.h:
2167         * platform/graphics/NamedImageGeneratedImage.cpp:
2168         (WebCore::NamedImageGeneratedImage::drawPattern):
2169         * platform/graphics/NamedImageGeneratedImage.h:
2170         * platform/graphics/cairo/GraphicsContextCairo.cpp:
2171         (WebCore::GraphicsContext::drawPattern):
2172         * platform/graphics/cairo/ImageBufferCairo.cpp:
2173         (WebCore::ImageBuffer::drawPattern):
2174         * platform/graphics/cairo/ImageCairo.cpp:
2175         (WebCore::Image::drawPattern):
2176         * platform/graphics/cg/GraphicsContextCG.cpp:
2177         (WebCore::GraphicsContext::drawPattern):
2178         * platform/graphics/cg/ImageBufferCG.cpp:
2179         (WebCore::ImageBuffer::drawPattern):
2180         * platform/graphics/cg/ImageCG.cpp: This file can probably be removed and the code moved, since the
2181         code is almost the same as the cairo code, and not platform-specific.
2182         (WebCore::Image::drawPattern):
2183         * platform/graphics/displaylists/DisplayListItems.cpp:
2184         (WebCore::DisplayList::DrawPattern::DrawPattern):
2185         (WebCore::DisplayList::DrawPattern::apply):
2186         * platform/graphics/displaylists/DisplayListItems.h:
2187         (WebCore::DisplayList::DrawPattern::create):
2188         * platform/graphics/displaylists/DisplayListRecorder.cpp:
2189         (WebCore::DisplayList::Recorder::drawPattern):
2190         * platform/graphics/displaylists/DisplayListRecorder.h:
2191         * svg/graphics/SVGImage.cpp:
2192         (WebCore::SVGImage::drawPatternForContainer):
2193         * svg/graphics/SVGImageForContainer.cpp:
2194         (WebCore::SVGImageForContainer::drawPattern):
2195         * svg/graphics/SVGImageForContainer.h:
2196
2197 2016-09-29  Chris Dumez  <cdumez@apple.com>
2198
2199         Add support for download attribute on area elements
2200         https://bugs.webkit.org/show_bug.cgi?id=162765
2201
2202         Reviewed by Brent Fulgham.
2203
2204         Add support for download attribute on area elements:
2205         - https://html.spec.whatwg.org/#htmlanchorelement
2206
2207         Because HTMLAreaElement inherits from HTMLAnchorElement on native side,
2208         and because HTMLAnchorElement already supports the download attribute,
2209         all that was needed was to add the download attribute to
2210         HTMLAreaElement.idl file.
2211
2212         Test: http/tests/download/area-download.html
2213
2214         * html/HTMLAreaElement.idl:
2215
2216 2016-09-29  Ryosuke Niwa  <rniwa@webkit.org>
2217
2218         Editor::findStringAndScrollToVisible is unused
2219         https://bugs.webkit.org/show_bug.cgi?id=162762
2220
2221         Reviewed by Simon Fraser.
2222
2223         Deleted the unused function.
2224
2225         * editing/Editor.cpp:
2226         (WebCore::Editor::findStringAndScrollToVisible): Deleted.
2227         * editing/Editor.h:
2228
2229 2016-09-29  Jiewen Tan  <jiewen_tan@apple.com>
2230
2231         Expose CryptoKey to web workers
2232         https://bugs.webkit.org/show_bug.cgi?id=162640
2233         <rdar://problem/28182204>
2234
2235         Reviewed by Brent Fulgham.
2236
2237         Tests: crypto/workers/aes-postMessage-worker.html
2238                crypto/workers/hmac-postMessage-worker.html
2239                crypto/workers/hrsa-postMessage-worker.html
2240                crypto/workers/multiple-postMessage-worker.html
2241                crypto/workers/rsa-postMessage-worker.html
2242
2243         * crypto/CryptoKey.idl:
2244         * crypto/SerializedCryptoKeyWrap.h:
2245         * crypto/mac/SerializedCryptoKeyWrapMac.mm:
2246         (WebCore::deleteDefaultWebCryptoMasterKey):
2247         Add a way to delete the default web crypto master key such that we can test
2248         these APIs and cleanup.
2249         * workers/WorkerGlobalScope.cpp:
2250         (WebCore::WorkerGlobalScope::wrapCryptoKey):
2251         (WebCore::WorkerGlobalScope::unwrapCryptoKey):
2252         * workers/WorkerGlobalScope.h:
2253
2254 2016-09-29  Nan Wang  <n_wang@apple.com>
2255
2256         AX: iOS: Tapping <input> in Safari zooms in a bit when page has max scale = 1
2257         https://bugs.webkit.org/show_bug.cgi?id=162471
2258
2259         Reviewed by Simon Fraser.
2260
2261         If the author has defined a maximum scale, we should honor that when keyboard focus moves
2262         to a text field, instead of using the forceAlwaysUserScalableMaximumScale.
2263
2264         Tests: fast/forms/ios/user-scalable-does-not-scale-for-keyboard-focus-with-author-defined-scale.html
2265                fast/forms/ios/user-scalable-does-not-scale-for-keyboard-focus-with-user-scalable-no.html
2266                fast/forms/ios/user-scalable-scales-for-keyboard-focus-with-no-author-defined-scale.html
2267
2268         * page/ViewportConfiguration.cpp:
2269         (WebCore::ViewportConfiguration::allowsUserScaling):
2270         (WebCore::ViewportConfiguration::allowsUserScalingIgnoringAlwaysScalable):
2271         (WebCore::ViewportConfiguration::allowsUserScalingIgnoringForceAlwaysScaling): Deleted.
2272         * page/ViewportConfiguration.h:
2273         (WebCore::ViewportConfiguration::maximumScaleIgnoringAlwaysScalable):
2274         (WebCore::ViewportConfiguration::maximumScale): Deleted.
2275
2276 2016-09-29  Alex Christensen  <achristensen@webkit.org>
2277
2278         Fix syntax violation handling in IPv4 address parsing
2279         https://bugs.webkit.org/show_bug.cgi?id=162756
2280
2281         Reviewed by Tim Horton.
2282
2283         When we are parsing the up to 4 numbers in an IPv4 address, if we find a syntax violation 
2284         (the canonicalized address would be different than the input string) then wait to report
2285         it until we have determined that this is a valid IPv4 address that will be canonicalized.
2286         If it is not a valid IPv4 address, then we will just treat the characters as the host, and
2287         that could be no syntax violation.
2288
2289         Covered by a new API test and existing API tests.
2290
2291         * platform/URLParser.cpp:
2292         (WebCore::URLParser::URLParser):
2293         (WebCore::URLParser::parseIPv4Number):
2294         (WebCore::URLParser::parseIPv4Host):
2295         * platform/URLParser.h:
2296
2297 2016-09-29  Chris Dumez  <cdumez@apple.com>
2298
2299         Fix post-landing nits after r206561.
2300         https://bugs.webkit.org/show_bug.cgi?id=162659
2301
2302         Reviewed by Alex Christensen.
2303
2304         Uses more StringViews and constness.
2305
2306         * dom/SecurityContext.cpp:
2307         (WebCore::SecurityContext::isSupportedSandboxPolicy):
2308         * dom/SecurityContext.h:
2309         * html/DOMTokenList.cpp:
2310         (WebCore::DOMTokenList::DOMTokenList):
2311         (WebCore::DOMTokenList::supports):
2312         * html/DOMTokenList.h:
2313         (WebCore::DOMTokenList::DOMTokenList):
2314         * html/HTMLAnchorElement.cpp:
2315         (WebCore::HTMLAnchorElement::relList):
2316         * html/HTMLIFrameElement.cpp:
2317         (WebCore::HTMLIFrameElement::sandbox):
2318         * html/HTMLLinkElement.cpp:
2319         (WebCore::HTMLLinkElement::relList):
2320         * html/LinkRelAttribute.cpp:
2321         (WebCore::LinkRelAttribute::isSupported):
2322         * html/LinkRelAttribute.h:
2323
2324 2016-09-29  Alex Christensen  <achristensen@webkit.org>
2325
2326         URLParser should correctly parse ports with leading 0's
2327         https://bugs.webkit.org/show_bug.cgi?id=162752
2328
2329         * platform/URLParser.cpp:
2330         (WebCore::URLParser::parsePort):
2331         Followup.  Remove branches based on Geoffrey's feedback.
2332
2333 2016-09-29  Alex Christensen  <achristensen@webkit.org>
2334
2335         URLParser should correctly parse ports with leading 0's
2336         https://bugs.webkit.org/show_bug.cgi?id=162752
2337
2338         Reviewed by Tim Horton.
2339
2340         Covered by new API tests.
2341
2342         * platform/URLParser.cpp:
2343         (WebCore::URLParser::parsePort):
2344
2345 2016-09-29  Commit Queue  <commit-queue@webkit.org>
2346
2347         Unreviewed, rolling out r206483.
2348         https://bugs.webkit.org/show_bug.cgi?id=162750
2349
2350         May have caused iOS perf regression (Requested by smfr on
2351         #webkit).
2352
2353         Reverted changeset:
2354
2355         "REGRESSION (r204552): Yelp carousel animation is not smooth."
2356         https://bugs.webkit.org/show_bug.cgi?id=162632
2357         http://trac.webkit.org/changeset/206483
2358
2359 2016-09-29  Alex Christensen  <achristensen@webkit.org>
2360
2361         URLParser: make parsing invalid IPv4 addresses more robust and correct
2362         https://bugs.webkit.org/show_bug.cgi?id=162746
2363
2364         Reviewed by Tim Horton.
2365
2366         If parsing an IPv4 address fails, the characters are just treated as a regular domain.
2367
2368         Covered by new API tests.
2369
2370         * platform/URLParser.cpp:
2371         (WebCore::URLParser::parseIPv4Number):
2372         (WebCore::URLParser::parseIPv4Host):
2373
2374 2016-09-29  Alex Christensen  <achristensen@webkit.org>
2375
2376         URLParser: IPv6 addresses followed by a colon are invalid
2377         https://bugs.webkit.org/show_bug.cgi?id=162747
2378
2379         Reviewed by Tim Horton.
2380
2381         Covered by new API tests.
2382
2383         * platform/URLParser.cpp:
2384         (WebCore::URLParser::parseIPv6Host):
2385
2386 2016-09-29  Antoine Quint  <graouts@apple.com>
2387
2388         [Modern Media Controls] scheduler for layout nodes
2389         https://bugs.webkit.org/show_bug.cgi?id=162726
2390         <rdar://problem/28543043>
2391
2392         Reviewed by Dean Jackson.
2393
2394         For the work on the modern media controls we will be using a tree of LayoutNode objects that will
2395         commit to the DOM in coordinated `requestAnimationFrame()` calls to ensure all layouts are done
2396         in an efficient and coordinated manner. As a preamble, we introduce a `scheduler` singleton which
2397         provides a single public method `scheduleLayout(callback)` to queue callbacks to be fired in the
2398         next `requestAnimationFrame()` callback.
2399
2400         Tests: media/modern-media-controls/scheduler/not-reentrant.html
2401                media/modern-media-controls/scheduler/single-callback-when-registered-multiple-times.html
2402
2403         * Modules/modern-media-controls/controls/scheduler.js: Added.
2404         (const.scheduler.new.prototype.scheduleLayout):
2405         (const.scheduler.new.prototype._requestFrameIfNeeded):
2406         (const.scheduler.new.prototype._frameDidFire):
2407         (const.scheduler.new.prototype._layout):
2408
2409 2016-09-28  Ryosuke Niwa  <rniwa@webkit.org>
2410
2411         Text nodes assigned to a linked slot are not clickable
2412         https://bugs.webkit.org/show_bug.cgi?id=162091
2413         <rdar://problem/28383300>
2414
2415         Reviewed by Antti Koivisto.
2416
2417         The bug was caused by updateMouseEventTargetNode adjusting the target to its parent element when
2418         the original target was a text node. Fixed the bug by using the parent element in the composed tree.
2419
2420         Also fixed the bug that the hit testing was not finding the anchor element and keeping the cursor
2421         in I-beam by traversing the composed tree instead.
2422
2423         Test: fast/shadow-dom/click-text-inside-linked-slot.html
2424
2425         * dom/Node.cpp:
2426         (WebCore::Node::enclosingLinkEventParentOrSelf): Fixed the cursor problem.
2427         * page/EventHandler.cpp:
2428         (WebCore::EventHandler::updateMouseEventTargetNode): Fixed the activation problem.
2429
2430 2016-09-29  Sam Weinig  <sam@webkit.org>
2431
2432         Allow overriding some NSURLSessionConfiguration properties on a per-NetworkProcess basis
2433         <rdar://problem/27648683>
2434         https://bugs.webkit.org/show_bug.cgi?id=162735
2435
2436         Reviewed by Dan Bernstein.
2437
2438         * platform/spi/cf/CFNetworkSPI.h:
2439         Forward declare _sourceApplicationSecondaryIdentifier and _CTDataConnectionServiceType
2440
2441 2016-09-29  Antti Koivisto  <antti@apple.com>
2442
2443         Remove addSubresourceStyleURLs functions
2444         https://bugs.webkit.org/show_bug.cgi?id=162731
2445
2446         Reviewed by Ryosuke Niwa.
2447
2448         Use the generic std::function taking traverseSubresources instead. This prevents bugs caused by the code paths
2449         not being in sync.
2450
2451         These functions are only used by the legacy webarchive code to gather URLs to locate CachedResources from the memory cache.
2452         This can be improved further by returning the cached resources themselves instead of the URLs.
2453
2454         * css/CSSFontFaceSrcValue.cpp:
2455         (WebCore::CSSFontFaceSrcValue::addSubresourceStyleURLs): Deleted.
2456         * css/CSSFontFaceSrcValue.h:
2457         * css/CSSPrimitiveValue.cpp:
2458         (WebCore::CSSPrimitiveValue::addSubresourceStyleURLs): Deleted.
2459         * css/CSSPrimitiveValue.h:
2460         * css/CSSReflectValue.cpp:
2461         (WebCore::CSSReflectValue::addSubresourceStyleURLs): Deleted.
2462         * css/CSSReflectValue.h:
2463         * css/CSSValue.cpp:
2464         (WebCore::CSSValue::addSubresourceStyleURLs): Deleted.
2465         * css/CSSValue.h:
2466         * css/CSSValueList.cpp:
2467         (WebCore::CSSValueList::addSubresourceStyleURLs): Deleted.
2468         * css/CSSValueList.h:
2469         * css/StyleProperties.cpp:
2470         (WebCore::StyleProperties::addSubresourceStyleURLs): Deleted.
2471         * css/StyleProperties.h:
2472         * css/StyleRuleImport.h:
2473         * css/StyleSheetContents.cpp:
2474         (WebCore::StyleSheetContents::traverseSubresources):
2475
2476             Fix a bug where this would miss @import rules in @imported stylesheets.
2477             Include the CachedResource for the imported stylesheet itself.
2478
2479             Tested by the test cases under LayoutTests/webarchive
2480
2481         (WebCore::StyleSheetContents::addSubresourceStyleURLs): Deleted.
2482         * css/StyleSheetContents.h:
2483         * dom/StyledElement.cpp:
2484         (WebCore::StyledElement::addSubresourceAttributeURLs):
2485         * html/HTMLLinkElement.cpp:
2486         (WebCore::HTMLLinkElement::addSubresourceAttributeURLs):
2487         * html/HTMLStyleElement.cpp:
2488         (WebCore::HTMLStyleElement::addSubresourceAttributeURLs):
2489
2490 2016-09-29  Brent Fulgham  <bfulgham@apple.com>
2491
2492         [Win][Direct2D] Add D2D Font handling code
2493         https://bugs.webkit.org/show_bug.cgi?id=162712
2494
2495         Reviewed by Brent Fulgham.
2496
2497         This patch lands a set of new files that implement 
2498
2499         No new tests until complete backend lands.
2500
2501         * platform/graphics/Font.h:
2502         * platform/graphics/FontCascade.h:
2503         (WebCore::FontCascade::syntheticObliqueAngle): Added helper function.
2504         * platform/graphics/FontPlatformData.h:
2505         (WebCore::FontPlatformData::dwFont): Added.
2506         (WebCore::FontPlatformData::dwFontFace): Ditto.
2507         * platform/graphics/GlyphBuffer.h:
2508         * platform/graphics/cocoa/FontCascadeCocoa.mm:
2509         (WebCore::FontCascade::drawGlyphs): Use helper function.
2510         * platform/graphics/win/FontCGWin.cpp:
2511         (WebCore::FontCascade::drawGlyphs): Ditto.
2512         * platform/graphics/win/FontCacheWin.cpp:
2513         (WebCore::FontCache::createFontPlatformData): Add case for Direct2D.
2514         * platform/graphics/win/FontCascadeDirect2D.cpp: Added.
2515         * platform/graphics/win/FontCustomPlatformData.cpp:
2516         (WebCore::FontCustomPlatformData::~FontCustomPlatformData): Fix whitespace.
2517         (WebCore::FontCustomPlatformData::fontPlatformData): Add Direct2D case.
2518         * platform/graphics/win/FontPlatformDataCGWin.cpp:
2519         (WebCore::FontPlatformData::FontPlatformData): Clean up C++ initializers.
2520         * platform/graphics/win/FontPlatformDataCairoWin.cpp:
2521         (WebCore::FontPlatformData::FontPlatformData): Ditto.
2522         * platform/graphics/win/FontPlatformDataDirect2D.cpp: Added.
2523         * platform/graphics/win/FontPlatformDataWin.cpp:
2524         (WebCore::FontPlatformData::FontPlatformData): Clean up C++ initializers.
2525         * platform/graphics/win/GlyphPageTreeNodeDirect2D.cpp: Added.
2526         * platform/graphics/win/SimpleFontDataDirect2D.cpp: Added.
2527         * platform/graphics/win/TextAnalyzerHelper.cpp: Added.
2528         * platform/graphics/win/TextAnalyzerHelper.h: Added.
2529
2530 2016-09-29  Alex Christensen  <achristensen@webkit.org>
2531
2532         URLParser should fail to parse unclosed IPv6 addresses
2533         https://bugs.webkit.org/show_bug.cgi?id=162715
2534
2535         Reviewed by Tim Horton.
2536
2537         Covered by new API tests.
2538
2539         * platform/URLParser.cpp:
2540         (WebCore::URLParser::parseHostAndPort):
2541
2542 2016-09-29  Alex Christensen  <achristensen@webkit.org>
2543
2544         URLParser should ignore tabs at all possible locations
2545         https://bugs.webkit.org/show_bug.cgi?id=162711
2546
2547         Reviewed by Tim Horton.
2548
2549         The URL spec says to remove all tabs and newlines before parsing a URL.
2550         To reduce passes on the URL and copies of data, I chose to just ignore them every time I increment the iterator.
2551         This is fragile, but faster.  It can be completely tested, though.  That is what this patch does.
2552
2553         Covered by an addition to the API tests that tries inserting one tab at each location of each test.
2554
2555         * platform/URLParser.cpp:
2556         (WebCore::URLParser::advance):
2557         (WebCore::URLParser::isWindowsDriveLetter):
2558         (WebCore::URLParser::appendWindowsDriveLetter):
2559         (WebCore::URLParser::isPercentEncodedDot):
2560         (WebCore::URLParser::isSingleDotPathSegment):
2561         (WebCore::URLParser::isDoubleDotPathSegment):
2562         (WebCore::URLParser::consumeSingleDotPathSegment):
2563         (WebCore::URLParser::consumeDoubleDotPathSegment):
2564         (WebCore::URLParser::checkLocalhostCodePoint):
2565         (WebCore::URLParser::isAtLocalhost):
2566         (WebCore::URLParser::isLocalhost):
2567         (WebCore::URLParser::URLParser):
2568         (WebCore::URLParser::parse):
2569         (WebCore::isPercentEncodedDot): Deleted.
2570         (WebCore::isSingleDotPathSegment): Deleted.
2571         (WebCore::isDoubleDotPathSegment): Deleted.
2572         (WebCore::consumeSingleDotPathSegment): Deleted.
2573         (WebCore::consumeDoubleDotPathSegment): Deleted.
2574         * platform/URLParser.h:
2575         (WebCore::URLParser::advance):
2576
2577 2016-09-29  Simon Fraser  <simon.fraser@apple.com>
2578
2579         Fix hit testing on display:block <svg> elements
2580         https://bugs.webkit.org/show_bug.cgi?id=162717
2581         rdar://problem/23261130
2582
2583         Reviewed by Zalan Bujtas.
2584
2585         RenderSVGRoot::nodeAtPoint() needs to test for both the HitTestBlockBackground and
2586         HitTestChildBlockBackground phases, since we only get the HitTestChildBlockBackground
2587         phase when the <svg> is a block. This is similar to code in RenderTable::nodeAtPoint(),
2588         and matches Blink code.
2589         
2590         This fixes the point dragging on http://anthonydugois.com/svg-path-builder/.
2591
2592         Test: svg/hittest/block-svg.html
2593
2594         * rendering/svg/RenderSVGRoot.cpp:
2595         (WebCore::RenderSVGRoot::nodeAtPoint):
2596
2597 2016-09-29  Chris Dumez  <cdumez@apple.com>
2598
2599         Assigning non-numeric to input.minlength should set minlength to 0
2600         https://bugs.webkit.org/show_bug.cgi?id=162727
2601
2602         Reviewed by Ryosuke Niwa.
2603
2604         There was a typo when we were updating the m_minLength member from the 'min'
2605         content attribute instead of the 'minlength' one.
2606
2607         Test: imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/minlength.html.
2608
2609         * html/HTMLInputElement.cpp:
2610         (WebCore::HTMLInputElement::parseAttribute):
2611
2612 2016-09-29  Chris Dumez  <cdumez@apple.com>
2613
2614         [Web IDL] Fix overload resolution when the distinguishing argument is a Window
2615         https://bugs.webkit.org/show_bug.cgi?id=162728
2616
2617         Reviewed by Ryosuke Niwa.
2618
2619         Fix overload resolution when the distinguishing argument is a Window.
2620         Window is special because we could have a window or a proxy to the
2621         Window (JSDOMWindowShell).
2622
2623         * bindings/scripts/CodeGeneratorJS.pm:
2624         (GenerateOverloadedFunctionOrConstructor):
2625         * bindings/scripts/test/JS/JSTestObj.cpp:
2626         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9):
2627         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10):
2628         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11):
2629         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12):
2630         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod13):
2631         (WebCore::jsTestObjPrototypeFunctionOverloadedMethod):
2632         * bindings/scripts/test/TestObj.idl:
2633
2634 2016-09-29  Per Arne Vollan  <pvollan@apple.com>
2635
2636         [Win] Compile fix.
2637         https://bugs.webkit.org/show_bug.cgi?id=162262
2638
2639         Reviewed by Anders Carlsson.
2640
2641         If CoreText.h is included, we will get redefinition compile errors on some older SDK
2642         versions. 
2643
2644         * platform/spi/win/CoreTextSPIWin.h:
2645
2646 2016-09-29  Carlos Garcia Campos  <cgarcia@igalia.com>
2647
2648         [SOUP] Remove WebCoreSynchronousLoader from ResourceHandleSoup
2649         https://bugs.webkit.org/show_bug.cgi?id=162723
2650
2651         Reviewed by Sergio Villar Senin.
2652
2653         Since all soup based ports switched to NetworkProcess this is dead code.
2654
2655         * platform/network/soup/ResourceHandleSoup.cpp:
2656         (WebCore::ResourceHandle::platformLoadResourceSynchronously):
2657
2658 2016-09-29  Nan Wang  <n_wang@apple.com>
2659
2660         AX: Meter: [Mac] Content in label element should be used as AXTitle or AXDescription
2661         https://bugs.webkit.org/show_bug.cgi?id=162586
2662
2663         Reviewed by Chris Fleizach.
2664
2665         Exposed the label element's text as AXDescription for meter elements.
2666         Also refactored the code for fetching the label element's text and taken care of 
2667         the case where aria-label and aria-labelledby attributes are used on label elements. 
2668
2669         Test: accessibility/mac/meter-with-label-element.html
2670
2671         * accessibility/AccessibilityNodeObject.cpp:
2672         (WebCore::AccessibilityNodeObject::isLabelable):
2673         (WebCore::AccessibilityNodeObject::textForLabelElement):
2674         (WebCore::AccessibilityNodeObject::titleElementText):
2675         (WebCore::AccessibilityNodeObject::title):
2676         (WebCore::AccessibilityNodeObject::usesAltTagForTextComputation): Deleted.
2677         * accessibility/AccessibilityNodeObject.h:
2678         * accessibility/AccessibilityRenderObject.cpp:
2679         (WebCore::AccessibilityRenderObject::exposesTitleUIElement):
2680
2681 2016-09-29  Romain Bellessort  <romain.bellessort@crf.canon.fr>
2682
2683         [Streams API] Improve ReadableStreamDefaultController.h/cpp
2684         https://bugs.webkit.org/show_bug.cgi?id=160293
2685
2686         Reviewed by Youenn Fablet.
2687
2688         Various small improvements in ReadableStreamDefaultController code (helper methods and asserts).
2689
2690         No change in behaviour.
2691
2692         * bindings/js/ReadableStreamDefaultController.cpp:
2693         (WebCore::ReadableStreamDefaultController::isControlledReadableStreamLocked): Added an assert and updated based 
2694         on new helper methods.
2695         * bindings/js/ReadableStreamDefaultController.h:
2696         (WebCore::ReadableStreamDefaultController::close): Updated based on new helper methods.
2697         (WebCore::ReadableStreamDefaultController::error): Updated based on new helper methods.
2698         (WebCore::ReadableStreamDefaultController::enqueue): Added an assert and updated based on new helper methods.
2699         (WebCore::ReadableStreamDefaultController::jsController): New helper method.
2700         (WebCore::ReadableStreamDefaultController::globalObject): Return reference instead of pointer.
2701         (WebCore::ReadableStreamDefaultController::globalExec): New helper; return reference after performing an assert.
2702         (WebCore::ReadableStreamDefaultController::error<String>): Added an assert and updated based on new helper methods.
2703
2704 2016-09-29  Jon Davis  <jond@apple.com>
2705
2706         Added Beacon API to the Feature Status page.
2707         https://bugs.webkit.org/show_bug.cgi?id=162630
2708
2709         Reviewed by Alex Christensen.
2710
2711         * features.json:
2712
2713 2016-09-28  Chris Dumez  <cdumez@apple.com>
2714
2715         Drop first 'state' parameter to JSDOMWindow::toWrapped() / JSEventTarget::toWrapped()
2716         https://bugs.webkit.org/show_bug.cgi?id=162709
2717
2718         Reviewed by Alex Christensen.
2719
2720         Drop first 'state' parameter to JSDOMWindow::toWrapped() / JSEventTarget::toWrapped()
2721         as it is unused. This is the quickest way to allow DOMWindow / EventTarget members
2722         in IDL dictionaries. This is because the generated bindings code relies on
2723         convertWrapperType() in JSDOMConvert.h which calls toWrapped() with a single
2724         parameter. Right now, the only type that requires an ExecState for its toWrapped()
2725         is XPathNSResolver (which should likely be a callback interface rather than a
2726         regular interface).
2727
2728         * bindings/js/JSDOMWindowCustom.cpp:
2729         (WebCore::JSDOMWindow::toWrapped):
2730         * bindings/js/JSDictionary.cpp:
2731         (WebCore::JSDictionary::convertValue):
2732         * bindings/js/JSEventTargetCustom.cpp:
2733         (WebCore::JSEventTarget::toWrapped):
2734         * bindings/js/JSMessageEventCustom.cpp:
2735         (WebCore::handleInitMessageEvent):
2736         * bindings/scripts/CodeGeneratorJS.pm:
2737         (GenerateHeader):
2738         (JSValueToNative):
2739
2740 2016-09-28  Chris Dumez  <cdumez@apple.com>
2741
2742         Log console messages when the anchor download attribute is ignored
2743         https://bugs.webkit.org/show_bug.cgi?id=162703
2744
2745         Reviewed by Alex Christensen.
2746
2747         Log console messages when the anchor download attribute is ignored so
2748         that the developer can better understand what's happening.
2749
2750         No new tests, rebaselined existing tests.
2751
2752         * html/HTMLAnchorElement.cpp:
2753         (WebCore::HTMLAnchorElement::handleClick):
2754
2755 2016-09-28  Chris Dumez  <cdumez@apple.com>
2756
2757         Add support for DOMTokenList.supports()
2758         https://bugs.webkit.org/show_bug.cgi?id=162659
2759
2760         Reviewed by Ryosuke Niwa.
2761
2762         Add support for DOMTokenList.supports():
2763         - https://dom.spec.whatwg.org/#dom-domtokenlist-supports
2764
2765         Firefox and Chrome already recently implemented it (Chrome since
2766         version 50 and Firefox since version 49).
2767
2768         Test: fast/dom/DOMTokenList-supports.html
2769
2770         * dom/SecurityContext.cpp:
2771         (WebCore::SecurityContext::isSupportedSandboxPolicy):
2772         (WebCore::SecurityContext::enforceSandboxFlags): Deleted.
2773         * dom/SecurityContext.h:
2774         * html/DOMTokenList.cpp:
2775         (WebCore::DOMTokenList::DOMTokenList):
2776         (WebCore::DOMTokenList::supports):
2777         (WebCore::DOMTokenList::replace): Deleted.
2778         * html/DOMTokenList.h:
2779         (WebCore::DOMTokenList::DOMTokenList):
2780         * html/DOMTokenList.idl:
2781         * html/HTMLAnchorElement.cpp:
2782         (WebCore::HTMLAnchorElement::parseAttribute):
2783         (WebCore::HTMLAnchorElement::relList):
2784         * html/HTMLAnchorElement.idl:
2785         * html/HTMLAreaElement.idl:
2786         * html/HTMLIFrameElement.cpp:
2787         (WebCore::HTMLIFrameElement::sandbox):
2788         * html/HTMLLinkElement.cpp:
2789         (WebCore::HTMLLinkElement::relList):
2790         * html/HTMLTableCellElement.idl:
2791         * html/LinkRelAttribute.cpp:
2792         (WebCore::LinkRelAttribute::isSupported):
2793         (WebCore::LinkRelAttribute::LinkRelAttribute): Deleted.
2794         * html/LinkRelAttribute.h:
2795
2796 2016-09-28  Ryosuke Niwa  <rniwa@webkit.org>
2797
2798         DOMTokenList’s value and stringifier should not return parsed tokens
2799         https://bugs.webkit.org/show_bug.cgi?id=161076
2800
2801         Reviewed by Chris Dumez.
2802
2803         Updated our implementation of DOMTokenList.prototype.value and its toString function
2804         to match the latest DOM specification: https://dom.spec.whatwg.org/#interface-domtokenlist
2805
2806         "value" attribute, on getting, runs its serialize steps, which simply gets the attribute value.
2807         On setting, it sets the attribute value with the given value.
2808
2809         The stringification behavior returns the same serialize steps as "value" attribute on getting.
2810
2811         This change simplifies our implementation of DOMTokenList and removes the need for m_cachedValue,
2812         which has been removed in this patch.
2813
2814         No new tests since existing tests cover this.
2815
2816         * html/DOMTokenList.cpp:
2817         (WebCore::DOMTokenList::value): Just call getAttribute.
2818         (WebCore::DOMTokenList::setValue): Just call setAttribute.
2819         (WebCore::DOMTokenList::updateTokensFromAttributeValue):
2820         (WebCore::DOMTokenList::associatedAttributeValueChanged):
2821         (WebCore::DOMTokenList::updateAssociatedAttributeFromTokens): Moved the code to update the tokens
2822         from from the attribute value. This is the "update steps".
2823         * html/DOMTokenList.h:
2824
2825 2016-09-28  Jer Noble  <jer.noble@apple.com>
2826
2827         CRASH at WebCore::CDMSessionAVStreamSession::update + 950
2828         https://bugs.webkit.org/show_bug.cgi?id=162701
2829
2830         Reviewed by Beth Dakin.
2831
2832         If the SourceBuffer backing a <video> element is removed before CDMSessionAVStreamSession::update() gets
2833         a chance to run, the protectedSourceBuffer will be null. Just bail early and indicate an error.
2834
2835         * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
2836         (WebCore::CDMSessionAVStreamSession::update):
2837
2838 2016-09-28  Alex Christensen  <achristensen@webkit.org>
2839
2840         URLParser should properly handle unexpected periods and overflows in IPv4 addresses
2841         https://bugs.webkit.org/show_bug.cgi?id=162655
2842
2843         Reviewed by Geoffrey Garen.
2844
2845         Covered by new API tests.
2846
2847         * platform/URLParser.cpp:
2848         (WebCore::URLParser::parseIPv4Number):
2849         (WebCore::URLParser::parseIPv4Host):
2850         * platform/URLParser.h:
2851
2852 2016-09-28  Wenson Hsieh  <wenson_hsieh@apple.com>
2853
2854         Some media tests are crashing due to soft-linking failures
2855         https://bugs.webkit.org/show_bug.cgi?id=162698
2856
2857         Reviewed by Jer Noble.
2858
2859         We should be handling soft-linking failures for MRMediaRemoteSetNowPlayingVisibility gracefully. Guards these
2860         calls with canLoad_MediaRemote_MRMediaRemoteSetParentApplication and also use the
2861         SOFT_LINK_FUNCTION_MAY_FAIL_FOR_HEADER macro when soft linking.
2862
2863         * platform/audio/mac/MediaSessionManagerMac.mm:
2864         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):
2865         * platform/mac/MediaRemoteSoftLink.cpp:
2866         * platform/mac/MediaRemoteSoftLink.h:
2867
2868 2016-09-28  Alex Christensen  <achristensen@webkit.org>
2869
2870         URLParser should ignore tabs in authority
2871         https://bugs.webkit.org/show_bug.cgi?id=162694
2872
2873         Reviewed by Geoffrey Garen.
2874
2875         Covered by new API tests.
2876
2877         * platform/URLParser.cpp:
2878         (WebCore::URLParser::parseAuthority):
2879
2880 2016-09-28  Alex Christensen  <achristensen@webkit.org>
2881
2882         URLParser should ignore extra slashes after scheme:// and handle a missing slash after the port
2883         https://bugs.webkit.org/show_bug.cgi?id=162690
2884
2885         Reviewed by Geoffrey Garen.
2886
2887         Covered by new API tests.
2888
2889         * platform/URLParser.cpp:
2890         (WebCore::URLParser::parse):
2891
2892 2016-09-28  Alex Christensen  <achristensen@webkit.org>
2893
2894         URLParser should correctly canonicalize uppercase IPv6 addresses
2895         https://bugs.webkit.org/show_bug.cgi?id=162680
2896
2897         Reviewed by Tim Horton.
2898
2899         Covered by a new API test.
2900
2901         * platform/URLParser.cpp:
2902         (WebCore::URLParser::parseIPv6Host):
2903         If there is an uppercase character in the IPv6 address part, then it is a syntax violation
2904         because the canonicalized IPv6 address differs from the input String.
2905
2906 2016-09-28  Chris Dumez  <cdumez@apple.com>
2907
2908         Unreviewed, fix iOS build.
2909
2910         * bindings/js/ios/TouchConstructors.cpp:
2911
2912 2016-09-28  Chris Dumez  <cdumez@apple.com>
2913
2914         It should be possible to dispatch events on template documents
2915         https://bugs.webkit.org/show_bug.cgi?id=162687
2916
2917         Reviewed by Ryosuke Niwa.
2918
2919         It should be possible to dispatch events on template documents. Firefox
2920         supports this. Chrome does not but this is likely not intentional as
2921         Chrome generally supports dispatching events on frameless documents.
2922
2923         Test: fast/dom/template-document-dispatchEvent.html
2924
2925         * dom/Document.cpp:
2926         (WebCore::Document::ensureTemplateDocument):
2927
2928 2016-09-27  Dean Jackson  <dino@apple.com>
2929
2930         Use Color references where possible
2931         https://bugs.webkit.org/show_bug.cgi?id=162643
2932         <rdar://problem/28506550>
2933
2934         Reviewed by Simon Fraser.
2935
2936         There were a bunch of places where we pass or use
2937         Colors by value. As the Color class gets a bit more
2938         complicated, it would be nice to avoid copying, so
2939         use references where possible.
2940
2941         * css/CSSGradientValue.cpp:
2942         (WebCore::interpolate):
2943         * css/StyleColor.h:
2944         (WebCore::StyleColor::getColor):
2945         (WebCore::StyleColor::resolve):
2946         * css/StyleResolver.h:
2947         (WebCore::StyleResolver::State::backgroundColor):
2948         * dom/Document.h:
2949         (WebCore::Document::textColor):
2950         * editing/FrameSelection.cpp:
2951         (WebCore::disappearsIntoBackground):
2952         * html/canvas/CanvasRenderingContext2D.cpp:
2953         (WebCore::CanvasRenderingContext2D::setShadow):
2954         * html/canvas/CanvasRenderingContext2D.h:
2955         * html/track/TextTrackCueGeneric.h:
2956         * page/PageOverlay.cpp:
2957         (WebCore::PageOverlay::setBackgroundColor):
2958         * page/PageOverlay.h:
2959         * page/animation/CSSPropertyAnimation.cpp:
2960         (WebCore::PropertyWrapperColor::PropertyWrapperColor):
2961         (WebCore::PropertyWrapperMaybeInvalidColor::PropertyWrapperMaybeInvalidColor):
2962         (WebCore::PropertyWrapperVisitedAffectedColor::PropertyWrapperVisitedAffectedColor):
2963         * platform/graphics/GraphicsContext.cpp:
2964         (WebCore::GraphicsContext::fillRectWithRoundedHole):
2965         * platform/graphics/GraphicsContext.h:
2966         (WebCore::GraphicsContext::strokeColor):
2967         (WebCore::GraphicsContext::fillColor):
2968         * platform/graphics/InbandTextTrackPrivateClient.h:
2969         (WebCore::GenericCueData::foregroundColor):
2970         (WebCore::GenericCueData::setForegroundColor):
2971         (WebCore::GenericCueData::backgroundColor):
2972         (WebCore::GenericCueData::setBackgroundColor):
2973         (WebCore::GenericCueData::highlightColor):
2974         (WebCore::GenericCueData::setHighlightColor):
2975         * platform/graphics/ca/TileController.h:
2976         * platform/graphics/cg/GraphicsContextCG.cpp:
2977         (WebCore::GraphicsContext::drawRect):
2978         (WebCore::GraphicsContext::fillRect):
2979         (WebCore::GraphicsContext::platformFillRoundedRect):
2980         (WebCore::GraphicsContext::fillRectWithRoundedHole):
2981         * platform/graphics/displaylists/DisplayListItems.h:
2982         (WebCore::DisplayList::DrawFocusRingPath::color):
2983         (WebCore::DisplayList::DrawFocusRingRects::color):
2984         (WebCore::DisplayList::FillRectWithColor::color):
2985         (WebCore::DisplayList::FillCompositedRect::color):
2986         (WebCore::DisplayList::FillRoundedRect::color):
2987         (WebCore::DisplayList::FillRectWithRoundedHole::color):
2988         * platform/graphics/filters/FEDiffuseLighting.cpp:
2989         (WebCore::FEDiffuseLighting::lightingColor):
2990         * platform/graphics/filters/FEDiffuseLighting.h:
2991         * platform/graphics/filters/FEDropShadow.h:
2992         (WebCore::FEDropShadow::shadowColor):
2993         * platform/graphics/filters/FEFlood.cpp:
2994         (WebCore::FEFlood::floodColor):
2995         (WebCore::FEFlood::platformApplySoftware):
2996         * platform/graphics/filters/FEFlood.h:
2997         * platform/graphics/filters/FESpecularLighting.cpp:
2998         (WebCore::FESpecularLighting::lightingColor):
2999         * platform/graphics/filters/FESpecularLighting.h:
3000         * platform/graphics/filters/FilterOperation.h:
3001         * rendering/BorderEdge.h:
3002         (WebCore::BorderEdge::color):
3003         * rendering/InlineFlowBox.cpp:
3004         (WebCore::InlineFlowBox::paintBoxDecorations):
3005         * rendering/InlineTextBox.cpp:
3006         (WebCore::InlineTextBox::paintSelection):
3007         * rendering/InlineTextBox.h:
3008         * rendering/RenderFrameSet.cpp:
3009         (WebCore::borderStartEdgeColor):
3010         (WebCore::borderEndEdgeColor):
3011         (WebCore::borderFillColor):
3012         * rendering/RenderInline.cpp:
3013         (WebCore::RenderInline::paintOutlineForLine):
3014         * rendering/RenderInline.h:
3015         * rendering/RenderLayerCompositor.h:
3016         * rendering/RenderView.cpp:
3017         (WebCore::RenderView::paintBoxDecorations):
3018         * rendering/TextDecorationPainter.cpp:
3019         (WebCore::TextDecorationPainter::paintTextDecoration):
3020         * rendering/TextPainter.cpp:
3021         (WebCore::TextPainter::paintTextWithShadows):
3022         * rendering/style/BorderValue.h:
3023         (WebCore::BorderValue::color):
3024         * rendering/style/CollapsedBorderValue.h:
3025         (WebCore::CollapsedBorderValue::color):
3026         * rendering/style/RenderStyle.cpp:
3027         (WebCore::RenderStyle::color):
3028         (WebCore::RenderStyle::visitedLinkColor):
3029         (WebCore::RenderStyle::setColor):
3030         (WebCore::RenderStyle::setVisitedLinkColor):
3031         * rendering/style/RenderStyle.h:
3032         (WebCore::RenderStyle::borderLeftColor):
3033         (WebCore::RenderStyle::borderRightColor):
3034         (WebCore::RenderStyle::borderTopColor):
3035         (WebCore::RenderStyle::borderBottomColor):
3036         (WebCore::RenderStyle::backgroundColor):
3037         (WebCore::RenderStyle::columnRuleColor):
3038         (WebCore::RenderStyle::outlineColor):
3039         (WebCore::RenderStyle::textEmphasisColor):
3040         (WebCore::RenderStyle::textFillColor):
3041         (WebCore::RenderStyle::textStrokeColor):
3042         (WebCore::RenderStyle::visitedLinkBackgroundColor):
3043         (WebCore::RenderStyle::visitedLinkBorderLeftColor):
3044         (WebCore::RenderStyle::visitedLinkBorderRightColor):
3045         (WebCore::RenderStyle::visitedLinkBorderBottomColor):
3046         (WebCore::RenderStyle::visitedLinkBorderTopColor):
3047         (WebCore::RenderStyle::visitedLinkOutlineColor):
3048         (WebCore::RenderStyle::visitedLinkColumnRuleColor):
3049         (WebCore::RenderStyle::textDecorationColor):
3050         (WebCore::RenderStyle::visitedLinkTextDecorationColor):
3051         (WebCore::RenderStyle::visitedLinkTextEmphasisColor):
3052         (WebCore::RenderStyle::visitedLinkTextFillColor):
3053         (WebCore::RenderStyle::visitedLinkTextStrokeColor):
3054         (WebCore::RenderStyle::stopColor):
3055         (WebCore::RenderStyle::floodColor):
3056         (WebCore::RenderStyle::lightingColor):
3057         * svg/SVGFEDiffuseLightingElement.cpp:
3058         (WebCore::SVGFEDiffuseLightingElement::build):
3059         * svg/SVGFEDropShadowElement.cpp:
3060         (WebCore::SVGFEDropShadowElement::build):
3061         * svg/SVGFEFloodElement.cpp:
3062         (WebCore::SVGFEFloodElement::build):
3063         * svg/SVGFESpecularLightingElement.cpp:
3064         (WebCore::SVGFESpecularLightingElement::build):
3065         * svg/SVGGradientElement.cpp:
3066         (WebCore::SVGGradientElement::buildStops):
3067
3068 2016-09-28  Ryosuke Niwa  <rniwa@webkit.org>
3069
3070         assignedNodes should include fallback contents when flattened option is set
3071         https://bugs.webkit.org/show_bug.cgi?id=162656
3072
3073         Reviewed by Antti Koivisto.
3074
3075         Fixed the bug by traversing through fallback contents when there are no assigned nodes.
3076
3077         Tests: imported/w3c/web-platform-tests/shadow-dom/slots.html
3078                imported/w3c/web-platform-tests/shadow-dom/slots-fallback.html
3079
3080         * html/HTMLSlotElement.cpp:
3081         (WebCore::flattenAssignedNodes):
3082         (WebCore::HTMLSlotElement::assignedNodes):
3083
3084 2016-09-27  Wenson Hsieh  <wenson_hsieh@apple.com>
3085
3086         Adopt MediaRemote SPI to achieve desired Now Playing behavior
3087         https://bugs.webkit.org/show_bug.cgi?id=162658
3088         <rdar://problem/28499358>
3089
3090         Reviewed by Jer Noble.
3091
3092         Restores the changes previously rolled out in r206444, and adopts new MediaRemote SPI to achieve the desired
3093         behavior for media in background tabs without breaking other features.
3094
3095         Introduces 2 new unit tests in NowPlayingControlsTests.
3096
3097         * html/MediaElementSession.cpp:
3098         (WebCore::MediaElementSession::pageAllowsNowPlayingControls):
3099         * page/Page.cpp:
3100         (WebCore::Page::setViewState):
3101         * platform/audio/PlatformMediaSessionManager.h:
3102         (WebCore::PlatformMediaSessionManager::hasActiveNowPlayingSession):
3103         * platform/audio/mac/MediaSessionManagerMac.h:
3104         * platform/audio/mac/MediaSessionManagerMac.mm:
3105         (WebCore::MediaSessionManagerMac::updateNowPlayingInfo):
3106         * platform/mac/MediaRemoteSoftLink.cpp:
3107         * platform/mac/MediaRemoteSoftLink.h:
3108         * platform/spi/mac/MediaRemoteSPI.h:
3109
3110 2016-09-28  Said Abou-Hallawa  <sabouhallawa@apple.com>
3111
3112         REGRESSION(r206481): ASSERTION FAILED: isDecoderAvailable()
3113         https://bugs.webkit.org/show_bug.cgi?id=162665
3114
3115         Reviewed by Simon Fraser.
3116
3117         Remove a wrong assertion from ImageSource::destroyDecodedData(). Before
3118         r206481, the original function BitmapImage::destroyDecodedData() did not
3119         have this assertion. Destroying the decoded ImageFrames can happen after
3120         releasing the ImageDecoder. And it can happen also if decoding the image
3121         fails and BitmapImage::isNull() is true. See CachedImage::finishLoading().
3122
3123         * platform/graphics/ImageSource.cpp:
3124         (WebCore::ImageSource::destroyDecodedData):
3125
3126 2016-09-28  Youenn Fablet  <youenn@apple.com>
3127
3128         WebCore::ResourceErrorBase::setType is crashing
3129         https://bugs.webkit.org/show_bug.cgi?id=162484
3130         <rdar://problem/28390828>
3131
3132         Reviewed by Alex Christensen.
3133
3134         Test: http/tests/xmlhttprequest/on-network-timeout-error-during-preflight.html
3135
3136         Behavior is slightly changed as we are no longer casting Timeout preflight errors as AccessControl errors.
3137         This is more inline with fetch spec which prescribes to send back any error received by preflight as response error for fetch.
3138
3139         Ideally, we should not need to change errors received during preflight loads but the error type is important for some clients:
3140         - EventSource may try to reconnect if error is not AccessControl
3141         - XMLHttpRequest will send abort events in case of Cancellation errors and timeout events in case of Timeout errors
3142
3143         * loader/CrossOriginPreflightChecker.cpp:
3144         (WebCore::CrossOriginPreflightChecker::notifyFinished): Setting error type to AccessControl except in case of Timeout.
3145         (WebCore::CrossOriginPreflightChecker::doPreflight): Ditto.
3146         * loader/DocumentThreadableLoader.cpp:
3147         (WebCore::DocumentThreadableLoader::preflightFailure): Removing ASSERT since Timeout errors may be returned.
3148         * platform/network/ResourceErrorBase.h:
3149         (WebCore::ResourceErrorBase::isGeneral): New getter.
3150
3151 2016-09-28  Jer Noble  <jer.noble@apple.com>
3152
3153         PiP shows incorrect state of play button.
3154         https://bugs.webkit.org/show_bug.cgi?id=162652
3155
3156         Reviewed by Eric Carlson.
3157
3158         After getting a new WebPlaybackSessionModel, the first thing WebVideoFullscreenInterfaceMac
3159         should do is query for it's playbackRate() and isPlaying() properties.
3160
3161         * platform/mac/WebVideoFullscreenInterfaceMac.mm:
3162         (WebCore::WebVideoFullscreenInterfaceMac::WebVideoFullscreenInterfaceMac):
3163
3164 2016-09-28  Michael Catanzaro  <mcatanzaro@igalia.com>
3165
3166         [GTK] Add Chrome UA quirk
3167         https://bugs.webkit.org/show_bug.cgi?id=162617
3168
3169         Reviewed by Carlos Garcia Campos.
3170
3171         Add Chrome UA quirk and use it on typekit.net, typekit.com, youtube.com, slack.com, and
3172         any domain that begins with "google".
3173
3174         * platform/gtk/UserAgentGtk.cpp:
3175         (WebCore::buildUserAgentString):
3176         (WebCore::urlRequiresChromeBrowser):
3177         (WebCore::standardUserAgentForURL):
3178
3179 2016-09-28  Jer Noble  <jer.noble@apple.com>
3180
3181         [MSE][Mac] In SourceBufferPrivateAVFObjC::abort(), support reseting parser to the last appended initialization segment.
3182         https://bugs.webkit.org/show_bug.cgi?id=135164
3183
3184         Reviewed by Eric Carlson.
3185
3186         Test: media/media-source/media-source-abort-resets-parser.html
3187
3188         Use the -[AVStreamDataParser appendStreamData:withFlags:] to implement "resetting" the parser. In this case,
3189         the parser isn't explicitly reset during resetParserState(), but rather a flag is set so that the next append
3190         signals a data discontinuity, and the parser is reset at that point.
3191
3192         Because a previous append operation may be in-flight during this abort(), care must be taken to invalidate any
3193         operations which may have already started on a background thread. So SourceBufferPrivateAVFObjC will use a
3194         separate WeakPtrFactory for its append operations, will invalidate any outstanding WeakPtrs during an abort(),
3195         and will block until the previous append() operation completes.
3196
3197         This will require the WebAVStreamDataParserListener object to occasionally have it's WeakPtr pointing back to the
3198         SourceBufferPrivateAVFObjC to be reset after an abort(), so make that ivar an @property. Rather than passing a
3199         RetainPtr to itself in all the callbacks it handles, the WebAVStreamDataParserListener can just pass in a copy
3200         of its own WeakPtr (which may be invalidated during an abort()).
3201
3202         Break the distinct operations of "abort()" and "resetParserState()" into their own methods in SourceBufferPrivate
3203         and all its subclasses.
3204
3205         * Modules/mediasource/SourceBuffer.cpp:
3206         (WebCore::SourceBuffer::resetParserState):
3207         (WebCore::SourceBuffer::abortIfUpdating):
3208         * platform/graphics/SourceBufferPrivate.h:
3209         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
3210         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3211         (-[WebAVStreamDataParserListener streamDataParser:didParseStreamDataAsAsset:]):
3212         (-[WebAVStreamDataParserListener streamDataParser:didParseStreamDataAsAsset:withDiscontinuity:]):
3213         (-[WebAVStreamDataParserListener streamDataParser:didFailToParseStreamDataWithError:]):
3214         (-[WebAVStreamDataParserListener streamDataParser:didProvideMediaData:forTrackID:mediaType:flags:]):
3215         (-[WebAVStreamDataParserListener streamDataParser:didReachEndOfTrackWithTrackID:mediaType:]):
3216         (-[WebAVStreamDataParserListener streamDataParserWillProvideContentKeyRequestInitializationData:forTrackID:]):
3217         (-[WebAVStreamDataParserListener streamDataParser:didProvideContentKeyRequestInitializationData:forTrackID:]):
3218         (WebCore::SourceBufferPrivateAVFObjC::SourceBufferPrivateAVFObjC):
3219         (WebCore::SourceBufferPrivateAVFObjC::append):
3220         (WebCore::SourceBufferPrivateAVFObjC::abort):
3221         (WebCore::SourceBufferPrivateAVFObjC::resetParserState):
3222         (-[WebAVStreamDataParserListener initWithParser:parent:]): Deleted.
3223         * platform/graphics/gstreamer/SourceBufferPrivateGStreamer.cpp:
3224         (WebCore::SourceBufferPrivateGStreamer::resetParserState):
3225         * platform/graphics/gstreamer/SourceBufferPrivateGStreamer.h:
3226         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3227         (WebCore::MockSourceBufferPrivate::resetParserState):
3228         * platform/mock/mediasource/MockSourceBufferPrivate.h:
3229         * platform/spi/mac/AVFoundationSPI.h:
3230
3231 2016-09-28  Michael Catanzaro  <mcatanzaro@igalia.com>
3232
3233         [GTK] User agent should always claim to be Intel
3234         https://bugs.webkit.org/show_bug.cgi?id=162610
3235
3236         Reviewed by Carlos Garcia Campos.
3237
3238         We should always claim to be running on Intel regardless of actual CPU type. See discussion
3239         in bug #162548 for details. In particular, we can never advertise ARM because it causes dumb
3240         websites to send mobile pages.
3241
3242         * platform/gtk/UserAgentGtk.cpp:
3243         (WebCore::platformVersionForUAString):
3244         (WebCore::buildUserAgentString):
3245         (WebCore::cpuDescriptionForUAString): Deleted.
3246
3247 2016-09-28  Michael Catanzaro  <mcatanzaro@igalia.com>
3248
3249         [GTK] Adjust OS X UA quirks list
3250         https://bugs.webkit.org/show_bug.cgi?id=162616
3251
3252         Reviewed by Carlos Garcia Campos.
3253
3254         Remove the OS X quirk for yahoo.com as it's no longer needed. Add quirks for taobao.com and
3255         whatsapp.com.
3256
3257         * platform/gtk/UserAgentGtk.cpp:
3258         (WebCore::urlRequiresMacintoshPlatform):
3259         (WebCore::standardUserAgentForURL):
3260
3261 2016-09-28  Alejandro G. Castro  <alex@igalia.com>
3262
3263         Add WebIDL special operation support: serializer
3264         https://bugs.webkit.org/show_bug.cgi?id=156293
3265
3266         Reviewed by Youenn Fablet.
3267
3268         Added support for the serializer special operation for WebIDLs,
3269         current implementation adds support for:
3270           - just the keyword: serializer; It will return all the
3271             attributes of in an object.
3272           - map of entries with the attributes: serializer = {attribute1,
3273             attribute2, ...}
3274
3275         It creates a toJSON method that returns the serialized value
3276         converted into an ECMAScript value. For more information check the
3277         definition of the operation:
3278
3279         http://heycam.github.io/webidl/#idl-serializers
3280
3281         We have created a new function in the API of the objects
3282         that are marked as serializer.
3283
3284         Used the support to add new API for RTCIceCandidate and
3285         RTCSessionDescription.
3286
3287         Updated the tests expectations of the bindings.
3288
3289         Tests: bindings/scripts/test/TestNode.idl
3290                bindings/scripts/test/TestObj.idl
3291                fast/mediastream/RTCIceCandidate.html
3292                fast/mediastream/RTCSessionDescription.html
3293
3294         * Modules/mediastream/RTCIceCandidate.idl: Added the serializer
3295         operation.
3296         * Modules/mediastream/RTCSessionDescription.idl: Added the
3297         serializer operation.
3298         * bindings/scripts/CodeGeneratorJS.pm:
3299         (GenerateImplementation): Added the calls to the serializer
3300         code generator.
3301         (GenerateSerializerFunction): Added, generates the toJSON function
3302         adding all the serializable->attributes value to an object as
3303         defined in the spec.
3304         * bindings/scripts/IDLParser.pm: Modified the serializer parser
3305         that was unused to support the WebIDL spec parts. Added a new
3306         domSerializable type to store the list of attributes in the
3307         possible map.
3308         (parseSerializer): Modified the function to follow the
3309         semicolon rule in the spec, now the serializer line must have a
3310         semicolon like any other line.
3311         (parseSerializerRest): The function now has to get the attributes
3312         list from the pattern parsing function and add them to the
3313         domSerializable item.
3314         (parseSerializationPattern): Now this function returns the list of
3315         attributes in the serializable map or list if we have one.
3316         (parseSerializationAttributes): Added, this function replaces the
3317         Map and List functions, the currently supported parts are similar
3318         for both situations.
3319         (applyMemberList): Added the serializable item to the interface
3320         variable and populate the serializable in case there is not a
3321         defined map.
3322         (parseSerializationPatternMap): Replaced with
3323         parseSerializationAttributes.
3324         (parseSerializationPatternList): Ditto.
3325         * bindings/scripts/test/JS/JSTestNode.cpp: Modified the expected result.
3326         (WebCore::jsTestNodePrototypeFunctionToJSON):
3327         * bindings/scripts/test/JS/JSTestObj.cpp: Modified the expected result.
3328         (WebCore::jsTestObjPrototypeFunctionToJSON):
3329         * bindings/scripts/test/TestNode.idl: Added the serializer test.
3330         * bindings/scripts/test/TestObj.idl: Added serializer map test.
3331
3332 2016-09-28  Michael Catanzaro  <mcatanzaro@igalia.com>
3333
3334         [GTK] Simplify platformForUAString
3335         https://bugs.webkit.org/show_bug.cgi?id=162614
3336
3337         Reviewed by Carlos Garcia Campos.
3338
3339         Note in particular that the previous PLATFORM(MAC) check was wrong here, as that is never
3340         true for GTK; this patch risks changing it to OS(MAC_OS_X), on the hope that advertising Mac
3341         when running on Mac might not break anything. If it does, then we should remove it and just
3342         always pretend to be on X11.
3343
3344         * platform/gtk/UserAgentGtk.cpp:
3345         (WebCore::platformForUAString):
3346
3347 2016-09-28  Michael Catanzaro  <mcatanzaro@igalia.com>
3348
3349         [GTK] Bump fake Safari version in UA
3350         https://bugs.webkit.org/show_bug.cgi?id=162615
3351
3352         Reviewed by Carlos Garcia Campos.
3353
3354         Pretend to be Safari 10.0 to fix sites that don't work when we pretend to be Safari 8.0.
3355
3356         * platform/gtk/UserAgentGtk.cpp:
3357         (WebCore::buildUserAgentString):
3358
3359 2016-09-28  Khaled Hosny  <khaledhosny@eglug.org>
3360
3361         Use new woff2 API
3362         https://bugs.webkit.org/show_bug.cgi?id=162608
3363
3364         Reviewed by Michael Catanzaro.
3365
3366         Test: fast/text/woff2-totalsfntsize.html
3367
3368         * platform/graphics/WOFFFileFormat.cpp:
3369         (WebCore::WOFF2VectorOut::WOFF2VectorOut):
3370         (WebCore::WOFF2VectorOut::Write):
3371         (WebCore::WOFF2VectorOut::Size):
3372         (WebCore::convertWOFFToSfnt):
3373
3374 2016-09-28  Michael Catanzaro  <mcatanzaro@igalia.com>
3375
3376         [GTK] Add warning comment in UserAgentGtk.cpp
3377         https://bugs.webkit.org/show_bug.cgi?id=162618
3378
3379         Reviewed by Carlos Garcia Campos.
3380
3381         * platform/gtk/UserAgentGtk.cpp:
3382
3383 2016-09-28  Romain Bellessort  <romain.bellessort@crf.canon.fr>
3384
3385         [Streams API] Align cancelReadableStream() with spec
3386         https://bugs.webkit.org/show_bug.cgi?id=162556
3387
3388         Reviewed by Xabier Rodriguez-Calvar.
3389
3390         Aligned cancelReadableStream() with Streams API. In particular, private cancel() method
3391         was added to ReadableStreamDefaultController and function name was replaced by readableStreamCancel().
3392         Implementation of cancel() (as well as pull()) is actually made in ReadableStreamInternals.js to
3393         avoid creating new function for each controller.
3394
3395         No change in behaviour.
3396
3397         * Modules/streams/ReadableStream.js:
3398         (cancel): Updated with reference to readableStreamCancel().
3399         * Modules/streams/ReadableStreamDefaultReader.js:
3400         (cancel): Updated with reference to readableStreamCancel().
3401         * Modules/streams/ReadableStreamInternals.js:
3402         (privateInitializeReadableStreamDefaultController): Refer to external functions (cancel/pull) to avoid
3403         creating new functions.
3404         (teeReadableStreamBranch2CancelFunction): Updated with reference to readableStreamCancel().
3405         (readableStreamCancel): New name for cancelReadableStream(), behaviour aligned with spec.
3406         (readableStreamDefaultControllerCancel): Added to avoid creating new function for each controller.
3407         (readableStreamDefaultControllerPull): Added to avoid creating new function for each controller.
3408         (readFromReadableStreamDefaultReader): Updated call to pull method to pass controller.
3409         * bindings/js/WebCoreBuiltinNames.h: Added "cancel".
3410
3411 2016-09-27  Joonghun Park  <jh718.park@samsung.com>
3412
3413         [EFL] Fix debug build break since r206481. Unreviewed
3414         https://bugs.webkit.org/show_bug.cgi?id=162662
3415
3416         No new tests, no new behaviours.
3417
3418         * platform/graphics/BitmapImage.cpp:
3419         (WebCore::BitmapImage::draw):
3420
3421 2016-09-27  Nan Wang  <n_wang@apple.com>
3422
3423         AX: CrashTracer: com.apple.WebKit.WebContent at WebCore::AXObjectCache::localCaretRectForCharacterOffset(WebCore::RenderObject*&, WebCore::CharacterOffset const&) + 116
3424         https://bugs.webkit.org/show_bug.cgi?id=162654
3425
3426         Reviewed by Chris Fleizach.
3427
3428         rangeForUnorderedCharacterOffsets() can return a null Range but we failed to
3429         do a null check in localCaretRectForCharacterOffset() before dereferencing it.
3430
3431         Test: accessibility/mac/bounds-for-range-crash.html
3432
3433         * accessibility/AXObjectCache.cpp:
3434         (WebCore::AXObjectCache::localCaretRectForCharacterOffset):
3435
3436 2016-09-27  Alex Christensen  <achristensen@webkit.org>
3437
3438         Inline critical functions in URLParser
3439         https://bugs.webkit.org/show_bug.cgi?id=162653
3440
3441         Reviewed by Myles C. Maxfield.
3442
3443         This gives me about a 15% speed improvement.
3444
3445         * platform/URLParser.cpp:
3446         (WebCore::CodePointIterator::CodePointIterator):
3447         (WebCore::CodePointIterator::operator==):
3448         (WebCore::CodePointIterator::operator!=):
3449         (WebCore::CodePointIterator::operator=):
3450         (WebCore::CodePointIterator::atEnd):